eglibc: CVE-2012-3406 Stack overflow in vfprintf

printf() unbound alloca() usage in case of positional parameters + many format specs Changes in the NEWS and ChangeLog files from the original upstream commit have been ignored References http://www.openwall.com/lists/oss-security/2012/07/11/5 https://sourceware.org/bugzilla/show_bug.cgi?id=16617 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
author: Sona Sarmadi <sona.sarmadi@enea.com> 2015-02-20 11:31:46 +0100
committer: Tudor Florea <tudor.florea@enea.com> 2015-07-06 20:19:37 +0200
commit: 0892adf79c73bbfb427846670c480da0912431a2 (patch)
tree: ddfcf67b235965b8b8ac16b7ab9542941247f244 /meta/recipes-core/eglibc/eglibc_2.19.bb
parent: f48f7274bc47c526869eb347532d099f36d28b13 (diff)
download: poky-0892adf79c73bbfb427846670c480da0912431a2.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-core/eglibc/eglibc_2.19.bb b/meta/recipes-core/eglibc/eglibc_2.19.bb
index ba79f27d61..1ef1a429d2 100644
--- a/meta/recipes-core/eglibc/eglibc_2.19.bb
+++ b/meta/recipes-core/eglibc/eglibc_2.19.bb
@@ -27,6 +27,7 @@ SRC_URI = "http://downloads.yoctoproject.org/releases/eglibc/eglibc-${PV}-svnr25
           file://ppce6500-32b_slow_ieee754_sqrt.patch \
           file://CVE-2014-5119.patch \
           file://CVE-2014-7817-wordexp-fails-to-honour-WRDE_NOCMD.patch \
+           file://CVE-2012-3406-Stack-overflow-in-vfprintf-BZ-16617.patch \
          "
 SRC_URI[md5sum] = "197836c2ba42fb146e971222647198dd"
 SRC_URI[sha256sum] = "baaa030531fc308f7820c46acdf8e1b2f8e3c1f40bcd28b6e440d1c95d170d4c"
author	Sona Sarmadi <sona.sarmadi@enea.com>	2015-02-20 11:31:46 +0100
committer	Tudor Florea <tudor.florea@enea.com>	2015-07-06 20:19:37 +0200
commit	0892adf79c73bbfb427846670c480da0912431a2 (patch)
tree	ddfcf67b235965b8b8ac16b7ab9542941247f244 /meta/recipes-core/eglibc/eglibc_2.19.bb
parent	f48f7274bc47c526869eb347532d099f36d28b13 (diff)
download	poky-0892adf79c73bbfb427846670c480da0912431a2.tar.gz

diff --git a/meta/recipes-core/eglibc/eglibc_2.19.bb b/meta/recipes-core/eglibc/eglibc_2.19.bb index ba79f27d61..1ef1a429d2 100644 --- a/meta/recipes-core/eglibc/eglibc_2.19.bb +++ b/meta/recipes-core/eglibc/eglibc_2.19.bb
@@ -27,6 +27,7 @@ SRC_URI = "http://downloads.yoctoproject.org/releases/eglibc/eglibc-${PV}-svnr25
27	file://ppce6500-32b_slow_ieee754_sqrt.patch \	27	file://ppce6500-32b_slow_ieee754_sqrt.patch \
28	file://CVE-2014-5119.patch \	28	file://CVE-2014-5119.patch \
29	file://CVE-2014-7817-wordexp-fails-to-honour-WRDE_NOCMD.patch \	29	file://CVE-2014-7817-wordexp-fails-to-honour-WRDE_NOCMD.patch \
		30	file://CVE-2012-3406-Stack-overflow-in-vfprintf-BZ-16617.patch \
30	"	31	"
31	SRC_URI[md5sum] = "197836c2ba42fb146e971222647198dd"	32	SRC_URI[md5sum] = "197836c2ba42fb146e971222647198dd"
32	SRC_URI[sha256sum] = "baaa030531fc308f7820c46acdf8e1b2f8e3c1f40bcd28b6e440d1c95d170d4c"	33	SRC_URI[sha256sum] = "baaa030531fc308f7820c46acdf8e1b2f8e3c1f40bcd28b6e440d1c95d170d4c"