1 files changed, 55 insertions, 0 deletions
diff --git a/meta/recipes-support/curl/curl/CVE-2023-27536.patch b/meta/recipes-support/curl/curl/CVE-2023-27536.patch
new file mode 100644
index 0000000000..b04a77de25
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2023-27536.patch
@@ -0,0 +1,55 @@
+From cb49e67303dbafbab1cebf4086e3ec15b7d56ee5 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Fri, 10 Mar 2023 09:22:43 +0100
+Subject: [PATCH] url: only reuse connections with same GSS delegation
+Reported-by: Harry Sintonen
+Closes #10731
+Upstream-Status: Backport [https://github.com/curl/curl/commit/cb49e67303dbafbab1cebf4086e3ec15b7d56ee5]
+CVE: CVE-2023-27536
+Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+---
+ lib/url.c     | 6 ++++++
+ lib/urldata.h | 1 +
+ 2 files changed, 7 insertions(+)
+diff --git a/lib/url.c b/lib/url.c
+index f84375c..87f4eb0 100644
+--- a/lib/url.c
+++ b/lib/url.c
+@@ -1257,6 +1257,11 @@ ConnectionExists(struct Curl_easy *data,
+         }
+       }
+ 
+      /* GSS delegation differences do not actually affect every connection
+         and auth method, but this check takes precaution before efficiency */
+      if(needle->gssapi_delegation != check->gssapi_delegation)
+       continue;
+
+ #ifdef USE_SSH
+       else if(get_protocol_family(needle->handler->protocol) & PROTO_FAMILY_SSH) {
+         if(!ssh_config_matches(needle, check))
+@@ -1708,6 +1713,7 @@ static struct connectdata *allocate_conn(struct Curl_easy *data)
+   conn->fclosesocket = data->set.fclosesocket;
+   conn->closesocket_client = data->set.closesocket_client;
+   conn->lastused = Curl_now(); /* used now */
+  conn->gssapi_delegation = data->set.gssapi_delegation;
+ 
+   return conn;
+   error:
+diff --git a/lib/urldata.h b/lib/urldata.h
+index 51b793b..b8a611b 100644
+--- a/lib/urldata.h
+++ b/lib/urldata.h
+@@ -1118,6 +1118,7 @@ struct connectdata {
+                               handle */
+   BIT(sock_accepted); /* TRUE if the SECONDARYSOCKET was created with
+                          accept() */
+  long gssapi_delegation; /* inherited from set.gssapi_delegation */
+ };
+ 
+ /* The end of connectdata. */
+-- 
+2.25.1

diff --git a/meta/recipes-support/curl/curl/CVE-2023-27536.patch b/meta/recipes-support/curl/curl/CVE-2023-27536.patch new file mode 100644 index 0000000000..b04a77de25 --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2023-27536.patch
@@ -0,0 +1,55 @@
	1	From cb49e67303dbafbab1cebf4086e3ec15b7d56ee5 Mon Sep 17 00:00:00 2001
	2	From: Daniel Stenberg <daniel@haxx.se>
	3	Date: Fri, 10 Mar 2023 09:22:43 +0100
	4	Subject: [PATCH] url: only reuse connections with same GSS delegation
	5
	6	Reported-by: Harry Sintonen
	7	Closes #10731
	8
	9	Upstream-Status: Backport [https://github.com/curl/curl/commit/cb49e67303dbafbab1cebf4086e3ec15b7d56ee5]
	10	CVE: CVE-2023-27536
	11	Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
	12	---
	13	lib/url.c \| 6 ++++++
	14	lib/urldata.h \| 1 +
	15	2 files changed, 7 insertions(+)
	16
	17	diff --git a/lib/url.c b/lib/url.c
	18	index f84375c..87f4eb0 100644
	19	--- a/lib/url.c
	20	+++ b/lib/url.c
	21	@@ -1257,6 +1257,11 @@ ConnectionExists(struct Curl_easy *data,
	22	}
	23	}
	24
	25	+ /* GSS delegation differences do not actually affect every connection
	26	+ and auth method, but this check takes precaution before efficiency */
	27	+ if(needle->gssapi_delegation != check->gssapi_delegation)
	28	+ continue;
	29	+
	30	#ifdef USE_SSH
	31	else if(get_protocol_family(needle->handler->protocol) & PROTO_FAMILY_SSH) {
	32	if(!ssh_config_matches(needle, check))
	33	@@ -1708,6 +1713,7 @@ static struct connectdata allocate_conn(struct Curl_easy data)
	34	conn->fclosesocket = data->set.fclosesocket;
	35	conn->closesocket_client = data->set.closesocket_client;
	36	conn->lastused = Curl_now(); /* used now */
	37	+ conn->gssapi_delegation = data->set.gssapi_delegation;
	38
	39	return conn;
	40	error:
	41	diff --git a/lib/urldata.h b/lib/urldata.h
	42	index 51b793b..b8a611b 100644
	43	--- a/lib/urldata.h
	44	+++ b/lib/urldata.h
	45	@@ -1118,6 +1118,7 @@ struct connectdata {
	46	handle */
	47	BIT(sock_accepted); /* TRUE if the SECONDARYSOCKET was created with
	48	accept() */
	49	+ long gssapi_delegation; /* inherited from set.gssapi_delegation */
	50	};
	51
	52	/* The end of connectdata. */
	53	--
	54	2.25.1
	55