poky/recipes-devtools at 570345adfd10847e40de573457f127c70d7c7b33 - poky

mirror of https://git.yoctoproject.org/poky synced 2026-04-30 21:32:13 +02:00

Files

Guillem Jover 570345adfd dpkg: Security Advisory - CVE-2014-0471

v2 changes:
* update format for commit log
* add Upstream-Status for patch

commit a82651188476841d190c58693f95827d61959b51 upstream

Dkpkg::Source::Patch: Correctly parse C-style diff filenames

We need to strip the surrounding quotes, and unescape any escape
sequence, so that we check the same files that the patch program will
be using, otherwise a malicious package could overpass those checks,
and perform directory traversal attacks on source package unpacking.

Fixes: CVE-2014-0471

Reported-by: Jakub Wilk <jwilk@debian.org>
[drop the text for debian/changelog,because it's not suitable
 for the veriosn]

(From OE-Core rev: 81880b34a8261e824c5acafaa4cb321908e554a0)

(From OE-Core rev: c75316fc256d229cfad45cd57328920993d93d8d)

Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2014-10-10 15:06:06 +01:00

apt

apt/package_mamager: Ensure WORKDIR is used for lists directory

2014-03-27 09:42:06 +00:00

autoconf

autoconf: new autotest/testsuite option to enable automake test result format

2014-03-30 10:10:32 +01:00

autogen

recipes: convert remaining SUMMARY/DESCRIPTION cosmetic issues

2014-02-17 15:28:59 +00:00

automake

recipes: convert remaining SUMMARY/DESCRIPTION cosmetic issues (part 2)

2014-02-20 14:28:13 +00:00

binutils

binutils: Add fix for recent patch on older gcc

2014-10-10 15:06:05 +01:00

bison

recipes: convert remaining SUMMARY/DESCRIPTION cosmetic issues (part 2)

2014-02-20 14:28:13 +00:00

btrfs-tools

btrfs: patch to allow for relative paths

2014-03-11 20:28:57 -07:00

ccache

ccache: update to upstream version 3.1.9

2013-08-26 11:47:19 +01:00

cdrtools

cdrtools-native: upgrade to 3.01a20

2014-01-14 11:33:52 +00:00

chrpath

chrpath: upgrade to 0.16

2014-03-02 17:25:28 +00:00

cmake

cmake: Improve method for not building ccmake

2014-04-08 17:45:08 +01:00

desktop-file-utils

Replace one-line DESCRIPTION with SUMMARY

2014-01-02 12:50:18 +00:00

devel-config

recipes: convert remaining SUMMARY/DESCRIPTION cosmetic issues

2014-02-17 15:28:59 +00:00

diffstat

diffstat: enable ptest support

2014-02-17 15:28:58 +00:00

distcc

distcc: rename systemd service to distcc

2014-02-06 15:30:45 +00:00

dmidecode

dmidecode: add powerpc to compatible host

2014-03-11 08:11:41 -07:00

docbook-dsssl-stylesheets

sgml-common-native: fix the generation of sgml-docbook.cat

2014-03-19 14:42:43 +00:00

docbook-sgml-dtd

sgml-common-native: fix the generation of sgml-docbook.cat

2014-03-19 14:42:43 +00:00

docbook-utils

docbook-utils-native: Unbreak the build after source and build dir split

2013-03-25 20:51:19 +00:00

dosfstools

Don't set DESCRIPTION to the same value as SUMMARY

2013-12-03 17:45:52 +00:00

dpkg

dpkg: Security Advisory - CVE-2014-0471

2014-10-10 15:06:06 +01:00

e2fsprogs

e2fsprogs: fix multilib header conflict - ext2_types.h

2014-04-09 09:53:14 +01:00

elfutils

Replace one-line DESCRIPTION with SUMMARY

2014-01-02 12:50:18 +00:00

expect

expect: fix do_install failure on SLED 11.2

2014-03-19 14:42:43 +00:00

file

file: Update to 5.16

2013-12-09 18:01:44 +00:00

flex

flex: enable ptest support

2014-02-14 12:30:20 +00:00

gcc

gcc: Clean up configure_prepend and fix for mingw

2014-06-16 14:52:08 +01:00

gdb

gdb: add PACKAGECONFIG for babeltrace

2014-05-29 13:42:24 +01:00

git

git: Fix various makefile flags

2014-05-29 13:42:24 +01:00

gnu-config

recipes: Remove PR = r0 from all recipes

2013-10-30 14:52:04 +00:00

guile

recipes: convert remaining SUMMARY/DESCRIPTION cosmetic issues (part 2)

