]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 119215f) | patch
libproxy: Fix for CVE-2012-4504
authoryanjun.zhu <yanjun.zhu@windriver.com>
Fri, 30 Nov 2012 11:08:56 +0000 (19:08 +0800)
committerScott Garman <scott.a.garman@intel.com>
Fri, 30 Nov 2012 22:49:04 +0000 (14:49 -0800)
commit543d608ae6251956b84e6423ec66f146f926d4b8
tree35df5ae1b76f4537f97932e4c3af164959905877tree | snapshot
parent119215fee75a64de49d498c3d57446783722a292commit | diff
libproxy: Fix for CVE-2012-4504

Reference:https://code.google.com/p/libproxy/source/detail?r=853

Stack-based buffer overflow in the url::get_pac function in url.cpp
in libproxy 0.4.x before 0.4.9 allows remote servers to have an
unspecified impact via a large proxy.pac file.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4504

[YOCTO #3487]

Fixes denzil [YOCTO #3511]

Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com>
meta/recipes-support/libproxy/libproxy/libproxy-0.4.7-CVE-2012-4504.patch [new file with mode: 0644] blob
meta/recipes-support/libproxy/libproxy_0.4.7.bb diff | blob | history
Mirror of the official openembedded-core repository