summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/cpio/cpio_2.11.bb
diff options
context:
space:
mode:
authorSona Sarmadi <sona.sarmadi@enea.com>2015-08-12 15:00:03 +0200
committerSona Sarmadi <sona.sarmadi@enea.com>2015-08-12 15:00:03 +0200
commit07b699ab37025d33af04fb20236ec5eca02f6018 (patch)
tree1c62ed2efaa2b54feaa7cb2227cd53ee84226812 /meta/recipes-extended/cpio/cpio_2.11.bb
parent03a7b1cc92344992b6048b6a0a5f0682de7ecc2a (diff)
downloadpoky-07b699ab37025d33af04fb20236ec5eca02f6018.tar.gz
cpio: fix CVE-2015-1197
Fixes directory traversal vulnerability via symlinks Initial report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774669 Upstream report: https://lists.gnu.org/archive/html/bug-cpio/2015-01/msg00000.html Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1197 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Diffstat (limited to 'meta/recipes-extended/cpio/cpio_2.11.bb')
-rw-r--r--meta/recipes-extended/cpio/cpio_2.11.bb1
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-extended/cpio/cpio_2.11.bb b/meta/recipes-extended/cpio/cpio_2.11.bb
index 0220e8cd4a..b248bb7135 100644
--- a/meta/recipes-extended/cpio/cpio_2.11.bb
+++ b/meta/recipes-extended/cpio/cpio_2.11.bb
@@ -7,6 +7,7 @@ PR = "r4"
7 7
8SRC_URI += "file://remove-gets.patch \ 8SRC_URI += "file://remove-gets.patch \
9 file://fix-memory-overrun.patch \ 9 file://fix-memory-overrun.patch \
10 file://cpio-CVE-2015-1197.patch \
10 " 11 "
11 12
12SRC_URI[md5sum] = "1112bb6c45863468b5496ba128792f6c" 13SRC_URI[md5sum] = "1112bb6c45863468b5496ba128792f6c"
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-06 07:15:46 +0000