diff options
author | Mariano Lopez <mariano.lopez@linux.intel.com> | 2016-01-08 12:03:58 +0000 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-01-11 23:23:18 +0000 |
commit | 065ebeb3e15311d0d45385e15bf557b1c95b1669 (patch) | |
tree | d62fb16062b52dc2598550515c4732f4eab0a30e /meta/recipes-extended/unzip | |
parent | 2336d1e5de671f538f0cd493b75d29e1dfdb0caf (diff) | |
download | openembedded-core-065ebeb3e15311d0d45385e15bf557b1c95b1669.tar.gz openembedded-core-065ebeb3e15311d0d45385e15bf557b1c95b1669.tar.bz2 openembedded-core-065ebeb3e15311d0d45385e15bf557b1c95b1669.zip |
Add "CVE:" tag to current patches in OE-core
The currnet patches in OE-core doesn't have the "CVE:"
tag, now part of the policy of the patches.
This is patch add this tag to several patches. There might
be patches that I miss; the tag can be added in the future.
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Diffstat (limited to 'meta/recipes-extended/unzip')
7 files changed, 7 insertions, 0 deletions
diff --git a/meta/recipes-extended/unzip/unzip/06-unzip60-alt-iconv-utf8_CVE-2015-1315.patch b/meta/recipes-extended/unzip/unzip/06-unzip60-alt-iconv-utf8_CVE-2015-1315.patch index 9ba3c1dc62..afc4c734a7 100644 --- a/meta/recipes-extended/unzip/unzip/06-unzip60-alt-iconv-utf8_CVE-2015-1315.patch +++ b/meta/recipes-extended/unzip/unzip/06-unzip60-alt-iconv-utf8_CVE-2015-1315.patch @@ -3,6 +3,7 @@ Subject: unzip files encoded with non-latin, non-unicode file names Last-Update: 2015-02-11 Upstream-Status: Backport +CVE: CVE-2015-1315 Updated 2015-02-11 by Marc Deslauriers <marc.deslauriers@canonical.com> to fix buffer overflow in charset_to_intern() diff --git a/meta/recipes-extended/unzip/unzip/09-cve-2014-8139-crc-overflow.patch b/meta/recipes-extended/unzip/unzip/09-cve-2014-8139-crc-overflow.patch index e137f0dc76..0e497cc65f 100644 --- a/meta/recipes-extended/unzip/unzip/09-cve-2014-8139-crc-overflow.patch +++ b/meta/recipes-extended/unzip/unzip/09-cve-2014-8139-crc-overflow.patch @@ -5,6 +5,7 @@ Bug-Debian: http://bugs.debian.org/773722 The patch comes from unzip_6.0-8+deb7u2.debian.tar.gz Upstream-Status: Backport +CVE: CVE-2014-8139 Signed-off-by: Roy Li <rongqing.li@windriver.com> diff --git a/meta/recipes-extended/unzip/unzip/10-cve-2014-8140-test-compr-eb.patch b/meta/recipes-extended/unzip/unzip/10-cve-2014-8140-test-compr-eb.patch index edc7d515b0..c989df1896 100644 --- a/meta/recipes-extended/unzip/unzip/10-cve-2014-8140-test-compr-eb.patch +++ b/meta/recipes-extended/unzip/unzip/10-cve-2014-8140-test-compr-eb.patch @@ -5,6 +5,7 @@ Bug-Debian: http://bugs.debian.org/773722 The patch comes from unzip_6.0-8+deb7u2.debian.tar.gz Upstream-Status: Backport +CVE: CVE-2014-8140 Signed-off-by: Roy Li <rongqing.li@windriver.com> diff --git a/meta/recipes-extended/unzip/unzip/11-cve-2014-8141-getzip64data.patch b/meta/recipes-extended/unzip/unzip/11-cve-2014-8141-getzip64data.patch index d0c1db3925..c48c23f304 100644 --- a/meta/recipes-extended/unzip/unzip/11-cve-2014-8141-getzip64data.patch +++ b/meta/recipes-extended/unzip/unzip/11-cve-2014-8141-getzip64data.patch @@ -5,6 +5,7 @@ Bug-Debian: http://bugs.debian.org/773722 The patch comes from unzip_6.0-8+deb7u2.debian.tar.gz Upstream-Status: Backport +CVE: CVE-2014-8141 Signed-off-by: Roy Li <rongqing.li@windriver.com> diff --git a/meta/recipes-extended/unzip/unzip/CVE-2015-7696.patch b/meta/recipes-extended/unzip/unzip/CVE-2015-7696.patch index ea93823cbe..87eed965d0 100644 --- a/meta/recipes-extended/unzip/unzip/CVE-2015-7696.patch +++ b/meta/recipes-extended/unzip/unzip/CVE-2015-7696.patch @@ -1,4 +1,5 @@ Upstream-Status: Backport +CVE: CVE-2015-7696 Signed-off-by: Tudor Florea <tudor.flore@enea.com> From 68efed87fabddd450c08f3112f62a73f61d493c9 Mon Sep 17 00:00:00 2001 diff --git a/meta/recipes-extended/unzip/unzip/CVE-2015-7697.patch b/meta/recipes-extended/unzip/unzip/CVE-2015-7697.patch index da68988338..a8f293674b 100644 --- a/meta/recipes-extended/unzip/unzip/CVE-2015-7697.patch +++ b/meta/recipes-extended/unzip/unzip/CVE-2015-7697.patch @@ -1,4 +1,5 @@ Upstream-Status: Backport +CVE: CVE-2015-7697 Signed-off-by: Tudor Florea <tudor.flore@enea.com> From bd8a743ee0a77e65ad07ef4196c4cd366add3f26 Mon Sep 17 00:00:00 2001 diff --git a/meta/recipes-extended/unzip/unzip/cve-2014-9636.patch b/meta/recipes-extended/unzip/unzip/cve-2014-9636.patch index 0a0bfbbb17..5fcd318b25 100644 --- a/meta/recipes-extended/unzip/unzip/cve-2014-9636.patch +++ b/meta/recipes-extended/unzip/unzip/cve-2014-9636.patch @@ -4,6 +4,7 @@ Date: Wed, 11 Feb 2015 Subject: Info-ZIP UnZip buffer overflow Upstream-Status: Backport +CVE: CVE-2014-9636 By carefully crafting a corrupt ZIP archive with "extra fields" that purport to have compressed blocks larger than the corresponding |