poky/recipes-extended at 2d43b1e2f138bb2a39041feb2f78098bbdc34ee8 - poky

mirror of https://git.yoctoproject.org/poky synced 2026-04-25 15:32:13 +02:00

Files

Changqing Li 645d114f72 sudo: fix CVE-2019-14287

In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer
account can bypass certain policy blacklists and session PAM modules,
and can cause incorrect logging, by invoking sudo with a crafted user
ID. For example, this allows bypass of !root configuration, and USER=
logging, for a "sudo -u \#$((0xffffffff))" command.

(From OE-Core rev: b7b6d39565f8fad61f2347a3fe31c9ee77a4da15)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4e11cd561f2bdaa6807cf02ee7c9870881826308)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2019-10-29 09:08:18 +00:00

acpica

acpica: upgrade 20190509 -> 20190816

2019-09-19 10:54:32 +01:00

asciidoc

asciidoc: use correct XML catalog path

2019-04-05 17:32:50 +01:00

at: fix a spelling mistake.

2019-08-21 21:52:59 +01:00

bash

bash: Remove .build files for reproducible builds

2019-06-24 10:36:28 +01:00

bc: dc: fix exit code of q command

2019-07-02 08:13:07 +01:00

blktool

blktool: remove a duplicate patch

2019-03-29 08:28:53 +00:00

bzip2

bzip2: set the autoconf package version to the recipe version

2019-08-07 16:08:15 +01:00

chkconfig

chkconfig: fix upstream version check

2019-05-27 17:06:34 +01:00

cpio

cpio/tar/native.bbclass: move rmt to sbindir and add a prefix to avoid native clashing

2019-05-08 12:15:17 +01:00

cracklib

cracklib: Apply patch to fix CVE-2016-6318

2016-09-24 07:30:10 +01:00

cronie

cronie: update to 1.5.4

2019-04-12 14:05:38 +01:00

cups

cups: redefine CUPS_SERVERBIN

2019-09-07 07:47:24 +01:00

cwautomacros

cwautomacros: cleanup buildpath in autogen.sh

2015-10-01 07:43:34 +01:00

diffutils

diffutils: Added perl to support ptest & Skipped one test case

2019-09-07 13:08:34 +01:00

ed: set CVE vendor to avoid false positives

2019-07-18 12:16:19 +01:00

ethtool

ethtool, libcap: fix upstream version check

2019-10-08 11:22:24 +01:00

findutils

default-distrovars: Drop DISTRO_FEATURES_LIBC

2019-02-28 13:21:54 +00:00

foomatic

foomatic: Add HOMEPAGE info into recipe file.

