]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: cf008bc) | patch
nspr: Fix for CVE-2014-1545
authorXufeng Zhang <xufeng.zhang@windriver.com>
Thu, 24 Jul 2014 03:27:47 +0000 (23:27 -0400)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Fri, 10 Oct 2014 14:05:51 +0000 (15:05 +0100)
commitbebfeb6d4deac18601edda8dcac0f32c3382cb06
treef2aa04d58fd0dbbddd752acdf9f466b2dc14a62dtree | snapshot
parentcf008bce23e897d1c3a51805af839af9241271dfcommit | diff
nspr: Fix for CVE-2014-1545

Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote
attackers to execute arbitrary code or cause a denial of service
(out-of-bounds write) via vectors involving the sprintf and console
functions.Per: http://cwe.mitre.org/data/definitions/787.html

(From OE-Core rev: 191cab2f679491c2b6ddba49c5cf4886dcd22f57)

Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-support/nspr/nspr/nspr-CVE-2014-1545.patch [new file with mode: 0644] blob
meta/recipes-support/nspr/nspr_4.10.3.bb diff | blob | history
Mirror of the official openembedded-core repository