mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-11 03:03:02 +01:00
Code Issues Packages Projects Releases Wiki Activity

python: CVE-2014-7185

Browse Source 
Integer overflow in bufferobject.c in Python before 2.7.8 allows
context-dependent attackers to obtain sensitive information from
process memory via a large size and offset in a "buffer" function.

PoC:

(From OE-Core rev: 2590eb53a6dac90cba52edd09ea56a6bdf4c4533)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Sona Sarmadi
2015-04-22 14:57:28 +02:00
committed by Richard Purdie
parent 523aaea8e2
commit 97e9be8130
2 changed files with 76 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
meta/recipes-devtools/python/python_2.7.3.bb
View File

@@ -37,6 +37,7 @@ SRC_URI += "\
file://python-fix-build-error-with-Readline-6.3.patch \
file://python-2.7.3-CVE-2014-1912.patch \
file://python2.7.3-nossl3.patch \
file://python-2.7.3-CVE-2014-7185.patch \
"
S = "${WORKDIR}/Python-${PV}"