<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/poky.git/meta/recipes-extended, branch honister</title>
<subtitle>Mirror of git.yoctoproject.org/poky</subtitle>
<id>https://git.enea.com/cgit/linux/poky.git/atom?h=honister</id>
<link rel='self' href='https://git.enea.com/cgit/linux/poky.git/atom?h=honister'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/'/>
<updated>2022-04-27T23:14:00+00:00</updated>
<entry>
<title>shadow-native: Simplify and fix syslog disable patch</title>
<updated>2022-04-27T23:14:00+00:00</updated>
<author>
<name>Richard Purdie</name>
<email>richard.purdie@linuxfoundation.org</email>
</author>
<published>2022-04-20T11:54:23+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=ef827a4a5d3a677aeaf85c24253df5dd966dc565'/>
<id>urn:sha1:ef827a4a5d3a677aeaf85c24253df5dd966dc565</id>
<content type='text'>
Shadow is happily spamming the host syslog with messages and shouldn't be
which suggests the patch isn't working. Redo it to work at the configure
level which is simpler and hopefully more effective.

This is a squashed cherry-pick of commit 8f181686 (shadow-native:
Simplify and fix syslog disable patch) and commit e1f21d0d (shadow:
Disable the use of syslog() for the native tools).

(From OE-Core rev: d411ea3114cde55ae68a2d437e854c5b17f78131)

Signed-off-by: Peter Kjellerstedt &lt;peter.kjellerstedt@axis.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
Signed-off-by: Anuj Mittal &lt;anuj.mittal@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>xz: fix CVE-2022-1271</title>
<updated>2022-04-22T15:12:18+00:00</updated>
<author>
<name>Ralph Siemsen</name>
<email>ralph.siemsen@linaro.org</email>
</author>
<published>2022-04-09T02:16:33+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=b19991bf95a98985210b5101b313b5ac598226b9'/>
<id>urn:sha1:b19991bf95a98985210b5101b313b5ac598226b9</id>
<content type='text'>
Malicious filenames can make xzgrep to write to arbitrary files
or (with a GNU sed extension) lead to arbitrary code execution.

Upstream-Status: Backport [https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch]
CVE: CVE-2022-1271

(From OE-Core rev: dd6239a0f6173115968278cfd58a5efa228aee7d)

Signed-off-by: Ralph Siemsen &lt;ralph.siemsen@linaro.org&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
(cherry picked from commit 97bf86ccde4417daec8ef3945071a50a09134bc6)
Signed-off-by: Anuj Mittal &lt;anuj.mittal@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>unzip: fix CVE-2021-4217</title>
<updated>2022-04-22T15:12:18+00:00</updated>
<author>
<name>Joe Slater</name>
<email>joe.slater@windriver.com</email>
</author>
<published>2022-03-31T18:42:30+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=0f139080f62a9c684f6c621032e3bb4ec2a5fb29'/>
<id>urn:sha1:0f139080f62a9c684f6c621032e3bb4ec2a5fb29</id>
<content type='text'>
Avoid a null pointer dereference.

(From OE-Core rev: 57b608a3c37d24b2d407b178b16136c1ff65b2c4)

Signed-off-by: Joe Slater &lt;joe.slater@windriver.com&gt;
Signed-off-by: Alexandre Belloni &lt;alexandre.belloni@bootlin.com&gt;
(cherry picked from commit 36db85b9b127e5a9f5d3d6e428168cf597ab95f3)
Signed-off-by: Anuj Mittal &lt;anuj.mittal@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>ghostscript: fix CVE-2021-3781</title>
<updated>2022-03-22T22:18:56+00:00</updated>
<author>
<name>Chee Yang Lee</name>
<email>chee.yang.lee@intel.com</email>
</author>
<published>2022-03-17T07:32:44+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=984de2b68a0e95abbad1c99e55f4fcf77088544a'/>
<id>urn:sha1:984de2b68a0e95abbad1c99e55f4fcf77088544a</id>
<content type='text'>
(From OE-Core rev: c9c5254345249b8a2c53e80cec3c469ca6fc1099)

Signed-off-by: Chee Yang Lee &lt;chee.yang.lee@intel.com&gt;
Signed-off-by: Anuj Mittal &lt;anuj.mittal@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>asciidoc: update git repository</title>
<updated>2022-03-10T16:39:50+00:00</updated>
<author>
<name>Ross Burton</name>
<email>ross@burtonini.com</email>
</author>
<published>2022-03-04T17:14:06+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=7a15c6e2a8d4f636f411bb3f4f00372e451c4982'/>
<id>urn:sha1:7a15c6e2a8d4f636f411bb3f4f00372e451c4982</id>
<content type='text'>
The asciidoc-py3 repository has been renamed to asciidoc-py.

