From 89d8ac907cbb5a0e214cb306a2d7bb4896165278 Mon Sep 17 00:00:00 2001
From: Hitendra Prajapati <hprajapati@mvista.com>
Date: Thu, 6 Oct 2022 10:57:34 +0530
Subject: dhcp: Fix CVE-2022-2928 & CVE-2022-2929

Source: https://downloads.isc.org/isc/dhcp
MR: 122797, 122812
Type: Security Fix
Disposition: Backport from https://downloads.isc.org/isc/dhcp/4.4.3-P1/patches/
ChangeID: 31490133cae8fc9c77073f9023955d3ff39c0b6e
Description:

Fixed CVEs:
	1. CVE-2022-2928
	2. CVE-2022-2929

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-connectivity/dhcp/dhcp_4.4.2.bb | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'meta/recipes-connectivity/dhcp/dhcp_4.4.2.bb')

diff --git a/meta/recipes-connectivity/dhcp/dhcp_4.4.2.bb b/meta/recipes-connectivity/dhcp/dhcp_4.4.2.bb
index 5609a350cc..d3c87d0d07 100644
--- a/meta/recipes-connectivity/dhcp/dhcp_4.4.2.bb
+++ b/meta/recipes-connectivity/dhcp/dhcp_4.4.2.bb
@@ -11,6 +11,8 @@ SRC_URI += "file://0001-define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.pat
             file://0013-fixup_use_libbind.patch \
             file://0001-workaround-busybox-limitation-in-linux-dhclient-script.patch \
             file://CVE-2021-25217.patch \
+            file://CVE-2022-2928.patch \
+            file://CVE-2022-2929.patch \
 "
 
 SRC_URI[md5sum] = "2afdaf8498dc1edaf3012efdd589b3e1"
-- 
cgit 1.2.3-korg