mirror of
https://git.yoctoproject.org/poky
synced 2026-02-07 17:26:36 +01:00
4c0213759a
Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. References: https://nvd.nist.gov/vuln/detail/CVE-2023-30630 https://lists.nongnu.org/archive/html/dmidecode-devel/2023-04/msg00016.html https://lists.nongnu.org/archive/html/dmidecode-devel/2023-04/msg00017.html (From OE-Core rev: f92e59a0894145a828dc9ac74bf8c7a9355e0587) Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
29 lines
1.1 KiB
BlitzBasic
29 lines
1.1 KiB
BlitzBasic
SUMMARY = "DMI (Desktop Management Interface) table related utilities"
|
|
HOMEPAGE = "http://www.nongnu.org/dmidecode/"
|
|
DESCRIPTION = "Dmidecode reports information about your system's hardware as described in your system BIOS according to the SMBIOS/DMI standard (see a sample output)."
|
|
LICENSE = "GPL-2.0-only"
|
|
LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263"
|
|
|
|
SRC_URI = "${SAVANNAH_NONGNU_MIRROR}/dmidecode/${BP}.tar.xz \
|
|
file://0001-Committing-changes-from-do_unpack_extra.patch \
|
|
file://CVE-2023-30630_1.patch \
|
|
file://CVE-2023-30630_2.patch \
|
|
file://CVE-2023-30630_3.patch \
|
|
file://CVE-2023-30630_4.patch \
|
|
"
|
|
|
|
COMPATIBLE_HOST = "(i.86|x86_64|aarch64|arm|powerpc|powerpc64).*-linux"
|
|
|
|
EXTRA_OEMAKE = "-e MAKEFLAGS="
|
|
|
|
# The upstream buildsystem uses 'docdir' as the path where it puts AUTHORS,
|
|
# README, etc, but we don't want those in the root of our docdir.
|
|
docdir .= "/${BPN}"
|
|
|
|
do_install() {
|
|
oe_runmake DESTDIR="${D}" install
|
|
}
|
|
|
|
SRC_URI[sha256sum] = "43cba851d8467c9979ccdbeab192eb6638c7d3a697eba5ddb779da8837542212"
|
|
|