From e11367b255f988ba0cdead7568739180549f751d Mon Sep 17 00:00:00 2001
From: Yi Zhao <yi.zhao@windriver.com>
Date: Tue, 22 Aug 2017 11:10:43 +0800
Subject: [PATCH] sthttpd: update to 2.27.1

* Fix CVE-2017-10671: Heap-based buffer overflow in the de_dotdot
  function in libhttpd.c

* Update SRC_URI because the original site can not access.

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
---
 .../sthttpd/{sthttpd_2.27.0.bb => sthttpd_2.27.1.bb}        | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)
 rename meta-webserver/recipes-httpd/sthttpd/{sthttpd_2.27.0.bb => sthttpd_2.27.1.bb} (88%)

diff --git a/meta-webserver/recipes-httpd/sthttpd/sthttpd_2.27.0.bb b/meta-webserver/recipes-httpd/sthttpd/sthttpd_2.27.1.bb
similarity index 88%
rename from meta-webserver/recipes-httpd/sthttpd/sthttpd_2.27.0.bb
rename to meta-webserver/recipes-httpd/sthttpd/sthttpd_2.27.1.bb
index 2125b24570..c9fe55b489 100644
--- a/meta-webserver/recipes-httpd/sthttpd/sthttpd_2.27.0.bb
+++ b/meta-webserver/recipes-httpd/sthttpd/sthttpd_2.27.1.bb
@@ -6,13 +6,13 @@ LIC_FILES_CHKSUM = "file://src/thttpd.c;beginline=1;endline=26;md5=0c5762c2c34dc
 
 DEPENDS += "base-passwd"
 
-SRC_URI = "http://opensource.dyc.edu/pub/sthttpd/sthttpd-${PV}.tar.gz \
+SRC_URI = "https://github.com/blueness/${BPN}/archive/v${PV}.tar.gz;downloadfilename=${BP}.tar.gz \
            file://thttpd.service \
            file://thttpd.conf \
            file://init"
 
-SRC_URI[md5sum] = "f7dd2d506dc5fad2ad8794b1800d2634"
-SRC_URI[sha256sum] = "97d660a881331e93818e872ce11536f461105d70a18dfc5de5895851c4b2afdb"
+SRC_URI[md5sum] = "3cda1b6c8c8542b1510eadb8e540d8b6"
+SRC_URI[sha256sum] = "a1ee2806432eaf5b5dd267a0523701f9f1fa00fefd499d5bec42165a41e05846"
 
 S = "${WORKDIR}/sthttpd-${PV}"