Upstream-Status: Backport from
https://github.com/libsndfile/libsndfile/commit/ced91d7b971be6173b604154c39279ce90ad87cc
Signed-off-by: Vivek Kumbhar
---
.../libsndfile1/CVE-2021-4156.patch | 30 +++
.../libsndfile/libsndfile1_1.0.28.bb | 1 +
2 files changed,
Signed-off-by: Vivek Kumbhar
---
.../libsndfile1/CVE-2022-33065.patch | 46 +++
.../libsndfile/libsndfile1_1.0.28.bb | 3 +-
2 files changed, 48 insertions(+), 1 deletion(-)
create mode 100644
meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065.patch
Signed-off-by: Vivek Kumbhar
---
.../libsndfile1/CVE-2022-33065.patch | 46 +++
.../libsndfile/libsndfile1_1.0.31.bb | 1 +
2 files changed, 47 insertions(+)
create mode 100644
meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065.patch
diff --git
a/
Signed-off-by: Vivek Kumbhar
---
.../openssl/openssl/CVE-2023-5678.patch | 180 ++
.../openssl/openssl_3.0.12.bb | 1 +
2 files changed, 181 insertions(+)
create mode 100644
meta/recipes-connectivity/openssl/openssl/CVE-2023-5678.patch
diff --git a/meta/
ed consider revert it atm since CVE-2023-29406 is a medium bug.
>
> // Robert
>
> On 7/26/23 12:37, vkumbhar wrote:
> > Signed-off-by: Vivek Kumbhar
> > ---
> > meta/recipes-devtools/go/go-1.17.13.inc | 1 +
> > .../go/go-1.18/CVE-2023-29406.patch
Signed-off-by: Vivek Kumbhar
---
meta/recipes-devtools/qemu/qemu.inc | 1 +
.../qemu/qemu/CVE-2023-3354.patch | 87 +++
2 files changed, 88 insertions(+)
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-3354.patch
diff --git a/meta/recipes-devto
Signed-off-by: Vivek Kumbhar
---
meta/recipes-devtools/qemu/qemu.inc | 1 +
.../qemu/qemu/CVE-2023-3354.patch | 87 +++
2 files changed, 88 insertions(+)
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-3354.patch
diff --git a/meta/recipes-devto
Signed-off-by: Vivek Kumbhar
---
meta/recipes-devtools/go/go-1.14.inc | 1 +
.../go/go-1.14/CVE-2023-29406.patch | 212 ++
2 files changed, 213 insertions(+)
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-29406.patch
diff --git a/meta/recipes-d
Signed-off-by: Vivek Kumbhar
---
meta/recipes-devtools/go/go-1.17.13.inc | 1 +
.../go/go-1.18/CVE-2023-29406.patch | 210 ++
2 files changed, 211 insertions(+)
create mode 100644 meta/recipes-devtools/go/go-1.18/CVE-2023-29406.patch
diff --git a/meta/recipes-d
gt;
> Thanks,
>
> Steve
>
> On Wed, Jul 12, 2023 at 12:17 AM vkumbhar wrote:
> >
> > Introduced by:
> https://github.com/curl/curl/commit/3c49b405de4fbf1fd7127f91908261268640e54f
> (curl-7_9_8)
> > Fixed by:
> https://github.com/curl/curl/commit/13718030ad4
Introduced by:
https://github.com/curl/curl/commit/3c49b405de4fbf1fd7127f91908261268640e54f
(curl-7_9_8)
Fixed by:
https://github.com/curl/curl/commit/13718030ad4b3209a7583b4f27f683cd3a6fa5f2
(curl-8_1_0)
Follow-up:
https://github.com/curl/curl/commit/f446258f0269a62289cca0210157cb8558d0edc3
Signed-off-by: Vivek Kumbhar
---
.../python/python3/CVE-2023-24329.patch | 80 +++
.../recipes-devtools/python/python3_3.8.17.bb | 1 +
2 files changed, 81 insertions(+)
create mode 100644 meta/recipes-devtools/python/python3/CVE-2023-24329.patch
diff --git a/meta/recipes
ore/commit/?h=kirkstone&id=c761d822be5ffc4a88600fbd7282c469b1e9902a
>
> However it seems from your work that a follow on patch is also
> necessary to fix this issue completely.
>
> Could you submit a v3 that takes into account the above commit?
