<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/meta-openembedded.git/meta-oe/recipes-connectivity, branch hardknott</title>
<subtitle>Mirror of git.openembedded.org/meta-openembedded</subtitle>
<id>https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=hardknott</id>
<link rel='self' href='https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=hardknott'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/'/>
<updated>2022-04-16T16:53:03+00:00</updated>
<entry>
<title>zabbix: Fix sereval CVEs</title>
<updated>2022-04-16T16:53:03+00:00</updated>
<author>
<name>Changqing Li</name>
<email>changqing.li@windriver.com</email>
</author>
<published>2022-04-13T02:35:16+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=a970ee45c2335c37041ad1658323481874bb4f0e'/>
<id>urn:sha1:a970ee45c2335c37041ad1658323481874bb4f0e</id>
<content type='text'>
fix CVE-2022-24349,CVE-2022-24917,CVE-2022-24918,CVE-2022-24919

Signed-off-by: Changqing Li &lt;changqing.li@windriver.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>recipes: Update SRC_URI branch and protocols</title>
<updated>2021-11-13T15:45:48+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2021-11-07T18:42:23+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=7fbb2767186a4db729efe4f440cc9a992f2ab183'/>
<id>urn:sha1:7fbb2767186a4db729efe4f440cc9a992f2ab183</id>
<content type='text'>
This patch updates SRC_URIs using git to include branch=master if no branch is set
and also to use protocol=https for github urls as generated by the conversion script
in OE-Core.

Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>gattlib: Place pkgconfig file in correct package</title>
<updated>2021-10-30T11:35:21+00:00</updated>
<author>
<name>Richard Purdie</name>
<email>richard.purdie@linuxfoundation.org</email>
</author>
<published>2021-10-02T10:21:03+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=47799c15b603209e4400359cb4cc557a8507db3d'/>
<id>urn:sha1:47799c15b603209e4400359cb4cc557a8507db3d</id>
<content type='text'>
Fixes in OE-Core added some pkgconfig dependencies back and this flagged
that the .pc file was in ${PN}, not ${PN}-dev. Fix that.

Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
(cherry picked from commit ea4afdb6a846aecd1be5f81f989aee3dfc08cc60)
[fixup for hardknott context]
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>krb5: fix CVE-2021-36222</title>
<updated>2021-09-07T15:09:37+00:00</updated>
<author>
<name>Yi Zhao</name>
<email>yi.zhao@windriver.com</email>
</author>
<published>2021-09-06T06:32:53+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=523f6d834d2fddb0ecc73c6d7d8b1845f65f5279'/>
<id>urn:sha1:523f6d834d2fddb0ecc73c6d7d8b1845f65f5279</id>
<content type='text'>
CVE-2021-36222:
ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC)
in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2
allows remote attackers to cause a NULL pointer dereference and daemon
crash. This occurs because a return value is not properly managed in a
certain situation.

References:
https://nvd.nist.gov/vuln/detail/CVE-2021-36222

Patches from:
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562

Signed-off-by: Yi Zhao &lt;yi.zhao@windriver.com&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
(cherry picked from commit 620badcbf8a59fbd2cdda6ab01c4ffba1c3ee327)
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>linuxptp: upgrade 3.1 -&gt; 3.1.1</title>
<updated>2021-08-27T02:18:28+00:00</updated>
<author>
<name>Changqing Li</name>
<email>changqing.li@windriver.com</email>
</author>
<published>2021-08-25T09:01:09+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=14958cdad1a9ea1f33949d5d35106a022df3aa64'/>
<id>urn:sha1:14958cdad1a9ea1f33949d5d35106a022df3aa64</id>
<content type='text'>
* fix WARNING: linuxptp-3.1-r0 do_fetch: Failed to fetch URL
http://sourceforge.net/projects/linuxptp/files/v3.1/linuxptp-3.1.tgz,
attempting MIRRORS if available

linuxptp-3.1.tgz replace by linuxptp-3.1.1.tgz

* 3.1.1 release note
Version 3.1.1

Fixes:

    CVE-2021-3570 linuxptp: missing length check of forwarded messages
    CVE-2021-3571 linuxptp: wrong length of one-step follow-up in transparent clock

