glibc: CVE-2015-9761

A stack overflow vulnerability was found in nan* functions that could cause applications which process long strings with the nan function to crash or, potentially, execute arbitrary code. Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Armin Kuster <akuster@mvista.com> 2016-01-22 20:23:04 -0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2016-02-18 07:37:32 +0000
commit: 2859c809ac59789d0e631b5386bdf78a5d5c4f4c (patch)
tree: 98e69604454d0535dbcabb4b7568086f432e968f /meta/recipes-core/glibc/glibc_2.22.bb
parent: e0f71f123147bf4f48cc90c7f26a50164ed4115e (diff)
download: openembedded-core-contrib-2859c809ac59789d0e631b5386bdf78a5d5c4f4c.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/meta/recipes-core/glibc/glibc_2.22.bb b/meta/recipes-core/glibc/glibc_2.22.bb
index 336463a5c3..fd8ace69e9 100644
--- a/meta/recipes-core/glibc/glibc_2.22.bb
+++ b/meta/recipes-core/glibc/glibc_2.22.bb
@@ -45,6 +45,8 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \
            file://0029-fix-getmntent-empty-lines.patch \
            file://CVE-2015-8777.patch \
            file://CVE-2015-8779.patch \
+           file://CVE-2015-9761_1.patch \
+           file://CVE-2015-9761_2.patch \
 "
 
 SRC_URI += "\
author	Armin Kuster <akuster@mvista.com>	2016-01-22 20:23:04 -0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2016-02-18 07:37:32 +0000
commit	2859c809ac59789d0e631b5386bdf78a5d5c4f4c (patch)
tree	98e69604454d0535dbcabb4b7568086f432e968f /meta/recipes-core/glibc/glibc_2.22.bb
parent	e0f71f123147bf4f48cc90c7f26a50164ed4115e (diff)
download	openembedded-core-contrib-2859c809ac59789d0e631b5386bdf78a5d5c4f4c.tar.gz