>
> Thanks,
>
> Steve
>
> On Wed, Jul 12, 2
Introduced by:
https://github.com/curl/curl/commit/3c49b405de4fbf1fd7127f91908261268640e54f
(curl-7_9_8)
Fixed by:
https://github.com/curl/curl/commit/13718030ad4b3209a7583b4f27f683cd3a6fa5f2
(curl-8_1_0)
Follow-up:
https://github.com/curl/curl/commit/f446258f0269a62289cca0210157cb8558d0edc3
; to SRC_URI.
>
> Make sense?
>
> Steve
>
> > On Mon, Jul 10, 2023 at 8:01 PM Steve Sakoman wrote:
> >>
> >> On Sun, Jul 9, 2023 at 7:28 PM vkumbhar wrote:
> >> >
> >> > Introduced by:
> https://github.com/curl/curl/com
Introduced by:
https://github.com/curl/curl/commit/3c49b405de4fbf1fd7127f91908261268640e54f
(curl-7_9_8)
Fixed by:
https://github.com/curl/curl/commit/13718030ad4b3209a7583b4f27f683cd3a6fa5f2
(curl-8_1_0)
Follow-up:
https://github.com/curl/curl/commit/f446258f0269a62289cca0210157cb8558d0edc3
This is for dunfell-nut branch.
Kind regards,
Vivek
On Tue, Jul 11, 2023 at 4:14 PM Ross Burton wrote:
> What branch is this for? It doesn’t apply to master, I’m guessing
> kirkstone? Is the same fix needed for other branches?
>
> Ross
>
> > On 11 Jul 2023, a
Signed-off-by: Vivek Kumbhar
---
.../python/python3/CVE-2023-24329.patch | 81 +++
.../recipes-devtools/python/python3_3.8.14.bb | 1 +
2 files changed, 82 insertions(+)
create mode 100644 meta/recipes-devtools/python/python3/CVE-2023-24329.patch
diff --git a/meta/recipes
As it is a followup patch I have added it as fol1.
If you want this as pre1, I will send v2 again.
Kind regards,
Vivek
On Mon, Jul 10, 2023 at 8:01 PM Steve Sakoman wrote:
> On Sun, Jul 9, 2023 at 7:28 PM vkumbhar wrote:
> >
> > Introduced by:
> https://github.co
Introduced by:
https://github.com/curl/curl/commit/3c49b405de4fbf1fd7127f91908261268640e54f
(curl-7_9_8)
Fixed by:
https://github.com/curl/curl/commit/13718030ad4b3209a7583b4f27f683cd3a6fa5f2
(curl-8_1_0)
Follow-up:
https://github.com/curl/curl/commit/f446258f0269a62289cca0210157cb8558d0edc3
Signed-off-by: Vivek Kumbhar
---
meta/recipes-extended/cups/cups.inc | 1 +
.../cups/cups/CVE-2023-34241.patch| 68 +++
2 files changed, 69 insertions(+)
create mode 100644 meta/recipes-extended/cups/cups/CVE-2023-34241.patch
diff --git a/meta/recipes-exte
Signed-off-by: Vivek Kumbhar
---
.../libcap/files/CVE-2023-2603.patch | 60 +++
meta/recipes-support/libcap/libcap_2.66.bb| 1 +
2 files changed, 61 insertions(+)
create mode 100644 meta/recipes-support/libcap/files/CVE-2023-2603.patch
diff --git a/meta/recipes-sup
Signed-off-by: Vivek Kumbhar
---
meta/recipes-devtools/go/go-1.17.13.inc | 1 +
.../go/go-1.18/CVE-2023-29400.patch | 99 +++
2 files changed, 100 insertions(+)
create mode 100644 meta/recipes-devtools/go/go-1.18/CVE-2023-29400.patch
diff --git a/meta/recipes-de
;
> https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=422bec25ae4a1ab03fd4d6f728695ed279173b18
> --
> *From:* openembedded-core@lists.openembedded.org <
> openembedded-core@lists.openembedded.org> on behalf of vkumbhar via
> lists.openembedded
Signed-off-by: Vivek Kumbhar
---
.../libcap/files/CVE-2023-2603.patch | 60 +++
meta/recipes-support/libcap/libcap_2.66.bb| 1 +
2 files changed, 61 insertions(+)
create mode 100644 meta/recipes-support/libcap/files/CVE-2023-2603.patch
diff --git a/meta/recipes-sup
Signed-off-by: Vivek Kumbhar
---
.../libcap/files/CVE-2023-2603.patch | 31 +++
meta/recipes-support/libcap/libcap_2.66.bb| 1 +
2 files changed, 32 insertions(+)
create mode 100644 meta/recipes-support/libcap/files/CVE-2023-2603.patch
diff --git a/meta/recipes-sup
Angle brackets should not appear in CSS contexts, as they may affect
token boundaries (such as closing a
Fix An integer overflow vulnerability was discovered in Freetype in
tt_hvadvance_adjust() function in src/truetype/ttgxvar.c
Signed-off-by: Vivek Kumbhar
