rpcbind: Backport fixes to memory leak security fix - buildroot

diff options

author	Ed Blake <ed.blake@sondrel.com>	2018-01-18 18:05:31 +0000
committer	Thomas Petazzoni <thomas.petazzoni@free-electrons.com>	2018-01-18 22:08:39 +0100
commit	5a9a95d0eb15c189f1361c12c105eb0ba8842c77 (patch)
tree	aba728224a526947b5e75aee996114afe7e16312 /package/python-cssselect/python-cssselect.mk
parent	7d5796062f19db89880dac899030ac4cbc0372f2 (diff)
download	buildroot-5a9a95d0eb15c189f1361c12c105eb0ba8842c77.tar.gz buildroot-5a9a95d0eb15c189f1361c12c105eb0ba8842c77.zip

rpcbind: Backport fixes to memory leak security fix

Commit 954509f added a security fix for CVE-2017-8779, involving pairing all svc_getargs() calls with svc_freeargs() to avoid a memory leak. However it also introduced a couple of issues: - The call to svc_freeargs() from rpcbproc_callit_com() may result in an attempt to free static memory, resulting in undefined behaviour. - A typo in the svc_freeargs() call from pmapproc_dump() causes NIS (aka ypbind) to fail. Backport upstream fixes for these issues to version 0.2.3. Signed-off-by: Ed Blake <ed.blake@sondrel.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

Diffstat (limited to 'package/python-cssselect/python-cssselect.mk')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: