diff options
Diffstat (limited to 'meta/recipes-devtools')
-rw-r--r-- | meta/recipes-devtools/python/python/python-2.7.3-CVE-2014-1912.patch | 26 | ||||
-rw-r--r-- | meta/recipes-devtools/python/python_2.7.3.bb | 1 |
2 files changed, 27 insertions, 0 deletions
diff --git a/meta/recipes-devtools/python/python/python-2.7.3-CVE-2014-1912.patch b/meta/recipes-devtools/python/python/python-2.7.3-CVE-2014-1912.patch new file mode 100644 index 0000000000..02cc83d314 --- /dev/null +++ b/meta/recipes-devtools/python/python/python-2.7.3-CVE-2014-1912.patch @@ -0,0 +1,26 @@ +Upstream-Status: Backport + +Reference: http://bugs.python.org/issue20246 + +CVE-2014-1912: Python buffer overflow in socket.recvfrom_into() +lets remote users execute arbitrary code.Original patch by Benjamin Peterson + +Signed-off-by: Maxin B. John <maxin.john@enea.com> +--- +diff -r 40fb60df4755 Modules/socketmodule.c +--- a/Modules/socketmodule.c Sun Jan 12 12:11:47 2014 +0200 ++++ b/Modules/socketmodule.c Mon Jan 13 16:36:35 2014 -0800 +@@ -2744,6 +2744,13 @@ + recvlen = buflen; + } + ++ /* Check if the buffer is large enough */ ++ if (buflen < recvlen) { ++ PyErr_SetString(PyExc_ValueError, ++ "buffer too small for requested bytes"); ++ goto error; ++ } ++ + readlen = sock_recvfrom_guts(s, buf.buf, recvlen, flags, &addr); + if (readlen < 0) { + /* Return an error */ diff --git a/meta/recipes-devtools/python/python_2.7.3.bb b/meta/recipes-devtools/python/python_2.7.3.bb index c7bb9b4131..0d641720f1 100644 --- a/meta/recipes-devtools/python/python_2.7.3.bb +++ b/meta/recipes-devtools/python/python_2.7.3.bb @@ -35,6 +35,7 @@ SRC_URI += "\ file://parallel-makeinst-create-bindir.patch \ file://python-2.7.3-CVE-2013-1752-smtplib-fix.patch \ file://python-fix-build-error-with-Readline-6.3.patch \ + file://python-2.7.3-CVE-2014-1912.patch \ " S = "${WORKDIR}/Python-${PV}" |