]> Git Repo - buildroot-mgba.git/commit
projects / buildroot-mgba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 265aee8) | patch
patch: add upstream security fix
authorBaruch Siach <[email protected]>
Mon, 9 Apr 2018 16:20:36 +0000 (19:20 +0300)
committerThomas Petazzoni <[email protected]>
Mon, 9 Apr 2018 18:59:02 +0000 (20:59 +0200)
commitf4a4df2084b923f29eca2130976ca10a7aa6b719
tree61af17ff06c91879849ddbaad41b59c532e8b6c4tree | snapshot
parent265aee8c51718fe7370a3dbc91048ff60eb5909ccommit | diff
patch: add upstream security fix

Fixes CVE-2018-1000156: arbitrary command execution in ed-style patches.

Depend on MMU for now, because the patch adds a fork() call. Upstream
later switched to gnulib provided execute(), so this dependency can be
dropped on the next version bump.

Signed-off-by: Baruch Siach <[email protected]>
Signed-off-by: Thomas Petazzoni <[email protected]>
package/patch/0002-Allow-input-files-to-be-missing-for-ed-style-patches.patch [new file with mode: 0644] blob
package/patch/0003-Fix-arbitrary-command-execution-in-ed-style-patches-.patch [new file with mode: 0644] blob
package/patch/Config.in diff | blob | blame | history
Empty description
This page took 0.0351 seconds and 4 git commands to generate.