2017-09-11 17:30:30 +01:00

gawk

gawk: update to 5.0.1

2019-06-28 13:28:37 +01:00

ghostscript

ghostscript: Disable libpaper

2019-10-08 11:22:24 +01:00

go-examples

oe-core: take UPSTREAM_CHECK_COMMITS into use where possible

2017-11-30 10:49:22 +00:00

gperf

gperf: don't use aclocal.m4/acinclude.m4 dance

2017-12-10 22:45:19 +00:00

grep

grep: upgrade 3.1 -> 3.3

2019-02-19 16:14:57 +00:00

groff

groff: Fix math.h inclusion from system headers issue

2019-08-06 11:24:27 +01:00

gzip

gzip: add nativesdk support

2019-09-06 14:58:09 +01:00

hdparm

hdparm: upgrade 9.56 -> 9.58

2019-02-19 16:14:57 +00:00

images

Remove LSB support

2019-08-29 14:05:12 +01:00

iptables

iptables: add systemd helper unit to load/restore rules

2019-09-16 23:02:44 +01:00

iputils

iputils: Set prefix correctly for usrmerge

2019-09-07 07:47:24 +01:00

less

less: upgrade 550 -> 551

2019-06-19 12:46:43 +01:00

libaio

libaio: Extend to native

2018-11-14 11:14:39 +00:00

libarchive

libarchive:upgrade 3.3.3 -> 3.4.0

2019-08-28 11:31:21 +01:00

libidn

libidn2: remove build paths from libidn2.pc

2019-07-26 08:41:38 +01:00

libmnl

libmnl: enable native

2017-12-02 11:25:32 +00:00

libnsl

libnsl2: Install into /usr/include and /usr/lib

2018-05-09 10:47:51 +01:00

libnss-nis

libnss-nis: upgrade 3.0 -> 3.1

2019-08-22 22:48:26 +01:00

libpipeline

libpipeline: update to 1.5.1

2019-02-20 11:30:35 +00:00

libsolv

libsolv: update to 0.7.6

2019-09-01 22:33:08 +01:00

libtirpc

libtirpc:upgrade 1.0.3 -> 1.1.4

2019-04-12 14:05:37 +01:00

lighttpd

lighttpd: remove fam as a PACKAGECONFIG option

2019-09-30 16:55:21 +01:00

logrotate

logrotate:upgrade 3.15.0 -> 3.15.1

2019-09-06 08:15:45 +01:00

lsb

lsb-release: fix upstream version check

2019-09-01 22:33:07 +01:00

lsof

lsof: Make it compatible with externalsrc

2018-10-10 17:59:09 +01:00

ltp

ltp: Fix hang of cve test cases

2019-10-02 10:09:47 +01:00

lzip

lzip: upgrade 1.20 -> 1.21

2019-02-19 16:14:57 +00:00

man-db

man-db: support usrmerge

2019-09-07 07:47:24 +01:00

man-pages

man-pages: upgrade 4.16 -> 5.01

2019-05-12 17:55:11 +01:00

mc: update to 4.8.23

2019-06-27 12:20:36 +01:00

mdadm

mdadm: skip timeout testcase 11spare-migration

2019-09-07 07:47:24 +01:00

mingetty

mingetty: fix usrmerge install path

2018-08-24 07:53:14 +01:00

minicom

minicom: remove dead URL from UPSTREAM_CHECK_URI

2018-07-06 22:59:33 +01:00

msmtp

msmtp: upgrade 1.8.4 -> 1.8.5

2019-07-26 08:41:38 +01:00

net-tools

net-tools: Fix installed-vs-shipped for nativesdk

2019-09-27 13:02:16 +01:00

newt

libnewt:upgrade 0.52.20 -> 0.52.21

2019-08-13 09:37:37 +01:00

packagegroups

Remove LSB support

2019-08-29 14:05:12 +01:00

pam

libpam: fix upstream version check

2019-06-04 23:09:25 +01:00

parted

parted: change device manager check in ptest

2019-06-21 00:33:23 +01:00

pbzip2

pbzip2: fix upstream check URL

2018-05-15 10:56:49 +01:00

perl

libxml-sax-perl: upgrade 1.00 -> 1.02

2019-06-19 12:46:43 +01:00

pigz

Revert "pigz: Add debug for autobuilder errors"

2019-06-30 23:33:45 +01:00

procps

procps: update legacy sysctl.conf to fix rp_filter sysctl issue

2019-05-12 09:04:26 +01:00

psmisc

psmisc: Fix dependency for USE_NLS=no

2019-07-03 17:00:57 +01:00

quota

quota: update to 4.05

2019-04-23 23:30:19 +01:00

rpcbind

rpcbind: 0.2.4 -> 1.2.5

2018-11-14 11:14:40 +00:00

rpcsvc-proto

rpcsvc-proto: Update to 1.4

2018-05-29 21:07:17 +01:00

screen

screen: add /etc/screenrc as global config file

2019-09-16 23:02:43 +01:00

sed

Remove manual RDEPENDS from PN-ptest to PN package

2019-06-07 09:11:49 +01:00

shadow

shadow: use relaxed usernames for all

2019-10-02 10:09:47 +01:00

slang

slang: modify an array test

2019-06-07 09:11:49 +01:00

stress-ng

stress-ng: provide stress

2019-08-21 15:29:01 +01:00

sudo

sudo: fix CVE-2019-14287

2019-10-29 09:08:18 +00:00

sysklogd

sysklogd: Fix init script races

2019-06-27 12:20:36 +01:00

sysstat

sysstat: fix CVE-2019-16167

2019-10-29 09:08:17 +00:00

tar

m4/tar: Remove remove-gets.patch

2019-05-27 17:06:34 +01:00

tcp-wrappers

Change ftp:// URIs to http(s)://

2019-08-03 23:56:01 +01:00

texi2html

texi2html: Add a dependency on perl

2017-06-23 11:44:14 +01:00

texinfo

texinfo: fix multilib file confliction

2019-09-07 07:47:24 +01:00

texinfo-dummy-native

texinfo-dummy-native: Rewrite template.py to use argparse

2019-05-27 17:06:34 +01:00

time

time:1.8 -> 1.9

2018-05-04 13:28:05 +01:00

timezone

tzdata: Correct the packaging of /etc/localtime and /etc/timezone

2019-09-19 20:30:35 +01:00

unzip

unzip: Fix CVE-2019-13232

2019-09-30 16:55:21 +01:00

watchdog

watchdog: fix PIDFile path in existing patch

2019-10-08 11:22:24 +01:00

wget

wget: update to 1.20.3

2019-04-26 10:09:08 +01:00

which

which: fix it so the manpage will respect alternatives

2017-03-17 16:53:04 +00:00

xdg-utils

xdg-utils: upgrade to 1.1.3

2018-06-18 11:07:57 +01:00

xinetd

xinetd: Fix systemd service for systemd>237

2018-06-15 17:56:24 +01:00

xz: upgrade 5.2.3 -> 5.2.4

2018-07-24 11:52:26 +01:00

zip

zip: Remove build date to improve reproducibility

2019-06-04 09:09:42 +01:00