3 files changed, 217 insertions, 0 deletions
diff --git a/meta/recipes-support/nghttp2/nghttp2/CVE-2024-28182-0001.patch b/meta/recipes-support/nghttp2/nghttp2/CVE-2024-28182-0001.patch
new file mode 100644
index 0000000000..e1d909b0d1
--- /dev/null
+++ b/meta/recipes-support/nghttp2/nghttp2/CVE-2024-28182-0001.patch
@@ -0,0 +1,110 @@
+From 00201ecd8f982da3b67d4f6868af72a1b03b14e0 Mon Sep 17 00:00:00 2001
+From: Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>
+Date: Sat, 9 Mar 2024 16:26:42 +0900
+Subject: [PATCH] Limit CONTINUATION frames following an incoming HEADER frame
+CVE: CVE-2024-28182
+Upstream-Status: Backport [https://github.com/nghttp2/nghttp2/commit/00201ecd8f982da3b67d4f6868af72a1b03b14e0]
+Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
+---
+ lib/includes/nghttp2/nghttp2.h |  7 ++++++-
+ lib/nghttp2_helper.c           |  2 ++
+ lib/nghttp2_session.c          |  7 +++++++
+ lib/nghttp2_session.h          | 10 ++++++++++
+ 4 files changed, 25 insertions(+), 1 deletion(-)
+diff --git a/lib/includes/nghttp2/nghttp2.h b/lib/includes/nghttp2/nghttp2.h
+index 2bd35f4..6cc8c0c 100644
+--- a/lib/includes/nghttp2/nghttp2.h
+++ b/lib/includes/nghttp2/nghttp2.h
+@@ -440,7 +440,12 @@ typedef enum {
+    * exhaustion on server side to send these frames forever and does
+    * not read network.
+    */
+-  NGHTTP2_ERR_FLOODED = -904
+  NGHTTP2_ERR_FLOODED = -904,
+  /**
+   * When a local endpoint receives too many CONTINUATION frames
+   * following a HEADER frame.
+   */
+  NGHTTP2_ERR_TOO_MANY_CONTINUATIONS = -905,
+ } nghttp2_error;
+ /**
+diff --git a/lib/nghttp2_helper.c b/lib/nghttp2_helper.c
+index 588e269..98989f6 100644
+--- a/lib/nghttp2_helper.c
+++ b/lib/nghttp2_helper.c
+@@ -336,6 +336,8 @@ const char *nghttp2_strerror(int error_code) {
+            "closed";
+   case NGHTTP2_ERR_TOO_MANY_SETTINGS:
+     return "SETTINGS frame contained more than the maximum allowed entries";
+  case NGHTTP2_ERR_TOO_MANY_CONTINUATIONS:
+    return "Too many CONTINUATION frames following a HEADER frame";
+   default:
+     return "Unknown error code";
+   }
+diff --git a/lib/nghttp2_session.c b/lib/nghttp2_session.c
+index 5c834fa..537127c 100644
+--- a/lib/nghttp2_session.c
+++ b/lib/nghttp2_session.c
+@@ -464,6 +464,7 @@ static int session_new(nghttp2_session **session_ptr,
+   (*session_ptr)->max_send_header_block_length = NGHTTP2_MAX_HEADERSLEN;
+   (*session_ptr)->max_outbound_ack = NGHTTP2_DEFAULT_MAX_OBQ_FLOOD_ITEM;
+   (*session_ptr)->max_settings = NGHTTP2_DEFAULT_MAX_SETTINGS;
+  (*session_ptr)->max_continuations = NGHTTP2_DEFAULT_MAX_CONTINUATIONS;
+   if (option) {
+     if ((option->opt_set_mask & NGHTTP2_OPT_NO_AUTO_WINDOW_UPDATE) &&
+@@ -6307,6 +6308,8 @@ ssize_t nghttp2_session_mem_recv(nghttp2_session *session, const uint8_t *in,
+           }
+         }
+         session_inbound_frame_reset(session);
+
+        session->num_continuations = 0;
+       }
+       break;
+     }
+@@ -6428,6 +6431,10 @@ ssize_t nghttp2_session_mem_recv(nghttp2_session *session, const uint8_t *in,
+       }
+ #endif /* DEBUGBUILD */
+      if (++session->num_continuations > session->max_continuations) {
+        return NGHTTP2_ERR_TOO_MANY_CONTINUATIONS;
+      }
+
+       readlen = inbound_frame_buf_read(iframe, in, last);
+       in += readlen;
+diff --git a/lib/nghttp2_session.h b/lib/nghttp2_session.h
