polkit: fix overlapping changes in recent CVE patches - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Ralph Siemsen <ralph.siemsen@linaro.org>	2022-04-06 14:17:39 -0400
committer	Armin Kuster <akuster808@gmail.com>	2022-04-18 07:37:42 -0700
commit	aa316ee2bbf631698369bf174cea259f18416a11 (patch)
tree	1e05bb95fcf72b709d82cd7c80c6f0a76772d7bc /meta-python/recipes-devtools/python/python3-cryptography/0003-correct-buffer-overflows-cause-by-integer-overflow-i.patch
parent	5cdde2991e72ba89fd22d9dabb8f5151964d0098 (diff)
download	meta-openembedded-aa316ee2bbf631698369bf174cea259f18416a11.tar.gz

polkit: fix overlapping changes in recent CVE patches

Commit 17e931e77 ("polkit: fix CVE-2021-3560") contains - upstream commit a04d13affe0fa53ff618e07aa8f57f4c0e3b9b81 Commit 67ec3e049 ("polkit: Fix for CVE-2021-4115") contains both: - upstream commit a04d13affe0fa53ff618e07aa8f57f4c0e3b9b81 (CVE-2021-3560) - upstream commit 41cb093f554da8772362654a128a84dd8a5542a7 (CVE-2021-4115) Thus the fix for CVE-2021-3560 is applied twice, resulting in warnings during do_patch. Curiously it neither fails nor complains about patch already applied. Also devtool silently discards the duplicate patch. Drop the duplicate patch, to resolve following warnings: WARNING: polkit-0.116-r0 do_patch: Fuzz detected: Applying patch 0001-GHSL-2021-074-authentication-bypass-vulnerability-in.patch patching file src/polkit/polkitsystembusname.c Hunk #1 succeeded at 438 with fuzz 2 (offset 3 lines). Applying patch CVE-2021-4115.patch patching file src/polkit/polkitsystembusname.c Hunk #4 succeeded at 439 with fuzz 2. Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>

Diffstat (limited to 'meta-python/recipes-devtools/python/python3-cryptography/0003-correct-buffer-overflows-cause-by-integer-overflow-i.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: