patch: fix CVE-2019-13638

(From OE-Core rev: b59b1222b3f73f982286222a583de09c661dc781) (From OE-Core rev: 308c44fd8f1d7d348c6c7cf9054f9c8403d8e8bd) Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 555b0642579c00c41bc3daab9cef08452f9834d5) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-02-20 08:29:42 +01:00 · 2019-08-21 09:58:17 +08:00
parent d59f2b0a74
commit 6fc3dc1af5
2 changed files with 45 additions and 0 deletions
--- a/meta/recipes-devtools/patch/patch_2.7.6.bb
+++ b/meta/recipes-devtools/patch/patch_2.7.6.bb
@@ -7,6 +7,7 @@ SRC_URI += "file://0001-Unset-need_charset_alias-when-building-for-musl.patch \
            file://0004-Fix-arbitrary-command-execution-in-ed-style-patches-.patch \
            file://0001-Fix-swapping-fake-lines-in-pch_swap.patch \
            file://CVE-2019-13636.patch \
+            file://0001-Invoke-ed-directly-instead-of-using-the-shell.patch \
 "

 SRC_URI[md5sum] = "4c68cee989d83c87b00a3860bcd05600"