mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-09 17:39:31 +00:00
Code Issues Projects Releases Wiki Activity
Files
7ad1d266889568491e25d7a26f3785de38db1982
poky/meta/recipes-devtools
T
History
Divya Chellam 7ad1d26688 ruby: fix CVE-2025-27221 
In the URI gem before 1.0.3 for Ruby, the URI handling methods
(URI.join, URI#merge, URI#+) have an inadvertent leakage of
authentication credentials because userinfo is retained even
after changing the host.

Reference:
https://security-tracker.debian.org/tracker/CVE-2025-27221

Upstream-patches:
https://github.com/ruby/uri/commit/3675494839112b64d5f082a9068237b277ed1495
https://github.com/ruby/uri/commit/2789182478f42ccbb62197f952eb730e4f02bfc5

(From OE-Core rev: 421d7011269f4750f5942b815d68f77fa4559d69)

Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-06-02 07:12:34 -07:00
..
apt
Revert "apt: runtime error: filename too long (tmpdir length)"
2024-07-23 06:05:47 -07:00
autoconf
autoconf-archive
automake
automake: mark new_rt_path_for_test-driver.patch as Inappropriate
2024-08-01 06:08:09 -07:00
binutils
binutils: Fix CVE-2025-1179
2025-06-02 07:12:34 -07:00
bison
bootchart2
btrfs-tools
btrfs-tools: upgrade 6.5.3 -> 6.7.1
2024-03-07 17:25:02 +00:00
ccache
ccache: upgrade 4.9 -> 4.9.1
2024-03-01 09:28:51 +00:00
cdrtools
cdrtools-native: fix build with gcc-14
2024-06-20 06:29:44 -07:00
chrpath
cmake
cmake: Fix sporadic issues when determining compiler internals
2024-11-18 06:59:35 -08:00
createrepo-c
createrepo-c: upgrade 1.0.3 -> 1.0.4
2024-03-01 09:28:51 +00:00
debugedit
dejagnu
dejagnu: Fix LICENSE
2024-09-19 05:11:35 -07:00
desktop-file-utils
pulseaudio, desktop-file-utils: correct freedesktop.org -> www.freedesktop.org SRC_URI
2024-10-02 06:15:15 -07:00
devel-config
diffstat
distcc
dmidecode
dnf
dnf: drop python3-iniparse from DEPENDS and RDEPENDS
2024-12-13 05:21:54 -08:00
docbook-xml
dosfstools
dpkg
dpkg: mark patches adding custom non-debian architectures as inappropriate for upstream
2024-08-01 06:08:09 -07:00
dwarfsrcfiles
e2fsprogs
e2fsprogs: removed 'sed -u' option
2024-11-09 05:53:57 -08:00
elfutils
elfutils: Fix CVE-2025-1371
2025-05-08 13:37:29 -07:00
erofs-utils
expect
expect-native: fix do_compile failure with gcc-14
2024-09-03 05:39:12 -07:00
fdisk
file
file: enable additional internal compressor support
2024-02-08 10:59:06 +00:00
flex
bash/flex: Ensure BUILD_FLAGS doesn't leak onto target
2024-03-19 15:25:12 +00:00
gcc
gcc: unify cleanup of include-fixed, apply to cross-canadian
2025-03-26 08:48:51 -07:00
gdb
gdb: Upgrade 14.1 -> 14.2
2024-03-05 12:24:49 +00:00
git
buildtools-tarball: Make buildtools respects host CA certificates
2025-05-02 08:20:12 -07:00
gnu-config
gnu-config: Update to latest version
2024-02-06 10:32:19 +00:00
go
go: fix CVE-2025-22871
2025-04-16 06:41:24 -07:00
help2man
i2c-tools
icecc-create-env
icecc-toolchain
intltool
jquery
json-c
libcomps
libdnf
libdnf: upgrade 0.73.1 -> 0.73.2
2024-09-09 06:08:10 -07:00
libedit
libedit: Make docs generation deterministic
2024-09-19 05:11:35 -07:00
libmodulemd
librepo
librepo: update 1.16.0 -> 1.17.0
2024-03-07 17:25:02 +00:00
libtool
nativesdk-libtool: sanitize the script, remove buildpaths
2025-03-26 08:48:51 -07:00
llvm
llvm: reduce size of -dbg package
2024-11-26 06:11:30 -08:00
log4cplus
lua
m4
make
makedevs
makedevs: Fix matching uid/gid
2024-10-18 06:04:41 -07:00
meson
meson: don't use deprecated pkgconfig variable
2024-07-17 05:36:14 -07:00
mmc
mmc-utils: fix URL
2024-07-26 07:43:46 -07:00
mtd
mtools
nasm
nasm: Upgrade 2.16.01 -> 2.16.03
2024-08-10 06:34:25 -07:00
ninja
ninja: fix build with python 3.13
2024-12-06 05:50:25 -08:00
opkg
opkg-arch-config: update recipe HOMEPAGE
2024-02-09 13:55:06 +00:00
opkg-utils
orc
orc: upgrade 0.4.39 -> 0.4.40
2024-11-09 05:53:57 -08:00
patch
patchelf
perl
perl: upgrade 5.38.2 -> 5.38.4
2025-05-02 08:20:12 -07:00
perl-cross
perlcross: 1.6 -> 1.6.2
2025-05-02 08:20:11 -07:00
pkgconf
pkg-config-native: pick additional search paths from $EXTRA_NATIVE_PKGCONFIG_PATH
2025-02-12 06:25:37 -08:00
pkgconfig
pkg-config-native: pick additional search paths from $EXTRA_NATIVE_PKGCONFIG_PATH
2025-02-12 06:25:37 -08:00
pseudo
pseudo: Fix envp bug and add posix_spawn wrapper
2024-11-18 06:59:35 -08:00
python
buildtools-tarball: Make buildtools respects host CA certificates
2025-05-02 08:20:12 -07:00
qemu
qemu 8.2.7: ignore CVE-2023-1386
2025-04-01 09:08:42 -07:00
quilt
repo
repo: upgrade 2.41 -> 2.42
2024-03-07 17:25:03 +00:00
rpm
rpm: fix expansion of %_libdir in macros
2024-10-02 06:15:15 -07:00
rsync
rsync: fix CVE-2024-12747
2025-01-25 06:20:37 -08:00
ruby
ruby: fix CVE-2025-27221
2025-06-02 07:12:34 -07:00
run-postinsts
run-postinsts.service: Removed --no-reload to fix reload warning when users execute systemctl in the first boot.
2024-06-14 05:19:22 -07:00
rust
rust-cross-canadian: Set CVE_STATUS ignore for CVE-2024-43402
2025-04-07 06:34:44 -07:00
squashfs-tools
strace
strace: download release tarballs from GitHub
2024-11-26 06:11:30 -08:00
subversion
subversion: ignore CVE-2024-45720
2025-02-21 06:25:05 -08:00
swig
swig: upgrade 4.2.0 -> 4.2.1
2024-03-01 09:28:52 +00:00
syslinux
syslinux: Disable error on implicit-function-declaration
2024-02-05 14:06:10 +00:00
systemd-bootchart
tcf-agent
tcltk
tcl: skip io-13.6 test case
2024-11-26 06:11:30 -08:00
unfs3
unifdef
vala
vala: fix for gtk4 prior to 4.14
2024-03-18 12:21:45 +00:00
valgrind
valgrind: Backport fixes from 3.22 branch
2024-03-30 22:22:19 +00:00
xmlto