From: Ross Burton <ross.bur...@intel.com>
This patch is a CVE fix, so rename it to help CVE detection tools identify it as
such.
(From OE-Core master rev: 3fd05ce1f709cbbd8fdeb1dbfdffbd39922eca6e)
Signed-off-by: Ross Burton <ross.bur...@intel.com>
Signed-off-by: Richard Purdie <richard.pur...@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.y...@windriver.com>
---
...option.patch => libarchive-CVE-2015-2304.patch} | 0
.../libarchive/libarchive_3.1.2.bb | 2 +-
2 files changed, 1 insertion(+), 1 deletion(-)
rename
meta/recipes-extended/libarchive/libarchive/{0001-Add-ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS-option.patch
=> libarchive-CVE-2015-2304.patch} (100%)
diff --git
a/meta/recipes-extended/libarchive/libarchive/0001-Add-ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS-option.patch
b/meta/recipes-extended/libarchive/libarchive/libarchive-CVE-2015-2304.patch
similarity index 100%
rename from
meta/recipes-extended/libarchive/libarchive/0001-Add-ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS-option.patch
rename to
meta/recipes-extended/libarchive/libarchive/libarchive-CVE-2015-2304.patch
diff --git a/meta/recipes-extended/libarchive/libarchive_3.1.2.bb
b/meta/recipes-extended/libarchive/libarchive_3.1.2.bb
index aaa3255..716db9a 100644
--- a/meta/recipes-extended/libarchive/libarchive_3.1.2.bb
+++ b/meta/recipes-extended/libarchive/libarchive_3.1.2.bb
@@ -32,7 +32,7 @@ PACKAGECONFIG[nettle] =
"--with-nettle,--without-nettle,nettle,"
SRC_URI = "http://libarchive.org/downloads/libarchive-${PV}.tar.gz \
file://libarchive-CVE-2013-0211.patch \
file://pkgconfig.patch \
- file://0001-Add-ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS-option.patch
\
+ file://libarchive-CVE-2015-2304.patch \
file://mkdir.patch \
"
--
1.7.9.5
--
_______________________________________________
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core
