aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorArmin Kuster <akuster@mvista.com>2016-02-10 14:18:24 -0800
committerRichard Purdie <richard.purdie@linuxfoundation.org>2016-02-11 22:32:17 +0000
commit29053ff82bf28da45eef9d7e85d6d3ce7060daf6 (patch)
tree83b5ff3f7cda802bd836abae2d0720f67c01c8e5
parent4ffc1c6ea67e65c21964fa119820b37725f5a5de (diff)
downloadopenembedded-core-contrib-29053ff82bf28da45eef9d7e85d6d3ce7060daf6.tar.gz
libbsd: Security fix and update 0.8.2
This update includes: CVE-2016-2090 Heap buffer overflow in fgetwln function of libbsd libbsd 0.8.1 and earlier contains a buffer overflow in the function fgetwln(). An if checks if it is necessary to reallocate memory in the target buffer. However this check is off by one, therefore an out of bounds write happens. Upstream has released version 0.8.2 to fix this. Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-support/libbsd/libbsd_0.8.2.bb (renamed from meta/recipes-support/libbsd/libbsd_0.8.1.bb)4
1 files changed, 2 insertions, 2 deletions
diff --git a/meta/recipes-support/libbsd/libbsd_0.8.1.bb b/meta/recipes-support/libbsd/libbsd_0.8.2.bb
index 45420d55e6..3335386d8f 100644
--- a/meta/recipes-support/libbsd/libbsd_0.8.1.bb
+++ b/meta/recipes-support/libbsd/libbsd_0.8.2.bb
@@ -37,7 +37,7 @@ SRC_URI = " \
http://libbsd.freedesktop.org/releases/${BPN}-${PV}.tar.xz \
"
-SRC_URI[md5sum] = "f3daff0283af6e30f25d68be2deac4ef"
-SRC_URI[sha256sum] = "adbc8781ad720bce939b689f38a9f0247732a36792147a7c28027c393c2af9b0"
+SRC_URI[md5sum] = "cdee252ccff978b50ad2336278c506c9"
+SRC_URI[sha256sum] = "b2f644cae94a6e2fe109449c20ad79a0f6ee4faec2205b07eefa0020565e250a"
inherit autotools pkgconfig