On 15.8.2018 12:43 [email protected] wrote: [...] > +++ > b/meta/recipes-extended/unzip/unzip/0001-unzip-fix-CVE-2018-1000035.patch > @@ -0,0 +1,46 @@ > +From 349f566e6e757458843fa164a0f0584280e1501e Mon Sep 17 00:00:00 > 2001 > +From: Changqing Li <[email protected]> > +Date: Wed, 15 Aug 2018 16:20:53 +0800 > +Subject: [PATCH] unzip: fix CVE-2018-1000035 > + > +Upstream-Status: Backport > + > +backport from unzip6.10c23 > + > +Signed-off-by: Changqing Li <[email protected]> > +---
Would you please add a line: CVE: CVE-2018-1000035 somewhere after "Upstream-Status:" to let the automatic CVE checker detect that this patch solves this particular CVE. Konstantin Shemyak. -- _______________________________________________ Openembedded-core mailing list [email protected] http://lists.openembedded.org/mailman/listinfo/openembedded-core
