poky/recipes-extended at 09cc67b9da6c3d248a88516349afb46fb00a7d51 - poky

mirror of https://git.yoctoproject.org/poky synced 2026-04-30 03:32:12 +02:00

Files

Purushottam Choudhary dee8235c61 shadow: whitelist CVE-2013-4235

This CVE is about TOCTOU (time-of-check time-of-use)
race condition when copying and removing directory trees
which had very low severity problem and marked as closed
and won't fix. Therefore whitelisted CVE-2013-4235.
Master, gatesgarth and dunfell all have shadow version 4.81.
Hence, this is applicable for master, gatesgarth and dunfell.
Link: https://bugzilla.redhat.com/show_bug.cgi?id=884658

(From OE-Core rev: 1474dcb84c925603736bafbe9fc802a99a014a39)

Signed-off-by: Sana Kazi <Sana.Kazi@kpit.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b1c6cd87bee6b019619dc5728fd6c36bc87ed696)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2021-03-28 22:31:55 +01:00

acpica

acpica: Fix reproducibility issues

2021-02-26 15:30:40 +00:00

asciidoc

asciidoc: Switch to using the main branch

2021-03-10 00:24:26 +00:00

at: fix a spelling mistake.

2019-08-21 21:52:59 +01:00

bash

bash: fix CVE-2019-18276

2020-09-24 22:32:49 +01:00

bc: dc: fix exit code of q command

2019-07-02 08:13:07 +01:00

blktool

blktool: remove a duplicate patch

2019-03-29 08:28:53 +00:00

bzip2

bzip2: Add test suite for bzip2

2020-07-08 10:37:12 +01:00

cpio

cpio: add nativesdk support

2020-07-03 11:38:24 +01:00

cracklib

cracklib: Apply patch to fix CVE-2016-6318

2016-09-24 07:30:10 +01:00

cronie

cronie:fix SRC_URI path

2019-12-15 09:10:46 +00:00

cups

cups: fix CVE-2020-10001

2021-03-10 00:24:26 +00:00

cwautomacros

cwautomacros: Ensure version is set deterministically

2021-02-26 15:30:39 +00:00

diffutils

diffutils: Added perl to support ptest & Skipped one test case

2019-09-07 13:08:34 +01:00

ed: upgrade 1.15 -> 1.16

2020-04-24 14:10:08 +01:00

ethtool

ethtool: upgrade 5.7 -> 5.8

2020-08-20 15:30:07 +01:00

findutils

findutils: drop upstream-version-is-even

2020-02-03 13:03:31 +00:00

gawk

gawk: Avoid using host ar during cross compile

2020-11-20 10:53:21 +00:00

ghostscript

ghostscript: fix CVE-2020-15900

2020-08-08 09:17:48 +01:00

go-examples

oe-core: take UPSTREAM_CHECK_COMMITS into use where possible

2017-11-30 10:49:22 +00:00

gperf

gperf: don't use aclocal.m4/acinclude.m4 dance

2017-12-10 22:45:19 +00:00

grep

grep: Fix shell after autotools changes

2020-01-28 11:11:20 +00:00

groff

groff: Fix determinism issue

2021-03-10 00:24:25 +00:00

gzip

gzip: do not pull in perl-ptest for gzip-ptest

2020-01-10 21:18:22 +00:00

hdparm

hdparm: upgrade 9.56 -> 9.58

2019-02-19 16:14:57 +00:00

images

*-initramfs: don't use .rootfs IMAGE_NAME_SUFFIX

2020-09-17 09:47:45 +01:00

iptables

iptables: split iptables-apply to its own package

2020-06-17 11:10:28 +01:00

iputils

iputils: Adapt ${PN}-tftpd package dependency to PACKAGECONFIG

2020-09-02 16:00:47 +01:00

less

less: upgrade 551 -> 562

2020-05-30 12:32:48 +01:00

libaio

libaio: Extend to native

2018-11-14 11:14:39 +00:00

libarchive

libarchive: upgrade 3.4.2 -> 3.4.3

2020-06-09 13:13:59 +01:00

libidn

libidn: Move to meta-oe

2020-02-25 10:41:22 +00:00

libmnl

recipes: change SRC_URI to use https

2019-12-06 14:41:28 +00:00

libnsl

libnsl2: upgrade 1.2.0 -> 1.3.0

2020-07-18 11:06:32 +01:00

libnss-nis

libnss-nis: upgrade 3.0 -> 3.1

2019-08-22 22:48:26 +01:00

libpipeline

libpipeline: upgrade 1.5.2 -> 1.5.3

2020-08-25 16:00:10 +01:00

libsolv

libsolv: upgrade 0.7.10 -> 0.7.14

2020-06-04 13:27:30 +01:00

libtirpc

libtirpc: remove extra "-fcommon" from CFLAGS

