mirror of
https://git.yoctoproject.org/poky
synced 2026-01-29 21:08:42 +01:00
97f732ce9b
Pick patches as listed in NVD CVE report. Note that Debian lists one of the patches as introducing the vulnerability. This is against what the original report [1] says. Also the commit messages provide hints that the first patch fixes this issue and second is fixing problem with the first patch. [1] https://jvn.jp/en/jp/JVN19358384/ (From OE-Core rev: a157719ab349d9393d5a640bb2e45fc2489d5338) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>