mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-02 00:32:12 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
2bf43257229bf78ec6c8afd0cdf5fa93cd7d1157
poky/meta/recipes-extended
History
Divya Chellam a5e0237596 libpam: fix CVE-2024-10041 
A vulnerability was found in PAM. The secret information is
stored in memory, where the attacker can trigger the victim
program to execute by sending characters to its standard
input (stdin). As this occurs, the attacker can train the
branch predictor to execute an ROP chain speculatively.
This flaw could result in leaked passwords, such as those
found in /etc/shadow while performing authentications.

References:
https://security-tracker.debian.org/tracker/CVE-2024-10041

Upstream patches:
b3020da7da

(From OE-Core rev: 0e76d9bf150ac3bf96081cc1bda07e03e16fe994)

Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2024-12-13 05:21:54 -08:00
..
acpica
acpica: fix CVE-2024-24856
2024-12-06 05:50:24 -08:00
asciidoc
asciidoc: upgrade 10.1.4 -> 10.2.0
2022-05-31 15:24:18 +01:00
at
at: Change when files are copied
2023-01-12 23:08:59 +00:00
baremetal-example
baremetal-helloworld: Pull in fix for race condition on x86-64
2023-11-05 08:44:06 +00:00
bash
bash: fix configure checks that fail with GCC 14.1
2024-07-03 06:28:37 -07:00
bc
bc: Fix ptest test output naming
2023-03-12 23:39:13 +00:00
blktool
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
bzip2
recipes: Default to https git protocol where possible
2023-05-05 11:07:25 +01:00
cpio
cpio: mark CVE-2023-7216 as disputed
2024-07-17 05:36:13 -07:00
cracklib
cracklib: Modify patch to compile with GCC 14
2024-06-19 08:34:58 -07:00
cronie
cronie: upgrade 1.7.1 -> 1.7.2
2024-06-19 08:34:57 -07:00
cups
cups: Backport fix for CVE-2024-47175
2024-10-18 06:04:40 -07:00
cwautomacros
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
diffutils
diffutils: update 3.9 -> 3.10
2023-06-27 16:23:40 +01:00
ed
ed: upgrade 1.20.1 -> 1.20.2
2024-07-17 05:36:13 -07:00
ethtool
ethtool: upgrade 6.6 -> 6.7
2024-02-03 22:08:25 +00:00
findutils
autoconf: Upgrade to 2.72c
2023-07-30 07:54:44 +01:00
gawk
gawk: Remove References to /usr/local/bin/gawk
2024-08-01 06:08:09 -07:00
ghostscript
ghostscript: upgrade 10.03.1 -> 10.04.0
2024-11-26 06:11:30 -08:00
go-examples
go-helloworld: update to latest revision
2023-09-18 08:53:10 +01:00
gperf
gperf: Make the code C++17 compliant
2023-01-16 10:42:07 +00:00
grep
grep: upgrade 3.10 -> 3.11
2023-05-22 10:53:48 +01:00
groff
groff: fix rare build race in hdtbl
2024-11-26 06:11:30 -08:00
gzip
nativesdk-gzip: fix reproducibility issues
2024-04-12 17:27:53 +01:00
hdparm
hdparm: update 9.64 -> 9.65
2022-10-29 16:28:35 +01:00
images
core-image-full-cmdline: add package-management
2024-03-03 16:25:20 +00:00
iptables
iptables: fix memory corruption when parsing nft rules
2024-08-06 19:11:18 -07:00
iputils
iputils: splitting the ping6 as a package
2024-06-19 08:34:58 -07:00
less
less: fix CVE-2024-32487
2024-07-23 06:05:47 -07:00
libaio
libaio: upgrade 0.3.112 -> 0.3.113
2022-04-19 14:14:12 +01:00
libarchive
libarchive: fix CVE-2024-48957 & CVE-2024-48958
2024-10-18 06:04:40 -07:00
libidn
libidn2: upgrade 2.3.4 -> 2.3.7
2024-02-03 22:08:26 +00:00
libmnl
libmnl: explicitly disable doxygen
2024-08-10 06:34:25 -07:00
libnsl
libnsl2: upgrade 2.0.0 -> 2.0.1
2023-11-05 11:28:40 +00:00
libnss-nis
libnss-nis: upgrade 3.1 -> 3.2
2023-07-17 15:30:04 +01:00
libpipeline
autoconf: Upgrade to 2.72c
2023-07-30 07:54:44 +01:00
libsolv
libsolv: upgrade 0.7.27 -> 0.7.28
2024-02-03 22:08:26 +00:00
