From 0b13cc2376a5bf69fcbf809ddad8a4bf928970be Mon Sep 17 00:00:00 2001
From: Sona Sarmadi <sona.sarmadi@enea.com>
Date: Mon, 14 Mar 2016 13:55:32 +0100
Subject: rpcbind: CVE-2015-7236

Fixes a use-after-free flaw in rpcbind.

Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7236

Reference to the upstream fix:
http://openwall.com/lists/oss-security/2015/09/18/7

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
---
 meta/recipes-extended/rpcbind/rpcbind_0.2.1.bb | 1 +
 1 file changed, 1 insertion(+)

(limited to 'meta/recipes-extended/rpcbind/rpcbind_0.2.1.bb')

diff --git a/meta/recipes-extended/rpcbind/rpcbind_0.2.1.bb b/meta/recipes-extended/rpcbind/rpcbind_0.2.1.bb
index b7324766f7..460726dc5a 100644
--- a/meta/recipes-extended/rpcbind/rpcbind_0.2.1.bb
+++ b/meta/recipes-extended/rpcbind/rpcbind_0.2.1.bb
@@ -17,6 +17,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/rpcbind/rpcbind-${PV}.tar.bz2 \
            file://rpcbind.conf \
            file://rpcbind.socket \
            file://rpcbind.service \
+           file://CVE-2015-7236.patch \
           "
 
 UCLIBCPATCHES_libc-uclibc = "file://0001-uclibc-nss.patch \
-- 
cgit v1.2.3-54-g00ecf