summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/tar/tar_1.34.bb
AgeCommit message (Collapse)Author
2022-02-20meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX ↵Richard Purdie
license identifiers An automated conversion using scripts/contrib/convert-spdx-licenses.py to convert to use the standard SPDX license identifiers. Two recipes in meta-selftest were not converted as they're that way specifically for testing. A change in linux-firmware was also skipped and may need a more manual tweak. (From OE-Core rev: ceda3238cdbf1beb216ae9ddb242470d5dfc25e0) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-10-11tar: filter CVEs using vendor nameRalph Siemsen
Recently a number of CVEs have been logged against a nodejs project called "node-tar". These appear as false positives against the GNU tar being built by Yocto. Some of these have been manually excluded using CVE_CHECK_WHITELIST. To avoid this problem, use the vendor name (in addition to package name) for filtering CVEs. The syntax for this is: CVE_PRODUCT = "vendor:package" When not specified, the vendor defaults to "%" which matches anything. (From OE-Core rev: 45d1a0bea0c628f84a00d641a4d323491988106f) Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-09-16tar: ignore node-tar CVEsArmin Kuster
These three CVEs are specific to the Node package node-tar. exclude: CVE-2021-37701 CVE-2021-37712 CVE-2021-37713 (From OE-Core rev: 9f9317a02d73c1e5aea026683a037e52c996c7bb) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-09-10tar: add pkgconfig for selinuxMingli Yu
Add pkgconfig setting for selinux. (From OE-Core rev: 348ce6f8d5f5f3f598d01d8db55d575a972fe847) Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-08-16tar: ignore node-tar CVEsRoss Burton
These two CVEs are specific to the Node package node-tar. (From OE-Core rev: bc7216e8148d0dee7b56e6851da6615e93647a0a) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-08-02Convert to new override syntaxRichard Purdie
This is the result of automated script conversion: scripts/contrib/convert-overrides.py <oe-core directory> converting the metadata to use ":" as the override character instead of "_". (From OE-Core rev: 42344347be29f0997cc2f7636d9603b1fe1875ae) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-02-16tar: update to 1.34Oleksandr Kravchuk
(From OE-Core rev: 6dd51b6d2f2c7110d8c2755dadcdb04f60db7d83) Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>