libtirpc
libtirpc: drop redundant PACKAGECONFIG
2024-03-18 12:21:45 +00:00
lighttpd
lighttpd: upgrade 1.4.73 -> 1.4.74
2024-03-01 09:28:51 +00:00
logrotate
oeqa/selftest/cve_check: rework test to new cve status handling
2023-07-19 23:25:01 +01:00
lsb
lsb-release: fix Distro Codename shell escaping
2024-10-30 08:30:00 -07:00
lsof
lsof: upgrade 4.98.0 -> 4.99.3
2024-03-07 17:25:02 +00:00
ltp
ltp: Fix build with GCC-14
2024-06-20 06:29:43 -07:00
lzip
lzlib: add a recipe
2024-02-08 10:59:06 +00:00
man-db
man-db: 2.11.2 -> 2.12.0
2023-12-08 16:58:34 +00:00
man-pages
man-pages: use env from coreutils-native
2024-03-18 12:21:45 +00:00
mc
mc: fix source URL
2024-09-09 06:08:10 -07:00
mdadm
mdadm: Disable 10ddf-fail-spare and 10ddf-fail-stop-readd testcases
2024-01-15 21:42:15 +00:00
mingetty
recipes: Drop remaining PR values from recipes
2023-09-22 07:45:17 +01:00
minicom
minicom: upgrade 2.8 -> 2.9
2024-03-07 17:25:02 +00:00
msmtp
msmtp: upgrade 1.8.24 -> 1.8.25
2023-11-05 11:28:40 +00:00
net-tools
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
newt
libnewt: upgrade 0.52.23 -> 0.52.24
2023-11-05 11:28:39 +00:00
packagegroups
mc: upgrade 4.8.30 -> 4.8.31
2024-03-07 17:25:02 +00:00
pam
libpam: fix CVE-2024-10041
2024-12-13 05:21:54 -08:00
parted
autoconf: Upgrade to 2.72c
2023-07-30 07:54:44 +01:00
pbzip2
Convert to new override syntax
2021-08-02 15:44:10 +01:00
perl
libconvert-asn1-perl: upgrade 0.33 -> 0.34
2023-09-02 18:23:05 +01:00
pigz
pigz: upgrade 2.7 -> 2.8
2023-09-02 18:23:06 +01:00
procps
procps: fix build with new glibc but old kernel headers
2024-06-19 08:34:58 -07:00
psmisc
psmisc: Set ALTERNATIVE for pstree to resolve conflict with busybox
2023-05-25 10:29:09 +01:00
quota
quota: update 4.06 -> 4.09
2022-11-22 12:26:46 +00:00
rpcbind
rpcbind: Specify state directory under /run
2023-12-20 07:47:00 +00:00
rpcsvc-proto
rpcsvc-proto: Upgrade to 1.4.4
2023-06-19 13:18:56 +01:00
screen
screen: update 4.9.0 -> 4.9.1
2023-09-18 08:53:10 +01:00
sed
sed: update 4.8 -> 4.9
2022-11-14 16:19:43 +00:00
shadow
shadow: don't install libattr.so.* when xattr not in DISTRO_FEATURES
2024-03-23 10:18:20 +00:00
slang
slang: update 2.3.2 -> 2.3.3
2022-08-21 22:51:42 +01:00
stress-ng
stress-ng: upgrade 0.17.04 -> 0.17.05
2024-02-17 18:19:19 +00:00
sudo
sudo: upgrade from 1.9.15p2 to 1.9.15p5
2024-01-07 12:24:57 +00:00
sysklogd
sysklogd: upgrade 2.5.0 -> 2.5.2
2023-09-02 18:23:06 +01:00
sysstat
sysstat: upgrade 12.7.4 -> 12.7.5
2023-12-23 08:46:00 +00:00
tar
tar: add ptest support
2023-09-28 12:37:46 +01:00
tcp-wrappers
tcp-wrappers: mark all patches as inactive-upstream
2024-08-01 06:08:09 -07:00
texinfo
texinfo: upgrade 7.0.2 -> 7.0.3
2023-04-13 11:56:07 +01:00
texinfo-dummy-native
meta/recipes-extended: Add HOMEPAGE / DESCRIPTION
2021-03-06 22:39:04 +00:00
time
time: Add missing include for memset
2022-08-17 19:57:32 +01:00
timezone
tzdata&tzcode-native: upgrade 2024a -> 2024b
2024-12-06 05:50:25 -08:00
unzip
unzip: Fix LICENSE
2024-09-19 05:11:35 -07:00
watchdog
watchdog: Set watchdog_module in default config
2024-08-06 19:11:18 -07:00
wget
wget: Fix for CVE-2024-38428
2024-07-03 06:28:34 -07:00
which
recipes: Drop remaining PR values from recipes
2023-09-22 07:45:17 +01:00
xdg-utils
xdg-utils: Fix CVE number
2023-04-05 08:39:43 +01:00
xinetd
cve_check: convert CVE_CHECK_IGNORE to CVE_STATUS
2023-07-21 11:52:26 +01:00
xz
xz: Update LICENSE variable for xz packages
2024-07-12 05:47:20 -07:00
zip
zip: Fix LICENSE
2024-09-19 05:11:35 -07:00
zstd
zstd: fix LICENSE statement
2023-12-08 16:58:34 +00:00