sysmo-bts
/
generic-poky
9
0
Fork 0
Code Pull Requests Releases Activity
generic-poky/meta/recipes-extended
History
Li Wang cdb398935e cups - CVE-2011-2896 
the patch come from:
http://cups.org/strfiles/3867/str3867.patch

The LZW decompressor in the LWZReadByte function in giftoppm.c
in the David Koblas GIF decoder in PBMPLUS, as used in the
gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7,
the LZWReadByte function in plug-ins/common/file-gif-load.c
in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c
in XPCE in SWI-Prolog 5.10.4 and earlier, and other products,
does not properly handle code words that are absent from the
decompression table when encountered, which allows remote attackers to
trigger an infinite loop or a heap-based buffer overflow, and possibly
execute arbitrary code, via a crafted compressed stream, a related
issue to CVE-2006-1168 and CVE-2011-2895.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2896

[YOCTO #3582]
[ CQID: WIND00299595 ]
Upstream-Status: Backport

(From OE-Core rev: 0742b7aecaada435f90f39f26914906a5eb1fd4f)

Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 		2012-12-17 17:24:56 +00:00
..
at at: change initscript dependency from build time to runtime 2012-12-06 12:31:15 +00:00
augeas gettext,m4,augeas,gnutls: Account for removal of gets in eglibc 2.16 2012-07-17 10:54:00 +01:00
bash bash: fix mkbuiltins build failure 2012-11-14 15:58:08 +00:00
bc bc: cleanup update-alternatives deprecated code 2012-08-15 14:26:29 +01:00
blktool SRC_URI, S: use BPN instead of PN for multilib case 2011-08-04 15:04:30 +01:00
byacc byacc: update config.{sub, guess} before running configure 2012-09-20 13:33:50 +01:00
bzip2 recipes-extended: replace virtclass-native(sdk) with class-native(sdk) 2012-11-02 16:18:29 +00:00
chkconfig chkconfig: add link files install_initd and remove_initd 2012-12-06 12:31:02 +00:00
cpio cpio: Split RMT from cpio 2012-12-06 12:31:02 +00:00
cracklib cracklib: Upgrade to 2.8.19 2012-06-25 16:35:54 +01:00
cronie cronie: use variables instead of hardcoded paths 2012-08-06 15:18:48 +01:00
cups cups - CVE-2011-2896 2012-12-17 17:24:56 +00:00
cwautomacros More quoting fixes 2012-02-26 22:51:58 +00:00
diffutils diffutils: fix rebuilds 2012-10-25 17:50:19 +01:00
ed ed: upgrade to 1.6 2012-01-24 11:54:24 +00:00
ethtool ethtool: upgrade to 3.6 2012-12-06 12:31:09 +00:00
findutils findutils: cleanup update-alternatives deprecated code 2012-08-15 14:26:30 +01:00
foomatic foomatic-filters: upgrade to 4.0.17 2012-08-24 17:32:55 +01:00
gamin gamin: Fix glib 2.30 deprecation issues 2011-10-14 13:18:07 +01:00
gawk gawk: cleanup update-alternatives deprecated code 2012-08-15 14:26:36 +01:00
ghostscript ghostscript-native:fix host underlinking issues 2012-12-17 17:24:54 +00:00
gperf gperf: fix out-of-tree builds 2012-12-14 15:05:30 +00:00
grep grep: update to upstream version 2.14 2012-12-03 14:32:48 +00:00
groff recipes-extended: replace virtclass-native(sdk) with class-native(sdk) 2012-11-02 16:18:29 +00:00
gzip recipes-extended: replace virtclass-native(sdk) with class-native(sdk) 2012-11-02 16:18:29 +00:00
hdparm hdparm: cleanup update-alternatives deprecated code 2012-08-15 14:26:34 +01:00
images core-image-basic: tidy up 2012-09-04 12:53:02 +01:00
iptables iptables: upgrade to 1.4.15 2012-08-17 18:04:24 +01:00
iputils iputils: chmod in pkg_postinst are redundant 2012-08-24 17:32:57 +01:00
less less: Update to 456 2012-12-03 14:47:56 +00:00
libaio libaio: Remove QA warning: No GNU_HASH in the elf binary 2012-12-06 12:31:16 +00:00
libarchive libarchive: Remove obsolete comment and empty line at the end 2011-11-10 11:51:16 +00:00
libidn fix my typos in patch headers 2012-07-18 14:29:31 +01:00
libtirpc SRC_URI, S: use BPN instead of PN for multilib case 2011-08-04 15:04:30 +01:00
libuser libuser: enable python support 2012-12-13 15:18:42 +00:00
libzypp Replace "echo -e" with "printf" to have the same behavior in dash or bash 2012-09-20 13:33:50 +01:00
