diff options
| author |   Ming Liu <ming.liu@windriver.com> | 2014-03-26 16:32:12 +0800 |
|---|---|---|
| committer |   Richard Purdie <richard.purdie@linuxfoundation.org> | 2014-03-26 12:15:11 +0000 |
| commit | 259aebc9dbcaeb1587aaaab849942f55fa321724 (patch) | |
| tree | c43eaee38259be93e380a541ba516a8805a44ef9 /meta/recipes-support/gnupg/gnupg_1.4.7.bb | |
| parent | 3e0ac7357a962e3ef6595d21ec4843b078a764dd (diff) | |
| download | openembedded-core-contrib-259aebc9dbcaeb1587aaaab849942f55fa321724.tar.gz | |
gnupg: CVE-2013-4351
GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits
cleared (no usage permitted) as if it has all bits set (all usage permitted),
which might allow remote attackers to bypass intended cryptographic protection
mechanisms by leveraging the subkey.
Signed-off-by: Ming Liu <ming.liu@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-support/gnupg/gnupg_1.4.7.bb')
| -rw-r--r-- | meta/recipes-support/gnupg/gnupg_1.4.7.bb | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/meta/recipes-support/gnupg/gnupg_1.4.7.bb b/meta/recipes-support/gnupg/gnupg_1.4.7.bb index fcc5fba9dd..83d8fabb5d 100644 --- a/meta/recipes-support/gnupg/gnupg_1.4.7.bb +++ b/meta/recipes-support/gnupg/gnupg_1.4.7.bb @@ -14,7 +14,9 @@ SRC_URI = "ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-${PV}.tar.bz2 \ file://configure.patch \ file://mips_gcc4.4.patch \ file://GnuPG1-CVE-2012-6085.patch \ - file://curl_typeof_fix_backport.patch" + file://curl_typeof_fix_backport.patch \ + file://CVE-2013-4351.patch \ + " SRC_URI[md5sum] = "b06a141cca5cd1a55bbdd25ab833303c" SRC_URI[sha256sum] = "69d18b7d193f62ca27ed4febcb4c9044aa0c95305d3258fe902e2fae5fc6468d" |