+index 5f71a16..9a00b0e 100644
+--- a/lib/nghttp2_session.h
+++ b/lib/nghttp2_session.h
+@@ -107,6 +107,10 @@ typedef struct {
+ #define NGHTTP2_DEFAULT_STREAM_RESET_BURST 1000
+ #define NGHTTP2_DEFAULT_STREAM_RESET_RATE 33
+/* The default max number of CONTINUATION frames following an incoming
+   HEADER frame. */
+#define NGHTTP2_DEFAULT_MAX_CONTINUATIONS 8
+
+ /* Internal state when receiving incoming frame */
+ typedef enum {
+   /* Receiving frame header */
+@@ -279,6 +283,12 @@ struct nghttp2_session {
+   size_t max_send_header_block_length;
+   /* The maximum number of settings accepted per SETTINGS frame. */
+   size_t max_settings;
+  /* The maximum number of CONTINUATION frames following an incoming
+     HEADER frame. */
+  size_t max_continuations;
+  /* The number of CONTINUATION frames following an incoming HEADER
+     frame.  This variable is reset when END_HEADERS flag is seen. */
+  size_t num_continuations;
+   /* Next Stream ID. Made unsigned int to detect >= (1 << 31). */
+   uint32_t next_stream_id;
+   /* The last stream ID this session initiated.  For client session,
+--
+2.40.0
diff --git a/meta/recipes-support/nghttp2/nghttp2/CVE-2024-28182-0002.patch b/meta/recipes-support/nghttp2/nghttp2/CVE-2024-28182-0002.patch
new file mode 100644
index 0000000000..fee19465d5
--- /dev/null
+++ b/meta/recipes-support/nghttp2/nghttp2/CVE-2024-28182-0002.patch
@@ -0,0 +1,105 @@
+From d71a4668c6bead55805d18810d633fbb98315af9 Mon Sep 17 00:00:00 2001
+From: Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>
+Date: Sat, 9 Mar 2024 16:48:10 +0900
+Subject: [PATCH] Add nghttp2_option_set_max_continuations
+CVE: CVE-2024-28182
+Upstream-Status: Backport [https://github.com/nghttp2/nghttp2/commit/d71a4668c6bead55805d18810d633fbb98315af9]
+Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
+---
+ doc/Makefile.am                |  1 +
+ lib/includes/nghttp2/nghttp2.h | 11 +++++++++++
+ lib/nghttp2_option.c           |  5 +++++
+ lib/nghttp2_option.h           |  5 +++++
+ lib/nghttp2_session.c          |  4 ++++
+ 5 files changed, 26 insertions(+)
+diff --git a/doc/Makefile.am b/doc/Makefile.am
+index b9d5a2d..83cfdfd 100644
+--- a/doc/Makefile.am
+++ b/doc/Makefile.am
+@@ -70,6 +70,7 @@ APIDOCS= \
+        nghttp2_option_set_no_recv_client_magic.rst \
+        nghttp2_option_set_peer_max_concurrent_streams.rst \
+        nghttp2_option_set_user_recv_extension_type.rst \
+       nghttp2_option_set_max_continuations.rst \
+        nghttp2_option_set_max_outbound_ack.rst \
+        nghttp2_option_set_max_settings.rst \
+        nghttp2_option_set_stream_reset_rate_limit.rst \
+diff --git a/lib/includes/nghttp2/nghttp2.h b/lib/includes/nghttp2/nghttp2.h
+index 6cc8c0c..c77cca9 100644
+--- a/lib/includes/nghttp2/nghttp2.h
+++ b/lib/includes/nghttp2/nghttp2.h
+@@ -2724,6 +2724,17 @@ NGHTTP2_EXTERN void nghttp2_option_set_max_outbound_ack(nghttp2_option *option,
+ NGHTTP2_EXTERN void nghttp2_option_set_max_settings(nghttp2_option *option,
+                                                     size_t val);
+/**
+ * @function
+ *
+ * This function sets the maximum number of CONTINUATION frames
+ * following an incoming HEADER frame.  If more than those frames are
+ * received, the remote endpoint is considered to be misbehaving and
+ * session will be closed.  The default value is 8.
