diff options
author | 2014-11-12 03:25:48 -0500 | |
---|---|---|
committer | 2014-11-20 14:06:28 +0000 | |
commit | 49ceed974e39ab8ac4be410e5caa5e1ef7a646d9 (patch) | |
tree | 175feb70a4e577d9cd817b211b4733a42936a848 /meta/recipes-devtools/python/python_2.7.3.bb | |
parent | b93ef60acf8128cf44d4407fdb65a0ac016791d3 (diff) | |
download | openembedded-core-contrib-49ceed974e39ab8ac4be410e5caa5e1ef7a646d9.tar.gz |
python: Fix CVE-2014-7185
Integer overflow in bufferobject.c in Python before 2.7.8 allows
context-dependent attackers to obtain sensitive information from
process memory via a large size and offset in a "buffer" function.
This back-ported patch fixes CVE-2014-7185
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Diffstat (limited to 'meta/recipes-devtools/python/python_2.7.3.bb')
-rw-r--r-- | meta/recipes-devtools/python/python_2.7.3.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-devtools/python/python_2.7.3.bb b/meta/recipes-devtools/python/python_2.7.3.bb index f2e6fde4d6..50c751e323 100644 --- a/meta/recipes-devtools/python/python_2.7.3.bb +++ b/meta/recipes-devtools/python/python_2.7.3.bb @@ -39,6 +39,7 @@ SRC_URI += "\ file://json-flaw-fix.patch \ file://posix_close.patch \ file://remove-BOM-insection-code.patch \ + file://python-2.7.3-CVE-2014-7185.patch \ " S = "${WORKDIR}/Python-${PV}" |