curl: cleanup CVE patches for hardknott

The patch backported to address CVE-2021-22890 was missing a bracket to properly close out the logic in lib/vtls/wolfssl.c. Fix this so to avoid any surprise failures when using curl with hardknott. Also fix the CVE designation in the patch descriptions for CVEs CVE-2021-22890 and CVE-2021-22876 so that CVE checks run with bitbake correctly detect that they are patched. (From OE-Core rev: 456ba1717fc3ebb9d10cc6a3c916b07f7c4e8a22) Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Trevor Gamblin <trevor.gamblin@windriver.com> 2021-06-16 09:02:01 -0400
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2021-06-26 15:24:08 +0100
commit: 35f5ce1fbd90bfc58e6c7aea649c07bd15e770f8 (patch)
tree: 9e19e206fe6aab2375bfa3e0fbb70b1db147a83b /meta/recipes-support/curl/curl/0002-transfer-strip-credentials-from-the-auto-referer-hea.patch
parent: 74dbb08c3709fec6563ee65a3661f66fdcbb3e2f (diff)
download: poky-35f5ce1fbd90bfc58e6c7aea649c07bd15e770f8.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/meta/recipes-support/curl/curl/0002-transfer-strip-credentials-from-the-auto-referer-hea.patch b/meta/recipes-support/curl/curl/0002-transfer-strip-credentials-from-the-auto-referer-hea.patch
index 6c4f6f2f48..c02c9bed68 100644
--- a/meta/recipes-support/curl/curl/0002-transfer-strip-credentials-from-the-auto-referer-hea.patch
+++ b/meta/recipes-support/curl/curl/0002-transfer-strip-credentials-from-the-auto-referer-hea.patch
@@ -6,7 +6,10 @@ Subject: [PATCH 2/2] transfer: strip credentials from the auto-referer header
 Added test 2081 to verify.
-CVE-2021-22876
+CVE: CVE-2021-22876
+Upstream-Status: Backport
+(https://github.com/curl/curl/commit/7214288898f5625a6cc196e22a74232eada7861c)
 Bug: https://curl.se/docs/CVE-2021-22876.html
author	Trevor Gamblin <trevor.gamblin@windriver.com>	2021-06-16 09:02:01 -0400
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2021-06-26 15:24:08 +0100
commit	35f5ce1fbd90bfc58e6c7aea649c07bd15e770f8 (patch)
tree	9e19e206fe6aab2375bfa3e0fbb70b1db147a83b /meta/recipes-support/curl/curl/0002-transfer-strip-credentials-from-the-auto-referer-hea.patch
parent	74dbb08c3709fec6563ee65a3661f66fdcbb3e2f (diff)
download	poky-35f5ce1fbd90bfc58e6c7aea649c07bd15e770f8.tar.gz

diff --git a/meta/recipes-support/curl/curl/0002-transfer-strip-credentials-from-the-auto-referer-hea.patch b/meta/recipes-support/curl/curl/0002-transfer-strip-credentials-from-the-auto-referer-hea.patch index 6c4f6f2f48..c02c9bed68 100644 --- a/meta/recipes-support/curl/curl/0002-transfer-strip-credentials-from-the-auto-referer-hea.patch +++ b/meta/recipes-support/curl/curl/0002-transfer-strip-credentials-from-the-auto-referer-hea.patch
@@ -6,7 +6,10 @@ Subject: [PATCH 2/2] transfer: strip credentials from the auto-referer header
6		6
7	Added test 2081 to verify.	7	Added test 2081 to verify.
8		8
9	CVE-2021-22876	9	CVE: CVE-2021-22876
		10
		11	Upstream-Status: Backport
		12	(https://github.com/curl/curl/commit/7214288898f5625a6cc196e22a74232eada7861c)
10		13
11	Bug: https://curl.se/docs/CVE-2021-22876.html	14	Bug: https://curl.se/docs/CVE-2021-22876.html
12		15