<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/meta-openembedded.git/meta-oe/recipes-devtools/lua, branch dunfell</title>
<subtitle>Mirror of git.openembedded.org/meta-openembedded</subtitle>
<id>https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=dunfell</id>
<link rel='self' href='https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=dunfell'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/'/>
<updated>2022-08-02T13:59:38+00:00</updated>
<entry>
<title>meta-oe: Add leading whitespace for append operator</title>
<updated>2022-08-02T13:59:38+00:00</updated>
<author>
<name>Khem Raj</name>
<email>raj.khem@gmail.com</email>
</author>
<published>2020-11-14T16:31:33+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=f22bf6efaae61a8fd9272be64e7d75223c58922e'/>
<id>urn:sha1:f22bf6efaae61a8fd9272be64e7d75223c58922e</id>
<content type='text'>
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
(cherry picked from commit 92441f9d6a958c245a03f89ec44ef2c17dd6b0ee)
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>lua: fix CVE-2022-28805</title>
<updated>2022-05-26T02:34:39+00:00</updated>
<author>
<name>Steve Sakoman</name>
<email>steve@sakoman.com</email>
</author>
<published>2022-05-09T07:40:09+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=abd7cf838d51900ad445a26e501baeb51b4ef1e8'/>
<id>urn:sha1:abd7cf838d51900ad445a26e501baeb51b4ef1e8</id>
<content type='text'>
singlevar in lparser.c in Lua through 5.4.4 lacks a certain luaK_exp2anyregup
call, leading to a heap-based buffer over-read that might affect a system that
compiles untrusted Lua code.

https://nvd.nist.gov/vuln/detail/CVE-2022-28805

(From OE-Core rev: d2ba3b8850d461bc7b773240cdf15b22b31a3f9e)

Signed-off-by: Sana Kazi &lt;sana.kazi@kpit.com&gt;
Signed-off-by: Steve Sakoman &lt;steve@sakoman.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
(cherry picked from commit 91e14d3a8e6e67267047473f5c449f266b44f354)
Signed-off-by: Omkar Patil &lt;omkar.patil@kpit.com&gt;
Signed-off-by: Omkar Patil &lt;omkarpatil10.93@gmail.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>lua: update to 5.3.6</title>
<updated>2021-01-12T23:48:22+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster@mvista.com</email>
</author>
<published>2021-01-12T23:28:34+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=0d766834161339625ccd9f7c74b8f672aa030d3d'/>
<id>urn:sha1:0d766834161339625ccd9f7c74b8f672aa030d3d</id>
<content type='text'>
LIC_FILES_CHKSUM changed to do year updates

This is the last 5.3.x update. This will give us the best
starting point for doing Maintence moving forward.

Its a bug fix only update. See http://www.lua.org/work/diffs-lua-5.3.5-lua-5.3.6.html

Signed-off-by: Armin Kuster &lt;akuster@mvista.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>lua: fix CVE-2020-24371</title>
<updated>2021-01-12T23:06:01+00:00</updated>
<author>
<name>Wenlin Kang</name>
<email>wenlin.kang@windriver.com</email>
</author>
<published>2020-09-07T02:54:55+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=e43ecf32978226883271296c97fcbfa2fc1542d0'/>
<id>urn:sha1:e43ecf32978226883271296c97fcbfa2fc1542d0</id>
<content type='text'>
Source: openembedded.org
MR: 105165
Type: Security Fix
Disposition: Backport from https://git.openembedded.org/meta-openembedded gatesgarth
ChangeID: 747161877824daae061bc4fb458f55ab033f62f4
Description:

Fix CVE-2020-24371

Signed-off-by: Wenlin Kang &lt;wenlin.kang@windriver.com&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
Signed-off-by: Armin Kuster &lt;akuster@mvista.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>lua: fix CVE-2020-15945</title>
<updated>2021-01-12T23:06:01+00:00</updated>
<author>
<name>Wenlin Kang</name>
<email>wenlin.kang@windriver.com</email>
</author>
<published>2020-09-01T21:11:30+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=61922b26e0a7a36a9367590a82c3871feb855fc8'/>
<id>urn:sha1:61922b26e0a7a36a9367590a82c3871feb855fc8</id>
<content type='text'>
Source: openembedded.org
MR: 104897
Type: Security Fix
Disposition: Backport from https://git.openembedded.org/meta-openembedded gatesgarth
ChangeID: 6c43941d116bbb9f0d62ca5376da24ae03eb9eab
Description:

Fixes CVE-2020-15945

Backport with modifications to apply successfully.

