summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* wireshark: fix CVE-2023-6175dunfell-nextdunfellHitendra Prajapati13 days2-0/+247
| | | | | | | Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/3be1c99180a6fc48c34ae4bfc79bfd840b29ae3e Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* wireshark: Backport fix for CVE-2024-2955Ashish Sharma13 days2-0/+53
| | | | | | | Upstream-Status: Backport [https://gitlab.com/wireshark/wireshark/-/commit/6fd3af5e999c71df67c2cdcefb96d0dc4afa5341] Signed-off-by: Ashish Sharma <asharma@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* wireshark: Fix for CVE-2023-4511Vijay Anusuri13 days2-0/+82
| | | | | | | Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/ef9c79ae81b00a63aa8638076ec81dc9482972e9 Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* c-ares: Backport fix for CVE-2024-25629Ashish Sharma2024-04-022-0/+33
| | | | | | | | | | | | Upstream-Status: Backport [https://github.com/c-ares/c-ares/commit/a804c04ddc8245fc8adf0e92368709639125e183] References: https://nvd.nist.gov/vuln/detail/CVE-2024-25629 https://github.com/c-ares/c-ares/security/advisories/GHSA-mg26-v6qh-x48q https://security-tracker.debian.org/tracker/CVE-2024-25629 Signed-off-by: Ashish Sharma <asharma@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python3-cryptography: fix CVE-2024-26130 NULL pointer dereferenceHitendra Prajapati2024-04-022-0/+67
| | | | | | | Upstream-Status: Backport from https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55 Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* postgresql: Update to 12.18Matthias Schmitz2024-04-021-2/+2
| | | | | | | | | | | | | Minor security and bugfix release. Fixes CVE-2024-0985: PostgreSQL non-owner REFRESH MATERIALIZED VIEW CONCURRENTLY executes arbitrary SQL Additional information is available in the release notes: https://www.postgresql.org/docs/release/12.18/ Signed-off-by: Matthias Schmitz <matthias.schmitz@port4949.net> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python3-pillow: Fix for CVE-2023-50447Vijay Anusuri2024-03-034-0/+132
| | | | | | | | | | | | Upstream-Status: Backport [https://github.com/python-pillow/Pillow/commit/45c726fd4daa63236a8f3653530f297dc87b160a & https://github.com/python-pillow/Pillow/commit/0ca3c33c59927e1c7e0c14dbc1eea1dfb2431a80 & https://github.com/python-pillow/Pillow/commit/557ba59d13de919d04b3fd4cdef8634f7d4b3348] Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libuv: fix CVE-2024-24806Hugo SIMELIERE2024-03-033-1/+65
| | | | | | | | Upstream-Status: Backport[https://github.com/libuv/libuv/commit/0f2d7e784a256b54b2385043438848047bc2a629] Upstream-Status: Backport[https://github.com/libuv/libuv/commit/3530bcc30350d4a6ccf35d2f7b33e23292b9de70]> Signed-off-by: Hugo SIMELIERE <hsimeliere.opensource@witekio.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* squid: Backport fix for CVE-2023-50269Vijay Anusuri2024-03-032-0/+63
| | | | | | | | | | | | import patch from ubuntu to fix CVE-2023-50269 Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/squid/tree/debian/patches?h=ubuntu/focal-security&id=9ccd217ca9428c9a6597e9310a99552026b245fa Upstream commit https://github.com/squid-cache/squid/commit/9f7136105bff920413042a8806cc5de3f6086d6d] Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nodejs: Set CVE_PRODUCT to "node.js"virendra thakur2024-03-032-0/+4
| | | | | | | Set CVE_PRODUCT to 'node.js' for nodjs recipe Signed-off-by: virendra thakur <virendrak@kpit.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* squid: Fix for CVE-2023-49285 and CVE-2023-49286Vijay Anusuri2024-03-033-0/+124
| | | | | | | | | | Upstream-Status: Backport [https://github.com/squid-cache/squid/commit/77b3fb4df0f126784d5fd4967c28ed40eb8d521b & https://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264] Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* squid: backport Debian patch for CVE-2023-46728 and CVE-2023-46846Vijay Anusuri2024-03-034-0/+1934
