| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
* as oe-core did in:
https://git.openembedded.org/openembedded-core/commit/?id=d4c346e8ab
* when people are have to maintain own PRs for recipes in oe-core, they
might add them for meta-oe recipes at the same time when upgrading
to next LTS
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
|
| |
CVE-2022-34568 affected
From (including) 1.2.1
Up to (including) 1.2.15
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
|
| |
- Try to add convert and apply statuses for old CVEs
- Drop some obsolete ignores, while they are not relevant for current
version
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
| |
CVE-2019-14906 is a Red Hat vulnerability and Yocto is not applicable.
So add it to the allowlist.
Signed-off-by: Hitomi Hasegawa <hasegawa-hitomi@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
| |
There is only one provider, these should not be virtual.
Signed-off-by: Andrew Davis <afd@ti.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
This is the result of automated script (0.9.1) conversion:
oe-core/scripts/contrib/convert-overrides.py .
converting the metadata to use ":" as the override character instead of "_".
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13616
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read
in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.
Upstream-Status: Backport [https://github.com/libsdl-org/SDL/commit/97fefd050976bbbfca9608499f6a7d9fb86e70db]
CVE: CVE-2019-13616
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Include the recipe from OE-Core along with some additional patches to
fix CVEs.
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|