mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-09 10:13:03 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
7c9d09d47c628f9fec00edae5100bc459ce7949f
poky/meta/recipes-devtools
History
Divya Chellam 138ab1c7df ruby: fix CVE-2024-41946 
REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS
vulnerability when it parses an XML that has many entity expansions
with SAX2 or pull parser API. The REXML gem 3.3.3 or later include
the patch to fix the vulnerability.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2024-41946

Upstream-patch:
033d1909a8

(From OE-Core rev: b0e74fd8922bba8e954a223ec46de5c33d2ff743)

Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-02-24 07:00:53 -08:00
..
apt
apt: add missing <cstdint> for uint16_t
2023-10-18 05:13:24 -10:00
autoconf
autoconf: Update K & R stype functions
2022-09-16 17:53:22 +01:00
autoconf-archive
autoconf-archive: upgrade 2021.02.19 -> 2022.02.11
2022-02-16 09:46:29 +00:00
automake
automake: fix buildtest patch
2023-08-26 04:24:02 -10:00
binutils
binutils: internal gdb: Fix CVE-2024-53589
2025-02-05 06:54:35 -08:00
bison
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
bootchart2
bootchart2: Fix usrmerge support
2023-02-15 21:46:56 +00:00
btrfs-tools
btrfs-tools: upgrade 5.16 -> 5.16.2
2022-03-04 17:14:15 +00:00
cargo
rust-common: Drop LLVM_TARGET and simplify
2022-06-07 11:53:26 +01:00
ccache
ccache: fix build with gcc-13
2023-10-05 15:48:49 -10:00
cdrtools
cdrtools-native: fix build with gcc-14
2024-10-12 05:17:58 -07:00
chrpath
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
cmake
cmake: Fix sporadic issues when determining compiler internals
2024-11-15 06:05:32 -08:00
createrepo-c
createrepo-c: upgrade 0.18.0 -> 0.19.0
2022-03-16 10:31:40 +00:00
dejagnu
dejagnu: Fix LICENSE
2024-09-16 06:09:56 -07:00
desktop-file-utils
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
devel-config
Convert to new override syntax
2021-08-02 15:44:10 +01:00
diffstat
diffstat: remove unneeded patch
2021-11-25 21:55:10 +00:00
distcc
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
dmidecode
dmidecode: fixup for CVE-2023-30630
2023-08-19 05:56:58 -10:00
dnf
dnf: upgrade 4.10.0 -> 4.11.1
2022-03-16 10:31:40 +00:00
docbook-xml
docbook-xml: patch is not upstreamable
2021-11-03 11:12:26 +00:00
dosfstools
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
dpkg
dpkg: fix CVE-2022-1664
2022-08-01 16:27:29 +01:00
dwarfsrcfiles
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
e2fsprogs
e2fsprogs: fix ptest bug for second running
2023-06-21 04:00:58 -10:00
elfutils
elfutils: Disable stringop-overflow warning for build host
2024-01-04 05:00:13 -10:00
erofs-utils
erofs-utils: Use __SANE_USERSPACE_TYPES__ on ppc64
2022-03-15 08:40:09 +00:00
expect
expect: modify fixline1 script
2022-03-16 13:39:12 +00:00
fdisk
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
file
file: fix CVE-2022-48554
2023-09-08 16:09:41 -10:00
flex
meta/scripts: Automated conversion of OE renamed variables
2022-02-21 23:37:27 +00:00
gcc
classes/qemu: use tune to select QEMU_EXTRAOPTIONS, not package architecture
2025-01-24 07:49:28 -08:00
gdb
gdb: Fix CVE-2024-53589
2025-02-05 06:54:35 -08:00
git
git: Fix multiple CVEs
2024-06-01 19:07:52 -07:00
glide
go-helloworld/glide: Fix urls
2021-11-03 10:12:42 +00:00
gnu-config
gnu-config: update SRC_URI
2022-03-24 17:45:29 +00:00
go
go: Fix CVE-2024-45336
2025-02-15 06:04:43 -08:00
help2man
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
i2c-tools
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
icecc-create-env
meta, meta-selftest: Replace more non-SPDX license identifiers
2022-03-01 23:44:59 +00:00
icecc-toolchain
Convert to new override syntax
2021-08-02 15:44:10 +01:00
intltool
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
jquery