| | | | | | | | | | | | | | | | | import patches from ubuntu to fix CVE-2023-46728 CVE-2023-46846 Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/squid/tree/debian/patches?h=ubuntu/focal-security&id=9ccd217ca9428c9a6597e9310a99552026b245fa Upstream commit https://github.com/squid-cache/squid/commit/6ea12e8fb590ac6959e9356a81aa3370576568c3 & https://github.com/squid-cache/squid/commit/417da4006cf5c97d44e74431b816fc58fec9e270 & https://github.com/squid-cache/squid/commit/05f6af2f4c85cc99323cfff6149c3d74af661b6d] Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* linuxptp: fix do_compile errorChangqing Li2024-03-032-0/+43
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | with make 4.4, linuxptp do_compile will failed with error: In file included from clock.c:35: missing.h:61:9: error: redeclaration of enumerator 'HWTSTAMP_TX_ONESTEP_P2P' 61 | HWTSTAMP_TX_ONESTEP_P2P = 3, | ^~~~~~~~~~~~~~~~~~~~~~~ In file included from clock.c:21: /buildarea2/WRLCD_Regression/Rerun/build_dir/11201532-build_scp_world_Feature_Test/qemux86-64-standard-std-OE/build/tmp-glibc/work/core2-64-wrs-linux/linuxptp/3.1.1-r0/recipe-sysroot/usr/include/linux/net_tstamp.h:128:9: note: previous definition of 'HWTSTAMP_TX_ONESTEP_P2P' with type 'enum hwtstamp_tx_types' 128 | HWTSTAMP_TX_ONESTEP_P2P, | Following change of make 4.4 changes behavior of shell function: * WARNING: Backward-incompatibility! Previously makefile variables marked as export were not exported to commands started by the $(shell ...) function. Now, all exported variables are exported to $(shell ...). Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Backport of commit 05c1003c4 ("linuxptp: fix do_compile error"). This is present in dunfell/kirkstone as well. If net_tstamp.h of the build host disagrees with net_tstamp.h of the OE kernel or I remove the build host's net_tstamp.h do_compile fails. Changed Upstream Status to Backport with the git sha as the commit is now applied upstream. Signed-off-by: Max Krummenacher <max.krummenacher@toradex.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* gdm: Add polkit to required distro featuresKhem Raj2024-03-031-1/+1
| | | | | | | | | | | | | | it depends on accountservice package which already needs this DISTRO_FEATURE Signed-off-by: Khem Raj <raj.khem@gmail.com> Cc: Andreas Müller <schnitzeltony@gmail.com> Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com> Backported from Honister (cherry-picked from commit e7251cf6ba5a61e09a02e4c7f5774498ef6c0916) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* openwsman: Change download branch from master to main.Wang Mingyu2024-03-031-1/+1
| | | | | | | | | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com> Backported from Kirkstone (cherry-picked from commit 84425db660a30570044e334509e174e5c92173ed) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* wireshark: Backport fix for CVE-2023-1992Ashish Sharma2024-03-032-0/+63
| | | | | | | | RPCoRDMA: Frame end cleanup for global write offsets Upstream-Status: Backport from [https://gitlab.com/colin.mcinnes/wireshark/-/commit/3c8be14c827f1587da3c2b3bb0d9c04faff57413] Signed-off-by: Ashish Sharma <asharma@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* wireshark: fix CVE-2024-0208 GVCP dissector crashHitendra Prajapati2024-03-032-0/+43
| | | | | | | Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/a8586fde3a6512466afb2a660538ef3fe712076b Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* apache2: upgrade 2.4.57 -> 2.4.58Hitendra Prajapati2024-03-033-175/+1
| | | | | | | | | | | | | | | | | | | | This upgrade incorporates the CVE-2023-31122, CVE-2023-43622 & CVE-2023-45802 fixes and other bugfixes. The "0011-modules-mappers-config9.m4-Add-server-directory-to-i.patch" and "CVE-2023-45802.patch" is no longer needed as it's included in this upgrade. Changelog: https://downloads.apache.org/httpd/CHANGES_2.4.58 References: https://httpd.apache.org/security/vulnerabilities_24.html https://security-tracker.debian.org/tracker/CVE-2023-31122 https://security-tracker.debian.org/tracker/CVE-2023-43622 https://security-tracker.debian.org/tracker/CVE-2023-45802 Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* postgresql: Update to 12.17Robert Joslyn2024-01-161-1/+1
| | | | | | | | | | | | | | Minor security and bugfix release. Addresses the following CVEs: CVE-2023-5868: Memory disclosure in aggregate function calls CVE-2023-5869: Buffer overrun from integer overflow in array modification CVE-2023-5870: Role pg_signal_backend can signal certain superuser processes Additional information is available in the release notes: https://www.postgresql.org/docs/release/12.17/ Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* proftpd: Fix CVE-2023-51713 Out-of-bounds buffer readHitendra Prajapati2024-01-162-0/+279
