CaROS/poky
3
1
Fork 0
mirror of https://git.yoctoproject.org/git/poky synced 2026-01-04 16:10:04 +00:00
Code Issues Packages Projects Releases Wiki Activity
dizzy
poky/meta/recipes-extended
History
Tudor Florea 3beebd9447 unzip: CVE-2015-7696, CVE-2015-7697 
CVE-2015-7696: Fixes a heap overflow triggered by unzipping a file with password
CVE-2015-7697: Fixes a denial of service with a file that never finishes unzipping

References:
http://www.openwall.com/lists/oss-security/2015/10/11/5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7696
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7697

(From OE-Core rev: 9c841157f8ecd3221702c4675a4145f586617780)

Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-01-30 12:03:14 +00:00
..
at at: inherit update-rc.d to handle sysv init script 2014-09-03 11:09:06 +01:00
augeas recipes: Add missing pkgconfig class inherits 2014-06-03 16:49:19 +01:00
bash bash: clean host path in bashbug 2014-12-31 10:18:47 +00:00
bc Add texinfo.bbclass; recipes that use texinfo utils at build-time inherit it. 2014-05-02 20:46:59 +01:00
blktool recipes: Add missing pkgconfig class inherits 2014-06-03 16:49:19 +01:00
byacc byacc: Update to 20140422 version 2014-05-21 19:50:21 +01:00
bzip2 bzip2: use "foreign" automake strictness 2014-07-16 10:31:16 +01:00
chkconfig
cpio cpio: fix CVE-2015-1197 2015-04-17 22:39:31 +01:00
cracklib cracklib: Allow use in SDK 2014-08-15 18:21:52 +01:00
cronie Globally replace 'base_contains' calls with 'bb.utils.contains' 2014-04-25 17:19:19 +01:00
cups cups: add systemd support 2014-09-03 11:09:05 +01:00
cwautomacros cwautomacros: stub do_configure to avoid cleaning 2014-12-31 10:19:00 +00:00
diffutils Add texinfo.bbclass; recipes that use texinfo utils at build-time inherit it. 2014-05-02 20:46:59 +01:00
ed mirrors.bbclass: Add mirror site for savannah 2014-05-11 12:27:21 +01:00
ethtool ethtool: upgrade to 3.15 2014-08-28 15:12:43 +01:00
findutils Add texinfo.bbclass; recipes that use texinfo utils at build-time inherit it. 2014-05-02 20:46:59 +01:00
foomatic recipes: Add missing pkgconfig class inherits 2014-06-03 16:49:19 +01:00
gamin
gawk run-ptest: fix bashism 2014-08-28 15:12:44 +01:00
ghostscript ghostscript: Don't build-depend on libgcrypt for the local cups 2014-09-01 17:17:11 +01:00
gperf
grep grep2.19: CVE-2015-1345 2016-01-30 12:03:13 +00:00
groff groff: fix QA issue with rdepends 2015-02-11 17:40:10 +00:00
gzip gzip: fix MakeMaker issues with using wrong SHELL/GREP 2014-12-31 10:18:59 +00:00
hdparm
images core-image-testmaster.bb: add bzip2 to image 2014-06-13 12:52:20 +01:00
iptables recipes: Add missing pkgconfig class inherits 2014-06-03 16:49:19 +01:00
iputils
less less: Upgrade to 466 2014-08-31 23:40:48 +01:00
libaio
libarchive libarchive: add PACKAGECONFIG for nettle 2014-08-11 11:27:33 +01:00
libidn libidn: Upgrade to 1.29 2014-08-23 09:26:08 +01:00
libtirpc libtirpc: upgrade to 0.2.5 2014-08-31 23:40:47 +01:00
libuser recipes: Add missing pkgconfig class inherits 2014-06-03 16:49:19 +01:00
lighttpd lighttpd: install config file without execute permissions 2014-09-10 11:33:22 +01:00
logrotate logrotate: add packageconfigs 2014-08-27 12:12:31 +01:00
lsb lsbtest: no bashism in LSB_Test.sh 2014-08-28 15:12:44 +01:00
