diff options
| author |   Ross Burton <ross.burton@intel.com> | 2019-11-04 12:27:13 +0000 |
|---|---|---|
| committer |   Richard Purdie <richard.purdie@linuxfoundation.org> | 2019-11-05 10:36:19 +0000 |
| commit | 10c3af7ad8b7bb369c84c60a717bcd1358861187 (patch) | |
| tree | b9086352bc0f55c913cc848fc18d5c0790264ebe /meta/recipes-devtools/patch | |
| parent | 03591b9945bf04baca794e221b93ac66568b0609 (diff) | |
| download | openembedded-core-contrib-10c3af7ad8b7bb369c84c60a717bcd1358861187.tar.gz | |
patch: the CVE-2019-13638 fix also handles CVE-2018-20969
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/patch')
| -rw-r--r-- | meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch b/meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch index f60dfe879af..d13d419f51c 100644 --- a/meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch +++ b/meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch @@ -6,8 +6,8 @@ Subject: [PATCH] Invoke ed directly instead of using the shell * src/pch.c (do_ed_script): Invoke ed directly instead of using a shell command to avoid quoting vulnerabilities. -CVE: CVE-2019-13638 -Upstream-Status: Backport[https://git.savannah.gnu.org/cgit/patch.git/patch/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0] +CVE: CVE-2019-13638 CVE-2018-20969 +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/patch.git/patch/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0] Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> --- |