mirror of
https://git.yoctoproject.org/poky
synced 2026-05-31 12:49:46 +00:00
Huang Qiyu
32a6e809f8
1.Upgrade curl from 7.54.1 to 7.57.0. 2.Delete CVE-2017-1000099.patch, CVE-2017-1000100.patch, CVE-2017-1000101.patch, CVE-2017-1000254.patch, reproducible-mkhelp.patch, since it is integrated upstream. 3.Remove "do_install_append()" from curl_7.57.0.bb, since curl/curlbuild.h has been removed. this update include CVE fixes for: CVE-2018-1000007 CWE-522: Insufficiently Protected Credentials CVE-2018-1000005 CWE-126: Buffer Over-read CVE-2017-8818 CWE-125: Out-of-bounds Read CVE-2017-8817 CWE-126: Buffer Over-read CVE-2017-8816 CWE-131: Incorrect Calculation of Buffer Size CVE-2017-1000257 CWE-126: Buffer Over-read Most of the changes are bug fixes. https://curl.haxx.se/changes.html (From OE-Core rev: 215d5677004537fc190b5381157ac8b94db6d7e8) (From OE-Core rev: 7f1029aff8abaadb25730fef50c495dcd6fc1e30) Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Safer to upgrade than to backport CVE-2017-8818. Lots of depends patches] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
QEMU Emulation Targets ====================== To simplify development, the build system supports building images to work with the QEMU emulator in system emulation mode. Several architectures are currently supported in 32 and 64 bit variants: * ARM (qemuarm + qemuarm64) * x86 (qemux86 + qemux86-64) * PowerPC (qemuppc only) * MIPS (qemumips + qemumips64) Use of the QEMU images is covered in the Yocto Project Reference Manual. The appropriate MACHINE variable value corresponding to the target is given in brackets.