* [OE-core][dunfell 0/5] Patch review
@ 2020-11-21 0:13 Steve Sakoman
2020-11-21 0:14 ` [OE-core][dunfell 1/5] libproxy: fix CVE-2020-26154 Steve Sakoman
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: Steve Sakoman @ 2020-11-21 0:13 UTC (permalink / raw)
To: openembedded-core
Please review this next set of patches for dunfell and have comments back by
end of day Monday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/1611
The following changes since commit 84e1a32096db9deb98d282a652beec95dbfe80f1:
python3: add ldconfig rdepends for python3-ctypes (2020-11-17 07:34:27 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
Lee Chee Yang (5):
libproxy: fix CVE-2020-26154
bison: update to 3.5.4 for CVE-2020-14150
python3: whitelist CVE-2020-15523
python3: fix CVE-2020-27619
qemu: fix CVE-2020-24352
.../bison/{bison_3.5.3.bb => bison_3.5.4.bb} | 2 +-
.../python/python3/CVE-2020-27619.patch | 70 +++++++++++++
meta/recipes-devtools/python/python3_3.8.2.bb | 4 +
meta/recipes-devtools/qemu/qemu.inc | 1 +
.../qemu/qemu/CVE-2020-24352.patch | 52 ++++++++++
.../libproxy/libproxy/CVE-2020-26154.patch | 98 +++++++++++++++++++
.../libproxy/libproxy_0.4.15.bb | 1 +
7 files changed, 227 insertions(+), 1 deletion(-)
rename meta/recipes-devtools/bison/{bison_3.5.3.bb => bison_3.5.4.bb} (94%)
create mode 100644 meta/recipes-devtools/python/python3/CVE-2020-27619.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-24352.patch
create mode 100644 meta/recipes-support/libproxy/libproxy/CVE-2020-26154.patch
--
2.17.1
^ permalink raw reply [flat|nested] 6+ messages in thread
* [OE-core][dunfell 1/5] libproxy: fix CVE-2020-26154
2020-11-21 0:13 [OE-core][dunfell 0/5] Patch review Steve Sakoman
@ 2020-11-21 0:14 ` Steve Sakoman
2020-11-21 0:14 ` [OE-core][dunfell 2/5] bison: update to 3.5.4 for CVE-2020-14150 Steve Sakoman
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: Steve Sakoman @ 2020-11-21 0:14 UTC (permalink / raw)
To: openembedded-core
From: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../libproxy/libproxy/CVE-2020-26154.patch | 98 +++++++++++++++++++
.../libproxy/libproxy_0.4.15.bb | 1 +
2 files changed, 99 insertions(+)
create mode 100644 meta/recipes-support/libproxy/libproxy/CVE-2020-26154.patch
diff --git a/meta/recipes-support/libproxy/libproxy/CVE-2020-26154.patch b/meta/recipes-support/libproxy/libproxy/CVE-2020-26154.patch
new file mode 100644
index 0000000000..0ccb99da81
--- /dev/null
+++ b/meta/recipes-support/libproxy/libproxy/CVE-2020-26154.patch
@@ -0,0 +1,98 @@
+From 4411b523545b22022b4be7d0cac25aa170ae1d3e Mon Sep 17 00:00:00 2001
+From: Fei Li <lifeibiren@gmail.com>
+Date: Fri, 17 Jul 2020 02:18:37 +0800
+Subject: [PATCH] Fix buffer overflow when PAC is enabled
+
+The bug was found on Windows 10 (MINGW64) when PAC is enabled. It turned
+out to be the large PAC file (more than 102400 bytes) returned by a
+local proxy program with no content-length present.
