[OE-core] [PATCH] curl: Security Advisory - CVE-2014-3613 & CVE-2014-3620
Maxin B. John
maxin.john at enea.com
Thu Sep 25 17:17:54 UTC 2014
Hi Ross,
On Thu, Sep 25, 2014 at 04:08:23PM +0100, Burton, Ross wrote:
> On 25 September 2014 12:36, Maxin B. John <maxin.john at enea.com> wrote:
> > Details of vulnerabilities are available below:
> > CVE-2014-3613: http://curl.haxx.se/docs/adv_20140910A.html
> > CVE-2014-3620: http://curl.haxx.se/docs/adv_20140910B.html
> >
> > Signed-off-by: Maxin B. John <maxin.john at enea.com>
>
> This fails to apply:
>
> ERROR: Command Error: exit status: 1 Output:
> Applying patch CVE-2014-3613.patch
> patching file lib/cookie.c
> patching file tests/data/test1105
> patching file tests/data/test31
> Hunk #1 FAILED at 49.
> 1 out of 2 hunks FAILED -- rejects in file tests/data/test31
> patching file tests/data/test8
> Patch CVE-2014-3613.patch does not apply (enforce with -f)
> ERROR: Function failed: patch_do_patch
> ERROR: Logfile of failure stored in:
> /data/poky-master/tmp/work/corei7-64-poky-linux/curl/7.37.1-r0/temp/log.do_patch.13247
> ERROR: Task 1 (/home/ross/Yocto/poky/meta/recipes-support/curl/curl_7.37.1.bb,
> do_patch) failed with exit code '1'
I have tried it with the latest master and it "worked for me".
Could you please confirm if it was applied on the "master" branch ?
(Couldn't recreate this failure at my PC)
> Ross
Best Regards,
Maxin
More information about the Openembedded-core
mailing list