---
.../freetype/freetype/CVE-2023-2004.patch | 40 +++
.../freetype/freetype_2.10.1.bb | 1 +
2 files cha
From: Vivek Kumbhar
Fix An integer overflow vulnerability was discovered in Freetype in
tt_hvadvance_adjust() function in src/truetype/ttgxvar.c
Signed-off-by: Vivek Kumbhar
---
.../freetype/freetype/CVE-2023-2004.patch | 41 +++
.../freetype/freetype_2.11.1.bb
From: Vivek Kumbhar
A parsed MIME header is a map[string][]string. In the common case,
a header contains many one-element []string slices. To avoid
allocating a separate slice for each key, ReadMIMEHeader looks
ahead in the input to predict the number of keys that will be
parsed, and allocates a
From: Vivek Kumbhar
A parsed MIME header is a map[string][]string. In the common case,
a header contains many one-element []string slices. To avoid
allocating a separate slice for each key, ReadMIMEHeader looks
ahead in the input to predict the number of keys that will be
parsed, and allocates a
Setting a large line or column number using a //line directive can cause
integer overflow even in small source files.
Limit line and column numbers in //line directives to 2^30-1, which
is small enough to avoid int32 overflow on all reasonbly-sized files.
Fixes CVE-2023-24537
Fixes #59273
For #59
sh --force-patch-refresh go-cross-core2-64
>
> Don't forget to review changes done by devtool!
>
> WARNING: go-cross-core2-64-1.17.13-r0 do_patch: QA Issue: Patch log
> indicates that patches do not apply cleanly. [patch-fuzz]
>
> Steve
>
> On Wed, Apr 19, 2023 at 1
Setting a large line or column number using a //line directive can cause
integer overflow even in small source files.
Limit line and column numbers in //line directives to 2^30-1, which
is small enough to avoid int32 overflow on all reasonbly-sized files.
Fixes CVE-2023-24537
Fixes #59273
For #59
Setting a large line or column number using a //line directive can cause
integer overflow even in small source files.
Limit line and column numbers in //line directives to 2^30-1, which
is small enough to avoid int32 overflow on all reasonbly-sized files.
Fixes CVE-2023-24537
Fixes #59273
For #59
Hi Steve,
Any update on this patch?
Kind Regards,
Vivek
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#180117):
https://lists.openembedded.org/g/openembedded-core/message/180117
Mute This Topic: https://lists.openembedded.org/mt/97334710/21656
Gr
Remove branching that depends on secret data.
since the `ok` variable isn't used any more, we can remove all code
used to calculate it
Signed-off-by: Vivek Kumbhar
---
.../gnutls/gnutls/CVE-2023-0361.patch | 85 +++
meta/recipes-support/gnutls/gnutls_3.6.14.bb | 1 +
2
Remove branching that depends on secret data.
since the `ok` variable isn't used any more, we can remove all code
used to calculate it
Signed-off-by: Vivek Kumbhar
---
.../gnutls/gnutls/CVE-2023-0361.patch | 85 +++
meta/recipes-support/gnutls/gnutls_3.7.4.bb | 1 +
2
Yes, will revert that patch and backport the correct one.
Thanks
vivek
On Mon, Mar 6, 2023 at 10:47 AM DC wrote:
> The patches submitted to
> dunfell ->
> https://lists.openembedded.org/g/openembedded-core/message/177768
> Kirkstone ->
> https://lists.openembedded.org/g/openembedded-core/messag
Set file metadata via fd-based ops for everything but symlinks
Regular file ops are fd-based already, for the rest we need to open them
manually. Files with temporary suffix must never be followed, for
directories (and pre-existing FA_TOUCHed files) use the rpm symlink
"root or target owner allowe
Okay Sure, I will backport the fix only instead of upgrading.
-Thanks,
Vivek
On Mon, Feb 27, 2023 at 2:51 PM Alexander Kanavin
wrote:
> You have to backport the fix I'm afraid. Stable releases do not allow
> major upgrades like that.
