aboutsummaryrefslogtreecommitdiff
path: root/multimedia/vdr-plugin-markad/files
diff options
context:
space:
mode:
authorKubilay Kocak <koobs@FreeBSD.org>2014-03-01 10:52:55 +0000
committerKubilay Kocak <koobs@FreeBSD.org>2014-03-01 10:52:55 +0000
commit7a2c2ce6e780ec6a01f1de55c980810b9175edce (patch)
tree248c85db7a6c42f16f546a42fbbe907b01ec6c8f /multimedia/vdr-plugin-markad/files
parentaf10367a5c907249e89669454a8f887cafc1b712 (diff)
downloadports-7a2c2ce6e780ec6a01f1de55c980810b9175edce.tar.gz
ports-7a2c2ce6e780ec6a01f1de55c980810b9175edce.zip
lang/python*: Backport security fix for CVE-2014-1912
A vulnerability was reported [1] in Python's socket module, due to a boundary error within the sock_recvfrom_into() function, which could be exploited to cause a buffer overflow. This could be used to crash a Python application that uses the socket.recvfrom_info() function or, possibly, execute arbitrary code with the permissions of the user running vulnerable Python code. This vulnerable function, socket.recvfrom_into(), was introduced in Python 2.5. Earlier versions are not affected by this flaw. This is fixed in upstream branches for version 2.7, 3.1, 3.2 and 3.3. [1] http://bugs.python.org/issue20246 MFH: 2014Q1 Security: 8e5e6d42-a0fa-11e3-b09a-080027f2d077
Notes
Notes: svn path=/head/; revision=346614
Diffstat (limited to 'multimedia/vdr-plugin-markad/files')
0 files changed, 0 insertions, 0 deletions