Commmon distro layer for Enea Linux https://git.enea.com/cgit/linux/meta-el-common.git/atom?h=sumo 2018-04-03T12:14:50+00:00 2018-04-03T12:14:50+00:00 Sona Sarmadi sona.sarmadi@enea.com 2018-03-22T12:28:25+00:00 urn:sha1:e391ac7eb18379967c47e9444cc1313eb7dc4c98 When cve-check-tool is enabled, harfbuzz intermittently fails to build: ERROR: harfbuzz-1.4.8-r0 do_configure: autoreconf execution failed. This patch could solve this issue according to the mail conversation below: https://www.mail-archive.com/yocto@yoctoproject.org/msg36472.html Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com> 2018-03-01T09:42:05+00:00 Martin Borg martin.borg@enea.com 2018-03-01T09:39:47+00:00 urn:sha1:b6d4cd74cebeded8a49c06c6d7a52c32769f3ed8 The CVEs have been fixed in upstream poky/rocko. Signed-off-by: Martin Borg <martin.borg@enea.com> 2017-08-29T11:46:30+00:00 Sona Sarmadi sona.sarmadi@enea.com 2017-08-29T08:31:20+00:00 urn:sha1:bf4d84df078cb19f1702f42a94c873026aa72e1d FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c. References: ========== https://security-tracker.debian.org/tracker/CVE-2017-8105 Upstream patch: https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c48ee431bef8d4d466b40c9cb2d4dbcb7791 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>