From 93cde0830101b26e598f7366fbaccb3f493d1f7f Mon Sep 17 00:00:00 2001
From: Andrii Bordunov via Openembedded-core
 <openembedded-core@lists.openembedded.org>
Date: Wed, 2 Oct 2019 23:07:35 -0700
Subject: wget: Security fixes CVE-2018-20483

Source: http://git.savannah.gnu.org/cgit/wget.git/
Type: Security Fix
Disposition: Backport from http://git.savannah.gnu.org/cgit/wget.git/
Description:

Fixes CVE-2018-20483

(From OE-Core rev: c901bc8cd9de5853185af2059c6f1efeb4ccdd60)

Signed-off-by: Aviraj CJ <acj@cisco.com>
[Affects Wget before 1.20.1]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 meta/recipes-extended/wget/wget_1.19.5.bb | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'meta/recipes-extended/wget/wget_1.19.5.bb')

diff --git a/meta/recipes-extended/wget/wget_1.19.5.bb b/meta/recipes-extended/wget/wget_1.19.5.bb
index 920b74de1b..a53844bb8f 100644
--- a/meta/recipes-extended/wget/wget_1.19.5.bb
+++ b/meta/recipes-extended/wget/wget_1.19.5.bb
@@ -2,6 +2,8 @@ SRC_URI = "${GNU_MIRROR}/wget/wget-${PV}.tar.gz \
            file://0001-Unset-need_charset_alias-when-building-for-musl.patch \
            file://0002-improve-reproducibility.patch \
            file://CVE-2019-5953.patch \
+           file://CVE-2018-20483_p1.patch \
+           file://CVE-2018-20483_p2.patch \
           "
 
 SRC_URI[md5sum] = "2db6f03d655041f82eb64b8c8a1fa7da"
-- 
cgit v1.2.3-54-g00ecf