mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-03-06 23:39:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
9df395c6b6cc0726ba185d00a20c2d922d1fcbfe
poky/meta/recipes-extended
History
Joe Slater add828fa4f tar: Update fix for CVE-2022-48303 to upstream version 
Fixes CVE-2022-48303 by checking Base-256 encoding is at least
2 bytes long. GNU Tar through 1.34 has a one-byte out-of-bounds
read that results in use of uninitialized memory for a conditional
jump. Exploitation to change the flow of control has not been
demonstrated. The issue occurs in from_header in list.c via a
V7 archive in which mtime has approximately 11 whitespace characters.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2022-48303

Upstream patch:
https://savannah.gnu.org/bugs/?62387
https://git.savannah.gnu.org/cgit/tar.git/patch/src/list.c?id=3da78400eafcccb97e2f2fd4b227ea40d794ede8

(From OE-Core rev: 0043c9d3f7b65a0cbb0a27c37b4825b8f5511dec)

Signed-off-by: Rodolfo Quesada Zumbado <rodolfo.zumbado@windriver.com>
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-02-19 07:47:53 +00:00
..
acpica
acpica: upgrade 20211217 -> 20220331
2022-04-19 14:14:10 +01:00
asciidoc
asciidoc: upgrade 10.1.4 -> 10.2.0
2022-05-31 15:24:18 +01:00
at
at: Change when files are copied
2023-01-12 23:08:59 +00:00
baremetal-example
baremetal-helloworld: Move from skeleton to recipes-extended matching what rust-hello-world is doing
2023-01-12 23:08:58 +00:00
bash
bash: upgrade 5.2.9 -> 5.2.15
2023-01-06 12:03:48 +00:00
bc
bc: extend to nativesdk
2022-12-06 15:23:18 +00:00
blktool
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
bzip2
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
cpio
cpio: Add ptest support
2023-02-10 09:25:44 +00:00
cracklib
cracklib: upgrade 2.9.7 -> 2.9.8
2022-09-08 14:59:39 +01:00
cronie
cronie: add selinux PACKAGECONFIG
2022-11-27 23:54:51 +00:00
cups
meta: fix version checks in all github recipes using the github-releases class
2022-09-28 08:01:10 +01:00
cwautomacros
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
diffutils
diffutils: update 3.8 -> 3.9
2023-02-09 09:57:24 +00:00
ed
ed: upgrade 1.18 -> 1.19
2023-01-16 10:42:07 +00:00
ethtool
ethtool: upgrade 6.0 -> 6.1
2023-01-15 08:49:08 +00:00
findutils
meta, meta-selftest: Replace more non-SPDX license identifiers
2022-03-01 23:44:59 +00:00
gawk
gawk: update 5.1.1 -> 5.2.1
2022-11-27 23:54:51 +00:00
ghostscript
ghostscript: update 9.56.1 -> 10.0.0
2022-12-18 19:48:00 +00:00
go-examples
go-helloworld: remove unused GO_WORKDIR
2022-04-29 17:54:25 +01:00
gperf
gperf: Make the code C++17 compliant
2023-01-16 10:42:07 +00:00
grep
grep: update 3.7 -> 3.8
2022-10-29 16:28:35 +01:00
groff
groff: Drop use of register storage class
2023-01-16 10:42:07 +00:00
gzip
gzip: upgrade 1.11 -> 1.12
2022-04-10 08:31:17 +01:00
hdparm
hdparm: update 9.64 -> 9.65
2022-10-29 16:28:35 +01:00
images
core-image-testmaster: Rename to core-image-testcontroller
2022-02-20 16:45:25 +00:00
iptables
iptables: upgrade 1.8.7 -> 1.8.8
2022-05-20 22:52:22 +01:00
iputils
iputils: update to 20221126
2022-11-29 10:29:58 +00:00
less
less: upgrade 600 -> 608
2022-09-21 20:19:53 +01:00
libaio
libaio: upgrade 0.3.112 -> 0.3.113
2022-04-19 14:14:12 +01:00
libarchive
libarchive: upgrade 3.6.1 -> 3.6.2
2022-12-28 23:59:56 +00:00
libidn
libidn2: upgrade 2.3.3 -> 2.3.4
2022-11-08 22:47:16 +00:00
libmnl
libmnl: remove unneeded SRC_URI 'name' option
2022-08-10 08:25:28 +01:00
libnsl
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
libnss-nis
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
libpipeline
libpipeline: upgrade 1.5.6 -> 1.5.7
2022-11-20 08:29:07 +00:00
libsolv
libsolv: upgrade 0.7.22 -> 0.7.23
