mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-01-29 21:08:42 +01:00
Code Issues Packages Projects Releases Wiki Activity
75,059 Commits 38 Branches 617 Tags
2e67952192f95cd7465c5c795e5d420aba8c9827
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Yogita Urade 2e67952192 curl: fix CVE-2024-11053 
When asked to both use a `.netrc` file for credentials and to
follow HTTP redirects, curl could leak the password used for
the first host to the followed-to host under certain circumstances.

This flaw only manifests itself if the netrc file has an entry
that matches the redirect target hostname but the entry either
omits just the password or omits both login and password.

CVE-2024-11053-0001 is the dependent commit, CVE-2024-11053-0002 is
actual CVE fix and the actual fix caused a regression that was fixed
by CVE-2024-11053-0003.

Reference:
https://curl.se/docs/CVE-2024-11053.html
https://git.launchpad.net/ubuntu/+source/curl/commit/?h=applied/ubuntu/noble-devel&id=9ea469c352a313104f750dea93e78df8d868c435

Upstream patches:
9bee39bfed
https://github.com/curl/curl/commit/e9b9bbac22c26cf67316fa8e6c6b9e831af3194
9fce2c55d4

(From OE-Core rev: 084d8ca3b47b47333edba87f6aa427a12ee574f2)

Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-04-28 08:18:53 -07:00
bitbake
bitbake: event/utils: Avoid deadlock from lock_timeout() and recursive events
2025-03-15 06:40:07 -07:00
contrib
contrib/git-hooks: add a sendemail-validate example hook that adds FROM: lines to outgoing patch emails
2020-12-30 14:01:07 +00:00
documentation
overview-manual/concepts: remove PR from the build dir list
2025-03-26 08:48:51 -07:00
meta
curl: fix CVE-2024-11053
2025-04-28 08:18:53 -07:00
meta-poky
poky.conf: bump version for 5.0.9
2025-04-19 14:42:10 -07:00
meta-selftest
selftest-hardlink: Add additional test cases
2024-08-06 19:11:18 -07:00
meta-skeleton
linux-yocto-custom: Fix comment override syntax
2024-07-03 06:28:36 -07:00
meta-yocto-bsp
yocto-bsp/genericarm64: add virtio-gpu
2024-04-08 23:33:53 +01:00
scripts
scripts/install-buildtools: Update to 5.0.7
2025-02-21 06:25:06 -08:00
.gitignore
vscode: drop .vscode folder
2024-02-19 11:34:33 +00:00
.templateconf
meta-poky/conf: move default templates to conf/templates/default/
2022-09-01 10:07:02 +01:00
LICENSE
meta/lib+scripts: Convert to SPDX license headers
2019-05-09 16:31:55 +01:00
LICENSE.GPL-2.0-only
meta/lib+scripts: Convert to SPDX license headers
2019-05-09 16:31:55 +01:00
LICENSE.MIT
meta/lib+scripts: Convert to SPDX license headers
2019-05-09 16:31:55 +01:00
MAINTAINERS.md
MAINTAINERS.md: no more need for a prelink-cross maintainer
2022-05-07 22:31:21 +01:00
MEMORIAM
MEMORIAM: Add recognition for contributors no longer with us
2020-01-30 15:22:35 +00:00
oe-init-build-env
oe-init-build-env: generate .vscode from template
2024-02-19 11:34:33 +00:00
README.hardware.md
README: Move to using markdown as the format
2021-06-16 16:33:18 +01:00
README.md
Add README link to README.poky
2021-07-19 18:07:21 +01:00
README.OE-Core.md
README: fix mail address in git example command
2023-09-04 10:27:46 +01:00
README.poky.md
README: Move to using markdown as the format
2021-06-16 16:33:18 +01:00
README.qemu.md
README.OE-Core/README.qemu: Move to markdown format
2021-07-20 08:51:06 +01:00
SECURITY.md
SECURITY.md: add file
2023-10-19 11:31:13 +01:00

README.md

Poky

Poky is an integration of various components to form a pre-packaged build system and development environment which is used as a development and validation tool by the Yocto Project. It features support for building customised embedded style device images and custom containers. There are reference demo images ranging from X11/GTK+ to Weston, commandline and more. The system supports cross-architecture application development using QEMU emulation and a standalone toolchain and SDK suitable for IDE integration.

Additional information on the specifics of hardware that Poky supports is available in README.hardware. Further hardware support can easily be added in the form of BSP layers which extend the systems capabilities in a modular way. Many layers are available and can be found through the layer index.

As an integration layer Poky consists of several upstream projects such as BitBake, OpenEmbedded-Core, Yocto documentation, the 'meta-yocto' layer which has configuration and hardware support components. These components are all part of the Yocto Project and OpenEmbedded ecosystems.

The Yocto Project has extensive documentation about the system including a reference manual which can be found at https://docs.yoctoproject.org/

OpenEmbedded is the build architecture used by Poky and the Yocto project. For information about OpenEmbedded, see the OpenEmbedded website.

Contribution Guidelines

Please refer to our contributor guide here: https://docs.yoctoproject.org/dev/contributor-guide/ for full details on how to submit changes.

Where to Send Patches

As Poky is an integration repository (built using a tool called combo-layer), patches against the various components should be sent to their respective upstreams:

OpenEmbedded-Core (files in meta/, meta-selftest/, meta-skeleton/, scripts/):

BitBake (files in bitbake/):

Documentation (files in documentation/):

meta-yocto (files in meta-poky/, meta-yocto-bsp/):

If in doubt, check the openembedded-core git repository for the content you intend to modify as most files are from there unless clearly one of the above categories. Before sending, be sure the patches apply cleanly to the current git repository branch in question.

CII Best Practices

Description
No description provided
Readme 249 MiB