mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-29 00:32:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
4eea29a54a0d632f41b62568681777588a449d09
poky/meta/recipes-devtools
History
Guillem Jover 4eea29a54a dpkg: Security Advisory - CVE-2014-0471 
v2 changes:
* update format for commit log
* add Upstream-Status for patch

commit a82651188476841d190c58693f95827d61959b51 upstream

Dkpkg::Source::Patch: Correctly parse C-style diff filenames

We need to strip the surrounding quotes, and unescape any escape
sequence, so that we check the same files that the patch program will
be using, otherwise a malicious package could overpass those checks,
and perform directory traversal attacks on source package unpacking.

Fixes: CVE-2014-0471

Reported-by: Jakub Wilk <jwilk@debian.org>
[drop the text for debian/changelog,because it's not suitable
 for the veriosn]

(From OE-Core rev: 81880b34a8261e824c5acafaa4cb321908e554a0)

Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-06-17 10:23:53 +01:00
..
apt
apt/package_mamager: Ensure WORKDIR is used for lists directory
2014-03-27 09:42:06 +00:00
autoconf
autoconf: don't disable the autoheader warnings
2014-06-06 09:26:39 +01:00
autogen
autogen-native: upgrade from 2.18.2 to 2.18.3
2014-06-06 10:24:07 +01:00
automake
Add texinfo.bbclass; recipes that use texinfo utils at build-time inherit it.
2014-05-02 20:46:59 +01:00
binutils
binutils: Fix building nativesdk binutils with gcc 4.9
2014-05-06 17:59:15 +01:00
bison
Add texinfo.bbclass; recipes that use texinfo utils at build-time inherit it.
2014-05-02 20:46:59 +01:00
btrfs-tools
btrfs: patch to allow for relative paths
2014-03-11 20:28:57 -07:00
ccache
ccache: update to upstream version 3.1.9
2013-08-26 11:47:19 +01:00
cdrtools
cdrtools-native: upgrade to 3.01a20
2014-01-14 11:33:52 +00:00
chrpath
chrpath: upgrade to 0.16
2014-03-02 17:25:28 +00:00
cmake
cmake: Avoid accidentally including libacl.h
2014-05-28 08:19:30 +01:00
desktop-file-utils
Replace one-line DESCRIPTION with SUMMARY
2014-01-02 12:50:18 +00:00
devel-config
recipes: convert remaining SUMMARY/DESCRIPTION cosmetic issues
2014-02-17 15:28:59 +00:00
diffstat
diffstat: patches have now been submitted upstream
2014-06-02 21:37:53 +01:00
distcc
Globally replace 'base_contains' calls with 'bb.utils.contains'
2014-04-25 17:19:19 +01:00
dmidecode
mirrors.bbclass: Add mirror site for savannah
2014-05-11 12:27:21 +01:00
docbook-dsssl-stylesheets
sgml-common-native: fix the generation of sgml-docbook.cat
2014-03-19 14:42:43 +00:00
docbook-sgml-dtd
sgml-common-native: fix the generation of sgml-docbook.cat
2014-03-19 14:42:43 +00:00
docbook-utils
docbook-utils-native: Unbreak the build after source and build dir split
2013-03-25 20:51:19 +00:00
dosfstools
Don't set DESCRIPTION to the same value as SUMMARY
2013-12-03 17:45:52 +00:00
dpkg
dpkg: Security Advisory - CVE-2014-0471
2014-06-17 10:23:53 +01:00
e2fsprogs
e2fsprogs: use update-alt for chattr
2014-06-14 08:43:55 +01:00
elfutils
elfutils: Fix debugedit failure in grub
2014-06-13 12:53:05 +01:00
expect
expect: fix do_install failure on SLED 11.2
2014-03-19 14:42:43 +00:00
file
file: upgrade from 5.17 to 5.18
2014-06-06 10:24:07 +01:00
flex
flex: Update to 2.5.39 version
2014-05-21 19:50:21 +01:00
gcc
gcc-configure-common: Address problems with gengtype
2014-06-17 08:59:03 +01:00
gdb
gdb: add PACKAGECONFIG for babeltrace
2014-05-13 19:32:06 +01:00
git
git: don't hardcode the full path to perl
2014-06-14 08:43:56 +01:00
gnu-config
gnu-config: Let it recognise *-*-musl* triplets
2014-06-01 14:29:29 +01:00
guile
recipes: Add missing pkgconfig class inherits
2014-06-03 16:49:19 +01:00
guilt
guilt-native: tidy up recipe
2014-01-02 12:50:24 +00:00
help2man
help2man update to 1.44.1
2014-04-24 17:55:14 +01:00
i2c-tools
i2c-tools: Add i2c-tools to the core
2014-05-28 09:42:14 +01:00
icecc-create-env
icecc-create-env-native: add SUMMARY and tweak DESCRIPTION
2014-01-02 12:50:23 +00:00
icon-naming-utils
autotools-brokensep: Mark recipes with broken separate build dir support
2014-02-28 14:01:16 +00:00
insserv
insserv: enable ptest support
2014-02-21 16:09:08 +00:00
installer
adt_installer: run autoreconf before configuring opkg
2014-05-13 19:32:06 +01:00
intltool
intltool: Define DATADIRNAME=share for uclibc based systems
