glibc: CVE-2015-9761

A stack overflow vulnerability was found in nan* functions that could cause applications which process long strings with the nan function to crash or, potentially, execute arbitrary code. (From OE-Core rev: 2859c809ac59789d0e631b5386bdf78a5d5c4f4c) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Armin Kuster <akuster@mvista.com> 2016-01-22 20:23:04 -0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2016-02-18 07:37:49 +0000
commit: 842177a1130f10806f55a895bcf342c7332b1458 (patch)
tree: f8849f55af1c3a86fa6eb94ab970e65fc62c04b5 /meta/recipes-core/glibc/glibc_2.22.bb
parent: efa1ae5e458666eb66dcff93078beb4e21a00fdc (diff)
download: openembedded-core-contrib-842177a1130f10806f55a895bcf342c7332b1458.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/meta/recipes-core/glibc/glibc_2.22.bb b/meta/recipes-core/glibc/glibc_2.22.bb
index 336463a5c3..fd8ace69e9 100644
--- a/meta/recipes-core/glibc/glibc_2.22.bb
+++ b/meta/recipes-core/glibc/glibc_2.22.bb
@@ -45,6 +45,8 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \
            file://0029-fix-getmntent-empty-lines.patch \
            file://CVE-2015-8777.patch \
            file://CVE-2015-8779.patch \
+           file://CVE-2015-9761_1.patch \
+           file://CVE-2015-9761_2.patch \
 "
 
 SRC_URI += "\
author	Armin Kuster <akuster@mvista.com>	2016-01-22 20:23:04 -0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2016-02-18 07:37:49 +0000
commit	842177a1130f10806f55a895bcf342c7332b1458 (patch)
tree	f8849f55af1c3a86fa6eb94ab970e65fc62c04b5 /meta/recipes-core/glibc/glibc_2.22.bb
parent	efa1ae5e458666eb66dcff93078beb4e21a00fdc (diff)
download	openembedded-core-contrib-842177a1130f10806f55a895bcf342c7332b1458.tar.gz