There is a fix in master for this, and more fixes in master-next.
Alex
On Tue, 26 Apr 2022 at 10:14, <dev-f...@t-online.de> wrote:
>
> Hello everyone,
> since the patch for CVE-2022-24765 (uncontrolled search for git repositories)
> arrived we have problems using Git as package source. For some reason git
> thinks that the repositories do not belong to the user who is invoking the
> bitbake command, even though when checking the file permission manually they
> seem to be correct:
>
> "fatal: unsafe repository ('...' is owned by someone else)"
>
> So is bitbake using some mechanism (e.g. fake root?) to invoke the git
> commands? Is there a workaround to fix this?
>
>
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#164862):
https://lists.openembedded.org/g/openembedded-core/message/164862
Mute This Topic: https://lists.openembedded.org/mt/90703668/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
