poky/recipes-devtools at 3f5906e086d904f48e1790c59cf01c0c94b31b64 - poky

mirror of https://git.yoctoproject.org/poky synced 2026-04-27 12:32:13 +02:00

Files

Wenzong Fan 3f5906e086 subversion: fix CVE-2017-9800

A maliciously constructed svn+ssh:// URL would cause Subversion clients
before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3
to run an arbitrary shell command. Such a URL could be generated by a
malicious server, by a malicious user committing to a honest server(to
attack another user of that server's repositories), or by a proxy
server.

The vulnerability affects all clients, including those that use
file://, http://, and plain (untunneled) svn://.

Backport patch from:
http://svn.apache.org/viewvc?view=revision&amp;sortby=rev&amp;revision=1804691

Reference:
http://subversion.apache.org/security/CVE-2017-9800-advisory.txt

(From OE-Core rev: 6e1f8001a0f3c26cce9c692d25987a3c47ff2f74)

Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2017-09-11 17:30:30 +01:00

apt

apt: Upgrade to 1.2.24

2017-08-23 08:47:03 +01:00

autoconf

autoconf: fix typo in SUMMARY

2017-07-30 08:46:20 +01:00

autoconf-archive

autoconf-archive: GPLv3 + autoconf exception

2017-08-03 11:14:13 +01:00

automake

automake: Add missing libtool tag for cppasm language

2017-08-09 09:24:16 +01:00

binutils

binutils: Upgrade to 2.29

2017-08-16 00:03:13 +01:00

bison

bison: reduce local pending patches

2017-07-21 11:12:44 +01:00

bootchart2

bootchart2: update python interpreter

2017-09-11 17:30:29 +01:00

btrfs-tools

btrfs-tools: update to 4.12

2017-08-13 09:27:38 +01:00

build-compare

selftest: fix distrodata.py to use per-recipe UPSTREAM_VERSION_UNKNOWN setting

2017-08-16 00:03:13 +01:00

ccache

ccache: Switch to downloading xz tarball

2017-02-23 12:49:51 -08:00

cdrtools

cdrtools-native: Fix when cc is missing

2017-03-10 14:50:11 +00:00

chrpath

chrpath: use https for SRC_URI

2017-08-09 09:24:16 +01:00

cmake

cmake: Use find_program if find_host_program is not available

2017-07-06 14:38:13 +01:00

createrepo-c

rpm/dnf: fix Upstream-Status to reflect upstream submission status

2017-07-24 09:13:30 +01:00

cve-check-tool

cve-check-tool: change BB_NO_NETWORK error to a warning

2017-09-11 17:30:29 +01:00

desktop-file-utils

desktop-file-utils-native: update to 0.23

2016-07-20 10:28:46 +01:00

devel-config

Remove $COREBASE/LICENSE from LIC_FILES_CHKSUM

2016-10-28 16:15:18 +01:00

diffstat

diffstat: exclude aclocal

2017-08-09 09:24:15 +01:00

distcc

selftest: fix distrodata.py to use per-recipe UPSTREAM_VERSION_UNKNOWN setting

2017-08-16 00:03:13 +01:00

dmidecode

dmidecode: update to 3.1

2017-06-28 15:52:18 +01:00

dnf

dnf: fix "Unable to detect release version" warning

2017-08-19 22:15:38 +01:00

docbook-xml

docbook-xml: correct typo "do_configre"

