diff options
author | Ross Burton <ross.burton@intel.com> | 2013-04-29 14:47:22 +0100 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2013-04-29 18:00:00 +0100 |
commit | 4a9b9004bca6d1cb58ecc8bccf7f09b38b0e6c73 (patch) | |
tree | f3f3e7eb9c869655abe5e83584c20a8d6630df0b /meta/recipes-support/gnupg/gnupg_1.4.7.bb | |
parent | a69769e3b3e7f475e416d3a49d68dab088592851 (diff) | |
download | poky-4a9b9004bca6d1cb58ecc8bccf7f09b38b0e6c73.tar.gz |
gnupg: integrate fix for CVE-2012-6085
From http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6085:
"The read_block function in g10/import.c in GnuPG 1.4.x before 1.4.13 and 2.0.x
through 2.0.19, when importing a key, allows remote attackers to corrupt the
public keyring database or cause a denial of service (application crash) via a
crafted length field of an OpenPGP packet."
Patch taken from upstream git, which is identical in both branches.
(From OE-Core rev: 44ed6605c1978325782d229d0c01329465c4c5c7)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-support/gnupg/gnupg_1.4.7.bb')
-rw-r--r-- | meta/recipes-support/gnupg/gnupg_1.4.7.bb | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/meta/recipes-support/gnupg/gnupg_1.4.7.bb b/meta/recipes-support/gnupg/gnupg_1.4.7.bb index 41552b2ee6..befcc313ec 100644 --- a/meta/recipes-support/gnupg/gnupg_1.4.7.bb +++ b/meta/recipes-support/gnupg/gnupg_1.4.7.bb | |||
@@ -13,7 +13,8 @@ SRC_URI = "ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-${PV}.tar.bz2 \ | |||
13 | file://long-long-thumb.patch \ | 13 | file://long-long-thumb.patch \ |
14 | file://configure.patch \ | 14 | file://configure.patch \ |
15 | file://mips_gcc4.4.patch \ | 15 | file://mips_gcc4.4.patch \ |
16 | file://curl_typeof_fix_backport.patch" | 16 | file://curl_typeof_fix_backport.patch \ |
17 | file://cve-2012-6085.patch" | ||
17 | 18 | ||
18 | SRC_URI[md5sum] = "b06a141cca5cd1a55bbdd25ab833303c" | 19 | SRC_URI[md5sum] = "b06a141cca5cd1a55bbdd25ab833303c" |
19 | SRC_URI[sha256sum] = "69d18b7d193f62ca27ed4febcb4c9044aa0c95305d3258fe902e2fae5fc6468d" | 20 | SRC_URI[sha256sum] = "69d18b7d193f62ca27ed4febcb4c9044aa0c95305d3258fe902e2fae5fc6468d" |