mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-10 10:43:02 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
a54b87c4fda66037226e8ab08d91d4654f710abd
poky/meta/recipes-devtools
History
Minjae Kim 2e58b9e396 librepo: fix CVE-2020-14352 
librepo: missing path validation in repomd.xml may lead to directory traversal

Upstream-Status: Acepted [7daea2a242]
CVE: CVE-2020-14352
(From OE-Core rev: f0df1ff1de6ca9a239d7eafd335b753d6a6e6471)

Signed-off-by: Minjae Kim <flowergom@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-03-10 00:22:50 +00:00
..
apt
apt-native: don't let dpkg overwrite files by default
2020-04-06 16:45:11 +01:00
autoconf
autoconf: consolidate DEPENDS
2020-09-17 12:51:24 +01:00
autoconf-archive
autoconf-archive: Add missing texinfo inherit
2020-02-02 16:57:21 +00:00
automake
automake: fix race in parallel builds
2018-07-30 12:44:34 +01:00
binutils
binutils: fix CVE-2020-16592/16598
2020-12-18 14:20:20 +00:00
bison
bison: update to 3.5.4 for CVE-2020-14150
2020-11-24 13:17:59 +00:00
bootchart2
bootchart2: switch to add patch from change source in do_install
2019-09-07 07:47:24 +01:00
btrfs-tools
glib-networking/btrfs-tools/dosfstools/parted/bmap-tools/libsoup-2.4: add nativesdk support
2020-12-18 14:20:19 +00:00
build-compare
build-compare: 2015.02.10 -> 2019.08.14
2019-09-06 14:58:09 +01:00
ccache
ccache: upgrade 3.7.3 -> 3.7.7
2020-02-03 13:03:31 +00:00
cdrtools
cdrtools-native: fix upstream version check
2020-05-22 16:23:23 +01:00
chrpath
meta: fix some unresponsive homepages and bugtracker links
2020-11-12 13:07:52 +00:00
cmake
cmake: whitelist CVE-2016-10642
2020-09-17 12:51:24 +01:00
createrepo-c
createrepo-c: upgrade 0.15.5 -> 0.15.7
2020-02-21 09:39:00 +00:00
dejagnu
meta: add missing some description in devtools
2019-10-08 11:22:24 +01:00
desktop-file-utils
desktop-file-utils: upgrade 0.23 -> 0.24
2019-08-22 22:48:27 +01:00
devel-config
Remove $COREBASE/LICENSE from LIC_FILES_CHKSUM
2016-10-28 16:15:18 +01:00
diffstat
diffstat: point the license checksum at the license
2021-01-13 08:57:57 +00:00
distcc
distcc: split into client and server packages
2019-09-27 13:02:16 +01:00
dmidecode
dmidecode: fix the Upstream-Status in a custom patch
2018-11-23 23:35:19 +00:00
dnf
dnf: fix reproducibilty issue
2020-03-12 22:49:28 +00:00
docbook-xml
xmlcatalog: hold libxml2-native dependency
2019-07-11 09:32:50 +01:00
dosfstools
glib-networking/btrfs-tools/dosfstools/parted/bmap-tools/libsoup-2.4: add nativesdk support
2020-12-18 14:20:19 +00:00
dpkg
dpkg: Provide update-alternative for start-stop-daemon
2019-08-12 16:23:57 +01:00
dwarfsrcfiles
dwarfsrcfiles: fix typo: debig -> debug
2018-07-10 17:33:00 +01:00
e2fsprogs
e2fsprogs: Fix a ptest permissions determinism issue
2020-12-09 23:49:01 +00:00
elfutils
file/elfutils: Adjust some appends to guarantee leading space
2020-03-30 12:33:30 +01:00
expect
expect: Fix buffer overflow error when build in long path
2019-09-27 13:02:16 +01:00
fdisk
gptfdisk: Use PACKAGECONFIG to control ncurses and popt dependencies
2018-10-10 12:47:34 +01:00
file
file: add bzip2-replacement-native to DEPENDS to fix sstate issue
2020-05-28 18:15:29 +01:00
flex
flex: Fix --noline option behavior
2021-02-05 23:37:03 +00:00
gcc
gcc-9.3.inc: Fix potential runtime crash
2021-02-18 16:48:28 +00:00
gdb
gdb: Upgrade to 9.1 release
2020-02-15 10:26:42 +00:00
git
git: Upgrade 2.24.1 -> 2.24.3
2020-05-28 18:15:29 +01:00
glide
glide: Avoid use of 'go mod' support
2020-06-26 18:26:49 +01:00
gnu-config
gnu-config: upgrade to latest revision
2020-02-03 13:03:32 +00:00
go
go: update to 1.14.15
2021-03-04 17:39:08 +00:00
help2man
help2man: Upgrade 1.47.10 -> 1.47.11
2019-08-28 11:31:21 +01:00
i2c-tools
i2c-tools: Add missing RDEPEND
2019-10-19 23:18:33 +01:00
icecc-create-env
icecc-create-env: Use OE patchelf in SDK
2019-11-14 13:20:59 +00:00
icecc-toolchain
icecc-env: don't raise error when icecc not installed
2019-02-16 08:19:34 +00:00
intltool
intltool: refresh patches
2018-03-09 09:17:03 -08:00
