perl: fix for CVE-2010-4777 - openembedded-core

diff options

author	yanjun.zhu <yanjun.zhu@windriver.com>	2014-05-20 09:27:47 +0800
committer	Saul Wold <sgw@linux.intel.com>	2014-05-23 10:45:07 -0700
commit	368df9f13ddf124e6aaaec06c02ab698c9e0b6c3 (patch)
tree	b2770d6226cc192a355280b3726fad6e9f3bdd5c /meta/recipes-devtools/ccache
parent	45371858129bbad8f4cfb874e237374a5ba8db4c (diff)
download	openembedded-core-368df9f13ddf124e6aaaec06c02ab698c9e0b6c3.tar.gz

perl: fix for CVE-2010-4777

The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service (assertion failure and application exit) via crafted input that is not properly handled when using certain regular expressions, as demonstrated by causing SpamAssassin and OCSInventory to crash. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4777 Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>

Diffstat (limited to 'meta/recipes-devtools/ccache')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: