CaROS/meta-openembedded
3
1
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-01-04 16:10:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
997caf9146
meta-openembedded/meta-multimedia/recipes-connectivity
History
Andrej Valek 56f6f5585d libupnp: Fix out-of-bound access in create_url_list() (CVE-2016-8863) 
If there is an invalid URL in URLS->buf after a valid one, uri_parse is
called with out pointing after the allocated memory. As uri_parse writes
to *out before returning an error the loop in create_url_list must be
stopped early to prevent an out-of-bound access

Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
(cherry picked from commit b4659368a0)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2017-02-24 19:33:29 +00:00
..
gupnp gupnp-tools: add intltool-native dependency 2016-08-15 12:21:38 +02:00
libupnp libupnp: Fix out-of-bound access in create_url_list() (CVE-2016-8863) 2017-02-24 19:33:29 +00:00
rygel rygel: add intltool-native dependency 2016-08-15 12:21:39 +02:00