| | | | | | | Upstream-Status: Backport from https://github.com/proftpd/proftpd/commit/97bbe68363ccf2de0c07f67170ec64a8b4d62592 Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* opensc: Fix CVE-2023-40661virendra thakur2024-01-168-0/+245
| | | | | | | Upstream-Status: Backport[https://salsa.debian.org/opensc-team/opensc/-/commit/8026fb4ca0ed53d970c6c497252eb264d4192d50] Signed-off-by: virendra thakur <virendrak@kpit.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* opensc: Fix CVE-2023-40660virendra thakur2024-01-162-0/+56
| | | | | | | Upstream-Status: Backport [https://salsa.debian.org/opensc-team/opensc/-/commit/940e8bc764047c873f88bb1396933a5368d03533] Signed-off-by: virendra thakur <virendrak@kpit.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* strongswan: Backport fix for CVE-2023-41913Vijay Anusuri2024-01-162-0/+47
| | | | | | | | | Upstream-Status: Backport [https://download.strongswan.org/security/CVE-2023-41913/strongswan-5.3.0-5.9.6_charon_tkm_dh_len.patch] Reference: https://www.strongswan.org/blog/2023/11/20/strongswan-vulnerability-(cve-2023-41913).html Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* wireshark: fix CVE-2022-4345 multiple (BPv6, OpenFlow, and Kafka protocol) ↵vkumbhar2023-12-172-0/+53
| | | | | | | | | dissector infinite loops Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/39db474f80af87449ce0f034522dccc80ed4153f Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* squid: fix CVE-2023-46847 Denial of Service in HTTP Digest Authenticationvkumbhar2023-12-172-0/+48
| | | | | | | Upstream-Status: Backport from https://github.com/squid-cache/squid/commit/052cf082b0faaef4eaaa4e94119d7a1437aac4a3 Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* samba: fix CVE-2023-42669 denial of serviceHitendra Prajapati2023-12-172-0/+94
| | | | | | | Upstream-Status: Backport from https://www.samba.org/samba/ftp/patches/security/samba-4.17.12-security-2023-10-10.patch Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* apache2: Backport fix for CVE-2023-45802Ashish Sharma2023-12-172-0/+142
| | | | | | | | Upstream-Status: Backport from [https://github.com/apache/httpd/commit/decce82a706abd78dfc32821a03ad93841d7758a] CVE: CVE-2023-45802 Signed-off-by: Ashish Sharma <asharma@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nginx: Mitigate HTTP/2 Stream Resets Flood impactJasper Orschulko2023-12-173-0/+95
| | | | | | | | | | | | | | | | Reduces the impact of HTTP/2 Stream Reset flooding in the nginx product (CVE-2023-44487). See: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ This patch only reduces the impact and does not completely mitigate the CVE in question, the latter being due to a design flaw in the HTTP/2 protocol itself. For transparancy reasons I therefore opted to not mark the CVE as resolved, so that integrators can decide for themselves, wheither to enable HTTP/2 support or allow HTTP/1.1 connections only. Signed-off-by: Jasper Orschulko <jasper@fancydomain.eu> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* spirv-tools: Use main branch for all reposFrieder Schrempf2023-12-171-3/+3
| | | | | | | | The master branch has been removed in all of the repos used in SRC_URI. Switch to the main branch instead. Signed-off-by: Frieder Schrempf <frieder.schrempf@kontron.de> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* php: CVE-2022-4900 fix potential buffer overflowHitendra Prajapati2023-12-172-0/+49
| | | | | | | Upstream-Status: Backport from https://github.com/php/php-src/commit/789a37f14405e2d1a05a76c9fb4ed2d49d4580d5 Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* traceroute: upgrade 2.1.0 -> 2.1.3Vijay Anusuri2023-12-171-2/+1
| | | | | | | | | | | | | | | | | | This upgrade incorporates the CVE-2023-46316 fix and other bug fixes. Changelog: ---------- - Interpret ipv4-mapped ipv6 addresses (::ffff:A.B.C.D) as true ipv4. - Return back more robast poll(2) loop handling. - Fix unprivileged ICMP tracerouting with Linux kernel >= 6.1 (Eric Dumazet, SF bug #14) - Fix command line parsing in wrappers. References: https://security-tracker.debian.org/tracker/CVE-2023-46316 https://sourceforge.net/projects/traceroute/files/traceroute/traceroute-2.1.3/ Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* meta-python: Drop broken BBCLASSEXTEND variantsRichard Purdie2023-12-176-12/+0