2014-02-20 14:28:13 +00:00

guilt

guilt-native: tidy up recipe

2014-01-02 12:50:24 +00:00

help2man

help2man: Update to 1.44.1

2014-02-17 15:28:58 +00:00

icecc-create-env

icecc-create-env-native: add SUMMARY and tweak DESCRIPTION

2014-01-02 12:50:23 +00:00

icon-naming-utils

autotools-brokensep: Mark recipes with broken separate build dir support

2014-02-28 14:01:16 +00:00

insserv

insserv: enable ptest support

2014-02-21 16:09:08 +00:00

installer

adt-installer: fix sed input file error

2014-10-10 15:06:05 +01:00

intltool

intltool: Define DATADIRNAME=share for uclibc based systems

2014-03-17 14:01:41 +00:00

json-c

recipes: convert remaining SUMMARY/DESCRIPTION cosmetic issues

2014-02-17 15:28:59 +00:00

kconfig-frontends

kconfig-frontends: fix the incorrect depends on gperf

2014-01-06 11:14:00 +00:00

libtool

libtool: Set CONFIG_SHELL for nativesdk

2014-01-31 15:44:21 +00:00

linuxdoc-tools

autotools-brokensep: Mark recipes with broken separate build dir support

2014-02-28 14:01:16 +00:00

m4: upgrade to 1.4.17

2013-10-26 15:59:10 +01:00

make

make-3.81: Fix build failures with newer makeinfo

2014-03-30 10:10:34 +01:00

makedevs

Replace one-line DESCRIPTION with SUMMARY

2014-01-02 12:50:18 +00:00

mkelfimage

autotools-brokensep: Mark recipes with broken separate build dir support

2014-02-28 14:01:16 +00:00

mklibs

Add missing SUMMARY values

2014-01-02 12:50:18 +00:00

mmc

mmc-utils: fix compilation failure for mips64 target.

2014-05-29 13:42:21 +01:00

mtd

mtd-utils: Update version to include fixes after 1.5.0

2014-03-11 09:30:13 -07:00

mtools

mtools: add ability to compile with nativesdk

2013-12-09 18:01:45 +00:00

nasm

autotools-brokensep: Mark recipes with broken separate build dir support

2014-02-28 14:01:16 +00:00

openjade

sgml-common-native: fix the generation of sgml-docbook.cat

2014-03-19 14:42:43 +00:00

opensp

opensp: replace obsolete automake macros with working ones

2013-01-15 08:10:12 +00:00

opkg

opkg/dpkg: remove the postinstalls

2014-03-07 15:05:08 +00:00

opkg-utils

opkg-utils: Update to latest git master

2014-03-07 14:49:32 +00:00

orc

Replace one-line DESCRIPTION with SUMMARY

2014-01-02 12:50:18 +00:00

ossp-uuid

recipes: convert remaining SUMMARY/DESCRIPTION cosmetic issues (part 2)

2014-02-20 14:28:13 +00:00

packagegroups

packagegroup-*: add RREPLACES/RCONFLICTS

2012-09-04 18:03:18 +01:00

patch

recipes: Remove PR = r0 from all recipes

2013-10-30 14:52:04 +00:00

pax-utils

recipes: Remove PR = r0 from all recipes

2013-10-30 14:52:04 +00:00

perl

perl: fix missing Module::Metadata

2014-05-29 13:42:21 +01:00

pkgconfig

pkgconfig: Drop glibconfig from SRC_URI to unbreak builds after previous commit

2014-01-28 22:33:32 +00:00

postinst-intercept

postinst-intercept: New recipe to include postinstall intercepts in nativesdk

2014-02-02 22:37:40 +00:00

prelink

prelink: Set the branch name correctly for the revision we're using

2013-12-05 16:27:12 +00:00

pseudo

pseudo-1.5.1: keep install command directory mode

2014-03-31 22:53:45 +01:00

python

python-native : Add patch to fix configure error with gcc 4.8.

2014-06-17 09:00:26 +01:00

qemu

qemu: Explicitly disable libiscsi, its not in DEPENDS

2014-09-20 10:41:28 +01:00

quilt

autotools-brokensep: Mark recipes with broken separate build dir support

2014-02-28 14:01:16 +00:00

remake

remake: fix insufficient gettext dependency

2013-07-24 11:35:36 +01:00

rpm

rpm: Fix cpio 32 bit overflow issues on 64 bit inode filesystems

2014-06-12 17:48:20 +01:00

rsync

Replace one-line DESCRIPTION with SUMMARY

2014-01-02 12:50:18 +00:00

run-postinsts

run-postinsts: fix issue with checking IMAGE_FEATURES

2014-03-27 15:44:43 +00:00

sgml-common

sgml-common-native: fix the generation of sgml-docbook.cat

2014-03-19 14:42:43 +00:00

sgmlspl

Don't set DESCRIPTION to the same value as SUMMARY

2013-12-03 17:45:52 +00:00

squashfs-tools

squashfs-tools: set SUMMARY instead of DESCRIPTION

2013-12-03 17:45:52 +00:00

strace

Replace one-line DESCRIPTION with SUMMARY

2014-01-02 12:50:18 +00:00

subversion

subversion: fix for Security Advisory CVE-2013-4277

2014-05-29 13:43:29 +01:00

swabber

Replace one-line DESCRIPTION with SUMMARY

2014-01-02 12:50:18 +00:00

syslinux

syslinux-native: fix parallel building issue

2014-05-29 13:42:23 +01:00

tcf-agent

tcf-agent: add systemd support

2014-05-29 13:42:23 +01:00

tcltk

tcl: fix path in Config.sh for sstate

2014-03-25 21:26:49 +00:00

ubootchart

Replace one-line DESCRIPTION with SUMMARY

2014-01-02 12:50:18 +00:00

unfs3

recipes: convert remaining SUMMARY/DESCRIPTION cosmetic issues (part 2)

2014-02-20 14:28:13 +00:00

unifdef

Replace one-line DESCRIPTION with SUMMARY

2014-01-02 12:50:18 +00:00

vala

vala: inherit pkgconfig

2014-04-10 17:35:15 +01:00

valgrind

valgrind: integration of regression tests to ptest

2014-02-21 16:09:07 +00:00

yasm

yasm: add from meta-oe and tweak

2013-08-13 23:05:58 +01:00

zisofs-tools

Revert "zisofs-tools-native: Add missing dependency on zlib-native"

2014-03-31 23:04:35 +01:00