poky/recipes-extended at 8fbb62264f6213a6676858d0cfb5a94de69f83c1 - poky

mirror of https://git.yoctoproject.org/poky synced 2026-05-20 20:27:53 +02:00

Files

Mikko Rapeli df729eb610 zip: whitelist CVE-2018-13410 and CVE-2018-13684

https://nvd.nist.gov/vuln/detail/CVE-2018-13410 is disputed and
also Debian considers it not a vulnerability:

https://security-tracker.debian.org/tracker/CVE-2018-13410

http://seclists.org/fulldisclosure/2018/Jul/24
"Negligible security impact, would involve that a untrusted party controls the -TT value."

https://nvd.nist.gov/vuln/detail/CVE-2018-13684 is not for zip, also Debian concludes this:

https://security-tracker.debian.org/tracker/CVE-2018-13684

"NOT-FOR-US: smart contract implementation for ZIP"

(From OE-Core rev: 872342a37d6159844fcb8d9f0cbf37f011643195)

Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 06b72a91b6dcf63fed437fd2105c59e922ba6525)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2021-01-21 23:08:16 +00:00

acpica

acpica: Upgrade 20200214 -> 20200430 for gcc-10 fixes

2020-06-23 11:40:46 +01:00

asciidoc

asciidoc: use correct XML catalog path

2019-04-05 17:32:50 +01:00

at: fix a spelling mistake.