+ */
+NGHTTP2_EXTERN void nghttp2_option_set_max_continuations(nghttp2_option *option,
+                                                         size_t val);
+
+ /**
+  * @function
+  *
+diff --git a/lib/nghttp2_option.c b/lib/nghttp2_option.c
+index 0d9a404..f3659c1 100644
+--- a/lib/nghttp2_option.c
+++ b/lib/nghttp2_option.c
+@@ -133,3 +133,8 @@ void nghttp2_option_set_stream_reset_rate_limit(nghttp2_option *option,
+   option->stream_reset_burst = burst;
+   option->stream_reset_rate = rate;
+ }
+
+void nghttp2_option_set_max_continuations(nghttp2_option *option, size_t val) {
+  option->opt_set_mask |= NGHTTP2_OPT_MAX_CONTINUATIONS;
+  option->max_continuations = val;
+}
+diff --git a/lib/nghttp2_option.h b/lib/nghttp2_option.h
+index e6ba910..c1b48c7 100644
+--- a/lib/nghttp2_option.h
+++ b/lib/nghttp2_option.h
+@@ -69,6 +69,7 @@ typedef enum {
+   NGHTTP2_OPT_MAX_OUTBOUND_ACK = 1 << 11,
+   NGHTTP2_OPT_MAX_SETTINGS = 1 << 12,
+   NGHTTP2_OPT_STREAM_RESET_RATE_LIMIT = 1 << 15,
+  NGHTTP2_OPT_MAX_CONTINUATIONS = 1 << 16,
+ } nghttp2_option_flag;
+ /**
+@@ -96,6 +97,10 @@ struct nghttp2_option {
+    * NGHTTP2_OPT_MAX_SETTINGS
+    */
+   size_t max_settings;
+  /**
+   * NGHTTP2_OPT_MAX_CONTINUATIONS
+   */
+  size_t max_continuations;
+   /**
+    * Bitwise OR of nghttp2_option_flag to determine that which fields
+    * are specified.
+diff --git a/lib/nghttp2_session.c b/lib/nghttp2_session.c
+index 537127c..b390cd5 100644
+--- a/lib/nghttp2_session.c
+++ b/lib/nghttp2_session.c
+@@ -539,6 +539,10 @@ static int session_new(nghttp2_session **session_ptr,
+                            option->stream_reset_burst,
+                            option->stream_reset_rate);
+     }
+
+    if (option->opt_set_mask & NGHTTP2_OPT_MAX_CONTINUATIONS) {
+      (*session_ptr)->max_continuations = option->max_continuations;
+    }
+   }
+   rv = nghttp2_hd_deflate_init2(&(*session_ptr)->hd_deflater,
+--
+2.40.0
diff --git a/meta/recipes-support/nghttp2/nghttp2_1.47.0.bb b/meta/recipes-support/nghttp2/nghttp2_1.47.0.bb
index b67313b5c2..79b1cf95c5 100644
--- a/meta/recipes-support/nghttp2/nghttp2_1.47.0.bb
+++ b/meta/recipes-support/nghttp2/nghttp2_1.47.0.bb
@@ -11,6 +11,8 @@ SRC_URI = "\
    file://0001-fetch-ocsp-response-use-python3.patch \
    file://CVE-2023-35945.patch \
    file://CVE-2023-44487.patch \
+    file://CVE-2024-28182-0001.patch \
+    file://CVE-2024-28182-0002.patch \
 "
 SRC_URI[sha256sum] = "68271951324554c34501b85190f22f2221056db69f493afc3bbac8e7be21e7cc"

diff --git a/meta/recipes-support/nghttp2/nghttp2/CVE-2024-28182-0001.patch b/meta/recipes-support/nghttp2/nghttp2/CVE-2024-28182-0001.patch new file mode 100644 index 0000000000..e1d909b0d1 --- /dev/null +++ b/meta/recipes-support/nghttp2/nghttp2/CVE-2024-28182-0001.patch
@@ -0,0 +1,110 @@
		1	From 00201ecd8f982da3b67d4f6868af72a1b03b14e0 Mon Sep 17 00:00:00 2001
		2	From: Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>
		3	Date: Sat, 9 Mar 2024 16:26:42 +0900
		4	Subject: [PATCH] Limit CONTINUATION frames following an incoming HEADER frame
		5
		6	CVE: CVE-2024-28182
		7
		8	Upstream-Status: Backport [https://github.com/nghttp2/nghttp2/commit/00201ecd8f982da3b67d4f6868af72a1b03b14e0]
		9
		10	Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
		11	---
		12	lib/includes/nghttp2/nghttp2.h \| 7 ++++++-
		13	lib/nghttp2_helper.c \| 2 ++
		14	lib/nghttp2_session.c \| 7 +++++++
		15	lib/nghttp2_session.h \| 10 ++++++++++
		16	4 files changed, 25 insertions(+), 1 deletion(-)
		17
		18	diff --git a/lib/includes/nghttp2/nghttp2.h b/lib/includes/nghttp2/nghttp2.h
		19	index 2bd35f4..6cc8c0c 100644
		20	--- a/lib/includes/nghttp2/nghttp2.h
		21	+++ b/lib/includes/nghttp2/nghttp2.h
		22	@@ -440,7 +440,12 @@ typedef enum {
		23	* exhaustion on server side to send these frames forever and does
		24	* not read network.
