From 259aebc9dbcaeb1587aaaab849942f55fa321724 Mon Sep 17 00:00:00 2001
From: Ming Liu <ming.liu@windriver.com>
Date: Wed, 26 Mar 2014 16:32:12 +0800
Subject: gnupg: CVE-2013-4351

GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits
cleared (no usage permitted) as if it has all bits set (all usage permitted),
which might allow remote attackers to bypass intended cryptographic protection
mechanisms by leveraging the subkey.

Signed-off-by: Ming Liu <ming.liu@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 meta/recipes-support/gnupg/gnupg_1.4.7.bb | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'meta/recipes-support/gnupg/gnupg_1.4.7.bb')

diff --git a/meta/recipes-support/gnupg/gnupg_1.4.7.bb b/meta/recipes-support/gnupg/gnupg_1.4.7.bb
index fcc5fba9dd..83d8fabb5d 100644
--- a/meta/recipes-support/gnupg/gnupg_1.4.7.bb
+++ b/meta/recipes-support/gnupg/gnupg_1.4.7.bb
@@ -14,7 +14,9 @@ SRC_URI = "ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-${PV}.tar.bz2 \
            file://configure.patch \
            file://mips_gcc4.4.patch \
            file://GnuPG1-CVE-2012-6085.patch \
-           file://curl_typeof_fix_backport.patch"
+           file://curl_typeof_fix_backport.patch \
+           file://CVE-2013-4351.patch \
+	  "
 
 SRC_URI[md5sum] = "b06a141cca5cd1a55bbdd25ab833303c"
 SRC_URI[sha256sum] = "69d18b7d193f62ca27ed4febcb4c9044aa0c95305d3258fe902e2fae5fc6468d"
-- 
cgit v1.2.3