The original commit "wpa-supplicant: Fix CVE-2015-4142" included the patch file but didn't apply it into the recipe, so the backport has not been effective.
Reported-by: Adam Moore <[email protected]> Signed-off-by: Otavio Salvador <[email protected]> --- meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.4.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.4.bb b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.4.bb index 0186c2b..a124cf2 100644 --- a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.4.bb +++ b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.4.bb @@ -24,6 +24,7 @@ SRC_URI = "http://hostap.epitest.fi/releases/wpa_supplicant-${PV}.tar.gz \ file://wpa_supplicant.conf \ file://wpa_supplicant.conf-sane \ file://99_wpa_supplicant \ + file://0001-AP-WMM-Fix-integer-underflow-in-WMM-Action-frame-par.patch \ file://0001-P2P-Validate-SSID-element-length-before-copying-it-C.patch \ file://0001-WPS-Fix-HTTP-chunked-transfer-encoding-parser.patch \ file://0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch \ -- 2.5.0 -- _______________________________________________ Openembedded-core mailing list [email protected] http://lists.openembedded.org/mailman/listinfo/openembedded-core
