]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 65276d6) | patch
busybox: remove CVE-2014-9645 patch (already upstream in 1.23.x)
authorAndre McCurdy <armccurdy@gmail.com>
Wed, 15 Apr 2015 02:53:53 +0000 (19:53 -0700)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Fri, 15 May 2015 17:12:07 +0000 (18:12 +0100)
commitef1748f26ab246d893f51141caa24dd4ae6b5ec0
treed7e25699c61a953c786e8eb9109aab5ed4229aa9tree | snapshot
parent65276d62f655926a82a17f02bb3a4ae0f08e6518commit | diff
busybox: remove CVE-2014-9645 patch (already upstream in 1.23.x)

The CVE-2014-9645 fix was merged in Busybox prior to the 1.23.0
release [1]. The fix was then reworked in Busybox 1.23.1, in such
a way that the original change was no longer required [2].

Although oe-core's CVE-2014-9645 patch still applies cleanly to
Busybox 1.23.1 and 1.23.2, applying it partially reverts the second
version of the upstream fix.

  [1] http://git.busybox.net/busybox/commit/modutils/modprobe.c?h=1_23_stable&id=4e314faa0aecb66717418e9a47a4451aec59262b
  [2] http://git.busybox.net/busybox/commit/modutils/modprobe.c?h=1_23_stable&id=1ecfe811fe2f70380170ef7d820e8150054e88ca

(From OE-Core master rev: a753d3d8884b96baad5ed1a03335a81586420b86)

Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-core/busybox/busybox/CVE-2014-9645_busybox_reject_module_names_with_slashes.patch [deleted file] blob | history
meta/recipes-core/busybox/busybox_1.23.1.bb diff | blob | history
Mirror of the official openembedded-core repository