mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-30 09:52:39 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
062bdb044cc2517256e02daf012415c51fb4d430
poky/meta/recipes-devtools
History
Ovidiu Panait 80aa68fa75 ruby: CVE-2017-14064 
Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose
arbitrary memory during a JSON.generate call. The issues lies in using
strdup in ext/json/ext/generator/generator.c, which will stop after
encountering a '\0' byte, returning a pointer to a string of length zero,
which is not the length stored in space_len.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2017-14064

Upstream patch:
8f782fd8e1

(From OE-Core rev: 17dbfd967019f9b50a9f6aa3f48cd3658fcccc70)

Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-09-18 11:07:30 +01:00
..
apt
apt: Upgrade to 1.2.24
2017-08-23 08:47:03 +01:00
autoconf
autoconf: fix typo in SUMMARY
2017-07-30 08:46:20 +01:00
autoconf-archive
autoconf-archive: GPLv3 + autoconf exception
2017-08-03 11:14:13 +01:00
automake
automake: Add missing libtool tag for cppasm language
2017-08-09 09:24:16 +01:00
binutils
binutils: bump SRCREV to latest 2.29 branch
2017-09-13 22:07:42 +01:00
bison
bison: reduce local pending patches
2017-07-21 11:12:44 +01:00
bootchart2
bootchart2: update python interpreter
2017-09-11 17:30:29 +01:00
btrfs-tools
btrfs-tools: update to 4.12
2017-08-13 09:27:38 +01:00
build-compare
selftest: fix distrodata.py to use per-recipe UPSTREAM_VERSION_UNKNOWN setting
2017-08-16 00:03:13 +01:00
ccache
ccache: Switch to downloading xz tarball
2017-02-23 12:49:51 -08:00
cdrtools
cdrtools-native: Fix when cc is missing
2017-03-10 14:50:11 +00:00
chrpath
chrpath: use https for SRC_URI
2017-08-09 09:24:16 +01:00
cmake
cmake: Use find_program if find_host_program is not available
2017-07-06 14:38:13 +01:00
createrepo-c
rpm/dnf: fix Upstream-Status to reflect upstream submission status
2017-07-24 09:13:30 +01:00
cve-check-tool
cve-check-tool: change BB_NO_NETWORK error to a warning
2017-09-11 17:30:29 +01:00
desktop-file-utils
desktop-file-utils-native: update to 0.23
2016-07-20 10:28:46 +01:00
devel-config
Remove $COREBASE/LICENSE from LIC_FILES_CHKSUM
2016-10-28 16:15:18 +01:00
diffstat
diffstat: exclude aclocal
2017-08-09 09:24:15 +01:00
distcc
selftest: fix distrodata.py to use per-recipe UPSTREAM_VERSION_UNKNOWN setting
2017-08-16 00:03:13 +01:00
dmidecode
dmidecode: update to 3.1
2017-06-28 15:52:18 +01:00
dnf
dnf: fix "Unable to detect release version" warning
2017-08-19 22:15:38 +01:00
docbook-xml
docbook-xml: correct typo "do_configre"
2017-02-23 12:49:50 -08:00
dosfstools
meta: start to ignore the largefile distro feature
2017-03-08 11:52:56 +00:00
dpkg
dpkg: Support muslx32 build
2017-09-13 22:07:42 +01:00
e2fsprogs
e2fsprogs: set dir's mode correctly
2017-09-18 11:07:30 +01:00
elfutils
elfutils: 0.168 -> 0.170
2017-08-18 10:40:26 +01:00
expect
expect: use u-a for mkpasswd
2017-06-28 20:55:08 +01:00
fdisk
gptfdisk: update to 1.0.3
2017-08-13 09:27:38 +01:00
file
file: 5.30 -> 5.31
2017-06-28 15:52:18 +01:00
flex
flex_2.6.0.bb: remove build host references
2017-08-31 17:41:41 +01:00
gcc
gcc-6.3.inc: Use ucontext_t not struct ucontext.
2017-09-18 11:07:30 +01:00
gdb
gdb: fix gdbserver not working in musl/mips context
2017-06-28 15:52:18 +01:00
git
git: 2.13.2 -> 2.13.3
2017-08-23 08:47:02 +01:00
gnu-config
selftest: fix distrodata.py to use per-recipe UPSTREAM_VERSION_UNKNOWN setting
2017-08-16 00:03:13 +01:00
go
go: update to go 1.9
2017-09-14 11:35:46 +01:00
help2man
help2man-native: upgrade to 1.47.4
2016-06-15 08:35:02 +01:00
i2c-tools
i2c-tools: point SRC_URI at Yocto source mirrors
2016-02-04 23:39:02 +00:00
icecc-create-env
icecc-create-env-native: add SUMMARY and tweak DESCRIPTION
2014-01-02 12:50:23 +00:00
icon-naming-utils
icon-naming-utils: separate B and S
2015-01-16 23:08:27 +00:00
intltool
intltool: Adds gettext as a DEPENDS
2017-05-25 23:59:32 +01:00
json-c
json-c: Upgrade to 0.12.1 release
2017-05-12 08:51:09 +01:00
libcomps
rpm/dnf: fix Upstream-Status to reflect upstream submission status
2017-07-24 09:13:30 +01:00