2019-08-21 21:52:59 +01:00

bash

bash: Rename patch name

2021-01-01 11:55:35 +00:00

bc: dc: fix exit code of q command

2019-07-02 08:13:07 +01:00

blktool

blktool: remove a duplicate patch

2019-03-29 08:28:53 +00:00

bzip2

bzip2/pbzip2: Correct license information

2020-05-07 13:03:30 +01:00

cpio

cpio: add patch to fix issues with gcc 10

2020-06-23 11:40:46 +01:00

cracklib

cracklib: Apply patch to fix CVE-2016-6318

2016-09-24 07:30:10 +01:00

cronie

cronie:fix SRC_URI path

2019-12-15 09:10:46 +00:00

cups

cups: Mark CVE-2008-1033 as a non-issue

2021-01-01 11:55:35 +00:00

cwautomacros

cwautomacros: cleanup buildpath in autogen.sh

2015-10-01 07:43:34 +01:00

diffutils

diffutils: Added perl to support ptest & Skipped one test case

2019-09-07 13:08:34 +01:00

ed: set CVE vendor to avoid false positives

2019-07-18 12:16:19 +01:00

ethtool

ethtool: upgrade 5.3 -> 5.4

2020-01-27 16:48:08 +00:00

findutils

findutils: drop upstream-version-is-even

2020-02-03 13:03:31 +00:00

gawk

gawk: fix failing ptests

2020-01-10 21:18:22 +00:00

ghostscript

ghostscript: update to 9.52

2020-08-27 08:25:50 +01:00

go-examples

oe-core: take UPSTREAM_CHECK_COMMITS into use where possible

2017-11-30 10:49:22 +00:00

gperf

gperf: don't use aclocal.m4/acinclude.m4 dance

2017-12-10 22:45:19 +00:00

grep

grep: Fix shell after autotools changes

2020-01-28 11:11:20 +00:00

groff

groff: Fix reproducibility issue

2021-01-01 11:55:34 +00:00

gzip

gzip: do not pull in perl-ptest for gzip-ptest

2020-01-10 21:18:22 +00:00

hdparm

hdparm: upgrade 9.56 -> 9.58

2019-02-19 16:14:57 +00:00

images

core-image-testmaster: use Python 3

2019-12-30 08:47:12 +00:00

iptables

iptables: upgrade 1.8.3 -> 1.8.4

2020-02-02 16:57:21 +00:00

iputils

iputils: Initialize libgcrypt

2020-05-07 13:03:30 +01:00

less

less: upgrade 550 -> 551

2019-06-19 12:46:43 +01:00

libaio

libaio: Extend to native

2018-11-14 11:14:39 +00:00

libarchive

libarchive: support mbedtls in PACKAGECONFIG

2020-03-01 10:40:11 +00:00

libidn

libidn: Move to meta-oe

2020-02-25 10:41:22 +00:00

libmnl

recipes: change SRC_URI to use https

2019-12-06 14:41:28 +00:00

libnsl

libnsl2: Update to latest master

2019-11-14 13:20:59 +00:00

libnss-nis

libnss-nis: upgrade 3.0 -> 3.1

2019-08-22 22:48:26 +01:00

libpipeline

libpipeline: upgrade 1.5.1 -> 1.5.2

2020-01-21 12:52:53 +00:00

libsolv

libsolv: Enable rpm packageconfig by default only if rpm O_P_M is enabled

2020-02-21 17:48:09 +00:00

libtirpc

libtirpc: remove extra "-fcommon" from CFLAGS

2020-06-23 11:40:46 +01:00

lighttpd

lighttpd: upgrade 1.4.54 -> 1.4.55

2020-02-08 13:20:02 +00:00

logrotate

logrotate: Drop obsolete setting/comment

2020-06-18 12:25:00 +01:00

lsb

meta: fix some unresponsive homepages and bugtracker links

2020-11-12 13:07:52 +00:00

lsof

lsof: Make it compatible with externalsrc

2018-10-10 17:59:09 +01:00

ltp

meta: add/fix invalid Upstream-Status tags

2020-10-06 14:15:21 +01:00

lzip

lzip: upgrade 1.20 -> 1.21

2019-02-19 16:14:57 +00:00

man-db

man-db: Fix reproducibility issue

2021-01-09 09:17:17 +00:00

man-pages

man-pages: upgrade 5.04 -> 5.05

2020-02-21 09:39:00 +00:00

mc: Fix manpage date indeterminism

2020-02-06 12:16:34 +00:00

mdadm

mdadm: remove service template from SYSTEMD_SERVICE

2020-06-26 18:26:48 +01:00

mingetty

mingetty: fix usrmerge install path

2018-08-24 07:53:14 +01:00

minicom

minicom: RDEPENDS on ncurses-terminfo-base

2021-01-09 09:17:16 +00:00

msmtp

msmtp: upgrade 1.8.6 -> 1.8.7

2020-01-21 12:52:53 +00:00

net-tools

net-tools: backport a patch from upstream to use the same ifconfig format as debian/ubuntu

2020-06-26 18:26:49 +01:00

newt

libnewt: Backport patch to fix reproducibility

2020-05-22 16:23:23 +01:00

packagegroups

core-image-full-cmdline: Add less

2019-11-21 23:08:20 +00:00

pam

libpam: Remove option 'obscure' from common-password

2020-06-26 18:26:49 +01:00

parted

glib-networking/btrfs-tools/dosfstools/parted/bmap-tools/libsoup-2.4: add nativesdk support

2020-12-18 14:20:19 +00:00

pbzip2

meta: fix some unresponsive homepages and bugtracker links

2020-11-12 13:07:52 +00:00

perl

libxml-sax-perl: upgrade 1.00 -> 1.02

2019-06-19 12:46:43 +01:00

pigz

Revert "pigz: Add debug for autobuilder errors"

2019-06-30 23:33:45 +01:00

procps

procps: upstream has switched to gitlab

2020-02-18 23:53:54 +00:00

psmisc

Revert "psmisc: Fix dependency for USE_NLS=no"

2020-02-25 10:41:22 +00:00

quota

quota: update to 4.05

2019-04-23 23:30:19 +01:00

rpcbind

rpcbind: Use update-alternatives for rpcinfo

2020-09-17 12:51:24 +01:00

rpcsvc-proto

rpcsvc-proto: Update to 1.4

2018-05-29 21:07:17 +01:00

screen

screen: upgrade 4.7.0 -> 4.8.0

2020-02-21 17:48:08 +00:00

sed

sed: upgrade 4.7 -> 4.8

2020-02-03 13:03:32 +00:00

shadow

libtools-cross/shadow-sysroot: Use nopackages inherit

2020-10-15 13:45:50 +01:00

slang

slang: modify an array test

2019-06-07 09:11:49 +01:00

stress-ng

stress-ng: Upgrade 0.11.01 -> 0.11.17

2020-10-15 13:45:49 +01:00

sudo

sudo: upgrade 1.8.30 -> 1.8.31

2020-02-14 13:07:23 +00:00

sysklogd

sysklogd: fix one parallel build error

2020-03-24 16:39:40 +00:00

sysstat

sysstat: fix installed-vs-shipped QA Issue in systemd

2020-09-10 19:07:40 +01:00

tar

tar: Fix build determinism, disable rsh

2020-02-06 12:16:34 +00:00

tcp-wrappers

tcp-wrappers: Remove redundant forward declarations

2020-01-21 12:52:53 +00:00

texinfo

texinfo: update to 6.7

2019-12-09 12:00:43 +00:00

texinfo-dummy-native

texinfo/texinfo-dummy-native: Drop native path prefix

2020-02-03 00:10:11 +00:00

time

time:1.8 -> 1.9

2018-05-04 13:28:05 +01:00

timezone

timezone: upgrade to 2020f

2021-01-13 08:57:57 +00:00

unzip

unzip: Fix CVE-2019-13232

2019-09-30 16:55:21 +01:00

watchdog

watchdog: fix PIDFile path in existing patch

2019-10-08 11:22:24 +01:00

wget

wget: improve reproducible build

2020-05-22 16:23:24 +01:00

which

meta: fix some unresponsive homepages and bugtracker links

2020-11-12 13:07:52 +00:00

xdg-utils

recipes: change SRC_URI to use https

2019-12-06 14:41:28 +00:00

xinetd

xinetd: Fix systemd service for systemd>237

2018-06-15 17:56:24 +01:00

xz: Fix shell after autotools changes

2020-01-28 11:11:20 +00:00

zip

zip: whitelist CVE-2018-13410 and CVE-2018-13684

2021-01-21 23:08:16 +00:00