yoctoproject/poky-contrib
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky-contrib synced 2025-05-08 15:42:17 +08:00
Code Issues Packages Projects Releases Wiki Activity
poky-contrib/meta/recipes-support
History
Changqing Li e5902fa07b libsoup-2.4: fix CVE-2025-32911 
CVE-2025-32911:
A use-after-free type vulnerability was found in libsoup, in the
soup_message_headers_get_content_disposition() function. This flaw
allows a malicious HTTP client to cause memory corruption in the libsoup
server.

Backport patches to fix it

[1] https://nvd.nist.gov/vuln/detail/CVE-2025-32911
[2] https://gitlab.gnome.org/GNOME/libsoup/-/issues/433

(From OE-Core rev: 839d93bbb1ca7a51b659b8cb9def9b354a99518f)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2025-05-01 14:22:54 +01:00
..
appstream
appstream: upgrade 1.0.3 -> 1.0.4
2024-12-18 11:11:55 +00:00
apr
apr: drop libtoolize_check.patch
2025-04-10 11:05:34 +01:00
argp-standalone
aspell
aspell: Backport a fix to build with gcc-15/clang-19
2024-09-01 11:05:20 +01:00
atk
at-spi2-core: upgrade 2.56.0 -> 2.56.1
2025-04-03 11:06:19 +01:00
attr
acl: improve ptest packaging
2025-03-27 11:19:04 +00:00
bash-completion
bash-completion: upgrade 2.15.0 -> 2.16.0
2025-01-03 10:51:27 +00:00
bmaptool
bmaptool: put the PV in the filename
2025-04-29 09:55:32 +01:00
boost
boost: Use PN/BPN for naming of packages
2025-03-03 18:01:30 +00:00
ca-certificates
ca-certificates: submit sysroot patch upstream, drop default-sysroot.patch
2025-04-10 11:05:34 +01:00
consolekit
recipes: Drop remaining md5sum checksums
2025-05-01 14:22:53 +01:00
curl
buildtools-tarball: Make buildtools respects host CA certificates
2025-04-24 11:27:06 +01:00
db
recipes: Drop remaining md5sum checksums
2025-05-01 14:22:53 +01:00
debianutils
debianutils: upgrade 5.20 -> 5.21
2025-01-03 10:51:27 +00:00
diffoscope
diffoscope: upgrade 289 -> 293
2025-04-03 11:06:19 +01:00
dos2unix
dos2unix: upgrade 7.5.1 -> 7.5.2
2024-02-03 22:08:26 +00:00
enchant
enchant2: correct SRC_URI and other uris
2024-11-27 14:58:48 +00:00
fribidi
fribidi: upgrade 1.0.15 -> 1.0.16
2024-10-11 12:17:02 +01:00
gdbm
gdbm: Use C11 standard
2025-03-19 09:48:14 +00:00
gmp
gmp: Fix build with older gcc versions
2025-03-17 17:09:22 +00:00
gnome-desktop-testing
recipes: Default to https git protocol where possible
2023-05-05 11:07:25 +01:00
gnupg
gnupg: 2.5.4 -> 2.5.5
2025-03-13 11:00:35 +00:00
gnutls
libtasn1: upgrade 4.19.0 -> 4.20.0
2025-03-06 11:16:46 +00:00
gpgme
gpgme: upgrade 1.24.1 -> 1.24.2
2025-02-27 10:55:16 +00:00
hwdata
hwdata: upgrade 0.393 -> 0.394
2025-04-10 11:05:35 +01:00
icu
icu: set ac_cv_path_install to ensure install tool reproducibility
2025-04-29 13:28:10 +01:00
iso-codes
iso-codes: upgrade 4.16.0 -> 4.17.0
2024-09-30 17:00:50 +01:00
itstool
libassuan
libassuan: upgrade 3.0.1 -> 3.0.2
2025-03-06 11:16:47 +00:00
libatomic-ops
libatomic-ops: Update GITHUB_BASE_URI
2025-04-29 09:55:31 +01:00
libbsd
libbsd: Remove package specific licenses
2025-03-03 18:01:29 +00:00
libcap
libcap: upgrade to 2.75
2025-03-18 10:27:31 +00:00
libcap-ng
libcap-ng: update SRC_URI
2024-08-09 22:33:38 +01:00
libcheck
libcheck: add ghetto automake output
2023-05-25 10:29:08 +01:00
libdaemon
recipes: Drop remaining md5sum checksums
2025-05-01 14:22:53 +01:00
libdisplay-info
libdisplay-info: add recipe
2024-11-27 16:44:47 +00:00
libevdev
libevdev: upgrade 1.13.3 -> 1.13.4
2025-04-03 11:06:19 +01:00
libevent
libevent: fix patch Upstream-Status
2023-09-20 23:51:11 +01:00
libexif
