diff options
author | Hitendra Prajapati <hprajapati@mvista.com> | 2022-06-28 11:19:48 +0530 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2022-07-16 12:56:17 -0700 |
commit | 9f3d116fddd81fcf71fdd9d78af0673619dc50b3 (patch) | |
tree | 320d6bc6c92ef97414aa8c7ff60c016cf3199309 /meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.27.bb | |
parent | b406297d3bcdef6d174eea85945623f1a8f0e3b9 (diff) | |
download | meta-openembedded-9f3d116fddd81fcf71fdd9d78af0673619dc50b3.tar.gz |
cyrus-sasl: CVE-2022-24407 failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands
Source: https://github.com/cyrusimap/cyrus-sasl
MR: 118501
Type: Security Fix
Disposition: Backport from https://github.com/cyrusimap/cyrus-sasl/commit/9eff746c9daecbcc0041b09a5a51ba30738cdcbc
ChangeID: 5e0fc4c28d97b498128e4aa5d3e7c012e914ef51
Description:
CVE-2022-24407 cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands.
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.27.bb')
-rw-r--r-- | meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.27.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.27.bb b/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.27.bb index db5f94444f..3e7056d67d 100644 --- a/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.27.bb +++ b/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.27.bb @@ -17,6 +17,7 @@ SRC_URI = "git://github.com/cyrusimap/cyrus-sasl;protocol=https;branch=master \ file://0001-Allow-saslauthd-to-be-built-outside-of-source-tree-w.patch \ file://0001-makeinit.sh-fix-parallel-build-issue.patch \ file://CVE-2019-19906.patch \ + file://CVE-2022-24407.patch \ " UPSTREAM_CHECK_URI = "https://github.com/cyrusimap/cyrus-sasl/archives" |