summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSona Sarmadi <sona.sarmadi@enea.com>2016-03-22 11:48:42 (GMT)
committerTudor Florea <tudor.florea@enea.com>2016-03-22 23:21:31 (GMT)
commit8aa66d3b1a976786c4f794e76f8386dc7f2667e5 (patch)
tree0124fec8ddcec5bb2b9907792080acfaeb896b6c
parentbc82af0a6a8e7e9422f452a7106caa257af0b6b6 (diff)
downloadpoky-8aa66d3b1a976786c4f794e76f8386dc7f2667e5.tar.gz
libpcre: Upgrade to libpcre 8.38
The upgrade (libpcre_8.35 to libpcre_8.38) addresses following vulnerabilities: CVE-2015-3210 pcre: heap buffer overflow in pcre_compile2() / compile_regex() CVE-2015-3217 pcre: stack overflow in match() CVE-2015-5073 CVE-2015-8388 pcre: Buffer overflow caused by certain patterns with an unmatched closing parenthesis CVE-2015-8380 pcre: Heap-based buffer overflow in pcre_exec CVE-2015-8381 pcre: Heap Overflow in compile_regex() CVE-2015-8383 pcre: Buffer overflow caused by repeated conditional group CVE-2015-8384 pcre: Buffer overflow caused by recursive back reference by name within certain group CVE-2015-8385 pcre: Buffer overflow caused by forward reference by name to certain group CVE-2015-8386 pcre: Buffer overflow caused by lookbehind assertion CVE-2015-8387 pcre: Integer overflow in subroutine calls CVE-2015-8389 pcre: Infinite recursion in JIT compiler when processing certain patterns CVE-2015-8390 pcre: Reading from uninitialized memory when processing certain patterns CVE-2015-8392 pcre: Buffer overflow caused by certain patterns with duplicated named groups CVE-2015-8393 pcre: Information leak when running pcgrep -q on crafted binary CVE-2015-8394 pcre: Integer overflow caused by missing check for certain conditions CVE-2015-8395 pcre: Buffer overflow caused by certain references CVE-2016-1283 pcre: Heap buffer overflow in pcre_compile2 causes DoS References: http://www.pcre.org/original/changelog.txt http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?h=jethro&id=049be17b533d7c592dae8e0f33ddbae54639a776 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
-rw-r--r--meta/recipes-support/libpcre/libpcre_8.38.bb (renamed from meta/recipes-support/libpcre/libpcre_8.35.bb)6
1 files changed, 3 insertions, 3 deletions
diff --git a/meta/recipes-support/libpcre/libpcre_8.35.bb b/meta/recipes-support/libpcre/libpcre_8.38.bb
index 92098c8..a83a1fe 100644
--- a/meta/recipes-support/libpcre/libpcre_8.35.bb
+++ b/meta/recipes-support/libpcre/libpcre_8.38.bb
@@ -6,7 +6,7 @@ SUMMARY = "Perl Compatible Regular Expressions"
6HOMEPAGE = "http://www.pcre.org" 6HOMEPAGE = "http://www.pcre.org"
7SECTION = "devel" 7SECTION = "devel"
8LICENSE = "BSD" 8LICENSE = "BSD"
9LIC_FILES_CHKSUM = "file://LICENCE;md5=ded617e975f28e15952dc68b84a7ac1a" 9LIC_FILES_CHKSUM = "file://LICENCE;md5=7e4937814aee14758c1c95b59c80c44d"
10SRC_URI = "${SOURCEFORGE_MIRROR}/project/pcre/pcre/${PV}/pcre-${PV}.tar.bz2 \ 10SRC_URI = "${SOURCEFORGE_MIRROR}/project/pcre/pcre/${PV}/pcre-${PV}.tar.bz2 \
11 file://pcre-cross.patch \ 11 file://pcre-cross.patch \
12 file://fix-pcre-name-collision.patch \ 12 file://fix-pcre-name-collision.patch \
@@ -14,8 +14,8 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/project/pcre/pcre/${PV}/pcre-${PV}.tar.bz2 \
14 file://Makefile \ 14 file://Makefile \
15" 15"
16 16
17SRC_URI[md5sum] = "6aacb23986adccd9b3bc626c00979958" 17SRC_URI[md5sum] = "00aabbfe56d5a48b270f999b508c5ad2"
18SRC_URI[sha256sum] = "a961c1c78befef263cc130756eeca7b674b4e73a81533293df44e4265236865b" 18SRC_URI[sha256sum] = "b9e02d36e23024d6c02a2e5b25204b3a4fa6ade43e0a5f869f254f49535079df"
19 19
20S = "${WORKDIR}/pcre-${PV}" 20S = "${WORKDIR}/pcre-${PV}"
21 21