mirror of
https://github.com/godotengine/buildroot.git
synced 2026-01-04 06:10:16 +03:00
4a03d17172
The patches have been used by Alpine for 5 months now and they were posted on the Busybox mailing list mid-July with no review or comment. According to Ariadne Conill[1] - though NVD CVSS 3.x Base Score seems to disagree - this has a low security impact so we could probably just wait for upstream to merge the patches or implement it the way they want. Considering those patches have been public for 5 months and upstream hasn't acted until now, let's take the patches from the mailing list anyway as there's no indication the CVEs will be fixed upstream soon. [1] https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661 Cc: Quentin Schulz <foss+buildroot@0leil.net> Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>