From b03994fe3b772205c389cfae2a3981a53b7e83d6 Mon Sep 17 00:00:00 2001
From: Armin Kuster <akuster@mvista.com>
Date: Sat, 6 Feb 2016 15:14:44 -0800
Subject: glibc: CVE-2015-9761

A stack overflow vulnerability was found in nan* functions that could cause
applications which process long strings with the nan function to crash or,
potentially, execute arbitrary code.

(From OE-Core rev: fd3da8178c8c06b549dbc19ecec40e98ab934d49)

(From OE-Core rev: 6cb0465247195ec25ef1073e79997001380aa807)

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 meta/recipes-core/glibc/glibc_2.21.bb | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'meta/recipes-core/glibc/glibc_2.21.bb')

diff --git a/meta/recipes-core/glibc/glibc_2.21.bb b/meta/recipes-core/glibc/glibc_2.21.bb
index afe32d5..f712f18 100644
--- a/meta/recipes-core/glibc/glibc_2.21.bb
+++ b/meta/recipes-core/glibc/glibc_2.21.bb
@@ -50,6 +50,8 @@ CVEPATCHES = "\
         file://CVE-2015-1781-resolv-nss_dns-dns-host.c-buffer-overf.patch \
         file://CVE-2015-8777.patch \
         file://CVE-2015-8779.patch \
+        file://CVE-2015-9761_1.patch \
+        file://CVE-2015-9761_2.patch \
 "
 
 LIC_FILES_CHKSUM = "file://LICENSES;md5=e9a558e243b36d3209f380deb394b213 \
-- 
cgit v1.1