From f98b8b767d66e0e4bfa6f3e8ef7e44a4d45270e3 Mon Sep 17 00:00:00 2001
From: Armin Kuster <akuster@mvista.com>
Date: Tue, 23 Feb 2016 17:38:25 -0800
Subject: git: Security fixes CVE-2015-7545

CVE-2015-7545 git: arbitrary code execution via crafted URLs

(From OE-Core rev: 0c4bdd61acbc1fa1b9bfb167d8eaf90c8bccc25c)

Signed-off-by: Armin Kuster <akuster@mvista.com>

Already in Jethro, not needed in master due to shipping a version of git
which is already fixes (> 2.6.1)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 meta/recipes-devtools/git/git_2.3.0.bb | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'meta/recipes-devtools/git/git_2.3.0.bb')

diff --git a/meta/recipes-devtools/git/git_2.3.0.bb b/meta/recipes-devtools/git/git_2.3.0.bb
index 1611f6421b..2575ed34cf 100644
--- a/meta/recipes-devtools/git/git_2.3.0.bb
+++ b/meta/recipes-devtools/git/git_2.3.0.bb
@@ -1,5 +1,12 @@
 require git.inc
 
+SRC_URI += "\
+            file://CVE-2015-7545_1.patch \
+            file://CVE-2015-7545_2.patch \
+            file://CVE-2015-7545_3.patch \
+            file://CVE-2015-7545_4.patch \
+            file://CVE-2015-7545_5.patch \
+            "
 SRC_URI[tarball.md5sum] = "edf994cf34cd3354dadcdfa6b4292335"
 SRC_URI[tarball.sha256sum] = "ba2fe814e709a5d0f034ebe82083fce7feed0899b3a8c8b3adf1c5a85d1ce9ac"
 SRC_URI[manpages.md5sum] = "620797eb73b281d0706979ae8038bbd7"
-- 
cgit v1.2.3-54-g00ecf