mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-19 06:32:13 +02:00
Code Issues Packages Projects Releases Wiki Activity
60,207 Commits 38 Branches 623 Tags
aa673e1427e7c31d1c3e0ed35abffb09233bff0a
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Rodolfo Quesada Zumbado aa673e1427 tar: CVE-2022-48303 
Fixes CVE-2022-48303 by checking Base-256 encoding is at least
2 bytes long. GNU Tar through 1.34 has a one-byte out-of-bounds
read that results in use of uninitialized memory for a conditional
jump. Exploitation to change the flow of control has not been
demonstrated. The issue occurs in from_header in list.c via a
V7 archive in which mtime has approximately 11 whitespace characters.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2022-48303

Upstream patch:
https://savannah.gnu.org/bugs/?62387
https://git.savannah.gnu.org/cgit/tar.git/patch/src/list.c?id=3da78400eafcccb97e2f2fd4b227ea40d794ede8

(From OE-Core rev: 231360a55bf1b96d6bb1cf94820b08788677c58b)

(From OE-Core rev: af77a413db59863a898c32dc7536b680473ae9c5)

Signed-off-by: Rodolfo Quesada Zumbado <rodolfo.zumbado@windriver.com>
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2a00f15354)

Signed-off-by: Riyaz Khan <Riyaz.Khan@kpit.com>
Signed-off-by: Riyaz Khan <rak3033@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-03-14 14:59:10 +00:00
bitbake
bitbake: cooker: Drop sre_constants usage
2023-02-22 10:12:33 +00:00
contrib/artwork
oe.svg: Copy artwork from openembedded-classic.
2019-10-08 11:22:24 +01:00
documentation
documentation: update for 3.1.24
2023-03-14 07:29:20 +00:00
meta
tar: CVE-2022-48303
2023-03-14 14:59:10 +00:00
meta-poky
poky.conf: bump version for 3.1.24
2023-03-14 14:58:11 +00:00
meta-selftest
oe-selftest-image: Ensure the image has sftp as well as dropbear
2022-07-15 12:29:17 +01:00
meta-skeleton
meta-skeleton: Add HOMEPAGE / DESCRIPTION
2021-03-18 21:20:24 +00:00
meta-yocto-bsp
linux-yocto/5.4: update genericx86* machines to v5.4.219
2022-12-19 16:40:41 +00:00
scripts
meta: remove True option to getVar and getVarFlag calls (again)
2023-02-24 16:41:42 +00:00
.gitignore
scripts/install-buildtools: improvements
2020-04-01 11:44:23 +01:00
.templateconf
meta-yocto: Rename to meta-poky to better match its purpose
2016-02-28 11:31:17 +00:00
LICENSE
meta/lib+scripts: Convert to SPDX license headers
2019-05-09 16:31:55 +01:00
LICENSE.GPL-2.0-only
meta/lib+scripts: Convert to SPDX license headers
2019-05-09 16:31:55 +01:00
LICENSE.MIT
meta/lib+scripts: Convert to SPDX license headers
2019-05-09 16:31:55 +01:00
MEMORIAM
MEMORIAM: Add recognition for contributors no longer with us
2020-01-30 15:22:35 +00:00
oe-init-build-env
meta/lib+scripts: Convert to SPDX license headers
2019-05-09 16:31:55 +01:00
README.hardware
meta-yocto: Restructure and tidy up READMEs
2017-09-14 13:36:22 +01:00
README.OE-Core
README.OE-Core.md: update URLs
2021-12-08 20:28:01 +00:00
README.poky
meta-yocto: Restructure and tidy up READMEs
2017-09-14 13:36:22 +01:00
README.qemu
README.qemu: qemuppc64 is not supported
2017-10-16 23:54:31 +01:00

README.qemu 

QEMU Emulation Targets
======================

To simplify development, the build system supports building images to
work with the QEMU emulator in system emulation mode. Several architectures
are currently supported in 32 and 64 bit variants:

  * ARM (qemuarm + qemuarm64)
  * x86 (qemux86 + qemux86-64)
  * PowerPC (qemuppc only)
  * MIPS (qemumips + qemumips64)

Use of the QEMU images is covered in the Yocto Project Reference Manual.
The appropriate MACHINE variable value corresponding to the target is given
in brackets.
Description
No description provided
Readme 251 MiB