poky/recipes-support at 3b86def5ed2a07d765ce7530afd4b8d7af7cba15 - poky

mirror of https://git.yoctoproject.org/poky synced 2026-04-30 21:32:13 +02:00

Files

Yi Zhao c8125e68c6 libgcrypt: fix CVE-2019-12904

In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a
flush-and-reload side-channel attack because physical addresses are
available to other processes. (The C implementation is used on platforms
where an assembly-language implementation is unavailable.)

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2019-12904

Patches from:
1374254c29
daedbbb554
a4c561aab1

(From OE-Core rev: a981d9b753a13e100af1f654fb3384f0bcda0b65)

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 37e390ff05b6a4509019db358ed496731d80cc51)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit 4c207cb1ad46c0d2005ab3eae70d78c937e084b5)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2019-10-30 13:47:54 +00:00

apr

apr/apr-util: Add ptest dependency on libgcc

2019-06-07 13:57:48 +01:00

argp-standalone

argp-standalone: drop RDEPENDS dev/staticdev packages on main package

2017-10-07 23:20:40 +01:00

aspell

recipes: Enforce ARM ISA just for arm arches <= armv5

2018-07-18 10:18:42 +01:00

atk

atk: use gobject-introspection.bbclass on/off mechanism

2019-04-11 21:15:56 +01:00

attr

gettext/flex/m4/bzip2/gzip/parted/slang/attr: Add make to -ptest packages

2019-06-07 13:57:48 +01:00

bash-completion

bash-completion: update to 2.8

2018-05-04 13:28:02 +01:00

bmap-tools

bmap-tools: fix upstream version check

2019-03-29 08:28:53 +00:00

boost

boost: Fix build and enable context and coroutines on aarch64

2019-09-30 16:44:42 +01:00

ca-certificates

openssl: Remove the c_rehash shell re-implementation

2019-03-19 23:50:41 +00:00

consolekit

consolekit: enable polkit if polkit distro feature is set

2019-01-16 15:35:07 +00:00

curl

Curl: Security fix for CVE-2019-5482

2019-09-30 16:44:42 +01:00

db: fix upstream version check

2019-03-29 08:28:53 +00:00

debianutils

debianutils: update to 4.8.6.1

2019-02-25 10:43:07 +00:00

dos2unix

dos2unix: fix upstream version check

2018-09-10 12:13:05 +01:00

enchant

enchant: add PACKAGECONFIG for *spell

2016-09-20 15:11:08 +01:00

fribidi

fribidi: use Meson instead of autotools

2018-09-21 18:45:46 -07:00

gdbm

gdbm: update to 1.18.1

2018-11-23 23:35:18 +00:00

gmp

gmp: do the multilib_header magic for gmp.h

2018-05-29 21:07:13 +01:00

gnome-desktop-testing

gnome-desktop-testing: upgrade to 2018.1

2018-12-05 12:37:02 +00:00

gnupg

gnupg: upgrade 2.2.12 -> 2.2.13

2019-02-25 10:43:07 +00:00

gnutls

gnutls:upgrade 3.6.7 -> 3.6.8

2019-10-30 13:47:54 +00:00

gpgme

gpgme: 1.11.1 -> 1.12.0

2018-11-14 11:14:39 +00:00

icu

icu: fix CVE-2018-18928

2019-03-06 10:39:25 +00:00

iso-codes

iso-codes: upgrade 4.1 -> 4.2

2019-02-20 11:30:35 +00:00

libassuan

libassuan: upgrade 2.5.2 -> 2.5.3

2019-02-25 10:43:07 +00:00

libatomic-ops

selftest/distrodata: un-break the upstream version check test

2019-01-11 10:39:08 +00:00

libbsd

libbsd: drop obsolete patch

2018-09-10 12:13:06 +01:00

libcap

libcap: upgrade 2.25 -> 2.26

2019-01-11 10:39:09 +00:00

libcap-ng

libcap-ng: update to 0.7.9

2018-05-04 13:28:01 +01:00

libcheck

libcheck: update HOMEPAGE

2019-01-11 10:39:09 +00:00

libcroco

libcroco: Fix two CVEs

2019-10-30 13:47:54 +00:00

libdaemon

libdaemon: Explicitly include unisttd.h instead of sys/unistd.h

