CaROS/poky
3
1
Fork 0
mirror of https://git.yoctoproject.org/git/poky synced 2026-01-01 13:58:04 +00:00
Code Issues Packages Projects Releases Wiki Activity
6639c7b295
poky/meta
History
Divya Chellam 6639c7b295 ruby: fix CVE-2024-41123 
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some DoS
vulnerabilities when it parses an XML that has many specific characters
such as whitespace character, `>]` and `]>`. The REXML gem 3.3.3 or later
include the patches to fix these vulnerabilities.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2024-41123

Upstream-patches:
2c39c91a65
4444a04ece
ebc3e85bfa
6cac15d458
e2546e6eca

(From OE-Core rev: 6b2a2e689a69deef6098f6c266542234e46fb24b)

Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-12-01 06:50:49 -08:00
..
classes goarch.bbclass: do not leak TUNE_FEATURES into crosssdk task signatures 2025-11-19 08:21:24 -08:00
conf conf/bitbake.conf: use gnu mirror instead of main server 2025-10-14 07:20:36 -07:00
files meta: Enable '-o pipefail' for the SDK installer 2025-03-04 08:46:02 -08:00
lib oeqa/sdk/cases/buildcpio.py: use gnu mirror instead of main server 2025-10-14 07:20:36 -07:00
recipes-bsp efibootmgr: update SRC_URI branch 2025-11-19 08:21:24 -08:00
recipes-connectivity bind: upgrade 9.18.33 -> 9.18.41 2025-11-06 07:14:05 -08:00
recipes-core musl: patch CVE-2025-26519 2025-11-24 06:57:39 -08:00
recipes-devtools ruby: fix CVE-2024-41123 2025-12-01 06:50:49 -08:00
recipes-example/rust-hello-world rustfmt: remove the recipe 2021-12-08 20:22:11 +00:00
recipes-extended ghostscript: patch CVE-2025-59800 2025-10-14 07:20:35 -07:00
recipes-gnome Don't use ftp.gnome.org 2025-11-06 07:14:05 -08:00
recipes-graphics xwayland: Fix for CVE-2025-62231 2025-11-24 06:57:39 -08:00
recipes-kernel babeltrace2: fetch with https protocol 2025-11-19 08:21:24 -08:00
recipes-multimedia ffmpeg: mark CVE-2023-6601 as patched 2025-10-14 07:20:36 -07:00
recipes-rt meta/recipes: python 3.12 regex 2024-03-01 05:19:54 -10:00
recipes-sato puzzles: ignore three new CVEs for a different puzzles 2025-03-19 07:13:17 -07:00
recipes-support curl: ignore CVE-2025-10966 2025-11-19 08:21:24 -08:00
site ppc/siteinfo: Fix differences between musl and glibc 2022-03-15 08:40:09 +00:00
COPYING.MIT
recipes.txt