+
+Upstream-Status: Backport [https://github.com/libproxy/libproxy/commit/6d342b50366a048d3d543952e2be271b5742c5f8]
+CVE: CVE-2020-26154
+Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
+
+---
+ libproxy/url.cpp | 44 +++++++++++++++++++++++++++++++-------------
+ 1 file changed, 31 insertions(+), 13 deletions(-)
+
+diff --git a/libproxy/url.cpp b/libproxy/url.cpp
+index ee776b2..8684086 100644
+--- a/libproxy/url.cpp
++++ b/libproxy/url.cpp
+@@ -54,7 +54,7 @@ using namespace std;
+ #define PAC_MIME_TYPE_FB "text/plain"
+
+ // This is the maximum pac size (to avoid memory attacks)
+-#define PAC_MAX_SIZE 102400
++#define PAC_MAX_SIZE 0x800000
+ // This is the default block size to use when receiving via HTTP
+ #define PAC_HTTP_BLOCK_SIZE 512
+
+@@ -478,15 +478,13 @@ char* url::get_pac() {
+ }
+
+ // Get content
+- unsigned int recvd = 0;
+- buffer = new char[PAC_MAX_SIZE];
+- memset(buffer, 0, PAC_MAX_SIZE);
++ std::vector<char> dynamic_buffer;
+ do {
+ unsigned int chunk_length;
+
+ if (chunked) {
+ // Discard the empty line if we received a previous chunk
+- if (recvd > 0) recvline(sock);
++ if (!dynamic_buffer.empty()) recvline(sock);
+
+ // Get the chunk-length line as an integer
+ if (sscanf(recvline(sock).c_str(), "%x", &chunk_length) != 1 || chunk_length == 0) break;
+@@ -498,21 +496,41 @@ char* url::get_pac() {
+
+ if (content_length >= PAC_MAX_SIZE) break;
+
+- while (content_length == 0 || recvd != content_length) {
+- int r = recv(sock, buffer + recvd,
+- content_length == 0 ? PAC_HTTP_BLOCK_SIZE
+- : content_length - recvd, 0);
++ while (content_length == 0 || dynamic_buffer.size() != content_length) {
++ // Calculate length to recv
++ unsigned int length_to_read = PAC_HTTP_BLOCK_SIZE;
++ if (content_length > 0)
++ length_to_read = content_length - dynamic_buffer.size();
++
++ // Prepare buffer
++ dynamic_buffer.resize(dynamic_buffer.size() + length_to_read);
++
++ int r = recv(sock, dynamic_buffer.data() + dynamic_buffer.size() - length_to_read, length_to_read, 0);
++
++ // Shrink buffer to fit
++ if (r >= 0)
++ dynamic_buffer.resize(dynamic_buffer.size() - length_to_read + r);
++
++ // PAC size too large, discard
++ if (dynamic_buffer.size() >= PAC_MAX_SIZE) {
++ chunked = false;
++ dynamic_buffer.clear();
++ break;
++ }
++
+ if (r <= 0) {
+ chunked = false;
+ break;
+ }
+- recvd += r;
+ }
+ } while (chunked);
+
+- if (content_length != 0 && string(buffer).size() != content_length) {
+- delete[] buffer;
+- buffer = NULL;
++ if (content_length == 0 || content_length == dynamic_buffer.size()) {
++ buffer = new char[dynamic_buffer.size() + 1];
++ if (!dynamic_buffer.empty()) {
++ memcpy(buffer, dynamic_buffer.data(), dynamic_buffer.size());
++ }
++ buffer[dynamic_buffer.size()] = '\0';
+ }
+ }
+
diff --git a/meta/recipes-support/libproxy/libproxy_0.4.15.bb b/meta/recipes-support/libproxy/libproxy_0.4.15.bb
index a14c358cc2..6f704d7a91 100644
--- a/meta/recipes-support/libproxy/libproxy_0.4.15.bb
+++ b/meta/recipes-support/libproxy/libproxy_0.4.15.bb
@@ -11,6 +11,7 @@ DEPENDS = "glib-2.0"
SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${PV}/${BP}.tar.xz \
file://0001-get-pac-test-Fix-build-with-clang-libc.patch \
file://CVE-2020-25219.patch \
+ file://CVE-2020-26154.patch \
"
SRC_URI[md5sum] = "f6b1d2a1e17a99cd3debaae6d04ab152"
SRC_URI[sha256sum] = "654db464120c9534654590b6683c7fa3887b3dad0ca1c4cd412af24fbfca6d4f"
--
