summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRoss Burton <ross.burton@intel.com>2018-11-09 16:28:36 +0000
committerRichard Purdie <richard.purdie@linuxfoundation.org>2018-11-09 17:46:10 +0000
commitd8e1b7afc536f989e7e6efdab0998d54f26ad1f6 (patch)
tree73baf56bd56f29adf849c0177cbb2c29e0a959f7
parente97a31e6bbaec5cb56d4750bf5171dbba510ee33 (diff)
downloadopenembedded-core-d8e1b7afc536f989e7e6efdab0998d54f26ad1f6.tar.gz
unzip: actually apply CVE-2018-18384
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-extended/unzip/unzip_6.0.bb1
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-extended/unzip/unzip_6.0.bb b/meta/recipes-extended/unzip/unzip_6.0.bb
index b9d87dd639..daba722722 100644
--- a/meta/recipes-extended/unzip/unzip_6.0.bb
+++ b/meta/recipes-extended/unzip/unzip_6.0.bb
@@ -21,6 +21,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/infozip/UnZip%206.x%20%28latest%29/UnZip%206.0/
file://19-cve-2016-9844-zipinfo-buffer-overflow.patch \
file://symlink.patch \
file://0001-unzip-fix-CVE-2018-1000035.patch \
+ file://CVE-2018-18384.patch \
"
UPSTREAM_VERSION_UNKNOWN = "1"