mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-13 17:39:57 +00:00
Code Issues Projects Releases Wiki Activity
Files
838ca228086821cf82b3de83fb78412c6d2784c8
meta-openembedded/meta-oe
T
History
Libo Chen 6f240eceb0 hdf5: fix CVE-2025-2309 
According to [1], A vulnerability has been found in HDF5 1.14.6 and
classified as critical. This vulnerability affects the function
H5T__bit_copy of the component Type Conversion Logic. The manipulation
leads to heap-based buffer overflow. Local access is required to approach
this attack. The exploit has been disclosed to the public and may be used.
The real existence of this vulnerability is still doubted at the moment.
The vendor plans to fix this issue in an upcoming release.

Backport patch [2] from upstream to fix CVE-2025-2309

[1] https://nvd.nist.gov/vuln/detail/CVE-2025-2309
[2] https://github.com/HDFGroup/hdf5/commit/9d90b21ef5c5373978014f1a711795aa653bd9a1

Signed-off-by: Libo Chen <libo.chen.cn@windriver.com>
Signed-off-by: Jinfeng Wang <jinfeng.wang.cn@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-04-15 14:12:18 +05:30
..
classes
meta-oe: image: optionally remove RAW image after sparse image creation
2025-09-23 10:08:04 +08:00
conf
layer.conf: add bpftrace to NON_MULTILIB_RECIPES
2025-10-06 15:59:57 +08:00
dynamic-layers
mongodb: ignore CVE-2025-14911
2026-02-09 09:35:57 +05:30
files
influxdb: Add missing group to static id
2024-02-17 17:35:24 -08:00
lib/oeqa/selftest/cases
syzkaller: add recipe and selftest for syzkaller fuzzing
2022-10-21 09:57:59 -07:00
licenses
openldap: make license match spdx identifier
2025-11-17 10:15:06 +05:30
recipes-benchmark
nbench-byte: Fix sysinfo generation in parallel build
2026-02-25 10:27:47 +05:30
recipes-bsp
acpitool: update SRC_URI
2026-01-26 11:11:48 +05:30
recipes-connectivity
krb5: fix build with gcc-15
2026-03-24 15:51:50 +05:30
recipes-core
recipes-core/toybox: Switch SRC_URI to HTTPS for reliable fetch
2026-01-12 07:50:49 +05:30
recipes-crypto
libsodium: patch CVE-2025-69277
2026-01-12 08:12:23 +05:30
recipes-dbs
mariadb: upgrade 10.11.12 -> 10.11.16
2026-03-24 08:52:15 +05:30
recipes-devtools
yasm: fix CVE-2021-33454
2026-04-15 14:10:33 +05:30
recipes-extended
flatpak: add PACKAGECONFIG for dconf
2026-04-03 15:00:48 +05:30
recipes-gnome
pyxdg: update SRC_URI
2025-11-12 11:32:41 +05:30
recipes-graphics
libvncserver: fix CVE-2026-32854
2026-04-13 12:40:21 +05:30
recipes-kernel
trace-cmd: Update SRC_URI to use HTTPS protocol
2025-12-03 10:37:26 +05:30
recipes-multimedia
libjxl: mark CVE-2025-12474 and CVE-2026-1837 patched
2026-03-24 08:52:15 +05:30
recipes-navigation
gpsd: patch CVE-2025-67269
2026-01-19 12:15:45 +05:30
recipes-networking/cyrus-sasl
cyrus-sasl: Fix groupname gid change warning
2023-08-05 09:29:56 -07:00
recipes-printing
libcupsfilters: patch CVE-2025-64503
2026-02-09 09:35:56 +05:30
recipes-security
audit: fix build when systemd is enabled.
2025-11-17 10:15:06 +05:30
recipes-shells
dash: set CVE_PRODUCT
2025-10-30 14:43:34 +08:00
recipes-support
hdf5: fix CVE-2025-2309
2026-04-15 14:12:18 +05:30
recipes-test
evtest: upgrade 1.35 -> 1.36
2025-11-17 10:15:06 +05:30
COPYING.MIT
README.md
README: update listed maintainer
2026-02-25 13:58:47 +05:30

README.md

meta-oe

This layer depends on:

URI: git://github.com/openembedded/openembedded-core.git branch: scarthgap

luajit recipe requires host compiler to be able to generate 32bit code when target is 32bit e.g. arm, so ensure that $CC -m32 is functional on build host, if building this recipe, needed packages to fullfit this might have different names on different host distributions e.g. on archlinux based distributions install prerequisites like below

pacman -S lib32-gcc-libs lib32-glibc

Ubuntu sudo apt-get install gcc-multilib linux-libc-dev:i386

Send pull requests to openembedded-devel@lists.openembedded.org with '[meta-oe][scarthgap]' in the subject'

When sending single patches, please use something like: 'git send-email -M -1 --to openembedded-devel@lists.openembedded.org --subject-prefix="meta-oe][scarthgap][PATCH"'

You are encouraged to fork the mirror on GitHub https://github.com/openembedded/meta-openembedded to share your patches, this is preferred for patch sets consisting of more than one patch.

Other services like GitLab, repo.or.cz or self-hosted setups are of course accepted as well, 'git fetch ' works the same on all of them. We recommend GitHub because it is free, easy to use, has been proven to be reliable and has a really good web GUI.

Layer maintainer: Anuj Mittal anuj.mittal@oss.qualcomm.com

Reference in New Issue View Git Blame Copy Permalink