1
0
mirror of https://git.yoctoproject.org/poky synced 2026-07-16 15:57:04 +00:00

git: CVE-2018-11233

* CVE-2018-11233
Code to sanity-check pathnames on NTFS can result in reading
out-of-bounds memory.

Affects < 2.17.1

CVE: CVE-2018-11233
Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1583888
(From OE-Core rev: d145f605c274386baf0dde023f15cddf37523f3b)

Signed-off-by: Sinan Kaya <okaya@kernel.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Sinan Kaya
2018-10-05 03:55:15 +00:00
committed by Richard Purdie
parent 97ee1f8087
commit fbc735796f
2 changed files with 46 additions and 1 deletions
+2 -1
View File
@@ -8,7 +8,8 @@ PROVIDES_append_class-native = " git-replacement-native"
SRC_URI = "${KERNELORG_MIRROR}/software/scm/git/git-${PV}.tar.gz;name=tarball \
${KERNELORG_MIRROR}/software/scm/git/git-manpages-${PV}.tar.gz;name=manpages \
file://CVE-2018-11235.patch"
file://CVE-2018-11235.patch \
file://CVE-2018-11233.patch"
S = "${WORKDIR}/git-${PV}"