mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-03-02 21:39:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
e2b5de2c77e13e623a7e20ec8a1aeb75e0984a01
poky/meta/recipes-extended
History
Rodolfo Quesada Zumbado aa673e1427 tar: CVE-2022-48303 
Fixes CVE-2022-48303 by checking Base-256 encoding is at least
2 bytes long. GNU Tar through 1.34 has a one-byte out-of-bounds
read that results in use of uninitialized memory for a conditional
jump. Exploitation to change the flow of control has not been
demonstrated. The issue occurs in from_header in list.c via a
V7 archive in which mtime has approximately 11 whitespace characters.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2022-48303

Upstream patch:
https://savannah.gnu.org/bugs/?62387
https://git.savannah.gnu.org/cgit/tar.git/patch/src/list.c?id=3da78400eafcccb97e2f2fd4b227ea40d794ede8

(From OE-Core rev: 231360a55bf1b96d6bb1cf94820b08788677c58b)

(From OE-Core rev: af77a413db59863a898c32dc7536b680473ae9c5)

Signed-off-by: Rodolfo Quesada Zumbado <rodolfo.zumbado@windriver.com>
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2a00f15354)

Signed-off-by: Riyaz Khan <Riyaz.Khan@kpit.com>
Signed-off-by: Riyaz Khan <rak3033@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-03-14 14:59:10 +00:00
..
acpica
acpica: Upgrade 20200214 -> 20200430 for gcc-10 fixes
2020-06-23 11:40:46 +01:00
asciidoc
asciidoc: update git repository
2022-03-11 23:44:42 +00:00
at
at: fix a spelling mistake.
2019-08-21 21:52:59 +01:00
bash
bash: Ensure deterministic build
2021-09-30 00:02:22 +01:00
bc
bc: extend to nativesdk
2023-01-06 17:33:15 +00:00
blktool
blktool: remove a duplicate patch
2019-03-29 08:28:53 +00:00
bzip2
bzip2: Update soname for libbz2 1.0.8
2021-10-07 15:10:33 +01:00
cpio
cpio: backport fix for CVE-2021-38185
2021-09-08 23:47:30 +01:00
cracklib
meta/recipes-extended: Add HOMEPAGE / DESCRIPTION
2021-03-18 21:20:24 +00:00
cronie
cronie:fix SRC_URI path
2019-12-15 09:10:46 +00:00
cups
cups: fix CVE-2022-26691
2022-06-22 23:46:32 +01:00
cwautomacros
meta/recipes-extended: Add HOMEPAGE / DESCRIPTION
2021-03-18 21:20:24 +00:00
diffutils
diffutils: Added perl to support ptest & Skipped one test case
2019-09-07 13:08:34 +01:00
ed
meta/recipes-extended: Add HOMEPAGE / DESCRIPTION
2021-03-18 21:20:24 +00:00
ethtool
ethtool: upgrade 5.3 -> 5.4
2020-01-27 16:48:08 +00:00
findutils
findutils: drop upstream-version-is-even
2020-02-03 13:03:31 +00:00
gawk
gawk: fix failing ptests
2020-01-10 21:18:22 +00:00
ghostscript
ghostscript: backport patch fix for CVE-2021-3781
2022-03-31 21:09:33 +01:00
go-examples
meta: Add explict branch to git SRC_URIs, handle github url changes
2021-11-11 10:54:32 +00:00
gperf
gperf: don't use aclocal.m4/acinclude.m4 dance
2017-12-10 22:45:19 +00:00
grep
meta/recipes-extended: Add HOMEPAGE / DESCRIPTION
2021-03-18 21:20:24 +00:00
groff
groff: not ship /usr/bin/grap2graph
2021-04-30 14:37:37 +01:00
gzip
gzip: fix CVE-2022-1271
2022-04-21 21:26:01 +01:00
hdparm
hdparm: upgrade 9.56 -> 9.58
2019-02-19 16:14:57 +00:00
images
core-image-testmaster: use Python 3
2019-12-30 08:47:12 +00:00
iptables
iptables: upgrade 1.8.3 -> 1.8.4
2020-02-02 16:57:21 +00:00
iputils
meta: Add explict branch to git SRC_URIs, handle github url changes
2021-11-11 10:54:32 +00:00
less
less: upgrade 550 -> 551
2019-06-19 12:46:43 +01:00
libaio
meta: Add explict branch to git SRC_URIs, handle github url changes
2021-11-11 10:54:32 +00:00
libarchive
libarchive: CVE-2022-36227 NULL pointer dereference in archive_write.c
2022-12-23 23:05:44 +00:00
libidn
libidn: Move to meta-oe
2020-02-25 10:41:22 +00:00
libmnl
recipes: change SRC_URI to use https
2019-12-06 14:41:28 +00:00
libnsl
meta: Add explict branch to git SRC_URIs, handle github url changes
2021-11-11 10:54:32 +00:00
libnss-nis
meta: Add explict branch to git SRC_URIs, handle github url changes
2021-11-11 10:54:32 +00:00
libpipeline
libpipeline: upgrade 1.5.1 -> 1.5.2
2020-01-21 12:52:53 +00:00
libsolv
libsolv: fix CVE: CVE-2021-44568-71 and CVE-2021-44573-77
