indent: fix CVE-2023-40305stable/kirkstone-nut

GNU indent 2.2.13 has a heap-based buffer overflow in search_brace in indent.c via a crafted file. Reference: https://savannah.gnu.org/bugs/index.php?64503 Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
author: Yogita Urade <yogita.urade@windriver.com> 2023-10-20 04:56:09 +0000
committer: Armin Kuster <akuster808@gmail.com> 2023-11-03 10:52:59 -0400
commit: 7da6cb848bc42b3e6bd5d2b37b52ba75510a6ca0 (patch)
tree: ef59f822029d7e5408f136c17558360631de4cd9 /meta-oe/recipes-extended/indent/indent_2.2.12.bb
parent: b4bee1f709f28bc70eab9666ce3010be0ee06f95 (diff)
download: meta-openembedded-stable/kirkstone-nut.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/meta-oe/recipes-extended/indent/indent_2.2.12.bb b/meta-oe/recipes-extended/indent/indent_2.2.12.bb
index 1a7d61abc0..a846682c13 100644
--- a/meta-oe/recipes-extended/indent/indent_2.2.12.bb
+++ b/meta-oe/recipes-extended/indent/indent_2.2.12.bb
@@ -17,6 +17,8 @@ SRC_URI = "${GNU_MIRROR}/${BPN}/${BP}.tar.gz \
           file://0001-Makefile.am-remove-regression-dir.patch \
           file://0001-Fix-builds-with-recent-gettext.patch \
           file://0001-Remove-dead-paren_level-code.patch \
+           file://CVE-2023-40305_0001.patch \
+           file://CVE-2023-40305_0002.patch \
           "
 SRC_URI[md5sum] = "4764b6ac98f6654a35da117b8e5e8e14"
 SRC_URI[sha256sum] = "e77d68c0211515459b8812118d606812e300097cfac0b4e9fb3472664263bb8b"
author	Yogita Urade <yogita.urade@windriver.com>	2023-10-20 04:56:09 +0000
committer	Armin Kuster <akuster808@gmail.com>	2023-11-03 10:52:59 -0400
commit	7da6cb848bc42b3e6bd5d2b37b52ba75510a6ca0 (patch)
tree	ef59f822029d7e5408f136c17558360631de4cd9 /meta-oe/recipes-extended/indent/indent_2.2.12.bb
parent	b4bee1f709f28bc70eab9666ce3010be0ee06f95 (diff)
download	meta-openembedded-stable/kirkstone-nut.tar.gz