[Buildroot] [PATCH] patch: add upstream security fix
Peter Korsgaard
peter at korsgaard.com
Tue Apr 10 20:48:32 UTC 2018
>>>>> "Baruch" == Baruch Siach <baruch at tkos.co.il> writes:
> Fixes CVE-2018-1000156: arbitrary command execution in ed-style patches.
> Depend on MMU for now, because the patch adds a fork() call. Upstream
> later switched to gnulib provided execute(), so this dependency can be
> dropped on the next version bump.
> Signed-off-by: Baruch Siach <baruch at tkos.co.il>
Committed to 2017.02.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list