[OE-core][master][mickledore][PATCH] git: upgrade 2.39.2 -> 2.39.3

2023-06-06 Thread omkar
From: Omkar Patil git version upgrade from 2.39.2 to 2.39.3 Fix the following CVE's: CVE-2023-25652 CVE-2023-29007 Signed-off-by: Omkar Patil Signed-off-by: Omkar Patil --- meta/recipes-devtools/git/{git_2.39.2.bb => git_2.39.3.bb} | 2 +- 1 file changed, 1 insertion(+), 1

[OE-core][master][mickledore][PATCH] git: upgrade 2.39.2 -> 2.39.3

2023-06-06 Thread omkar
From: Omkar Patil git version upgrade from 2.39.2 to 2.39.3 Fix the following CVE's: CVE-2023-25652 CVE-2023-29007 Signed-off-by: Omkar Patil Signed-off-by: Omkar Patil --- meta/recipes-devtools/git/{git_2.39.2.bb => git_2.39.3.bb} | 2 +- 1 file changed, 1 insertion(+), 1

[OE-core][dunfell][PATCH 3/3] openssl: Fix CVE-2023-0466

2023-04-26 Thread omkar
From: Omkar Patil Add patch to fix CVE-2023-0466 Link: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a Signed-off-by: Omkar Patil Signed-off-by: Omkar Patil --- .../openssl/openssl/CVE-2023-0466.patch | 82

[OE-core][dunfell][PATCH 2/3] openssl: Fix CVE-2023-0465

2023-04-26 Thread omkar
From: Omkar Patil Add patch to fix CVE-2023-0465 Link: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95 Signed-off-by: Omkar Patil Signed-off-by: Omkar Patil --- .../openssl/openssl/CVE-2023-0465.patch | 60

[OE-core][dunfell][PATCH 1/3] openssl: Fix CVE-2023-0464

2023-04-26 Thread omkar
certificate chain that triggers exponential use of computational resources, leading to a denial-of-service(DoS) attack on affected systems. Link: https://git.openssl.org/gitweb/?p=openssl.git;a=patch;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b Signed-off-by: Nikhil R Signed-off-by: Omkar Patil

[OE-core][dunfell][PATCH] sudo: Use specific BSD license variant

2022-12-18 Thread omkar
oshua Watt Signed-off-by: Richard Purdie (cherry picked from commit b1596d37ba13db3aff61975a31d865f3fa45) Signed-off-by: Nikhil R Signed-off-by: Omkar Patil --- meta/recipes-extended/sudo/sudo.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-extended/sud

Re: [OE-core] [master][PATCH] python3: Fix CVE-2022-45061

2022-11-17 Thread omkar
Please ignore this. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#173408): https://lists.openembedded.org/g/openembedded-core/message/173408 Mute This Topic: https://lists.openembedded.org/mt/95061179/21656 Group Owner: openembedded-core+ow...@lis

[OE-core][master][PATCH] python3: Fix CVE-2022-45061

2022-11-15 Thread omkar
From: Omkar Fix CVE-2022-45061, referenced as https://github.com/python/cpython/issues/98433 patch taken from https://github.com/python/cpython/pull/99231/commits/064ec20bf7a181ba5fa961aaa12973812aa6ca5d Signed-off-by: Omkar --- .../python/files/CVE-2022-45061.patch | 100

[OE-core][dunfell][PATCH] python3: Fix CVE-2022-45061

2022-11-15 Thread omkar
From: Omkar Fix CVE-2022-45061, referenced as https://github.com/python/cpython/issues/98433 patch taken from https://github.com/python/cpython/pull/99231/commits/064ec20bf7a181ba5fa961aaa12973812aa6ca5d Signed-off-by: Omkar --- .../python/files/CVE-2022-45061.patch | 100

[OE-core][dunfell][PATCH 2/2] dbus: upgrade 1.12.22 -> 1.12.24

2022-10-21 Thread omkar
From: Omkar Upgrade dbus from 1.12.22 to 1.12.24 Fix Below CVE's: 2022-42010 2022-42011 2022-42012 Signed-off-by: Omkar Patil --- .../dbus/{dbus-test_1.12.22.bb => dbus-test_1.12.24.bb} | 0 meta/recipes-core/dbus/dbus.inc | 2 +- meta/reci

[OE-core][dunfell][PATCH 1/2] dbus: upgrade 1.12.20 -> 1.12.22

2022-10-21 Thread omkar
From: wangmy (From OE-Core rev: 1fb8ea03cf6c4df4d8c2cc9329dfe80c83a37e2d) Signed-off-by: Wang Mingyu Signed-off-by: Richard Purdie (cherry picked from commit dc98fba73aeac4d1e661475dfb4acfca94d6c8f8) Signed-off-by: Omkar Patil --- .../dbus/{dbus-test_1.12.20.bb => dbus-test_1.12.22

[OE-core][dunfell][PATCH 2/2] libxslt: Mark CVE-2022-29824 as not applying

2022-06-03 Thread omkar
From: Richard Purdie We have libxml2 2.9.10 and we don't link statically against libxml2 anyway so the CVE doesn't apply to libxslt. (From OE-Core rev: c6315d8a2a1429a0fb7563b1d6352ceee7bc222c) Signed-off-by: Omkar Patil Signed-off-by: Richard Purdie (cherry picked f

[OE-core][dunfell][PATCH 1/2] libxslt: Fix CVE-2021-30560

2022-06-03 Thread omkar
From: omkar patil CVE: CVE-2021-30560 Signed-off-by: omkar patil --- .../libxslt/libxslt/CVE-2021-30560.patch | 201 ++ .../recipes-support/libxslt/libxslt_1.1.34.bb | 1 + 2 files changed, 202 insertions(+) create mode 100644 meta/recipes-support/libxslt/libxslt/CVE

[OE-core][dunfell][PATCH 2/2] libxslt: Mark CVE-2022-29824 as not applying

2022-06-01 Thread omkar
1f97928eb0) Signed-off-by: Omkar Patil --- meta/recipes-support/libxslt/libxslt_1.1.35.bb | 4 1 file changed, 4 insertions(+) diff --git a/meta/recipes-support/libxslt/libxslt_1.1.35.bb b/meta/recipes-support/libxslt/libxslt_1.1.35.bb index 0f25043743..47a38deb13 100644 --- a/meta/recip

[OE-core][dunfell][PATCH 1/2] libxslt: update to v1.1.35

2022-06-01 Thread omkar
L for tutorial DTD (David King) Update libxslt.doap Add missing options to xsltproc man page (From OE-Core rev: 6b5b1486bbd381b2b657645e91a1712332ddcb94) Signed-off-by: Markus Volk Signed-off-by: Richard Purdie (cherry picked from commit daa312851681c55d81391b37a30a518f3e74e540) S