<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/meta-openembedded.git/meta-networking/recipes-support, branch mickledore</title>
<subtitle>Mirror of git.openembedded.org/meta-openembedded</subtitle>
<id>https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=mickledore</id>
<link rel='self' href='https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=mickledore'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/'/>
<updated>2023-12-04T14:47:03+00:00</updated>
<entry>
<title>wireshark: Fix CVE-2023-2906</title>
<updated>2023-12-04T14:47:03+00:00</updated>
<author>
<name>Hitendra Prajapati</name>
<email>hprajapati@mvista.com</email>
</author>
<published>2023-11-15T18:34:21+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=8d511904a5850439d44253af15a21cb3c0b2f6fa'/>
<id>urn:sha1:8d511904a5850439d44253af15a21cb3c0b2f6fa</id>
<content type='text'>
Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/44dc70cc5aadca91cb8ba3710c59c3651b7b0d4d

Signed-off-by: Hitendra Prajapati &lt;hprajapati@mvista.com&gt;
Signed-off-by: Armin Kuster &lt;akuster@mvista.com&gt;
(cherry picked from commit 919a2074586ff957362ae2dbd3438fa648bb9bee)
Signed-off-by: Deepak Rathore &lt;deeratho@cisco.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>traceroute: upgrade 2.1.2 -&gt; 2.1.3</title>
<updated>2023-11-17T02:49:15+00:00</updated>
<author>
<name>Narpat Mali</name>
<email>narpat.mali@windriver.com</email>
</author>
<published>2023-11-15T11:56:20+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=3265d38e8344081d9780a43d27bc26f748b4187c'/>
<id>urn:sha1:3265d38e8344081d9780a43d27bc26f748b4187c</id>
<content type='text'>
This upgrade incorporates the CVE-2023-46316 fix.

Changelog:
----------
- Fix command line parsing in wrappers.

References:
https://security-tracker.debian.org/tracker/CVE-2023-46316
https://sourceforge.net/projects/traceroute/files/traceroute/traceroute-2.1.3/

Signed-off-by: Narpat Mali &lt;narpat.mali@windriver.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>open-vm-tools: fix CVE-2023-34058</title>
<updated>2023-11-17T02:49:15+00:00</updated>
<author>
<name>Archana Polampalli</name>
<email>archana.polampalli@windriver.com</email>
</author>
<published>2023-11-14T05:49:15+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=76ed1e8bc43bf26c9b33d96696d5acb46743c001'/>
<id>urn:sha1:76ed1e8bc43bf26c9b33d96696d5acb46743c001</id>
<content type='text'>
A flaw was found in open-vm-tools. This flaw allows a malicious actor that
has been granted Guest Operation Privileges in a target virtual machine to
elevate their privileges if that target virtual machine has been assigned
a more privileged Guest Alias.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2023-34058

Signed-off-by: Archana Polampalli &lt;archana.polampalli@windriver.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>tcpreplay: fix pcap detection with /usr/lib32 multilib</title>
<updated>2023-09-06T12:16:19+00:00</updated>
<author>
<name>Martin Jansa</name>
<email>martin.jansa@gmail.com</email>
</author>
<published>2023-09-05T13:02:22+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=056148368b83167ec2bb2e6c1835462933f3e804'/>
<id>urn:sha1:056148368b83167ec2bb2e6c1835462933f3e804</id>
<content type='text'>
* use BPN, BP where useful
* use prefix instead of hardcoding /usr
* add patch to search also in lib32 subdir of --with-libpcap value
  to fix:
  checking for libpcap... configure: error: "Unable to find matching library for header file in TOPDIR/BUILD/work/raspberrypi4_64-oemllib32-linux-gnueabi/lib32-tcpreplay/4.4.4-r0/lib32-recipe-sysroot/usr"

Signed-off-by: Martin Jansa &lt;Martin.Jansa@gmail.com&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>tcpdump: upgrade 4.99.3 -&gt; 4.99.4</title>
<updated>2023-09-05T17:40:23+00:00</updated>
<author>
<name>Wang Mingyu</name>
<email>wangmy@fujitsu.com</email>
</author>
<published>2023-04-17T08:01:03+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=57c516973978ca2667339bf1aae7dc722b5bcac7'/>
<id>urn:sha1:57c516973978ca2667339bf1aae7dc722b5bcac7</id>
<content type='text'>
Changelog:
==========
Source code:
----------------
  Fix spaces before tabs in indentation.
Updated printers:
-----------------
  LSP ping: Fix "Unused value" warnings from Coverity.
  CVE-2023-1801: Fix an out-of-bounds write in the SMB printer.
  DNS: sync resource types with IANA.
  ICMPv6: Update the output to show a RPL DAO field name.
  Geneve: Fix the Geneve UDP port test.
Building and testing:
----------------------
  Require at least autoconf 2.69.
  Don't check for strftime(), as it's in C90 and beyond.
  Update config.{guess,sub}, timestamps 2023-01-01,2023-01-21.
Documentation:
-------------
  man: Document TCP flag names better.

