curl: Security fix for CVE-2016-8615

Affected versions: curl 7.1 to and including 7.50.3 Not affected versions: curl >= 7.51.0 Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com>
author: Thiruvadi Rajaraman <trajaraman@mvista.com> 2017-11-04 07:41:53 -0700
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2017-11-21 14:42:56 +0000
commit: b754be84206b454789fbd6d444d00a4e422cb3e9 (patch)
tree: 2c9b0c7c535ae0881a4d7e304925ed4bddf14b9f /meta/recipes-support/curl/curl_7.50.1.bb
parent: ff3904dec584daf627c267bf639d69aca13a1227 (diff)
download: openembedded-core-b754be84206b454789fbd6d444d00a4e422cb3e9.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/meta/recipes-support/curl/curl_7.50.1.bb b/meta/recipes-support/curl/curl_7.50.1.bb
index 653fa2e7a8..c11eb0c246 100644
--- a/meta/recipes-support/curl/curl_7.50.1.bb
+++ b/meta/recipes-support/curl/curl_7.50.1.bb
@@ -12,7 +12,9 @@ SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \
 # curl likes to set -g0 in CFLAGS, so we stop it
 # from mucking around with debug options
 #
-SRC_URI += " file://configure_ac.patch"
+SRC_URI += " file://configure_ac.patch \
+             file://CVE-2016-8615.patch \
+           "
 
 SRC_URI[md5sum] = "015f6a0217ca6f2c5442ca406476920b"
 SRC_URI[sha256sum] = "3c12c5f54ccaa1d40abc65d672107dcc75d3e1fcb38c267484334280096e5156"
author	Thiruvadi Rajaraman <trajaraman@mvista.com>	2017-11-04 07:41:53 -0700
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2017-11-21 14:42:56 +0000
commit	b754be84206b454789fbd6d444d00a4e422cb3e9 (patch)
tree	2c9b0c7c535ae0881a4d7e304925ed4bddf14b9f /meta/recipes-support/curl/curl_7.50.1.bb
parent	ff3904dec584daf627c267bf639d69aca13a1227 (diff)
download	openembedded-core-b754be84206b454789fbd6d444d00a4e422cb3e9.tar.gz