diff options
Diffstat (limited to 'meta/recipes-devtools/rsync')
3 files changed, 3 insertions, 0 deletions
diff --git a/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch b/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch index f054452f37..bea325ea05 100644 --- a/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch +++ b/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch @@ -1,4 +1,5 @@ Upstream-Status: Backport [ The patch is rsync-2.6.9 specific ] +CVE: CVE-2007-4091 The patch is from https://issues.rpath.com/browse/RPL-1647 and is used to address http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4091 diff --git a/meta/recipes-devtools/rsync/rsync-3.1.1/0001-Complain-if-an-inc-recursive-path-is-not-right-for-i.patch b/meta/recipes-devtools/rsync/rsync-3.1.1/0001-Complain-if-an-inc-recursive-path-is-not-right-for-i.patch index 5ece5420a3..19e7f39167 100644 --- a/meta/recipes-devtools/rsync/rsync-3.1.1/0001-Complain-if-an-inc-recursive-path-is-not-right-for-i.patch +++ b/meta/recipes-devtools/rsync/rsync-3.1.1/0001-Complain-if-an-inc-recursive-path-is-not-right-for-i.patch @@ -6,6 +6,7 @@ Subject: [PATCH] Complain if an inc-recursive path is not right for its dir. trasnfer path. Upstream-Status: BackPort +CVE: CVE-2014-9512 Fix the CVE-2014-9512, rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path. diff --git a/meta/recipes-devtools/rsync/rsync-3.1.1/rsync.git-eac858085.patch b/meta/recipes-devtools/rsync/rsync-3.1.1/rsync.git-eac858085.patch index 1fcac490ae..c86f478ef1 100644 --- a/meta/recipes-devtools/rsync/rsync-3.1.1/rsync.git-eac858085.patch +++ b/meta/recipes-devtools/rsync/rsync-3.1.1/rsync.git-eac858085.patch @@ -5,6 +5,7 @@ Subject: [PATCH 1/1] Add compat flag to allow proper seed checksum order. Fixes the equivalent of librsync's CVE-2014-8242 issue. Upstream-Status: Backport +CVE: CVE-2014-8242 Signed-off-by: Roy Li <rongqing.li@windriver.com> --- |