2 files changed, 29 insertions, 0 deletions
diff --git a/meta/recipes-core/eglibc/eglibc-2.19/CVE-2014-9402_endless-loop-in-getaddr_r.patch b/meta/recipes-core/eglibc/eglibc-2.19/CVE-2014-9402_endless-loop-in-getaddr_r.patch
new file mode 100644
index 0000000000..f062420d92
--- /dev/null
+++ b/meta/recipes-core/eglibc/eglibc-2.19/CVE-2014-9402_endless-loop-in-getaddr_r.patch
@@ -0,0 +1,28 @@
+eglibc: CVE-2014-9402 endless loop in getaddr_r
+https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=11e3417af6e354f1942c68a271ae51e892b2814d
+Upstream-Status: Backport
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+From 11e3417af6e354f1942c68a271ae51e892b2814d Mon Sep 17 00:00:00 2001
+From: Florian Weimer <fweimer@redhat.com>
+Date: Mon, 15 Dec 2014 17:41:13 +0100
+Subject: [PATCH] Avoid infinite loop in nss_dns getnetbyname [BZ #17630]
+===================================================================
+--- git.orig/resolv/nss_dns/dns-network.c
+++ git/resolv/nss_dns/dns-network.c
+@@ -398,8 +398,8 @@ getanswer_r (const querybuf *answer, int
+ 
+        case BYNAME:
+          {
+-           char **ap = result->n_aliases++;
+-           while (*ap != NULL)
+           char **ap;
+           for (ap = result->n_aliases; *ap != NULL; ++ap)
+              {
+                /* Check each alias name for being of the forms:
+                   4.3.2.1.in-addr.arpa         = net 1.2.3.4
diff --git a/meta/recipes-core/eglibc/eglibc_2.19.bb b/meta/recipes-core/eglibc/eglibc_2.19.bb
index 1ef1a429d2..a0c605c7c7 100644
--- a/meta/recipes-core/eglibc/eglibc_2.19.bb
+++ b/meta/recipes-core/eglibc/eglibc_2.19.bb
@@ -28,6 +28,7 @@ SRC_URI = "http://downloads.yoctoproject.org/releases/eglibc/eglibc-${PV}-svnr25
           file://CVE-2014-5119.patch \
           file://CVE-2014-7817-wordexp-fails-to-honour-WRDE_NOCMD.patch \
           file://CVE-2012-3406-Stack-overflow-in-vfprintf-BZ-16617.patch \
+           file://CVE-2014-9402_endless-loop-in-getaddr_r.patch \
          "
 SRC_URI[md5sum] = "197836c2ba42fb146e971222647198dd"
 SRC_URI[sha256sum] = "baaa030531fc308f7820c46acdf8e1b2f8e3c1f40bcd28b6e440d1c95d170d4c"

diff --git a/meta/recipes-core/eglibc/eglibc-2.19/CVE-2014-9402_endless-loop-in-getaddr_r.patch b/meta/recipes-core/eglibc/eglibc-2.19/CVE-2014-9402_endless-loop-in-getaddr_r.patch new file mode 100644 index 0000000000..f062420d92 --- /dev/null +++ b/meta/recipes-core/eglibc/eglibc-2.19/CVE-2014-9402_endless-loop-in-getaddr_r.patch
@@ -0,0 +1,28 @@
		1	eglibc: CVE-2014-9402 endless loop in getaddr_r
		2
		3	https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=11e3417af6e354f1942c68a271ae51e892b2814d
		4
		5	Upstream-Status: Backport
		6
		7	Signed-off-by: Armin Kuster <akuster@mvista.com>
		8	Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
		9
		10	From 11e3417af6e354f1942c68a271ae51e892b2814d Mon Sep 17 00:00:00 2001
		11	From: Florian Weimer <fweimer@redhat.com>
		12	Date: Mon, 15 Dec 2014 17:41:13 +0100
		13	Subject: [PATCH] Avoid infinite loop in nss_dns getnetbyname [BZ #17630]
		14
		15	===================================================================
		16	--- git.orig/resolv/nss_dns/dns-network.c
		17	+++ git/resolv/nss_dns/dns-network.c
		18	@@ -398,8 +398,8 @@ getanswer_r (const querybuf *answer, int
		19
		20	case BYNAME:
		21	{
		22	- char **ap = result->n_aliases++;
		23	- while (*ap != NULL)
		24	+ char **ap;
		25	+ for (ap = result->n_aliases; *ap != NULL; ++ap)
		26	{
		27	/* Check each alias name for being of the forms:
		28	4.3.2.1.in-addr.arpa = net 1.2.3.4


diff --git a/meta/recipes-core/eglibc/eglibc_2.19.bb b/meta/recipes-core/eglibc/eglibc_2.19.bb index 1ef1a429d2..a0c605c7c7 100644 --- a/meta/recipes-core/eglibc/eglibc_2.19.bb +++ b/meta/recipes-core/eglibc/eglibc_2.19.bb
@@ -28,6 +28,7 @@ SRC_URI = "http://downloads.yoctoproject.org/releases/eglibc/eglibc-${PV}-svnr25
28	file://CVE-2014-5119.patch \	28	file://CVE-2014-5119.patch \
29	file://CVE-2014-7817-wordexp-fails-to-honour-WRDE_NOCMD.patch \	29	file://CVE-2014-7817-wordexp-fails-to-honour-WRDE_NOCMD.patch \
30	file://CVE-2012-3406-Stack-overflow-in-vfprintf-BZ-16617.patch \	30	file://CVE-2012-3406-Stack-overflow-in-vfprintf-BZ-16617.patch \
		31	file://CVE-2014-9402_endless-loop-in-getaddr_r.patch \
31	"	32	"
32	SRC_URI[md5sum] = "197836c2ba42fb146e971222647198dd"	33	SRC_URI[md5sum] = "197836c2ba42fb146e971222647198dd"
33	SRC_URI[sha256sum] = "baaa030531fc308f7820c46acdf8e1b2f8e3c1f40bcd28b6e440d1c95d170d4c"	34	SRC_URI[sha256sum] = "baaa030531fc308f7820c46acdf8e1b2f8e3c1f40bcd28b6e440d1c95d170d4c"