summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/unzip/unzip_6.0.bb
diff options
context:
space:
mode:
authorTudor Florea <tudor.florea@enea.com>2015-10-29 00:05:32 +0100
committerTudor Florea <tudor.florea@enea.com>2015-10-29 00:05:32 +0100
commit753ec70905a680f653768572b481f3637b733fdf (patch)
tree5002f9d354e59752ff204574afac73353ed20d1d /meta/recipes-extended/unzip/unzip_6.0.bb
parent3112f71d69204e618487250c400ad3bbf656d68e (diff)
downloadpoky-753ec70905a680f653768572b481f3637b733fdf.tar.gz
unzip: CVE-2015-7696, CVE-2015-7697
CVE-2015-7696: Fixes a heap overflow triggered by unzipping a file with password CVE-2015-7697: Fixes a denial of service with a file that never finishes unzipping References: http://www.openwall.com/lists/oss-security/2015/10/11/5 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7696 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7697 Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Diffstat (limited to 'meta/recipes-extended/unzip/unzip_6.0.bb')
-rw-r--r--meta/recipes-extended/unzip/unzip_6.0.bb2
1 files changed, 2 insertions, 0 deletions
diff --git a/meta/recipes-extended/unzip/unzip_6.0.bb b/meta/recipes-extended/unzip/unzip_6.0.bb
index e590f8186d..acbc837c54 100644
--- a/meta/recipes-extended/unzip/unzip_6.0.bb
+++ b/meta/recipes-extended/unzip/unzip_6.0.bb
@@ -14,6 +14,8 @@ SRC_URI = "ftp://ftp.info-zip.org/pub/infozip/src/unzip60.tgz \
14 file://09-cve-2014-8139-crc-overflow.patch \ 14 file://09-cve-2014-8139-crc-overflow.patch \
15 file://10-cve-2014-8140-test-compr-eb.patch \ 15 file://10-cve-2014-8140-test-compr-eb.patch \
16 file://11-cve-2014-8141-getzip64data.patch \ 16 file://11-cve-2014-8141-getzip64data.patch \
17 file://CVE-2015-7696.patch \
18 file://CVE-2015-7697.patch \
17" 19"
18 20
19SRC_URI[md5sum] = "62b490407489521db863b523a7f86375" 21SRC_URI[md5sum] = "62b490407489521db863b523a7f86375"