CaROS/poky

mirror of https://git.yoctoproject.org/git/poky synced 2026-01-01 13:58:04 +00:00

Go to file

Soumya Sambu 7dd51aea98 elfutils: Fix CVE-2025-1376 A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability affects the function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is b16f441cca0a4841050e3215a9f120a6d8aea918. It is recommended to apply a patch to fix this issue. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-1376 Upstream patch: https://sourceware.org/git/?p=elfutils.git;a=commit;h=b16f441cca0a4841050e3215a9f120a6d8aea918 (From OE-Core rev: 1126e5c1e63b876499c78ac403d1327645edf1c7) Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>		2025-11-24 06:57:39 -08:00
bitbake	bitbake: test/fetch: Switch u-boot based test to use our own mirror	2025-07-30 07:47:48 -07:00
contrib	contrib/git-hooks: add a sendemail-validate example hook that adds FROM: lines to outgoing patch emails	2020-12-30 14:01:07 +00:00
documentation	migration-guides: add release notes for 4.0.31	2025-11-19 08:21:24 -08:00
meta	elfutils: Fix CVE-2025-1376	2025-11-24 06:57:39 -08:00
meta-poky	poky.conf: bump version for 4.0.31	2025-10-31 06:29:24 -07:00
meta-selftest	pulseaudio: Add audio group explicitly	2025-09-08 08:27:11 -07:00
meta-skeleton	useradd-example: do not use unsupported clear text password	2024-03-12 04:06:19 -10:00
meta-yocto-bsp	yocto-bsp: update to v5.15.150	2024-03-13 07:39:09 -10:00
scripts	scripts/install-buildtools: Update to 4.0.30	2025-10-14 07:20:36 -07:00
.gitignore	bitbake: gitignore: ignore runqueue-tests/bitbake-cookerdaemon.log	2021-03-12 16:47:12 +00:00
.templateconf
LICENSE
LICENSE.GPL-2.0-only
LICENSE.MIT
MAINTAINERS.md	MAINTAINERS: add overlayfs maintainer	2021-08-12 06:26:15 +01:00
Makefile	bitbake: sphinx: rename Makefile.sphinx	2020-10-06 13:54:27 +01:00
MEMORIAM	MEMORIAM: Add recognition for contributors no longer with us	2020-01-30 15:22:35 +00:00
oe-init-build-env	oe-init-build-env: add quotes around variables to prevent word splitting	2022-04-05 22:23:40 +01:00
README.hardware.md	README: Move to using markdown as the format	2021-06-16 16:33:18 +01:00
README.md	Add README link to README.poky	2021-07-19 18:07:21 +01:00
README.OE-Core.md	README.OE-Core.md: update URLs	2021-12-01 22:42:00 +00:00
README.poky.md	README: Move to using markdown as the format	2021-06-16 16:33:18 +01:00
README.qemu.md	README.OE-Core/README.qemu: Move to markdown format	2021-07-20 08:51:06 +01:00
SECURITY.md	SECURITY.md: Add file	2023-10-24 05:28:15 -10:00

README.md

Poky

Poky is an integration of various components to form a pre-packaged build system and development environment which is used as a development and validation tool by the Yocto Project. It features support for building customised embedded style device images and custom containers. There are reference demo images ranging from X11/GTK+ to Weston, commandline and more. The system supports cross-architecture application development using QEMU emulation and a standalone toolchain and SDK suitable for IDE integration.

Additional information on the specifics of hardware that Poky supports is available in README.hardware. Further hardware support can easily be added in the form of BSP layers which extend the systems capabilities in a modular way. Many layers are available and can be found through the layer index.

As an integration layer Poky consists of several upstream projects such as BitBake, OpenEmbedded-Core, Yocto documentation, the 'meta-yocto' layer which has configuration and hardware support components. These components are all part of the Yocto Project and OpenEmbedded ecosystems.

The Yocto Project has extensive documentation about the system including a reference manual which can be found at https://docs.yoctoproject.org/

OpenEmbedded is the build architecture used by Poky and the Yocto project. For information about OpenEmbedded, see the OpenEmbedded website.

Contribution Guidelines

The project works using a mailing list patch submission process. Patches should be sent to the mailing list for the repository the components originate from (see below). Throughout the Yocto Project, the README files in the component in question should detail where to send patches, who the maintainers are and where bugs should be reported.

A guide to submitting patches to OpenEmbedded is available at:

https://www.openembedded.org/wiki/How_to_submit_a_patch_to_OpenEmbedded

There is good documentation on how to write/format patches at:

https://www.openembedded.org/wiki/Commit_Patch_Message_Guidelines

Where to Send Patches

As Poky is an integration repository (built using a tool called combo-layer), patches against the various components should be sent to their respective upstreams:

OpenEmbedded-Core (files in meta/, meta-selftest/, meta-skeleton/, scripts/):

Git repository: https://git.openembedded.org/openembedded-core/
Mailing list: openembedded-core@lists.openembedded.org

BitBake (files in bitbake/):

Git repository: https://git.openembedded.org/bitbake/
Mailing list: bitbake-devel@lists.openembedded.org

Documentation (files in documentation/):

Git repository: https://git.yoctoproject.org/cgit/cgit.cgi/yocto-docs/
Mailing list: docs@lists.yoctoproject.org

meta-yocto (files in meta-poky/, meta-yocto-bsp/):

Git repository: https://git.yoctoproject.org/cgit/cgit.cgi/meta-yocto
Mailing list: poky@lists.yoctoproject.org

If in doubt, check the openembedded-core git repository for the content you intend to modify as most files are from there unless clearly one of the above categories. Before sending, be sure the patches apply cleanly to the current git repository branch in question.