diff options
author | Minjae Kim <flowergom@gmail.com> | 2021-03-27 14:15:38 +0900 |
---|---|---|
committer | Anuj Mittal <anuj.mittal@intel.com> | 2021-04-09 13:22:56 +0800 |
commit | 51450bb2a1cce636258c207d52696e436daa5097 (patch) | |
tree | eb803a0852ab9f29e6ce3cad9c96267a5174929d /meta/recipes-devtools/git/git.inc | |
parent | eaf4548a58d1b926b38beab28d75f8710c8b078a (diff) | |
download | openembedded-core-contrib-51450bb2a1cce636258c207d52696e436daa5097.tar.gz |
git: fix CVE-2021-21300
checkout: fix bug that makes checkout follow symlinks in leading path
Upstream-Status: Acepted [https://github.com/git/git/commit/684dd4c2b414bcf648505e74498a608f28de4592]
CVE: CVE-2021-21300
Signed-off-by: Minjae Kim <flowergom@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Diffstat (limited to 'meta/recipes-devtools/git/git.inc')
-rw-r--r-- | meta/recipes-devtools/git/git.inc | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/meta/recipes-devtools/git/git.inc b/meta/recipes-devtools/git/git.inc index 586a305b27..3e78254eec 100644 --- a/meta/recipes-devtools/git/git.inc +++ b/meta/recipes-devtools/git/git.inc @@ -8,7 +8,9 @@ PROVIDES_append_class-native = " git-replacement-native" SRC_URI = "${KERNELORG_MIRROR}/software/scm/git/git-${PV}.tar.gz;name=tarball \ ${KERNELORG_MIRROR}/software/scm/git/git-manpages-${PV}.tar.gz;name=manpages \ - file://fixsort.patch" + file://fixsort.patch \ + file://CVE-2021-21300.patch \ +" S = "${WORKDIR}/git-${PV}" |