aboutsummaryrefslogtreecommitdiffstats
path: root/meta/recipes-support/nspr/nspr_4.10.3.bb
diff options
context:
space:
mode:
authorXufeng Zhang <xufeng.zhang@windriver.com>2014-07-23 23:27:47 -0400
committerRichard Purdie <richard.purdie@linuxfoundation.org>2014-07-25 15:33:34 +0100
commit191cab2f679491c2b6ddba49c5cf4886dcd22f57 (patch)
tree3e62a3357d3f46d8ffc9b7c87ac4f85c095679e7 /meta/recipes-support/nspr/nspr_4.10.3.bb
parent86c2483f0fe05fb763d280ae22d70e54cb4bb0bc (diff)
downloadopenembedded-core-contrib-191cab2f679491c2b6ddba49c5cf4886dcd22f57.tar.gz
nspr: Fix for CVE-2014-1545
Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions.Per: http://cwe.mitre.org/data/definitions/787.html Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-support/nspr/nspr_4.10.3.bb')
-rw-r--r--meta/recipes-support/nspr/nspr_4.10.3.bb1
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-support/nspr/nspr_4.10.3.bb b/meta/recipes-support/nspr/nspr_4.10.3.bb
index 0adfe3b3a3..60e1bfa7b1 100644
--- a/meta/recipes-support/nspr/nspr_4.10.3.bb
+++ b/meta/recipes-support/nspr/nspr_4.10.3.bb
@@ -9,6 +9,7 @@ SRC_URI = "ftp://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v${PV}/src/nspr-$
file://remove-rpath-from-tests.patch \
file://fix-build-on-x86_64.patch \
file://trickly-fix-build-on-x86_64.patch \
+ file://nspr-CVE-2014-1545.patch \
"
SRC_URI += "file://nspr.pc.in"
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-04-27 19:14:52 +0000