glib-2.0: Fix CVE-2021-27219

The upstream patches are only in glib >= 2.66.6 and >= 2.67.3 and won't be backported. This patch is developed based on the upstream patch set and consulting teh backports recently made by Ubuntu for the 2.64.6 series. Signed-off-by: Anatol Belski <anbelski@linux.microsoft.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
author: Anatol Belski <anbelski@linux.microsoft.com> 2021-03-15 13:29:42 +0000
committer: Anuj Mittal <anuj.mittal@intel.com> 2021-03-19 16:03:25 +0800
commit: 513d2a82cc9574983d017a2c0b2de87e181befa5 (patch)
tree: 8bf2fb00e0997e9c38257f72061e7e41e15a69de /meta/recipes-core/glib-2.0/glib-2.0_2.64.5.bb
parent: a321345bee919ff16f6041ded26776da890c395d (diff)
download: openembedded-core-contrib-513d2a82cc9574983d017a2c0b2de87e181befa5.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-core/glib-2.0/glib-2.0_2.64.5.bb b/meta/recipes-core/glib-2.0/glib-2.0_2.64.5.bb
index b9462bc945..ed7b649dc6 100644
--- a/meta/recipes-core/glib-2.0/glib-2.0_2.64.5.bb
+++ b/meta/recipes-core/glib-2.0/glib-2.0_2.64.5.bb
@@ -18,6 +18,7 @@ SRC_URI = "${GNOME_MIRROR}/glib/${SHRT_VER}/glib-${PV}.tar.xz \
            file://0001-gio-tests-resources.c-comment-out-a-build-host-only-.patch \
            file://tzdata-update.patch \
            file://CVE-2020-35457.patch \
+           file://CVE-2021-27219.patch \
            "
 
 SRC_URI_append_class-native = " file://relocate-modules.patch"
author	Anatol Belski <anbelski@linux.microsoft.com>	2021-03-15 13:29:42 +0000
committer	Anuj Mittal <anuj.mittal@intel.com>	2021-03-19 16:03:25 +0800
commit	513d2a82cc9574983d017a2c0b2de87e181befa5 (patch)
tree	8bf2fb00e0997e9c38257f72061e7e41e15a69de /meta/recipes-core/glib-2.0/glib-2.0_2.64.5.bb
parent	a321345bee919ff16f6041ded26776da890c395d (diff)
download	openembedded-core-contrib-513d2a82cc9574983d017a2c0b2de87e181befa5.tar.gz