patch: the CVE-2019-13638 fix also handles CVE-2018-20969

(From OE-Core rev: fec797a6ae981efa81896fd915933621699bca4e) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Ross Burton <ross.burton@intel.com> 2019-11-04 12:27:13 +0000
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2019-11-18 14:42:13 +0000
commit: e612e9c9337eff7f6b560b50c6c4a549367d1613 (patch)
tree: 4f8c9d6d3ac9de3a3944b6e0a6c2e22493fe2edb
parent: bf363493fec990eaf7577769f1862d439404bd10 (diff)
download: poky-e612e9c9337eff7f6b560b50c6c4a549367d1613.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch b/meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch
index f60dfe879a..d13d419f51 100644
--- a/meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch
+++ b/meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch
@@ -6,8 +6,8 @@ Subject: [PATCH] Invoke ed directly instead of using the shell
 * src/pch.c (do_ed_script): Invoke ed directly instead of using a shell
 command to avoid quoting vulnerabilities.
-CVE: CVE-2019-13638
+CVE: CVE-2019-13638 CVE-2018-20969
-Upstream-Status: Backport[https://git.savannah.gnu.org/cgit/patch.git/patch/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0]
+Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/patch.git/patch/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0]
 Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
 ---
author	Ross Burton <ross.burton@intel.com>	2019-11-04 12:27:13 +0000
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2019-11-18 14:42:13 +0000
commit	e612e9c9337eff7f6b560b50c6c4a549367d1613 (patch)
tree	4f8c9d6d3ac9de3a3944b6e0a6c2e22493fe2edb
parent	bf363493fec990eaf7577769f1862d439404bd10 (diff)
download	poky-e612e9c9337eff7f6b560b50c6c4a549367d1613.tar.gz

diff --git a/meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch b/meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch index f60dfe879a..d13d419f51 100644 --- a/meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch +++ b/meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch
@@ -6,8 +6,8 @@ Subject: [PATCH] Invoke ed directly instead of using the shell
6	* src/pch.c (do_ed_script): Invoke ed directly instead of using a shell	6	* src/pch.c (do_ed_script): Invoke ed directly instead of using a shell
7	command to avoid quoting vulnerabilities.	7	command to avoid quoting vulnerabilities.
8		8
9	CVE: CVE-2019-13638	9	CVE: CVE-2019-13638 CVE-2018-20969
10	Upstream-Status: Backport[https://git.savannah.gnu.org/cgit/patch.git/patch/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0]	10	Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/patch.git/patch/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0]
11	Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>	11	Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
12		12
13	---	13	---