2.17.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [OE-core][dunfell 2/5] bison: update to 3.5.4 for CVE-2020-14150
2020-11-21 0:13 [OE-core][dunfell 0/5] Patch review Steve Sakoman
2020-11-21 0:14 ` [OE-core][dunfell 1/5] libproxy: fix CVE-2020-26154 Steve Sakoman
@ 2020-11-21 0:14 ` Steve Sakoman
2020-11-21 0:14 ` [OE-core][dunfell 3/5] python3: whitelist CVE-2020-15523 Steve Sakoman
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: Steve Sakoman @ 2020-11-21 0:14 UTC (permalink / raw)
To: openembedded-core
From: Lee Chee Yang <chee.yang.lee@intel.com>
Release notes:
https://lists.gnu.org/archive/html/info-gnu/2020-04/msg00000.html
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-devtools/bison/{bison_3.5.3.bb => bison_3.5.4.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-devtools/bison/{bison_3.5.3.bb => bison_3.5.4.bb} (94%)
diff --git a/meta/recipes-devtools/bison/bison_3.5.3.bb b/meta/recipes-devtools/bison/bison_3.5.4.bb
similarity index 94%
rename from meta/recipes-devtools/bison/bison_3.5.3.bb
rename to meta/recipes-devtools/bison/bison_3.5.4.bb
index e6c169e9db..9830721038 100644
--- a/meta/recipes-devtools/bison/bison_3.5.3.bb
+++ b/meta/recipes-devtools/bison/bison_3.5.4.bb
@@ -14,7 +14,7 @@ SRC_URI = "${GNU_MIRROR}/bison/bison-${PV}.tar.xz \
file://add-with-bisonlocaledir.patch \
file://0001-bison-fix-the-parallel-build.patch \
"
-SRC_URI[sha256sum] = "2bf85b5f88a5f2fa8069aed2a2dfc3a9f8d15a97e59c713e3906e5fdd982a7c4"
+SRC_URI[sha256sum] = "4c17e99881978fa32c05933c5262457fa5b2b611668454f8dc2a695cd6b3720c"
# No point in hardcoding path to m4, just use PATH
EXTRA_OECONF += "M4=m4"
--
2.17.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [OE-core][dunfell 3/5] python3: whitelist CVE-2020-15523
2020-11-21 0:13 [OE-core][dunfell 0/5] Patch review Steve Sakoman
2020-11-21 0:14 ` [OE-core][dunfell 1/5] libproxy: fix CVE-2020-26154 Steve Sakoman
2020-11-21 0:14 ` [OE-core][dunfell 2/5] bison: update to 3.5.4 for CVE-2020-14150 Steve Sakoman
@ 2020-11-21 0:14 ` Steve Sakoman
2020-11-21 0:14 ` [OE-core][dunfell 4/5] python3: fix CVE-2020-27619 Steve Sakoman
2020-11-21 0:14 ` [OE-core][dunfell 5/5] qemu: fix CVE-2020-24352 Steve Sakoman
4 siblings, 0 replies; 6+ messages in thread
From: Steve Sakoman @ 2020-11-21 0:14 UTC (permalink / raw)
To: openembedded-core
From: Lee Chee Yang <chee.yang.lee@intel.com>
This CVE is issue on _Py_CheckPython3 uses uninitialized dllpath when embedder sets module path with Py_SetPath.
Since it is .dll issue (on windows only), hence whitelist it.
https://bugs.python.org/issue29778
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-devtools/python/python3_3.8.2.bb | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta/recipes-devtools/python/python3_3.8.2.bb b/meta/recipes-devtools/python/python3_3.8.2.bb
index 758ed87546..5f7901dbf2 100644
--- a/meta/recipes-devtools/python/python3_3.8.2.bb
+++ b/meta/recipes-devtools/python/python3_3.8.2.bb
@@ -54,6 +54,9 @@ CVE_PRODUCT = "python"
# This is not exploitable when glibc has CVE-2016-10739 fixed.
CVE_CHECK_WHITELIST += "CVE-2019-18348"
+# This is windows only issue.
+CVE_CHECK_WHITELIST += "CVE-2020-15523"
+
PYTHON_MAJMIN = "3.8"
S = "${WORKDIR}/Python-${PV}"
--
2.17.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [OE-core][dunfell 4/5] python3: fix CVE-2020-27619
2020-11-21 0:13 [OE-core][dunfell 0/5] Patch review Steve Sakoman
` (2 preceding siblings ...)