		25	*/
		26	- NGHTTP2_ERR_FLOODED = -904
		27	+ NGHTTP2_ERR_FLOODED = -904,
		28	+ /**
		29	+ * When a local endpoint receives too many CONTINUATION frames
		30	+ * following a HEADER frame.
		31	+ */
		32	+ NGHTTP2_ERR_TOO_MANY_CONTINUATIONS = -905,
		33	} nghttp2_error;
		34
		35	/**
		36	diff --git a/lib/nghttp2_helper.c b/lib/nghttp2_helper.c
		37	index 588e269..98989f6 100644
		38	--- a/lib/nghttp2_helper.c
		39	+++ b/lib/nghttp2_helper.c
		40	@@ -336,6 +336,8 @@ const char *nghttp2_strerror(int error_code) {
		41	"closed";
		42	case NGHTTP2_ERR_TOO_MANY_SETTINGS:
		43	return "SETTINGS frame contained more than the maximum allowed entries";
		44	+ case NGHTTP2_ERR_TOO_MANY_CONTINUATIONS:
		45	+ return "Too many CONTINUATION frames following a HEADER frame";
		46	default:
		47	return "Unknown error code";
		48	}
		49	diff --git a/lib/nghttp2_session.c b/lib/nghttp2_session.c
		50	index 5c834fa..537127c 100644
		51	--- a/lib/nghttp2_session.c
		52	+++ b/lib/nghttp2_session.c
		53	@@ -464,6 +464,7 @@ static int session_new(nghttp2_session **session_ptr,
		54	(*session_ptr)->max_send_header_block_length = NGHTTP2_MAX_HEADERSLEN;
		55	(*session_ptr)->max_outbound_ack = NGHTTP2_DEFAULT_MAX_OBQ_FLOOD_ITEM;
		56	(*session_ptr)->max_settings = NGHTTP2_DEFAULT_MAX_SETTINGS;
		57	+ (*session_ptr)->max_continuations = NGHTTP2_DEFAULT_MAX_CONTINUATIONS;
		58
		59	if (option) {
		60	if ((option->opt_set_mask & NGHTTP2_OPT_NO_AUTO_WINDOW_UPDATE) &&
		61	@@ -6307,6 +6308,8 @@ ssize_t nghttp2_session_mem_recv(nghttp2_session session, const uint8_t in,
		62	}
		63	}
		64	session_inbound_frame_reset(session);
		65	+
		66	+ session->num_continuations = 0;
		67	}
		68	break;
		69	}
		70	@@ -6428,6 +6431,10 @@ ssize_t nghttp2_session_mem_recv(nghttp2_session session, const uint8_t in,
		71	}
		72	#endif /* DEBUGBUILD */
		73
		74	+ if (++session->num_continuations > session->max_continuations) {
		75	+ return NGHTTP2_ERR_TOO_MANY_CONTINUATIONS;
		76	+ }
		77	+
		78	readlen = inbound_frame_buf_read(iframe, in, last);
		79	in += readlen;
		80
		81	diff --git a/lib/nghttp2_session.h b/lib/nghttp2_session.h
		82	index 5f71a16..9a00b0e 100644
		83	--- a/lib/nghttp2_session.h
		84	+++ b/lib/nghttp2_session.h
		85	@@ -107,6 +107,10 @@ typedef struct {
		86	#define NGHTTP2_DEFAULT_STREAM_RESET_BURST 1000
		87	#define NGHTTP2_DEFAULT_STREAM_RESET_RATE 33
		88
		89	+/* The default max number of CONTINUATION frames following an incoming
		90	+ HEADER frame. */
		91	+#define NGHTTP2_DEFAULT_MAX_CONTINUATIONS 8
		92	+
		93	/* Internal state when receiving incoming frame */
		94	typedef enum {
		95	/* Receiving frame header */
		96	@@ -279,6 +283,12 @@ struct nghttp2_session {
		97	size_t max_send_header_block_length;
		98	/* The maximum number of settings accepted per SETTINGS frame. */