2023-01-06 12:03:48 +00:00
libtirpc
libtirpc: Check if file exists before operating on it
2023-01-24 22:06:51 +00:00
lighttpd
lighttpd: upgrade 1.4.68 -> 1.4.69
2023-02-15 10:21:34 +00:00
logrotate
logrotate: upgrade 3.20.1 -> 3.21.0
2023-01-06 12:03:47 +00:00
lsb
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
lsof
lsof: upgrade 4.96.5 -> 4.98.0
2023-02-09 09:57:24 +00:00
ltp
ltp: upgrade 20220930 -> 20230127
2023-02-09 09:57:25 +00:00
lzip
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
man-db
man-db: upgrade 2.11.1 -> 2.11.2
2023-01-16 10:42:07 +00:00
man-pages
man-pages: upgrade 6.01 -> 6.02
2023-01-15 08:49:08 +00:00
mc
mc: update 4.8.28 -> 4.8.29
2023-02-09 09:57:24 +00:00
mdadm
mdadm: Define alignof using _Alignof when using C11 or newer
2023-01-20 16:40:47 +00:00
mingetty
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
minicom
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
msmtp
msmtp: upgrade 1.8.22 -> 1.8.23
2023-02-08 10:29:01 +00:00
net-tools
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
newt
libnewt: update 0.52.21 -> 0.52.23
2022-12-18 19:48:00 +00:00
packagegroups
packagegroup-core-full-cmdline: Drop compatibility mappings
2021-11-13 16:11:27 +00:00
pam
libpam: fix CVE-2022-28321
2022-11-23 18:27:07 +00:00
parted
udev-extraconf/initrdscripts/parted: Rename mount.blacklist -> mount.ignorelist
2022-05-20 22:52:22 +01:00
pbzip2
Convert to new override syntax
2021-08-02 15:44:10 +01:00
perl
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
pigz
pigz: upgrade 2.6 -> 2.7
2022-01-20 11:57:29 +00:00
procps
procps: restrict version check to 3.x
2022-07-08 00:09:42 +01:00
psmisc
psmisc: upgrade 23.5 -> 23.6
2022-12-22 23:05:50 +00:00
quota
quota: update 4.06 -> 4.09
2022-11-22 12:26:46 +00:00
rpcbind
rpcbind: install rpcbind.conf
2021-11-13 16:11:28 +00:00
rpcsvc-proto
rpcsvc-proto: Use autoconf knob to enable largefile support
2022-12-13 23:31:40 +00:00
rust-example
rust-hello-world: move to recipes-extended
2022-09-13 10:36:50 +01:00
screen
screen: Add missing include files in configure checks
2022-08-17 19:57:32 +01:00
sed
sed: update 4.8 -> 4.9
2022-11-14 16:19:43 +00:00
shadow
shadow: update 4.12.3 -> 4.13
2022-11-22 12:26:46 +00:00
slang
slang: update 2.3.2 -> 2.3.3
2022-08-21 22:51:42 +01:00
stress-ng
stress-ng: Add missing header files for clock_adjtime
2023-02-15 10:21:35 +00:00
sudo
sudo: upgrade 1.9.12p1 -> 1.9.12p2
2023-02-09 09:57:25 +00:00
sysklogd
sysklogd: upgrade 2.4.2 -> 2.4.4
2022-08-21 22:51:42 +01:00
sysstat
sysstat: upgrade 12.6.1 -> 12.6.2
2023-02-09 09:57:25 +00:00
tar
tar: Update fix for CVE-2022-48303 to upstream version
2023-02-19 07:47:53 +00:00
tcp-wrappers
tcp-wrappers: Fix implicit-function-declaration warnings
2022-08-10 08:25:28 +01:00
texinfo
texinfo: upgrade 7.0.1 -> 7.0.2
2023-02-09 09:57:25 +00:00
texinfo-dummy-native
meta/recipes-extended: Add HOMEPAGE / DESCRIPTION
2021-03-06 22:39:04 +00:00
time
time: Add missing include for memset
2022-08-17 19:57:32 +01:00
timezone
tzdata: update 2022d -> 2022g
2022-12-18 19:48:00 +00:00
unzip
unzip: Always enable largefile support
2022-08-16 14:57:58 +01:00
watchdog
watchdog: Remove unneeded tirpc dependency
2022-09-13 10:36:50 +01:00
wget
wget: upgrade 1.21.2 -> 1.21.3
2022-03-02 18:43:24 +00:00
which
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
xdg-utils
xdg-utils: Add fix for CVE-2020-27748
2021-09-04 08:44:11 +01:00
xinetd
xinetd: move xconv.pl script to separate package
2023-02-02 10:27:30 +00:00
xz
xz: upgrade 5.4.0 -> 5.4.1
2023-01-16 10:42:07 +00:00
zip
zip: Always enable LARGE_FILE_SUPPORT
2022-08-16 14:57:58 +01:00
zstd
zstd: do verbose builds
2022-07-25 22:59:00 +01:00