2014-03-17 14:01:41 +00:00
json-c
recipes: convert remaining SUMMARY/DESCRIPTION cosmetic issues
2014-02-17 15:28:59 +00:00
kconfig-frontends
kconfig-frontends: fix the incorrect depends on gperf
2014-01-06 11:14:00 +00:00
libtool
Add texinfo.bbclass; recipes that use texinfo utils at build-time inherit it.
2014-05-02 20:46:59 +01:00
linuxdoc-tools
linuxdoc-tools: remove usage of FILESPATH
2014-05-13 19:32:05 +01:00
m4
Add texinfo.bbclass; recipes that use texinfo utils at build-time inherit it.
2014-05-02 20:46:59 +01:00
make
Add texinfo.bbclass; recipes that use texinfo utils at build-time inherit it.
2014-05-02 20:46:59 +01:00
makedevs
Replace one-line DESCRIPTION with SUMMARY
2014-01-02 12:50:18 +00:00
mkelfimage
autotools-brokensep: Mark recipes with broken separate build dir support
2014-02-28 14:01:16 +00:00
mklibs
mklibs-native: upgrade from 0.1.38 to 0.1.39
2014-04-23 11:43:28 +01:00
mmc
mmc-utils: fix compilation failure for mips64 target.
2014-05-08 13:00:32 +01:00
mtd
mtd-utils: upgrade to 1.5.1+gitAUTOINC+12158de
2014-04-23 11:43:28 +01:00
mtools
Add texinfo.bbclass; recipes that use texinfo utils at build-time inherit it.
2014-05-02 20:46:59 +01:00
nasm
nasm: upgrade to 2.11.02
2014-04-30 16:39:08 +01:00
openjade
sgml-common-native: fix the generation of sgml-docbook.cat
2014-03-19 14:42:43 +00:00
opensp
opensp: replace obsolete automake macros with working ones
2013-01-15 08:10:12 +00:00
opkg
opkg: Upgrade to v0.2.2
2014-04-25 17:19:19 +01:00
opkg-utils
opkg-utils: Update SRCREV
2014-06-01 14:29:30 +01:00
orc
Replace one-line DESCRIPTION with SUMMARY
2014-01-02 12:50:18 +00:00
ossp-uuid
recipes: convert remaining SUMMARY/DESCRIPTION cosmetic issues (part 2)
2014-02-20 14:28:13 +00:00
packagegroups
packagegroup-*: add RREPLACES/RCONFLICTS
2012-09-04 18:03:18 +01:00
patch
Globally replace 'base_contains' calls with 'bb.utils.contains'
2014-04-25 17:19:19 +01:00
pax-utils
pax-utils: upgrade to 0.8.1
2014-05-13 19:32:06 +01:00
perl
perl: stop perl-modules recommending perl-ptest
2014-05-27 16:11:54 +01:00
pkgconfig
pkgconfig: Drop glibconfig from SRC_URI to unbreak builds after previous commit
2014-01-28 22:33:32 +00:00
postinst-intercept
postinst-intercept: New recipe to include postinstall intercepts in nativesdk
2014-02-02 22:37:40 +00:00
prelink
Globally replace 'base_contains' calls with 'bb.utils.contains'
2014-04-25 17:19:19 +01:00
pseudo
pseudo: Honor umask again
2014-05-28 08:19:31 +01:00
python
python-gst: link python shared library to config directory
2014-06-10 17:24:18 +01:00
qemu
qemuwrapper-cross: Use QEMU_OPTIONS
2014-06-14 08:43:56 +01:00
quilt
quilt: Update to 0.63 version
2014-05-21 09:09:01 +01:00
remake
remake: fix insufficient gettext dependency
2013-07-24 11:35:36 +01:00
rpm
rpm: Fix cpio 32 bit overflow issues on 64 bit inode filesystems
2014-06-12 17:47:59 +01:00
rsync
Replace one-line DESCRIPTION with SUMMARY
2014-01-02 12:50:18 +00:00
run-postinsts
run-postinsts: fix issue with checking IMAGE_FEATURES
2014-03-27 15:44:43 +00:00
sgml-common
sgml-common-native: fix the generation of sgml-docbook.cat
2014-03-19 14:42:43 +00:00
sgmlspl
Don't set DESCRIPTION to the same value as SUMMARY
2013-12-03 17:45:52 +00:00
squashfs-tools
squashfs-tools: set SUMMARY instead of DESCRIPTION
2013-12-03 17:45:52 +00:00
strace
Globally replace 'base_contains' calls with 'bb.utils.contains'
2014-04-25 17:19:19 +01:00
subversion
subversion: fix for Security Advisory CVE-2013-4277
2014-05-21 09:09:00 +01:00
swabber
Replace one-line DESCRIPTION with SUMMARY
2014-01-02 12:50:18 +00:00
syslinux
syslinux-native: fix parallel building issue
2014-05-20 14:53:11 +01:00
tcf-agent
tcf-agent: add systemd support
2014-04-24 17:55:15 +01:00
tcltk
tcl: cleanup
2014-05-08 13:00:33 +01:00
ubootchart
Replace one-line DESCRIPTION with SUMMARY
2014-01-02 12:50:18 +00:00
unfs3
recipes: convert remaining SUMMARY/DESCRIPTION cosmetic issues (part 2)
2014-02-20 14:28:13 +00:00
unifdef
Replace one-line DESCRIPTION with SUMMARY
2014-01-02 12:50:18 +00:00
vala
vala: inherit pkgconfig
2014-04-10 17:35:15 +01:00
valgrind
Upstream-Status Cleanups
2014-04-25 17:19:20 +01:00
yasm
yasm: add from meta-oe and tweak
2013-08-13 23:05:58 +01:00
zisofs-tools
Revert "zisofs-tools-native: Add missing dependency on zlib-native"
2014-03-31 23:04:35 +01:00