2020-05-12 15:20:42 +01:00

lighttpd

lighttpd: upgrade 1.4.54 -> 1.4.55

2020-02-08 13:20:02 +00:00

logrotate

logrotate: update 3.16.0 -> 3.17.0

2020-08-02 14:42:09 +01:00

lsb

lsb-release: fix likely reproducabilty timestamp

2020-02-28 23:11:29 +00:00

lsof

lsof: Make it compatible with externalsrc

2018-10-10 17:59:09 +01:00

ltp

meta: add/fix invalid Upstream-Status tags

2020-09-23 20:54:03 +01:00

lzip

lzip: upgrade 1.20 -> 1.21

2019-02-19 16:14:57 +00:00

man-db

man-db: Fix reproducibility issue

2021-01-12 14:25:13 +00:00

man-pages

man-pages: upgrade 5.07 -> 5.08

2020-08-25 16:00:10 +01:00

mc: upgrade 4.8.24 -> 4.8.25

2020-08-25 16:00:10 +01:00

mdadm

mdadm: remove service template from SYSTEMD_SERVICE

2020-06-09 13:14:01 +01:00

mingetty

mingetty: fix usrmerge install path

2018-08-24 07:53:14 +01:00

minicom

minicom: RDEPENDS on ncurses-terminfo-base

2021-01-04 11:45:47 +00:00

msmtp

msmtp: upgrade 1.8.11 -> 1.8.12

2020-09-03 09:44:30 +01:00

net-tools

net-tools: fix upstream version check

2020-08-02 14:42:09 +01:00

newt

libnewt: Backport patch to fix reproducibility

2020-05-07 12:16:00 +01:00

packagegroups

build-appliance/packagegroup-core-base-utils: Replace dhcp-client/dhcp-server with dhcpcd/kea

2020-09-02 16:00:46 +01:00

pam

libpam: Remove option 'obscure' from common-password

2020-06-16 23:39:28 +01:00

parted

parted: Fix reproducibility issue

2021-03-10 00:24:27 +00:00

pbzip2

pbzip2: extend for nativesdk

2020-08-01 19:57:49 +01:00

perl

libxml-sax-perl: upgrade 1.00 -> 1.02

2019-06-19 12:46:43 +01:00

pigz

Revert "pigz: Add debug for autobuilder errors"

2019-06-30 23:33:45 +01:00

procps

procps: upstream has switched to gitlab

2020-02-18 23:53:54 +00:00

psmisc

Revert "psmisc: Fix dependency for USE_NLS=no"

2020-02-25 10:41:22 +00:00

quota

quota: update to 4.05

2019-04-23 23:30:19 +01:00

rpcbind

rpcbind: Use update-alternatives for rpcinfo

2020-09-05 22:19:19 +01:00

rpcsvc-proto

rpcsvc-proto: upgrade 1.4.1 -> 1.4.2

2020-07-18 11:06:32 +01:00

screen

screen: fix CVE-2021-26937

2021-03-10 00:24:25 +00:00

sed

sed: upgrade 4.7 -> 4.8

2020-02-03 13:03:32 +00:00

shadow

shadow: whitelist CVE-2013-4235

2021-03-28 22:31:55 +01:00

slang

slang: modify an array test

2019-06-07 09:11:49 +01:00

stress-ng

stress-ng: upgrade 0.11.19 -> 0.11.21

2020-09-30 15:01:51 +01:00

sudo

sudo: fix CVE-2021-3156

2021-02-11 17:46:12 +00:00

sysklogd

sysklogd: fix parallel build issue

2020-09-30 15:01:51 +01:00

sysstat

sysstat: fix installed-vs-shipped QA Issue in systemd

2020-09-02 16:00:46 +01:00

tar

tar: Fix build determinism, disable rsh

2020-02-06 12:16:34 +00:00

tcp-wrappers

tcp-wrappers: Remove redundant forward declarations

2020-01-21 12:52:53 +00:00

texinfo

texinfo: update to 6.7

2019-12-09 12:00:43 +00:00

texinfo-dummy-native

texinfo/texinfo-dummy-native: Drop native path prefix

2020-02-03 00:10:11 +00:00

time

time:1.8 -> 1.9

2018-05-04 13:28:05 +01:00

timezone

timezone: upgrade to 2021a

2021-02-05 23:35:18 +00:00

unzip

unzip: Fix CVE-2019-13232

2019-09-30 16:55:21 +01:00

watchdog

watchdog: Avoid reproducibility failures after fixing build

2021-02-26 15:30:40 +00:00

wget

wget: improve reproducible build

2020-05-09 18:57:21 +01:00

which

which: fix it so the manpage will respect alternatives

2017-03-17 16:53:04 +00:00

xdg-utils

recipes: change SRC_URI to use https

2019-12-06 14:41:28 +00:00

xinetd

xinetd: 2.3.15 -> 2.3.15.4

2020-06-09 13:14:00 +01:00

xz: upgrade 5.2.4 -> 5.2.5

2020-05-19 22:57:27 +01:00

zip

zip: whitelist CVE-2018-13410 and CVE-2018-13684

2021-01-27 09:32:45 +00:00