mirror of
https://git.yoctoproject.org/poky
synced 2026-06-21 22:53:48 +02:00
ef6f8d5f46
Backport patch referencing this CVE. Note that the hardening is not activated by default, it adds defconfig option to enable it. Since it introduces a breaking change, it shouldn't be enabled in LTS release by default. This patch makes busybox cpio equivalent in this release to what is currently in master and in kirkstone. Also note that gnu cpio also does not have this hardening, but the CVE is created only against busybox. (From OE-Core rev: 3f2b235526d135094408e3895c01bff7b5b938fb) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>