lighttpd lighttpd: upgrade to 1.4.32 2012-12-06 12:31:10 +00:00
logrotate upgrade logrotate: update the recipe 2012-03-19 14:37:36 +00:00
lsb lsbsetup: drop it 2012-11-24 15:12:30 +00:00
lsof lsof: upgrade to 4.86 2012-09-04 12:53:04 +01:00
ltp ltp: fix license segment md5sum boundary 2012-12-03 14:32:45 +00:00
mailx mailx: Add missing openssl DEPENDS and bump PR after openssl 1.0 2011-11-30 22:02:30 +00:00
man man: make man actually work by installing custom man.config 2012-08-15 14:26:42 +01:00
man-pages man-pages: Update to 3.44 2012-11-21 16:55:58 +00:00
mc mc: Update to 4.8.6 2012-11-21 16:55:58 +00:00
mdadm mdadm: upgrade to 3.2.6 2012-11-18 16:42:04 +00:00
mingetty mingetty: replace cflags hard-coded into Makefile 2012-11-24 15:12:34 +00:00
minicom minicom: fix build with automake 1.12 2012-05-25 11:17:59 +01:00
mktemp mktemp: cleanup update-alternatives deprecated code 2012-08-15 14:26:33 +01:00
msmtp msmtp: Update to 1.4.30 2012-12-03 14:47:56 +00:00
net-tools net-tools: fix license segment md5sum boundary 2012-12-03 14:32:45 +00:00
newt newt: enable python support 2012-12-17 17:24:53 +00:00
packagegroups packagegroup-core-basic: use VIRTUAL-RUNTIME_initscripts and VIRTUAL-RUNTIME_init_manager 2012-12-05 15:34:05 +00:00
pam PACKAGES_DYNAMIC: use regexp not glob 2012-10-19 18:02:26 +01:00
parted parted: update to version 3.1 2012-03-21 15:33:06 +00:00
pax misc patches: fix patch headers 2012-01-03 12:14:33 +00:00
perl libconvert-asn1-perl: upgrade to 0.26 2012-12-06 12:31:16 +00:00
pigz recipes-extended: replace virtclass-native(sdk) with class-native(sdk) 2012-11-02 16:18:29 +00:00
polkit polkit: remove license.html from LIC_FILES_CHKSUM 2012-10-30 11:06:37 +00:00
procps procps: pass CFLAGS to make 2012-11-24 15:12:34 +00:00
psmisc psmisc: Update to 22.20 2012-11-18 16:42:06 +00:00
quota quota 4.00: add DEPENDS gettext-native 2012-09-12 15:13:52 +01:00
rpcbind rpcbind: add and use startup script, move binaries 2012-06-08 11:43:18 +01:00
sat-solver package_rpm.bbclass: fix the arch (replace "-" with "_") 2012-09-10 13:01:45 +01:00
screen PR bump for all recipes that DEPEND on ncurses 2012-03-15 00:11:40 +00:00
sed sed: Fix gplv2 version to work with recent gettext 2012-10-19 14:06:10 +01:00
shadow shadow: add runtime dependency on base-passwd 2012-12-06 12:31:07 +00:00
slang slang: explicity disable invoking onig module 2012-12-03 13:52:05 +00:00
stat recipes-extended: replace virtclass-native(sdk) with class-native(sdk) 2012-11-02 16:18:29 +00:00
sudo sudo: use ${bindir} and ${sysconfdir} instead of /usr/bin and /etc 2012-08-06 15:18:47 +01:00
sysklogd sysklogd: fix update-rc.d handling 2012-10-18 12:13:48 +01:00
sysstat sysstat: Update to 10.1.2 2012-11-20 15:31:55 +00:00
tar tar: apply fedora patch for fortify sources sigabort 2012-12-13 15:18:45 +00:00
tcp-wrappers tcp-wrappers: refactor packages for staticdev 2012-01-24 11:54:20 +00:00
texi2html texi2html: Add check for directory existence 2012-10-18 12:13:45 +01:00
texinfo recipes-extended: replace virtclass-native(sdk) with class-native(sdk) 2012-11-02 16:18:29 +00:00
time time: cleanup update-alternatives deprecated code 2012-08-15 14:26:35 +01:00
tzcode tzdata/tzcode: Update tzdata to 2011n 2011-11-29 11:22:08 +00:00
tzdata tzdata: install /etc/localtime alongside /etc/timezone 2012-09-02 05:52:07 -07:00
unzip unzip: pay some attention to our CFLAGS 2012-11-24 15:12:35 +00:00
watchdog watchdog: fix SRC_URI _ -> - 2012-08-13 20:10:33 +01:00
wget wget: disable iri/idn support 2012-09-04 12:53:10 +01:00
which which: cleanup update-alternatives deprecated code 2012-08-15 14:26:33 +01:00
xdg-utils SRC_URI, S: use BPN instead of PN for multilib case 2011-08-04 15:04:30 +01:00
xinetd xinetd: use ${sbindir} and ${sysconfdir} instead of /usr/sbin and /etc 2012-08-06 15:18:47 +01:00
xz xz: update to 5.1.2alpha 2012-07-17 10:53:55 +01:00
zip zip: Remove QA warnings: No GNU_HASH in the elf binary 2012-12-06 12:31:17 +00:00
zypper zypper: Fix build on uclibc 2012-06-18 17:26:48 +01:00