summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity
Commit message (Collapse)AuthorAgeFilesLines
* openssh: CVE-2016-0777 and CVE-2016-0778Sona Sarmadi2016-01-222-1/+59
| | | | | | | | | | | | | | | | | | | | Fixes following CVEs: CVE-2016-0777 OpenSSH: Client Information leak due to use of roaming connection feature CVE-2016-0778 OpenSSH: Client buffer-overflow when using roaming connections References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0778 Backported from: http://git.yoctoproject.org/cgit/cgit.cgi/poky/patch/ ?id=9845a542a76156adb5aef6fd33ad5bc5777acf64 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* bind: CVE-2015-8704Sona Sarmadi2016-01-222-0/+49
| | | | | | | | | | | | | A buffer size check used to guard against overflow could cause named to exit with an INSIST failure In apl_42.c. References: https://kb.isc.org/article/AA-01335 https://kb.isc.org/article/AA-00913 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8704 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* initial commit for Enea Linux 5.0-ppcAdrian Dudau2016-01-155-69/+62
| | | | Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* bind: CVE-2015-8000Sona Sarmadi2015-12-212-0/+195
| | | | | | | | | | | | | | | | | | Fixes a denial of service in BIND. An error in the parsing of incoming responses allows some records with an incorrect class to be accepted by BIND instead of being rejected as malformed. This can trigger a REQUIRE assertion failure when those records are subsequently cached. References: http://www.openwall.com/lists/oss-security/2015/12/15/14 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8000 https://bugzilla.redhat.com/attachment.cgi?id=1105581 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Huimin She <huimin.she@enea.com>
* openssl: CVE-2015-3194, CVE-2015-3195Sona Sarmadi2015-12-143-0/+96
| | | | | | | | | | | | | Fixes following vulnerabilities: Certificate verify crash with missing PSS parameter (CVE-2015-3194) X509_ATTRIBUTE memory leak (CVE-2015-3195) References: https://openssl.org/news/secadv/20151203.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3195 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* bind: CVE-2015-1349 CVE-2015-4620 CVE-2015-5722Armin Kuster2015-11-124-0/+589
| | | | | | | | | | three security fixes. (From OE-Core rev: d3af844b05e566c2188fc3145e66a9826fed0ec8) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* initial commit for Enea Linux 5.0 armTudor Florea2015-10-09221-0/+18102
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-04-23 20:40:44 +0000