diff options
| author |   Xufeng Zhang <xufeng.zhang@windriver.com> | 2014-07-28 04:14:16 -0400 |
|---|---|---|
| committer |   Joe MacDonald <joe_macdonald@mentor.com> | 2014-08-05 16:23:58 -0400 |
| commit | c1094b8af73fd363a97488c52890fb050da1db69 (patch) | |
| tree | 38d6c92984638209a8f9ca7a9578974d675906b7 /meta-networking/recipes-irc/znc/znc_git.bb | |
| parent | 71bb2dc7c3cbb41e3a566510d3ea20cb42eebb21 (diff) | |
| download | meta-openembedded-contrib-c1094b8af73fd363a97488c52890fb050da1db69.tar.gz | |
znc: Fix for CVE-2013-2130
ZNC 1.0 allows remote authenticated users to cause a denial of service
(NULL pointer reference and crash) via a crafted request to the (1) editnetwork,
(2) editchan, (3) addchan, or (4) delchan page in modules/webadmin.cpp.
Per: http://cwe.mitre.org/data/definitions/476.html
CWE-476: NULL Pointer Dereference
Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Diffstat (limited to 'meta-networking/recipes-irc/znc/znc_git.bb')
| -rw-r--r-- | meta-networking/recipes-irc/znc/znc_git.bb | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/meta-networking/recipes-irc/znc/znc_git.bb b/meta-networking/recipes-irc/znc/znc_git.bb index c8a19dc569..77db25b330 100644 --- a/meta-networking/recipes-irc/znc/znc_git.bb +++ b/meta-networking/recipes-irc/znc/znc_git.bb @@ -7,7 +7,9 @@ DEPENDS = "openssl" PV = "1.0+git" SRCREV = "ef59c23068547c132cb678092fba9a21317fd5f2" -SRC_URI = "git://github.com/znc/znc.git" +SRC_URI = "git://github.com/znc/znc.git \ + file://0001-Fix-NULL-pointer-dereference-in-webadmin.patch \ + " S = "${WORKDIR}/git" |