helium-3rd-party/meta-openembedded
1
0
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-05-18 21:59:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

c-ares: CVE-ID correction for CVE-2022-4904

Browse Source 
- The c-ares commit https://github.com/c-ares/c-ares/commit/9903253c347f
  (Add str len check in config_sortlist to avoid stack overflow),
  fixes the CVE-2022-4904 instead of CVE-2022-4415
  https://security-tracker.debian.org/tracker/CVE-2022-4904
- CVE-ID inside the CVE-2022-4904.patch is wrong
  in the OE commit[092e125f44f6]
- Hence corrected the CVE-ID in CVE-2022-4904.patch

Signed-off-by: Shinu Chandran <shinucha@cisco.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This commit is contained in:
Shinu Chandran 2023-09-25 11:12:56 +05:30 committed by Armin Kuster
parent 06c077155c
commit b25e6a9e91
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
meta-oe/recipes-support/c-ares/c-ares/CVE-2022-4904.patch
View File

@ -20,7 +20,7 @@ fixes #496
Fix By: @hopper-vul
CVE: CVE-2022-4415
CVE: CVE-2022-4904
Upstream-Status: Backport [https://github.com/c-ares/c-ares/commit/9903253c347f9e0bffd285ae3829aef251cc852d]
Signed-off-by: Peter Marko <peter.marko@siemens.com>