		99	size_t max_settings;
		100	+ /* The maximum number of CONTINUATION frames following an incoming
		101	+ HEADER frame. */
		102	+ size_t max_continuations;
		103	+ /* The number of CONTINUATION frames following an incoming HEADER
		104	+ frame. This variable is reset when END_HEADERS flag is seen. */
		105	+ size_t num_continuations;
		106	/* Next Stream ID. Made unsigned int to detect >= (1 << 31). */
		107	uint32_t next_stream_id;
		108	/* The last stream ID this session initiated. For client session,
		109	--
		110	2.40.0


diff --git a/meta/recipes-support/nghttp2/nghttp2/CVE-2024-28182-0002.patch b/meta/recipes-support/nghttp2/nghttp2/CVE-2024-28182-0002.patch new file mode 100644 index 0000000000..fee19465d5 --- /dev/null +++ b/meta/recipes-support/nghttp2/nghttp2/CVE-2024-28182-0002.patch
@@ -0,0 +1,105 @@
		1	From d71a4668c6bead55805d18810d633fbb98315af9 Mon Sep 17 00:00:00 2001
		2	From: Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>
		3	Date: Sat, 9 Mar 2024 16:48:10 +0900
		4	Subject: [PATCH] Add nghttp2_option_set_max_continuations
		5
		6	CVE: CVE-2024-28182
		7
		8	Upstream-Status: Backport [https://github.com/nghttp2/nghttp2/commit/d71a4668c6bead55805d18810d633fbb98315af9]
		9
		10	Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
		11	---
		12	doc/Makefile.am \| 1 +
		13	lib/includes/nghttp2/nghttp2.h \| 11 +++++++++++
		14	lib/nghttp2_option.c \| 5 +++++
		15	lib/nghttp2_option.h \| 5 +++++
		16	lib/nghttp2_session.c \| 4 ++++
		17	5 files changed, 26 insertions(+)
		18
		19	diff --git a/doc/Makefile.am b/doc/Makefile.am
		20	index b9d5a2d..83cfdfd 100644
		21	--- a/doc/Makefile.am
		22	+++ b/doc/Makefile.am
		23	@@ -70,6 +70,7 @@ APIDOCS= \
		24	nghttp2_option_set_no_recv_client_magic.rst \
		25	nghttp2_option_set_peer_max_concurrent_streams.rst \
		26	nghttp2_option_set_user_recv_extension_type.rst \
		27	+ nghttp2_option_set_max_continuations.rst \
		28	nghttp2_option_set_max_outbound_ack.rst \
		29	nghttp2_option_set_max_settings.rst \
		30	nghttp2_option_set_stream_reset_rate_limit.rst \
		31	diff --git a/lib/includes/nghttp2/nghttp2.h b/lib/includes/nghttp2/nghttp2.h
		32	index 6cc8c0c..c77cca9 100644
		33	--- a/lib/includes/nghttp2/nghttp2.h
		34	+++ b/lib/includes/nghttp2/nghttp2.h
		35	@@ -2724,6 +2724,17 @@ NGHTTP2_EXTERN void nghttp2_option_set_max_outbound_ack(nghttp2_option *option,
		36	NGHTTP2_EXTERN void nghttp2_option_set_max_settings(nghttp2_option *option,
		37	size_t val);
		38
		39	+/**
		40	+ * @function
		41	+ *
		42	+ * This function sets the maximum number of CONTINUATION frames
		43	+ * following an incoming HEADER frame. If more than those frames are
		44	+ * received, the remote endpoint is considered to be misbehaving and
		45	+ * session will be closed. The default value is 8.
