mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-14 05:49:57 +00:00
Code Issues Projects Releases Wiki Activity
Files
acdeeb0a4acdb0f05678d05e9472cedf9564e516
meta-openembedded/meta-oe/recipes-extended
T
History
Praveen Kumar 033f224986 polkit: fix CVE-2025-7519 
A flaw was found in polkit. When processing an XML policy with 32 or
more nested elements in depth, an out-of-bounds write can be triggered.
This issue can lead to a crash or other unexpected behavior, and
arbitrary code execution is not discarded. To exploit this flaw, a
high-privilege account is needed as it's required to place the
malicious policy file properly.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-7519

Upstream-patch:
https://github.com/polkit-org/polkit/commit/107d3801361b9f9084f78710178e683391f1d245

Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2025-09-26 13:17:10 +02:00
..
beep
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
bitwise
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
boinc
boinc-client: Make script install not depend on host install paths
2022-05-03 06:49:08 -07:00
brotli
recipes: Update SRC_URI branch and protocols
2021-11-03 06:57:49 -07:00
byacc
byacc: upgrade 20211224 -> 20220128
2022-04-11 08:52:55 -07:00
cfengine
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
cmatrix
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
cmpi-bindings
recipes: Update SRC_URI branch and protocols
2021-11-03 06:57:49 -07:00
collectd
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
ddrescue
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
dialog
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
dlt-daemon
dlt-daemon: fix CVE-2023-36321
2025-03-06 09:44:32 -05:00
docopt.cpp
recipes: Update SRC_URI branch and protocols
2021-11-03 06:57:49 -07:00
duktape
duktape: Add ptest
2023-04-04 09:04:45 -04:00
dumb-init
recipes: Update SRC_URI branch and protocols
2021-11-03 06:57:49 -07:00
enscript
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
figlet
recipes: Update SRC_URI branch and protocols
2021-11-03 06:57:49 -07:00
fluentbit
fluentbit: Disable systemd support when systemd distro feature is disabled
2022-05-03 06:49:08 -07:00
gnuplot
gnuplot: inherit pkgconfig
2022-04-19 09:45:38 -07:00
haveged
haveged: upgrade 1.9.17 -> 1.9.18
2022-04-11 07:46:51 -07:00
hexedit
hexedit: upgrade 1.5 -> 1.6
2022-05-03 06:49:08 -07:00
hiredis
recipes: Update SRC_URI branch and protocols
2021-11-03 06:57:49 -07:00
hplip
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
hwloc
hwloc: fix CVE-2022-47022
2023-09-06 09:13:26 -04:00
icewm
icewm:include imlib2-loaders package
2022-04-13 19:21:40 -07:00
indent
indent: fix CVE-2024-0911
2024-12-08 15:01:32 -05:00
inputattach-config
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
iotop
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
isomd5sum
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
jansson
jansson: whitelist CVE-2020-36325
2023-03-22 07:32:56 -04:00
jpnevulator
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
konkretcmpi
recipes: Update SRC_URI branch and protocols
2021-11-03 06:57:49 -07:00
libbacktrace
recipes: Update SRC_URI branch and protocols
2021-11-03 06:57:49 -07:00
libblockdev
libblockdev: fix CVE-2025-6019
2025-07-13 14:35:44 -04:00
libcec
libcec: fix runtime dependencies for ${PN}-examples
2022-09-25 11:00:54 -04:00
libconfig
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
libdivecomputer
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
libexecinfo
libexecinfo: fix complie issue
2017-09-07 10:57:37 +02:00
libgxim
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
libidn
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
libimobiledevice
libplist: ignore patched CVEs
2022-07-21 07:17:06 -07:00
libleak
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
liblightmodbus
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
liblockfile
liblockfile: fix do_install failure when ldconfig is not installed
2023-03-05 07:45:40 -05:00
liblogging
liblogging: Clarify BSD license variant
2019-10-25 10:29:51 -07:00
liblognorm
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
libmodbus
libmodbus: patch CVE-2024-10918
2025-03-20 09:56:59 -04:00
libpwquality
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
libqb
libqb: upgrade 2.0.6 -> 2.0.8
2023-08-25 10:39:56 -04:00
libreport
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
libserialport
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
libstatgrab
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
libuio
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
libwmf
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
libx86-1
libx86-1: fix QA warning for GNU_HASH
2016-08-22 15:49:29 +02:00
libyang
libyang: fix CVE-2023-26917
2023-07-25 07:23:15 -04:00
libzip
libzip: add CVE-2017-12858 to allowlist
2022-04-06 20:25:34 -04:00
linuxconsole
linuxconsole: Fix makefile issue found with clang
2022-04-14 19:42:10 -07:00
lockfile-progs
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
logwatch
logwatch: upgrade 7.5.3 -> 7.6
2022-04-12 09:28:25 -07:00
lprng
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
md5deep
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
minifi-cpp
recipes: Update SRC_URI branch and protocols
2021-11-03 06:57:49 -07:00
mozjs
mozjs: Use vendored icu on ppc/clang
2022-05-03 06:49:07 -07:00
mraa
meta-oe: Use setuptools3-base
2022-01-12 09:35:18 -08:00
nana
Convert to new override syntax
2021-08-03 10:21:25 -07:00
nicstat
nicstat: Fix build on musl/x86_64
2017-07-24 18:58:51 +02:00
openlmi
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
openwsman
openwsman: Change download branch from master to main.
