diff options
author | Wenzong Fan <wenzong.fan@windriver.com> | 2017-09-03 20:31:10 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-09-05 15:01:01 +0100 |
commit | 482b7e974ad7ea5313f8a2977651ec077490d0ea (patch) | |
tree | 7471961b89085e6dc8620124e0c1336546932bc5 /meta/recipes-support/curl/curl_7.54.1.bb | |
parent | e5dfaf8d5ea95d939699415dad23d624d874e9d0 (diff) | |
download | poky-482b7e974ad7ea5313f8a2977651ec077490d0ea.tar.gz |
curl: fix CVE-2017-1000099, 1000100, 1000101
Backport upstream commits to fix:
- CVE-2017-1000099
https://curl.haxx.se/docs/adv_20170809C.html
https://curl.haxx.se/CVE-2017-1000099.patch
- CVE-2017-1000100
https://curl.haxx.se/docs/adv_20170809B.html
https://curl.haxx.se/CVE-2017-1000100.patch
- CVE-2017-1000101
https://curl.haxx.se/docs/adv_20170809A.html
https://curl.haxx.se/CVE-2017-1000101.patch
(From OE-Core rev: 2eb590bbeab4dbf2583a78fcbaf3723757116123)
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-support/curl/curl_7.54.1.bb')
-rw-r--r-- | meta/recipes-support/curl/curl_7.54.1.bb | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/meta/recipes-support/curl/curl_7.54.1.bb b/meta/recipes-support/curl/curl_7.54.1.bb index 5c8072fc65..54f3b667c8 100644 --- a/meta/recipes-support/curl/curl_7.54.1.bb +++ b/meta/recipes-support/curl/curl_7.54.1.bb | |||
@@ -7,6 +7,9 @@ LIC_FILES_CHKSUM = "file://COPYING;beginline=8;md5=3a34942f4ae3fbf1a303160714e66 | |||
7 | 7 | ||
8 | SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \ | 8 | SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \ |
9 | file://0001-replace-krb5-config-with-pkg-config.patch \ | 9 | file://0001-replace-krb5-config-with-pkg-config.patch \ |
10 | file://CVE-2017-1000099.patch \ | ||
11 | file://CVE-2017-1000100.patch \ | ||
12 | file://CVE-2017-1000101.patch \ | ||
10 | " | 13 | " |
11 | 14 | ||
12 | # curl likes to set -g0 in CFLAGS, so we stop it | 15 | # curl likes to set -g0 in CFLAGS, so we stop it |