mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-19 06:32:13 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
df729eb610ca5f55b231a09535501a2ba4c5401b
poky/meta
History
Mikko Rapeli df729eb610 zip: whitelist CVE-2018-13410 and CVE-2018-13684 
https://nvd.nist.gov/vuln/detail/CVE-2018-13410 is disputed and
also Debian considers it not a vulnerability:

https://security-tracker.debian.org/tracker/CVE-2018-13410

http://seclists.org/fulldisclosure/2018/Jul/24
"Negligible security impact, would involve that a untrusted party controls the -TT value."

https://nvd.nist.gov/vuln/detail/CVE-2018-13684 is not for zip, also Debian concludes this:

https://security-tracker.debian.org/tracker/CVE-2018-13684

"NOT-FOR-US: smart contract implementation for ZIP"

(From OE-Core rev: 872342a37d6159844fcb8d9f0cbf37f011643195)

Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 06b72a91b6dcf63fed437fd2105c59e922ba6525)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-01-21 23:08:16 +00:00
..
classes
waf: don't assume the waf intepretter is good
2021-01-21 23:08:16 +00:00
conf
fs-perms: Ensure /usr/src/debug/ file modes are correct
2020-12-09 23:49:01 +00:00
files
toolchain-shar-extract.sh: Handle special characters in script path
2021-01-21 23:08:16 +00:00
lib
lib/oe/utils: Return empty string in parallel_make
2021-01-21 23:08:16 +00:00
recipes-bsp
grub: fix "CVE:" line in one of the patches
2021-01-09 09:17:17 +00:00
recipes-connectivity
mobile-broadband-provider-info: upgrade 20190618 ->20201225
2021-01-13 08:57:57 +00:00
recipes-core
glibc: CVE-2019-25013
2021-01-21 23:08:16 +00:00
recipes-devtools
ruby: remove tcl DEPENDS
2021-01-13 08:57:57 +00:00
recipes-extended
zip: whitelist CVE-2018-13410 and CVE-2018-13684
2021-01-21 23:08:16 +00:00
recipes-gnome
gdk-pixbuf: fix CVE-2020-29385
2021-01-09 09:17:17 +00:00
recipes-graphics
xorg: Security fix for CVE-2020-14345
2021-01-21 23:08:16 +00:00
recipes-kernel
linux-yocto/5.4: update to v5.4.87
2021-01-21 23:08:16 +00:00
recipes-multimedia
pulseaudio: Remove OE_LT_RPATH_ALLOW
2021-01-09 09:17:16 +00:00
recipes-rt
rt-tests: make manpages reproducible
2020-02-28 23:11:28 +00:00
recipes-sato
webkitgtk: fix reproducibility
2020-12-18 14:20:19 +00:00
recipes-support
curl: fix CVE-2020-8231/8284/8285/8286
2021-01-21 23:08:16 +00:00
site
site: Make sys_siglist default to no
2020-10-06 14:15:21 +01:00
COPYING.MIT
recipes.txt
Remove LSB support
2019-08-29 14:05:12 +01:00