Backported cve fixes for flex and gnutls. Also minor improvement to error handling in depexp.
- Jussi The following changes since commit b9d6a7cc234f44e44e5421191924b7463e9c0a9d: bitbake: main: Check bitbake server-only port is a number (2016-10-09 12:33:26 +0100) are available in the git repository at: git://git.yoctoproject.org/poky-contrib jku/m4-fixes http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=jku/m4-fixes Jussi Kukkonen (4): gnutls: Backport certificate check fix flex: Update upstream check uri flex: Backport buffer overflow fix depexp: Close UI with error message on NoProvider event bitbake/lib/bb/ui/depexp.py | 24 +++++++++ .../recipes-devtools/flex/flex/CVE-2016-6354.patch | 59 ++++++++++++++++++++++ meta/recipes-devtools/flex/flex_2.6.0.bb | 3 ++ .../gnutls/gnutls/CVE-2016-7444.patch | 35 +++++++++++++ meta/recipes-support/gnutls/gnutls_3.5.3.bb | 1 + 5 files changed, 122 insertions(+) create mode 100644 meta/recipes-devtools/flex/flex/CVE-2016-6354.patch create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2016-7444.patch -- 2.1.4 -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
