From e479ec9e6cbd34f3a7a56a170aaabcc4229f1959 Mon Sep 17 00:00:00 2001
From: Armin Kuster <akuster@mvista.com>
Date: Fri, 5 Feb 2016 08:58:42 -0800
Subject: curl: Secuirty fix CVE-2016-0755

CVE-2016-0755 curl: NTLM credentials not-checked for proxy connection re-use

(From OE-Core master rev: 8322814c7f657f572d5c986652e708d6bd774378)

hand applied changed to url.c

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
---
 meta/recipes-support/curl/curl_7.40.0.bb | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'meta/recipes-support/curl/curl_7.40.0.bb')

diff --git a/meta/recipes-support/curl/curl_7.40.0.bb b/meta/recipes-support/curl/curl_7.40.0.bb
index 01c201e18a..7fa3274091 100644
--- a/meta/recipes-support/curl/curl_7.40.0.bb
+++ b/meta/recipes-support/curl/curl_7.40.0.bb
@@ -17,7 +17,8 @@ SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \
 # from mucking around with debug options
 #
 SRC_URI += " file://configure_ac.patch \
-             file://CVE-2016-0754.patch"
+             file://CVE-2016-0754.patch \
+             file://CVE-2016-0755.patch"
 
 SRC_URI[md5sum] = "8d30594212e65657a5c32030f0998fa9"
 SRC_URI[sha256sum] = "899109eb3900fa6b8a2f995df7f449964292776a04763e94fae640700f883fba"
-- 
cgit 1.2.3-korg