From ab318acf535fe20c52bdde2e7f3fc17b1dc22dbd Mon Sep 17 00:00:00 2001
From: Dan Tran <dantran@microsoft.com>
Date: Tue, 8 Oct 2019 18:20:02 +0000
Subject: gnutls: Fix CVE-2019-3829 and CVE-2019-3836

(From OE-Core rev: 54c6892543319c4b8f7248e95966e956053c97b7)

Signed-off-by: Dan Tran <dantran@microsoft.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 meta/recipes-support/gnutls/gnutls_3.6.4.bb | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'meta/recipes-support/gnutls/gnutls_3.6.4.bb')

diff --git a/meta/recipes-support/gnutls/gnutls_3.6.4.bb b/meta/recipes-support/gnutls/gnutls_3.6.4.bb
index 6d2a11df34..30873f00db 100644
--- a/meta/recipes-support/gnutls/gnutls_3.6.4.bb
+++ b/meta/recipes-support/gnutls/gnutls_3.6.4.bb
@@ -19,6 +19,10 @@ SHRT_VER = "${@d.getVar('PV').split('.')[0]}.${@d.getVar('PV').split('.')[1]}"
 
 SRC_URI = "https://www.gnupg.org/ftp/gcrypt/gnutls/v${SHRT_VER}/gnutls-${PV}.tar.xz \
            file://arm_eabi.patch \
+           file://CVE-2019-3829_p1.patch \
+           file://CVE-2019-3829_p2.patch \
+           file://CVE-2019-3829_p3.patch \
+           file://CVE-2019-3836.patch \
 "
 
 SRC_URI[md5sum] = "63363d1c00601f4d11a5cadc8b5e0799"
-- 
cgit v1.2.3-54-g00ecf