[oe] [Openembedded-users] Problem with patch version 2.6.1-7 and after
Tom Rini
tom_rini at mentor.com
Wed Mar 16 17:08:00 UTC 2011
On 03/16/2011 07:03 AM, Terry Barnaby wrote:
[snip]
> Hi,
>
> ### Forwarded to openembedded-devel ###
>
> We are using Fedora14. That is using patch 2.6.1-8.
>
> The -8 release includes the following patches to patch.
> Patch1: patch-2.5.4-sigsegv.patch
> Patch2: patch-get-arg.patch
> Patch3: patch-CVE-2010-4651.patch
> Patch100: patch-selinux.patch
>
> I think one of those fixes a security issue in patch where ".." in
> path names were allowed. With this version of patch (which I assume
> will become standard ?) the OpenEmbedded fails.
> Any ideas on a way to get around this (ideally without using a
> different patch version :) )
So, there's a lot of recipes with patches with .. in the path:
openembedded$ git grep -lE "^---.*[^.]\.\.\/" recipes/ | wc -l
80
Some of these will be easy fixups (first one I peeked at we can just
change the patch and not have to modify the recipe) but others like the
tcl one will require a little thought.
--
Tom Rini
Mentor Graphics Corporation
More information about the Openembedded-devel
mailing list