mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-09 17:39:31 +00:00
Code Issues Projects Releases Wiki Activity
Files
8b56df5241d61efbcc171027d33ace5f9f4127af
poky/meta/recipes-devtools
T
History
Archana Polampalli 8b56df5241 go: fix CVE-2023-29402 
The go command may generate unexpected code at build time when using cgo.
This may result in unexpected behavior when running a go program which uses cgo.
This may occur when running an untrusted module which contains directories
with newline characters in their names. Modules which are retrieved using the go
command, i.e. via "go get", are not affected (modules retrieved using GOPATH-mode,
i.e. GO111MODULE=off, may be affected).

References:
https://nvd.nist.gov/vuln/detail/CVE-2023-29402

Upstream patches:
https://github.com/golang/go/commit/4dae3bbe0e6a5700037bb996ae84d6f457c4f58a

(From OE-Core rev: aeb0829e52c60a77a2135af8332435b6e2db5b3d)

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2023-07-01 08:37:24 -10:00
..
apt
apt: fix do_package_qa failure
2023-02-15 21:46:56 +00:00
autoconf
autoconf: Update K & R stype functions
2022-09-16 17:53:22 +01:00
autoconf-archive
automake
binutils
binutils : Fix CVE-2023-25588
2023-05-10 04:19:56 -10:00
bison
bootchart2
bootchart2: Fix usrmerge support
2023-02-15 21:46:56 +00:00
btrfs-tools
btrfs-tools: upgrade 5.16 -> 5.16.2
2022-03-04 17:14:15 +00:00
cargo
rust-common: Drop LLVM_TARGET and simplify
2022-06-07 11:53:26 +01:00
ccache
cdrtools
chrpath
cmake
cmake-native: Fix host tool contamination (Bug: 14951)
2022-11-09 17:42:08 +00:00
createrepo-c
createrepo-c: upgrade 0.18.0 -> 0.19.0
2022-03-16 10:31:40 +00:00
dejagnu
desktop-file-utils
devel-config
diffstat
distcc
dmidecode
dnf
dnf: upgrade 4.10.0 -> 4.11.1
2022-03-16 10:31:40 +00:00
docbook-xml
dosfstools
dpkg
dpkg: fix CVE-2022-1664
2022-08-01 16:27:29 +01:00
dwarfsrcfiles
e2fsprogs
e2fsprogs: fix ptest bug for second running
2023-06-21 04:00:58 -10:00
elfutils
erofs-utils
erofs-utils: Use __SANE_USERSPACE_TYPES__ on ppc64
2022-03-15 08:40:09 +00:00
expect
expect: modify fixline1 script
2022-03-16 13:39:12 +00:00
fdisk
file
flex
gcc
gcc-runtime: Use static dummy libstdc++
2023-05-30 04:11:15 -10:00
gdb
git
git: ignore CVE-2023-25815
2023-05-30 04:11:15 -10:00
glide
gnu-config
gnu-config: update SRC_URI
2022-03-24 17:45:29 +00:00
go
go: fix CVE-2023-29402
2023-07-01 08:37:24 -10:00
help2man
i2c-tools
icecc-create-env
icecc-toolchain
intltool
jquery
json-c
json-c: Add ptest for json-c
2023-04-11 11:31:52 +01:00
libcomps
libdnf
libdnf: Add a dependency on util-linux
2022-03-29 15:59:28 +01:00
libedit
libmodulemd
librepo
librepo: upgrade 1.14.2 -> 1.14.3
2022-05-25 22:45:50 +01:00
libtool
libtool: Upgrade 2.4.6 -> 2.4.7
2022-03-23 12:13:49 +00:00
llvm
llvm: backport a fix for build with gcc-13
2023-05-30 04:11:15 -10:00
log4cplus
log4cplus: upgrade 2.0.7 -> 2.0.8
2022-08-04 16:29:15 +01:00
lua
lua: Fix install conflict when enable multilib.
2023-03-20 17:20:44 +00:00
m4
m4: Fix build on musl/ppc
2022-03-11 06:56:01 +00:00
make
makedevs
makedevs: Don't use COPYING.patch just to add license file into ${S}
2022-06-11 10:06:13 +01:00
meson
meson: Fix wrapper handling of implicit setup command
2023-03-20 17:20:44 +00:00
mmc
mmc-utils: upgrade to latest revision
2022-05-25 22:45:50 +01:00
mtd
mtd-utils: upgrade 2.1.4 -> 2.1.5
2022-12-01 19:35:05 +00:00
mtools
mtools: upgrade 4.0.37 -> 4.0.38
2022-03-20 00:02:22 +00:00
nasm
nasm: fix CVE-2022-46457
2023-06-23 04:16:40 -10:00
ninja
ninja: ignore CVE-2021-4336, wrong ninja
2023-07-01 08:37:24 -10:00
opkg
opkg: Set correct info_dir and status_file in opkg.conf
2022-12-13 15:23:34 +00:00
opkg-utils
opkg-utils: use a git clone, not a dynamic snapshot
2022-11-09 17:42:08 +00:00
orc
patch
patchelf
patchelf: replace a rejected patch with an equivalent uninative.bbclass tweak
2023-04-11 11:31:52 +01:00
perl
perl: fix CVE-2023-31484
2023-06-14 04:16:59 -10:00
perl-cross
perl-cross: update 1.3.6 -> 1.3.7
2022-03-20 00:02:22 +00:00
pkgconf
pkgconf: fix CVE-2023-24056
2023-03-23 22:45:33 +00:00
pkgconfig
pseudo
pseudo: Update to include recent upstream minor fixes
2022-09-12 08:41:48 +01:00
python
python3-requests: fix for CVE-2023-32681
2023-06-14 04:16:59 -10:00
qemu
qemu: Whitelist CVE-2023-0664
2023-05-03 04:17:12 -10:00
quilt
quilt: Fix merge.test race condition
2023-05-30 04:11:15 -10:00
repo
rpm
rpm: Remove -Wimplicit-function-declaration warnings
2022-10-11 21:56:13 +01:00
rsync
rsync: Turn on -pedantic-errors at the end of 'configure'
2023-04-11 11:31:52 +01:00
ruby
ruby: Fix CVE-2023-28755
2023-05-03 04:17:12 -10:00
run-postinsts
run-postinsts: Set dependency for ldconfig to avoid boot issues
2023-05-10 04:19:57 -10:00
rust
meta: remove True option to getVar and getVarFlag calls (again)
2023-02-15 21:46:56 +00:00
squashfs-tools
squashfs-tools: correct upstream version check
2022-03-20 00:02:22 +00:00
strace
strace: set COMPATIBLE_HOST for riscv32
2022-08-08 16:23:37 +01:00
subversion
subversion: upgrade to 1.14.2
2022-05-04 13:07:33 +01:00
swig
syslinux
systemd-bootchart
tcf-agent
tcltk
tcl: correct patch status
2022-11-24 15:30:01 +00:00
unfs3
unifdef
vala
vala: Fix install conflict when enable multilib.
2023-03-20 17:20:44 +00:00
valgrind
valgrind: skip the boost_thread test on arm
2023-01-06 17:33:23 +00:00
xmlto