Signed-off-by: Wenlin Kang &lt;wenlin.kang@windriver.com&gt;
Signed-off-by: Joe Slater &lt;joe.slater@windriver.com&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
Signed-off-by: Armin Kuster &lt;akuster@mvista.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>lua: Security Advisory - lua - CVE-2020-15888</title>
<updated>2020-07-31T04:29:08+00:00</updated>
<author>
<name>Yue Tao</name>
<email>Yue.Tao@windriver.com</email>
</author>
<published>2020-07-28T17:31:07+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=fae2b902613f0fda14f70cbb1eb4c41e7c0fc9a7'/>
<id>urn:sha1:fae2b902613f0fda14f70cbb1eb4c41e7c0fc9a7</id>
<content type='text'>
Backport fix from https://github.com/lua/lua.git.

Signed-off-by: Yue Tao &lt;Yue.Tao@windriver.com&gt;
Signed-off-by: Joe Slater &lt;joe.slater@windriver.com&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
(cherry picked from commit 698748c1538ed03efbcfdd936cf8317b4f138c29)
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>modify LUA_CPATH_DEFAULT for 64-bit architectures</title>
<updated>2020-04-16T18:40:40+00:00</updated>
<author>
<name>Haseeb Ashraf</name>
<email>haseeb_ashraf@mentor.com</email>
</author>
<published>2020-04-16T17:27:29+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=7c37f90893723f8c9432825c00e4ecbfab292ef5'/>
<id>urn:sha1:7c37f90893723f8c9432825c00e4ecbfab292ef5</id>
<content type='text'>
LUA_CPATH_DEFAULT for *.so files should include
LUA_ROOT/lib64/lua/LUA_VDIR not LUA_ROOT/lib/lua/LUA_VDIR

Signed-off-by: Haseeb Ashraf &lt;Haseeb_Ashraf@mentor.com&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
</content>
</entry>
<entry>
<title>lua: change a hard readline dependency into an optional one</title>
<updated>2019-10-11T04:58:10+00:00</updated>
<author>
<name>Alexander Kanavin</name>
<email>alex.kanavin@gmail.com</email>
</author>
<published>2019-10-10T11:20:25+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=54d9fe3e5f2c60c7da4ec7c019af927f1688c23d'/>
<id>urn:sha1:54d9fe3e5f2c60c7da4ec7c019af927f1688c23d</id>
<content type='text'>
This requires patching the source code, as readline is hardcoded
in there.

The rationale is to allow disabling the dependency on a gplv3
component (readline) where that license is blacklisted.

Signed-off-by: Alexander Kanavin &lt;alex.kanavin@gmail.com&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
</content>
</entry>
<entry>
<title>lua: upgrade from v5.3.4 to v5.3.5</title>
<updated>2019-04-11T18:30:35+00:00</updated>
<author>
<name>Hongzhi.Song</name>
<email>hongzhi.song@windriver.com</email>
</author>
<published>2019-04-11T06:13:42+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=be6481ca9f144708c8d6f741396be6e597eb8f18'/>
<id>urn:sha1:be6481ca9f144708c8d6f741396be6e597eb8f18</id>
<content type='text'>
The v5.3.5 release covers CVE-2019-6706 which is vulnerable.

Signed-off-by: Hongzhi.Song &lt;hongzhi.song@windriver.com&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
</content>
</entry>
<entry>
<title>Adding LUA to SDK</title>
<updated>2017-12-27T15:25:03+00:00</updated>
<author>
<name>Romain Forlot</name>
<email>romain.forlot@iot.bzh</email>
</author>
<published>2017-12-21T15:21:22+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=13c84c645b6126f0cb3d768e8934992f594a82ab'/>
<id>urn:sha1:13c84c645b6126f0cb3d768e8934992f594a82ab</id>
<content type='text'>
A project could need to have LUA in SDK, an example is
to compile LUA scripts which checks its syntax before embedded
them into a project compiled by Yocto.

Change-Id: I3c36acd58d45121c3344b5322244bdc0b12061b9
Signed-off-by: Romain Forlot &lt;romain.forlot@iot.bzh&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
</feed>
