From e9c696397ae1b4344b8329a13076f265980ee74d Mon Sep 17 00:00:00 2001
From: Armin Kuster <akuster@mvista.com>
Date: Thu, 25 Jun 2020 21:17:36 -0700
Subject: wpa-supplicant: Security fix CVE-2020-12695

Source: http://w1.fi/security/
Disposition: Backport from http://w1.fi/security/2020-1/

Affects <= 2.9 wpa-supplicant

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb')

diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb
index 2936e89eed..7cc03fef7d 100644
--- a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb
+++ b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb
@@ -25,7 +25,10 @@ SRC_URI = "http://w1.fi/releases/wpa_supplicant-${PV}.tar.gz  \
            file://wpa_supplicant.conf-sane \
            file://99_wpa_supplicant \
            file://0001-replace-systemd-install-Alias-with-WantedBy.patch \
-		   file://0001-AP-Silently-ignore-management-frame-from-unexpected-.patch \
+           file://0001-AP-Silently-ignore-management-frame-from-unexpected-.patch \
+           file://0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch \
+           file://0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch \
+           file://0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch \
           "
 SRC_URI[md5sum] = "2d2958c782576dc9901092fbfecb4190"
 SRC_URI[sha256sum] = "fcbdee7b4a64bea8177973299c8c824419c413ec2e3a95db63dd6a5dc3541f17"
-- 
cgit 1.2.3-korg