mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-06-14 05:49:57 +00:00
Ralph Siemsen
aa316ee2bb
Commit17e931e77("polkit: fix CVE-2021-3560") contains - upstream commit a04d13affe0fa53ff618e07aa8f57f4c0e3b9b81 Commit67ec3e049("polkit: Fix for CVE-2021-4115") contains both: - upstream commit a04d13affe0fa53ff618e07aa8f57f4c0e3b9b81 (CVE-2021-3560) - upstream commit 41cb093f554da8772362654a128a84dd8a5542a7 (CVE-2021-4115) Thus the fix for CVE-2021-3560 is applied twice, resulting in warnings during do_patch. Curiously it neither fails nor complains about patch already applied. Also devtool silently discards the duplicate patch. Drop the duplicate patch, to resolve following warnings: WARNING: polkit-0.116-r0 do_patch: Fuzz detected: Applying patch 0001-GHSL-2021-074-authentication-bypass-vulnerability-in.patch patching file src/polkit/polkitsystembusname.c Hunk #1 succeeded at 438 with fuzz 2 (offset 3 lines). Applying patch CVE-2021-4115.patch patching file src/polkit/polkitsystembusname.c Hunk #4 succeeded at 439 with fuzz 2. Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Collection of layers for the OE-core universe dunfell maintainer: Armin Kuster <akuster808@gmail.com> This repository is a collection of layers to suppliment OE-Core with additional packages, Each layer have designated maintainer Please see the respective READMEs in the layer subdirectories