mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-29 18:32:20 +02:00
Code Issues Packages Projects Releases Wiki Activity
33,559 Commits 38 Branches 624 Tags
4206fcbf228dcdcde3f3ab2db0cee2612e9fa9ef
Commit Graph

2 Commits

Author SHA1 Message Date
Chong Lu
6a30031708 apt: fix for CVE-2014-0478 
APT before 1.0.4 does not properly validate source packages, which allows
man-in-the-middle attackers to download and install Trojan horse packages
by removing the Release signature.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0478

(From OE-Core rev: 3dd692fcf2b0c11731b3f30abdf2b1878458a898)

Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2014-09-30 14:10:34 +01:00
Ionut Radu
8d68f1695c apt: Upgrade from 0.9.8.2 to 0.9.9.4 
makerace.patch: adapted to the new version

(From OE-Core rev: ad69f62e42c131dcccd33b0e39c61a431f581bea)

Signed-off-by: Ionut Radu <ionutx.radu@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2013-08-03 10:33:08 +01:00