mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-20 08:29:42 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
022d6ec767487a52fc479e25ebad11012df01474
poky/meta
History
Yogita Urade 022d6ec767 curl: fix CVE-2025-0167 
When asked to use a `.netrc` file for credentials *and* to
follow HTTP redirects, curl could leak the password used
for the first host to the followed-to host under certain
circumstances.

This flaw only manifests itself if the netrc file has a
`default` entry that omits both login and password. A
rare circumstance.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-0167

Upstream patch:
0e120c5b92

(From OE-Core rev: 7c5aee3066e4c8056d994cd50b26c18a16316c96)

Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-07-14 08:37:40 -07:00
..
classes
kernel.bbclass: add original package name to RPROVIDES for -image and -base
2025-06-13 08:42:35 -07:00
conf
libpng: Improve ptest
2025-06-20 08:06:30 -07:00
files
meta: Enable '-o pipefail' for the SDK installer
2025-03-04 08:46:02 -08:00
lib
lib/packagedata.py: Add API to iterate over rprovides
2025-02-15 06:04:44 -08:00
recipes-bsp
grub: Fix multiple CVEs
2025-03-19 07:13:17 -07:00
recipes-connectivity
nfs-utils: don't use signals to shut down nfs server.
2025-06-04 09:06:31 -07:00
recipes-core
coreutils: fix CVE-2025-5278
2025-07-14 08:37:40 -07:00
recipes-devtools
python3-urllib3: fix CVE-2025-50181
2025-07-09 08:23:23 -07:00
recipes-example/rust-hello-world
rustfmt: remove the recipe
2021-12-08 20:22:11 +00:00
recipes-extended
libarchive: Fix CVE-2025-5914
2025-07-09 08:23:23 -07:00
recipes-gnome
gcr: Fix LICENSE
2024-09-16 06:09:56 -07:00
recipes-graphics
xwayland: fix CVE-2025-49180
2025-07-09 08:23:23 -07:00
recipes-kernel
systemtap: add sysroot Python paths to configure flags
2025-06-25 08:11:58 -07:00
recipes-multimedia
ffmpeg: fix CVE-2022-48434
2025-06-27 08:09:27 -07:00
recipes-rt
meta/recipes: python 3.12 regex
2024-03-01 05:19:54 -10:00
recipes-sato
puzzles: ignore three new CVEs for a different puzzles
2025-03-19 07:13:17 -07:00
recipes-support
curl: fix CVE-2025-0167
2025-07-14 08:37:40 -07:00
site
ppc/siteinfo: Fix differences between musl and glibc
2022-03-15 08:40:09 +00:00
COPYING.MIT
recipes.txt
Remove LSB support
2019-08-29 14:05:12 +01:00