diff options
author | 2014-05-09 16:40:37 +0800 | |
---|---|---|
committer | 2014-05-09 10:18:40 -0400 | |
commit | 9747141c09c641ce2364f246805be1682bbb7a9a (patch) | |
tree | 8d766e93ad172481e7113c994e37f6f0d897aeee /meta-systemd | |
parent | 7361149c47dc846552e574456c607d1bef508b08 (diff) | |
download | meta-openembedded-contrib-9747141c09c641ce2364f246805be1682bbb7a9a.tar.gz |
net-snmp-5.7.2: fix CVE-2014-2285
The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs
in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions,
allows remote attackers to cause a denial of service (snmptrapd
crash) via an empty community string in an SNMP trap, which triggers
a NULL pointer dereference within the newSVpv function in Perl.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2285
Signed-off-by: yzhu1 <yanjun.zhu@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
Diffstat (limited to 'meta-systemd')
0 files changed, 0 insertions, 0 deletions