summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/dmidecode/dmidecode_3.3.bb
Commit message (Collapse)AuthorAgeFilesLines
* dmidecode: fixup for CVE-2023-30630Adrian Freihofer2023-08-191-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | The previous CVE-2023-30630_1.patch picked only the patch "dmidecode: Write the whole dump file at once" d8cfbc808f. But there was a refactoring which does not allow to cherry-pick it fast forward. Resolving this conflict was not correctly done. The patch was: + u32 len; + u8 *table; ... - if (!(opt.flags & FLAG_QUIET)) - pr_comment("Writing %d bytes to %s.", crafted[0x05], - opt.dumpfile); - write_dump(0, crafted[0x05], crafted, opt.dumpfile, 1); + dmi_table_dump(crafted, crafted[0x05], table, len); It looks like the variables len and table have been added without initialization. Now this problem is solved by applying the previous refactoring as well. Patch 1 gets replaced by Patch 1a and Patch 1b. Patch 2..4 are rebased without changes. (From OE-Core rev: ea069a94a213cc153528aebfc387f30215566cc7) Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* dmidecode: fix CVE-2023-30630Yogita Urade2023-08-021-0/+4
| | | | | | | | | | | | | | | | | | | | | Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. References: https://nvd.nist.gov/vuln/detail/CVE-2023-30630 https://lists.nongnu.org/archive/html/dmidecode-devel/2023-04/msg00016.html https://lists.nongnu.org/archive/html/dmidecode-devel/2023-04/msg00017.html Backport: fixes fuzz in the CVE-2023-30630_2.patch in kirkstone (From OE-Core rev: 4f83427a0a01e8285c9eb42d2a635d1ff7b23779) Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> (cherry picked from commit f92e59a0894145a828dc9ac74bf8c7a9355e0587) Signed-off-by: Dhairya Nagodra <dnagodra@cisco.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX ↵Richard Purdie2022-02-201-1/+1
| | | | | | | | | | | | | license identifiers An automated conversion using scripts/contrib/convert-spdx-licenses.py to convert to use the standard SPDX license identifiers. Two recipes in meta-selftest were not converted as they're that way specifically for testing. A change in linux-firmware was also skipped and may need a more manual tweak. (From OE-Core rev: ceda3238cdbf1beb216ae9ddb242470d5dfc25e0) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta/recipes-devtools: Add HOMEPAGE / DESCRIPTIONDorinda2021-02-261-0/+1
| | | | | | | | | | | Added HOMEPAGE and DESCRIPTION for recipes with missing decriptions or homepage [YOCTO #13471] (From OE-Core rev: bb05814335e7101bfd8df0a11dc18a044e867bed) Signed-off-by: Dorinda Bassey <dorindabassey@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dmidecode: upgrade 3.2 -> 3.3Alexander Kanavin2020-11-031-0/+23
(From OE-Core rev: 528790d8a79f9d7234c877ff07c12f53057b6d20) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-08-07 10:11:44 +0000