aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRoss Burton <ross.burton@intel.com>2019-11-04 12:27:13 +0000
committerArmin Kuster <akuster808@gmail.com>2019-11-11 20:49:54 -0800
commitfec797a6ae981efa81896fd915933621699bca4e (patch)
tree74636179250db68de02450b9b6eeb8e78621ff44
parent1c09e45f966d553f1fea3795ef9122dd9957be67 (diff)
downloadopenembedded-core-contrib-fec797a6ae981efa81896fd915933621699bca4e.tar.gz
openembedded-core-contrib-fec797a6ae981efa81896fd915933621699bca4e.tar.bz2
openembedded-core-contrib-fec797a6ae981efa81896fd915933621699bca4e.zip
patch: the CVE-2019-13638 fix also handles CVE-2018-20969
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
-rw-r--r--meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch4
1 files changed, 2 insertions, 2 deletions
diff --git a/meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch b/meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch
index f60dfe879af..d13d419f51c 100644
--- a/meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch
+++ b/meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch
@@ -6,8 +6,8 @@ Subject: [PATCH] Invoke ed directly instead of using the shell
* src/pch.c (do_ed_script): Invoke ed directly instead of using a shell
command to avoid quoting vulnerabilities.
-CVE: CVE-2019-13638
-Upstream-Status: Backport[https://git.savannah.gnu.org/cgit/patch.git/patch/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0]
+CVE: CVE-2019-13638 CVE-2018-20969
+Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/patch.git/patch/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0]
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
---