| | | | | | | | | | | | | | | | | | | | | | | | The command "bitbake universe -c fetch" currently throws a ton of warnings as there are many 'impossible' dependencies. In some cases these variants may never have worked and were just added by copy and paste of recipes. In some cases they once clearly did work but became broken somewhere along the way. Users may also be carrying local bbappend files which add further BBCLASSEXTEND. Having universe fetch work without warnings is desireable so clean up the broken variants. Anyone actually needing something dropped here can propose adding it and the correct functional dependencies back quite easily. This also then ensures we're not carrying or fixing things nobody uses. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit d4aa17dc436beb96a804860bc6d18cf72283709e) Backport: * Adapted paths to follow PV changes * Adapted modified recipes to the ones generating warnings Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* meta-python-image,meta-python-ptest-image: Use python3 packagegroupsKhem Raj2023-12-172-3/+2
| | | | | | | | Signed-off-by: Khem Raj <raj.khem@gmail.com> Acked-by: Trevor Gamblin <trevor.gamblin@windriver.com> (cherry picked from commit e43a9898fc536d1d3bc726180d5c2afd15db0b19) Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python3-cson: fix run-time dependenciesBartosz Golaszewski2023-12-171-2/+1
| | | | | | | | | | | | Add the missing run-time dependency on python3-json. As a result we no longer need to pull python3 native and can drop other *DEPENDS. Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@linaro.org> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 40b4cf5a83098a5f1be873be5c29f26380bc7993) Backported: adapted to old override syntax Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* meta-perl: Drop broken BBCLASSEXTEND variantsRichard Purdie2023-12-175-9/+1
| | | | | | | | | | | | | | | | | | | | | | | | The command "bitbake universe -c fetch" currently throws a ton of warnings as there are many 'impossible' dependencies. In some cases these variants may never have worked and were just added by copy and paste of recipes. In some cases they once clearly did work but became broken somewhere along the way. Users may also be carrying local bbappend files which add further BBCLASSEXTEND. Having universe fetch work without warnings is desireable so clean up the broken variants. Anyone actually needing something dropped here can propose adding it and the correct functional dependencies back quite easily. This also then ensures we're not carrying or fixing things nobody uses. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 79e0a9d237343ad0af0a40128494155ccaa131ec) Backported: * Adapted paths to follow PV changes * Adapted modified recipes to the ones generating warnings Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* meta-oe: Drop broken BBCLASSEXTEND variantsRichard Purdie2023-12-178-21/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | The command "bitbake universe -c fetch" currently throws a ton of warnings as there are many 'impossible' dependencies. In some cases these variants may never have worked and were just added by copy and paste of recipes. In some cases they once clearly did work but became broken somewhere along the way. Users may also be carrying local bbappend files which add further BBCLASSEXTEND. Having universe fetch work without warnings is desireable so clean up the broken variants. Anyone actually needing something dropped here can propose adding it and the correct functional dependencies back quite easily. This also then ensures we're not carrying or fixing things nobody uses. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 9962d57f7c235873de0a0bb192b5f56747762fc7) Backport: * Updated paths to follow PV changes * Adapted modified recipes to the ones generating warnings * NB: cups-filter needs poppler-native but its not available. To fix this, 5fa0188b8c could be backported. Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* openflow: ignore CVE-2018-1078Davide Gardenal2023-12-171-0/+4
