squashfs: fix CVE-2012-4025 - openembedded-core-contrib - OpenEmbedded Core user contribution trees

diff options

author	yanjun.zhu <yanjun.zhu@windriver.com>	2012-12-11 18:00:32 +0800
committer	Saul Wold <sgw@linux.intel.com>	2012-12-14 15:17:20 -0800
commit	bb1611d4830bb7aff2371afdb2a77a4ca7298c7d (patch)
tree	2554a4ceed0b038190a8059685405af973dc7f75 /meta/recipes-core/gettext
parent	accbcea94091800a90df0f5141990c110ff35ee5 (diff)
download	openembedded-core-contrib-bb1611d4830bb7aff2371afdb2a77a4ca7298c7d.tar.gz

squashfs: fix CVE-2012-4025

CQID:WIND00366813 Reference: http://squashfs.git.sourceforge.net/git/gitweb.cgi? p=squashfs/squashfs;a=patch;h=8515b3d420f502c5c0236b86e2d6d7e3b23c190e Integer overflow in the queue_init function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted block_log field in the superblock of a .sqsh file, leading to a heap-based buffer overflow. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4025 Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com> [YOCTO #3564] Signed-off-by: Saul Wold <sgw@linux.intel.com>

Diffstat (limited to 'meta/recipes-core/gettext')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: