OpkgPM: use --add-ignore-recommends to process BAD_RECOMMENDATIONS
Currently, BAD_RECOMMENDATIONS on the opkg backed relies on editing the opkg status file (it sets BAD_RECOMMENDATIONS pkg want state to deinstalled and pinned). This is brittle, and not consistent...
View Articlelibsdl: CVE fixes
Fixes CVE-2019-7572, CVE-2019-7574, CVE-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7637, CVE-2019-7638. (From OE-Core rev:...
View Articlegstreamer1.0-plugins-base: fix CVE-2019-9928
(From OE-Core rev: 276567b6a8e4b21dc978b352b5c715d6381867b1) Signed-off-by: Anuj Mittal Signed-off-by: Richard Purdie (From OE-Core rev: 276567b6a8e4b21dc978b352b5c715d6381867b1) Signed-off-by: Anuj...
View Articlelibarchive: integrate security fixes
Fix the following CVEs by backporting patches from upstream: - CVE-2019-1000019 - CVE-2019-1000020 - CVE-2018-1000877 - CVE-2018-1000878 - CVE-2018-1000879 - CVE-2018-1000880 (From OE-Core rev:...
View Articlebzip2: fix CVE-2019-12900
Also include a patch to fix regression caused by it. See: https://gitlab.com/federicomenaquintero/bzip2/issues/24 (From OE-Core rev: 7c0b2d228f51aebb4415e63a07bdd645e85b09d8) Signed-off-by: Anuj...
View Articleghostscript: Fix 3 CVEs
It was discovered that the ghostscript /invalidaccess checks fail under certain conditions. An attacker could possibly exploit this to bypass the -dSAFER protection and, for example, execute arbitrary...
View Articlelibcroco: fix CVE-2017-7961
(From OE-Core rev: 480f15850820746cecdfe0b8450b2be484c1f8f9) (From OE-Core rev: f5cf064b3c138c8a6591d34f40253e10a6f01a14) Signed-off-by: Ross Burton Signed-off-by: Richard Purdie (From OE-Core rev:...
View Articleexpat: fix CVE-2018-20843
(From OE-Core rev: aad245ea1c55f8e778ae3420c5c31e94301e7cba) Signed-off-by: Anuj Mittal Signed-off-by: Richard Purdie (From OE-Core rev: aad245ea1c55f8e778ae3420c5c31e94301e7cba) Signed-off-by: Anuj...
View Articlepoky.conf: Bump version for 2.6.3 thud release
(From meta-yocto rev: 9a1d9fd77e2dd2d324654755633e143ef7730dc5) Signed-off-by: Richard Purdie (From meta-yocto rev: 9a1d9fd77e2dd2d324654755633e143ef7730dc5) Signed-off-by: Richard Purdie
View Articlebuild-appliance-image: Update to thud head revision
(From OE-Core rev: d3d3f443039b03f1200a14bfe99f985592632018) Signed-off-by: Richard Purdie (From OE-Core rev: d3d3f443039b03f1200a14bfe99f985592632018) Signed-off-by: Richard Purdie
View Article
