diff options
| author | Ross Burton <ross.burton@intel.com> | 2013-04-29 15:25:02 +0100 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2013-04-29 18:00:00 +0100 |
| commit | 23f366384277cb2cdd5ce952cb0af44c54179a1d (patch) | |
| tree | 160678c5f9d21736550edda605e036e31e89f32b /meta/recipes-devtools/perl/perl_5.14.2.bb | |
| parent | 2cc162ac12db6f5c36e3bed96de87f12b4a6e22a (diff) | |
| download | poky-23f366384277cb2cdd5ce952cb0af44c54179a1d.tar.gz | |
perl: fix CVE-2012-6329
From http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6329:
"The _compile function in Maketext.pm in the Locale::Maketext implementation in
Perl before 5.17.7 does not properly handle backslashes and fully qualified
method names during compilation of bracket notation, which allows
context-dependent attackers to execute arbitrary commands via crafted input to
an application."
Patches taken from upstream git.
(From OE-Core rev: b585a50b7bd735c3092af9477af263c13c853d32)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/perl/perl_5.14.2.bb')
| -rw-r--r-- | meta/recipes-devtools/perl/perl_5.14.2.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-devtools/perl/perl_5.14.2.bb b/meta/recipes-devtools/perl/perl_5.14.2.bb index dc45bca52e..5e17661507 100644 --- a/meta/recipes-devtools/perl/perl_5.14.2.bb +++ b/meta/recipes-devtools/perl/perl_5.14.2.bb | |||
| @@ -68,6 +68,7 @@ SRC_URI = "http://www.cpan.org/src/5.0/perl-${PV}.tar.gz \ | |||
| 68 | file://perl-build-in-t-dir.patch \ | 68 | file://perl-build-in-t-dir.patch \ |
| 69 | file://perl-archlib-exp.patch \ | 69 | file://perl-archlib-exp.patch \ |
| 70 | file://perl-fix-CVE-2012-5195.patch \ | 70 | file://perl-fix-CVE-2012-5195.patch \ |
| 71 | file://cve-2012-6329.patch \ | ||
| 71 | \ | 72 | \ |
| 72 | file://config.sh \ | 73 | file://config.sh \ |
| 73 | file://config.sh-32 \ | 74 | file://config.sh-32 \ |