lsof recipes: Remove references to eglibc 2014-09-01 18:03:05 +01:00
ltp LTP - realtime tests - fix bad robust mutex conditionals 2014-10-06 15:15:51 +01:00
mailx autotools-brokensep: Mark recipes with broken separate build dir support 2014-02-28 14:01:16 +00:00
man man/texinfo: conditionally add gzip/bzip2/xz to RDEPENDS 2014-09-29 12:12:45 +01:00
man-pages man-pages/shadow: resolve man pages confliction 2014-12-31 10:18:35 +00:00
mc mc: Fix musl build failure 2014-08-23 23:01:57 +01:00
mdadm mdadm: Upgrade 3.3 -> 3.3.1 2014-07-17 12:28:49 +01:00
mingetty
minicom recipes: Add missing pkgconfig class inherits 2014-06-03 16:49:19 +01:00
mktemp
msmtp recipes: Add missing pkgconfig class inherits 2014-06-03 16:49:19 +01:00
net-tools net-tools: Fix rerunning of do_patch task 2015-02-11 17:40:09 +00:00
newt libnewt: fix recompile error 2014-08-11 10:53:06 +01:00
packagegroups recipes: Remove references to eglibc 2014-09-01 18:03:05 +01:00
pam libpam: Stop a QA WARNING when building multlib version 2014-12-31 10:18:46 +00:00
parted parted: parted-ptest RDEPENDS on python 2015-02-11 17:40:06 +00:00
pax
perl libconvert-asn1-perl: Upgrade 0.26 -> 0.27 2014-07-17 12:28:50 +01:00
pigz
procps procps: install symlink under /etc/sysctl.d in case of systemd 2014-12-31 10:18:48 +00:00
psmisc psmisc: Update patch status 2014-08-27 12:12:30 +01:00
quota Upstream-Status Cleanups 2014-04-25 17:19:20 +01:00
rpcbind rpcbind: make service socket activated 2014-10-10 16:44:32 +01:00
screen screen: fix for Security Advisory CVE-2009-1215 2014-05-21 09:08:59 +01:00
sed sed: add sed to RDEPENDS sed-ptest 2014-08-28 15:12:44 +01:00
shadow shadow: disable nscd feature when glibc is not built with spawn posix functions 2014-12-31 10:19:05 +00:00
slang slang 2.2.4: fix the iconv existence checking 2014-08-06 10:23:38 +01:00
stat stat: use update-alt for stat 2014-06-14 08:43:55 +01:00
sudo sudo: make sudoers a config file 2014-09-10 11:33:22 +01:00
sysklogd Globally replace 'base_contains' calls with 'bb.utils.contains' 2014-04-25 17:19:19 +01:00
sysstat autotools-brokensep: Mark recipes with broken separate build dir support 2014-02-28 14:01:16 +00:00
tar Add texinfo.bbclass; recipes that use texinfo utils at build-time inherit it. 2014-05-02 20:46:59 +01:00
tcp-wrappers tcp-wrappers: install /etc/hosts.allow and /etc/hosts.deny 2014-08-06 10:03:21 +01:00
texi2html mirrors.bbclass: Add mirror site for savannah 2014-05-11 12:27:21 +01:00
texinfo texinfo: don't create dependency on INHERIT variable 2016-01-30 12:03:14 +00:00
texinfo-dummy-native recipes: Remove references to eglibc 2014-09-01 18:03:05 +01:00
time Add texinfo.bbclass; recipes that use texinfo utils at build-time inherit it. 2014-05-02 20:46:59 +01:00
tzcode tzdata, tzcode-native: drop older versions 2014h, 2015b 2015-09-01 21:19:56 +01:00
tzdata tzdata, tzcode-native: drop older versions 2014h, 2015b 2015-09-01 21:19:56 +01:00
unzip unzip: CVE-2015-7696, CVE-2015-7697 2016-01-30 12:03:14 +00:00
watchdog
wget wget: Fix for CVE-2014-4887 2014-11-07 14:36:33 +00:00
which which 2.18: fix SRC_URI 2015-04-17 22:39:29 +01:00
xdg-utils xdg-utils: reinstall xdg-terminal 2014-05-06 17:59:15 +01:00
xinetd
xz xz: set CONFIG_SHELL to /bin/sh 2014-08-23 09:26:12 +01:00
zip