>
> Alex
>
> On Mon, 27 Feb 2023 at
Fix below security CVEs:
CVE-2022-3094
CVE-2022-3736
CVE-2022-3924
Fix serve-stale crash when recursive clients soft quota
is reached. (CVE-2022-3924) [GL #3619]
Handle RRSIG lookups when serve-stale is active.
(CVE-2022-3736) [GL #3622]
An UPDATE message flood could cause named to exhaust all
a
(From OE-Core rev: 5bef402da334595ed9302b8bca1acdf5e88bfe11)
This will fix #CVE-2021-35938 rpm: races with chown/chmod/capabilities calls
during installation
upstream branch=rpm-4.18: git://github.com/rpm-software-management/rpm
Signed-off-by: Vivek Kumbhar
---
...When-cross-installing-execut
[layout] Limit how far we skip when looking back
Signed-off-by: Vivek Kumbhar
---
.../harfbuzz/harfbuzz/CVE-2023-25193.patch| 71 +++
.../harfbuzz/harfbuzz_2.6.4.bb| 5 +-
2 files changed, 75 insertions(+), 1 deletion(-)
create mode 100644 meta/recipes-graph
[layout] Limit how far we skip when looking back
Signed-off-by: Vivek Kumbhar
---
.../harfbuzz/harfbuzz/CVE-2023-25193.patch| 71 +++
.../harfbuzz/harfbuzz_4.0.1.bb| 4 +-
2 files changed, 74 insertions(+), 1 deletion(-)
create mode 100644 meta/recipes-graph
Fix below security CVEs:
CVE-2022-3094
CVE-2022-3736
CVE-2022-3924
Fix serve-stale crash when recursive clients soft quota
is reached. (CVE-2022-3924) [GL #3619]
Handle RRSIG lookups when serve-stale is active.
(CVE-2022-3736) [GL #3622]
An UPDATE message flood could cause named to exhaust all
a
From: Vivek Kumbhar
Signed-off-by: Vivek Kumbhar
---
meta/recipes-devtools/qemu/qemu.inc | 1 +
.../qemu/qemu/CVE-2021-3929.patch | 78 +++
2 files changed, 79 insertions(+)
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3929.patch
diff --gi
No changes required, As all the fixes available in this version.
-Thanks,
Vivek
On Mon, Jan 30, 2023 at 11:17 PM Steve Sakoman wrote:
> On Wed, Jan 25, 2023 at 1:55 AM vkumbhar wrote:
> >
> > From: Vivek Kumbhar
> >
> > Fixed Below CVE:
> > CVE-2022-4283
>
From: Vivek Kumbhar
Signed-off-by: Vivek Kumbhar
---
meta/recipes-devtools/go/go-1.14.inc | 1 +
.../go/go-1.14/CVE-2022-1962.patch| 357 ++
2 files changed, 358 insertions(+)
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-1962.patch
diff -
Thanks for the information. Okay, will modify the patch accordingly.
-Thanks,
Vivek
On Mon, Jan 30, 2023 at 11:17 PM Steve Sakoman wrote:
> On Wed, Jan 25, 2023 at 1:55 AM vkumbhar wrote:
> >
> > From: Vivek Kumbhar
> >
> > Fixed Below CVE:
> > CVE-2022-428
From: Vivek Kumbhar
Fixed Below CVE:
CVE-2022-4283
CVE-2022-46340
CVE-2022-46341
CVE-2022-46342
CVE-2022-46343
CVE-2022-46344
Signed-off-by: Vivek Kumbhar
---
.../xserver-xorg/CVE-2022-4283.patch | 39 +
.../xserver-xorg/CVE-2022-46340.patch | 55
.../xser
Yes, It was intended for the master.
Kind regards,
Vivek
On Mon, 23 Jan 2023 at 10:19 PM, Steve Sakoman wrote:
> Hi Vivek,
>
> You sent two seemingly identical patches for langdale. Was one
> perhaps intended for master?
>
> Steve
>
> On Mon, Jan 23, 2023 at
From: Vivek Kumbhar
Signed-off-by: Vivek Kumbhar
---
.../openssl/openssl/CVE-2022-3996.patch | 43 +++
.../openssl/openssl_3.0.7.bb | 1 +
2 files changed, 44 insertions(+)
create mode 100644
meta/recipes-connectivity/openssl/openssl/CVE-2022-3996.patch
From: Vivek Kumbhar
Signed-off-by: Vivek Kumbhar
---
.../openssl/openssl/CVE-2022-3996.patch | 43 +++
.../openssl/openssl_3.0.7.bb | 1 +
2 files changed, 44 insertions(+)
create mode 100644
meta/recipes-connectivity/openssl/openssl/CVE-2022-3996.patch
Okay, Sure.
