package/patch: annotate CVE-2018-1000156

author Fabrice Fontaine <fontaine.fabrice@gmail.com>

Tue, 3 Mar 2020 19:47:00 +0000 (20:47 +0100)

committer Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Tue, 3 Mar 2020 21:39:09 +0000 (22:39 +0100)
author Fabrice Fontaine <fontaine.fabrice@gmail.com>
Tue, 3 Mar 2020 19:47:00 +0000 (20:47 +0100)
committer Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tue, 3 Mar 2020 21:39:09 +0000 (22:39 +0100)
diff --git a/package/patch/patch.mk b/package/patch/patch.mk

index ca54beab6d7609d3e98fdb0c8d38b605811fe0b6..483e2791a3afad9bbcc3e4fcb1282e6fd0f49c65 100644 (file)
--- a/package/patch/patch.mk
+++ b/package/patch/patch.mk
@@ -13,6 +13,9 @@ PATCH_LICENSE_FILES = COPYING
  # 0001-Fix-segfault-with-mangled-rename-patch.patch
  PATCH_IGNORE_CVES += CVE-2018-6951
  
+# 0003-Fix-arbitrary-command-execution-in-ed-style-patches-.patch
+PATCH_IGNORE_CVES += CVE-2018-1000156
+
  ifeq ($(BR2_PACKAGE_ATTR),y)
  PATCH_CONF_OPTS += --enable-xattr
  PATCH_DEPENDENCIES += attr
author	Fabrice Fontaine <fontaine.fabrice@gmail.com>
	Tue, 3 Mar 2020 19:47:00 +0000 (20:47 +0100)
committer	Thomas Petazzoni <thomas.petazzoni@bootlin.com>
	Tue, 3 Mar 2020 21:39:09 +0000 (22:39 +0100)