From 5bebd3abb85fec2af8d49045f696d73ec6a169c5 Mon Sep 17 00:00:00 2001
From: Sona Sarmadi <sona.sarmadi@enea.com>
Date: Wed, 3 Feb 2016 11:59:18 +0100
Subject: glibc: CVE-2015-8779

Fixes an overflow vulnerability causing applications which
pass long strings to the catopen function to crash or,
potentially execute arbitrary code.

(From OE-Core rev: af20e323932caba8883c91dac610e1ba2b3d4ab5)

Rferences:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-8779
Upstream bug: https://sourceware.org/bugzilla/show_bug.cgi?id=17905
CVE assignment: http://seclists.org/oss-sec/2016/q1/153

Reference to the upstream fix:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=
0f58539030e436449f79189b6edab17d7479796e

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
---
 meta/recipes-core/glibc/glibc_2.20.bb | 1 +
 1 file changed, 1 insertion(+)

(limited to 'meta/recipes-core/glibc/glibc_2.20.bb')

diff --git a/meta/recipes-core/glibc/glibc_2.20.bb b/meta/recipes-core/glibc/glibc_2.20.bb
index b9891d85ce..b854ea2cf7 100644
--- a/meta/recipes-core/glibc/glibc_2.20.bb
+++ b/meta/recipes-core/glibc/glibc_2.20.bb
@@ -54,6 +54,7 @@ CVEPATCHES = "\
         file://CVE-2015-8776.patch \
         file://CVE-2015-8777.patch \
         file://CVE-2015-8778.patch \
+        file://CVE-2015-8779.patch \
     "
 LIC_FILES_CHKSUM = "file://LICENSES;md5=e9a558e243b36d3209f380deb394b213 \
       file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
-- 
cgit v1.2.3-54-g00ecf