]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: a296694) | patch
python: CVE-2014-7185
authorSona Sarmadi <sona.sarmadi@enea.com>
Wed, 22 Apr 2015 12:57:28 +0000 (14:57 +0200)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Mon, 27 Apr 2015 14:20:32 +0000 (15:20 +0100)
commit2590eb53a6dac90cba52edd09ea56a6bdf4c4533
tree24d75564a6a1551596a763c91a3154010b3dbce9tree | snapshot
parenta2966949e68bbdce8d0a0fd5946d078b84ae63e9commit | diff
python: CVE-2014-7185

Integer overflow in bufferobject.c in Python before 2.7.8 allows
context-dependent attackers to obtain sensitive information from
process memory via a large size and offset in a "buffer" function.

PoC:

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-devtools/python/python/python-2.7.3-CVE-2014-7185.patch [new file with mode: 0644] blob
meta/recipes-devtools/python/python_2.7.3.bb diff | blob | history
Mirror of the official openembedded-core repository