[Buildroot] [PATCH] openocd: add security fix for CVE-2018-5704
Peter Korsgaard
peter at korsgaard.com
Wed Jan 31 12:34:35 UTC 2018
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
> Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP
> POST for sending data to 127.0.0.1 port 4444, which allows remote attackers
> to conduct cross-protocol scripting attacks, and consequently execute
> arbitrary commands, via a crafted web site.
> For more details, see:
> https://sourceforge.net/p/openocd/mailman/message/36188041/
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Committed to 2017.02.x and 2017.11.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list