summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorScott Murray <scott.murray@konsulko.com>2020-12-30 17:44:17 -0500
committerSteve Sakoman <steve@sakoman.com>2021-01-04 04:50:23 -1000
commitd686a3eb928d316a4e53979fda48b205ba9104bc (patch)
treef67e2e6315d00e65974242b7b356aae0ed76644c
parent710aa67534d569a19fbe371e87e758bb08499ecc (diff)
downloadopenembedded-core-d686a3eb928d316a4e53979fda48b205ba9104bc.tar.gz
openembedded-core-d686a3eb928d316a4e53979fda48b205ba9104bc.tar.bz2
openembedded-core-d686a3eb928d316a4e53979fda48b205ba9104bc.zip
grub: fix "CVE:" line in one of the patches
The "CVE:" line in the patch for CVEs 2020-14309, CVE-2020-14310, and CVE-2020-14311 had commas between the CVE numbers, which resulted in CVE-2020-14310 not being picked up as patched by cve-check.bbclass's parsing. Remove the commas to match cve-check.bbclass's expectations. Signed-off-by: Scott Murray <scott.murray@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 396d5c0f9cffa4b54ae94738b1ef2b6fb545f082) Signed-off-by: Steve Sakoman <steve@sakoman.com>
-rw-r--r--meta/recipes-bsp/grub/files/CVE-2020-14309-CVE-2020-14310-CVE-2020-14311-malloc-Use-overflow-checking-primitives-where-we-do-.patch2
1 files changed, 1 insertions, 1 deletions
diff --git a/meta/recipes-bsp/grub/files/CVE-2020-14309-CVE-2020-14310-CVE-2020-14311-malloc-Use-overflow-checking-primitives-where-we-do-.patch b/meta/recipes-bsp/grub/files/CVE-2020-14309-CVE-2020-14310-CVE-2020-14311-malloc-Use-overflow-checking-primitives-where-we-do-.patch
index 896a2145d4..7214ead9a7 100644
--- a/meta/recipes-bsp/grub/files/CVE-2020-14309-CVE-2020-14310-CVE-2020-14311-malloc-Use-overflow-checking-primitives-where-we-do-.patch
+++ b/meta/recipes-bsp/grub/files/CVE-2020-14309-CVE-2020-14310-CVE-2020-14311-malloc-Use-overflow-checking-primitives-where-we-do-.patch
@@ -30,7 +30,7 @@ Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Upstream-Status: Backport
-CVE: CVE-2020-14309, CVE-2020-14310, CVE-2020-14311
+CVE: CVE-2020-14309 CVE-2020-14310 CVE-2020-14311
Reference to upstream patch:
https://git.savannah.gnu.org/cgit/grub.git/commit/?id=3f05d693d1274965ffbe4ba99080dc2c570944c6