From 1c7d6584a7811b7785ae5c1e378f14b5ba0971cf Mon Sep 17 00:00:00 2001
From: takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp>
Date: Mon, 2 Nov 2020 11:07:33 +0900
Subject: basesystem-jj recipes

---
 .../gstreamer1.0-plugins-base/CVE-2019-9928.patch  | 33 ----------------------
 1 file changed, 33 deletions(-)
 delete mode 100644 external/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/CVE-2019-9928.patch

(limited to 'external/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/CVE-2019-9928.patch')

diff --git a/external/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/CVE-2019-9928.patch b/external/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/CVE-2019-9928.patch
deleted file mode 100644
index 0ad7245c..00000000
--- a/external/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/CVE-2019-9928.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From f672277509705c4034bc92a141eefee4524d15aa Mon Sep 17 00:00:00 2001
-From: Tobias Ronge <tobiasr@axis.com>
-Date: Thu, 14 Mar 2019 10:12:27 +0100
-Subject: [PATCH] gstrtspconnection: Security loophole making heap overflow
-
-The former code allowed an attacker to create a heap overflow by
-sending a longer than allowed session id in a response and including a
-semicolon to change the maximum length. With this change, the parser
-will never go beyond 512 bytes.
-
-Upstream-Status: Backport
-CVE: CVE-2019-9928
-Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
----
- gst-libs/gst/rtsp/gstrtspconnection.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/gst-libs/gst/rtsp/gstrtspconnection.c b/gst-libs/gst/rtsp/gstrtspconnection.c
-index a6755bedd..c0429064a 100644
---- a/gst-libs/gst/rtsp/gstrtspconnection.c
-+++ b/gst-libs/gst/rtsp/gstrtspconnection.c
-@@ -2461,7 +2461,7 @@ build_next (GstRTSPBuilder * builder, GstRTSPMessage * message,
-           maxlen = sizeof (conn->session_id) - 1;
-           /* the sessionid can have attributes marked with ;
-            * Make sure we strip them */
--          for (i = 0; session_id[i] != '\0'; i++) {
-+          for (i = 0; i < maxlen && session_id[i] != '\0'; i++) {
-             if (session_id[i] == ';') {
-               maxlen = i;
-               /* parse timeout */
--- 
-2.21.0
-
-- 
cgit 1.2.3-korg