glib-2.0: fix CVE-2020-6750

GSocketClient in GNOME GLib through 2.62.4 may occasionally connect directly to a target address instead of connecting via a proxy server when configured to do so, because the proxy_addr field is mishandled. This bug is timing-dependent and may occur only sporadically depending on network delays. The greatest security relevance is in use cases where a proxy is used to help with privacy/anonymity, even though there is no technical barrier to a direct connection. (From OE-Core rev: 29ed9fc7341cc3db716115aef1a6910fdb893145) Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: haiqing <haiqing.bai@windriver.com> 2020-03-27 10:38:05 +0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2020-04-17 08:29:02 +0100
commit: a41085d1a63cc629cfb9b4fb1fc30ec43d8e56a7 (patch)
tree: d328c78409d5984eeb08be1aab803769288419dc /meta/recipes-core/glib-2.0/glib-2.0_2.60.7.bb
parent: eb029c9ac0f5820c05912760a95388827a6d3f0d (diff)
download: poky-a41085d1a63cc629cfb9b4fb1fc30ec43d8e56a7.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-core/glib-2.0/glib-2.0_2.60.7.bb b/meta/recipes-core/glib-2.0/glib-2.0_2.60.7.bb
index 5aefa6ad8b..5be81a8f31 100644
--- a/meta/recipes-core/glib-2.0/glib-2.0_2.60.7.bb
+++ b/meta/recipes-core/glib-2.0/glib-2.0_2.60.7.bb
@@ -16,6 +16,7 @@ SRC_URI = "${GNOME_MIRROR}/glib/${SHRT_VER}/glib-${PV}.tar.xz \
           file://0001-Do-not-write-bindir-into-pkg-config-files.patch \
           file://0001-meson.build-do-not-hardcode-linux-as-the-host-system.patch \
           file://0001-meson-do-a-build-time-check-for-strlcpy-before-attem.patch \
+           file://CVE-2020-6750.patch \
           "
 SRC_URI_append_class-native = " file://relocate-modules.patch"
author	haiqing <haiqing.bai@windriver.com>	2020-03-27 10:38:05 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2020-04-17 08:29:02 +0100
commit	a41085d1a63cc629cfb9b4fb1fc30ec43d8e56a7 (patch)
tree	d328c78409d5984eeb08be1aab803769288419dc /meta/recipes-core/glib-2.0/glib-2.0_2.60.7.bb
parent	eb029c9ac0f5820c05912760a95388827a6d3f0d (diff)
download	poky-a41085d1a63cc629cfb9b4fb1fc30ec43d8e56a7.tar.gz

diff --git a/meta/recipes-core/glib-2.0/glib-2.0_2.60.7.bb b/meta/recipes-core/glib-2.0/glib-2.0_2.60.7.bb index 5aefa6ad8b..5be81a8f31 100644 --- a/meta/recipes-core/glib-2.0/glib-2.0_2.60.7.bb +++ b/meta/recipes-core/glib-2.0/glib-2.0_2.60.7.bb
@@ -16,6 +16,7 @@ SRC_URI = "${GNOME_MIRROR}/glib/${SHRT_VER}/glib-${PV}.tar.xz \
16	file://0001-Do-not-write-bindir-into-pkg-config-files.patch \	16	file://0001-Do-not-write-bindir-into-pkg-config-files.patch \
17	file://0001-meson.build-do-not-hardcode-linux-as-the-host-system.patch \	17	file://0001-meson.build-do-not-hardcode-linux-as-the-host-system.patch \
18	file://0001-meson-do-a-build-time-check-for-strlcpy-before-attem.patch \	18	file://0001-meson-do-a-build-time-check-for-strlcpy-before-attem.patch \
		19	file://CVE-2020-6750.patch \
19	"	20	"
20		21
21	SRC_URI_append_class-native = " file://relocate-modules.patch"	22	SRC_URI_append_class-native = " file://relocate-modules.patch"