diff options
author | Peter Marko <peter.marko@siemens.com> | 2024-12-19 21:48:58 +0100 |
---|---|---|
committer | Khem Raj <raj.khem@gmail.com> | 2024-12-19 13:00:33 -0800 |
commit | da2b5e8b93c248363581b1bd4ff67ff1d8357c41 (patch) | |
tree | f6d0716929dc21f98fc688fe21b6c66b9d42e5b9 /meta-python/recipes-devtools/python/python3-aws-iot-device-sdk-python/0001-setup.py-Use-setuptools-instead-of-distutils.patch | |
parent | 7e17f8cec02d20813fb8368ccc1c5ae27b291383 (diff) | |
download | meta-openembedded-da2b5e8b93c248363581b1bd4ff67ff1d8357c41.tar.gz |
apache2: ignore disputed CVE CVE-2007-0086
This CVE is officially disputed by Redhat with official statement in
https://nvd.nist.gov/vuln/detail/CVE-2007-0086
Red Hat does not consider this issue to be a security vulnerability.
The pottential attacker has to send acknowledgement packets periodically
to make server generate traffic. Exactly the same effect could be
achieved by simply downloading the file. The statement that setting the
TCP window size to arbitrarily high value would permit the attacker to
disconnect and stop sending ACKs is false, because Red Hat Enterprise
Linux limits the size of the TCP send buffer to 4MB by default.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Diffstat (limited to 'meta-python/recipes-devtools/python/python3-aws-iot-device-sdk-python/0001-setup.py-Use-setuptools-instead-of-distutils.patch')
0 files changed, 0 insertions, 0 deletions