diff options
author | Roy Li <rongqing.li@windriver.com> | 2015-04-29 08:53:35 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2015-05-14 11:41:10 +0100 |
commit | f86a178fd7036541a45bf31a46bddf634c133802 (patch) | |
tree | f44a34b5365088995ef983f4fd0efe8269ffc20d /meta/recipes-extended/unzip/unzip_6.0.bb | |
parent | 6cb0e401f0bfc962eb9f57988fd93f0b0d43c79b (diff) | |
download | openembedded-core-contrib-f86a178fd7036541a45bf31a46bddf634c133802.tar.gz |
unzip: Security Advisory -CVE-2014-9636 and CVE-2015-1315
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9636
unzip 6.0 allows remote attackers to cause a denial of service
(out-of-bounds read or write and crash) via an extra field with
an uncompressed size smaller than the compressed field size in a
zip archive that advertises STORED method compression.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1315
Buffer overflow in the charset_to_intern function in unix/unix.c in
Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code
via a crafted string, as demonstrated by converting a string from CP866
to UTF-8.
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Diffstat (limited to 'meta/recipes-extended/unzip/unzip_6.0.bb')
-rw-r--r-- | meta/recipes-extended/unzip/unzip_6.0.bb | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/meta/recipes-extended/unzip/unzip_6.0.bb b/meta/recipes-extended/unzip/unzip_6.0.bb index e203c069f4..5060d35546 100644 --- a/meta/recipes-extended/unzip/unzip_6.0.bb +++ b/meta/recipes-extended/unzip/unzip_6.0.bb @@ -8,7 +8,10 @@ PR = "r5" SRC_URI = "ftp://ftp.info-zip.org/pub/infozip/src/unzip60.tgz \ file://avoid-strip.patch \ - file://define-ldflags.patch" + file://define-ldflags.patch \ + file://06-unzip60-alt-iconv-utf8_CVE-2015-1315.patch \ + file://unzip-6.0_overflow3.diff \ +" SRC_URI[md5sum] = "62b490407489521db863b523a7f86375" SRC_URI[sha256sum] = "036d96991646d0449ed0aa952e4fbe21b476ce994abc276e49d30e686708bd37" |