From 995de756e344ab7965160a633c2a408bede7ed97 Mon Sep 17 00:00:00 2001
From: Ross Burton <ross.burton@intel.com>
Date: Mon, 29 Apr 2013 15:41:43 +0100
Subject: perl: fix CVE-2013-1667

From http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1667:

"The rehash mechanism in Perl 5.8.2 through 5.16.x allows context-dependent
attackers to cause a denial of service (memory consumption and crash) via a
crafted hash key."

Patch taken from upstream git.

(From OE-Core rev: ccc272a3f7bf240733dc3af1d8d7b870c55e1f5b)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 meta/recipes-devtools/perl/perl_5.14.2.bb | 1 +
 1 file changed, 1 insertion(+)

(limited to 'meta/recipes-devtools/perl/perl_5.14.2.bb')

diff --git a/meta/recipes-devtools/perl/perl_5.14.2.bb b/meta/recipes-devtools/perl/perl_5.14.2.bb
index 5e17661507..dbfcf4cf1f 100644
--- a/meta/recipes-devtools/perl/perl_5.14.2.bb
+++ b/meta/recipes-devtools/perl/perl_5.14.2.bb
@@ -69,6 +69,7 @@ SRC_URI = "http://www.cpan.org/src/5.0/perl-${PV}.tar.gz \
 	file://perl-archlib-exp.patch \
 	file://perl-fix-CVE-2012-5195.patch \
 	file://cve-2012-6329.patch \
+	file://cve-2013-1667.patch \
 	\
         file://config.sh \
         file://config.sh-32 \
-- 
cgit v1.2.3-54-g00ecf