summaryrefslogtreecommitdiffstats
path: root/meta/recipes-support
Commit message (Collapse)AuthorAgeFilesLines
* libpcre: Upgrade to libpcre 8.38Sona Sarmadi2016-03-231-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The upgrade (libpcre_8.35 to libpcre_8.38) addresses following vulnerabilities: CVE-2015-3210 pcre: heap buffer overflow in pcre_compile2() / compile_regex() CVE-2015-3217 pcre: stack overflow in match() CVE-2015-5073 CVE-2015-8388 pcre: Buffer overflow caused by certain patterns with an unmatched closing parenthesis CVE-2015-8380 pcre: Heap-based buffer overflow in pcre_exec CVE-2015-8381 pcre: Heap Overflow in compile_regex() CVE-2015-8383 pcre: Buffer overflow caused by repeated conditional group CVE-2015-8384 pcre: Buffer overflow caused by recursive back reference by name within certain group CVE-2015-8385 pcre: Buffer overflow caused by forward reference by name to certain group CVE-2015-8386 pcre: Buffer overflow caused by lookbehind assertion CVE-2015-8387 pcre: Integer overflow in subroutine calls CVE-2015-8389 pcre: Infinite recursion in JIT compiler when processing certain patterns CVE-2015-8390 pcre: Reading from uninitialized memory when processing certain patterns CVE-2015-8392 pcre: Buffer overflow caused by certain patterns with duplicated named groups CVE-2015-8393 pcre: Information leak when running pcgrep -q on crafted binary CVE-2015-8394 pcre: Integer overflow caused by missing check for certain conditions CVE-2015-8395 pcre: Buffer overflow caused by certain references CVE-2016-1283 pcre: Heap buffer overflow in pcre_compile2 causes DoS References: http://www.pcre.org/original/changelog.txt http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?h=jethro&id=049be17b533d7c592dae8e0f33ddbae54639a776 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* gnutls: CVE-2015-6251Sona Sarmadi2016-01-222-0/+28
| | | | | | | | | | | | | | | | | Fixes double free flaw in certificate DN decoding. (Add back the patch inappropriately removed) References: http://www.gnutls.org/security.html#GNUTLS-SA-2015-3 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-6251 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6251 Upstream fix: https://gitlab.com/gnutls/gnutls/commit/ 272854367efc130fbd4f1a51840d80c630214e12 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* initial commit for Enea Linux 5.0-ppcAdrian Dudau2016-01-152-28/+0
| | | | Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* gnutls: CVE-2015-6251Sona Sarmadi2016-01-082-0/+28
| | | | | | | | | | | | | | | | Fixes double free flaw in certificate DN decoding. References: http://www.gnutls.org/security.html#GNUTLS-SA-2015-3 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-6251 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6251 Upstream fix: https://gitlab.com/gnutls/gnutls/commit/ 272854367efc130fbd4f1a51840d80c630214e12 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>
* initial commit for Enea Linux 5.0 armTudor Florea2015-10-09252-0/+21991
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-04-27 07:06:04 +0000