mirror of
https://git.yoctoproject.org/poky
synced 2026-07-16 03:47:03 +00:00
git: fix CVE-2021-21300
checkout: fix bug that makes checkout follow symlinks in leading path Upstream-Status: Acepted [https://github.com/git/git/commit/684dd4c2b414bcf648505e74498a608f28de4592] CVE: CVE-2021-21300 (From OE-Core rev: 8293d5d1529629bd13028bdde1fa99da30313bac) Signed-off-by: Minjae Kim <flowergom@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
committed by
Richard Purdie
parent
4ea2ccd7e9
commit
f0fdeea665
@@ -8,7 +8,9 @@ DEPENDS = "openssl curl zlib expat"
|
||||
PROVIDES_append_class-native = " git-replacement-native"
|
||||
|
||||
SRC_URI = "${KERNELORG_MIRROR}/software/scm/git/git-${PV}.tar.gz;name=tarball \
|
||||
${KERNELORG_MIRROR}/software/scm/git/git-manpages-${PV}.tar.gz;name=manpages"
|
||||
${KERNELORG_MIRROR}/software/scm/git/git-manpages-${PV}.tar.gz;name=manpages \
|
||||
file://CVE-2021-21300.patch \
|
||||
"
|
||||
|
||||
S = "${WORKDIR}/git-${PV}"
|
||||
|
||||
|
||||
Reference in New Issue
Block a user