glibc: Fixes a heap buffer overflow in glibc wscanf.

References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1472 https://sourceware.org/ml/libc-alpha/2015-02/msg00119.html http://openwall.com/lists/oss-security/2015/02/04/1 Reference to upstream fix: https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit; h=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06 (From OE-Core rev: 5aa90eef9b503ba0ffb138e146add6f430dea917) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com> Hand applied. Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Armin Kuster <akuster808@gmail.com> 2015-12-16 20:32:06 -0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2016-01-30 12:03:15 +0000
commit: faf6ada4f27a280e60ba72096f54cc5d2351fa16 (patch)
tree: a9c637d27803aa30a6c5afc0de75f01a9f66bc54 /meta/recipes-core/glibc/glibc_2.20.bb
parent: a779191033f3fd1afcdcb7d4aeb4911ce48b13ed (diff)
download: poky-faf6ada4f27a280e60ba72096f54cc5d2351fa16.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-core/glibc/glibc_2.20.bb b/meta/recipes-core/glibc/glibc_2.20.bb
index 2ab4083c14..bfd8c6489f 100644
--- a/meta/recipes-core/glibc/glibc_2.20.bb
+++ b/meta/recipes-core/glibc/glibc_2.20.bb
@@ -46,6 +46,7 @@ CVEPATCHES = "\
        file://CVE-2012-3406-Stack-overflow-in-vfprintf-BZ-16617.patch \
        file://CVE-2014-9402_endless-loop-in-getaddr_r.patch \
        file://CVE-2015-1781-resolv-nss_dns-dns-host.c-buffer-overf.patch \
+        file://CVE-2015-1472-wscanf-allocates-too-little-memory.patch \
    "
 LIC_FILES_CHKSUM = "file://LICENSES;md5=e9a558e243b36d3209f380deb394b213 \
      file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
author	Armin Kuster <akuster808@gmail.com>	2015-12-16 20:32:06 -0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2016-01-30 12:03:15 +0000
commit	faf6ada4f27a280e60ba72096f54cc5d2351fa16 (patch)
tree	a9c637d27803aa30a6c5afc0de75f01a9f66bc54 /meta/recipes-core/glibc/glibc_2.20.bb
parent	a779191033f3fd1afcdcb7d4aeb4911ce48b13ed (diff)
download	poky-faf6ada4f27a280e60ba72096f54cc5d2351fa16.tar.gz

diff --git a/meta/recipes-core/glibc/glibc_2.20.bb b/meta/recipes-core/glibc/glibc_2.20.bb index 2ab4083c14..bfd8c6489f 100644 --- a/meta/recipes-core/glibc/glibc_2.20.bb +++ b/meta/recipes-core/glibc/glibc_2.20.bb
@@ -46,6 +46,7 @@ CVEPATCHES = "\
46	file://CVE-2012-3406-Stack-overflow-in-vfprintf-BZ-16617.patch \	46	file://CVE-2012-3406-Stack-overflow-in-vfprintf-BZ-16617.patch \
47	file://CVE-2014-9402_endless-loop-in-getaddr_r.patch \	47	file://CVE-2014-9402_endless-loop-in-getaddr_r.patch \
48	file://CVE-2015-1781-resolv-nss_dns-dns-host.c-buffer-overf.patch \	48	file://CVE-2015-1781-resolv-nss_dns-dns-host.c-buffer-overf.patch \
		49	file://CVE-2015-1472-wscanf-allocates-too-little-memory.patch \
49	"	50	"
50	LIC_FILES_CHKSUM = "file://LICENSES;md5=e9a558e243b36d3209f380deb394b213 \	51	LIC_FILES_CHKSUM = "file://LICENSES;md5=e9a558e243b36d3209f380deb394b213 \
51	file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \	52	file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \