[OE-core] [PATCH 1/3] readline: Security Advisory - readline - CVE-2014-2524

[Burton, Ross]

On 16 October 2014 10:48, Kai Kang <kai.kang at windriver.com> wrote:
> +++ b/meta/recipes-core/readline/readline_6.3.bb
> @@ -1,5 +1,7 @@
>  require readline.inc
>
> +SRC_URI_append = " file://readline63-003"

Doing SRC_URI += is the usual thing to do.  Does this CVE also apply
to readline 5.2 that we ship as a non-GPLv3 alternative?

Ross