mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-08 18:02:12 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
319eb6021ebe751dfd745ba431dc4100bcfa5642
poky/meta/recipes-devtools/apt
History
Chong Lu 6a30031708 apt: fix for CVE-2014-0478 
APT before 1.0.4 does not properly validate source packages, which allows
man-in-the-middle attackers to download and install Trojan horse packages
by removing the Release signature.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0478

(From OE-Core rev: 3dd692fcf2b0c11731b3f30abdf2b1878458a898)

Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-09-30 14:10:34 +01:00
..
apt-0.9.9.4
apt: fix for CVE-2014-0478
2014-09-30 14:10:34 +01:00
files
apt/package_mamager: Ensure WORKDIR is used for lists directory
2014-03-27 09:42:06 +00:00
apt_0.9.9.4.bb
apt: add bash to RDEPENDS_apt
2014-08-23 09:26:10 +01:00
apt-native_0.9.9.4.bb
apt-native: fix SRC_URI Checksum for update
2013-08-06 12:39:56 +01:00
apt-native.inc
apt-native: Add missing DEPENDS on db-native and curl-native
2014-07-27 08:31:09 +01:00
apt-package.inc
apt: Fix case where ${B} != ${S}
2013-03-22 16:54:37 +00:00
apt.inc
apt: fix for CVE-2014-0478
2014-09-30 14:10:34 +01:00