diff options
author | haiqing <haiqing.bai@windriver.com> | 2020-03-27 10:38:05 +0800 |
---|---|---|
committer | Anuj Mittal <anuj.mittal@intel.com> | 2020-04-06 15:17:05 +0800 |
commit | 29ed9fc7341cc3db716115aef1a6910fdb893145 (patch) | |
tree | 1554f1091e031db0349a1c8126d549270a5e6d6c /README.OE-Core | |
parent | 88cce1d9d06ed4c5a7b58a31d75cfd1503605df9 (diff) | |
download | openembedded-core-contrib-29ed9fc7341cc3db716115aef1a6910fdb893145.tar.gz |
glib-2.0: fix CVE-2020-6750
GSocketClient in GNOME GLib through 2.62.4 may occasionally connect directly
to a target address instead of connecting via a proxy server when configured
to do so, because the proxy_addr field is mishandled. This bug is timing-dependent
and may occur only sporadically depending on network delays. The greatest security
relevance is in use cases where a proxy is used to help with privacy/anonymity,
even though there is no technical barrier to a direct connection.
Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Diffstat (limited to 'README.OE-Core')
0 files changed, 0 insertions, 0 deletions