linux/meta-openembedded.git/meta-networking, branch kirkstone

linux-atm: fix SRC_URI

2026-04-23T18:12:51+00:00

The previous one stopped working Signed-off-by: Gyorgy Sarvari

strongswan: Fix CVE-2026-25075

2026-04-07T08:35:53+00:00

Pick patch according to [1] [1] https://download.strongswan.org/security/CVE-2026-25075/ [2] https://www.strongswan.org/blog/2026/03/23/strongswan-vulnerability-(cve-2026-25075).html Signed-off-by: Vijay Anusuri Signed-off-by: Gyorgy Sarvari

wireshark: fix CVE-2025-5601

2026-03-25T07:41:41+00:00

Pick patch from [1]. [1] https://security-tracker.debian.org/tracker/CVE-2025-5601 [2] https://gitlab.com/wireshark/wireshark/-/issues/20509 More details : https://nvd.nist.gov/vuln/detail/CVE-2025-5601 Signed-off-by: Hitendra Prajapati Signed-off-by: Gyorgy Sarvari

lldpd: fix xml PACKAGECONFIG dependency

2026-03-13T04:57:22+00:00

The xml PACKAGECONFIG entry uses libxm2, which is a typo and not a valid dependency in OE. Replace it with libxml2 so enabling PACKAGECONFIG:xml pulls in the correct provider. Signed-off-by: Aviv Daum Signed-off-by: Gyorgy Sarvari

ettercap: patch CVE-2026-3603

2026-03-11T13:39:51+00:00

Details: https://nvd.nist.gov/vuln/detail/CVE-2026-3606 Pick the commit that is marked to solve the related Github issue[1]. Its commit message also references the CVE ID explicitly. [1]: https://github.com/Ettercap/ettercap/issues/1297 Signed-off-by: Gyorgy Sarvari

memcached: patch CVE-2023-46853

2026-03-07T20:05:26+00:00

Details: https://nvd.nist.gov/vuln/detail/CVE-2023-46853 Backport the patch that is referenced by the NVD advisory. Signed-off-by: Gyorgy Sarvari

memcached: patch CVE-2023-46852

2026-03-07T20:05:17+00:00

Details: https://nvd.nist.gov/vuln/detail/CVE-2023-46852 Backport the patch that is referenced by the NVD advisory. The test extension was not backported, because the modified testcase does not exist in the recipe version yet. Signed-off-by: Gyorgy Sarvari

opem-vm-tools: ignore multiple CVEs

2026-03-07T20:04:47+00:00

Details: https://nvd.nist.gov/vuln/detail/CVE-2014-4199 https://nvd.nist.gov/vuln/detail/CVE-2014-4200 https://nvd.nist.gov/vuln/detail/CVE-2022-22943 https://nvd.nist.gov/vuln/detail/CVE-2022-22977 https://nvd.nist.gov/vuln/detail/CVE-2022-31693 https://nvd.nist.gov/vuln/detail/CVE-2023-34057 The fixes for the first two vulnerabilities are already present in the used version. As identified by Redhat: CVE-2014-4199: it has been fixed since version 9.10.2[1] CVE-2014-4200: it has been fixed since version 9.4.6[2] CVE-2022-22943, CVE-2022-22977 and CVE-2022-31693 affect only Windows. CVE-2023-34059 affects only Windows and MacOS. [1]: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-4199 [2]: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-4200 Signed-off-by: Gyorgy Sarvari

dovecot: patch CVE-2021-29157

2026-02-27T16:00:35+00:00

Details: https://nvd.nist.gov/vuln/detail/CVE-2021-29157 Backport the patch that it used by Debian[1] to fix this CVE. [1]: https://sources.debian.org/src/dovecot/1%3A2.3.13%2Bdfsg1-2%2Bdeb11u1/debian/patches Signed-off-by: Gyorgy Sarvari

ndpi: ignore CVE-2025-25066

2026-02-27T13:28:50+00:00

Details: https://nvd.nist.gov/vuln/detail/CVE-2025-25066 The vulnerable code was introduced in v4.12[1], and is not present in the recipe version. Due to this, ignore the CVE. [1]: https://github.com/ntop/nDPI/commit/b9348e9d6e0e754c4b17661c643ca258f1540ca1 Signed-off-by: Gyorgy Sarvari