openwrt/tools
Russell Senior 46e9a9b04e tools/patch: apply upstream patch for cve-2019-13638
GNU patch through 2.7.6 is vulnerable to OS shell command injection that
can be exploited by opening a crafted patch file that contains an ed style

diff payload with shell metacharacters. The ed editor does not need to be
present on the vulnerable system. This is different from CVE-2018-1000156.

https://nvd.nist.gov/vuln/detail/CVE-2019-13638

Signed-off-by: Russell Senior <russell@personaltelco.net>
(cherry picked from commit bcfd1d7685)
2019-08-14 07:29:32 +02:00
..
autoconf treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
automake add PKG_CPE_ID ids to package and tools 2017-11-17 02:24:35 +01:00
b43-tools b43-tools: update to latest git HEAD 2018-06-18 20:29:38 +02:00
bc Revert "bc: update to 1.07.1" 2019-05-22 21:27:44 +02:00
bison tools/bison: Update to 3.3.2 2019-02-10 20:49:56 +01:00
cbootimage tools: add cbootimage for tegra 2019-04-06 14:48:46 +02:00
cbootimage-configs tools: add cbootimage-configs for tegra 2019-04-06 14:48:46 +02:00
ccache tools/ccache: update to 3.7.1 2019-06-08 09:59:25 +02:00
cmake Revert "tools/cmake: Update to 3.14.0" 2019-03-17 11:25:50 +01:00
coreutils add PKG_CPE_ID ids to package and tools 2017-11-17 02:24:35 +01:00
dosfstools add PKG_CPE_ID ids to package and tools 2017-11-17 02:24:35 +01:00
e2fsprogs tools/e2fsprogs: Update to 1.44.5 2018-12-27 13:47:50 +01:00
elftosb treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
expat tools/expat: fix docbook2man error on some systems 2018-09-11 15:00:09 +02:00
findutils tools: findutils: fix compilation with glibc 2.28 2018-08-10 06:29:49 +02:00
firmware-utils firmware-utils: jcgimage: add support for 4MiB+ images 2019-05-31 10:30:03 +02:00
flex flex: Add a lex symlink 2018-11-25 19:23:03 +01:00
flock tools: flock: add NFSv4 compatibility 2016-08-11 10:50:10 +02:00
genext2fs treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
gengetopt treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
gmp tools: gmp: Update to 6.1.2 2017-01-03 14:24:33 +01:00
include tools: Update endian definitions for Mac OSX 2018-12-19 15:08:30 +00:00
isl tools/isl: update to 0.20 2019-02-26 23:20:04 +01:00
kernel2minor tools: kernel2minor: update to latest version 2018-07-12 18:15:33 +02:00
libelf tools/libelf: Add mirrors as main site is dead 2019-03-17 10:22:36 +01:00
libressl build: fix libressl build on x32 (amd64ilp32) host 2018-11-01 17:16:52 +01:00
libtool add PKG_CPE_ID ids to package and tools 2017-11-17 02:24:35 +01:00
lzma treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
lzma-old tools/zlib: move zlib build to tools 2018-04-28 15:28:59 +02:00
m4 tools: m4: fix compilation with glibc 2.28 2018-08-10 06:29:32 +02:00
make-ext4fs tools/make-ext4fs: Fix build on MacOSX 2018-04-29 00:57:07 +02:00
missing-macros tools: remove a bunch of unused automake macros 2015-03-17 10:11:00 +00:00
mkimage tools/mkimage: use http download server (fixes FS#2052) 2019-03-07 13:28:30 +01:00
mklibs treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
mm-macros tools/mm-macros: Update to 0.9.12 2018-05-05 07:13:48 +02:00
mpc tools/mpc: Update to 1.1.0 2018-01-18 08:04:18 +01:00
mpfr tools/mpfr: Update to 4.0.2 2019-02-10 20:51:09 +01:00
mtd-utils mtd-utils: add back macOS compatibility code that was dropped during the update 2018-04-30 10:12:55 +02:00
mtools tools/mtools: Update to 4.0.23 2018-12-24 17:05:57 +01:00
padjffs2 tools: padjffs2: add option to output padding data to stdout 2016-07-11 13:26:33 +02:00
patch tools/patch: apply upstream patch for cve-2019-13638 2019-08-14 07:29:32 +02:00
patch-image tools: patch-image: fix file descriptor leak. 2017-02-15 07:45:24 +01:00
patchelf treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
pkg-config tools/pkg-config: Handle variable substitution of 'bindir' to redirect to STAGING_DIR/bin 2018-11-13 15:40:30 -05:00
qemu add PKG_CPE_ID ids to package and tools 2017-11-17 02:24:35 +01:00
quilt treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
scons scons: update to 3.0.5 2019-05-18 21:17:45 +02:00
sdimage tools/sdimage: Fix build with host Linux headers < 3.18 2018-12-16 14:03:35 +01:00
sed tools/sed: Update to 4.7 2019-02-10 20:48:25 +01:00
sparse sparse: updated to version 0.5.2 2018-06-08 09:56:26 +02:00
squashfs add PKG_CPE_ID ids to package and tools 2017-11-17 02:24:35 +01:00
squashfskit4 tools/squashfskit: fix version detection on non-linux system 2019-03-03 19:45:10 +01:00
sstrip tools/sstrip: Fix compile under standard linux. 2017-12-08 10:40:20 +01:00
tar tools: tar: update to version 1.32 2019-03-10 21:36:28 +01:00
upslug2 treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
wrt350nv2-builder tools: remove static linking support 2015-02-06 00:00:43 +00:00
xz tools/xz: Compile with PIC to fix linking errors 2019-04-06 19:14:06 +02:00
zip tools: zip: add option for reproducible archives 2019-01-15 19:11:53 +01:00
zlib tools: zlib: do not hardcode the install prefix in zlib.pc 2018-05-24 17:07:10 +02:00
Makefile tools: cbootimage: depend on automake 2019-04-07 15:25:28 +02:00