From ef16919e98108724ede5ad5d79e3cbab1918d6d5 Mon Sep 17 00:00:00 2001
From: Xiangyu Chen <xiangyu.chen@windriver.com>
Date: Wed, 19 Apr 2023 13:43:35 +0800
Subject: shadow: backport patch to fix CVE-2023-29383

The fix of CVE-2023-29383.patch contains a bug that it rejects all
characters that are not control ones, so backup another patch named
"0001-Overhaul-valid_field.patch" from upstream to fix it.

(From OE-Core rev: c5da9027cc73484936f4f82a37c32348cee1e229)

Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 meta/recipes-extended/shadow/shadow.inc | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'meta/recipes-extended/shadow/shadow.inc')

diff --git a/meta/recipes-extended/shadow/shadow.inc b/meta/recipes-extended/shadow/shadow.inc
index 52b10000ee..cf05a3af93 100644
--- a/meta/recipes-extended/shadow/shadow.inc
+++ b/meta/recipes-extended/shadow/shadow.inc
@@ -15,6 +15,8 @@ SRC_URI = "${GITHUB_BASE_URI}/download/${PV}/${BP}.tar.gz \
            ${@bb.utils.contains('PACKAGECONFIG', 'pam', '${PAM_SRC_URI}', '', d)} \
            file://useradd \
 	   file://0001-Fix-can-not-print-full-login.patch \
+           file://CVE-2023-29383.patch \
+           file://0001-Overhaul-valid_field.patch \
            "
 
 SRC_URI:append:class-target = " \
-- 
cgit v1.2.3-54-g00ecf