diff mbox series

[dunfell,05/10] ghostscript: fix CVE-2020-15900 and CVE-2021-45949 for -native

Message ID da9b7b8973913c80c989aee1f5b34c98362725a8.1648399113.git.steve@sakoman.com
State Accepted, archived
Commit da9b7b8973913c80c989aee1f5b34c98362725a8
Headers show
Series [dunfell,01/10] libsolv: fix CVE: CVE-2021-44568-71 and CVE-2021-44573-77 | expand

Commit Message

Steve Sakoman March 27, 2022, 4:40 p.m. UTC 
CVE patches (and the stack limits check patch) should have been
added to SRC_URI_BASE so that they are applied for both target
and -native packages.

Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-extended/ghostscript/ghostscript_9.52.bb | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)
diff mbox series

Patch

diff --git a/meta/recipes-extended/ghostscript/ghostscript_9.52.bb b/meta/recipes-extended/ghostscript/ghostscript_9.52.bb
index ac3d0dca43..310c4f6d24 100644
--- a/meta/recipes-extended/ghostscript/ghostscript_9.52.bb
+++ b/meta/recipes-extended/ghostscript/ghostscript_9.52.bb
@@ -33,14 +33,14 @@  SRC_URI_BASE = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/d
                 file://do-not-check-local-libpng-source.patch \
                 file://avoid-host-contamination.patch \
                 file://mkdir-p.patch \
+                file://CVE-2020-15900.patch \
+                file://check-stack-limits-after-function-evalution.patch \
+                file://CVE-2021-45949.patch \
 "
 
 SRC_URI = "${SRC_URI_BASE} \
            file://ghostscript-9.21-prevent_recompiling.patch \
            file://cups-no-gcrypt.patch \
-           file://CVE-2020-15900.patch \
-           file://check-stack-limits-after-function-evalution.patch \
-           file://CVE-2021-45949.patch \
            "
 
 SRC_URI_class-native = "${SRC_URI_BASE} \