[oe-commits] [openembedded-core] 05/27: patch: add CVE tags to patches
git at git.openembedded.org
git at git.openembedded.org
Fri Sep 6 13:58:42 UTC 2019
This is an automated email from the git hooks/post-receive script.
rpurdie pushed a commit to branch master
in repository openembedded-core.
commit b30e060639d99849e27e5136c33c52d27e3288dc
Author: Ross Burton <ross.burton at intel.com>
AuthorDate: Tue Sep 3 16:59:05 2019 +0100
patch: add CVE tags to patches
These patches improve CVE fixes but trip up patch status sanity checks, so add
CVE tags to them.
Signed-off-by: Ross Burton <ross.burton at intel.com>
---
.../patch/0001-Don-t-leak-temporary-file-on-failed-ed-style-patch.patch | 1 +
.../patch/0001-Don-t-leak-temporary-file-on-failed-multi-file-ed.patch | 1 +
2 files changed, 2 insertions(+)
diff --git a/meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-ed-style-patch.patch b/meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-ed-style-patch.patch
index 9891526..78345e9 100644
--- a/meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-ed-style-patch.patch
+++ b/meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-ed-style-patch.patch
@@ -17,6 +17,7 @@ https://savannah.gnu.org/bugs/index.php?53820
Fixes: 123eaff0d5d1 ("Fix arbitrary command execution in ed-style patches (CVE-2018-1000156)")
+CVE: CVE-2018-1000156
Upstream-Status: Backport [http://git.savannah.gnu.org/cgit/patch.git/commit/?id=19599883ffb6a450d2884f081f8ecf68edbed7ee]
Signed-off-by: Anuj Mittal <anuj.mittal at intel.com>
---
diff --git a/meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-multi-file-ed.patch b/meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-multi-file-ed.patch
index d6a219a..8ffffef 100644
--- a/meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-multi-file-ed.patch
+++ b/meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-multi-file-ed.patch
@@ -17,6 +17,7 @@ https://savannah.gnu.org/bugs/index.php?53820
Fixes: 123eaff0d5d1 ("Fix arbitrary command execution in ed-style patches (CVE-2018-1000156)")
Fixes: 19599883ffb6 ("Don't leak temporary file on failed ed-style patch")
+CVE: CVE-2018-1000156
Upstream-Status: Backport [http://git.savannah.gnu.org/cgit/patch.git/commit/?id=369dcccdfa6336e5a873d6d63705cfbe04c55727]
Signed-off-by: Anuj Mittal <anuj.mittal at intel.com>
---
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Openembedded-commits
mailing list