diff options
author | Chong Lu <Chong.Lu@windriver.com> | 2014-11-04 09:35:18 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2014-11-05 16:52:58 +0000 |
commit | 7cde98f997a55335bc016869ac8fc9e56237749b (patch) | |
tree | 4ce257db8153ab92594d60820e74ded8c07b9c13 /meta/recipes-support/curl/curl_7.37.1.bb | |
parent | 9bfd0dee4f585825f27d314c4fd7cd26cf93da79 (diff) | |
download | poky-7cde98f997a55335bc016869ac8fc9e56237749b.tar.gz |
curl: Security Advisory - curl - CVE-2014-3620
libcurl wrongly allows cookies to be set for Top Level Domains (TLDs), thus
making them apply broader than cookies are allowed. This can allow arbitrary
sites to set cookies that then would get sent to a different and unrelated site
or domain.
(From OE-Core rev: ddbaade8afbc9767583728bfdc220639203d6853)
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-support/curl/curl_7.37.1.bb')
-rw-r--r-- | meta/recipes-support/curl/curl_7.37.1.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-support/curl/curl_7.37.1.bb b/meta/recipes-support/curl/curl_7.37.1.bb index 1147675b85..8b854d7a8c 100644 --- a/meta/recipes-support/curl/curl_7.37.1.bb +++ b/meta/recipes-support/curl/curl_7.37.1.bb | |||
@@ -8,6 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;beginline=7;md5=3a34942f4ae3fbf1a303160714e66 | |||
8 | SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \ | 8 | SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \ |
9 | file://pkgconfig_fix.patch \ | 9 | file://pkgconfig_fix.patch \ |
10 | file://CVE-2014-3613.patch \ | 10 | file://CVE-2014-3613.patch \ |
11 | file://CVE-2014-3620.patch \ | ||
11 | " | 12 | " |
12 | 13 | ||
13 | # curl likes to set -g0 in CFLAGS, so we stop it | 14 | # curl likes to set -g0 in CFLAGS, so we stop it |