diff options
author | Mariano Lopez <mariano.lopez@linux.intel.com> | 2016-01-08 12:03:58 +0000 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-01-11 23:23:18 +0000 |
commit | 065ebeb3e15311d0d45385e15bf557b1c95b1669 (patch) | |
tree | d62fb16062b52dc2598550515c4732f4eab0a30e /meta/recipes-support | |
parent | 2336d1e5de671f538f0cd493b75d29e1dfdb0caf (diff) | |
download | openembedded-core-065ebeb3e15311d0d45385e15bf557b1c95b1669.tar.gz |
Add "CVE:" tag to current patches in OE-core
The currnet patches in OE-core doesn't have the "CVE:"
tag, now part of the policy of the patches.
This is patch add this tag to several patches. There might
be patches that I miss; the tag can be added in the future.
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Diffstat (limited to 'meta/recipes-support')
7 files changed, 7 insertions, 0 deletions
diff --git a/meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4242.patch b/meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4242.patch index c9addca28e..f0667741c8 100644 --- a/meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4242.patch +++ b/meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4242.patch @@ -11,6 +11,7 @@ git://git.gnupg.org/libgcrypt.git exponents in secure memory. Upstream-Status: Backport +CVE: CVE-2013-4242 Signed-off-by: Kai Kang <kai.kang@windriver.com> -- diff --git a/meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4351.patch b/meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4351.patch index b29ede4233..b50a32f40c 100644 --- a/meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4351.patch +++ b/meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4351.patch @@ -1,4 +1,5 @@ Upstream-Status: Backport +CVE: CVE-2013-4351 Index: gnupg-1.4.7/g10/getkey.c =================================================================== diff --git a/meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4576.patch b/meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4576.patch index b1a22f5853..5dcde1f9cb 100644 --- a/meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4576.patch +++ b/meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4576.patch @@ -1,4 +1,5 @@ Upstream-Status: Backport +CVE: CVE-2013-4576 Index: gnupg-1.4.7/cipher/dsa.c =================================================================== diff --git a/meta/recipes-support/gnupg/gnupg-1.4.7/GnuPG1-CVE-2012-6085.patch b/meta/recipes-support/gnupg/gnupg-1.4.7/GnuPG1-CVE-2012-6085.patch index 8b5d9a1693..362717636b 100644 --- a/meta/recipes-support/gnupg/gnupg-1.4.7/GnuPG1-CVE-2012-6085.patch +++ b/meta/recipes-support/gnupg/gnupg-1.4.7/GnuPG1-CVE-2012-6085.patch @@ -17,6 +17,7 @@ Date: Thu Dec 20 09:43:41 2012 +0100 (cherry-picked from commit f795a0d59e197455f8723c300eebf59e09853efa) Upstream-Status: Backport +CVE: CVE-2012-6085 Signed-off-by: Saul Wold <sgw@linux.intel.com> diff --git a/meta/recipes-support/libxslt/libxslt/CVE-2015-7995.patch b/meta/recipes-support/libxslt/libxslt/CVE-2015-7995.patch index e4d09c2ac7..f4113efba9 100644 --- a/meta/recipes-support/libxslt/libxslt/CVE-2015-7995.patch +++ b/meta/recipes-support/libxslt/libxslt/CVE-2015-7995.patch @@ -8,6 +8,7 @@ We need to check that the parent node is an element before dereferencing its namespace Upstream-Status: Backport +CVE: CVE-2015-7995 https://git.gnome.org/browse/libxslt/commit/?id=7ca19df892ca22d9314e95d59ce2abdeff46b617 diff --git a/meta/recipes-support/libyaml/files/libyaml-CVE-2014-9130.patch b/meta/recipes-support/libyaml/files/libyaml-CVE-2014-9130.patch index 3c4a00ef3e..61fa7e5692 100644 --- a/meta/recipes-support/libyaml/files/libyaml-CVE-2014-9130.patch +++ b/meta/recipes-support/libyaml/files/libyaml-CVE-2014-9130.patch @@ -10,6 +10,7 @@ The patch comes from https://bitbucket.org/xi/libyaml/commits/2b9156756423e967cfd09a61d125d883fca6f4f2 Upstream-Status: Backport +CVE: CVE-2014-9130 Signed-off-by: Yue Tao <yue.tao@windriver.com> diff --git a/meta/recipes-support/vte/vte-0.28.2/cve-2012-2738.patch b/meta/recipes-support/vte/vte-0.28.2/cve-2012-2738.patch index 2407771804..9b9980397a 100644 --- a/meta/recipes-support/vte/vte-0.28.2/cve-2012-2738.patch +++ b/meta/recipes-support/vte/vte-0.28.2/cve-2012-2738.patch @@ -1,4 +1,5 @@ Upstream-Status: Backport +CVE: CVE-2012-2738 Signed-off-by: Ross Burton <ross.burton@intel.com> From e524b0b3bd8fad844ffa73927c199545b892cdbd Mon Sep 17 00:00:00 2001 |