Sorry. Please ignore this mail. Thanks a lot. Zhu Yanjun
On 11/30/2012 01:42 PM, yanjun.zhu wrote:
From: "yanjun.zhu" <yanjun....@windriver.com> Reference:https://code.google.com/p/libproxy/source/detail?r=853 Stack-based buffer overflow in the url::get_pac function in url.cpp in libproxy 0.4.x before 0.4.9 allows remote servers to have an unspecified impact via a large proxy.pac file. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4504 [YOCTO #3487] Signed-off-by: yanjun.zhu <yanjun....@windriver.com> --- .../libproxy/libproxy/libproxy-0.4.7-CVE-2012-4504.patch | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/meta/recipes-support/libproxy/libproxy/libproxy-0.4.7-CVE-2012-4504.patch b/meta/recipes-support/libproxy/libproxy/libproxy-0.4.7-CVE-2012-4504.patch index 323a571..cc1d508 100644 --- a/meta/recipes-support/libproxy/libproxy/libproxy-0.4.7-CVE-2012-4504.patch +++ b/meta/recipes-support/libproxy/libproxy/libproxy-0.4.7-CVE-2012-4504.patch @@ -1,3 +1,13 @@ +Reference:https://code.google.com/p/libproxy/source/detail?r=853 + +Stack-based buffer overflow in the url::get_pac function in url.cpp +in libproxy 0.4.x before 0.4.9 allows remote servers to have an +unspecified impact via a large proxy.pac file. + +http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4504 + +Signed-off-by: yanjun.zhu <yanjun....@windriver.com> + diff -urpN a/libproxy/url.cpp b/libproxy/url.cpp --- a/libproxy/url.cpp 2012-11-26 10:08:47.000000000 +0800 +++ b/libproxy/url.cpp 2012-11-26 10:05:54.000000000 +0800
_______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