2022-03-31 21:09:33 +01:00
libtirpc
libtirpc: Check if file exists before operating on it
2023-02-13 07:44:09 +00:00
lighttpd
lighttpd: backport a fix for CVE-2022-22707
2022-02-23 23:43:42 +00:00
logrotate
logrotate: Exclude CVE-2011-1548,1549,1550 from cve-check
2021-05-20 12:36:41 +01:00
lsb
lsb-release: fix reproducibility failure
2021-05-20 12:36:42 +01:00
lsof
lsof: correct LICENSE
2022-02-16 09:48:51 +00:00
ltp
meta: Add explict branch to git SRC_URIs, handle github url changes
2021-11-11 10:54:32 +00:00
lzip
meta/recipes-extended: Add HOMEPAGE / DESCRIPTION
2021-03-18 21:20:24 +00:00
man-db
meta/recipes-extended: Add HOMEPAGE / DESCRIPTION
2021-03-18 21:20:24 +00:00
man-pages
man-pages: upgrade 5.04 -> 5.05
2020-02-21 09:39:00 +00:00
mc
meta/recipes-extended: Add HOMEPAGE / DESCRIPTION
2021-03-18 21:20:24 +00:00
mdadm
meta/recipes-extended: Add HOMEPAGE / DESCRIPTION
2021-03-18 21:20:24 +00:00
mingetty
meta/recipes-extended: Add HOMEPAGE / DESCRIPTION
2021-03-18 21:20:24 +00:00
minicom
minicom: RDEPENDS on ncurses-terminfo-base
2021-01-09 09:17:16 +00:00
msmtp
msmtp: upgrade 1.8.6 -> 1.8.7
2020-01-21 12:52:53 +00:00
net-tools
net-tools: backport a patch from upstream to use the same ifconfig format as debian/ubuntu
2020-06-26 18:26:49 +01:00
newt
libnewt: Use python3targetconfig to fix reproducibility issue
2021-10-23 23:14:17 +01:00
packagegroups
core-image-full-cmdline: Add less
2019-11-21 23:08:20 +00:00
pam
libpam: Remove option 'obscure' from common-password
2020-06-26 18:26:49 +01:00
parted
meta/recipes-extended: Add HOMEPAGE / DESCRIPTION
2021-03-18 21:20:24 +00:00
pbzip2
meta: fix some unresponsive homepages and bugtracker links
2020-11-12 13:07:52 +00:00
perl
meta/recipes-extended: Add HOMEPAGE / DESCRIPTION
2021-03-18 21:20:24 +00:00
pigz
Revert "pigz: Add debug for autobuilder errors"
2019-06-30 23:33:45 +01:00
procps
meta: Add explict branch to git SRC_URIs, handle github url changes
2021-11-11 10:54:32 +00:00
psmisc
meta: Add explict branch to git SRC_URIs, handle github url changes
2021-11-11 10:54:32 +00:00
quota
meta/recipes-extended: Add HOMEPAGE / DESCRIPTION
2021-03-18 21:20:24 +00:00
rpcbind
rpcbind: Use update-alternatives for rpcinfo
2020-09-17 12:51:24 +01:00
rpcsvc-proto
meta: Add explict branch to git SRC_URIs, handle github url changes
2021-11-11 10:54:32 +00:00
screen
screen: fix CVE-2021-26937
2021-03-10 00:22:50 +00:00
sed
meta/recipes-extended: Add HOMEPAGE / DESCRIPTION
2021-03-18 21:20:24 +00:00
shadow
shadow-sysroot: sync license with shadow
2022-02-16 09:48:51 +00:00
slang
slang: modify an array test
2019-06-07 09:11:49 +01:00
stress-ng
meta: Add explict branch to git SRC_URIs, handle github url changes
2021-11-11 10:54:32 +00:00
sudo
sudo: Fix CVE-2023-22809
2023-02-24 16:41:42 +00:00
sysklogd
meta: Add explict branch to git SRC_URIs, handle github url changes
2021-11-11 10:54:32 +00:00
sysstat
sysstat: fix CVE-2022-39377
2022-12-23 23:05:44 +00:00
tar
tar: CVE-2022-48303
2023-03-14 14:59:10 +00:00
tcp-wrappers
tcp-wrappers: Remove redundant forward declarations
2020-01-21 12:52:53 +00:00
texinfo
texinfo: update to 6.7
2019-12-09 12:00:43 +00:00
texinfo-dummy-native
meta/recipes-extended: Add HOMEPAGE / DESCRIPTION
2021-03-18 21:20:24 +00:00
time
time:1.8 -> 1.9
2018-05-04 13:28:05 +01:00
timezone
tzdata: update 2022d -> 2022g
2023-01-06 17:33:15 +00:00
unzip
unzip: Port debian fixes for two CVEs
2022-07-08 08:27:20 +01:00
watchdog
reproducible: Improve SOURCE_DATE_EPOCH_FALLBACK handling
2021-03-10 00:22:51 +00:00
wget
wget: improve reproducible build
2020-05-22 16:23:24 +01:00
which
meta: fix some unresponsive homepages and bugtracker links
2020-11-12 13:07:52 +00:00
xdg-utils
xdg-utils: Add fix for CVE-2020-27748
2021-09-10 16:21:36 +01:00
xinetd
meta: Add explict branch to git SRC_URIs, handle github url changes
2021-11-11 10:54:32 +00:00
xz
xz: fix CVE-2022-1271
2022-04-21 21:26:01 +01:00
zip
meta/recipes-extended: Add HOMEPAGE / DESCRIPTION
2021-03-18 21:20:24 +00:00