curl: fix CVE-2017-1000099, 1000100, 1000101

Backport upstream commits to fix: - CVE-2017-1000099 https://curl.haxx.se/docs/adv_20170809C.html https://curl.haxx.se/CVE-2017-1000099.patch - CVE-2017-1000100 https://curl.haxx.se/docs/adv_20170809B.html https://curl.haxx.se/CVE-2017-1000100.patch - CVE-2017-1000101 https://curl.haxx.se/docs/adv_20170809A.html https://curl.haxx.se/CVE-2017-1000101.patch (From OE-Core rev: 2eb590bbeab4dbf2583a78fcbaf3723757116123) Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Wenzong Fan <wenzong.fan@windriver.com> 2017-09-03 20:31:10 -0700
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2017-09-05 15:01:01 +0100
commit: 482b7e974ad7ea5313f8a2977651ec077490d0ea (patch)
tree: 7471961b89085e6dc8620124e0c1336546932bc5 /meta/recipes-support/curl/curl_7.54.1.bb
parent: e5dfaf8d5ea95d939699415dad23d624d874e9d0 (diff)
download: poky-482b7e974ad7ea5313f8a2977651ec077490d0ea.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/meta/recipes-support/curl/curl_7.54.1.bb b/meta/recipes-support/curl/curl_7.54.1.bb
index 5c8072fc65..54f3b667c8 100644
--- a/meta/recipes-support/curl/curl_7.54.1.bb
+++ b/meta/recipes-support/curl/curl_7.54.1.bb
@@ -7,6 +7,9 @@ LIC_FILES_CHKSUM = "file://COPYING;beginline=8;md5=3a34942f4ae3fbf1a303160714e66
 SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \
           file://0001-replace-krb5-config-with-pkg-config.patch \
+           file://CVE-2017-1000099.patch \
+           file://CVE-2017-1000100.patch \
+           file://CVE-2017-1000101.patch \
 "
 # curl likes to set -g0 in CFLAGS, so we stop it
author	Wenzong Fan <wenzong.fan@windriver.com>	2017-09-03 20:31:10 -0700
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2017-09-05 15:01:01 +0100
commit	482b7e974ad7ea5313f8a2977651ec077490d0ea (patch)
tree	7471961b89085e6dc8620124e0c1336546932bc5 /meta/recipes-support/curl/curl_7.54.1.bb
parent	e5dfaf8d5ea95d939699415dad23d624d874e9d0 (diff)
download	poky-482b7e974ad7ea5313f8a2977651ec077490d0ea.tar.gz

diff --git a/meta/recipes-support/curl/curl_7.54.1.bb b/meta/recipes-support/curl/curl_7.54.1.bb index 5c8072fc65..54f3b667c8 100644 --- a/meta/recipes-support/curl/curl_7.54.1.bb +++ b/meta/recipes-support/curl/curl_7.54.1.bb
@@ -7,6 +7,9 @@ LIC_FILES_CHKSUM = "file://COPYING;beginline=8;md5=3a34942f4ae3fbf1a303160714e66
7		7
8	SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \	8	SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \
9	file://0001-replace-krb5-config-with-pkg-config.patch \	9	file://0001-replace-krb5-config-with-pkg-config.patch \
		10	file://CVE-2017-1000099.patch \
		11	file://CVE-2017-1000100.patch \
		12	file://CVE-2017-1000101.patch \
10	"	13	"
11		14
12	# curl likes to set -g0 in CFLAGS, so we stop it	15	# curl likes to set -g0 in CFLAGS, so we stop it