diff options
| author | Mariano Lopez <mariano.lopez@linux.intel.com> | 2016-01-08 12:03:58 +0000 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-01-11 23:26:32 +0000 |
| commit | e5c011b041dc27cdfeb840b6933dcb9752886bb9 (patch) | |
| tree | 3737c18bbdaf971699c800e8983b25ae29db6fc9 /meta/recipes-devtools/rsync | |
| parent | f04fb8806c75fa7eb9d139c4daaae2de6da6e1ea (diff) | |
| download | poky-e5c011b041dc27cdfeb840b6933dcb9752886bb9.tar.gz | |
Add "CVE:" tag to current patches in OE-core
The currnet patches in OE-core doesn't have the "CVE:"
tag, now part of the policy of the patches.
This is patch add this tag to several patches. There might
be patches that I miss; the tag can be added in the future.
(From OE-Core rev: 065ebeb3e15311d0d45385e15bf557b1c95b1669)
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/rsync')
3 files changed, 3 insertions, 0 deletions
diff --git a/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch b/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch index f054452f37..bea325ea05 100644 --- a/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch +++ b/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch | |||
| @@ -1,4 +1,5 @@ | |||
| 1 | Upstream-Status: Backport [ The patch is rsync-2.6.9 specific ] | 1 | Upstream-Status: Backport [ The patch is rsync-2.6.9 specific ] |
| 2 | CVE: CVE-2007-4091 | ||
| 2 | 3 | ||
| 3 | The patch is from https://issues.rpath.com/browse/RPL-1647 and is used to | 4 | The patch is from https://issues.rpath.com/browse/RPL-1647 and is used to |
| 4 | address http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4091 | 5 | address http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4091 |
diff --git a/meta/recipes-devtools/rsync/rsync-3.1.1/0001-Complain-if-an-inc-recursive-path-is-not-right-for-i.patch b/meta/recipes-devtools/rsync/rsync-3.1.1/0001-Complain-if-an-inc-recursive-path-is-not-right-for-i.patch index 5ece5420a3..19e7f39167 100644 --- a/meta/recipes-devtools/rsync/rsync-3.1.1/0001-Complain-if-an-inc-recursive-path-is-not-right-for-i.patch +++ b/meta/recipes-devtools/rsync/rsync-3.1.1/0001-Complain-if-an-inc-recursive-path-is-not-right-for-i.patch | |||
| @@ -6,6 +6,7 @@ Subject: [PATCH] Complain if an inc-recursive path is not right for its dir. | |||
| 6 | trasnfer path. | 6 | trasnfer path. |
| 7 | 7 | ||
| 8 | Upstream-Status: BackPort | 8 | Upstream-Status: BackPort |
| 9 | CVE: CVE-2014-9512 | ||
| 9 | 10 | ||
| 10 | Fix the CVE-2014-9512, rsync 3.1.1 allows remote attackers to write to arbitrary | 11 | Fix the CVE-2014-9512, rsync 3.1.1 allows remote attackers to write to arbitrary |
| 11 | files via a symlink attack on a file in the synchronization path. | 12 | files via a symlink attack on a file in the synchronization path. |
diff --git a/meta/recipes-devtools/rsync/rsync-3.1.1/rsync.git-eac858085.patch b/meta/recipes-devtools/rsync/rsync-3.1.1/rsync.git-eac858085.patch index 1fcac490ae..c86f478ef1 100644 --- a/meta/recipes-devtools/rsync/rsync-3.1.1/rsync.git-eac858085.patch +++ b/meta/recipes-devtools/rsync/rsync-3.1.1/rsync.git-eac858085.patch | |||
| @@ -5,6 +5,7 @@ Subject: [PATCH 1/1] Add compat flag to allow proper seed checksum order. | |||
| 5 | Fixes the equivalent of librsync's CVE-2014-8242 issue. | 5 | Fixes the equivalent of librsync's CVE-2014-8242 issue. |
| 6 | 6 | ||
| 7 | Upstream-Status: Backport | 7 | Upstream-Status: Backport |
| 8 | CVE: CVE-2014-8242 | ||
| 8 | 9 | ||
| 9 | Signed-off-by: Roy Li <rongqing.li@windriver.com> | 10 | Signed-off-by: Roy Li <rongqing.li@windriver.com> |
| 10 | --- | 11 | --- |