mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-27 03:32:12 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
43ffc2a5e70f8936742b632263d06f1f63e326fb
poky/meta/recipes-core
History
Mike Crowe 278d77034e glibc: Fix CVE-2023-4911 "Looney Tunables" 
Take the patch from the source for Debian's glibc 2.31-13+deb11u7
package, the changelog for which starts with:

 glibc (2.31-13+deb11u7) bullseye-security; urgency=medium

   * debian/patches/any/local-CVE-2023-4911.patch: Fix a buffer overflow in the
     dynamic loader's processing of the GLIBC_TUNABLES environment variable
     (CVE-2023-4911).

This addresses the "Looney Tunables" vulnerability described at
https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt

(From OE-Core rev: 9a800a2e2c2b14eab8c1f83cb4ac3b94a70dd23c)

Signed-off-by: Mike Crowe <mac@mcrowe.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2023-10-06 05:41:57 -10:00
..
base-files
base-files: Drop localhost.localdomain from hosts file
2023-03-25 23:00:59 +00:00
base-passwd
meta/recipes-core: Add HOMEPAGE / DESCRIPTION
2021-03-10 00:22:51 +00:00
busybox
busybox: rm temporary files if do_compile was interrupted
2023-02-24 16:41:42 +00:00
coreutils
coreutils: add openssl PACKAGECONFIG
2022-11-09 17:42:03 +00:00
dbus
dbus: upgrade 1.12.22 -> 1.12.24
2022-10-27 16:54:43 +01:00
dbus-wait
meta: Add explict branch to git SRC_URIs, handle github url changes
2021-11-11 10:54:32 +00:00
dropbear
dropbear: fix CVE-2021-36369
2022-12-23 23:05:44 +00:00
ell
meta/recipes-core: Add HOMEPAGE / DESCRIPTION
2021-03-10 00:22:51 +00:00
expat
expat: Fix CVE-2022-43680 for expat
2022-11-09 17:42:03 +00:00
fts
meta: Add explict branch to git SRC_URIs, handle github url changes
2021-11-11 10:54:32 +00:00
gettext
gettext: fix ptest package reproducibilty
2020-03-07 10:06:17 +00:00
glib-2.0
glib-2.0: Use specific BSD license variant
2022-02-16 09:48:51 +00:00
glib-networking
glib-networking/btrfs-tools/dosfstools/parted/bmap-tools/libsoup-2.4: add nativesdk support
2020-12-18 14:20:19 +00:00
glibc
glibc: Fix CVE-2023-4911 "Looney Tunables"
2023-10-06 05:41:57 -10:00
ifupdown
meta: Add explict branch to git SRC_URIs, handle github url changes
2021-11-11 10:54:32 +00:00
images
build-appliance-image: Update to dunfell head revision
2023-09-16 11:20:06 -10:00
init-ifupdown
meta: set proper S value
2015-01-23 11:36:27 +00:00
initrdscripts
initramfs-framework: move storage mounts to actual rootfs
2022-07-08 08:27:20 +01:00
initscripts
initscripts: run umountnfs as a KILL script
2022-08-22 14:29:49 +01:00
kbd
meta/recipes-core: Add HOMEPAGE / DESCRIPTION
2021-03-10 00:22:51 +00:00
libcgroup
libcgroup: CVE-2018-14348
2018-09-04 11:03:55 +01:00
libxcrypt
meta: Add explict branch to git SRC_URIs, handle github url changes
2021-11-11 10:54:32 +00:00
libxml
libxml2: Fix CVE-2023-39615
2023-09-29 04:29:01 -10:00
meta
cve-update-nvd2-native: always pass str for json.loads()
2023-08-16 03:55:13 -10:00
musl
meta: Add explict branch to git SRC_URIs, handle github url changes
2021-11-11 10:54:32 +00:00
ncurses
ncurses: Fix CVE-2022-29458
2022-06-04 12:16:59 +01:00
netbase
netbase: bump PE to purge bogus hash equivalence from autobuilder
2020-11-12 13:07:52 +00:00
newlib
newlib: Move syscalls from newlib to libgloss
2020-02-19 11:24:15 +00:00
os-release
os-release: Add DISTRO_CODENAME as vardeps for do_compile
2021-12-02 16:53:08 +00:00
ovmf
ovmf: fix gcc12 warning for device path handling
2023-01-13 18:11:19 +00:00
packagegroups
packagegroup-core-ssh-dropbear: Add openssh-sftp-server recommendation
2022-07-15 12:29:17 +01:00
psplash
psplash: consider the situation of psplash not exist for systemd
2022-12-23 23:05:44 +00:00
readline
meta: fix some unresponsive homepages and bugtracker links
2020-11-12 13:07:52 +00:00
sysfsutils
sysfsutils: rem leftover settings for libsysfs-dev
2020-06-18 12:25:00 +01:00
systemd
systemd-systemctl: fix errors in instance name expansion
2023-08-16 03:55:13 -10:00
sysvinit
sysvinit: remove bashism to be compatible with dash
2020-12-09 23:49:01 +00:00
udev
meta/recipes-core: Add HOMEPAGE / DESCRIPTION
2021-03-10 00:22:51 +00:00
update-rc.d
meta: Add explict branch to git SRC_URIs, handle github url changes
2021-11-11 10:54:32 +00:00
util-linux
util-linux: fix CVE-2022-0563
2022-04-01 23:22:43 +01:00
volatile-binds
volatile-binds: Change DefaultDependencies from false to no
2022-05-14 20:26:34 +01:00
zlib
zlib: CVE-2022-37434 a heap-based buffer over-read
2022-08-22 14:29:48 +01:00