(From OE-Core rev: 16215377a33f7ebcce3c48bc31c83f8c512d9f49)

Signed-off-by: Ross Burton &lt;ross.burton@arm.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
(cherry picked from commit f78dd3f4c5f0cd738783e75f3796e1da2a2a2ba1)
Signed-off-by: Anuj Mittal &lt;anuj.mittal@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>cups: Add --with-dbusdir to EXTRA_OECONF for deterministic build</title>
<updated>2022-03-10T16:39:50+00:00</updated>
<author>
<name>Robert Yang</name>
<email>liezhi.yang@windriver.com</email>
</author>
<published>2022-03-02T07:12:58+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=53f3bf5b78585edded8f0784e04ab0a0357de5f4'/>
<id>urn:sha1:53f3bf5b78585edded8f0784e04ab0a0357de5f4</id>
<content type='text'>
The configure checks /etc/dbus-1 and set DBUSDIR is null:
        if test -d /etc/dbus-1 -a "x$DBUSDIR" = x; then
            DBUSDIR="/etc/dbus-1"
        fi

So that the build resutl would be different w/o /etc/dbus-1:

/etc/dbus-1/system.d/cups.conf (Only exists when DBUSDIR is set)

Add --with-dbusdir to EXTRA_OECONF to fix the issue

(From OE-Core rev: a5adc91b6cebf7a006805e01fcf20ca4cb9a9a6a)

Signed-off-by: Robert Yang &lt;liezhi.yang@windriver.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
(cherry picked from commit 0e4b2464138601c4c20882c001ef11eef5100395)
Signed-off-by: Anuj Mittal &lt;anuj.mittal@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>zip: modify when match.S is built</title>
<updated>2022-03-10T16:39:50+00:00</updated>
<author>
<name>Joe Slater</name>
<email>joe.slater@windriver.com</email>
</author>
<published>2022-02-25T15:48:08+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=47d66569d7ff29cc6a801a63141c8bc2d0c4b928'/>
<id>urn:sha1:47d66569d7ff29cc6a801a63141c8bc2d0c4b928</id>
<content type='text'>
Use the correct $CPP to test if *.S are buildable,
but do not build match.S because it is not PIC code.

(From OE-Core rev: 1c80e0bf1cd8ed171b6ec029d41bc923f1104a7b)

Signed-off-by: Joe Slater &lt;joe.slater@windriver.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
(cherry picked from commit 58b16da805b774465f15c8bee59f8361a47ccd4e)
Signed-off-by: Anuj Mittal &lt;anuj.mittal@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>ghostscript: fix CVE-2021-45949</title>
<updated>2022-03-10T16:39:50+00:00</updated>
<author>
<name>Lee Chee Yang</name>
<email>chee.yang.lee@intel.com</email>
</author>
<published>2022-02-25T07:09:52+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=5a89035cf7a8f3e7b9a4b76cbb703667e3150f15'/>
<id>urn:sha1:5a89035cf7a8f3e7b9a4b76cbb703667e3150f15</id>
<content type='text'>
(From OE-Core rev: aebdb079eba5426253c5709e1ea20b97a302b556)

Signed-off-by: Lee Chee Yang &lt;chee.yang.lee@intel.com&gt;
Signed-off-by: Anuj Mittal &lt;anuj.mittal@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>libarchive : update to 3.5.3</title>
<updated>2022-03-10T16:39:50+00:00</updated>
<author>
<name>Lee Chee Yang</name>
<email>chee.yang.lee@intel.com</email>
</author>
<published>2022-02-24T06:28:56+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=2cdb01ee20ec8ec2da522c8951325a3b2bd4d592'/>
<id>urn:sha1:2cdb01ee20ec8ec2da522c8951325a3b2bd4d592</id>
<content type='text'>
Libarchive 3.5.3 is a security release

Security Fixes:

extended fix for following symlinks when processing the fixup list (#1566, #1617, CVE-2021-31566)
fix invalid memory access and out of bounds read in RAR5 reader (#1491, #1492, #1493, CVE-2021-36976)

(From OE-Core rev: 4f4a32a7f9ab3306f0de26bedf6b77f3aba86cf4)

Signed-off-by: Lee Chee Yang &lt;chee.yang.lee@intel.com&gt;
Signed-off-by: Anuj Mittal &lt;anuj.mittal@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>libarchive: upgrade 3.5.1 -&gt; 3.5.2</title>
<updated>2022-03-10T16:39:50+00:00</updated>
<author>
<name>Alexander Kanavin</name>
<email>alex.kanavin@gmail.com</email>
</author>
<published>2022-02-24T06:28:55+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=bf42579bd3cd0d124b6aa1039568733d799b7c9e'/>
<id>urn:sha1:bf42579bd3cd0d124b6aa1039568733d799b7c9e</id>
<content type='text'>
(From OE-Core rev: f8f39cd5757907d50444203e0e6e2c5ed0a47152)

(From OE-Core rev: d2e9f293a719cd612c667877735d1de08454e3ac)

Signed-off-by: Alexander Kanavin &lt;alex.kanavin@gmail.com&gt;
Signed-off-by: Alexandre Belloni &lt;alexandre.belloni@bootlin.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
Signed-off-by: Lee Chee Yang &lt;chee.yang.lee@intel.com&gt;
Signed-off-by: Anuj Mittal &lt;anuj.mittal@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
</feed>
