libbsd: Security fix CVE-2016-2090

CVE-2016-2090 Heap buffer overflow in fgetwln function of libbsd affects libbsd <= 0.8.1 (and therefore not needed in master) (From OE-Core rev: e56aba3a822f072f8ed2062a691762a4a970a3f0) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Armin Kuster <akuster@mvista.com> 2016-02-11 16:20:34 -0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2016-02-18 10:57:11 +0000
commit: ae57ea03c6a41f2e3b61e0c157e32ca7df7b3c4b (patch)
tree: 81df74e315a28ae380e8a0d5d9720e8fb9f1574e /meta/recipes-support/libbsd/libbsd_0.7.0.bb
parent: eb9666a3e2ee659fc47cd137205299eb6b6d817a (diff)
download: poky-ae57ea03c6a41f2e3b61e0c157e32ca7df7b3c4b.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/meta/recipes-support/libbsd/libbsd_0.7.0.bb b/meta/recipes-support/libbsd/libbsd_0.7.0.bb
index 902666da7f..8d9a708a15 100644
--- a/meta/recipes-support/libbsd/libbsd_0.7.0.bb
+++ b/meta/recipes-support/libbsd/libbsd_0.7.0.bb
@@ -13,7 +13,9 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=f1530ea92aeaa1c5e2547cfd43905d8c"
 SECTION = "libs"
 DEPENDS = ""
-SRC_URI = "http://libbsd.freedesktop.org/releases/${BPN}-${PV}.tar.xz"
+SRC_URI = "http://libbsd.freedesktop.org/releases/${BPN}-${PV}.tar.xz \
+           file://CVE-2016-2090.patch \
+           "
 SRC_URI[md5sum] = "fcceb4e66fd448ca4ed42ba22a8babb0"
 SRC_URI[sha256sum] = "0f3b0e17e5c34c038126e0a04351b11e23c6101a7d0ce3beeab29bb6415c10bb"
author	Armin Kuster <akuster@mvista.com>	2016-02-11 16:20:34 -0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2016-02-18 10:57:11 +0000
commit	ae57ea03c6a41f2e3b61e0c157e32ca7df7b3c4b (patch)
tree	81df74e315a28ae380e8a0d5d9720e8fb9f1574e /meta/recipes-support/libbsd/libbsd_0.7.0.bb
parent	eb9666a3e2ee659fc47cd137205299eb6b6d817a (diff)
download	poky-ae57ea03c6a41f2e3b61e0c157e32ca7df7b3c4b.tar.gz

diff --git a/meta/recipes-support/libbsd/libbsd_0.7.0.bb b/meta/recipes-support/libbsd/libbsd_0.7.0.bb index 902666da7f..8d9a708a15 100644 --- a/meta/recipes-support/libbsd/libbsd_0.7.0.bb +++ b/meta/recipes-support/libbsd/libbsd_0.7.0.bb
@@ -13,7 +13,9 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=f1530ea92aeaa1c5e2547cfd43905d8c"
13	SECTION = "libs"	13	SECTION = "libs"
14	DEPENDS = ""	14	DEPENDS = ""
15		15
16	SRC_URI = "http://libbsd.freedesktop.org/releases/${BPN}-${PV}.tar.xz"	16	SRC_URI = "http://libbsd.freedesktop.org/releases/${BPN}-${PV}.tar.xz \
		17	file://CVE-2016-2090.patch \
		18	"
17		19
18	SRC_URI[md5sum] = "fcceb4e66fd448ca4ed42ba22a8babb0"	20	SRC_URI[md5sum] = "fcceb4e66fd448ca4ed42ba22a8babb0"
19	SRC_URI[sha256sum] = "0f3b0e17e5c34c038126e0a04351b11e23c6101a7d0ce3beeab29bb6415c10bb"	21	SRC_URI[sha256sum] = "0f3b0e17e5c34c038126e0a04351b11e23c6101a7d0ce3beeab29bb6415c10bb"