mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-03-17 12:49:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
b301218f4da7793624db3545efd8bf66888b77b0
poky/meta
History
Livin Sunny 04ae2d93de busybox: Fixes CVE-2025-60876 
This addresses CVE-2025-60876[1], which allows malicious URLs to inject
HTTP headers. It has been accepted by Debian[2] and is tracked here [4].
The upstream fix has been submitted [3] and is pending merge.

[1] https://nvd.nist.gov/vuln/detail/CVE-2025-60876
[2] https://bugs.debian.org/1120795
[3] https://lists.busybox.net/pipermail/busybox/2025-November/091840.html
[4] https://security-tracker.debian.org/tracker/CVE-2025-60876

Upstream-Status: Submitted [https://lists.busybox.net/pipermail/busybox/2025-November/091840.html]

(From OE-Core rev: 077f258eb2125359ffe3982c58433ee14cb21f09)

Signed-off-by: Livin Sunny <livinsunny519@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f12af98df8f627c6d1836d27be48bac542a4f00e)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-03-16 10:22:06 +00:00
..
classes
classes/buildhistory: Do not sign buildhistory commits
2026-02-27 17:45:06 +00:00
classes-global
lib/license: Move package license skip to library
2025-11-14 06:45:29 -08:00
classes-recipe
uboot-config: Fix devtool modify
2026-03-16 10:22:06 +00:00
conf
conf/bitbake.conf: use gnu mirror instead of main server
2025-10-13 12:42:58 -07:00
files
meta: Enable '-o pipefail' for the SDK installer
2025-03-05 06:03:47 -08:00
lib
spdx30_tasks: Exclude 'doc' when exporting PACKAGECONFIG to SPDX
2026-02-27 17:45:06 +00:00
recipes-bsp
u-boot: move CVE patches out of the common .inc file
2026-02-27 17:45:07 +00:00
recipes-connectivity
openssl: upgrade 3.2.6 -> 3.5.5
2026-03-16 10:22:06 +00:00
recipes-core
busybox: Fixes CVE-2025-60876
2026-03-16 10:22:06 +00:00
recipes-devtools
go 1.22.12: Fix CVE-2025-68121
2026-02-27 17:45:06 +00:00
recipes-extended
lighttpd: Fix trailing slash on files in mod_dirlisting
2026-02-16 09:52:35 +00:00
recipes-gnome
gdk-pixbuf: Fix CVE-2025-6199
2026-03-16 10:22:06 +00:00
recipes-graphics
harfbuzz: Fix CVE-2026-22693
2026-03-16 10:22:06 +00:00
recipes-kernel
linux-yocto/6.6: update to v6.6.123
2026-02-27 17:45:06 +00:00
recipes-multimedia
ffmpeg: set status for CVE-2025-12343
2026-03-16 10:22:06 +00:00
recipes-rt
rt-tests: rt_bmark.py: fix TypeError
2024-08-06 19:11:18 -07:00
recipes-sato
webkitgtk: upgrade 2.44.3 -> 2.44.4
2025-11-14 06:45:29 -08:00
recipes-support
gnupg: patch CVE-2025-68973
2026-02-27 17:45:07 +00:00
site
site: remove at-spi2-core values
2023-09-02 07:45:29 +01:00
COPYING.MIT
recipes.txt
Remove LSB support
2019-08-29 14:05:12 +01:00