patch: the CVE-2019-13638 fix also handles CVE-2018-20969

Message ID	20191104122713.23437-1-ross.burton@intel.com
State	Accepted
Commit	10c3af7ad8b7bb369c84c60a717bcd1358861187
Headers	show Delivered-To: patch@linaro.org Received-SPF: pass (google.com: best guess record for domain of openembedded-core-bounces@lists.openembedded.org designates 140.211.169.62 as permitted sender) client-ip=140.211.169.62; From: Ross Burton <ross.burton@intel.com> To: openembedded-core@lists.openembedded.org Date: Mon, 4 Nov 2019 12:27:13 +0000 Message-Id: <20191104122713.23437-1-ross.burton@intel.com> MIME-Version: 1.0 Subject: [OE-core] [PATCH] patch: the CVE-2019-13638 fix also handles CVE-2018-20969 Precedence: list Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: openembedded-core-bounces@lists.openembedded.org Errors-To: openembedded-core-bounces@lists.openembedded.org
Series	patch: the CVE-2019-13638 fix also handles CVE-2018-20969 \| expand patch: the CVE-2019-13638 fix also handles CVE-2018-20969

Message ID

20191104122713.23437-1-ross.burton@intel.com

State

Accepted

Commit

10c3af7ad8b7bb369c84c60a717bcd1358861187

Headers

Received-SPF: pass (google.com: best guess record for domain of
	openembedded-core-bounces@lists.openembedded.org designates
	140.211.169.62 as permitted sender) client-ip=140.211.169.62; 
From: Ross Burton <ross.burton@intel.com>
To: openembedded-core@lists.openembedded.org
Date: Mon,  4 Nov 2019 12:27:13 +0000
Message-Id: <20191104122713.23437-1-ross.burton@intel.com>
MIME-Version: 1.0
Subject: [OE-core] [PATCH] patch: the CVE-2019-13638 fix also handles
	CVE-2018-20969
Precedence: list
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: openembedded-core-bounces@lists.openembedded.org
Errors-To: openembedded-core-bounces@lists.openembedded.org

Series

patch: the CVE-2019-13638 fix also handles CVE-2018-20969 | expand

Commit Message

Ross Burton Nov. 4, 2019, 12:27 p.m. UTC

Signed-off-by: Ross Burton <ross.burton@intel.com>

---
 .../0001-Invoke-ed-directly-instead-of-using-the-shell.patch  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

-- 
2.20.1

-- 
_______________________________________________
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

diff --git a/meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch b/meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch
index f60dfe879af..d13d419f51c 100644
--- a/meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch
+++ b/meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch
@@ -6,8 +6,8 @@  Subject: [PATCH] Invoke ed directly instead of using the shell
 * src/pch.c (do_ed_script): Invoke ed directly instead of using a shell
 command to avoid quoting vulnerabilities.
 
-CVE: CVE-2019-13638
-Upstream-Status: Backport[https://git.savannah.gnu.org/cgit/patch.git/patch/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0]
+CVE: CVE-2019-13638 CVE-2018-20969
+Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/patch.git/patch/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0]
 Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
 
 ---