libdnf
libdnf: update to 0.9.3
2017-08-13 09:27:37 +01:00
librepo
rpm/dnf: fix Upstream-Status to reflect upstream submission status
2017-07-24 09:13:30 +01:00
libtool
libtool: remove /absolute/path/to/host references
2017-08-18 23:46:38 +01:00
llvm
llvm: Swith to ARM ISA on armv5 and armv4t
2017-08-17 00:21:14 +01:00
m4
m4: Add HOMEPAGE info into recipe file.
2017-09-13 22:07:42 +01:00
make
recipes: Move out stale GPLv2 versions to a seperate layer
2017-03-07 20:05:31 +00:00
makedevs
makedevs: don't restrict device node paths to 40 characters
2016-09-16 15:24:02 +01:00
mkelfimage
mkelfimage: Add update convert.bin.c file
2017-09-02 00:52:10 +01:00
mklibs
mklibs-native: remove native python dependency
2017-05-16 14:08:29 +01:00
mmc
selftest: fix distrodata.py to use per-recipe UPSTREAM_VERSION_UNKNOWN setting
2017-08-16 00:03:13 +01:00
mtd
mtd-utils: refresh patches now merged upstream
2017-04-11 18:10:18 +01:00
mtools
meta: Drop remnants of uclibc support
2017-06-22 09:16:00 +01:00
nasm
nasm: Upgrade 2.12.02 -> 2.13.01
2017-05-29 15:15:20 +01:00
ninja
ninja: fix upstream version check
2017-08-27 22:30:06 +01:00
opkg
opkg-configure: do not reload daemon configuration
2017-08-16 00:03:14 +01:00
opkg-utils
opkg-utils: rename recipe to follow versioned releases
2017-06-28 15:52:18 +01:00
orc
orc: upgrade to 0.4.27
2017-07-21 22:51:38 +01:00
ossp-uuid
ossp-uuid, libffi, libgcrypt: Pass --tag=CC option to libtool
2017-08-09 09:24:15 +01:00
packagegroups
packagegroup-core-device-devel: add binutils-symlinks
2016-06-16 11:11:40 +01:00
patch
recipes: Move out stale GPLv2 versions to a seperate layer
2017-03-07 20:05:31 +00:00
patchelf
patchelf: fix segfault for binaries linked by gold
2017-07-24 09:13:30 +01:00
pax-utils
pax-utils: check upstream version from debian servers
2017-08-16 00:03:13 +01:00
perl
libxml-perl: Add HOMEPAGE info into recipe file.
2017-09-18 11:07:29 +01:00
pkgconf
pkgconf: add recipe
2017-08-23 12:06:51 +01:00
pkgconfig
pkgconfig: allow kernel to be build with esdk
2017-07-21 22:51:37 +01:00
postinst-intercept
Remove LIC_FILES_CHKSUM from recipes without SRC_URI
2016-10-28 16:15:21 +01:00
prelink
prelink: Change the behavior to avoid checking USER_CLASSES
2017-08-19 22:15:39 +01:00
pseudo
pseudo: Handle too many files deadlock
2017-06-22 09:16:00 +01:00
python
python-nose: Add HOMEPAGE info into recipe file.
2017-09-13 22:07:42 +01:00
python-numpy
python-numpy, python3-numpy: Fix CVE-2017-12852
2017-09-02 00:52:10 +01:00
qemu
qemu: upgrade to version 2.10.0
2017-09-02 00:52:10 +01:00
quilt
quilt: Fix paths for patch and perl
2017-04-05 23:22:13 +01:00
rpm
rpm: Disable perl dependency generation
2017-08-18 10:40:26 +01:00
rsync
recipes: Move out stale GPLv2 versions to a seperate layer
2017-03-07 20:05:31 +00:00
ruby
ruby: CVE-2017-14064
2017-09-18 11:07:30 +01:00
run-postinsts
run-postinsts: do not reload daemon configuration
2017-08-16 00:03:14 +01:00
squashfs-tools
squashfs: fix build with glibc-2.26
2017-08-23 08:47:03 +01:00
strace
strace: 4.17 -> 4.18
2017-08-23 08:47:03 +01:00
subversion
subversion: fix CVE-2017-9800
2017-09-11 17:30:30 +01:00
swig
swig: upgrade to 3.0.12
2017-02-23 12:49:51 -08:00
syslinux
syslinux: Update HOMEPAGE
2017-08-17 00:21:14 +01:00
systemd-bootchart
systemd-bootchart: Fix build with glibc 2.26
2017-07-21 22:51:38 +01:00
tcf-agent
selftest: fix distrodata.py to use per-recipe UPSTREAM_VERSION_UNKNOWN setting
2017-08-16 00:03:13 +01:00
tcltk
tcl: 8.6.6 -> 0.8.7
2017-08-23 08:47:02 +01:00
unfs3
unfs3: Rename mirror tarball to avoid clash
2017-05-30 10:15:20 +01:00
unifdef
unifdef: add UPSTREAM_CHECK_REGEX to filter out development snapshots
2017-02-23 12:49:51 -08:00
vala
vala: upgrade to 0.36.4
2017-07-27 22:36:53 +01:00
valgrind
valgrind: improvements for run-ptest
2017-08-23 12:06:51 +01:00
xmlto
xmlto: replace fedorahosted.org SRC_URI with pagure.io source
2017-04-05 23:22:12 +01:00
yasm
yasm: Set CCLD_FOR_BUILD to ensure BUILD_CC is used
2017-03-11 16:09:13 +00:00
zisofs-tools
Revert "zisofs-tools-native: Add missing dependency on zlib-native"
2014-03-31 23:04:35 +01:00