[OE-core] [fido][PATCH 00/11] Fido Security fixes #2

Armin Kuster Tue, 23 Feb 2016 17:50:06 -0800

From: Armin Kuster <akus...@mvista.com>

please consider these changes for the next fido update.


This is to meet our obligation for Yocto compatibility

The following changes since commit 9037f2c7c797367c2d09b87f344ecf749d28cb41:

  gdk-pixbuf: Security fix CVE-2015-7674 (2016-02-22 19:08:53 -0800)

are available in the git repository at:

  git://git.yoctoproject.org/poky-contrib akuster/fido_cve_fixes
  
http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=akuster/fido_cve_fixes

Armin Kuster (10):
  busybox: Security fix CVE-2011-5325
  libpng: Security fix CVE-2015-8126
  libpng: Security fix CVE-2015-8472
  libgcrypt: Security fix CVE-2015-7511
  curl: Security fix CVE-2016-0754
  curl: Secuirty fix CVE-2016-0755
  bind: Security fix CVE-2015-8461
  nettle: Security fix CVE-2015-8803 and CVE-2015-8805
  nettle: Security fix CVE-2015-8804
  git: Security fixes CVE-2015-7545

Li Zhou (1):
  rpcbind: Security Advisory - rpcbind - CVE-2015-7236

 .../bind/bind/CVE-2015-8461.patch                  |  45 +++
 meta/recipes-connectivity/bind/bind_9.9.5.bb       |   3 +-
 .../busybox/busybox/CVE-2011-5325.patch            |  48 +++
 meta/recipes-core/busybox/busybox_1.23.1.bb        |   1 +
 .../git/git-2.3.0/CVE-2015-7545_1.patch            | 445 +++++++++++++++++++++
 .../git/git-2.3.0/CVE-2015-7545_2.patch            | 113 ++++++
 .../git/git-2.3.0/CVE-2015-7545_3.patch            | 110 +++++
 .../git/git-2.3.0/CVE-2015-7545_4.patch            | 146 +++++++
 .../git/git-2.3.0/CVE-2015-7545_5.patch            |  67 ++++
 meta/recipes-devtools/git/git_2.3.0.bb             |   7 +
 .../rpcbind/rpcbind/cve-2015-7236.patch            |  83 ++++
 meta/recipes-extended/rpcbind/rpcbind_0.2.2.bb     |   1 +
 .../libpng/libpng-1.6.16/CVE-2015-8126_1.patch     |  91 +++++
 .../libpng/libpng-1.6.16/CVE-2015-8126_2.patch     | 134 +++++++
 .../libpng/libpng-1.6.16/CVE-2015-8126_3.patch     |  79 ++++
 .../libpng/libpng-1.6.16/CVE-2015-8126_4.patch     |  48 +++
 .../libpng/libpng-1.6.16/CVE-2015-8472.patch       |  29 ++
 meta/recipes-multimedia/libpng/libpng_1.6.16.bb    |   7 +
 meta/recipes-support/curl/curl/CVE-2016-0754.patch | 384 ++++++++++++++++++
 meta/recipes-support/curl/curl/CVE-2016-0755.patch | 133 ++++++
 meta/recipes-support/curl/curl_7.40.0.bb           |   4 +-
 .../libgcrypt/files/CVE-2015-7511_1.patch          | 245 ++++++++++++
 .../libgcrypt/files/CVE-2015-7511_2.patch          |  55 +++
 meta/recipes-support/libgcrypt/libgcrypt_1.6.2.bb  |   5 +
 .../nettle/nettle-2.7.1/CVE-2015-8803_8805.patch   |  71 ++++
 .../nettle/nettle-2.7.1/CVE-2015-8804.patch        | 272 +++++++++++++
 meta/recipes-support/nettle/nettle_2.7.1.bb        |   5 +
 27 files changed, 2629 insertions(+), 2 deletions(-)
 create mode 100644 meta/recipes-connectivity/bind/bind/CVE-2015-8461.patch
 create mode 100644 meta/recipes-core/busybox/busybox/CVE-2011-5325.patch
 create mode 100644 meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_1.patch
 create mode 100644 meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_2.patch
 create mode 100644 meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_3.patch
 create mode 100644 meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_4.patch
 create mode 100644 meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_5.patch
 create mode 100644 meta/recipes-extended/rpcbind/rpcbind/cve-2015-7236.patch
 create mode 100644 
meta/recipes-multimedia/libpng/libpng-1.6.16/CVE-2015-8126_1.patch
 create mode 100644 
meta/recipes-multimedia/libpng/libpng-1.6.16/CVE-2015-8126_2.patch
 create mode 100644 
meta/recipes-multimedia/libpng/libpng-1.6.16/CVE-2015-8126_3.patch
 create mode 100644 
meta/recipes-multimedia/libpng/libpng-1.6.16/CVE-2015-8126_4.patch
 create mode 100644 
meta/recipes-multimedia/libpng/libpng-1.6.16/CVE-2015-8472.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-0754.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-0755.patch
 create mode 100644 meta/recipes-support/libgcrypt/files/CVE-2015-7511_1.patch
 create mode 100644 meta/recipes-support/libgcrypt/files/CVE-2015-7511_2.patch
 create mode 100644 
meta/recipes-support/nettle/nettle-2.7.1/CVE-2015-8803_8805.patch
 create mode 100644 meta/recipes-support/nettle/nettle-2.7.1/CVE-2015-8804.patch

-- 
2.3.5

-- 
_______________________________________________
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [fido][PATCH 00/11] Fido Security fixes #2

Reply via email to