diff options
author | Tudor Florea <tudor.florea@enea.com> | 2015-07-07 00:27:49 +0200 |
---|---|---|
committer | Tudor Florea <tudor.florea@enea.com> | 2015-07-07 00:27:49 +0200 |
commit | e8be346c3a210a1b4da8b6943c5fe2e5556d29b9 (patch) | |
tree | 2ab32758d38996168b218b03cb5287bb2fe4f5a7 /meta/recipes-support/curl/curl_7.35.0.bb | |
parent | 430207c9cf87ca0a1e82fcb9915ad890a8e5720f (diff) | |
download | poky-e8be346c3a210a1b4da8b6943c5fe2e5556d29b9.tar.gz |
curl: CVE-2014-8150
CVE-2014-8150, URL request injection:
When libcurl sends a request to a server via a HTTP
proxy, it copies the entire URL into the request
and sends if off.
Reference
http://curl.haxx.se/docs/adv_20150108B.html
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Diffstat (limited to 'meta/recipes-support/curl/curl_7.35.0.bb')
-rw-r--r-- | meta/recipes-support/curl/curl_7.35.0.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-support/curl/curl_7.35.0.bb b/meta/recipes-support/curl/curl_7.35.0.bb index 5fa7277449..3eb6265c42 100644 --- a/meta/recipes-support/curl/curl_7.35.0.bb +++ b/meta/recipes-support/curl/curl_7.35.0.bb | |||
@@ -14,6 +14,7 @@ SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \ | |||
14 | file://CVE-2014-3613.patch \ | 14 | file://CVE-2014-3613.patch \ |
15 | file://CVE-2014-3620.patch \ | 15 | file://CVE-2014-3620.patch \ |
16 | file://CVE-2014-3707.patch \ | 16 | file://CVE-2014-3707.patch \ |
17 | file://CVE-2014-8150.patch \ | ||
17 | " | 18 | " |
18 | 19 | ||
19 | # curl likes to set -g0 in CFLAGS, so we stop it | 20 | # curl likes to set -g0 in CFLAGS, so we stop it |