Kind Regards,
Vivek
On Mon, Jan 23, 2023 at 5:37 PM Ross Burton wrote:
> Can you also send this for langdale and master?
>
> Ross
>
> > On 20 Jan 2023, at 02:56, vkumbhar via lists.openembedded.org mvista@lists.openembedded.org> wrote:
> &
From: Vivek Kumbhar
Signed-off-by: Vivek Kumbhar
---
.../openssl/openssl/CVE-2022-3996.patch | 43 +++
.../openssl/openssl_3.0.7.bb | 1 +
2 files changed, 44 insertions(+)
create mode 100644
meta/recipes-connectivity/openssl/openssl/CVE-2022-3996.patch
From: Vivek Kumbhar
Signed-off-by: Vivek Kumbhar
---
meta/recipes-devtools/qemu/qemu.inc | 1 +
.../qemu/qemu/CVE-2021-3507.patch | 87 +++
2 files changed, 88 insertions(+)
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3507.patch
diff --gi
From: Vivek Kumbhar
Signed-off-by: Vivek Kumbhar
---
.../xorg-lib/libx11/CVE-2022-3555.patch | 38 +++
.../recipes-graphics/xorg-lib/libx11_1.6.9.bb | 1 +
2 files changed, 39 insertions(+)
create mode 100644 meta/recipes-graphics/xorg-lib/libx11/CVE-2022-3555.patch
dif
From: Vivek Kumbhar
Signed-off-by: Vivek Kumbhar
---
.../rsync/files/CVE-2022-29154.patch | 334 ++
meta/recipes-devtools/rsync/rsync_3.1.3.bb| 1 +
2 files changed, 335 insertions(+)
create mode 100644 meta/recipes-devtools/rsync/files/CVE-2022-29154.patch
diff
From: Vivek Kumbhar
Signed-off-by: Vivek Kumbhar
---
meta/recipes-devtools/go/go-1.14.inc | 1 +
.../go/go-1.14/CVE-2022-1962.patch| 421 ++
2 files changed, 422 insertions(+)
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-1962.patch
diff -
From: Vivek Kumbhar
Signed-off-by: Vivek Kumbhar
---
meta/recipes-devtools/go/go-1.14.inc | 1 +
.../go/go-1.14/CVE-2022-41717.patch | 75 +++
2 files changed, 76 insertions(+)
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-41717.patch
diff --
From: Vivek Kumbhar
Signed-off-by: Vivek Kumbhar
---
.../sqlite/files/CVE-2022-46908.patch | 39 +++
meta/recipes-support/sqlite/sqlite3_3.38.5.bb | 1 +
2 files changed, 40 insertions(+)
create mode 100644 meta/recipes-support/sqlite/files/CVE-2022-46908.patch
diff -
From: Vivek Kumbhar
Upstream-Status: Backport
[https://gitlab.com/qemu-project/qemu/-/commit/1ab95af033a419e7a64e2d58e67dd96b20af5233]
Signed-off-by: Vivek Kumbhar
---
meta/recipes-devtools/qemu/qemu.inc | 1 +
.../qemu/qemu/CVE-2021-20196.patch| 62 +++
Hi Steve,
This patch was sent in error to dunfell, Please consider the patch sent for
Kirkstone.
