diff options
| author |   Jussi Kukkonen <jussi.kukkonen@intel.com> | 2016-10-10 11:30:03 +0300 |
|---|---|---|
| committer |   Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-10-11 08:26:09 +0100 |
| commit | 68d56306baa21e66756fb44c6c5680e725b1e3bc (patch) | |
| tree | 3b066640b3be134551fb3152621d788ca02f40cd /meta/recipes-devtools/flex/flex_2.6.0.bb | |
| parent | 591a5aecfe4a52dc3b9e11883334c604dd9fc957 (diff) | |
| download | openembedded-core-contrib-68d56306baa21e66756fb44c6c5680e725b1e3bc.tar.gz | |
flex: Backport buffer overflow fix
Fix a heap-based buffer overflow in yy_get_next_buffer()
(CVE-2016-6354).
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/flex/flex_2.6.0.bb')
| -rw-r--r-- | meta/recipes-devtools/flex/flex_2.6.0.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-devtools/flex/flex_2.6.0.bb b/meta/recipes-devtools/flex/flex_2.6.0.bb index 3a45752f8b..ab35b09f99 100644 --- a/meta/recipes-devtools/flex/flex_2.6.0.bb +++ b/meta/recipes-devtools/flex/flex_2.6.0.bb @@ -15,6 +15,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/flex/flex-${PV}.tar.bz2 \ file://do_not_create_pdf_doc.patch \ file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \ file://0002-avoid-c-comments-in-c-code-fails-with-gcc-6.patch \ + file://CVE-2016-6354.patch \ ${@bb.utils.contains('PTEST_ENABLED', '1', '', 'file://disable-tests.patch', d)} \ " |