		46	+ */
		47	+NGHTTP2_EXTERN void nghttp2_option_set_max_continuations(nghttp2_option *option,
		48	+ size_t val);
		49	+
		50	/**
		51	* @function
		52	*
		53	diff --git a/lib/nghttp2_option.c b/lib/nghttp2_option.c
		54	index 0d9a404..f3659c1 100644
		55	--- a/lib/nghttp2_option.c
		56	+++ b/lib/nghttp2_option.c
		57	@@ -133,3 +133,8 @@ void nghttp2_option_set_stream_reset_rate_limit(nghttp2_option *option,
		58	option->stream_reset_burst = burst;
		59	option->stream_reset_rate = rate;
		60	}
		61	+
		62	+void nghttp2_option_set_max_continuations(nghttp2_option *option, size_t val) {
		63	+ option->opt_set_mask \|= NGHTTP2_OPT_MAX_CONTINUATIONS;
		64	+ option->max_continuations = val;
		65	+}
		66	diff --git a/lib/nghttp2_option.h b/lib/nghttp2_option.h
		67	index e6ba910..c1b48c7 100644
		68	--- a/lib/nghttp2_option.h
		69	+++ b/lib/nghttp2_option.h
		70	@@ -69,6 +69,7 @@ typedef enum {
		71	NGHTTP2_OPT_MAX_OUTBOUND_ACK = 1 << 11,
		72	NGHTTP2_OPT_MAX_SETTINGS = 1 << 12,
		73	NGHTTP2_OPT_STREAM_RESET_RATE_LIMIT = 1 << 15,
		74	+ NGHTTP2_OPT_MAX_CONTINUATIONS = 1 << 16,
		75	} nghttp2_option_flag;
		76
		77	/**
		78	@@ -96,6 +97,10 @@ struct nghttp2_option {
		79	* NGHTTP2_OPT_MAX_SETTINGS
		80	*/
		81	size_t max_settings;
		82	+ /**
		83	+ * NGHTTP2_OPT_MAX_CONTINUATIONS
		84	+ */
		85	+ size_t max_continuations;
		86	/**
		87	* Bitwise OR of nghttp2_option_flag to determine that which fields
		88	* are specified.
		89	diff --git a/lib/nghttp2_session.c b/lib/nghttp2_session.c
		90	index 537127c..b390cd5 100644
		91	--- a/lib/nghttp2_session.c
		92	+++ b/lib/nghttp2_session.c
		93	@@ -539,6 +539,10 @@ static int session_new(nghttp2_session **session_ptr,
		94	option->stream_reset_burst,
		95	option->stream_reset_rate);
		96	}
		97	+
		98	+ if (option->opt_set_mask & NGHTTP2_OPT_MAX_CONTINUATIONS) {
		99	+ (*session_ptr)->max_continuations = option->max_continuations;
		100	+ }
		101	}
		102
		103	rv = nghttp2_hd_deflate_init2(&(*session_ptr)->hd_deflater,
		104	--
		105	2.40.0


diff --git a/meta/recipes-support/nghttp2/nghttp2_1.47.0.bb b/meta/recipes-support/nghttp2/nghttp2_1.47.0.bb index b67313b5c2..79b1cf95c5 100644 --- a/meta/recipes-support/nghttp2/nghttp2_1.47.0.bb +++ b/meta/recipes-support/nghttp2/nghttp2_1.47.0.bb
@@ -11,6 +11,8 @@ SRC_URI = "\
11	file://0001-fetch-ocsp-response-use-python3.patch \	11	file://0001-fetch-ocsp-response-use-python3.patch \
12	file://CVE-2023-35945.patch \	12	file://CVE-2023-35945.patch \
13	file://CVE-2023-44487.patch \	13	file://CVE-2023-44487.patch \
		14	file://CVE-2024-28182-0001.patch \
		15	file://CVE-2024-28182-0002.patch \
14	"	16	"
15	SRC_URI[sha256sum] = "68271951324554c34501b85190f22f2221056db69f493afc3bbac8e7be21e7cc"	17	SRC_URI[sha256sum] = "68271951324554c34501b85190f22f2221056db69f493afc3bbac8e7be21e7cc"
16		18