2015-04-10 18:10:26 +01:00

libevdev

libevdev: upgrade 1.5.9 -> 1.6.0

2018-12-05 12:37:02 +00:00

libevent

libevent: fix the multilib header conflict

2018-08-14 11:36:31 +01:00

libexif

libexif: fix CVE-2016-6328 and CVE-2018-20030

2019-03-29 08:28:53 +00:00

libffi

libffi: refresh patches

2018-03-09 09:17:02 -08:00

libfm

libfm: upgrade 1.3.0.2 -> 1.3.1

2019-01-18 16:24:39 +00:00

libgcrypt

libgcrypt: fix CVE-2019-12904

2019-10-30 13:47:54 +00:00

libgpg-error

libgpg-error: Fix build with gawk 5.x

2019-09-30 16:44:42 +01:00

libical

libical-dev_2.0: improve reproducibility

2018-05-11 07:49:38 +01:00

libjitterentropy

libjitterentropy: add 2.1.2

2018-11-14 11:14:40 +00:00

libksba

libksba: refresh patches

2018-03-09 09:17:02 -08:00

libmpc

libmpc: upgrade to 1.1.0

2018-03-04 11:35:40 +00:00

libnl

libnl: 3.2.29 -> 3.4.0

2018-02-06 11:06:29 +00:00

libpcre

libpcre: Add make dependency for ptest

2019-06-07 13:57:48 +01:00

libproxy

libproxy: Fix build with clang/libc++

2019-02-02 11:06:00 +00:00

libpsl

libpsl: Extend with native, nativesdk

2019-03-25 23:19:53 +00:00

libsoup

libsoup-2.4: use gobject-introspection.bbclass on/off mechanism

2019-04-11 21:15:56 +01:00

libunistring

libunistring: upgrade to 0.9.10

2018-06-27 13:55:21 +01:00

libunwind

libunwind: Upgrade to 1.3.1 release

2019-02-12 14:04:31 +00:00

liburcu

liburcu: upgrade 0.10.1 -> 0.10.2

2019-01-18 16:24:39 +00:00

libusb

libusb1: Add udev support

2019-02-02 11:05:59 +00:00

libxslt

libxslt: fix CVE-2019-13117 CVE-2019-13118

2019-09-30 16:44:41 +01:00

libyaml

libyaml: upgrade to 0.2.1

2018-07-24 11:52:26 +01:00

lz4

lz4: upgrade 1.8.2 -> 1.8.3

2019-02-19 16:14:57 +00:00

lzo

lzo: don't do aclocal/acinclude dance

2017-12-10 22:45:18 +00:00

lzop

lzop: upgrade 1.03 -> 1.04

2019-02-19 16:14:57 +00:00

mpfr

mpfr: Upgrade to 4.0.2 release

2019-02-07 10:01:07 +00:00

nettle

nettle: fix the Segmentation fault

2019-05-20 14:38:15 +01:00

npth

npth:1.5 -> 1.6

2018-08-08 10:51:59 +01:00

nspr

nspr: update 4.21

2019-03-11 05:36:37 -07:00

nss

nss: update to 3.42.1

2019-03-11 05:36:37 -07:00

nss-myhostname

nss-myhostname: Fix build on musl

2016-02-04 23:39:02 +00:00

p11-kit

p11-kit: upgrade 0.23.14 -> 0.23.15

2019-02-20 11:30:35 +00:00

pinentry

pinentry: let autotools.bbclass handle --disable-dependency-tracking

2018-05-29 21:07:13 +01:00

popt

Revert "popt: update SRC_URI"

2018-12-15 11:48:07 +00:00

ptest-runner

ptest-runner: enable child procs as session leader

2019-06-30 22:34:23 +01:00

re2c

re2c: Update to 1.0.1

2018-08-16 22:40:28 +01:00

rng-tools

rng-tools: fix very long shutdown delay with systemd

2019-09-30 16:44:41 +01:00

serf

serf: Document and add upstream status field for 0003-gen_def.patch

2018-09-11 09:05:35 +01:00

shared-mime-info

shared-mime-info: update the database also in native builds

2019-01-28 23:14:10 +00:00

source-highlight

source-highlight: use with-boost-libdir

2016-10-15 10:01:43 +01:00

sqlite

sqlite3: fix CVE-2019-9936 and CVE-2019-9937

2019-04-01 14:48:44 +01:00

taglib

taglib: Security fix CVE-2018-11439

2018-09-10 12:13:06 +01:00

user-creation

xuser-account: remove GROUPADD_PARAM

2016-07-20 10:28:51 +01:00

vim

vim: fix CVE-2019-12735

2019-07-29 23:50:49 +01:00

vte

vte: allow building vte-native with gcc 4.8

2019-01-31 23:23:27 +00:00