2020-11-21 0:14 ` [OE-core][dunfell 3/5] python3: whitelist CVE-2020-15523 Steve Sakoman
@ 2020-11-21 0:14 ` Steve Sakoman
2020-11-21 0:14 ` [OE-core][dunfell 5/5] qemu: fix CVE-2020-24352 Steve Sakoman
4 siblings, 0 replies; 6+ messages in thread
From: Steve Sakoman @ 2020-11-21 0:14 UTC (permalink / raw)
To: openembedded-core
From: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../python/python3/CVE-2020-27619.patch | 70 +++++++++++++++++++
meta/recipes-devtools/python/python3_3.8.2.bb | 1 +
2 files changed, 71 insertions(+)
create mode 100644 meta/recipes-devtools/python/python3/CVE-2020-27619.patch
diff --git a/meta/recipes-devtools/python/python3/CVE-2020-27619.patch b/meta/recipes-devtools/python/python3/CVE-2020-27619.patch
new file mode 100644
index 0000000000..bafa1cb999
--- /dev/null
+++ b/meta/recipes-devtools/python/python3/CVE-2020-27619.patch
@@ -0,0 +1,70 @@
+From 6c6c256df3636ff6f6136820afaefa5a10a3ac33 Mon Sep 17 00:00:00 2001
+From: "Miss Skeleton (bot)" <31488909+miss-islington@users.noreply.github.com>
+Date: Tue, 6 Oct 2020 05:38:54 -0700
+Subject: [PATCH] bpo-41944: No longer call eval() on content received via HTTP
+ in the CJK codec tests (GH-22566) (GH-22577)
+
+(cherry picked from commit 2ef5caa58febc8968e670e39e3d37cf8eef3cab8)
+
+Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
+
+Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
+
+Upstream-Status: Backport [https://github.com/python/cpython/commit/6c6c256df3636ff6f6136820afaefa5a10a3ac33]
+CVE: CVE-2020-27619
+Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
+---
+ Lib/test/multibytecodec_support.py | 22 +++++++------------
+ .../2020-10-05-17-43-46.bpo-41944.rf1dYb.rst | 1 +
+ 2 files changed, 9 insertions(+), 14 deletions(-)
+ create mode 100644 Misc/NEWS.d/next/Tests/2020-10-05-17-43-46.bpo-41944.rf1dYb.rst
+
+diff --git a/Lib/test/multibytecodec_support.py b/Lib/test/multibytecodec_support.py
+index cca8af67d6d1d..f76c0153f5ecf 100644
+--- a/Lib/test/multibytecodec_support.py
++++ b/Lib/test/multibytecodec_support.py
+@@ -305,29 +305,23 @@ def test_mapping_file(self):
+ self._test_mapping_file_plain()
+
+ def _test_mapping_file_plain(self):
+- unichrs = lambda s: ''.join(map(chr, map(eval, s.split('+'))))
++ def unichrs(s):
++ return ''.join(chr(int(x, 16)) for x in s.split('+'))
++
+ urt_wa = {}
+
+ with self.open_mapping_file() as f:
+ for line in f:
+ if not line:
+ break
+- data = line.split('#')[0].strip().split()
++ data = line.split('#')[0].split()
+ if len(data) != 2:
+ continue
+
+- csetval = eval(data[0])
+- if csetval <= 0x7F:
+- csetch = bytes([csetval & 0xff])
+- elif csetval >= 0x1000000:
+- csetch = bytes([(csetval >> 24), ((csetval >> 16) & 0xff),
+- ((csetval >> 8) & 0xff), (csetval & 0xff)])
+- elif csetval >= 0x10000:
+- csetch = bytes([(csetval >> 16), ((csetval >> 8) & 0xff),
+- (csetval & 0xff)])
+- elif csetval >= 0x100:
+- csetch = bytes([(csetval >> 8), (csetval & 0xff)])
+- else:
++ if data[0][:2] != '0x':
++ self.fail(f"Invalid line: {line!r}")
++ csetch = bytes.fromhex(data[0][2:])
++ if len(csetch) == 1 and 0x80 <= csetch[0]:
+ continue
+
+ unich = unichrs(data[1])
+diff --git a/Misc/NEWS.d/next/Tests/2020-10-05-17-43-46.bpo-41944.rf1dYb.rst b/Misc/NEWS.d/next/Tests/2020-10-05-17-43-46.bpo-41944.rf1dYb.rst
+new file mode 100644
+index 0000000000000..4f9782f1c85af
+--- /dev/null
++++ b/Misc/NEWS.d/next/Tests/2020-10-05-17-43-46.bpo-41944.rf1dYb.rst
+@@ -0,0 +1 @@
++Tests for CJK codecs no longer call ``eval()`` on content received via HTTP.
diff --git a/meta/recipes-devtools/python/python3_3.8.2.bb b/meta/recipes-devtools/python/python3_3.8.2.bb
index 5f7901dbf2..1d0b4cdb77 100644
--- a/meta/recipes-devtools/python/python3_3.8.2.bb
+++ b/meta/recipes-devtools/python/python3_3.8.2.bb
@@ -35,6 +35,7 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \
file://0001-bpo-39503-CVE-2020-8492-Fix-AbstractBasicAuthHandler.patch \
file://CVE-2020-14422.patch \
file://CVE-2020-26116.patch \
+ file://CVE-2020-27619.patch \
"
SRC_URI_append_class-native = " \
--
2.17.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [OE-core][dunfell 5/5] qemu: fix CVE-2020-24352
2020-11-21 0:13 [OE-core][dunfell 0/5] Patch review Steve Sakoman
` (3 preceding siblings ...)
