aboutsummaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/cpio
diff options
context:
space:
mode:
authorMariano Lopez <mariano.lopez@linux.intel.com>2016-01-08 12:03:58 +0000
committerRichard Purdie <richard.purdie@linuxfoundation.org>2016-01-11 23:23:18 +0000
commit065ebeb3e15311d0d45385e15bf557b1c95b1669 (patch)
treed62fb16062b52dc2598550515c4732f4eab0a30e /meta/recipes-extended/cpio
parent2336d1e5de671f538f0cd493b75d29e1dfdb0caf (diff)
downloadopenembedded-core-contrib-065ebeb3e15311d0d45385e15bf557b1c95b1669.tar.gz
openembedded-core-contrib-065ebeb3e15311d0d45385e15bf557b1c95b1669.tar.bz2
openembedded-core-contrib-065ebeb3e15311d0d45385e15bf557b1c95b1669.zip
Add "CVE:" tag to current patches in OE-core
The currnet patches in OE-core doesn't have the "CVE:" tag, now part of the policy of the patches. This is patch add this tag to several patches. There might be patches that I miss; the tag can be added in the future. Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Diffstat (limited to 'meta/recipes-extended/cpio')
-rw-r--r--meta/recipes-extended/cpio/cpio-2.12/0001-Fix-CVE-2015-1197.patch1
-rw-r--r--meta/recipes-extended/cpio/cpio-2.8/avoid_heap_overflow.patch1
2 files changed, 2 insertions, 0 deletions
diff --git a/meta/recipes-extended/cpio/cpio-2.12/0001-Fix-CVE-2015-1197.patch b/meta/recipes-extended/cpio/cpio-2.12/0001-Fix-CVE-2015-1197.patch
index 8f719ad8d6..5c999197ff 100644
--- a/meta/recipes-extended/cpio/cpio-2.12/0001-Fix-CVE-2015-1197.patch
+++ b/meta/recipes-extended/cpio/cpio-2.12/0001-Fix-CVE-2015-1197.patch
@@ -11,6 +11,7 @@ Author: Vitezslav Cizek <vcizek@suse.cz>
Bug-Debian: https://bugs.debian.org/774669
Upstream-Status: Pending
+CVE: CVE-2015-1197
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
diff --git a/meta/recipes-extended/cpio/cpio-2.8/avoid_heap_overflow.patch b/meta/recipes-extended/cpio/cpio-2.8/avoid_heap_overflow.patch
index 49a7cf52a6..a31573510a 100644
--- a/meta/recipes-extended/cpio/cpio-2.8/avoid_heap_overflow.patch
+++ b/meta/recipes-extended/cpio/cpio-2.8/avoid_heap_overflow.patch
@@ -1,4 +1,5 @@
Upstream-Status: Inappropriate [bugfix: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0624]
+CVE: CVE-2010-0624
This patch avoids heap overflow reported by :
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0624