From b9da1f441bbd8ef2c4bbcd2aabd2d42b65757827 Mon Sep 17 00:00:00 2001
From: Sona Sarmadi <sona.sarmadi@enea.com>
Date: Wed, 29 Apr 2015 11:02:21 +0200
Subject: elfutils: CVE-2014-9447

directory traversal in read_long_names()

Reference
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9447

Upstream commit with the analysis:
https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e

(From OE-Core rev: 6e7badf6819f372bd6dced191c7fda9748062126)

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Maxin B. John <maxin.john@enea.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 meta/recipes-devtools/elfutils/elfutils_0.155.bb | 1 +
 1 file changed, 1 insertion(+)

(limited to 'meta/recipes-devtools/elfutils/elfutils_0.155.bb')

diff --git a/meta/recipes-devtools/elfutils/elfutils_0.155.bb b/meta/recipes-devtools/elfutils/elfutils_0.155.bb
index b1f410c0f6..edb4919e1a 100644
--- a/meta/recipes-devtools/elfutils/elfutils_0.155.bb
+++ b/meta/recipes-devtools/elfutils/elfutils_0.155.bb
@@ -23,6 +23,7 @@ SRC_URI += "\
 	file://nm-Fix-size-passed-to-snprintf-for-invalid-sh_name-case.patch \
 	file://elfutils-ar-c-fix-num-passed-to-memset.patch \
 	file://fix-build-gcc-4.8.patch \
+        file://CVE-2014-9447.patch \
 "
 # Only apply when building uclibc based target recipe
 SRC_URI_append_libc-uclibc = " file://uclibc-support.patch"
-- 
cgit v1.2.3-54-g00ecf