libfcgi:add security patch for CVE-2012-6687
Fix-CVE-2012-6687 - remote attackers cause a denial of service (crash)
via a large number of connections (http://www.cvedetails.com/cve/CVE-2012-6687/).
use poll in os_unix.c instead of select to avoid problem with > 1024 connections.
The patch libfcgi_2.4.0-8.3.debian.tar.xz is taken from the below link:
(https://launchpad.net/ubuntu/+source/libfcgi/2.4.0-8.3)
The next release of libfcgi is 2.4.1 which may have this fix is yet to be released
officially.
Signed-off-by: Niranjan Reddy <niranjan.reddy@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
projects / buildroot.git / commit