[langdale,02/26] xdg-utils: Fix CVE number

Message ID	2d03615127bb58d7865e04230ff42421b56a4c43.1680796770.git.steve@sakoman.com
State	New
Headers	show Return-Path: <steve@sakoman.com> ip: 209.85.215.169, mailfrom: steve@sakoman.com) From: Steve Sakoman <steve@sakoman.com> To: openembedded-core@lists.openembedded.org Subject: [OE-core][langdale 02/26] xdg-utils: Fix CVE number Date: Thu, 6 Apr 2023 06:01:29 -1000 Message-Id: <2d03615127bb58d7865e04230ff42421b56a4c43.1680796770.git.steve@sakoman.com> In-Reply-To: <cover.1680796770.git.steve@sakoman.com> References: <cover.1680796770.git.steve@sakoman.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[langdale,01/26] xdg-utils: Add a patch for CVE-2020-27748 \| expand [langdale,01/26] xdg-utils: Add a patch for CVE-2020-27748 [langdale,02/26] xdg-utils: Fix CVE number [langdale,03/26] tzdata: upgrade to 2023c [langdale,04/26] uninative: Upgrade to 3.9 to include glibc 2.37 [langdale,05/26] filemap.py: enforce maximum of 4kb block size [langdale,06/26] oeqs/selftest: OESelftestTestContext: replace the os.environ after subprocess.chec… [langdale,07/26] oeqa/selftest: OESelftestTestContext: convert relative to full path when newbuildd… [langdale,08/26] oeqa/selftest/reproducible: Split different packages from missing packages output [langdale,09/26] run-postinsts: Set dependency for ldconfig to avoid boot issues [langdale,10/26] package.bbclass: check packages name conflict in do_package [langdale,11/26] oeqa/selftest/cases/package.py: adding unittest for package rename conflicts [langdale,12/26] Revert "runqemu: Add workaround for APIC hang on pre 4.15 kernels on qemux86" [langdale,13/26] lib/oe/gpg_sign.py: Avoid race when creating .sig files in detach_sign [langdale,14/26] oeqa/selftest/cases/runqemu: update imports [langdale,15/26] oeqa/targetcontrol: fix misspelled RuntimeError [langdale,16/26] oeqa/targetcontrol: do not set dump_host_cmds redundantly [langdale,17/26] oeqa/targetcontrol: remove unused imports [langdale,18/26] oeqa/utils/commands: fix usage of undefined EPIPE [langdale,19/26] oeqa/utils/commands: remove unused imports [langdale,20/26] oeqa/utils/qemurunner: replace hard-coded user 'root' in debug output [langdale,21/26] selftest: runqemu: better check for ROOTFS: in the log [langdale,22/26] selftest: runqemu: use better error message when asserts fail [langdale,23/26] oeqa/runtime: clean up deprecated backslash expansion [langdale,24/26] shadow: Fix can not print full login timeout message [langdale,25/26] runqemu: respect IMAGE_LINK_NAME [langdale,26/26] report-error: catch Nothing PROVIDES error

Message ID

2d03615127bb58d7865e04230ff42421b56a4c43.1680796770.git.steve@sakoman.com

State

New

Headers

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][langdale 02/26] xdg-utils: Fix CVE number
Date: Thu,  6 Apr 2023 06:01:29 -1000
Message-Id: 
 <2d03615127bb58d7865e04230ff42421b56a4c43.1680796770.git.steve@sakoman.com>
In-Reply-To: <cover.1680796770.git.steve@sakoman.com>
References: <cover.1680796770.git.steve@sakoman.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[langdale,01/26] xdg-utils: Add a patch for CVE-2020-27748 | expand

Commit Message

Steve Sakoman April 6, 2023, 4:01 p.m. UTC

From: Richard Purdie <richard.purdie@linuxfoundation.org>

In the previous commit I somehow mixed up and used an incorrect CVE number.
Use the correct one.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b3e2729f686ff6e16e11590bcd701c057ae5f1e2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../xdg-utils/{CVE-2020-27748.patch => CVE-2022-4055.patch}     | 2 +-
 meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb              | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)
 rename meta/recipes-extended/xdg-utils/xdg-utils/{CVE-2020-27748.patch => CVE-2022-4055.patch} (99%)

diff --git a/meta/recipes-extended/xdg-utils/xdg-utils/CVE-2020-27748.patch b/meta/recipes-extended/xdg-utils/xdg-utils/CVE-2022-4055.patch
similarity index 99%
rename from meta/recipes-extended/xdg-utils/xdg-utils/CVE-2020-27748.patch
rename to meta/recipes-extended/xdg-utils/xdg-utils/CVE-2022-4055.patch
index ec3605e158..b236030108 100644
--- a/meta/recipes-extended/xdg-utils/xdg-utils/CVE-2020-27748.patch
+++ b/meta/recipes-extended/xdg-utils/xdg-utils/CVE-2022-4055.patch
@@ -14,7 +14,7 @@  Upstream-Status: Submitted [https://gitlab.freedesktop.org/xdg/xdg-utils/-/issue
 
 Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 
-CVE: CVE-2020-27748
+CVE: CVE-2022-4055
 
 
 Index: xdg-utils-1.1.3/scripts/xdg-email.in
diff --git a/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb b/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb
index d95bcccd2a..4d93180535 100644
--- a/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb
+++ b/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb
@@ -21,7 +21,7 @@  SRC_URI = "https://portland.freedesktop.org/download/${BPN}-${PV}.tar.gz \
            file://0001-Reinstate-xdg-terminal.patch \
            file://0001-Don-t-build-the-in-script-manual.patch \
            file://1f199813e0eb0246f63b54e9e154970e609575af.patch \
-           file://CVE-2020-27748.patch \
+           file://CVE-2022-4055.patch \
           "
 
 SRC_URI[md5sum] = "902042508b626027a3709d105f0b63ff"

[langdale,02/26] xdg-utils: Fix CVE number

Commit Message

Patch