]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 972ea6c) | patch
libproxy: Fix for CVE-2012-4504
authoryanjun.zhu <yanjun.zhu@windriver.com>
Fri, 30 Nov 2012 11:08:56 +0000 (19:08 +0800)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Mon, 3 Dec 2012 15:21:01 +0000 (15:21 +0000)
commit821401df8cd79e4878ad87f918b1ce8d0da141ec
treea5c3a1c934e1a1dc1474f8dc4489963be21eddd0tree | snapshot
parent972ea6c674e10cf23bedbbc581b78baa3f7c7b9bcommit | diff
libproxy: Fix for CVE-2012-4504

Reference:https://code.google.com/p/libproxy/source/detail?r=853

Stack-based buffer overflow in the url::get_pac function in url.cpp
in libproxy 0.4.x before 0.4.9 allows remote servers to have an
unspecified impact via a large proxy.pac file.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4504

[YOCTO #3487]

Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-support/libproxy/libproxy/libproxy-0.4.7-CVE-2012-4504.patch [new file with mode: 0644] blob
meta/recipes-support/libproxy/libproxy_0.4.7.bb diff | blob | history
Mirror of the official openembedded-core repository