Commmon distro layer for Enea Linux https://git.enea.com/cgit/linux/meta-el-common.git/atom?h=pyro 2018-10-29T11:01:52+00:00 2018-10-29T11:01:52+00:00 Dan Andresan Dan.Andresan@enea.com 2018-10-29T11:01:52+00:00 urn:sha1:b260ec4a58b3f490dc329c0e0e2cc353263356dd 2018-10-29T11:00:32+00:00 Dan Andresan Dan.Andresan@enea.com 2018-10-29T11:00:32+00:00 urn:sha1:b377da4896044bb0c4ea198f767e354340432721 2018-10-29T10:59:19+00:00 Dan Andresan Dan.Andresan@enea.com 2018-10-29T10:59:19+00:00 urn:sha1:dc285391f74bfae14fe1967896c141705bbadd4a 2018-10-26T13:22:22+00:00 Dan Andresan Dan.Andresan@enea.com 2018-10-26T13:18:53+00:00 urn:sha1:7cfe300faae3259f59ff3e5eaf3c2c743b4cd374 systemd in the upstream pyro is 232 CVE: CVE-2017-15908 Reference: https://github.com/systemd/systemd/commit/9f939335a07085aa9a9663efd1dca06ef6405d62 Change-Id: Ifb3c138b324fe943c8a80e646c06731420d69ec0 Signed-off-by: Andreas Wellving <andreas.wellving@enea.com> Signed-off-by: Adrian Mangeac <adrian.mangeac@enea.com> 2018-10-26T09:36:19+00:00 Dan Andresan Dan.Andresan@enea.com 2018-10-26T09:36:19+00:00 urn:sha1:026d5d7b504e3b7ecab6f4d1c15335695a538d93 busybox in the upstream pyro is 1.24.1. CVE: CVE-2018-1000517 Reference: https://git.busybox.net/busybox/commit/?id=8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e Change-Id: I5a5173db69d7419564989a9fda731ebbbb5aaded Signed-off-by: Andreas Wellving <andreas.wellving@enea.com> Signed-off-by: Adrian Mangeac <adrian.mangeac@enea.com> 2018-10-25T13:14:17+00:00 Andreas Wellving andreas.wellving@enea.com 2018-09-12T12:51:53+00:00 urn:sha1:dfb6fefbd0ecb0de2a58f25c90f07682effd0d37 CVE: CVE-2017-12133 CVE-2017-16997 CVE-2018-6551 Glibc in the upstream pyro is 2.25. Reference: CVE-2017-12133 https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d42eed4a044e5e10dfb885cf9891c2518a72a491 CVE-2017-16997 https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=patch;h=21c5d14bfb4e08bee86f94fd815535d3be2c3869 CVE-2018-6551 https://sourceware.org/git/?p=glibc.git;a=patch;h=8e448310d74b283c5cd02b9ed7fb997b47bf9b22 Change-Id: I16492f0713f8134cf31597d2f38ab039c277d77c Signed-off-by: Andreas Wellving <andreas.wellving@enea.com> Signed-off-by: Adrian Mangeac <adrian.mangeac@enea.com> 2018-10-25T11:54:59+00:00 Andreas Wellving andreas.wellving@enea.com 2018-09-11T08:09:27+00:00 urn:sha1:2057b91933875959294f823b12938d6cba6ea62b CVE: CVE-2017-16932 CVE-2017-5130 CVE-2017-7375 CVE-2017-7376 Libxml2 in the upstream pyro is 2.9.4 CVE-2017-7376: For the stable distribution (stretch), these problems have been fixed in version 2.9.4+dfsg1-2.2+deb9u1 CVE-2017-7375: stretch (security) 2.9.4+dfsg1-2.2+deb9u2 Reference: CVE-2017-16932 https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961 CVE-2017-5130 https://gitlab.gnome.org/GNOME/libxml2/commit/897dffbae322b46b83f99a607d527058a72c51ed CVE-2017-7375 https://gitlab.gnome.org/GNOME/libxml2/commit/90ccb58242866b0ba3edbef8fe44214a101c2b3e CVE-2017-7376 https://gitlab.gnome.org/GNOME/libxml2/commit/5dca9eea1bd4263bfa4d037ab2443de1cd730f7e Change-Id: Icf68eea8e0916be2bc9f3e844f7d38f6fae75300 Signed-off-by: Andreas Wellving <andreas.wellving@enea.com> Signed-off-by: Adrian Mangeac <adrian.mangeac@enea.com> 2018-01-22T13:27:26+00:00 Adrian Dudau adrian.dudau@enea.com 2018-01-19T09:26:17+00:00 urn:sha1:1e218618002346dc5e24f1a41f592e1ef974d003 Neither rsync not systemtap are debug tools, so they have no place in this packagegroup. Signed-off-by: Adrian Dudau <adrian.dudau@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com> 2017-11-24T14:06:10+00:00 Adrian Dudau adrian.dudau@enea.com 2017-11-23T13:28:34+00:00 urn:sha1:7fded7d7d61ab65530ec0bfd0a168d4a8afb322c This patch has already been applied in upstream poky/pyro. Signed-off-by: Adrian Dudau <adrian.dudau@enea.com> 2017-11-24T14:06:10+00:00 Adrian Dudau adrian.dudau@enea.com 2017-11-22T09:33:21+00:00 urn:sha1:1b0e3b30bc27a98468c0f3e19e985e5fd992c650 These have been fixed already in upstream poky/pyro. Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>