code.ossystems Code Review - openembedded-core.git/commit

]> code.ossystems Code Review - openembedded-core.git/commit

Code Review / openembedded-core.git / commit

author	Armin Kuster <akuster808@gmail.com>
	Thu, 27 Sep 2018 01:23:20 +0000 (18:23 -0700)
committer	Richard Purdie <richard.purdie@linuxfoundation.org>
	Wed, 10 Oct 2018 12:23:45 +0000 (13:23 +0100)
commit	9b321cf141c3fa18d5b85f17ffe1710f4555ca49
tree	2e282884c37c5821dd658fd3e1c194d77e650be9	tree \| snapshot
parent	af920831ed1ef607db195372f135cc56e9f53b41	commit \| diff

libcroco: CVE-2017-7961

* CVE-2017-7961
The cr_tknzr_parse_rgb function in cr-tknzr.c in libcroco has an
"outside the range of representable values of type long" undefined
behavior issue, which might allow remote attackers to cause a denial
of service (application crash) or possibly have unspecified other
impact via a crafted CSS file.

CVE: CVE-2017-7961
Ref: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7961
Signed-off-by: Sinan Kaya <okaya@kernel.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>

meta/recipes-support/libcroco/libcroco/CVE-2017-7961.patch	[new file with mode: 0644]	blob
meta/recipes-support/libcroco/libcroco_0.6.12.bb		diff \| blob \| history

Mirror of the official openembedded-core repository

RSS Atom