git: fix CVE-2021-21300

checkout: fix bug that makes checkout follow symlinks in leading path Upstream-Status: Acepted [https://github.com/git/git/commit/684dd4c2b414bcf648505e74498a608f28de4592] CVE: CVE-2021-21300 (From OE-Core rev: 1b680f6aca14c92d03d32c4974292788140d7a65) Signed-off-by: Minjae Kim <flowergom@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-05-30 12:29:55 +00:00 · 2021-03-27 12:11:12 +09:00
parent 06b4910c3a
commit d3b1daa7af
2 changed files with 307 additions and 1 deletions
@@ -9,7 +9,9 @@ PROVIDES_append_class-native = " git-replacement-native"

 SRC_URI = "${KERNELORG_MIRROR}/software/scm/git/git-${PV}.tar.gz;name=tarball \
           ${KERNELORG_MIRROR}/software/scm/git/git-manpages-${PV}.tar.gz;name=manpages \
-           file://fixsort.patch"
+           file://fixsort.patch \
+	   file://CVE-2021-21300.patch \
+"

 S = "${WORKDIR}/git-${PV}"