<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/meta-openembedded.git/meta-networking, branch pyro-next</title>
<subtitle>Mirror of git.openembedded.org/meta-openembedded</subtitle>
<id>https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=pyro-next</id>
<link rel='self' href='https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=pyro-next'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/'/>
<updated>2018-02-09T05:19:16+00:00</updated>
<entry>
<title>wireshark: Update Package to 2.2.12</title>
<updated>2018-02-09T05:19:16+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2018-02-06T07:18:35+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=9eaebc6e783f1394bb5444326cd05a976b3122e9'/>
<id>urn:sha1:9eaebc6e783f1394bb5444326cd05a976b3122e9</id>
<content type='text'>
Includes:
	wnpa-sec-2018-01,  Multiple dissectors could crash. (Bug 14253) CVE-2018-5336

	wnpa-sec-2018-02, The MRDISC dissector could crash. (Bug 14299, Bug 13707) CVE-2017-17997

	wnpa-sec-2018-03, The IxVeriWave file parser could crash. (Bug 14297) CVE-2018-5334

	wnpa-sec-2018-04, The WCP dissector could crash. (Bug 14251) CVE-2018-5335

Full release notes: https://www.wireshark.org/docs/relnotes/wireshark-2.2.12.html

Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>wireshark: Update to 2.2.11</title>
<updated>2018-02-09T05:19:04+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster@mvista.com</email>
</author>
<published>2017-12-19T15:38:46+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=a370c771887107f424c723c0fcb3c246ffe022a4'/>
<id>urn:sha1:a370c771887107f424c723c0fcb3c246ffe022a4</id>
<content type='text'>
changed --with-ssh to --with-libssh=DIR

includes:

wnpa-sec-2017-47 : CVE-2017-17084
    The IWARP_MPA dissector could crash. (Bug 14236)

wnpa-sec-2017-48 : CVE-2017-17083
    The NetBIOS dissector could crash. (Bug 14249)

wnpa-sec-2017-49 : CVE-2017-17085
    The CIP Safety dissector could crash. (Bug 14250)

release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.2.11.html

Signed-off-by: Armin Kuster &lt;akuster@mvista.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
Signed-off-by: Joe MacDonald &lt;joe_macdonald@mentor.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>wireshark: update to 2.2.10</title>
<updated>2018-02-09T05:15:39+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2017-10-11T01:43:09+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=d8ce5a7195f1210912c698a135492df1e073447e'/>
<id>urn:sha1:d8ce5a7195f1210912c698a135492df1e073447e</id>
<content type='text'>
The following vulnerabilities have been fixed:
     * [1]wnpa-sec-2017-42
       BT ATT dissector crash ([2]Bug 14049) [3]CVE-2017-15192
     * [4]wnpa-sec-2017-43
       MBIM dissector crash ([5]Bug 14056) [6]CVE-2017-15193
     * [7]wnpa-sec-2017-44
       DMP dissector crash ([8]Bug 14068) [9]CVE-2017-15191

Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
Signed-off-by: Martin Jansa &lt;Martin.Jansa@gmail.com&gt;
Signed-off-by: Joe MacDonald &lt;joe_macdonald@mentor.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>dnsmasq: update SRC_URI for versions 2.69 and earlier</title>
<updated>2018-02-09T05:07:39+00:00</updated>
<author>
<name>Andre McCurdy</name>
<email>armccurdy@gmail.com</email>
</author>
<published>2017-10-25T19:11:57+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=fd2d083bc0ae64dd855860057540ed55b08704da'/>
<id>urn:sha1:fd2d083bc0ae64dd855860057540ed55b08704da</id>
<content type='text'>
Versions 2.16 to 2.69 have now also moved into the archives folder.

Signed-off-by: Andre McCurdy &lt;armccurdy@gmail.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
Signed-off-by: Joe MacDonald &lt;joe_macdonald@mentor.com&gt;
(cherry picked from commit d338d219dfbcbbdd133c7d4364bc8a1b19835e0b)
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>dnsmasq: upgrade to 2.78</title>
<updated>2018-02-09T05:07:06+00:00</updated>
<author>
<name>Paul Eggleton</name>
<email>paul.eggleton@linux.intel.com</email>
</author>
<published>2017-10-03T01:58:03+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=a9c2ab5e7527c2ccdb9fc375a9bf3b1faa57bb57'/>
<id>urn:sha1:a9c2ab5e7527c2ccdb9fc375a9bf3b1faa57bb57</id>
<content type='text'>
This update fixes a number of bugs including the following
vulnerabilities:

  CVE-2017-13704
  CVE-2017-14491
  CVE-2017-14492
  CVE-2017-14493
  CVE-2017-14494
  CVE-2017-14495
  CVE-2017-14496

Further details can be found in the changelog here:

  http://www.thekelleys.org.uk/dnsmasq/CHANGELOG

Signed-off-by: Paul Eggleton &lt;paul.eggleton@linux.intel.com&gt;
Signed-off-by: Martin Jansa &lt;Martin.Jansa@gmail.com&gt;
Signed-off-by: Joe MacDonald &lt;joe_macdonald@mentor.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>wireshark: update to 2.2.9</title>
<updated>2017-09-18T19:06:38+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2017-09-01T13:56:34+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=3552877d24845689e7d4e7919ff7b372da70dd40'/>
<id>urn:sha1:3552877d24845689e7d4e7919ff7b372da70dd40</id>
<content type='text'>
Change LIC_FILES_CHKSUM from README.linux to COPYING as COPYING contains the license info

