mirror of
https://git.yoctoproject.org/poky
synced 2026-04-30 12:32:12 +02:00
c18b02e5e9
The CVE-2014-9645 fix was merged in Busybox prior to the 1.23.0 release [1]. The fix was then reworked in Busybox 1.23.1, in such a way that the original change was no longer required [2]. Although oe-core's CVE-2014-9645 patch still applies cleanly to Busybox 1.23.1 and 1.23.2, applying it partially reverts the second version of the upstream fix. [1] http://git.busybox.net/busybox/commit/modutils/modprobe.c?h=1_23_stable&id=4e314faa0aecb66717418e9a47a4451aec59262b [2] http://git.busybox.net/busybox/commit/modutils/modprobe.c?h=1_23_stable&id=1ecfe811fe2f70380170ef7d820e8150054e88ca (From OE-Core master rev: a753d3d8884b96baad5ed1a03335a81586420b86) (From OE-Core rev: ef1748f26ab246d893f51141caa24dd4ae6b5ec0) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>