<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/poky.git/meta/recipes-connectivity, branch hardknott-next</title>
<subtitle>Mirror of git.yoctoproject.org/poky</subtitle>
<id>https://git.enea.com/cgit/linux/poky.git/atom?h=hardknott-next</id>
<link rel='self' href='https://git.enea.com/cgit/linux/poky.git/atom?h=hardknott-next'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/'/>
<updated>2021-06-02T22:32:44+00:00</updated>
<entry>
<title>bind: upgrade 9.16.15 -&gt; 9.16.16</title>
<updated>2021-06-02T22:32:44+00:00</updated>
<author>
<name>Trevor Gamblin</name>
<email>trevor.gamblin@windriver.com</email>
</author>
<published>2021-05-27T14:28:55+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=587d07fe3f355478d936cda6945da77f69668a03'/>
<id>urn:sha1:587d07fe3f355478d936cda6945da77f69668a03</id>
<content type='text'>
(From OE-Core rev: 5e1a46f08284e0c54f42f999e3a1c0a403943810)

Signed-off-by: Trevor Gamblin &lt;trevor.gamblin@windriver.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>bind: upgrade 9.16.13 -&gt; 9.16.15</title>
<updated>2021-06-02T22:32:44+00:00</updated>
<author>
<name>Richard Purdie</name>
<email>richard.purdie@linuxfoundation.org</email>
</author>
<published>2021-05-15T03:02:51+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=a1b61de2b1c9addf5ceacda3f670810a1ed4646f'/>
<id>urn:sha1:a1b61de2b1c9addf5ceacda3f670810a1ed4646f</id>
<content type='text'>
(From OE-Core rev: bceca3c36eade64c87a88d70eecd45ae1cb5aae9)

Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>bind: upgrade 9.16.12 -&gt; 9.16.13</title>
<updated>2021-06-02T22:32:44+00:00</updated>
<author>
<name>Alexander Kanavin</name>
<email>alex.kanavin@gmail.com</email>
</author>
<published>2021-05-05T15:18:15+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=d4bf2f606f40d51f9998cc2e5397aa1f28b4169e'/>
<id>urn:sha1:d4bf2f606f40d51f9998cc2e5397aa1f28b4169e</id>
<content type='text'>
(From OE-Core rev: 342cdbc0671cbf8a41984784db7d986086b64977)

Signed-off-by: Alexander Kanavin &lt;alex.kanavin@gmail.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>avahi: Exclude CVE-2021-26720 from cve-check</title>
<updated>2021-05-22T09:01:03+00:00</updated>
<author>
<name>Richard Purdie</name>
<email>richard.purdie@linuxfoundation.org</email>
</author>
<published>2021-05-12T22:54:49+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=54d253076c9f3809423c7b2904ee73c649027084'/>
<id>urn:sha1:54d253076c9f3809423c7b2904ee73c649027084</id>
<content type='text'>
Issue only affects Debian and SUSE.

(From OE-Core rev: 37ff24c9ba0634e7b69dd9c2219b8fd8b2315de6)

Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>bluez: Exclude CVE-2020-12352 CVE-2020-24490 from cve-check</title>
<updated>2021-05-22T09:01:03+00:00</updated>
<author>
<name>Richard Purdie</name>
<email>richard.purdie@linuxfoundation.org</email>
</author>
<published>2021-05-11T12:47:54+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=6f647a9e06c4ea063ef3adb9600e0590aa908267'/>
<id>urn:sha1:6f647a9e06c4ea063ef3adb9600e0590aa908267</id>
<content type='text'>
These CVEs are fixed with kernel changes and don't affect the bluez recipe.

