aboutsummaryrefslogtreecommitdiff
path: root/meta/recipes-bsp/u-boot/u-boot-fw-utils_2016.03.bb
diff options
context:
space:
mode:
authorArmin Kuster <akuster808@gmail.com>2018-02-19 13:06:35 -0800
committerRichard Purdie <richard.purdie@linuxfoundation.org>2018-03-03 17:07:18 +0000
commit5bf664ba85c06d17c6e8c200301e42bc5fdab75e (patch)
treeb49eafcd249b0ffb97bcce7a43847ee4acf9111e /meta/recipes-bsp/u-boot/u-boot-fw-utils_2016.03.bb
parent4c1de18cb5d2bf4067246bf7242abde0f0917a3a (diff)
downloadopenembedded-core-5bf664ba85c06d17c6e8c200301e42bc5fdab75e.zip
openembedded-core-5bf664ba85c06d17c6e8c200301e42bc5fdab75e.tar.gz
openembedded-core-5bf664ba85c06d17c6e8c200301e42bc5fdab75e.tar.bz2
ruby: update to 2.4.3
This fixes a segfault in arm64 multilib. Drop CVE-2017-14064.patch Additional CVE included are 2.4.3: CVE-2017-17405: Command injection vulnerability in Net::FTP Additional CVE included are 2.4.2: CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf CVE-2017-10784: Escape sequence injection vulnerability in the Basic authentication of WEBrick CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 decode CVE-2017-14064: Heap exposure in generating JSON Ruby Gems: DNS request hijacking vulnerability. (CVE-2017-0902) ANSI escape sequence vulnerability. (CVE-2017-0899) DoS vulnerability in the query command. (CVE-2017-0900) vulnerability in the gem installer that allowed a malicious gem to overwrite arbitrary files. (CVE-2017-0901) Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta/recipes-bsp/u-boot/u-boot-fw-utils_2016.03.bb')
0 files changed, 0 insertions, 0 deletions