diff options
author | Lee Chee Yang <chee.yang.lee@intel.com> | 2020-03-11 14:47:36 +0800 |
---|---|---|
committer | Anuj Mittal <anuj.mittal@intel.com> | 2020-03-16 07:04:05 +0800 |
commit | 8ec7a51da26f07fd43b5e6787b15c8636009b183 (patch) | |
tree | ca96bcae4d5e9afc3ed105199fd55a7e6ef05dc1 /meta | |
parent | dac4545cdf0ab848086da96eac123d0c640cd8b2 (diff) | |
download | openembedded-core-contrib-8ec7a51da26f07fd43b5e6787b15c8636009b183.tar.gz |
libpcre2: fix CVE-2019-20454
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Diffstat (limited to 'meta')
-rw-r--r-- | meta/recipes-support/libpcre/libpcre2/CVE-2019-20454.patch | 19 | ||||
-rw-r--r-- | meta/recipes-support/libpcre/libpcre2_10.33.bb | 1 |
2 files changed, 20 insertions, 0 deletions
diff --git a/meta/recipes-support/libpcre/libpcre2/CVE-2019-20454.patch b/meta/recipes-support/libpcre/libpcre2/CVE-2019-20454.patch new file mode 100644 index 0000000000..51f95a7097 --- /dev/null +++ b/meta/recipes-support/libpcre/libpcre2/CVE-2019-20454.patch @@ -0,0 +1,19 @@ +Upstream-Status: Backport [https://vcs.pcre.org/pcre2/code/trunk/src/pcre2_jit_compile.c?r1=1092&r2=1091&pathrev=1092] +CVE: CVE-2020-8002 +Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> + +--- pcre2-10.30/src/pcre2_jit_compile.c 2019/05/13 16:26:17 1091 ++++ pcre2-10.30/src/pcre2_jit_compile.c 2019/05/13 16:38:18 1092 +@@ -8571,7 +8571,10 @@ + PCRE2_SPTR bptr; + uint32_t c; + +-GETCHARINC(c, cc); ++/* Patch by PH */ ++/* GETCHARINC(c, cc); */ ++ ++c = *cc++; + #if PCRE2_CODE_UNIT_WIDTH == 32 + if (c >= 0x110000) + return NULL; + diff --git a/meta/recipes-support/libpcre/libpcre2_10.33.bb b/meta/recipes-support/libpcre/libpcre2_10.33.bb index 50b26753b4..1020df99b8 100644 --- a/meta/recipes-support/libpcre/libpcre2_10.33.bb +++ b/meta/recipes-support/libpcre/libpcre2_10.33.bb @@ -12,6 +12,7 @@ LIC_FILES_CHKSUM = "file://LICENCE;md5=b1588d3bb4cb0e1f5a597d908f8c5b37" SRC_URI = "https://ftp.pcre.org/pub/pcre/pcre2-${PV}.tar.bz2 \ file://pcre-cross.patch \ + file://CVE-2019-20454.patch \ " SRC_URI[md5sum] = "80b355f2dce909a2e2424f5c79eddb44" |