From 9bfb78bff606700176909abaa5cf8a332292738a Mon Sep 17 00:00:00 2001
From: Wenzong Fan <wenzong.fan@windriver.com>
Date: Fri, 21 Nov 2014 01:02:05 -0500
Subject: serf: uprev to 1.3.7 for fixing CVE-2014-3504

The (1) serf_ssl_cert_issuer, (2) serf_ssl_cert_subject, and (3) serf_-
ssl_cert_certificate functions in Serf 0.2.0 through 1.3.x before 1.3.7
does not properly handle a NUL byte in a domain name in the subject's
Common Name (CN) field of an X.509 certificate, which allows man-in-
the-middle attackers to spoof arbitrary SSL servers via a crafted
certificate issued by a legitimate Certification Authority.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3504

(From OE-Core rev: 832aa4c5a7989636dae3068f508ab2bff8b4ab23)

Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 meta/recipes-support/serf/serf_1.3.6.bb | 27 ---------------------------
 meta/recipes-support/serf/serf_1.3.7.bb | 27 +++++++++++++++++++++++++++
 2 files changed, 27 insertions(+), 27 deletions(-)
 delete mode 100644 meta/recipes-support/serf/serf_1.3.6.bb
 create mode 100644 meta/recipes-support/serf/serf_1.3.7.bb

(limited to 'meta/recipes-support')

diff --git a/meta/recipes-support/serf/serf_1.3.6.bb b/meta/recipes-support/serf/serf_1.3.6.bb
deleted file mode 100644
index 08b04d3ca6..0000000000
--- a/meta/recipes-support/serf/serf_1.3.6.bb
+++ /dev/null
@@ -1,27 +0,0 @@
-
-SRC_URI = "http://serf.googlecode.com/svn/src_releases/serf-1.3.6.tar.bz2 \
-           file://norpath.patch"
-SRC_URI[md5sum] = "7fe38fa6eab078e0beabf291d8e4995d"
-SRC_URI[sha256sum] = "ca637beb0399797d4fc7ffa85e801733cd9c876997fac4a4fd12e9afe86563f2"
-
-LICENSE = "Apache-2.0"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=86d3f3a95c324c9479bd8986968f4327"
-
-DEPENDS = "python-scons-native openssl apr apr-util util-linux expat"
-
-FULLCC = "${STAGING_BINDIR_TOOLCHAIN}/${CC}"
-FULLCC_class-native = "${CC}"
-
-do_compile() {
-	${STAGING_BINDIR_NATIVE}/scons ${PARALLEL_MAKE} PREFIX=${prefix} \
-		CC="${FULLCC}" \
-		APR=`which apr-1-config` APU=`which apu-1-config` \
-		CFLAGS="${CFLAGS}" LINKFLAGS="${LDFLAGS}" \
-		OPENSSL="${STAGING_EXECPREFIXDIR}"
-}
-
-do_install() {
-	${STAGING_BINDIR_NATIVE}/scons PREFIX=${D}${prefix} LIBDIR=${D}${libdir} install
-}
-
-BBCLASSEXTEND = "native"
diff --git a/meta/recipes-support/serf/serf_1.3.7.bb b/meta/recipes-support/serf/serf_1.3.7.bb
new file mode 100644
index 0000000000..5230ef7387
--- /dev/null
+++ b/meta/recipes-support/serf/serf_1.3.7.bb
@@ -0,0 +1,27 @@
+
+SRC_URI = "http://serf.googlecode.com/svn/src_releases/serf-1.3.7.tar.bz2 \
+           file://norpath.patch"
+SRC_URI[md5sum] = "0a6fa745df4517dd8f79c75c538919bc"
+SRC_URI[sha256sum] = "ecccb74e665e6ea7539271e126a21d0f7eeddfeaa8ce090adb3aec6682f9f0ae"
+
+LICENSE = "Apache-2.0"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=86d3f3a95c324c9479bd8986968f4327"
+
+DEPENDS = "python-scons-native openssl apr apr-util util-linux expat"
+
+FULLCC = "${STAGING_BINDIR_TOOLCHAIN}/${CC}"
+FULLCC_class-native = "${CC}"
+
+do_compile() {
+	${STAGING_BINDIR_NATIVE}/scons ${PARALLEL_MAKE} PREFIX=${prefix} \
+		CC="${FULLCC}" \
+		APR=`which apr-1-config` APU=`which apu-1-config` \
+		CFLAGS="${CFLAGS}" LINKFLAGS="${LDFLAGS}" \
+		OPENSSL="${STAGING_EXECPREFIXDIR}"
+}
+
+do_install() {
+	${STAGING_BINDIR_NATIVE}/scons PREFIX=${D}${prefix} LIBDIR=${D}${libdir} install
+}
+
+BBCLASSEXTEND = "native"
-- 
cgit v1.2.3-54-g00ecf