Signed-off-by: Wang Mingyu &lt;wangmy@fujitsu.com&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
(cherry picked from commit 2e782260d0b6018614dbdea95899a4a0921915e0)
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>open-vm-tools: Security fix CVE-2023-20867</title>
<updated>2023-07-02T15:24:51+00:00</updated>
<author>
<name>Yi Zhao</name>
<email>yi.zhao@eng.windriver.com</email>
</author>
<published>2023-06-29T13:04:15+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=76305fc4c3c841fecdc92ebd8145de1803347b1c'/>
<id>urn:sha1:76305fc4c3c841fecdc92ebd8145de1803347b1c</id>
<content type='text'>
CVE-2023-20867:
A fully compromised ESXi host can force VMware Tools to fail to
authenticate host-to-guest operations, impacting the confidentiality and
integrity of the guest virtual machine.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2023-20867

Patch from:
https://github.com/vmware/open-vm-tools/blob/CVE-2023-20867.patch/2023-20867-Remove-some-dead-code.patch

Signed-off-by: Yi Zhao &lt;yi.zhao@windriver.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>tcpreplay: upgrade 4.4.3 -&gt; 4.4.4</title>
<updated>2023-06-28T20:28:13+00:00</updated>
<author>
<name>Polampalli, Archana</name>
<email>archana.polampalli@windriver.com</email>
</author>
<published>2023-06-28T09:50:25+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=473261544c3011b283b48f35abd4a3c2b1382c1c'/>
<id>urn:sha1:473261544c3011b283b48f35abd4a3c2b1382c1c</id>
<content type='text'>
This release contains bug fixes only.
The following CVEs have been addressed:

CVE-2023-27783
CVE-2023-27784
CVE-2023-27785
CVE-2023-27786
CVE-2023-27787
CVE-2023-27788
CVE-2023-27789

Changelog:
=========
dlt_jnpr_ether_cleanup: check subctx before cleanup by @Marsman1996 in #781
Bug #780 assert tcpedit dlt cleanup by @fklassen in #800
Fix bugs caused by strtok_r by @Marsman1996 in #783
Bug #782 #784 #785 #786 #787 #788 strtok r isuses by @fklassen in #801
Update en10mb.c by @david-guti in #793
PR #793 ip6 unicast flood by @fklassen in #802
Bug #719 fix overflow check for parse_mpls() by @fklassen in #804
PR #793 - update tests for corrected IPv6 MAC by @fklassen in #805
PR #793 - update tests for vlandel by @fklassen in #806
Feature #773 gh actions ci by @fklassen in #807

Signed-off-by: Archana Polampalli &lt;archana.polampalli@windriver.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>wireshark: Fix Multiple CVEs</title>
<updated>2023-06-27T11:05:40+00:00</updated>
<author>
<name>Hitendra Prajapati</name>
<email>hprajapati@mvista.com</email>
</author>
<published>2023-06-26T06:04:40+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=b3acca0eb15e57ea3284d98cba126dd8e5cd5901'/>
<id>urn:sha1:b3acca0eb15e57ea3284d98cba126dd8e5cd5901</id>
<content type='text'>
Backport fixes for:
* CVE-2023-0666 - Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/265cbf15a418b629c3c8f02c0ba901913b1c8fd2
* CVE-2023-0667 - Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/85fbca8adb09ea8e1af635db3d92727fbfa1e28a
* CVE-2023-0668 - Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/c4f37d77b29ec6a9754795d0efb6f68d633728d9

Signed-off-by: Hitendra Prajapati &lt;hprajapati@mvista.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>wireshark: CVE-2023-2952 XRA dissector infinite loop</title>
<updated>2023-06-17T17:15:57+00:00</updated>
<author>
<name>Hitendra Prajapati</name>
<email>hprajapati@mvista.com</email>
</author>
<published>2023-06-16T11:43:34+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=5a01ab461c9bcabcbb2298236602373948f8f073'/>
<id>urn:sha1:5a01ab461c9bcabcbb2298236602373948f8f073</id>
<content type='text'>
Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/e18d0e369729b0fff5f76f41cbae67e97c2e52e5

Signed-off-by: Hitendra Prajapati &lt;hprajapati@mvista.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>wireshark: Fix CVE-2023-2858 &amp; CVE-2023-2879</title>
<updated>2023-06-15T12:04:00+00:00</updated>
<author>
<name>Hitendra Prajapati</name>
<email>hprajapati@mvista.com</email>
</author>
<published>2023-06-08T03:49:20+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=d31c4447f5ac491eb0e8962e36e19acc18480c00'/>
<id>urn:sha1:d31c4447f5ac491eb0e8962e36e19acc18480c00</id>
<content type='text'>
Backport fixes for:
* CVE-2023-2858 - Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/cb190d6839ddcd4596b0205844f45553f1e77105
* CVE-2023-2879 - Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/118815ca7c9f82c1f83f8f64d9e0e54673f31677

Signed-off-by: Hitendra Prajapati &lt;hprajapati@mvista.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
</feed>