meta/scripts: Automated conversion of OE renamed variables
2022-02-21 23:37:27 +00:00
json-c
json-c: define CVE_VERSION
2023-10-05 15:48:49 -10:00
libcomps
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
libdnf
libdnf: resolve cstdint inclusion for newer gcc versions
2023-09-08 16:09:42 -10:00
libedit
libedit: Make docs generation deterministic
2024-09-16 06:09:56 -07:00
libmodulemd
libmodulemd: upgrade 2.13.0 -> 2.14.0
2022-02-10 10:32:08 +00:00
librepo
librepo: upgrade 1.14.2 -> 1.14.3
2022-05-25 22:45:50 +01:00
libtool
libtool: Upgrade 2.4.6 -> 2.4.7
2022-03-23 12:13:49 +00:00
llvm
llvm: reduce size of -dbg package
2024-11-27 06:27:26 -08:00
log4cplus
log4cplus: upgrade 2.0.7 -> 2.0.8
2022-08-04 16:29:15 +01:00
lua
lua: Fix install conflict when enable multilib.
2023-03-20 17:20:44 +00:00
m4
m4: Fix build on musl/ppc
2022-03-11 06:56:01 +00:00
make
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
makedevs
makedevs: Don't use COPYING.patch just to add license file into ${S}
2022-06-11 10:06:13 +01:00
meson
meson: Fix wrapper handling of implicit setup command
2023-03-20 17:20:44 +00:00
mmc
mmc-utils: upgrade to latest revision
2022-05-25 22:45:50 +01:00
mtd
mtd-utils: upgrade 2.1.4 -> 2.1.5
2022-12-01 19:35:05 +00:00
mtools
mtools: upgrade 4.0.37 -> 4.0.38
2022-03-20 00:02:22 +00:00
nasm
nasm: fix CVE-2020-21528
2023-09-08 16:09:41 -10:00
ninja
ninja: fix build with python 3.13
2024-12-02 06:23:20 -08:00
opkg
opkg: Set correct info_dir and status_file in opkg.conf
2022-12-13 15:23:34 +00:00
opkg-utils
opkg-utils: use a git clone, not a dynamic snapshot
2022-11-09 17:42:08 +00:00
orc
orc: upgrade 0.4.39 -> 0.4.40
2024-11-02 06:32:36 -07:00
patch
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
patchelf
patchelf: replace a rejected patch with an equivalent uninative.bbclass tweak
2023-04-11 11:31:52 +01:00
perl
perl: ignore CVE-2023-47100
2024-04-19 04:50:38 -07:00
perl-cross
perl: update 5.34.1 -> 5.34.3
2023-12-22 16:36:55 -10:00
pkgconf
pkgconf: fix CVE-2023-24056
2023-03-23 22:45:33 +00:00
pkgconfig
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
pseudo
pseudo: Fix envp bug and add posix_spawn wrapper
2024-11-15 06:05:32 -08:00
python
python3: Treat UID/GID overflow as failure
2025-02-15 06:04:44 -08:00
qemu
qemu: fix CVE-2024-3447
2024-12-09 07:54:03 -08:00
quilt
quilt: Fix merge.test race condition
2023-05-30 04:11:15 -10:00
repo
repo: upgrade 2.21 -> 2.22
2022-03-02 18:43:24 +00:00
rpm
rpm: Remove -Wimplicit-function-declaration warnings
2022-10-11 21:56:13 +01:00
rsync
rsync: fix CVE-2024-12747
2025-01-24 07:49:28 -08:00
ruby
ruby: fix CVE-2024-41946
2025-02-24 07:00:53 -08:00
run-postinsts
run-postinsts: Set dependency for ldconfig to avoid boot issues
2023-05-10 04:19:57 -10:00
rust
rust: ignore CVE-2024-43402
2024-10-12 05:17:57 -07:00
squashfs-tools
squashfs-tools: correct upstream version check
2022-03-20 00:02:22 +00:00
strace
strace: Update patches/tests with upstream fixes
2023-07-12 05:11:38 -10:00
subversion
subversion: ignore CVE-2024-45720
2025-02-24 07:00:53 -08:00
swig
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
syslinux
syslinux: Disable error on implicit-function-declaration
2024-10-24 06:31:58 -07:00
systemd-bootchart
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
tcf-agent
tcf-agent: cleanup patches
2021-12-08 20:22:10 +00:00
tcltk
tcl: skip async and event tests in run-ptest
2024-04-19 04:50:39 -07:00
unfs3
unfs3: add missing Upstream-Status tag
2021-11-21 11:05:02 +00:00
unifdef
meta/recipes-devtools: Add HOMEPAGE / DESCRIPTION
2021-02-26 15:21:21 +00:00
vala
vala: add -Wno-error=incompatible-pointer-types work around
2024-11-02 06:32:36 -07:00
valgrind
valgrind: disable avx_estimate_insn.vgtest
2024-10-12 05:17:58 -07:00
xmlto
xmlto: backport a patch to fix build with gcc-14 on host
2024-11-11 06:19:18 -08:00