(From OE-Core rev: 21b6975cc6c785aa3bf7f7d4ea2400e11f1800bd)

Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>openssh: Exclude CVE-2008-3844 from cve-check</title>
<updated>2021-05-22T09:01:02+00:00</updated>
<author>
<name>Richard Purdie</name>
<email>richard.purdie@linuxfoundation.org</email>
</author>
<published>2021-05-11T11:30:39+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=03b6c50c3da659790c656802fe3c4882113966ac'/>
<id>urn:sha1:03b6c50c3da659790c656802fe3c4882113966ac</id>
<content type='text'>
CVE only applies to some distributed RHEL binaries so irrelavent to us.

(From OE-Core rev: 416230b7236c391e89d0d7941b2d34b6234f993c)

Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>openssh: Exclude CVE-2007-2768 from cve-check</title>
<updated>2021-05-22T09:01:02+00:00</updated>
<author>
<name>Richard Purdie</name>
<email>richard.purdie@linuxfoundation.org</email>
</author>
<published>2021-05-10T15:55:50+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=a82e96f87eacc341fc38169b5d5fcb56619777fd'/>
<id>urn:sha1:a82e96f87eacc341fc38169b5d5fcb56619777fd</id>
<content type='text'>
We don't build/use the OPIE PAM module, exclude the CVE from this recipe.

(From OE-Core rev: a7aba0f1226411f44f316cdced6b2b47621d1d3f)

Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>wpa-supplicant: fix CVE-2021-30004</title>
<updated>2021-04-30T13:37:25+00:00</updated>
<author>
<name>Stefan Ghinea</name>
<email>stefan.ghinea@windriver.com</email>
</author>
<published>2021-04-08T16:43:30+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=855a1596f5a0dcba39277c210a7e61c6604bfb85'/>
<id>urn:sha1:855a1596f5a0dcba39277c210a7e61c6604bfb85</id>
<content type='text'>
In wpa_supplicant and hostapd 2.9, forging attacks may occur because
AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and
tls/x509v3.c.

References:
https://nvd.nist.gov/vuln/detail/CVE-2021-30004

Upstream patches:
https://w1.fi/cgit/hostap/commit/?id=a0541334a6394f8237a4393b7372693cd7e96f15

(From OE-Core rev: decf95ad84a38b86e4e9f86a78f76535f4f22d4f)

Signed-off-by: Stefan Ghinea &lt;stefan.ghinea@windriver.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
(cherry picked from commit b32b671bf430b36a5547f8d822dbb760d6be47f7)
Signed-off-by: Anuj Mittal &lt;anuj.mittal@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>openssl: update to 1.1.1k to fix CVE-2021-3450 and CVE-2021-3449</title>
<updated>2021-03-28T21:28:27+00:00</updated>
<author>
<name>Mikko Rapeli</name>
<email>mikko.rapeli@bmw.de</email>
</author>
<published>2021-03-25T19:20:37+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=c5e5ba214ab0b878047d4293e55ad74057c46ae9'/>
<id>urn:sha1:c5e5ba214ab0b878047d4293e55ad74057c46ae9</id>
<content type='text'>
Only security issues fixed in this release according to
https://www.openssl.org/news/cl111.txt

(From OE-Core rev: 557d956743ecf5e1d002ae0b2135b1307736b7c8)

Signed-off-by: Mikko Rapeli &lt;mikko.rapeli@bmw.de&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>openssh: Improve LICENSE to show BSD license variants.</title>
<updated>2021-03-23T22:51:26+00:00</updated>
<author>
<name>Wang Mingyu</name>
<email>wangmy@cn.fujitsu.com</email>
</author>
<published>2021-03-23T01:42:39+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=e42870e233a85bc0d55395ef110b7445dfe784f8'/>
<id>urn:sha1:e42870e233a85bc0d55395ef110b7445dfe784f8</id>
<content type='text'>
Update LICENSE to show that BSD-2-Clause, BSD-3-Clause and BSD-4-Clause
are all present.

(From OE-Core rev: d17938953fc2524bc5f04db4409a47aa400e756a)

Signed-off-by: Wang Mingyu &lt;wangmy@cn.fujitsu.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
</feed>
