Liyin Zhang 652e8fc3b9 rsync: fix CVE-2025-10158 ... CVE-2025-10158: A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a negative array index. The malicious rsync client requires at least read access to the remote rsync module in order to trigger the issue. Reference: [https://nvd.nist.gov/vuln/detail/CVE-2025-10158] Upstream patch: [797e17fc4a] (From OE-Core rev: fe4bea86b27551edbe7440ff47041b6d45b2f4e1) Signed-off-by: Liyin Zhang <liyin.zhang.cn@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>		2025-12-31 07:24:54 -08:00
..
classes	goarch.bbclass: do not leak TUNE_FEATURES into crosssdk task signatures	2025-11-19 08:21:24 -08:00
conf	conf/bitbake.conf: use gnu mirror instead of main server	2025-10-14 07:20:36 -07:00
files	meta: Enable '-o pipefail' for the SDK installer	2025-03-04 08:46:02 -08:00
lib	oeqa/sdk/cases/buildcpio.py: use gnu mirror instead of main server	2025-10-14 07:20:36 -07:00
recipes-bsp	efibootmgr: update SRC_URI branch	2025-11-19 08:21:24 -08:00
recipes-connectivity	openssh: fix CVE-2025-61984	2025-12-12 08:49:37 -08:00
recipes-core	build-appliance-image: Update to kirkstone head revision	2025-12-12 08:54:41 -08:00
recipes-devtools	rsync: fix CVE-2025-10158	2025-12-31 07:24:54 -08:00
recipes-example/rust-hello-world
recipes-extended	libarchive: patch CVE-2025-60753	2025-12-01 06:50:49 -08:00
recipes-gnome	Don't use ftp.gnome.org	2025-11-06 07:14:05 -08:00
recipes-graphics	xwayland: Fix for CVE-2025-62231	2025-11-24 06:57:39 -08:00
recipes-kernel	babeltrace2: fetch with https protocol	2025-11-19 08:21:24 -08:00
recipes-multimedia	libpng: patch CVE-2025-66293	2025-12-12 08:49:37 -08:00
recipes-rt	meta/recipes: python 3.12 regex	2024-03-01 05:19:54 -10:00
recipes-sato	puzzles: ignore three new CVEs for a different puzzles	2025-03-19 07:13:17 -07:00
recipes-support	libmicrohttpd: disable experimental code by default	2025-12-12 08:49:37 -08:00
site
COPYING.MIT
recipes.txt