mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-23 00:32:12 +02:00
Code Issues Packages Projects Releases Wiki Activity
50,488 Commits 38 Branches 623 Tags
97ee1f80870745bf6c542ee2f184c9e468672714
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Sinan Kaya 97ee1f8087 python3: CVE-2018-1061 
* CVE-2018-1060
Prevent low-grade poplib REDOS:
The regex to test a mail server's timestamp is susceptible to
catastrophic backtracking on long evil responses from the server.

Happily, the maximum length of malicious inputs is 2K thanks
to a limit introduced in the fix for CVE-2013-1752.

* CVE-2018-1061
Prevent difflib REDOS
The default regex for IS_LINE_JUNK is susceptible to
catastrophic backtracking.
This is a potential DOS vector.
Replace it with an equivalent non-vulnerable regex.

Affects < 3.5.6rc1

CVE: CVE-2018-1060
CVE: CVE-2018-1061
Ref: https://access.redhat.com/security/cve/cve-2018-1060
Ref: https://access.redhat.com/security/cve/cve-2018-1061

(From OE-Core rev: 1461bcc72e6649920ecf4226e006e5667c48a21c)

Signed-off-by: Sinan Kaya <okaya@kernel.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2018-10-18 11:08:53 +01:00
bitbake
bitbake: fetcher: Fixed remote removal not throwing exception.
2018-10-10 13:26:25 +01:00
documentation
documentation: Updated for a 2.5.1 release
2018-08-15 10:28:12 +01:00
meta
python3: CVE-2018-1061
2018-10-18 11:08:53 +01:00
meta-poky
poky.conf: Bump version for sumo 2.5.1
2018-08-06 16:32:38 +01:00
meta-selftest
oeqa/runtime/cases/dnf_runtime.py: skip test if PACKAGE_FEED_URIS is not set
2018-07-02 11:41:25 +01:00
meta-skeleton
hello-mod_0.1.bb: add RPROVIDES
2018-04-07 11:44:50 +01:00
meta-yocto-bsp
oeqa/selftest/systemd_boot: Never use cleansstate in QA tests without special handling of SSTATE_DIR
2018-07-15 16:19:20 +01:00
scripts
checklayer: avoid recursive loop in add_layer_dependencies
2018-10-18 11:08:53 +01:00
.gitignore
gitignore: ignore bitbake documentation build products
2018-03-28 12:50:25 +01:00
.templateconf
meta-yocto: Rename to meta-poky to better match its purpose
2016-02-28 11:31:17 +00:00
LICENSE
Fix license notices for OE-Core
2014-01-02 12:58:54 +00:00
oe-init-build-env
oe-init-build-env-memres: Drop it
2017-07-21 08:44:25 +01:00
README.hardware
meta-yocto: Restructure and tidy up READMEs
2017-09-14 13:36:22 +01:00
README.LSB
pax: remove the recipe
2018-02-24 10:31:45 +00:00
README.poky
meta-yocto: Restructure and tidy up READMEs
2017-09-14 13:36:22 +01:00
README.qemu
README.qemu: qemuppc64 is not supported
2017-10-16 23:54:31 +01:00

README.qemu 

QEMU Emulation Targets
======================

To simplify development, the build system supports building images to
work with the QEMU emulator in system emulation mode. Several architectures
are currently supported in 32 and 64 bit variants:

  * ARM (qemuarm + qemuarm64)
  * x86 (qemux86 + qemux86-64)
  * PowerPC (qemuppc only)
  * MIPS (qemumips + qemumips64)

Use of the QEMU images is covered in the Yocto Project Reference Manual.
The appropriate MACHINE variable value corresponding to the target is given
in brackets.
Description
No description provided
Readme 251 MiB