2.2.9 security fixes:
    wnpa-sec-2017-38
    MSDP dissector infinite loop (Bug 13933) CVE-2017-13767

    wnpa-sec-2017-39
    Profinet I/O buffer overrun (Bug 13847) CVE-2017-13766

    wnpa-sec-2017-41
    IrCOMM dissector buffer overrun (Bug 13929) CVE-2017-13765

Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
Signed-off-by: Martin Jansa &lt;Martin.Jansa@gmail.com&gt;
Signed-off-by: Joe MacDonald &lt;joe_macdonald@mentor.com&gt;
(cherry picked from commit c6928f15d93a1546c47116b3244893b9f813e6e1)
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>wireshark: 2.2.7 -&gt; 2.2.8</title>
<updated>2017-09-18T19:03:02+00:00</updated>
<author>
<name>Kai Kang</name>
<email>kai.kang@windriver.com</email>
</author>
<published>2017-08-16T09:41:06+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=d8b55931ce3b120515ec9ab0bc91418a5cb00a7b'/>
<id>urn:sha1:d8b55931ce3b120515ec9ab0bc91418a5cb00a7b</id>
<content type='text'>
Signed-off-by: Kai Kang &lt;kai.kang@windriver.com&gt;
Signed-off-by: Martin Jansa &lt;Martin.Jansa@gmail.com&gt;
Signed-off-by: Joe MacDonald &lt;joe_macdonald@mentor.com&gt;
(cherry picked from commit 3ca10e7d924d94d85783dc7440096a7dab72b978)

Bug fix only:
Including these security fixes:
wnpa-sec-2017-13
WBMXL dissector infinite loop (Bug 13477, Bug 13796) CVE-2017-7702, CVE-2017-11410
Note: This is an update for a fix in Wireshark 2.2.6 and 2.0.12.

wnpa-sec-2017-28
openSAFETY dissector memory exhaustion (Bug 13649, Bug 13755) CVE-2017-9350, CVE-2017-11411
Note: This is an update for a fix in Wireshark 2.2.7.

wnpa-sec-2017-34
AMQP dissector crash. (Bug 13780) CVE-2017-11408

wnpa-sec-2017-35
MQ dissector crash. (Bug 13792) CVE-2017-11407

wnpa-sec-2017-36
DOCSIS infinite loop. (Bug 13797) CVE-2017-11406

Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>tcpdump: update to 4.9.2 to fix CVEs</title>
<updated>2017-09-18T19:01:05+00:00</updated>
<author>
<name>Wenzong Fan</name>
<email>wenzong.fan@windriver.com</email>
</author>
<published>2017-09-13T03:10:57+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=633f240cafdc232f1fde8e7ae06d08fd4f70c7b5'/>
<id>urn:sha1:633f240cafdc232f1fde8e7ae06d08fd4f70c7b5</id>
<content type='text'>
Refer to http://www.tcpdump.org/tcpdump-changes.txt:

