Wind River Support Network

HomeDefectsLIN10-5960
Fixed

LIN10-5960 : The original fix of CVE-2019-9948 introduces regressions

Created: Jun 9, 2019    Updated: Aug 1, 2019
Resolved Date: Jun 18, 2019
Previous ID: LIN9-8606
Found In Version: 10.17.41.15
Fix Version: 10.17.41.17
Severity: Critical
Applicable for: Wind River Linux LTS 17
Component/s: Userspace

Description

The patch of fix CVE-2019-9948 is not the final patch. In addition, two regression patches are provided in the upstream. Please refer to:

Https://github.com/python/cpython/commit/b15bde8058e821b383d81fcae68b335a752083ca
Https://github.com/python/cpython/commit/942c31dffbe886ff02e25a319cc3891220b8c641
Https://github.com/python/cpython/commit/d9d1045837e5356331b6d5e24cbd1286acb62b5d
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube