diff options
-rw-r--r-- | meta/recipes-core/eglibc/eglibc-2.19/CVE-2014-9402_endless-loop-in-getaddr_r.patch | 28 | ||||
-rw-r--r-- | meta/recipes-core/eglibc/eglibc_2.19.bb | 1 |
2 files changed, 29 insertions, 0 deletions
diff --git a/meta/recipes-core/eglibc/eglibc-2.19/CVE-2014-9402_endless-loop-in-getaddr_r.patch b/meta/recipes-core/eglibc/eglibc-2.19/CVE-2014-9402_endless-loop-in-getaddr_r.patch new file mode 100644 index 0000000000..f062420d92 --- /dev/null +++ b/meta/recipes-core/eglibc/eglibc-2.19/CVE-2014-9402_endless-loop-in-getaddr_r.patch | |||
@@ -0,0 +1,28 @@ | |||
1 | eglibc: CVE-2014-9402 endless loop in getaddr_r | ||
2 | |||
3 | https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=11e3417af6e354f1942c68a271ae51e892b2814d | ||
4 | |||
5 | Upstream-Status: Backport | ||
6 | |||
7 | Signed-off-by: Armin Kuster <akuster@mvista.com> | ||
8 | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> | ||
9 | |||
10 | From 11e3417af6e354f1942c68a271ae51e892b2814d Mon Sep 17 00:00:00 2001 | ||
11 | From: Florian Weimer <fweimer@redhat.com> | ||
12 | Date: Mon, 15 Dec 2014 17:41:13 +0100 | ||
13 | Subject: [PATCH] Avoid infinite loop in nss_dns getnetbyname [BZ #17630] | ||
14 | |||
15 | =================================================================== | ||
16 | --- git.orig/resolv/nss_dns/dns-network.c | ||
17 | +++ git/resolv/nss_dns/dns-network.c | ||
18 | @@ -398,8 +398,8 @@ getanswer_r (const querybuf *answer, int | ||
19 | |||
20 | case BYNAME: | ||
21 | { | ||
22 | - char **ap = result->n_aliases++; | ||
23 | - while (*ap != NULL) | ||
24 | + char **ap; | ||
25 | + for (ap = result->n_aliases; *ap != NULL; ++ap) | ||
26 | { | ||
27 | /* Check each alias name for being of the forms: | ||
28 | 4.3.2.1.in-addr.arpa = net 1.2.3.4 | ||
diff --git a/meta/recipes-core/eglibc/eglibc_2.19.bb b/meta/recipes-core/eglibc/eglibc_2.19.bb index 1ef1a429d2..a0c605c7c7 100644 --- a/meta/recipes-core/eglibc/eglibc_2.19.bb +++ b/meta/recipes-core/eglibc/eglibc_2.19.bb | |||
@@ -28,6 +28,7 @@ SRC_URI = "http://downloads.yoctoproject.org/releases/eglibc/eglibc-${PV}-svnr25 | |||
28 | file://CVE-2014-5119.patch \ | 28 | file://CVE-2014-5119.patch \ |
29 | file://CVE-2014-7817-wordexp-fails-to-honour-WRDE_NOCMD.patch \ | 29 | file://CVE-2014-7817-wordexp-fails-to-honour-WRDE_NOCMD.patch \ |
30 | file://CVE-2012-3406-Stack-overflow-in-vfprintf-BZ-16617.patch \ | 30 | file://CVE-2012-3406-Stack-overflow-in-vfprintf-BZ-16617.patch \ |
31 | file://CVE-2014-9402_endless-loop-in-getaddr_r.patch \ | ||
31 | " | 32 | " |
32 | SRC_URI[md5sum] = "197836c2ba42fb146e971222647198dd" | 33 | SRC_URI[md5sum] = "197836c2ba42fb146e971222647198dd" |
33 | SRC_URI[sha256sum] = "baaa030531fc308f7820c46acdf8e1b2f8e3c1f40bcd28b6e440d1c95d170d4c" | 34 | SRC_URI[sha256sum] = "baaa030531fc308f7820c46acdf8e1b2f8e3c1f40bcd28b6e440d1c95d170d4c" |