Kind regards,
Vivek
On Fri, 25 Nov 2022 at 10:26 PM, Steve Sakoman wrote:
> On Thu, Nov 24, 2022 at 2:25 AM vkumbhar wrote:
> >
> > From: Vivek Kumbhar
> >
> > Ups
From: Vivek Kumbhar
Upstream-Status: Backport from
https://github.com/python/cpython/commit/eae692eed18892309bcc25a2c0f8980038305ea2
Signed-off-by: Vivek Kumbhar
---
.../python/python3/CVE-2022-42919.patch | 70 +++
.../recipes-devtools/python/python3_3.10.7.bb | 1 +
2
From: Vivek Kumbhar
Upstream-Status: Backport from
https://github.com/python/cpython/commit/eae692eed18892309bcc25a2c0f8980038305ea2
Signed-off-by: Vivek Kumbhar
---
.../python/python3/CVE-2022-42919.patch | 70 +++
.../recipes-devtools/python/python3_3.10.7.bb | 1 +
2
From: Vivek Kumbhar
Upstream-Status: Backport
[https://gitlab.com/qemu-project/qemu/-/commit/1ab95af033a419e7a64e2d58e67dd96b20af5233]
Signed-off-by: Vivek Kumbhar
---
meta/recipes-devtools/qemu/qemu.inc | 1 +
.../qemu/qemu/CVE-2021-20196.patch| 50 +++
From: Vivek Kumbhar
Upstream-Status: Backport
[https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5]
Signed-off-by: Vivek Kumbhar
---
.../gnutls/libtasn1/CVE-2021-46848.patch | 45 +++
.../recipes-support/gnutls/libtasn1_4.16.0.bb | 1 +
2
From: Vivek Kumbhar
Upstream-Status: Backport
[https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/8a368d808fec166b5fb3dfe6312aab22c7ee20af]
Signed-off-by: Vivek Kumbhar
---
.../xorg-lib/libx11/CVE-2022-3555.patch | 38 +++
.../recipes-graphics/xorg-lib/libx11_1.6.9.
From: Vivek Kumbhar
Upstream-Status: Backport from
https://github.com/python/cpython/commit/eae692eed18892309bcc25a2c0f8980038305ea2
Signed-off-by: Vivek Kumbhar
---
.../python/python3/CVE-2022-42919.patch | 71 +++
.../recipes-devtools/python/python3_3.10.7.bb | 1 +
2
From: Vivek Kumbhar
Upstream-Status: Backport from
https://lists.nongnu.org/archive/html/qemu-devel/2021-09/msg01682.html
Signed-off-by: Vivek Kumbhar
---
meta/recipes-devtools/qemu/qemu.inc | 1 +
.../qemu/qemu/CVE-2021-3638.patch | 80 +++
2 files chan
From: Vivek Kumbhar
Upstream-Status: Backport from
https://github.com/curl/curl/commit/a64e3e59938abd7d6
Signed-off-by: Vivek Kumbhar
---
.../curl/curl/CVE-2022-32221.patch| 29 +++
meta/recipes-support/curl/curl_7.69.1.bb | 1 +
2 files changed, 30 insertion
From: Vivek Kumbhar
Signed-off-by: Vivek Kumbhar
---
.../curl/curl/CVE-2022-32221.patch| 29 +++
meta/recipes-support/curl/curl_7.69.1.bb | 1 +
2 files changed, 30 insertions(+)
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-32221.patch
diff --gi
Source: https://lists.nongnu.org/archive/html/qemu-devel/2021-09/msg01682.html
MR: 116345
Type: Security Fix
Disposition: Backport from
https://lists.nongnu.org/archive/html/qemu-devel/2021-09/msg01682.html
ChangeID: 16be2d24b89b9ff8f492b034f77eb24800771910
Description:
When building QEMU with
Source:
https://gitlab.isc.org/isc-projects/bind9/-/commit/1af23378ebb11da2eb0f412e4563d6c4165fbd3d
MR: 122537
Type: Security Fix
Disposition: Backport from
https://gitlab.isc.org/isc-projects/bind9/-/commit/1af23378ebb11da2eb0f412e4563d6c4165fbd3d
ChangeID: f93f9a7755124934083d77cf9334fffb32a0c2
Source:
https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=e2b0f0d8d63e1223bb714a9efb37e2257818268b
MR: 122138
Type: Security Fix
Disposition: Backport from
https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=e2b0f0d8d63e1223bb714a9efb37e2257818268b
ChangeID: 680cf2af29d34d79
Source:
https://git.samba.org/?p=rsync.git;a=patch;h=b7231c7d02cfb65d291af74ff66e7d8c507ee871
MR: 120436
Type: Security Fix
Disposition: Backport from
https://git.samba.org/?p=rsync.git;a=patch;h=b7231c7d02cfb65d291af74ff66e7d8c507ee871
ChangeID: c343a62e84fc2bd4793bda2f45e603a1347d0672
Descripti
Source:
https://gitlab.com/qemu-project/qemu/-/commit/1ab95af033a419e7a64e2d58e67dd96b20af5233
MR: 111637
Type: Security Fix
Disposition: Backport from
https://gitlab.com/qemu-project/qemu/-/commit/1ab95af033a419e7a64e2d58e67dd96b20af5233
ChangeID: c1e435aa25bb60b362bb68ab253ff55504e0328d
Descrip
78 matches
Mail list logo
