From c0f0b6e6ef1edc0a9f9e1ceffb1cdbbef2e409c6 Mon Sep 17 00:00:00 2001 From: Haris Okanovic Date: Fri, 15 May 2015 16:57:11 -0500 Subject: glibc: CVE-2015-1781: resolv/nss_dns/dns-host.c buffer overflow Backport Arjun Shankar's patch for CVE-2015-1781: A buffer overflow flaw was found in the way glibc's gethostbyname_r() and other related functions computed the size of a buffer when passed a misaligned buffer as input. An attacker able to make an application call any of these functions with a misaligned buffer could use this flaw to crash the application or, potentially, execute arbitrary code with the permissions of the user running the application. https://sourceware.org/bugzilla/show_bug.cgi?id=18287 Signed-off-by: Haris Okanovic Reviewed-by: Ben Shelton Signed-off-by: Richard Purdie --- meta/recipes-core/glibc/glibc_2.21.bb | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'meta/recipes-core/glibc/glibc_2.21.bb') diff --git a/meta/recipes-core/glibc/glibc_2.21.bb b/meta/recipes-core/glibc/glibc_2.21.bb index ac8e8f8200..0c2881450b 100644 --- a/meta/recipes-core/glibc/glibc_2.21.bb +++ b/meta/recipes-core/glibc/glibc_2.21.bb @@ -28,6 +28,7 @@ SRC_URI = "git://sourceware.org/git/glibc.git;branch=${BRANCH} \ file://elf-Makefile-fix-a-typo.patch \ file://makesyscall.patch \ ${EGLIBCPATCHES} \ + ${CVEPATCHES} \ " EGLIBCPATCHES = "\ file://timezone-re-written-tzselect-as-posix-sh.patch \ @@ -43,6 +44,9 @@ EGLIBCPATCHES = "\ # file://eglibc-install-pic-archives.patch \ # file://initgroups_keys.patch \ # +CVEPATCHES = "\ + file://CVE-2015-1781-resolv-nss_dns-dns-host.c-buffer-overf.patch \ +" LIC_FILES_CHKSUM = "file://LICENSES;md5=e9a558e243b36d3209f380deb394b213 \ file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ -- cgit 1.2.3-korg