openembedded-core.git - Mirror of openembedded-core

diff options

author	Yue Tao <Yue.Tao@windriver.com>	2017-08-15 02:55:23 -0700
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2017-08-16 00:06:15 +0100
commit	6176151625c971de031e14c97601ffd75a29772f (patch)
tree	d51af86b7c216d7155568fe9ef16ce25e883ea0f /scripts/lib/devtool/build_image.py
parent	bfc148a40fd5b9936e63e9af901b5c8aaf7e8e5b (diff)
download	openembedded-core-6176151625c971de031e14c97601ffd75a29772f.tar.gz openembedded-core-6176151625c971de031e14c97601ffd75a29772f.tar.bz2 openembedded-core-6176151625c971de031e14c97601ffd75a29772f.zip

libtasn1: CVE-2017-10790

The _asn1_check_identifier function in GNU Libtasn1 through 4.12 causes a NULL pointer dereference and crash when reading crafted input that triggers assignment of a NULL value within an asn1_node structure. It may lead to a remote denial of service attack. References: https://nvd.nist.gov/vuln/detail/CVE-2017-10790 http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit; h=d8d805e1f2e6799bb2dff4871a8598dc83088a39 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'scripts/lib/devtool/build_image.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: