[Buildroot] [PATCH v3] libfcgi:add security patch for CVE-2012-6687
Peter Korsgaard
peter at korsgaard.com
Tue Mar 1 10:19:58 UTC 2016
>>>>> "Niranjan" == Niranjan Reddy <niranjan.reddy at rockwellcollins.com> writes:
> Fix-CVE-2012-6687 - remote attackers cause a denial of service (crash)
> via a large number of connections (http://www.cvedetails.com/cve/CVE-2012-6687/).
> use poll in os_unix.c instead of select to avoid problem with > 1024 connections.
> The patch libfcgi_2.4.0-8.3.debian.tar.xz is taken from the below link:
> (https://launchpad.net/ubuntu/+source/libfcgi/2.4.0-8.3)
> The next release of libfcgi is 2.4.1 which may have this fix is yet to be released
> officially.
> Signed-off-by: Niranjan Reddy <niranjan.reddy at rockwellcollins.com>
> ---
> Changes v2 -> v3:
> - Added signed-off-by line:Niranjan Reddy <niranjan.reddy at rockwellcollins.com>
> Changes v1 -> v2:
> - Added signed-off-by line of the author : Anton Kortunov <toshic.toshic at gmail.com>
Committed, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list