[Buildroot] [PATCH 2/5] package/patch: annotate CVE-2018-1000156

Fabrice Fontaine fontaine.fabrice at gmail.com
Tue Mar 3 19:47:00 UTC 2020


Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
---
 package/patch/patch.mk | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/package/patch/patch.mk b/package/patch/patch.mk
index ca54beab6d..483e2791a3 100644
--- a/package/patch/patch.mk
+++ b/package/patch/patch.mk
@@ -13,6 +13,9 @@ PATCH_LICENSE_FILES = COPYING
 # 0001-Fix-segfault-with-mangled-rename-patch.patch
 PATCH_IGNORE_CVES += CVE-2018-6951
 
+# 0003-Fix-arbitrary-command-execution-in-ed-style-patches-.patch
+PATCH_IGNORE_CVES += CVE-2018-1000156
+
 ifeq ($(BR2_PACKAGE_ATTR),y)
 PATCH_CONF_OPTS += --enable-xattr
 PATCH_DEPENDENCIES += attr
-- 
2.25.0




More information about the buildroot mailing list