diff options
author | Minjae Kim <flowergom@gmail.com> | 2021-03-27 15:21:39 +0900 |
---|---|---|
committer | Steve Sakoman <steve@sakoman.com> | 2021-03-29 07:59:51 -1000 |
commit | 8293d5d1529629bd13028bdde1fa99da30313bac (patch) | |
tree | 5a3764c27611b9da120391490dec3e2a90c8b9f9 /meta/recipes-devtools/git/git.inc | |
parent | 3c78000aaf8e4ee8ffb7674f5c286e2c110f167b (diff) | |
download | openembedded-core-8293d5d1529629bd13028bdde1fa99da30313bac.tar.gz |
git: fix CVE-2021-21300
checkout: fix bug that makes checkout follow symlinks in leading path
Upstream-Status: Acepted [https://github.com/git/git/commit/684dd4c2b414bcf648505e74498a608f28de4592]
CVE: CVE-2021-21300
Signed-off-by: Minjae Kim <flowergom@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat (limited to 'meta/recipes-devtools/git/git.inc')
-rw-r--r-- | meta/recipes-devtools/git/git.inc | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/meta/recipes-devtools/git/git.inc b/meta/recipes-devtools/git/git.inc index ae463061d8..738a429875 100644 --- a/meta/recipes-devtools/git/git.inc +++ b/meta/recipes-devtools/git/git.inc @@ -8,7 +8,9 @@ DEPENDS = "openssl curl zlib expat" PROVIDES_append_class-native = " git-replacement-native" SRC_URI = "${KERNELORG_MIRROR}/software/scm/git/git-${PV}.tar.gz;name=tarball \ - ${KERNELORG_MIRROR}/software/scm/git/git-manpages-${PV}.tar.gz;name=manpages" + ${KERNELORG_MIRROR}/software/scm/git/git-manpages-${PV}.tar.gz;name=manpages \ + file://CVE-2021-21300.patch \ +" S = "${WORKDIR}/git-${PV}" |