mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-05-10 18:19:32 +00:00
Yi Zhao
e4af9cf961
CVE-2013-7459: Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py. Reference: https://nvd.nist.gov/vuln/detail/CVE-2013-7459 Patch from: https://github.com/dlitz/pycrypto/commit/8dbe0dc3eea5c689d4f76b37b93fe216cf1f00d4 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
14 lines
369 B
BlitzBasic
14 lines
369 B
BlitzBasic
inherit distutils
|
|
require python-pycrypto.inc
|
|
|
|
SRC_URI += "file://cross-compiling.patch \
|
|
file://CVE-2013-7459.patch \
|
|
"
|
|
|
|
# We explicitly call distutils_do_install, since we want it to run, but
|
|
# *don't* want the autotools install to run, since this package doesn't
|
|
# provide a "make install" target.
|
|
do_install() {
|
|
distutils_do_install
|
|
}
|