libexif: upgrade 0.6.24 -> 0.6.25
2025-02-05 12:49:55 +00:00
libffi
libffi: upgrade 3.4.6 -> 3.4.7
2025-02-18 22:53:44 +00:00
libfm
meta: use explicit uri for all sourceforge upstream version checks
2024-10-15 11:47:24 +01:00
libgcrypt
libgcrypt: upgrade 1.10.3 -> 1.11.0
2024-07-26 12:28:42 +01:00
libgit2
libgit2: update 1.8.4 -> 1.9.0
2025-01-10 11:26:29 +00:00
libgpg-error
libgpg-error: upgrade 1.50 -> 1.51
2024-11-27 14:58:48 +00:00
libical
libical: upgrade 3.0.19 -> 3.0.20
2025-03-17 22:38:32 +00:00
libjitterentropy
libjitterentropy: upgrade 3.6.1 -> 3.6.2
2025-03-19 11:49:45 +00:00
libksba
libksba: update 1.6.6 -> 1.6.7
2024-08-28 09:14:27 +01:00
libmd
libmd: upgrade 1.0.4 -> 1.1.0
2023-06-28 07:56:33 +01:00
libmicrohttpd
libmicrohttpd: upgrade 0.9.77 -> 1.0.1
2024-03-01 09:28:51 +00:00
libmpc
libnl
libnl: upgrade 3.10.0 -> 3.11.0
2024-11-18 22:09:02 +00:00
libpcre
libpcre2: upgrade 10.44 -> 10.45
2025-02-20 11:57:49 +00:00
libproxy
libproxy: upgrade 0.5.8 -> 0.5.9
2024-10-11 12:17:02 +01:00
libpsl
libpsl: upgrade 0.21.2 -> 0.21.5
2024-01-24 15:46:19 +00:00
libseccomp
libseccomp: Upgrade 2.5.5 -> 2.6
2025-02-05 13:00:45 +00:00
libsoup
libsoup-2.4: fix CVE-2025-32911
2025-05-01 14:22:54 +01:00
libssh2
libssh2: remove status for CVE-2023-48795
2024-12-09 15:23:28 +00:00
libunistring
libunistring: upgrade 1.2 -> 1.3
2024-10-29 11:19:57 +00:00
libunwind
libunwind: fix the build with GCC 15
2025-04-29 09:55:31 +01:00
liburcu
liburcu: update 0.15.0 -> 0.15.1
2025-03-06 11:16:47 +00:00
libusb
libusb1: upgrade 1.0.27 -> 1.0.28
2025-04-03 11:06:19 +01:00
libxslt
libxslt: upgrade 1.1.42 -> 1.1.43
2025-03-17 22:38:32 +00:00
libyaml
recipes: Drop remaining md5sum checksums
2025-05-01 14:22:53 +01:00
lz4
lz4: Disable static libraries again
2024-08-29 21:58:19 +01:00
lzo
recipes: Drop remaining md5sum checksums
2025-05-01 14:22:53 +01:00
lzop
recipes: Drop remaining md5sum checksums
2025-05-01 14:22:53 +01:00
mpfr
mpfr: upgrade 4.2.1 -> 4.2.2
2025-04-03 11:06:19 +01:00
nettle
nettle: Fix build with GCC-15
2025-03-27 11:19:03 +00:00
nghttp2
nghttp2: upgrade 1.64.0 -> 1.65.0
2025-03-06 11:16:47 +00:00
npth
npth: upgrade 1.7 -> 1.8
2024-11-27 14:58:48 +00:00
nss-myhostname
recipes: Drop remaining md5sum checksums
2025-05-01 14:22:53 +01:00
numactl
numactl: mark Fix-the-test-output-format.patch as Inappropriate
2025-04-10 11:05:34 +01:00
p11-kit
p11-kit: update 0.25.3 -> 0.25.5
2024-08-28 09:14:27 +01:00
pinentry
pinentry: upgrade 1.3.0 -> 1.3.1
2024-07-16 11:25:29 +01:00
popt
ptest-runner
ptest-runner: correct PV from 2.5.1 to 2.4.5.1
2024-10-29 12:07:03 +00:00
re2c
re2c: upgrade 4.0.2 -> 4.1
2025-03-06 11:16:47 +00:00
rng-tools
rng-tools: upgrade 6.16 -> 6.17
2024-06-25 11:50:58 +01:00
sass
libsass: fix fetched commit hash
2025-02-21 13:08:44 +00:00
serf
serf: mark patch as inappropriate for upstream submission
2024-04-25 10:10:15 +01:00
shared-mime-info
shared-mime-info: drop itstool-native from DEPENDS
2024-11-18 22:09:03 +00:00
sqlite
sqlite3: upgrade 3.47.2 -> 3.48.0
2025-03-20 11:29:03 +00:00
taglib
taglib: upgrade 2.0.1 -> 2.0.2
2024-09-04 12:38:44 +01:00
user-creation
recipes: Ensure S is set to a valid directory
2024-05-21 12:08:04 +01:00
utfcpp
utfcpp: update 4.0.5 -> 4.0.6
2024-12-05 17:07:10 +00:00
vim
vim: mark no-path-adjust.patch as Inappropriate
2025-04-10 11:05:34 +01:00
vte
meta/meta-selftest: Fix variable assignment whitespace
2025-02-01 13:42:34 +00:00
xxhash
xxhash: upgrade 0.8.2 -> 0.8.3
2025-01-03 10:51:27 +00:00