poky/recipes-support at 2fe0f26f452813774b4bec3d89383fc3eae53b76 - poky

mirror of https://git.yoctoproject.org/poky synced 2026-04-27 21:32:13 +02:00

Files

Changqing Li 95d7312e40 libsoup-2.4: fix CVE-2025-32911

CVE-2025-32911:
A use-after-free type vulnerability was found in libsoup, in the
soup_message_headers_get_content_disposition() function. This flaw
allows a malicious HTTP client to cause memory corruption in the libsoup
server.

Backport patches to fix it

[1] https://nvd.nist.gov/vuln/detail/CVE-2025-32911
[2] https://gitlab.gnome.org/GNOME/libsoup/-/issues/433

(From OE-Core rev: 75f1c57a5171859d1bfc58d69b3923d017b14303)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

2025-05-14 08:33:40 -07:00

appstream

appstream: upgrade 1.0.3 -> 1.0.4

2024-12-18 11:11:55 +00:00

apr

apr-utils: remove obsolete patch

2025-02-27 10:55:16 +00:00

argp-standalone

argp-standalone: replace with a maintained fork

2022-11-01 17:34:59 +00:00

aspell

aspell: Backport a fix to build with gcc-15/clang-19

2024-09-01 11:05:20 +01:00

atk

at-spi2-core: upgrade 2.54.1 -> 2.56.0

2025-03-19 11:49:45 +00:00

attr

acl: improve ptest packaging

2025-03-27 11:19:04 +00:00

bash-completion

bash-completion: upgrade 2.15.0 -> 2.16.0

2025-01-03 10:51:27 +00:00

bmaptool

bmaptool: temporarily silence the pep517-backend warning

2024-07-26 12:28:42 +01:00

boost

boost: Use PN/BPN for naming of packages

2025-03-03 18:01:30 +00:00

ca-certificates

ca-certificates: upgrade 20240203 -> 20241223

2025-01-03 10:51:27 +00:00

consolekit

consolekit: Disable incompatible-pointer-types warning as error

2024-05-09 09:48:58 +01:00

curl

curl: only set CA bundle in target build

2025-03-24 17:29:16 +00:00

db: Disable incompatible-pointer-types warning as error

2025-03-27 11:19:03 +00:00

debianutils

debianutils: upgrade 5.20 -> 5.21

2025-01-03 10:51:27 +00:00

diffoscope

diffoscope: upgrade 287 -> 289

2025-03-17 22:38:32 +00:00

dos2unix

dos2unix: upgrade 7.5.1 -> 7.5.2

2024-02-03 22:08:26 +00:00

enchant

enchant2: correct SRC_URI and other uris

2024-11-27 14:58:48 +00:00

fribidi

fribidi: upgrade 1.0.15 -> 1.0.16

2024-10-11 12:17:02 +01:00

gdbm

gdbm: Use C11 standard

2025-03-19 09:48:14 +00:00

gmp

gmp: Fix build with older gcc versions

2025-03-17 17:09:22 +00:00

gnome-desktop-testing

recipes: Default to https git protocol where possible

2023-05-05 11:07:25 +01:00

gnupg

gnupg: 2.5.4 -> 2.5.5

2025-03-13 11:00:35 +00:00

gnutls

libtasn1: upgrade 4.19.0 -> 4.20.0

2025-03-06 11:16:46 +00:00

gpgme

gpgme: upgrade 1.24.1 -> 1.24.2

2025-02-27 10:55:16 +00:00

hwdata

hwdata: upgrade 0.392 -> 0.393

2025-03-17 22:38:32 +00:00

icu

icu: Adjust ICU_DATA_DIR path on big endian targets

2025-03-17 17:09:22 +00:00

iso-codes

iso-codes: upgrade 4.16.0 -> 4.17.0

2024-09-30 17:00:50 +01:00

itstool

itstool: add missing COPYING.GPL3

2022-04-14 09:47:00 +01:00

libassuan

libassuan: upgrade 3.0.1 -> 3.0.2

2025-03-06 11:16:47 +00:00

libatomic-ops

libatomic-ops: set CVE_PRODUCT

2024-08-05 14:31:57 +01:00

libbsd

libbsd: Remove package specific licenses

2025-03-03 18:01:29 +00:00

libcap

libcap: upgrade to 2.75

2025-03-18 10:27:31 +00:00

libcap-ng

libcap-ng: update SRC_URI

2024-08-09 22:33:38 +01:00

libcheck

libcheck: add ghetto automake output

2023-05-25 10:29:08 +01:00

libdaemon

recipes: remove unused AUTHOR variable

2023-08-10 09:18:53 +01:00

libdisplay-info

libdisplay-info: add recipe

2024-11-27 16:44:47 +00:00

libevdev

libevdev: upgrade 1.13.2 -> 1.13.3

2024-09-30 17:00:50 +01:00

libevent

libevent: fix patch Upstream-Status

2023-09-20 23:51:11 +01:00

libexif

libexif: upgrade 0.6.24 -> 0.6.25

