[202012] Fix CVE-2017-1000487 security alert (#11635)
Why I did it Fix CVE-2017-1000487 alert in thrift 0.14.1. See https://nvd.nist.gov/vuln/detail/CVE-2017-1000487 How I did it Change the version of org.codehaus.plexus:plexus-utils from 3.0.14 to 3.0.16.
This commit is contained in:
parent
14f93e15c6
commit
1c8c1a6010
@ -26,6 +26,7 @@ $(addprefix $(DEST)/, $(MAIN_TARGET)): $(DEST)/% :
|
|||||||
patch -p1 < ../patch/0001-Remove-unneeded-packages.patch
|
patch -p1 < ../patch/0001-Remove-unneeded-packages.patch
|
||||||
patch -p1 < ../patch/0002-Remove-minimist-packages.patch
|
patch -p1 < ../patch/0002-Remove-minimist-packages.patch
|
||||||
patch -p1 < ../patch/0003-Remove-underscore-packages.patch
|
patch -p1 < ../patch/0003-Remove-underscore-packages.patch
|
||||||
|
patch -p1 < ../patch/0002-cve-2017-1000487.patch
|
||||||
DEB_BUILD_OPTIONS=nocheck dpkg-buildpackage -d -rfakeroot -b -us -uc -j$(SONIC_CONFIG_MAKE_JOBS) --admindir $(SONIC_DPKG_ADMINDIR)
|
DEB_BUILD_OPTIONS=nocheck dpkg-buildpackage -d -rfakeroot -b -us -uc -j$(SONIC_CONFIG_MAKE_JOBS) --admindir $(SONIC_DPKG_ADMINDIR)
|
||||||
popd
|
popd
|
||||||
|
|
||||||
|
1
src/thrift_0_13_0/patch/0002-cve-2017-1000487.patch
Symbolic link
1
src/thrift_0_13_0/patch/0002-cve-2017-1000487.patch
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../../thrift/patch/0002-cve-2017-1000487.patch
|
Loading…
Reference in New Issue
Block a user