2020-11-21 0:14 ` [OE-core][dunfell 4/5] python3: fix CVE-2020-27619 Steve Sakoman
@ 2020-11-21 0:14 ` Steve Sakoman
4 siblings, 0 replies; 6+ messages in thread
From: Steve Sakoman @ 2020-11-21 0:14 UTC (permalink / raw)
To: openembedded-core
From: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-devtools/qemu/qemu.inc | 1 +
.../qemu/qemu/CVE-2020-24352.patch | 52 +++++++++++++++++++
2 files changed, 53 insertions(+)
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-24352.patch
diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index b6941403ea..067179fdeb 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -50,6 +50,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \
file://CVE-2020-16092.patch \
file://0001-target-mips-Increase-number-of-TLB-entries-on-the-34.patch \
file://CVE-2019-20175.patch \
+ file://CVE-2020-24352.patch \
"
UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar"
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-24352.patch b/meta/recipes-devtools/qemu/qemu/CVE-2020-24352.patch
new file mode 100644
index 0000000000..861ff6c3b0
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-24352.patch
@@ -0,0 +1,52 @@
+From ca1f9cbfdce4d63b10d57de80fef89a89d92a540 Mon Sep 17 00:00:00 2001
+From: Prasad J Pandit <pjp@fedoraproject.org>
+Date: Wed, 21 Oct 2020 16:08:18 +0530
+Subject: [PATCH 1/1] ati: check x y display parameter values
+
+The source and destination x,y display parameters in ati_2d_blt()
+may run off the vga limits if either of s->regs.[src|dst]_[xy] is
+zero. Check the parameter values to avoid potential crash.
+
+Reported-by: Gaoning Pan <pgn@zju.edu.cn>
+Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
+Message-id: 20201021103818.1704030-1-ppandit@redhat.com
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+
+Upstream-Status: Backport [ https://git.qemu.org/?p=qemu.git;a=commitdiff;h=ca1f9cbfdce4d63b10d57de80fef89a89d92a540;hp=2ddafce7f797082ad216657c830afd4546f16e37 ]
+CVE: CVE-2020-24352
+Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
+---
+ hw/display/ati_2d.c | 10 ++++++----
+ 1 file changed, 6 insertions(+), 4 deletions(-)
+
+diff --git a/hw/display/ati_2d.c b/hw/display/ati_2d.c
+index 23a8ae0..4dc10ea 100644
+--- a/hw/display/ati_2d.c
++++ b/hw/display/ati_2d.c
+@@ -75,8 +75,9 @@ void ati_2d_blt(ATIVGAState *s)
+ dst_stride *= bpp;
+ }
+ uint8_t *end = s->vga.vram_ptr + s->vga.vram_size;
+- if (dst_bits >= end || dst_bits + dst_x + (dst_y + s->regs.dst_height) *
+- dst_stride >= end) {
++ if (dst_x > 0x3fff || dst_y > 0x3fff || dst_bits >= end
++ || dst_bits + dst_x
++ + (dst_y + s->regs.dst_height) * dst_stride >= end) {
+ qemu_log_mask(LOG_UNIMP, "blt outside vram not implemented\n");
+ return;
+ }
+@@ -107,8 +108,9 @@ void ati_2d_blt(ATIVGAState *s)
+ src_bits += s->regs.crtc_offset & 0x07ffffff;
+ src_stride *= bpp;
+ }
+- if (src_bits >= end || src_bits + src_x +
+- (src_y + s->regs.dst_height) * src_stride >= end) {
++ if (src_x > 0x3fff || src_y > 0x3fff || src_bits >= end
++ || src_bits + src_x
++ + (src_y + s->regs.dst_height) * src_stride >= end) {
+ qemu_log_mask(LOG_UNIMP, "blt outside vram not implemented\n");
+ return;
+ }
+--
+1.8.3.1
+
--
2.17.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
end of thread, other threads:[~2020-11-21 0:14 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-11-21 0:13 [OE-core][dunfell 0/5] Patch review Steve Sakoman
2020-11-21 0:14 ` [OE-core][dunfell 1/5] libproxy: fix CVE-2020-26154 Steve Sakoman
2020-11-21 0:14 ` [OE-core][dunfell 2/5] bison: update to 3.5.4 for CVE-2020-14150 Steve Sakoman
2020-11-21 0:14 ` [OE-core][dunfell 3/5] python3: whitelist CVE-2020-15523 Steve Sakoman
2020-11-21 0:14 ` [OE-core][dunfell 4/5] python3: fix CVE-2020-27619 Steve Sakoman
2020-11-21 0:14 ` [OE-core][dunfell 5/5] qemu: fix CVE-2020-24352 Steve Sakoman
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.