jquery
jquery: Upgrade 3.4.1 -> 3.5.0 to fix CVE-2020-11022 and CVE-2020-11023
2020-11-12 13:07:52 +00:00
json-c
json-c: Fix CVE-2020-12762
2020-09-10 19:07:40 +01:00
libcomps
libcomps: update to 0.1.15
2020-06-23 11:40:46 +01:00
libdnf
libdnf: Fix license as it contains 'or later' clause
2020-11-20 10:44:34 +00:00
libedit
libedit/readline: Correct package alternatives link for manpage
2020-02-28 23:11:28 +00:00
libmodulemd
libmodulemd-v1: update to 1.8.16
2019-10-31 16:09:34 +00:00
librepo
librepo: fix CVE-2020-14352
2021-03-10 00:22:50 +00:00
libtool
libtools-cross/shadow-sysroot: Use nopackages inherit
2020-10-15 13:45:50 +01:00
llvm
llvm: sort the lists in generated source reproducibibly
2020-12-18 14:20:19 +00:00
m4
m4/tar: Remove remove-gets.patch
2019-05-27 17:06:34 +01:00
make
make: Fix build on arm/clang
2020-03-08 08:21:11 +00:00
makedevs
makedevs: fix invalidScanfFormatWidth to prevent overflowing usr_buf
2019-10-31 16:09:34 +00:00
meson
meson: fix upstream version check
2020-05-22 16:23:23 +01:00
mklibs
mklibs-native: 0.1.43 -> 0.1.44
2019-02-15 16:05:37 +00:00
mmc
mmc-utils: upgrade to latest revision
2019-12-28 23:25:42 +00:00
mtd
mtd-utils: Remove duplicate assignments to alternative link names
2021-03-04 17:39:10 +00:00
mtools
distro_features_check: expand with MACHINE_FEATURES and COMBINED_FEATURES, rename
2019-11-21 23:08:19 +00:00
nasm
nasm: update 2.14.02 -> 2.15.03 for CVE fixes
2020-11-03 08:19:34 +00:00
ninja
meta: fix some unresponsive homepages and bugtracker links
2020-11-12 13:07:52 +00:00
opkg
opkg: Fix patch glitches
2021-02-18 16:48:28 +00:00
opkg-utils
opkg-utils: remove python scripts etc for the class-target only
2020-03-29 12:05:31 +01:00
orc
orc: update to 0.4.31
2019-12-09 12:00:43 +00:00
packagegroups
packagegroup-core-device-devel: add binutils-symlinks
2016-06-16 11:11:40 +01:00
patch
patch: fix CVE-2019-20633
2021-01-09 09:17:17 +00:00
patchelf
patchelf: switch to git
2020-06-26 18:26:48 +01:00
perl
perl: fix installation failure because of shell issue
2021-01-09 09:17:16 +00:00
pkgconf
pkgconf: Remove pointless DEFAULT_PREFERENCE
2020-02-13 12:19:14 +00:00
pkgconfig
pkgconfig: export variables
2018-11-14 11:14:39 +00:00
prelink
prelink: Deal with mips specific gnu-hash impelementation
2020-01-19 13:24:38 +00:00
pseudo
pseudo: Update to include fixes for glibc 2.33
2021-03-04 17:39:08 +00:00
python
python3: fix CVE-2021-3177
2021-03-10 00:22:50 +00:00
python-numpy
python-numpy: convert shebang from python to python3
2020-03-06 08:19:18 +00:00
qemu
qemu: Backport patch to avoid assertion fails on icache line size
2021-03-04 17:39:10 +00:00
quilt
quilt: Be determnistic about column presence
2021-03-04 17:39:08 +00:00
rpm
rpm: fix nativesdk's default var location
2020-07-31 22:02:52 +01:00
rsync
rsync: whitelist CVE-2017-16548
2020-02-04 15:56:29 +00:00
ruby
ruby: remove tcl DEPENDS
2021-01-13 08:57:57 +00:00
run-postinsts
run-postinsts: Set RemainAfterExit on systemd unit
2020-05-07 13:03:30 +01:00
squashfs-tools
squashfs-tools: Backport fix for compiling with gcc 10
2020-06-23 11:40:46 +01:00
strace
strace: increase ptest timeout duration 120->240s
2021-02-05 23:37:04 +00:00
subversion
subversion: extend for nativesdk
2020-07-22 22:46:37 +01:00
swig
meta: add missing some description in devtools
2019-10-08 11:22:24 +01:00
syslinux
syslinux: add link to upstream discussion in patch
2020-11-20 10:44:34 +00:00
systemd-bootchart
systemd-bootchart: Add mips64 tuples
2019-12-28 23:25:41 +00:00
tcf-agent
tcf-agent: Mangle arch for armeb
2020-02-15 22:42:13 +00:00
tcltk
tcl: adapt to potential pseudo changes
2021-02-03 14:13:53 +00:00
unfs3
unfs3: fixed the issue that unfsd consumes 100% CPU
2019-10-28 05:31:42 +00:00
unifdef
unifdef: upgrade 2.11 -> 2.12
2020-02-28 23:11:28 +00:00
vala
vala: upgrade 0.46.5 -> 0.46.6
2020-02-21 09:39:00 +00:00
valgrind
valgrind: exclude bar_bad/bar_bad_xml from ptests
2021-01-09 09:17:16 +00:00
xmlto
xmlto: Fix reproducibility
2021-03-04 17:39:08 +00:00