1 files changed, 31 insertions, 0 deletions
diff --git a/meta/recipes-support/curl/curl/CVE-2023-27538.patch b/meta/recipes-support/curl/curl/CVE-2023-27538.patch
new file mode 100644
index 0000000000..6c40989d3b
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2023-27538.patch
@@ -0,0 +1,31 @@
+From af369db4d3833272b8ed443f7fcc2e757a0872eb Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Fri, 10 Mar 2023 08:22:51 +0100
+Subject: [PATCH] url: fix the SSH connection reuse check
+Reported-by: Harry Sintonen
+Closes #10735
+CVE: CVE-2023-27538
+Upstream-Status: Backport [https://github.com/curl/curl/commit/af369db4d3833272b8ed443f7fcc2e757a0872eb]
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ lib/url.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+diff --git a/lib/url.c b/lib/url.c
+index 8da0245..9f14a7b 100644
+--- a/lib/url.c
+++ b/lib/url.c
+@@ -1266,7 +1266,7 @@ ConnectionExists(struct Curl_easy *data,
+         }
+       }
+ 
+-      if(get_protocol_family(needle->handler->protocol) == PROTO_FAMILY_SSH) {
+      if(get_protocol_family(needle->handler->protocol) & PROTO_FAMILY_SSH) {
+         if(!ssh_config_matches(needle, check))
+           continue;
+       }
+-- 
+2.25.1

diff --git a/meta/recipes-support/curl/curl/CVE-2023-27538.patch b/meta/recipes-support/curl/curl/CVE-2023-27538.patch new file mode 100644 index 0000000000..6c40989d3b --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2023-27538.patch
@@ -0,0 +1,31 @@
	1	From af369db4d3833272b8ed443f7fcc2e757a0872eb Mon Sep 17 00:00:00 2001
	2	From: Daniel Stenberg <daniel@haxx.se>
	3	Date: Fri, 10 Mar 2023 08:22:51 +0100
	4	Subject: [PATCH] url: fix the SSH connection reuse check
	5
	6	Reported-by: Harry Sintonen
	7	Closes #10735
	8
	9	CVE: CVE-2023-27538
	10	Upstream-Status: Backport [https://github.com/curl/curl/commit/af369db4d3833272b8ed443f7fcc2e757a0872eb]
	11	Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
	12	---
	13	lib/url.c \| 2 +-
	14	1 file changed, 1 insertion(+), 1 deletion(-)
	15
	16	diff --git a/lib/url.c b/lib/url.c
	17	index 8da0245..9f14a7b 100644
	18	--- a/lib/url.c
	19	+++ b/lib/url.c
	20	@@ -1266,7 +1266,7 @@ ConnectionExists(struct Curl_easy *data,
	21	}
	22	}
	23
	24	- if(get_protocol_family(needle->handler->protocol) == PROTO_FAMILY_SSH) {
	25	+ if(get_protocol_family(needle->handler->protocol) & PROTO_FAMILY_SSH) {
	26	if(!ssh_config_matches(needle, check))
	27	continue;
	28	}
	29	--
	30	2.25.1
	31