CaROS/meta-openembedded
3
1
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-01-01 13:58:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
30,689 Commits 63 Branches 0 Tags 91 MiB
BitBake 71.9%
C++ 6.9%
Shell 6.5%
C 3.2%
Roff 2.3%
Other 9%
e76bf51a92
Go to file
Deepak Rathore e76bf51a92
redis: Refine CVE-2022-0543 status description 
Refine the CVE_STATUS description for CVE-2022-0543 to provide
a more precise explanation of this Debian-specific vulnerability.

The vulnerability originates from Debian's packaging methodology,
which loads system-wide Lua libraries (lua-cjson, lua-cmsgpack),
enabling Lua sandbox escape. Upstream Redis builds, including
those built by Yocto/OpenEmbedded, utilize embedded Lua from the
deps/ directory and are therefore not affected by this issue.

It is also fixed in Debian with this commit:
c7fd665150

References:
- https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce
- https://nvd.nist.gov/vuln/detail/CVE-2022-0543

Signed-off-by: Deepak Rathore <deeratho@cisco.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 7675392aa7)
Signed-off-by: Deepak Rathore <deeratho@cisco.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2025-12-22 07:49:04 +05:30
contrib contrib: oe-stylize: Use Python3 explicitly 2023-06-04 22:29:46 -07:00
meta-filesystems zfs: fix host-related reproducibility 2025-11-25 17:12:52 +05:30
meta-gnome grilo: fix buildpaths QA error 2025-11-19 16:56:37 +05:30
meta-initramfs klibc: fix debug pkgs reproducibility 2025-11-19 16:09:30 +05:30
meta-multimedia openh264: patch CVE-2025-27091 2025-12-17 11:45:24 +05:30
meta-networking openvpn: patch CVE-2025-13086 2025-12-17 11:45:24 +05:30
meta-oe redis: Refine CVE-2022-0543 status description 2025-12-22 07:49:04 +05:30
meta-perl libhtml-tree-perl: fix QA Issue: TMPDIR [buildpaths] 2025-11-19 16:54:30 +05:30
meta-python python3-django: upgrade 5.0.11 -> 5.0.14 2025-12-09 07:01:20 +05:30
meta-webserver apache2: upgrade 2.4.65 -> 2.4.66 2025-12-11 08:00:53 +05:30
meta-xfce xfce4 update HOMEPAGEs 2025-07-10 20:29:57 -04:00
.gitignore .gitignore: add *.pyc and *.pyo 2019-06-15 16:45:33 -07:00
COPYING.MIT add README and license for this layer 2011-02-13 16:47:32 +01:00
README.md meta-openemnedded: Add myself as scarthgap maintainer 2024-03-27 20:07:53 -07:00

README.md

Collection of layers for the OE-core universe

Main layer maintainer: Armin Kuster akuster808@gmail.com

This repository is a collection of layers to suppliment OE-Core with additional packages, Each layer have designated maintainer Please see the respective READMEs in the layer subdirectories