patch: backport fixes

The original fix for CVE-2018-1000156 was incomplete. Backport more fixes done later for a complete fix. Also see: https://savannah.gnu.org/bugs/index.php?53820 Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 12f9689cba740da6b8c7d9292c74c3992c2e18f2) Signed-off-by: Armin Kuster <akuster808@gmail.com>
author: Anuj Mittal <anuj.mittal@intel.com> 2019-08-21 09:58:18 +0800
committer: Armin Kuster <akuster808@gmail.com> 2019-09-24 08:28:04 -0700
commit: e2869ff2f76adb2b1ba6f003d6d02d242afe49e8 (patch)
tree: 0d88467b09037da7cb98a4ca643eac8e524d7f8d /meta/recipes-devtools/patch/patch_2.7.6.bb
parent: 308c44fd8f1d7d348c6c7cf9054f9c8403d8e8bd (diff)
download: openembedded-core-contrib-e2869ff2f76adb2b1ba6f003d6d02d242afe49e8.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/meta/recipes-devtools/patch/patch_2.7.6.bb b/meta/recipes-devtools/patch/patch_2.7.6.bb
index 8908910f74..5d7f55f8dc 100644
--- a/meta/recipes-devtools/patch/patch_2.7.6.bb
+++ b/meta/recipes-devtools/patch/patch_2.7.6.bb
@@ -8,6 +8,8 @@ SRC_URI += "file://0001-Unset-need_charset_alias-when-building-for-musl.patch \
             file://0001-Fix-swapping-fake-lines-in-pch_swap.patch \
             file://CVE-2019-13636.patch \
             file://0001-Invoke-ed-directly-instead-of-using-the-shell.patch \
+            file://0001-Don-t-leak-temporary-file-on-failed-ed-style-patch.patch \
+            file://0001-Don-t-leak-temporary-file-on-failed-multi-file-ed.patch \
 "
 
 SRC_URI[md5sum] = "4c68cee989d83c87b00a3860bcd05600"
author	Anuj Mittal <anuj.mittal@intel.com>	2019-08-21 09:58:18 +0800
committer	Armin Kuster <akuster808@gmail.com>	2019-09-24 08:28:04 -0700
commit	e2869ff2f76adb2b1ba6f003d6d02d242afe49e8 (patch)
tree	0d88467b09037da7cb98a4ca643eac8e524d7f8d /meta/recipes-devtools/patch/patch_2.7.6.bb
parent	308c44fd8f1d7d348c6c7cf9054f9c8403d8e8bd (diff)
download	openembedded-core-contrib-e2869ff2f76adb2b1ba6f003d6d02d242afe49e8.tar.gz