projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0835550) | patch
package/patch: fix CVE-2019-13636
authorFabrice Fontaine <fontaine.fabrice@gmail.com>
Tue, 3 Mar 2020 19:47:02 +0000 (20:47 +0100)
committerThomas Petazzoni <thomas.petazzoni@bootlin.com>
Tue, 3 Mar 2020 21:39:09 +0000 (22:39 +0100)
commitad9c33935b2f765d020932d8268d2a46c6c130f1
tree25cf69440aa2c618e2016efca09ec1cea4e9ae37tree
parent0835550ce984b1755c1e8540bbbeb24844392c5dcommit | diff
package/patch: fix CVE-2019-13636

In GNU patch through 2.7.6, the following of symlinks is mishandled in
certain cases other than input files. This affects inp.c and util.c.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
package/patch/0005-Don-t-follow-symlinks-unless--follow-symlinks-is-given.patch [new file with mode: 0644] blob
package/patch/patch.mk diff | blob | history