| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
Fixes stack overflow while handling recurring errors in Lua-stack
(From OE-Core rev: caad9d5f7184f0fa60fa7770e5d3da3f533647cb)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The .pc we install ourselves for lua has hardcoded /lib assumptions in it
which means in a multilib environment, full build paths end up in users
like rpm's configuration.
Fix the .pc file to use a correct includedir and libdir to resolve
those reproducibility issues.
(From OE-Core rev: 93bee5c74b8d181adf93de4b4101e25d24780603)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
singlevar in lparser.c in Lua through 5.4.4 lacks a certain luaK_exp2anyregup
call, leading to a heap-based buffer over-read that might affect a system that
compiles untrusted Lua code.
https://nvd.nist.gov/vuln/detail/CVE-2022-28805
(From OE-Core rev: d2ba3b8850d461bc7b773240cdf15b22b31a3f9e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From OE-Core rev: 734cdfddd2d2a0a0e3be2b577bd4175a2abd73e5)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
Backport the fix for CVE-2021-43396 ("C stack overflow with coroutines")
from upstream.
(From OE-Core rev: e74fb3f7a8171cc1293583241a9ef43a515a9320)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Drop three backports and 0001-Allow-building-lua-without-readline-on-Linux.patch
(feature added upstream, adjust the recipe accordingly).
Adjust ar/ranlib flags for reproducibility on liblua.a.
License-Update: lines moved around, formatting
(From OE-Core rev: c2cad5ecfbbcee99b3cbe71efeeac9a875b6e5ff)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Lua is a hard dependency in rpm 4.17.
(From OE-Core rev: b06a2ffb5ded807dbb30078d10740ec294732cad)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|