aboutsummaryrefslogtreecommitdiff
path: root/utils/scanpypi
diff options
context:
space:
mode:
authorGravatar Ed Blake <ed.blake@sondrel.com>2018-01-18 18:05:31 +0000
committerGravatar Thomas Petazzoni <thomas.petazzoni@free-electrons.com>2018-01-18 22:08:39 +0100
commit5a9a95d0eb15c189f1361c12c105eb0ba8842c77 (patch)
treeaba728224a526947b5e75aee996114afe7e16312 /utils/scanpypi
parent7d5796062f19db89880dac899030ac4cbc0372f2 (diff)
downloadbuildroot-5a9a95d0eb15c189f1361c12c105eb0ba8842c77.tar.gz
buildroot-5a9a95d0eb15c189f1361c12c105eb0ba8842c77.tar.bz2
rpcbind: Backport fixes to memory leak security fix
Commit 954509f added a security fix for CVE-2017-8779, involving pairing all svc_getargs() calls with svc_freeargs() to avoid a memory leak. However it also introduced a couple of issues: - The call to svc_freeargs() from rpcbproc_callit_com() may result in an attempt to free static memory, resulting in undefined behaviour. - A typo in the svc_freeargs() call from pmapproc_dump() causes NIS (aka ypbind) to fail. Backport upstream fixes for these issues to version 0.2.3. Signed-off-by: Ed Blake <ed.blake@sondrel.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Diffstat (limited to 'utils/scanpypi')
0 files changed, 0 insertions, 0 deletions