diff options
| author | Chong Lu <Chong.Lu@windriver.com> | 2014-11-04 09:35:18 +0800 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2014-11-05 23:27:45 +0000 |
| commit | 51a5a5df84e2e1ac5dbadb95d2b6af6541e345d2 (patch) | |
| tree | 4545e591e756467cad6ae067aee4cfbd62101482 /meta/recipes-support/curl/curl_7.35.0.bb | |
| parent | 6c9eb8a67acecc0869e6a9cd6cc040ce34af2673 (diff) | |
| download | poky-51a5a5df84e2e1ac5dbadb95d2b6af6541e345d2.tar.gz | |
curl: Security Advisory - curl - CVE-2014-3620
libcurl wrongly allows cookies to be set for Top Level Domains (TLDs), thus
making them apply broader than cookies are allowed. This can allow arbitrary
sites to set cookies that then would get sent to a different and unrelated site
or domain.
(From OE-Core rev: ddbaade8afbc9767583728bfdc220639203d6853)
(From OE-Core rev: 13bb2ee98cfd159455e459501dda280a78cb5a3b)
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-support/curl/curl_7.35.0.bb')
| -rw-r--r-- | meta/recipes-support/curl/curl_7.35.0.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-support/curl/curl_7.35.0.bb b/meta/recipes-support/curl/curl_7.35.0.bb index b1c68be69d..5f2ff94a82 100644 --- a/meta/recipes-support/curl/curl_7.35.0.bb +++ b/meta/recipes-support/curl/curl_7.35.0.bb | |||
| @@ -14,6 +14,7 @@ SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \ | |||
| 14 | file://generate_code_for_disable_manual.patch \ | 14 | file://generate_code_for_disable_manual.patch \ |
| 15 | file://remove_inappropriate_file_from_rel.patch \ | 15 | file://remove_inappropriate_file_from_rel.patch \ |
| 16 | file://CVE-2014-3613.patch \ | 16 | file://CVE-2014-3613.patch \ |
| 17 | file://CVE-2014-3620.patch \ | ||
| 17 | " | 18 | " |
| 18 | 19 | ||
| 19 | # curl likes to set -g0 in CFLAGS, so we stop it | 20 | # curl likes to set -g0 in CFLAGS, so we stop it |