Wind River Support Network

HomeDefectsLIN1018-4226
Fixed

LIN1018-4226 : The original fix of CVE-2019-9948 introduces regressions

Created: Jun 9, 2019    Updated: Jun 16, 2019
Resolved Date: Jun 16, 2019
Previous ID: LIN10-5961
Found In Version: 10.18.44.7
Fix Version: 10.18.44.8
Severity: Critical
Applicable for: Wind River Linux LTS 18
Component/s: Userspace

Description

The patch of fix CVE-2019-9948 is not the final patch. In addition, two regression patches are provided in the upstream. Please refer to:

Https://github.com/python/cpython/commit/b15bde8058e821b383d81fcae68b335a752083ca
Https://github.com/python/cpython/commit/942c31dffbe886ff02e25a319cc3891220b8c641
Https://github.com/python/cpython/commit/d9d1045837e5356331b6d5e24cbd1286acb62b5d
Live chat
Online