From 3f0a4551969798803e019435f1f4b5e8f88bea1a Mon Sep 17 00:00:00 2001
From: Armin Kuster <akuster808@gmail.com>
Date: Sat, 13 Sep 2014 18:19:40 -0700
Subject: eglibc: CVE-2014-5119 fix

__gconv_translit_find: Disable function [BZ #17187]

This functionality has never worked correctly, and the implementation
contained a security vulnerability (CVE-2014-5119).

Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
---
 meta/recipes-core/eglibc/eglibc_2.19.bb | 1 +
 1 file changed, 1 insertion(+)

(limited to 'meta/recipes-core/eglibc/eglibc_2.19.bb')

diff --git a/meta/recipes-core/eglibc/eglibc_2.19.bb b/meta/recipes-core/eglibc/eglibc_2.19.bb
index c65e6a592b..090cfe6fa0 100644
--- a/meta/recipes-core/eglibc/eglibc_2.19.bb
+++ b/meta/recipes-core/eglibc/eglibc_2.19.bb
@@ -26,6 +26,7 @@ SRC_URI = "http://downloads.yoctoproject.org/releases/eglibc/eglibc-${PV}-svnr25
            file://fix-tibetian-locales.patch \
            file://ppce6500-32b_slow_ieee754_sqrt.patch \
            file://grok_gold.patch \
+           file://CVE-2014-5119.patch \
           "
 SRC_URI[md5sum] = "197836c2ba42fb146e971222647198dd"
 SRC_URI[sha256sum] = "baaa030531fc308f7820c46acdf8e1b2f8e3c1f40bcd28b6e440d1c95d170d4c"
-- 
cgit 1.2.3-korg