]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: b93ef60) | patch
python: Fix CVE-2014-7185
authorWenzong Fan <wenzong.fan@windriver.com>
Wed, 12 Nov 2014 08:25:48 +0000 (03:25 -0500)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Thu, 20 Nov 2014 14:06:28 +0000 (14:06 +0000)
commit49ceed974e39ab8ac4be410e5caa5e1ef7a646d9
tree175feb70a4e577d9cd817b211b4733a42936a848tree | snapshot
parentb93ef60acf8128cf44d4407fdb65a0ac016791d3commit | diff
python: Fix CVE-2014-7185

Integer overflow in bufferobject.c in Python before 2.7.8 allows
context-dependent attackers to obtain sensitive information from
process memory via a large size and offset in a "buffer" function.

This back-ported patch fixes CVE-2014-7185

Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
meta/recipes-devtools/python/python/python-2.7.3-CVE-2014-7185.patch [new file with mode: 0644] blob
meta/recipes-devtools/python/python_2.7.3.bb diff | blob | history
Mirror of the official openembedded-core repository