Signed-off-by: Changqing Li &lt;changqing.li@windriver.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>hostapd: fix building with CONFIG_TLS=internal</title>
<updated>2021-05-22T23:17:39+00:00</updated>
<author>
<name>Alexander Vickberg</name>
<email>wickbergster@gmail.com</email>
</author>
<published>2021-05-17T16:03:48+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=26c88bf3ebcade64e8fe7693da89d9c2d298d90d'/>
<id>urn:sha1:26c88bf3ebcade64e8fe7693da89d9c2d298d90d</id>
<content type='text'>
The patch recently added for CVE-2021-30004 broke compilation with
CONFIG_TLS=internal. This adds the necessary function to let it
compile again.

Signed-off-by: Alexander Vickberg &lt;wickbergster@gmail.com&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
(cherry picked from commit d6ef4170747d6668fa940328334055eef3e1e1d6)
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>irssi: upgrade 1.2.2 -&gt; 1.2.3</title>
<updated>2021-04-18T20:49:13+00:00</updated>
<author>
<name>zhengruoqin</name>
<email>zhengrq.fnst@fujitsu.com</email>
</author>
<published>2021-04-16T11:24:32+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=961cfd5b8c19e01f00f0faeb302e56b6008113c4'/>
<id>urn:sha1:961cfd5b8c19e01f00f0faeb302e56b6008113c4</id>
<content type='text'>
Signed-off-by: Zheng Ruoqin &lt;zhengrq.fnst@fujitsu.com&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
(cherry picked from commit 71926e8f12d5c72b9ae58fd9f28cbad9d9945cec)
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>hostapd: fix CVE-2021-30004</title>
<updated>2021-04-17T13:46:24+00:00</updated>
<author>
<name>Stefan Ghinea</name>
<email>stefan.ghinea@windriver.com</email>
</author>
<published>2021-04-09T13:12:08+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=98c5cddf677addcb9aa296a7437b92100a478566'/>
<id>urn:sha1:98c5cddf677addcb9aa296a7437b92100a478566</id>
<content type='text'>
In wpa_supplicant and hostapd 2.9, forging attacks may occur because
AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and
tls/x509v3.c.

References:
https://nvd.nist.gov/vuln/detail/CVE-2021-30004

Upstream patches:
https://w1.fi/cgit/hostap/commit/?id=a0541334a6394f8237a4393b7372693cd7e96f15

Signed-off-by: Stefan Ghinea &lt;stefan.ghinea@windriver.com&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
(cherry picked from commit e2bd6a52bf689b77b237eaee3067d2b0b6eee3d5)
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>libqmi: upgrade 1.26.6 -&gt; 1.28.2</title>
<updated>2021-04-17T13:46:24+00:00</updated>
<author>
<name>Vinícius Ossanes Aquino</name>
<email>voa.aquino@gmail.com</email>
</author>
<published>2021-04-08T13:03:25+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=7ba897842c5b04a362599a0c614f13c4b0be2fee'/>
<id>urn:sha1:7ba897842c5b04a362599a0c614f13c4b0be2fee</id>
<content type='text'>
Signed-off-by: Vinicius Aquino &lt;voa.aquino@gmail.com&gt;
Signed-off-by: Otavio Salvador &lt;otavio@ossystems.com.br&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
(cherry picked from commit fbd0b60a277911a03fc8ef08ee49142781627670)
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>modemmanager: upgrade 1.14.10 -&gt; 1.16.2</title>
<updated>2021-04-17T13:46:24+00:00</updated>
<author>
<name>Vinícius Ossanes Aquino</name>
<email>voa.aquino@gmail.com</email>
</author>
<published>2021-04-08T13:03:24+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=151a131c76881d6979756a23139bbd4f0fe38d60'/>
<id>urn:sha1:151a131c76881d6979756a23139bbd4f0fe38d60</id>
<content type='text'>
Signed-off-by: Vinicius Aquino &lt;voa.aquino@gmail.com&gt;
Signed-off-by: Otavio Salvador &lt;otavio@ossystems.com.br&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
(cherry picked from commit 4174e40a9833fe1a59ffe774d472073f96b1cc40)
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
</feed>
