diff options
author | 2016-02-05 08:57:11 -0800 | |
---|---|---|
committer | 2016-02-07 22:47:10 +0000 | |
commit | b2c9b48dea2fd968c307a809ff95f2e686435222 (patch) | |
tree | f9b6887b23010cc76d2da489774785adb71d952c /meta/recipes-support/curl/curl_7.44.0.bb | |
parent | 7474c7dbf98c1a068bfd9b14627b604da5d79b67 (diff) | |
download | openembedded-core-contrib-b2c9b48dea2fd968c307a809ff95f2e686435222.tar.gz |
curl: Security fix CVE-2016-0754
CVE-2016-0754 curl: remote file name path traversal in curl tool for Windows
Signed-off-by: Armin Kuster <akuster@mvista.com>
Diffstat (limited to 'meta/recipes-support/curl/curl_7.44.0.bb')
-rw-r--r-- | meta/recipes-support/curl/curl_7.44.0.bb | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/meta/recipes-support/curl/curl_7.44.0.bb b/meta/recipes-support/curl/curl_7.44.0.bb index f6d350e86a..852c4dd472 100644 --- a/meta/recipes-support/curl/curl_7.44.0.bb +++ b/meta/recipes-support/curl/curl_7.44.0.bb @@ -12,7 +12,8 @@ SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \ # curl likes to set -g0 in CFLAGS, so we stop it # from mucking around with debug options # -SRC_URI += " file://configure_ac.patch" +SRC_URI += " file://configure_ac.patch \ + file://CVE-2016-0754.patch" SRC_URI[md5sum] = "6b952ca00e5473b16a11f05f06aa8dae" SRC_URI[sha256sum] = "1e2541bae6582bb697c0fbae49e1d3e6fad5d05d5aa80dbd6f072e0a44341814" |