summaryrefslogtreecommitdiff
path: root/scripts/lnr
diff options
context:
space:
mode:
authorChong Lu <Chong.Lu@windriver.com>2014-10-24 16:26:41 +0800
committerRichard Purdie <richard.purdie@linuxfoundation.org>2014-11-05 23:26:57 +0000
commitdbbda31ca0a29c930f3078635ae7c5a41d933b58 (patch)
tree56dae75c98b7794e07d8bbf968853eab69dccca0 /scripts/lnr
parent606793e7b5c129654f317e5bec9ed7f083d3383d (diff)
downloadopenembedded-core-dbbda31ca0a29c930f3078635ae7c5a41d933b58.tar.gz
openembedded-core-dbbda31ca0a29c930f3078635ae7c5a41d933b58.tar.bz2
openembedded-core-dbbda31ca0a29c930f3078635ae7c5a41d933b58.zip
curl: Security Advisory - curl - CVE-2014-3613
By not detecting and rejecting domain names for partial literal IP addresses properly when parsing received HTTP cookies, libcurl can be fooled to both sending cookies to wrong sites and into allowing arbitrary sites to set cookies for others. (From OE-Core rev: 985ef933208da1dd1f17645613ce08e6ad27e2c1) Signed-off-by: Chong Lu <Chong.Lu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Conflicts: meta/recipes-support/curl/curl_7.35.0.bb
Diffstat (limited to 'scripts/lnr')
0 files changed, 0 insertions, 0 deletions