On Tue, 2020-02-18 at 10:28 -0500, Chet Ramey wrote: > On 2/17/20 9:46 PM, Huo, De wrote: > > I applied the patch to fix CVE defect CVE-2019-18276. > > That's not exactly an answer to the question of who produced the patch. > If that patch is the one causing failures when it's applied, doesn't it > make sense to go back to the person who produced it and ask them to > update it if necessary?
Its likely a general CVE patch where both configure and configure.ac are patched. For OE, we can drop the configure part since we reautoconf the code. Its therefore the OE port of the patch which is likely at fault. Someone just needs to remove that section of the patch. Cheers, Richard -- _______________________________________________ Openembedded-core mailing list [email protected] http://lists.openembedded.org/mailman/listinfo/openembedded-core
