net-snmp-5.7.2: fix CVE-2014-2285 - meta-openembedded-contrib - OpenEmbedded layers collection contribution trees

diff options

author	yzhu1 <yanjun.zhu@windriver.com>	2014-05-09 16:40:37 +0800
committer	Joe MacDonald <joe@deserted.net>	2014-05-09 10:18:40 -0400
commit	9747141c09c641ce2364f246805be1682bbb7a9a (patch)
tree	8d766e93ad172481e7113c994e37f6f0d897aeee /meta-systemd
parent	7361149c47dc846552e574456c607d1bef508b08 (diff)
download	meta-openembedded-contrib-9747141c09c641ce2364f246805be1682bbb7a9a.tar.gz

net-snmp-5.7.2: fix CVE-2014-2285

The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service (snmptrapd crash) via an empty community string in an SNMP trap, which triggers a NULL pointer dereference within the newSVpv function in Perl. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2285 Signed-off-by: yzhu1 <yanjun.zhu@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>

Diffstat (limited to 'meta-systemd')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: