[oe-commits] [openembedded-core] 03/03: curl: security fix for CVE-2016-5421

git at git.openembedded.org git at git.openembedded.org
Fri Sep 2 07:49:02 UTC 2016 

rpurdie pushed a commit to branch krogoth
in repository openembedded-core.

commit 2a9f4823483b6f5decc6d504858f06f66ab9e06c
Author: Maxin B. John <maxin.john at intel.com>
AuthorDate: Mon Aug 22 14:15:41 2016 +0300

    curl: security fix for CVE-2016-5421
    
    Affected versions: libcurl 7.32.0 to and including 7.50.0
    
    Signed-off-by: Maxin B. John <maxin.john at intel.com>
    Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
---
 meta/recipes-support/curl/curl/CVE-2016-5421.patch | 36 ++++++++++++++++++++++
 meta/recipes-support/curl/curl_7.47.1.bb           |  1 +
 2 files changed, 37 insertions(+)

diff --git a/meta/recipes-support/curl/curl/CVE-2016-5421.patch b/meta/recipes-support/curl/curl/CVE-2016-5421.patch
new file mode 100644
index 0000000..862da75
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-5421.patch
@@ -0,0 +1,36 @@
+From 75dc096e01ef1e21b6c57690d99371dedb2c0b80 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel at haxx.se>
+Date: Sun, 31 Jul 2016 01:09:04 +0200
+Subject: [PATCH] curl_multi_cleanup: clear connection pointer for easy handles
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Bug: https://curl.haxx.se/docs/adv_20160803C.html
+Reported-by: Marcelo Echeverria and Fernando Muñoz
+
+Upstream-Status: Backport
+https://curl.haxx.se/CVE-2016-5421.patch
+
+CVE: CVE-2016-5421
+Signed-off-by: Maxin B. John <maxin.john at intel.com>
+---
+ lib/multi.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/lib/multi.c b/lib/multi.c
+index 9ee3523..8bb9366 100644
+--- a/lib/multi.c
++++ b/lib/multi.c
+@@ -2157,6 +2157,8 @@ static void close_all_connections(struct Curl_multi *multi)
+     conn->data = multi->closure_handle;
+ 
+     sigpipe_ignore(conn->data, &pipe_st);
++    conn->data->easy_conn = NULL; /* clear the easy handle's connection
++                                     pointer */
+     /* This will remove the connection from the cache */
+     (void)Curl_disconnect(conn, FALSE);
+     sigpipe_restore(&pipe_st);
+-- 
+2.4.0
+
diff --git a/meta/recipes-support/curl/curl_7.47.1.bb b/meta/recipes-support/curl/curl_7.47.1.bb
index 8d459c7..6c71760 100644
--- a/meta/recipes-support/curl/curl_7.47.1.bb
+++ b/meta/recipes-support/curl/curl_7.47.1.bb
@@ -13,6 +13,7 @@ SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2"
 SRC_URI += " file://configure_ac.patch \
              file://CVE-2016-5419.patch \
              file://CVE-2016-5420.patch \
+             file://CVE-2016-5421.patch \
            "
 
 SRC_URI[md5sum] = "9ea3123449439bbd960cd25cf98796fb"

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.

More information about the Openembedded-commits mailing list