libtirpc: Fix CVE-2017-8779

This vulnerability is also called "rpcbomb". Backport upstream patch to fix this vulnerability. CVE: CVE-2017-8779 Signed-off-by: Fan Xin<fan.xin@jp.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
author: Fan Xin <fan.xin@jp.fujitsu.com> 2017-06-07 17:29:03 +0900
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2018-03-15 15:47:28 -0700
commit: bb6af5f0dbb39553654ba3a587c8078bb635da6f (patch)
tree: 78aa18dfa632b33698f1491a1e19b3f1698e95b7 /meta/recipes-extended/libtirpc/libtirpc_1.0.1.bb
parent: d8842e86114cae7ca006ef903ac5459c7414010e (diff)
download: openembedded-core-contrib-bb6af5f0dbb39553654ba3a587c8078bb635da6f.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-extended/libtirpc/libtirpc_1.0.1.bb b/meta/recipes-extended/libtirpc/libtirpc_1.0.1.bb
index 5518fb3c78..f41d2f3e3d 100644
--- a/meta/recipes-extended/libtirpc/libtirpc_1.0.1.bb
+++ b/meta/recipes-extended/libtirpc/libtirpc_1.0.1.bb
@@ -16,6 +16,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BP}.tar.bz2;name=libtirpc \
            file://export_key_secretkey_is_set.patch \
            file://0001-replace-__bzero-with-memset-API.patch \
            file://0001-include-stdint.h-for-uintptr_t.patch \
+           file://0001-Fix-for-CVE-2017-8779.patch \
            "
 
 SRC_URI_append_libc-uclibc = " file://remove-des-functionality.patch \
author	Fan Xin <fan.xin@jp.fujitsu.com>	2017-06-07 17:29:03 +0900
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2018-03-15 15:47:28 -0700
commit	bb6af5f0dbb39553654ba3a587c8078bb635da6f (patch)
tree	78aa18dfa632b33698f1491a1e19b3f1698e95b7 /meta/recipes-extended/libtirpc/libtirpc_1.0.1.bb
parent	d8842e86114cae7ca006ef903ac5459c7414010e (diff)
download	openembedded-core-contrib-bb6af5f0dbb39553654ba3a587c8078bb635da6f.tar.gz