1
0
mirror of https://git.yoctoproject.org/poky synced 2026-07-16 15:57:04 +00:00

squashfs-tools: fix CVE-2021-41072

Backport patches to fix CVE-2021-41072. And update context for verison
4.4 at same time.

CVE: CVE-2021-41072

Ref:
* https://nvd.nist.gov/vuln/detail/CVE-2021-41072

(From OE-Core rev: e95ccf6f7fe5a42fffcfa5e43087ff964622e26c)

Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Kai Kang
2021-11-18 09:53:36 +08:00
committed by Richard Purdie
parent 39ee281be1
commit a0745dce6b
5 changed files with 894 additions and 0 deletions
@@ -12,6 +12,10 @@ SRCREV = "52eb4c279cd283ed9802dd1ceb686560b22ffb67"
SRC_URI = "git://github.com/plougher/squashfs-tools.git;protocol=https;branch=master \
file://0001-squashfs-tools-fix-build-failure-against-gcc-10.patch;striplevel=2 \
file://CVE-2021-40153.patch;striplevel=2 \
file://CVE-2021-41072-requisite-1.patch;striplevel=2 \
file://CVE-2021-41072-requisite-2.patch;striplevel=2 \
file://CVE-2021-41072-requisite-3.patch;striplevel=2 \
file://CVE-2021-41072.patch;striplevel=2 \
"
S = "${WORKDIR}/git/squashfs-tools"