[OE-core] [PATCH 0/2] Fixes rpm: CVE-2014-8118 & CVE-2013-6435
leonardo.sandoval.gonzalez at linux.intel.com
leonardo.sandoval.gonzalez at linux.intel.com
Thu Jun 11 07:45:45 UTC 2015
From: Leonardo Sandoval <leonardo.sandoval.gonzalez at linux.intel.com>
Backport fixes for rpm: CVE-2014-8118 & CVE-2013-6435
These two patches only apply on RPM 4.11.2 (already present on RPM 5.4.*).
https://bugzilla.yoctoproject.org/show_bug.cgi?id=7181
The following changes since commit 062678c4ab88fa94ed38efa6520c3b4e2d88ca73:
sysvinit: Only enable recipe in builds where its applicable (2015-06-10 12:03:19 +0100)
are available in the git repository at:
git://git.yoctoproject.org/poky-contrib lsandov1/rpm-vulnerabilities
http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=lsandov1/rpm-vulnerabilities
Leonardo Sandoval (2):
rpm: Fix CVE-2014-8118
rpm: Fix CVE-2013-6435
.../rpm/rpm/rpm-CVE-2013-6435.patch | 109 +++++++++++++++++++++
.../rpm/rpm/rpm-CVE-2014-8118.patch | 43 ++++++++
meta/recipes-devtools/rpm/rpm_4.11.2.bb | 2 +
3 files changed, 154 insertions(+)
create mode 100644 meta/recipes-devtools/rpm/rpm/rpm-CVE-2013-6435.patch
create mode 100644 meta/recipes-devtools/rpm/rpm/rpm-CVE-2014-8118.patch
--
1.8.4.5
More information about the Openembedded-core
mailing list