[oe-commits] [openembedded-core] 05/27: patch: add CVE tags to patches

git at git.openembedded.org git at git.openembedded.org
Fri Sep 6 13:58:42 UTC 2019 

This is an automated email from the git hooks/post-receive script.

rpurdie pushed a commit to branch master
in repository openembedded-core.

commit b30e060639d99849e27e5136c33c52d27e3288dc
Author: Ross Burton <ross.burton at intel.com>
AuthorDate: Tue Sep 3 16:59:05 2019 +0100

    patch: add CVE tags to patches
    
    These patches improve CVE fixes but trip up patch status sanity checks, so add
    CVE tags to them.
    
    Signed-off-by: Ross Burton <ross.burton at intel.com>
---
 .../patch/0001-Don-t-leak-temporary-file-on-failed-ed-style-patch.patch  | 1 +
 .../patch/0001-Don-t-leak-temporary-file-on-failed-multi-file-ed.patch   | 1 +
 2 files changed, 2 insertions(+)

diff --git a/meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-ed-style-patch.patch b/meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-ed-style-patch.patch
index 9891526..78345e9 100644
--- a/meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-ed-style-patch.patch
+++ b/meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-ed-style-patch.patch
@@ -17,6 +17,7 @@ https://savannah.gnu.org/bugs/index.php?53820
 
 Fixes: 123eaff0d5d1 ("Fix arbitrary command execution in ed-style patches (CVE-2018-1000156)")
 
+CVE: CVE-2018-1000156
 Upstream-Status: Backport [http://git.savannah.gnu.org/cgit/patch.git/commit/?id=19599883ffb6a450d2884f081f8ecf68edbed7ee]
 Signed-off-by: Anuj Mittal <anuj.mittal at intel.com>
 ---
diff --git a/meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-multi-file-ed.patch b/meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-multi-file-ed.patch
index d6a219a..8ffffef 100644
--- a/meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-multi-file-ed.patch
+++ b/meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-multi-file-ed.patch
@@ -17,6 +17,7 @@ https://savannah.gnu.org/bugs/index.php?53820
 Fixes: 123eaff0d5d1 ("Fix arbitrary command execution in ed-style patches (CVE-2018-1000156)")
 Fixes: 19599883ffb6 ("Don't leak temporary file on failed ed-style patch")
 
+CVE: CVE-2018-1000156
 Upstream-Status: Backport [http://git.savannah.gnu.org/cgit/patch.git/commit/?id=369dcccdfa6336e5a873d6d63705cfbe04c55727]
 Signed-off-by: Anuj Mittal <anuj.mittal at intel.com>
 ---

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.

More information about the Openembedded-commits mailing list