2025-02-05 12:49:55 +00:00

libffi

libffi: upgrade 3.4.6 -> 3.4.7

2025-02-18 22:53:44 +00:00

libfm

meta: use explicit uri for all sourceforge upstream version checks

2024-10-15 11:47:24 +01:00

libgcrypt

libgcrypt: upgrade 1.10.3 -> 1.11.0

2024-07-26 12:28:42 +01:00

libgit2

libgit2: update 1.8.4 -> 1.9.0

2025-01-10 11:26:29 +00:00

libgpg-error

libgpg-error: upgrade 1.50 -> 1.51

2024-11-27 14:58:48 +00:00

libical

libical: upgrade 3.0.19 -> 3.0.20

2025-03-17 22:38:32 +00:00

libjitterentropy

libjitterentropy: upgrade 3.6.1 -> 3.6.2

2025-03-19 11:49:45 +00:00

libksba

libksba: update 1.6.6 -> 1.6.7

2024-08-28 09:14:27 +01:00

libmd

libmd: upgrade 1.0.4 -> 1.1.0

2023-06-28 07:56:33 +01:00

libmicrohttpd

libmicrohttpd: upgrade 0.9.77 -> 1.0.1

2024-03-01 09:28:51 +00:00

libmpc

libmpc: upgrade 1.2.1 -> 1.3.1

2022-12-22 23:05:50 +00:00

libnl

libnl: upgrade 3.10.0 -> 3.11.0

2024-11-18 22:09:02 +00:00

libpcre

libpcre2: upgrade 10.44 -> 10.45

2025-02-20 11:57:49 +00:00

libproxy

libproxy: upgrade 0.5.8 -> 0.5.9

2024-10-11 12:17:02 +01:00

libpsl

libpsl: upgrade 0.21.2 -> 0.21.5

2024-01-24 15:46:19 +00:00

libseccomp

libseccomp: Upgrade 2.5.5 -> 2.6

2025-02-05 13:00:45 +00:00

libsoup

libsoup-2.4: fix CVE-2025-32911

2025-05-14 08:33:40 -07:00

libssh2

libssh2: remove status for CVE-2023-48795

2024-12-09 15:23:28 +00:00

libunistring

libunistring: upgrade 1.2 -> 1.3

2024-10-29 11:19:57 +00:00

libunwind

recipes: Drop ld-is-gold support

2025-02-10 13:03:57 +00:00

liburcu

liburcu: update 0.15.0 -> 0.15.1

2025-03-06 11:16:47 +00:00

libusb

libusb1: Set CVE_PRODUCT

2024-05-28 09:38:23 +01:00

libxslt

libxslt: upgrade 1.1.42 -> 1.1.43

2025-03-17 22:38:32 +00:00

libyaml

libyaml: Ignore CVE-2024-35325

2024-08-28 09:14:26 +01:00

lz4

lz4: Disable static libraries again

2024-08-29 21:58:19 +01:00

lzo

lzo: Add further info to a patch and mark as Inactive-Upstream

2022-05-27 23:50:48 +01:00

lzop

recipes: Start WORKDIR -> UNPACKDIR transition

2024-05-21 12:08:04 +01:00

mpfr

mpfr: Apply the backport of Float128 patch

2025-03-08 18:08:04 +00:00

nettle

nettle: Fix build with GCC-15

2025-03-27 11:19:03 +00:00

nghttp2

nghttp2: upgrade 1.64.0 -> 1.65.0

2025-03-06 11:16:47 +00:00

npth

npth: upgrade 1.7 -> 1.8

2024-11-27 14:58:48 +00:00

nss-myhostname

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

numactl

numactl: upgrade 2.0.18 -> 2.0.19

2024-11-18 22:09:02 +00:00

p11-kit

p11-kit: update 0.25.3 -> 0.25.5

2024-08-28 09:14:27 +01:00

pinentry

pinentry: upgrade 1.3.0 -> 1.3.1

2024-07-16 11:25:29 +01:00

popt

popt: update 1.18 -> 1.19

2022-11-22 12:26:46 +00:00

ptest-runner

ptest-runner: correct PV from 2.5.1 to 2.4.5.1

2024-10-29 12:07:03 +00:00

re2c

re2c: upgrade 4.0.2 -> 4.1

2025-03-06 11:16:47 +00:00

rng-tools

rng-tools: upgrade 6.16 -> 6.17

2024-06-25 11:50:58 +01:00

sass

libsass: fix fetched commit hash

2025-02-21 13:08:44 +00:00

serf

serf: mark patch as inappropriate for upstream submission

2024-04-25 10:10:15 +01:00

shared-mime-info

shared-mime-info: drop itstool-native from DEPENDS

2024-11-18 22:09:03 +00:00

sqlite

sqlite3: upgrade 3.47.2 -> 3.48.0

2025-03-20 11:29:03 +00:00

taglib

taglib: upgrade 2.0.1 -> 2.0.2

2024-09-04 12:38:44 +01:00

user-creation

recipes: Ensure S is set to a valid directory

2024-05-21 12:08:04 +01:00

utfcpp

utfcpp: update 4.0.5 -> 4.0.6

2024-12-05 17:07:10 +00:00

vim

vim: Upgrade 9.1.1115 -> 9.1.1198

2025-03-19 10:07:31 +00:00

vte

meta/meta-selftest: Fix variable assignment whitespace

2025-02-01 13:42:34 +00:00

xxhash

xxhash: upgrade 0.8.2 -> 0.8.3

2025-01-03 10:51:27 +00:00