mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-06-04 14:39:54 +00:00
Markus Volk
3a9fc5ba68
- Remove outdated comment - Switch to git fetcher. Otherwise the official download location leads to: WARNING: exiv2-0.28.2-r0 do_recipe_qa: QA Issue: exiv2: SRC_URI uses unstable GitHub/GitLab archives, convert recipe to use git protocol [src-uri-bad] - Remove reproducibility hack. Theres no buildpath leakage in exiv2Config.cmake anymore. Changes from version 0.28.1 to 0.28.2 ------------------------------------- Release Notes: * https://github.com/Exiv2/exiv2/issues/2914 * https://github.com/Exiv2/exiv2/milestone/13?closed=1 This release also fixes two low-severity security issues in quicktimevideo.cpp: * [CVE-2024-24826](https://github.com/Exiv2/exiv2/security/advisories/GHSA-g9xm-7538-mq8w): out-of-bounds read in QuickTimeVideo::NikonTagsDecoder. * [CVE-2024-25112](https://github.com/Exiv2/exiv2/security/advisories/GHSA-crmj-qh74-2r36): denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder. These vulnerabilities are in a new feature (quicktime video) that was added in version 0.28.0, so earlier versions of Exiv2 are not affected. Changes from version 0.28.0 to 0.28.1 ------------------------------------- Release Notes: https://github.com/Exiv2/exiv2/issues/2813 This release also fixes [CVE-2023-44398](https://github.com/Exiv2/exiv2/security/advisories/GHSA-hrw9-ggg3-3r4r), an out-of-bounds write in `BmffImage::brotliUncompress`. The vulnerability is in new code that was added in version 0.28.0, so earlier versions of Exiv2 are not affected. Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
Collection of layers for the OE-core universe
Main layer maintainer: Khem Raj raj.khem@gmail.com
This repository is a collection of layers to suppliment OE-Core with additional packages, Each layer have designated maintainer Please see the respective READMEs in the layer subdirectories