[OE-core] [PATCH] unzip: fix CVE-2018-1000035
Konstantin Shemyak
konstantin.shemyak at ge.com
Wed Aug 15 11:08:17 UTC 2018
On 15.8.2018 12:43 changqing.li at windriver.com wrote:
[...]
> +++
> b/meta/recipes-extended/unzip/unzip/0001-unzip-fix-CVE-2018-1000035.patch
> @@ -0,0 +1,46 @@
> +From 349f566e6e757458843fa164a0f0584280e1501e Mon Sep 17 00:00:00
> 2001
> +From: Changqing Li <changqing.li at windriver.com>
> +Date: Wed, 15 Aug 2018 16:20:53 +0800
> +Subject: [PATCH] unzip: fix CVE-2018-1000035
> +
> +Upstream-Status: Backport
> +
> +backport from unzip6.10c23
> +
> +Signed-off-by: Changqing Li <changqing.li at windriver.com>
> +---
Would you please add a line:
CVE: CVE-2018-1000035
somewhere after "Upstream-Status:" to let the automatic CVE checker
detect that this patch solves this particular CVE.
Konstantin Shemyak.
More information about the Openembedded-core
mailing list