Message ID | 20230925054256.788656-1-shinucha@cisco.com |
---|---|
State | New |
Headers | show |
Series | [meta-oe,kirkstone] c-ares: CVE-ID correction for CVE-2022-4904 | expand |
diff --git a/meta-oe/recipes-support/c-ares/c-ares/CVE-2022-4904.patch b/meta-oe/recipes-support/c-ares/c-ares/CVE-2022-4904.patch index 0a0e8f0b6..328075ca6 100644 --- a/meta-oe/recipes-support/c-ares/c-ares/CVE-2022-4904.patch +++ b/meta-oe/recipes-support/c-ares/c-ares/CVE-2022-4904.patch @@ -20,7 +20,7 @@ fixes #496 Fix By: @hopper-vul -CVE: CVE-2022-4415 +CVE: CVE-2022-4904 Upstream-Status: Backport [https://github.com/c-ares/c-ares/commit/9903253c347f9e0bffd285ae3829aef251cc852d] Signed-off-by: Peter Marko <peter.marko@siemens.com>
- The c-ares commit https://github.com/c-ares/c-ares/commit/9903253c347f (Add str len check in config_sortlist to avoid stack overflow), fixes the CVE-2022-4904 instead of CVE-2022-4415 https://security-tracker.debian.org/tracker/CVE-2022-4904 - CVE-ID inside the CVE-2022-4904.patch is wrong in the OE commit[092e125f44f6] - Hence corrected the CVE-ID in CVE-2022-4904.patch Signed-off-by: Shinu Chandran <shinucha@cisco.com> --- meta-oe/recipes-support/c-ares/c-ares/CVE-2022-4904.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)