| | | | | | | | | | | | CVE-2018-1078 is not for openflow but in the NVD database the CVE is for a specific implementation that we don't have so we can ignore it. Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com> (cherry picked from commit c1e7b0b993c294d52737e8e631badb5aaaefd2e3) Backported: Changed CVE_CHECK_IGNORE to CVE_CHECK_WHITELIST Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* usrsctp: add CVE_VERSION to correctly check for CVEsDavide Gardenal2023-12-171-0/+2
| | | | | | | | | | | | | | The current version of usrsctp is not a release so cve-check is not able to find the product version. CVE_VERSION is now set to 0.9.3.0 that is the nearest version in the past starting from the revision we have. This is done because we don't have the complete 0.9.4.0 release. Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 279fce2c87c990c942bcb2b72ea83a67e0d74170) Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libusbmuxd: Add PVYoann Congal2023-12-171-0/+1
| | | | | | | This is 1.0.10 release with few more commits on top. Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* emlog: ignore inapplicable CVEsYoann Congal2023-12-171-0/+13
| | | | | | | | | | | | | | The CVEs: * CVE-2019-16868 * CVE-2019-17073 * CVE-2021-44584 * CVE-2022-1526 * CVE-2022-3968 * CVE-2023-43291 ... apply to the other "emlog" and can be safely ignored. Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* emlog: Add PVKhem Raj2023-12-171-1/+1
| | | | | | | | | This is 0.70 release with few more commits on top. Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 08edc0b6ace0d04688a5617cf05546a7b8ba6cca) Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* wireshark: Fix CVE-2022-0585-CVE-2023-2879Hitendra Prajapati2023-12-172-0/+94
| | | | | | | Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/8d3c2177793e900cfc7cfaac776a2807e4ea289f && https://gitlab.com/wireshark/wireshark/-/commit/118815ca7c9f82c1f83f8f64d9e0e54673f31677 Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* glmark2: fix compatibility with python-3.11Martin Jansa2023-11-122-2/+79
| | | | | Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* wireshark: Fix CVE-2023-3649Hitendra Prajapati2023-11-122-0/+232
| | | | | | | Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/75e0ffcb42f3816e5f2fdef12f3c9ae906130b0c Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libiio: use main branch instead of masterMartin Jansa2023-11-121-1/+1
| | | | | | | | * the branch was renamed upstream Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* grubby: Update branchname to match upstreamRichard Purdie2023-11-121-1/+1
| | | | | | | | meta-oe master already made this change along with others. Update the branchname to match upstream repository changes to allow fetching to continue to work. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ibus: Swith to use main branch instead of masterKhem Raj2023-11-121-1/+1
| | | | | | | | | | Upstream has switched to using main for tip of trunk, therefore follow it here in SRC_URI as well. Signed-off-by: Khem Raj <raj.khem@gmail.com> Suggested-by: Fabio Estevam <festevam@gmail.com> Reported-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libssh2: Backport fix for CVE-2020-22218Vijay Anusuri2023-10-212-0/+40
| | | | | | | | | | | Bug: https://github.com/libssh2/libssh2/pull/476 Upstream-Status: Backport [https://github.com/libssh2/libssh2/commit/642eec48ff3adfdb7a9e562b6d7fc865d1733f45 & https://github.com/libssh2/libssh2/commit/0b44e558f311671f6e6d14c559bc1c9bda59b8df] Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* php: Fix CVE-2023-3824Siddharth Doshi2023-09-302-0/+92
| | | | | | | Upstream-Status: Backport from [https://github.com/php/php-src/commit/80316123f3e9dcce8ac419bd9dd43546e2ccb5ef] CVE: CVE-2023-3824 Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* open-vm-tools: Security fix for CVE-2023-20900Priyal Doshi2023-09-302-0/+36
| | | | | | | Backport-from: https://github.com/vmware/open-vm-tools/commit/74b6d0d9000eda1a2c8f31c40c725fb0b8520b16 Signed-off-by: Priyal Doshi <pdoshi@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-08 23:08:44 +0000