2311d54ec4
Fix-CVE-2012-6687 - remote attackers cause a denial of service (crash) via a large number of connections (http://www.cvedetails.com/cve/CVE-2012-6687/). use poll in os_unix.c instead of select to avoid problem with > 1024 connections. The patch libfcgi_2.4.0-8.3.debian.tar.xz is taken from the below link: (https://launchpad.net/ubuntu/+source/libfcgi/2.4.0-8.3) The next release of libfcgi is 2.4.1 which may have this fix is yet to be released officially. Signed-off-by: Niranjan Reddy <niranjan.reddy@rockwellcollins.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> |
||
|---|---|---|
| .. | ||
| 0001-eof.patch | ||
| 0002-link-against-libfcgi-la.patch | ||
| 0003-link-against-math.patch | ||
| 0004-make-autoreconfable.patch | ||
| 0005-disable-examples.patch | ||
| 0006-fix-CVE-2012-6687.patch | ||
| Config.in | ||
| libfcgi.hash | ||
| libfcgi.mk | ||