2017-02-23 12:49:50 -08:00

dosfstools

meta: start to ignore the largefile distro feature

2017-03-08 11:52:56 +00:00

dpkg

dpkg: Upgrade to 1.18.24

2017-08-23 08:47:03 +01:00

e2fsprogs

e2fsprogs: fix ptest script

2017-08-27 22:30:06 +01:00

elfutils

elfutils: 0.168 -> 0.170

2017-08-18 10:40:26 +01:00

expect

expect: use u-a for mkpasswd

2017-06-28 20:55:08 +01:00

fdisk

gptfdisk: update to 1.0.3

2017-08-13 09:27:38 +01:00

file

file: 5.30 -> 5.31

2017-06-28 15:52:18 +01:00

flex

flex_2.6.0.bb: remove build host references

2017-08-31 17:41:41 +01:00

gcc

gcc: Upgrade to 7.2.0 release

2017-08-17 00:21:14 +01:00

gdb

gdb: fix gdbserver not working in musl/mips context

2017-06-28 15:52:18 +01:00

git

git: 2.13.2 -> 2.13.3

2017-08-23 08:47:02 +01:00

gnu-config

selftest: fix distrodata.py to use per-recipe UPSTREAM_VERSION_UNKNOWN setting

2017-08-16 00:03:13 +01:00

go: Remove -fPIE -pie from SECURITY_PIE_CFLAGS

2017-08-09 09:24:15 +01:00

help2man

help2man-native: upgrade to 1.47.4

2016-06-15 08:35:02 +01:00

i2c-tools

i2c-tools: point SRC_URI at Yocto source mirrors

2016-02-04 23:39:02 +00:00

icecc-create-env

icecc-create-env-native: add SUMMARY and tweak DESCRIPTION

2014-01-02 12:50:23 +00:00

icon-naming-utils

icon-naming-utils: separate B and S

2015-01-16 23:08:27 +00:00

intltool

intltool: Adds gettext as a DEPENDS

2017-05-25 23:59:32 +01:00

json-c

json-c: Upgrade to 0.12.1 release

2017-05-12 08:51:09 +01:00

libcomps

rpm/dnf: fix Upstream-Status to reflect upstream submission status

2017-07-24 09:13:30 +01:00

libdnf

libdnf: update to 0.9.3

2017-08-13 09:27:37 +01:00

librepo

rpm/dnf: fix Upstream-Status to reflect upstream submission status

2017-07-24 09:13:30 +01:00

libtool

libtool: remove /absolute/path/to/host references

2017-08-18 23:46:38 +01:00

llvm

llvm: Swith to ARM ISA on armv5 and armv4t

2017-08-17 00:21:14 +01:00

meta: Drop remnants of uclibc support

2017-06-22 09:16:00 +01:00

make

recipes: Move out stale GPLv2 versions to a seperate layer

2017-03-07 20:05:31 +00:00

makedevs

makedevs: don't restrict device node paths to 40 characters

2016-09-16 15:24:02 +01:00

mkelfimage

mkelfimage: Add update convert.bin.c file

2017-09-02 00:52:10 +01:00

mklibs

mklibs-native: remove native python dependency

2017-05-16 14:08:29 +01:00

mmc

selftest: fix distrodata.py to use per-recipe UPSTREAM_VERSION_UNKNOWN setting

2017-08-16 00:03:13 +01:00

mtd

mtd-utils: refresh patches now merged upstream

2017-04-11 18:10:18 +01:00

mtools

meta: Drop remnants of uclibc support

2017-06-22 09:16:00 +01:00

nasm

nasm: Upgrade 2.12.02 -> 2.13.01

2017-05-29 15:15:20 +01:00

ninja

ninja: fix upstream version check

2017-08-27 22:30:06 +01:00

opkg

opkg-configure: do not reload daemon configuration

2017-08-16 00:03:14 +01:00

opkg-utils

opkg-utils: rename recipe to follow versioned releases

2017-06-28 15:52:18 +01:00

orc

orc: upgrade to 0.4.27

2017-07-21 22:51:38 +01:00

ossp-uuid

ossp-uuid, libffi, libgcrypt: Pass --tag=CC option to libtool

2017-08-09 09:24:15 +01:00

packagegroups

packagegroup-core-device-devel: add binutils-symlinks

2016-06-16 11:11:40 +01:00

patch

recipes: Move out stale GPLv2 versions to a seperate layer

2017-03-07 20:05:31 +00:00

patchelf

patchelf: fix segfault for binaries linked by gold

2017-07-24 09:13:30 +01:00

pax-utils

pax-utils: check upstream version from debian servers

2017-08-16 00:03:13 +01:00

perl

perl: Don't change /usr/include references in docs to sysroot paths

2017-08-18 23:46:38 +01:00

pkgconf

pkgconf: add recipe

2017-08-23 12:06:51 +01:00

pkgconfig

pkgconfig: allow kernel to be build with esdk

2017-07-21 22:51:37 +01:00

postinst-intercept

Remove LIC_FILES_CHKSUM from recipes without SRC_URI

2016-10-28 16:15:21 +01:00

prelink

prelink: Change the behavior to avoid checking USER_CLASSES

2017-08-19 22:15:39 +01:00

pseudo

pseudo: Handle too many files deadlock

2017-06-22 09:16:00 +01:00

python

python3-setuptools: extend to nativesdk

2017-09-11 17:30:29 +01:00

python-numpy

python-numpy, python3-numpy: Fix CVE-2017-12852

2017-09-02 00:52:10 +01:00

qemu

qemu: upgrade to version 2.10.0

2017-09-02 00:52:10 +01:00

quilt

quilt: Fix paths for patch and perl

2017-04-05 23:22:13 +01:00

rpm

rpm: Disable perl dependency generation

2017-08-18 10:40:26 +01:00

rsync

recipes: Move out stale GPLv2 versions to a seperate layer

2017-03-07 20:05:31 +00:00

ruby

ruby: fix CVE-2017-922{6-9}

2017-08-19 22:15:39 +01:00

run-postinsts

run-postinsts: do not reload daemon configuration

2017-08-16 00:03:14 +01:00

squashfs-tools

squashfs: fix build with glibc-2.26

2017-08-23 08:47:03 +01:00

strace

strace: 4.17 -> 4.18

2017-08-23 08:47:03 +01:00

subversion

subversion: fix CVE-2017-9800

2017-09-11 17:30:30 +01:00

swig

swig: upgrade to 3.0.12

2017-02-23 12:49:51 -08:00

syslinux

syslinux: Update HOMEPAGE

2017-08-17 00:21:14 +01:00

systemd-bootchart

systemd-bootchart: Fix build with glibc 2.26

2017-07-21 22:51:38 +01:00

tcf-agent

selftest: fix distrodata.py to use per-recipe UPSTREAM_VERSION_UNKNOWN setting

2017-08-16 00:03:13 +01:00

tcltk

tcl: 8.6.6 -> 0.8.7

2017-08-23 08:47:02 +01:00

unfs3

unfs3: Rename mirror tarball to avoid clash

2017-05-30 10:15:20 +01:00

unifdef

unifdef: add UPSTREAM_CHECK_REGEX to filter out development snapshots

2017-02-23 12:49:51 -08:00

vala

vala: upgrade to 0.36.4

2017-07-27 22:36:53 +01:00

valgrind

valgrind: improvements for run-ptest

2017-08-23 12:06:51 +01:00

xmlto

xmlto: replace fedorahosted.org SRC_URI with pagure.io source

2017-04-05 23:22:12 +01:00

yasm

yasm: Set CCLD_FOR_BUILD to ensure BUILD_CC is used

2017-03-11 16:09:13 +00:00

zisofs-tools

Revert "zisofs-tools-native: Add missing dependency on zlib-native"

2014-03-31 23:04:35 +01:00