perl: fix for CVE-2010-4777 - openembedded-core-contrib - OpenEmbedded Core user contribution trees

diff options

author	yanjun.zhu <yanjun.zhu@windriver.com>	2014-05-20 09:27:47 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-27 16:11:54 +0100
commit	284a9b5f6bd35fec5db8854ca1c8af52e02a1542 (patch)
tree	28376807016a4c00cbfcc4a894d6753f61770e0a /meta/recipes-connectivity
parent	c8645caf56228da1bd4f448dbf90066911a1c59d (diff)
download	openembedded-core-contrib-284a9b5f6bd35fec5db8854ca1c8af52e02a1542.tar.gz

perl: fix for CVE-2010-4777

The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service (assertion failure and application exit) via crafted input that is not properly handled when using certain regular expressions, as demonstrated by causing SpamAssassin and OCSInventory to crash. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4777 (From OE-Core rev: 368df9f13ddf124e6aaaec06c02ab698c9e0b6c3) Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/recipes-connectivity')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: