summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/cpio/cpio_2.11.bb
diff options
context:
space:
mode:
authorRobert Yang <liezhi.yang@windriver.com>2015-03-26 02:18:09 -0700
committerRichard Purdie <richard.purdie@linuxfoundation.org>2015-03-31 22:23:11 +0100
commit3837f294227f8d12fd9d954bf1a44dd65b2df1e0 (patch)
treebe4b4b8bb2913b585941e7019bec88257364309a /meta/recipes-extended/cpio/cpio_2.11.bb
parentc35aba339aa3ecc0c7b15c8423e81a9c9bca037b (diff)
downloadpoky-3837f294227f8d12fd9d954bf1a44dd65b2df1e0.tar.gz
cpio: fix CVE-2015-1197
Additional directory traversal vulnerability via symlinks cpio CVE-2015-1197 Initial report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774669 Upstream report: https://lists.gnu.org/archive/html/bug-cpio/2015-01/msg00000.html And fix the indent in SRC_URI. [YOCTO #7182] (From OE-Core rev: af18ce070bd1c73f3619d6370928fe7e2e06ff5e) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended/cpio/cpio_2.11.bb')
-rw-r--r--meta/recipes-extended/cpio/cpio_2.11.bb3
1 files changed, 2 insertions, 1 deletions
diff --git a/meta/recipes-extended/cpio/cpio_2.11.bb b/meta/recipes-extended/cpio/cpio_2.11.bb
index c42db6f352..053888f1c0 100644
--- a/meta/recipes-extended/cpio/cpio_2.11.bb
+++ b/meta/recipes-extended/cpio/cpio_2.11.bb
@@ -6,7 +6,8 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=f27defe1e96c2e1ecd4e0c9be8967949"
6PR = "r5" 6PR = "r5"
7 7
8SRC_URI += "file://remove-gets.patch \ 8SRC_URI += "file://remove-gets.patch \
9 file://fix-memory-overrun.patch \ 9 file://fix-memory-overrun.patch \
10 file://cpio-CVE-2015-1197.patch \
10 " 11 "
11 12
12SRC_URI[md5sum] = "1112bb6c45863468b5496ba128792f6c" 13SRC_URI[md5sum] = "1112bb6c45863468b5496ba128792f6c"
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-11-15 11:31:11 +0000