summaryrefslogtreecommitdiffstats
path: root/package/python-cssutils/python-cssutils.mk
diff options
context:
space:
mode:
authorPeter Korsgaard <peter@korsgaard.com>2016-12-19 14:13:24 +0100
committerPeter Korsgaard <peter@korsgaard.com>2016-12-19 23:14:28 +0100
commit738a80e2ebb80f66213d20c53166ffea0f0cc0da (patch)
tree7480602fc3542cbb7763c5ac3fc3689a75d2ecd3 /package/python-cssutils/python-cssutils.mk
parente9da17dead181483f593cad361e854d6e047679e (diff)
downloadbuildroot-738a80e2ebb80f66213d20c53166ffea0f0cc0da.tar.gz
buildroot-738a80e2ebb80f66213d20c53166ffea0f0cc0da.zip
libupnp: add upstream security fix for CVE-2016-8863
Fix out-of-bound access in create_url_list() If there is an invalid URL in URLS->buf after a valid one, uri_parse is called with out pointing after the allocated memory. As uri_parse writes to *out before returning an error the loop in create_url_list must be stopped early to prevent an out-of-bound access. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> (cherry picked from commit c489cbad775380b4c7586574e3dae8dc67ee9087)
Diffstat (limited to 'package/python-cssutils/python-cssutils.mk')
0 files changed, 0 insertions, 0 deletions
OpenPOWER on IntegriCloud