Mirror of git.yoctoproject.org/poky https://git.enea.com/cgit/linux/poky.git/atom?h=yocto-3.3.5 2022-02-20T15:32:34+00:00 2022-02-20T15:32:34+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2022-02-20T15:32:32+00:00 urn:sha1:8d3e054f6d432b5ca0fcd613e0c767fab3c85f24 (From OE-Core rev: 29cd1d796057ef5599fe17c39b42aa099f7b1c29) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-02-20T15:32:27+00:00 Pgowda pgowda.cve@gmail.com 2022-01-30T06:20:39+00:00 urn:sha1:7c873ba32d5ddaa947beb7a5e63ebcd11428ff11 glibc-2.33 has been upgraded to latest version that includes many CVE and other bug fixes. Ran the regressions and results are better. (From OE-Core rev: d5bdff460cc8b0f38177f1f38d625eeda729b459) Signed-off-by: pgowda <pgowda.cve@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-02-10T13:25:48+00:00 Steve Sakoman steve@sakoman.com 2022-01-31T17:15:20+00:00 urn:sha1:bce56ecf96c7fc1f851f2931437c8bb0932918d6 (From OE-Core rev: a32cee6c9e1ff53e424b8386c36555e6cf3bf3af) Signed-off-by: Steve Sakoman <steve@sakoman.com> (cherry picked from commit 7e33aa25acc0c29b8f5e78757c6557e614eb1434) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-02-10T13:25:48+00:00 Steve Sakoman steve@sakoman.com 2022-01-31T17:08:36+00:00 urn:sha1:85dd9e10bd16be17720a898fd3110f2fb5f659e5 Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer for configurations with a nonzero XML_CONTEXT_BYTES. Backport patch from: https://github.com/libexpat/libexpat/commit/847a645152f5ebc10ac63b74b604d0c1a79fae40 CVE: CVE-2022-23852 (From OE-Core rev: 8a50809a0e54c66a8a7aafb1b9bffbec009f8c57) Signed-off-by: Steve Sakoman <steve@sakoman.com> (cherry picked from commit af81bb9d10c0f1e9dcaffc1bbc18ef780eea7127) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-01-31T21:56:01+00:00 Steve Sakoman steve@sakoman.com 2022-01-19T14:59:07+00:00 urn:sha1:ae9b6db2a14d5a174add8023ac836ed3ae737625 In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize. Backport patch from: https://github.com/libexpat/libexpat/pull/538/commits/85ae9a2d7d0e9358f356b33977b842df8ebaec2b CVE: CVE-2021-46143 (From OE-Core rev: babe185972eb71058762ca20c349ba2651d0f73d) Signed-off-by: Steve Sakoman <steve@sakoman.com> (cherry picked from commit 41a65d27e4ecdc11977e2944d8af2f51c48f32ec) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-01-31T21:56:01+00:00 Steve Sakoman steve@sakoman.com 2022-01-19T14:51:17+00:00 urn:sha1:b769089b44b19dbc73c304c88b2ed67a4e03d844 In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory). Backport patch from: https://github.com/libexpat/libexpat/pull/534/commits/0adcb34c49bee5b19bd29b16a578c510c23597ea CVE: CVE-2021-45960 (From OE-Core rev: 8d475823acf95d81596c1c125bc7dd4d0e0f5f1c) Signed-off-by: Steve Sakoman <steve@sakoman.com> (cherry picked from commit 22fe1dea3164a5cd4d5636376f3671641ada1da9) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-01-31T21:56:01+00:00 Steve Sakoman steve@sakoman.com 2022-01-19T14:33:49+00:00 urn:sha1:6fe3635445523a38500c6884af39d947cc9033eb xmlparse.c has multiple integer overflows. The involved functions are: - addBinding (CVE-2022-22822) - build_model (CVE-2022-22823) - defineAttribute (CVE-2022-22824) - lookup (CVE-2022-22825) - nextScaffoldPart (CVE-2022-22826) - storeAtts (CVE-2022-22827) Backport patch from: https://github.com/libexpat/libexpat/pull/539/commits/9f93e8036e842329863bf20395b8fb8f73834d9e CVE: CVE-2022-22822 CVE-2022-22823 CVE-2022-22824 CVE-2022-22825 CVE-2022-22826 CVE-2022-22827 (From OE-Core rev: 0d195a98703d690a348719f77e7be78653d14ad3) Signed-off-by: Steve Sakoman <steve@sakoman.com> (cherry picked from commit 3b6c47c0ebae9fdb7a13480daf8f46a8dbb2c9bd) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-01-31T21:56:01+00:00 pgowda pgowda.cve@gmail.com 2022-01-22T11:15:13+00:00 urn:sha1:c10a1449a57e0ba73e99be06af064e83fcaf85c1 glibc-2.33 has been upgraded to latest version that includes many CVE and other bug fixes. (From OE-Core rev: f658889952dcccbd2eea415764b3e89ac738cde9) Signed-off-by: pgowda <pgowda.cve@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-01-14T09:34:04+00:00 Pgowda pgowda.cve@gmail.com 2022-01-10T10:34:10+00:00 urn:sha1:38103229305e6575a96d350dee8fc13113b370d1 Backport the fix for CVE-2021-43396. It is disputed that this is a security issue. (From OE-Core rev: e8de9b01c6b305b2498c5f942397a49ae2af0cde) (From OE-Core rev: 0b7e120bc3b40c0b150dd878d64bfe0ffdac79d9) Signed-off-by: pgowda <pgowda.cve@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-01-14T09:34:04+00:00 Chen Qi Qi.Chen@windriver.com 2022-01-05T02:19:56+00:00 urn:sha1:bde16e7473a601b615d735db7cde93738352fcab Backport patches to fix the following CVEs: CVE-2021-42373 CVE-2021-42378 CVE-2021-42379 CVE-2021-42380 CVE-2021-42381 CVE-2021-42382 CVE-2021-42383 CVE-2021-42384 CVE-2021-42385 CVE-2021-42386 (From OE-Core rev: 33f6fb263edd7dd0f5f97f1cf02f63978dbfba09) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>