Wind River Support Network

HomeDefectsLIN7-11041
Fixed

LIN7-11041 : The original fix of CVE-2019-9948 introduces regressions

Created: Jun 9, 2019    Updated: Sep 17, 2019
Resolved Date: Sep 17, 2019
Previous ID: LIN8-11006
Found In Version: 7.0.0.30
Severity: Critical
Applicable for: Wind River Linux 7
Component/s: Userspace

Description

The patch of fix CVE-2019-9948 is not the final patch. In addition, two regression patches are provided in the upstream. Please refer to:

Https://github.com/python/cpython/commit/b15bde8058e821b383d81fcae68b335a752083ca
Https://github.com/python/cpython/commit/942c31dffbe886ff02e25a319cc3891220b8c641
Https://github.com/python/cpython/commit/d9d1045837e5356331b6d5e24cbd1286acb62b5d
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube