diff options
author | Tudor Florea <tudor.florea@enea.com> | 2015-10-29 00:05:32 +0100 |
---|---|---|
committer | Tudor Florea <tudor.florea@enea.com> | 2015-10-29 00:05:32 +0100 |
commit | 753ec70905a680f653768572b481f3637b733fdf (patch) | |
tree | 5002f9d354e59752ff204574afac73353ed20d1d /meta/recipes-extended/unzip/unzip_6.0.bb | |
parent | 3112f71d69204e618487250c400ad3bbf656d68e (diff) | |
download | poky-753ec70905a680f653768572b481f3637b733fdf.tar.gz |
unzip: CVE-2015-7696, CVE-2015-7697
CVE-2015-7696: Fixes a heap overflow triggered by unzipping a file with password
CVE-2015-7697: Fixes a denial of service with a file that never finishes unzipping
References:
http://www.openwall.com/lists/oss-security/2015/10/11/5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7696
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7697
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Diffstat (limited to 'meta/recipes-extended/unzip/unzip_6.0.bb')
-rw-r--r-- | meta/recipes-extended/unzip/unzip_6.0.bb | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/meta/recipes-extended/unzip/unzip_6.0.bb b/meta/recipes-extended/unzip/unzip_6.0.bb index e590f8186d..acbc837c54 100644 --- a/meta/recipes-extended/unzip/unzip_6.0.bb +++ b/meta/recipes-extended/unzip/unzip_6.0.bb | |||
@@ -14,6 +14,8 @@ SRC_URI = "ftp://ftp.info-zip.org/pub/infozip/src/unzip60.tgz \ | |||
14 | file://09-cve-2014-8139-crc-overflow.patch \ | 14 | file://09-cve-2014-8139-crc-overflow.patch \ |
15 | file://10-cve-2014-8140-test-compr-eb.patch \ | 15 | file://10-cve-2014-8140-test-compr-eb.patch \ |
16 | file://11-cve-2014-8141-getzip64data.patch \ | 16 | file://11-cve-2014-8141-getzip64data.patch \ |
17 | file://CVE-2015-7696.patch \ | ||
18 | file://CVE-2015-7697.patch \ | ||
17 | " | 19 | " |
18 | 20 | ||
19 | SRC_URI[md5sum] = "62b490407489521db863b523a7f86375" | 21 | SRC_URI[md5sum] = "62b490407489521db863b523a7f86375" |