diff options
author | Minjae Kim <flowergom@gmail.com> | 2021-03-27 12:11:12 +0900 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2021-03-31 00:05:43 +0100 |
commit | 1b680f6aca14c92d03d32c4974292788140d7a65 (patch) | |
tree | 2e86fc73313cb721a412b15577cbb66d23e25bca /meta/recipes-devtools/git/git.inc | |
parent | 20a5af2583de60969124b4dc15e045ee47516da4 (diff) | |
download | openembedded-core-contrib-1b680f6aca14c92d03d32c4974292788140d7a65.tar.gz |
git: fix CVE-2021-21300
checkout: fix bug that makes checkout follow symlinks in leading path
Upstream-Status: Acepted [https://github.com/git/git/commit/684dd4c2b414bcf648505e74498a608f28de4592]
CVE: CVE-2021-21300
Signed-off-by: Minjae Kim <flowergom@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/git/git.inc')
-rw-r--r-- | meta/recipes-devtools/git/git.inc | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/meta/recipes-devtools/git/git.inc b/meta/recipes-devtools/git/git.inc index 0cc40b9378..fb1dddc011 100644 --- a/meta/recipes-devtools/git/git.inc +++ b/meta/recipes-devtools/git/git.inc @@ -9,7 +9,9 @@ PROVIDES_append_class-native = " git-replacement-native" SRC_URI = "${KERNELORG_MIRROR}/software/scm/git/git-${PV}.tar.gz;name=tarball \ ${KERNELORG_MIRROR}/software/scm/git/git-manpages-${PV}.tar.gz;name=manpages \ - file://fixsort.patch" + file://fixsort.patch \ + file://CVE-2021-21300.patch \ +" S = "${WORKDIR}/git-${PV}" |