[OE-core] [PATCH 1/1] rsync (GPLv2): fix security vulnerability CVE-2007-4091
Cui, Dexuan
dexuan.cui at intel.com
Tue May 10 05:18:24 UTC 2011
Saul Wold wrote:
> On 05/09/2011 10:03 PM, He, Qing wrote:
>>> -----Original Message-----
>>> From: openembedded-core-bounces at lists.openembedded.org
>>> [mailto:openembedded-core-bounces at lists.openembedded.org] On Behalf
>>> Of Saul Wold Sent: 2011年5月10日 13:02
>>> To: Patches and discussions about the oe-core layer
>>> Subject: Re: [OE-core] [PATCH 1/1] rsync (GPLv2): fix security
>>> vulnerability CVE-2007-4091
>>>
>>> On 05/09/2011 07:54 PM, Dexuan Cui wrote:
>>>> From: Dexuan Cui<dexuan.cui at intel.com>
>>>>
>>>> Added a patch to fix
>>>> http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4091
>>>>
>>> This is missing a [YOCTO #bugid], please add and resend. (update
>>> branch
>>> is OK).
>>
>> Saul,
>> Before the other two CVEs are specifically addressed, I don't think
>> we can call a close on this bug.
>>
> Yes, that's true, but it's important to know that this patch
> addresses a part of that bug.
Hi Saul,
I added "[YOCTO #984] is partially fixed by this commit" and did "git push" just now.
Please use the same branch
http://git.pokylinux.org/cgit/cgit.cgi/poky-contrib/commit/?h=dcui/master&id=898ce2ddf774646796af5c8700130916afe6dbc1
Thanks,
-- Dexuan
More information about the Openembedded-core
mailing list