Minjae Kim 2e58b9e396 librepo: fix CVE-2020-14352 ...

librepo: missing path validation in repomd.xml may lead to directory traversal

Upstream-Status: Acepted [7daea2a242]
CVE: CVE-2020-14352
(From OE-Core rev: f0df1ff1de6ca9a239d7eafd335b753d6a6e6471)

Signed-off-by: Minjae Kim <flowergom@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2021-03-10 00:22:50 +00:00

..

classes

package_rpm: Enable use_source_date_epoch_as_buildtime in package_rpm class

2021-03-04 17:39:10 +00:00

conf

uninative: Upgrade to 2.10

2021-02-18 16:48:28 +00:00

files

toolchain-shar-relocate.sh: Fix handling files with colons

2021-02-05 23:37:03 +00:00

lib

selftest/reproducible: Don't call sync between each file compare

2021-03-04 17:39:10 +00:00

recipes-bsp

u-boot: fix CVE-2020-8432 and CVE-2020-10648

2021-03-04 17:39:08 +00:00

recipes-connectivity

wpa-supplicant: fix CVE-2021-0326

2021-03-10 00:22:50 +00:00

recipes-core

buildtools-extended-tarball: Add glibc-gconvs needed for build

2021-03-04 17:39:08 +00:00

recipes-devtools

librepo: fix CVE-2020-14352

2021-03-10 00:22:50 +00:00

recipes-extended

screen: fix CVE-2021-26937

2021-03-10 00:22:50 +00:00

recipes-gnome

gdk-pixbuf: fix CVE-2020-29385

2021-01-09 09:17:17 +00:00

recipes-graphics

libsdl2: fix CVE-2020-14409 CVE-2020-14410

2021-03-10 00:22:50 +00:00

recipes-kernel

linux-firmware: upgrade 20201218 -> 20210208

2021-03-10 00:22:50 +00:00

recipes-multimedia

libomxil: Fix up commercial license flag

2021-03-04 17:39:10 +00:00

recipes-rt

rt-tests: make manpages reproducible

2020-02-28 23:11:28 +00:00

recipes-sato

wpebackend-fdo: Fix missing .so symlink when using dev package

2021-03-04 17:39:10 +00:00

recipes-support

icu: backport fix for rare random genrb segmentation fault

2021-03-04 17:39:10 +00:00

site

site: Make sys_siglist default to no

2020-10-06 14:15:21 +01:00

COPYING.MIT

…

recipes.txt

Remove LSB support

2019-08-29 14:05:12 +01:00