Mirror of git.yoctoproject.org/poky https://git.enea.com/cgit/linux/poky.git/atom?h=yocto-3.1.25 2023-05-03T22:31:05+00:00 2023-05-03T22:31:05+00:00 Steve Sakoman steve@sakoman.com 2023-05-03T22:29:24+00:00 urn:sha1:a631bfc3a38f7d00b2c666661a89a758a0af9831 (From OE-Core rev: fd4cc8d7b5156c43d162a1a5a809fae507457ef4) Signed-off-by: Steve Sakoman <steve@sakoman.com> 2023-05-03T14:12:38+00:00 Steve Sakoman steve@sakoman.com 2023-05-01T15:20:31+00:00 urn:sha1:ee461b42358db458f39e558b8667fbcffb6d8044 (From meta-yocto rev: 0faaa6c13564565a5fe7f7ff00000c146c511cc4) Signed-off-by: Steve Sakoman <steve@sakoman.com> 2023-05-03T14:09:42+00:00 Steve Sakoman steve@sakoman.com 2023-05-01T14:34:34+00:00 urn:sha1:68801aaf80f27d566b5d2db75b3f4d0a7f08cf0e (From yocto-docs rev: 19b7932e6af89943b899687c1f5cb91181cd3580) Signed-off-by: Steve Sakoman <steve@sakoman.com> Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> 2023-05-03T14:09:42+00:00 Christoph Lauer christoph.lauer@xtronic.de 2023-04-23T08:12:04+00:00 urn:sha1:38f85fe6ddea1e88897c2a95d6f661c1f822009e Add SDK_ZIP_OPTIONS to remove symbolic link creation in zip archive or add options, e.g. for encryption of the zip archive. (From OE-Core rev: 04b62f9459b401c276255f166d0738b6f902a576) (From OE-Core rev: b9e0c3ced645cab74b2488a26b8f656a94b2a6f5) Signed-off-by: Christoph Lauer <christoph.lauer@xtronic.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> 2023-05-03T14:09:42+00:00 Vivek Kumbhar vkumbhar@mvista.com 2023-04-28T14:44:30+00:00 urn:sha1:62034cd62590ea783f28b0a819f4a2039931bbbb A parsed MIME header is a map[string][]string. In the common case, a header contains many one-element []string slices. To avoid allocating a separate slice for each key, ReadMIMEHeader looks ahead in the input to predict the number of keys that will be parsed, and allocates a single []string of that length. The individual slices are then allocated out of the larger one. The prediction of the number of header keys was done by counting newlines in the input buffer, which does not take into account header continuation lines (where a header key/value spans multiple lines) or the end of the header block and the start of the body. This could lead to a substantial amount of overallocation, for example when the body consists of nothing but a large block of newlines. Fix header key count prediction to take into account the end of the headers (indicated by a blank line) and continuation lines (starting with whitespace). Thanks to Jakob Ackermann (@das7pad) for reporting this issue. Fixes CVE-2023-24534 For #58975 Fixes #59267 (From OE-Core rev: daa6aa9c7198a07322f1828a9db457fec86191cf) Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> 2023-05-03T14:09:42+00:00 Vijay Anusuri vanusuri@mvista.com 2023-04-27T02:25:55+00:00 urn:sha1:87a450e2224aa7cb55432df004f38a1045af619c Upstream-Status: Backport [https://git.launchpad.net/ubuntu/+source/curl/tree/debian/patches?h=ubuntu/focal-security & https://github.com/curl/curl/commit/538b1e79a6e7b0bb829ab4cecc828d32105d0684 & https://github.com/curl/curl/commit/ed5095ed94281989e103c72e032200b83be37878 & https://github.com/curl/curl/commit/f18af4f874cecab82a9797e8c7541e0990c7a64c & https://github.com/curl/curl/commit/8f4608468b890dce2dad9f91d5607ee7e9c1aba1 & https://github.com/curl/curl/commit/cb49e67303dbafbab1cebf4086e3ec15b7d56ee5] (From OE-Core rev: 08ffa2437967a642a4c8e35e2158bb369454764a) Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> 2023-05-03T14:09:42+00:00 Virendra Thakur virendrak@kpit.com 2023-04-27T08:09:23+00:00 urn:sha1:d58a0c32395fdf48f144ba7f59820134364f7ea6 This CVE is related to Windows. Link: https://nvd.nist.gov/vuln/detail/CVE-2023-0664 (From OE-Core rev: 8efb0fc7e7db4bad3dbc40d8f890a6c2e7be38fa) Signed-off-by: Virendra Thakur <virendrak@kpit.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> 2023-05-03T14:09:42+00:00 Omkar Patil omkar.patil@kpit.com 2023-04-26T07:47:23+00:00 urn:sha1:667eb766abe23489a3f72e6ff41d0f19743439be Add patch to fix CVE-2023-0466 Link: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a (From OE-Core rev: a80d772593b3a38c062e546557d5f8d76eb71fe4) Signed-off-by: Omkar Patil <omkar.patil@kpit.com> Signed-off-by: Omkar Patil <omkarpatil10.93@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> 2023-05-03T14:09:42+00:00 Omkar Patil omkar.patil@kpit.com 2023-04-26T07:47:22+00:00 urn:sha1:56c03791cdbd22521733e12a0b6af7a1c04b3100 Add patch to fix CVE-2023-0465 Link: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95 (From OE-Core rev: cbca55301bb065a6506e65cf64cc90b598e39789) Signed-off-by: Omkar Patil <omkar.patil@kpit.com> Signed-off-by: Omkar Patil <omkarpatil10.93@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> 2023-05-03T14:09:42+00:00 Nikhil R nikhil.r@kpit.com 2023-04-26T07:47:21+00:00 urn:sha1:acd638685c5a8d6ceca0592d50dd7891baf0eaff Fix CVE-2023-0464 for openssl A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service(DoS) attack on affected systems. Link: https://git.openssl.org/gitweb/?p=openssl.git;a=patch;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b (From OE-Core rev: 0c50550e2c8fca3263776c2bb985a8c58b920b99) Signed-off-by: Nikhil R <nikhil.r@kpit.com> Signed-off-by: Omkar Patil <omkarpatil10.93@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>