Fix buffer overflow vulnerabilities:
  CVE-2017-11543 (SLIP)
  CVE-2017-13011 (bittok2str_internal)
Fix infinite loop vulnerabilities:
  CVE-2017-12989 (RESP)
  CVE-2017-12990 (ISAKMP)
  CVE-2017-12995 (DNS)
  CVE-2017-12997 (LLDP)
Fix buffer over-read vulnerabilities:
  CVE-2017-11541 (safeputs)
  CVE-2017-11542 (PIMv1)
  CVE-2017-12893 (SMB/CIFS)
  CVE-2017-12894 (lookup_bytestring)
  CVE-2017-12895 (ICMP)
  CVE-2017-12896 (ISAKMP)
  CVE-2017-12897 (ISO CLNS)
  CVE-2017-12898 (NFS)
  CVE-2017-12899 (DECnet)
  CVE-2017-12900 (tok2strbuf)
  CVE-2017-12901 (EIGRP)
  CVE-2017-12902 (Zephyr)
  CVE-2017-12985 (IPv6)
  CVE-2017-12986 (IPv6 routing headers)
  CVE-2017-12987 (IEEE 802.11)
  CVE-2017-12988 (telnet)
  CVE-2017-12991 (BGP)
  CVE-2017-12992 (RIPng)
  CVE-2017-12993 (Juniper)
  CVE-2017-11542 (PIMv1)
  CVE-2017-11541 (safeputs)
  CVE-2017-12994 (BGP)
  CVE-2017-12996 (PIMv2)
  CVE-2017-12998 (ISO IS-IS)
  CVE-2017-12999 (ISO IS-IS)
  CVE-2017-13000 (IEEE 802.15.4)
  CVE-2017-13001 (NFS)
  CVE-2017-13002 (AODV)
  CVE-2017-13003 (LMP)
  CVE-2017-13004 (Juniper)
  CVE-2017-13005 (NFS)
  CVE-2017-13006 (L2TP)
  CVE-2017-13007 (Apple PKTAP)
  CVE-2017-13008 (IEEE 802.11)
  CVE-2017-13009 (IPv6 mobility)
  CVE-2017-13010 (BEEP)
  CVE-2017-13012 (ICMP)
  CVE-2017-13013 (ARP)
  CVE-2017-13014 (White Board)
  CVE-2017-13015 (EAP)
  CVE-2017-11543 (SLIP)
  CVE-2017-13016 (ISO ES-IS)
  CVE-2017-13017 (DHCPv6)
  CVE-2017-13018 (PGM)
  CVE-2017-13019 (PGM)
  CVE-2017-13020 (VTP)
  CVE-2017-13021 (ICMPv6)
  CVE-2017-13022 (IP)
  CVE-2017-13023 (IPv6 mobility)
  CVE-2017-13024 (IPv6 mobility)
  CVE-2017-13025 (IPv6 mobility)
  CVE-2017-13026 (ISO IS-IS)
  CVE-2017-13027 (LLDP)
  CVE-2017-13028 (BOOTP)
  CVE-2017-13029 (PPP)
  CVE-2017-13030 (PIM)
  CVE-2017-13031 (IPv6 fragmentation header)
  CVE-2017-13032 (RADIUS)
  CVE-2017-13033 (VTP)
  CVE-2017-13034 (PGM)
  CVE-2017-13035 (ISO IS-IS)
  CVE-2017-13036 (OSPFv3)
  CVE-2017-13037 (IP)
  CVE-2017-13038 (PPP)
  CVE-2017-13039 (ISAKMP)
  CVE-2017-13040 (MPTCP)
  CVE-2017-13041 (ICMPv6)
  CVE-2017-13042 (HNCP)
  CVE-2017-13043 (BGP)
  CVE-2017-13044 (HNCP)
  CVE-2017-13045 (VQP)
  CVE-2017-13046 (BGP)
  CVE-2017-13047 (ISO ES-IS)
  CVE-2017-13048 (RSVP)
  CVE-2017-13049 (Rx)
  CVE-2017-13050 (RPKI-Router)
  CVE-2017-13051 (RSVP)
  CVE-2017-13052 (CFM)
  CVE-2017-13053 (BGP)
  CVE-2017-13054 (LLDP)
  CVE-2017-13055 (ISO IS-IS)
  CVE-2017-13687 (Cisco HDLC)
  CVE-2017-13688 (OLSR)
  CVE-2017-13689 (IKEv1)
  CVE-2017-13690 (IKEv2)
  CVE-2017-13725 (IPv6 routing headers)

Signed-off-by: Wenzong Fan &lt;wenzong.fan@windriver.com&gt;
Signed-off-by: Martin Jansa &lt;Martin.Jansa@gmail.com&gt;
(cherry picked from commit b5c46e9f8e078e98d4888d5ce8749ca126bbd1cc)
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>tcpdump: update to 4.9.1 to fix CVE-2017-11108</title>
<updated>2017-09-18T19:00:30+00:00</updated>
<author>
<name>Wenzong Fan</name>
<email>wenzong.fan@windriver.com</email>
</author>
<published>2017-08-16T02:18:42+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=3460d9588e1b8ac492ce4520589a260651862313'/>
<id>urn:sha1:3460d9588e1b8ac492ce4520589a260651862313</id>
<content type='text'>
Summary for 4.9.1 tcpdump release
  CVE-2017-11108/Fix bounds checking for STP.
  Make assorted documentation updates and fix a few typos in tcpdump output.
  Fixup -C for file size &gt;2GB (GH #488).
  Show AddressSanitizer presence in version output.
  Fix a bug in test scripts (exposed in GH #613).
  On FreeBSD adjust Capsicum capabilities for netmap.
  On Linux fix a use-after-free when the requested interface does not exist.

Signed-off-by: Wenzong Fan &lt;wenzong.fan@windriver.com&gt;
Signed-off-by: Martin Jansa &lt;Martin.Jansa@gmail.com&gt;
Signed-off-by: Joe MacDonald &lt;joe_macdonald@mentor.com&gt;
(cherry picked from commit 60b416317225d76e9374cb63807f1e1831f9f671)
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>netkit-rpc: Link libtirpc on musl</title>
<updated>2017-09-17T14:39:41+00:00</updated>
<author>
<name>Khem Raj</name>
<email>raj.khem@gmail.com</email>
</author>
<published>2017-09-04T17:34:19+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=414b2b42ebe9da70411575c93455063cb289105f'/>
<id>urn:sha1:414b2b42ebe9da70411575c93455063cb289105f</id>
<content type='text'>
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
Signed-off-by: Martin Jansa &lt;Martin.Jansa@gmail.com&gt;
Signed-off-by: Joe MacDonald &lt;joe_macdonald@mentor.com&gt;
(cherry picked from commit 58db2c981b8cea7f0b4a47a2cd4bb3251cc33e37)
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
</feed>
