[OE-core] [PATCH] gcc: Security Advisory - gcc - CVE-2015-5276
Burton, Ross
ross.burton at intel.com
Sat Dec 5 21:02:01 UTC 2015
On 4 December 2015 at 02:01, Yuanjie Huang <Yuanjie.Huang at windriver.com>
wrote:
> The std::random_device class in libstdc++ in the GNU Compiler Collection
> (aka GCC) before 4.9.4 does not properly handle short reads from
> blocking sources, which makes it easier for context-dependent attackers
> to predict the random values via unspecified vectors.
>
I see from the CVE that 5.2 is also affected - will you be submitting
patches for that too?
Ross
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openembedded.org/pipermail/openembedded-core/attachments/20151205/e462db11/attachment-0002.html>
More information about the Openembedded-core
mailing list