mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-05 02:50:46 +00:00
Code Issues Projects Releases Wiki Activity

spice: set CVE-2016-2150 status to fixed

Browse Source 
Debian has fixed this CVE with [1].
That patch is taken from [2].

.../tmp/work/core2-64-poky-linux/spice/0.15.2/git$ git describe 69628ea13
v0.13.1-190-g69628ea1
.../tmp/work/core2-64-poky-linux/spice/0.15.2/git$ git tag --contains 69628ea13
v0.13.2

[1] https://sources.debian.org/patches/spice/0.12.5-1%2Bdeb8u5/CVE-2016-2150/0002-improve-primary-surface-parameter-checks.patch/
[2] https://gitlab.freedesktop.org/spice/spice/-/commit/69628ea1375282cb7ca5b4dc4410e7aa67e0fc02

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This commit is contained in:
Peter Marko
2024-12-27 11:56:02 +01:00
committed by Khem Raj
parent 9f7c1e6bd1
commit e44f3251b5
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-networking/recipes-support/spice/spice_git.bb
+1
View File
@@ -22,6 +22,7 @@ SRC_URI = "gitsm://gitlab.freedesktop.org/spice/spice;branch=master;protocol=htt
S = "${WORKDIR}/git"
CVE_STATUS[CVE-2016-0749] = "fixed-version: patched since 0.13.2"
CVE_STATUS[CVE-2016-2150] = "fixed-version: patched since 0.13.2"
CVE_STATUS[CVE-2018-10893] = "fixed-version: patched already, caused by inaccurate CPE in the NVD database."
inherit meson gettext python3native python3-dir pkgconfig