mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-20 09:32:13 +02:00
Code Issues Packages Projects Releases Wiki Activity
68,302 Commits 38 Branches 623 Tags
204b28c41977cac9d1b428b490aaf7441140e92a
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Yogita Urade 204b28c419 ofono: fix CVE-2023-2794 
A flaw was found in ofono, an Open Source Telephony on Linux.
A stack overflow bug is triggered within the decode_deliver()
function during the SMS decoding. It is assumed that the attack
scenario is accessible from a compromised modem, a malicious
base station, or just SMS. There is a bound check for this
memcpy length in decode_submit(), but it was forgotten in
decode_deliver().

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2023-2794

Upstream patches:
https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=a90421d8e45d63b304dc010baba24633e7869682
https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=7f2adfa22fbae824f8e2c3ae86a3f51da31ee400
https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=07f48b23e3877ef7d15a7b0b8b79d32ad0a3607e
https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=8fa1fdfcb54e1edb588c6a5e2688880b065a39c9

(From OE-Core rev: 5114e9064dbabd5258f512cd97c79fc40f848b98)

Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2024-08-16 08:09:14 -07:00
bitbake
bitbake: tests/fetch: Tweak test to match upstream repo url change Upstream changed their urls, update our test to match.
2024-06-24 06:53:45 -07:00
contrib
contrib/git-hooks: add a sendemail-validate example hook that adds FROM: lines to outgoing patch emails
2020-12-30 14:01:07 +00:00
documentation
migration-guides: add release notes for 4.0.19
2024-06-24 06:53:46 -07:00
meta
ofono: fix CVE-2023-2794
2024-08-16 08:09:14 -07:00
meta-poky
poky.conf: bump version for 4.0.20
2024-07-15 10:30:10 -07:00
meta-selftest
selftest/license: Exclude from world
2023-07-01 08:37:25 -10:00
meta-skeleton
useradd-example: do not use unsupported clear text password
2024-03-12 04:06:19 -10:00
meta-yocto-bsp
yocto-bsp: update to v5.15.150
2024-03-13 07:39:09 -10:00
scripts
scripts: python 3.12 regex
2024-03-01 05:19:54 -10:00
.gitignore
bitbake: gitignore: ignore runqueue-tests/bitbake-cookerdaemon.log
2021-03-12 16:47:12 +00:00
.templateconf
meta-yocto: Rename to meta-poky to better match its purpose
2016-02-28 11:31:17 +00:00
LICENSE
meta/lib+scripts: Convert to SPDX license headers
2019-05-09 16:31:55 +01:00
LICENSE.GPL-2.0-only
meta/lib+scripts: Convert to SPDX license headers
2019-05-09 16:31:55 +01:00
LICENSE.MIT
meta/lib+scripts: Convert to SPDX license headers
2019-05-09 16:31:55 +01:00
MAINTAINERS.md
MAINTAINERS: add overlayfs maintainer
2021-08-12 06:26:15 +01:00
Makefile
bitbake: sphinx: rename Makefile.sphinx
2020-10-06 13:54:27 +01:00
MEMORIAM
MEMORIAM: Add recognition for contributors no longer with us
2020-01-30 15:22:35 +00:00
oe-init-build-env
oe-init-build-env: add quotes around variables to prevent word splitting
2022-04-05 22:23:40 +01:00
README.hardware.md
README: Move to using markdown as the format
2021-06-16 16:33:18 +01:00
README.md
Add README link to README.poky
2021-07-19 18:07:21 +01:00
README.OE-Core.md
README.OE-Core.md: update URLs
2021-12-01 22:42:00 +00:00
README.poky.md
README: Move to using markdown as the format
2021-06-16 16:33:18 +01:00
README.qemu.md
README.OE-Core/README.qemu: Move to markdown format
2021-07-20 08:51:06 +01:00
SECURITY.md
SECURITY.md: Add file
2023-10-24 05:28:15 -10:00

README.md

Poky

Poky is an integration of various components to form a pre-packaged build system and development environment which is used as a development and validation tool by the Yocto Project. It features support for building customised embedded style device images and custom containers. There are reference demo images ranging from X11/GTK+ to Weston, commandline and more. The system supports cross-architecture application development using QEMU emulation and a standalone toolchain and SDK suitable for IDE integration.

Additional information on the specifics of hardware that Poky supports is available in README.hardware. Further hardware support can easily be added in the form of BSP layers which extend the systems capabilities in a modular way. Many layers are available and can be found through the layer index.

As an integration layer Poky consists of several upstream projects such as BitBake, OpenEmbedded-Core, Yocto documentation, the 'meta-yocto' layer which has configuration and hardware support components. These components are all part of the Yocto Project and OpenEmbedded ecosystems.

The Yocto Project has extensive documentation about the system including a reference manual which can be found at https://docs.yoctoproject.org/

OpenEmbedded is the build architecture used by Poky and the Yocto project. For information about OpenEmbedded, see the OpenEmbedded website.

Contribution Guidelines

The project works using a mailing list patch submission process. Patches should be sent to the mailing list for the repository the components originate from (see below). Throughout the Yocto Project, the README files in the component in question should detail where to send patches, who the maintainers are and where bugs should be reported.

A guide to submitting patches to OpenEmbedded is available at:

https://www.openembedded.org/wiki/How_to_submit_a_patch_to_OpenEmbedded

There is good documentation on how to write/format patches at:

https://www.openembedded.org/wiki/Commit_Patch_Message_Guidelines

Where to Send Patches

As Poky is an integration repository (built using a tool called combo-layer), patches against the various components should be sent to their respective upstreams:

OpenEmbedded-Core (files in meta/, meta-selftest/, meta-skeleton/, scripts/):

BitBake (files in bitbake/):

Documentation (files in documentation/):

meta-yocto (files in meta-poky/, meta-yocto-bsp/):

If in doubt, check the openembedded-core git repository for the content you intend to modify as most files are from there unless clearly one of the above categories. Before sending, be sure the patches apply cleanly to the current git repository branch in question.

CII Best Practices

Description
No description provided
Readme 251 MiB