[oe-commits] [openembedded-core] 16/18: unzip: actually apply CVE-2018-18384
git at git.openembedded.org
git at git.openembedded.org
Sat Nov 24 21:48:06 UTC 2018
This is an automated email from the git hooks/post-receive script.
rpurdie pushed a commit to branch sumo
in repository openembedded-core.
commit 1a42e6401369ffaf02f4711c01f757007f831cc8
Author: Ross Burton <ross.burton at intel.com>
AuthorDate: Fri Nov 9 16:28:36 2018 +0000
unzip: actually apply CVE-2018-18384
(From OE-Core rev: d8e1b7afc536f989e7e6efdab0998d54f26ad1f6)
Signed-off-by: Ross Burton <ross.burton at intel.com>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
---
meta/recipes-extended/unzip/unzip_6.0.bb | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/recipes-extended/unzip/unzip_6.0.bb b/meta/recipes-extended/unzip/unzip_6.0.bb
index a47491e..f6a4cb6 100644
--- a/meta/recipes-extended/unzip/unzip_6.0.bb
+++ b/meta/recipes-extended/unzip/unzip_6.0.bb
@@ -21,6 +21,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/infozip/UnZip%206.x%20%28latest%29/UnZip%206.0/
file://19-cve-2016-9844-zipinfo-buffer-overflow.patch \
file://symlink.patch \
file://0001-unzip-fix-CVE-2018-1000035.patch \
+ file://CVE-2018-18384.patch \
"
UPSTREAM_VERSION_UNKNOWN = "1"
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Openembedded-commits
mailing list