Hello everyone,
since the patch for CVE-2022-24765 (uncontrolled search for git repositories)
arrived we have problems using Git as package source. For some reason git
thinks that the repositories do not belong to the user who is invoking the
bitbake command, even though when checking the file permission manually they
seem to be correct:
"fatal: unsafe repository ('...' is owned by someone else)"
So is bitbake using some mechanism (e.g. fake root?) to invoke the git
commands? Is there a workaround to fix this?
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#164861):
https://lists.openembedded.org/g/openembedded-core/message/164861
Mute This Topic: https://lists.openembedded.org/mt/90703668/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
