]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: a40309f) | patch
busybox: remove CVE-2014-9645 patch (already upstream in 1.23.x)
authorAndre McCurdy <armccurdy@gmail.com>
Wed, 15 Apr 2015 02:53:53 +0000 (19:53 -0700)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Sun, 19 Apr 2015 12:34:04 +0000 (13:34 +0100)
commita753d3d8884b96baad5ed1a03335a81586420b86
tree8a20ae0bf834c94e0cc06cbd4cf4eb1d76885efctree | snapshot
parenta40309f284805e8cda024f7299a676cfdf8f97a5commit | diff
busybox: remove CVE-2014-9645 patch (already upstream in 1.23.x)

The CVE-2014-9645 fix was merged in Busybox prior to the 1.23.0
release [1]. The fix was then reworked in Busybox 1.23.1, in such
a way that the original change was no longer required [2].

Although oe-core's CVE-2014-9645 patch still applies cleanly to
Busybox 1.23.1 and 1.23.2, applying it partially reverts the second
version of the upstream fix.

  [1] http://git.busybox.net/busybox/commit/modutils/modprobe.c?h=1_23_stable&id=4e314faa0aecb66717418e9a47a4451aec59262b
  [2] http://git.busybox.net/busybox/commit/modutils/modprobe.c?h=1_23_stable&id=1ecfe811fe2f70380170ef7d820e8150054e88ca

Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-core/busybox/busybox/CVE-2014-9645_busybox_reject_module_names_with_slashes.patch [deleted file] blob | history
meta/recipes-core/busybox/busybox_1.23.2.bb diff | blob | history
Mirror of the official openembedded-core repository