mirror of
https://github.com/godotengine/buildroot.git
synced 2026-01-02 21:48:20 +03:00
d50477b52b
Fixes: CVE-2016-4590 - mishandles about: URLs, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. CVE-2016-4591 - mishandles the location variable, which allows remote attackers to access the local filesystem via unspecified vectors. CVE-2016-4622 - allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4623, and CVE-2016-4624. CVE-2016-4624 - allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4622, and CVE-2016-4623. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>