2023-04-13 08:25:54 -04:00
ostree
ostree: prevent ostree-native depending on target virtual/kernel to provide kernel-module-overlay
2022-05-23 07:37:55 -07:00
p7zip
p7zip: Fix CVE-2023-52169 and CVE-2023-52168
2024-12-08 15:03:06 -05:00
p8platform
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
pam
pam-ssh-agent-auth: Use specific versions of BSD licenses
2022-05-03 06:49:07 -07:00
pegtl
pegtl: upgrade 3.2.1 -> 3.2.5
2022-04-14 19:42:10 -07:00
perl
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
pmdk
pmdk: Fix build with newer ndctl
2022-03-26 18:15:11 -07:00
polkit
polkit: fix CVE-2025-7519
2025-09-26 13:17:10 +02:00
properties-cpp
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
rarpd
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
redis
redis: Fix CVE-2025-21605
2025-07-02 20:30:58 -04:00
redis-plus-plus
redis-plus-plus: Use GNUInstallDirs in cmake
2022-03-21 08:25:11 -07:00
rrdtool
rrdtool: upgrade 1.7.2 -> 1.8.0
2022-03-24 09:45:25 -07:00
rsyslog
rsyslog: update 8.2202->8.2206
2022-07-21 07:36:05 -07:00
s-nail
s-nail: Set VAL_MTA
2022-05-17 05:57:10 -07:00
sanlock
meta-oe: ignore patched CVEs
2022-07-21 07:17:15 -07:00
sblim-cmpi-devel
sblim-cmpi-devel: add new recipe
2015-07-30 21:26:01 +02:00
sblim-sfc-common
sblim-sfc-common: use official SPDX license for EPL
2018-11-26 09:38:13 -08:00
sblim-sfcb
meta-oe: ignore patched CVEs
2022-07-21 07:17:15 -07:00
sblim-sfcc
sblim-sfcc: Fix build with musl
2017-09-13 11:13:21 +02:00
scsirastools
Convert to new override syntax
2021-08-03 10:21:25 -07:00
sedutil
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
sgpio
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
sigrok
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
smartmontools
smartmontools: upgrade 7.2 -> 7.3
2022-03-07 09:27:53 -08:00
snappy
snappy: use main branch to fix fetch failure
2022-01-25 09:13:09 -08:00
socketcan
canutils: use https instead of git protocol
2025-07-02 20:36:29 -04:00
sysdig
sysdig: Upgrade to 0.28.0
2022-03-24 09:45:25 -07:00
tipcutils
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
tiptop
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
tmate
recipes: Update SRC_URI branch and protocols
2021-11-03 06:57:49 -07:00
tmux
Convert to new override syntax
2021-08-03 10:21:25 -07:00
triggerhappy
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
uml-utilities
uml-utilities: Define LIB_DIR to be libdir relative
2022-03-21 08:25:11 -07:00
upm
meta-oe: Use setuptools3-base
2022-01-12 09:35:18 -08:00
vlock
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
volume_key
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
wipe
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
wxwidgets
wxwidgets: Fix building without x11
2022-04-10 10:05:35 -07:00
zlog
recipes: Update LICENSE variable to use SPDX license identifiers
2022-03-04 17:41:45 -08:00
zram
Convert to new override syntax
2021-08-03 10:21:25 -07:00
zsync
recipes: Update SRC_URI branch and protocols
2021-11-03 06:57:49 -07:00