From 29053ff82bf28da45eef9d7e85d6d3ce7060daf6 Mon Sep 17 00:00:00 2001
From: Armin Kuster <akuster@mvista.com>
Date: Wed, 10 Feb 2016 14:18:24 -0800
Subject: [PATCH] libbsd: Security fix and update 0.8.2

This update includes:
CVE-2016-2090 Heap buffer overflow in fgetwln function of libbsd

libbsd 0.8.1 and earlier contains a buffer overflow in the function
fgetwln(). An if checks if it is necessary to reallocate memory in the
target buffer. However this check is off by one, therefore an out of
bounds write happens.

Upstream has released version 0.8.2 to fix this.

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 .../libbsd/{libbsd_0.8.1.bb => libbsd_0.8.2.bb}               | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename meta/recipes-support/libbsd/{libbsd_0.8.1.bb => libbsd_0.8.2.bb} (91%)

diff --git a/meta/recipes-support/libbsd/libbsd_0.8.1.bb b/meta/recipes-support/libbsd/libbsd_0.8.2.bb
similarity index 91%
rename from meta/recipes-support/libbsd/libbsd_0.8.1.bb
rename to meta/recipes-support/libbsd/libbsd_0.8.2.bb
index 45420d55e6..3335386d8f 100644
--- a/meta/recipes-support/libbsd/libbsd_0.8.1.bb
+++ b/meta/recipes-support/libbsd/libbsd_0.8.2.bb
@@ -37,7 +37,7 @@ SRC_URI = " \
     http://libbsd.freedesktop.org/releases/${BPN}-${PV}.tar.xz \
 "
 
-SRC_URI[md5sum] = "f3daff0283af6e30f25d68be2deac4ef"
-SRC_URI[sha256sum] = "adbc8781ad720bce939b689f38a9f0247732a36792147a7c28027c393c2af9b0"
+SRC_URI[md5sum] = "cdee252ccff978b50ad2336278c506c9"
+SRC_URI[sha256sum] = "b2f644cae94a6e2fe109449c20ad79a0f6ee4faec2205b07eefa0020565e250a"
 
 inherit autotools pkgconfig
-- 
2.40.1