mirror of
https://git.yoctoproject.org/poky
synced 2026-07-16 03:47:03 +00:00
git: CVE-2022-23521 gitattributes parsing integer overflow
Backport from: https://github.com/git/git/commit/eb22e7dfa23da6bd9aed9bd1dad69e1e8e167d24 https://github.com/git/git/commit/8d0d48cf2157cfb914db1f53b3fe40785b86f3aa https://github.com/git/git/commit/24557209500e6ed618f04a8795a111a0c491a29c https://github.com/git/git/commit/34ace8bad02bb14ecc5b631f7e3daaa7a9bba7d9 https://github.com/git/git/commit/447ac906e189535e77dcb1f4bbe3f1bc917d4c12 https://github.com/git/git/commit/e1e12e97ac73ded85f7d000da1063a774b3cc14f https://github.com/git/git/commit/a60a66e409c265b2944f18bf43581c146812586d https://github.com/git/git/commit/d74b1fd54fdbc45966d12ea907dece11e072fb2b https://github.com/git/git/commit/dfa6b32b5e599d97448337ed4fc18dd50c90758f https://github.com/git/git/commit/3c50032ff5289cc45659f21949c8d09e52164579 (From OE-Core rev: 4f4baa56656291b259b9474a3637cf31f6569ff3) Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
committed by
Richard Purdie
parent
50108e2180
commit
580df9b4c4
@@ -11,8 +11,8 @@ SRC_URI = "${KERNELORG_MIRROR}/software/scm/git/git-${PV}.tar.gz;name=tarball \
|
||||
${KERNELORG_MIRROR}/software/scm/git/git-manpages-${PV}.tar.gz;name=manpages \
|
||||
file://fixsort.patch \
|
||||
file://CVE-2021-40330.patch \
|
||||
file://CVE-2022-23521.patch \
|
||||
"
|
||||
|
||||
S = "${WORKDIR}/git-${PV}"
|
||||
|
||||
LIC_FILES_CHKSUM = "file://COPYING;md5=7c0d7ef03a7eb04ce795b0f60e68e7e1"
|
||||
|
||||
Reference in New Issue
Block a user