* kirkstone merge request: July 6th
@ 2023-07-06 11:23 akuster808
2023-07-06 14:59 ` Khem Raj
0 siblings, 1 reply; 2+ messages in thread
From: akuster808 @ 2023-07-06 11:23 UTC (permalink / raw)
To: Khem Raj, OpenEmbedded Devel List
The following changes since commit a82d92c8a6525da01524bf8f4a60bf6b35dcbb3d:
ExprTk: Update package to release/0.0.2 (2023-06-19 09:17:01 -0400)
are available in the Git repository at:
https://git.openembedded.org/meta-openembedded kirkstone-next
for you to fetch changes up to 346753705e49a2486867dc150181a1c7f4d69377:
webserver: nginx: Add stream Signed-off-by: Luke Schaefer
<lukeschafer17@gmail.com> (2023-07-04 10:20:46 -0400)
----------------------------------------------------------------
Beniamin Sandu (1):
mbedtls: add support for v3.x
Hitendra Prajapati (3):
wireshark: Fix Multiple CVEs
libssh: CVE-2020-16135 Fix NULL pointer dereference in sftpserver.c
yajl: CVE-2023-33460 memory leak in yajl_tree_parse function
Luke Schaefer (1):
webserver: nginx: Add stream Signed-off-by: Luke Schaefer
<lukeschafer17@gmail.com>
Narpat Mali (3):
opencv: fix for CVE-2023-2618
frr: fix for CVE-2023-31489
python3-werkzeug: fix for patch-fuzz
Peter Marko (3):
c-ares: backport patch for CVE-2023-31147
grpc: ignore CVE-2023-32732
ntp: backport patch for 5 CVEs CVE-2023-26551/2/3/4/5
Polampalli, Archana (1):
tcpreplay: upgrade 4.4.2 -> 4.4.4
Soumya (1):
opensc: Fix CVE-2023-2977
vkumbhar (1):
postgresql: fix CVE-2023-2454 & CVE-2023-2455
...1-aesce-do-not-specify-an-arch-version-when-enabling-c.patch | 33 ++
...2-aesce-use-correct-target-attribute-when-building-wit.patch | 34 ++
meta-networking/recipes-connectivity/mbedtls/mbedtls/run-ptest | 17 +
meta-networking/recipes-connectivity/mbedtls/mbedtls_3.4.0.bb | 83 ++++
meta-networking/recipes-protocols/frr/frr/CVE-2023-31489.patch | 52 ++
meta-networking/recipes-protocols/frr/frr_8.2.2.bb | 1 +
meta-networking/recipes-support/ntp/ntp/CVE-2023-2655x.patch | 323
+++++++++++++
meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb | 9 +
.../tcpreplay/{tcpreplay_4.4.2.bb => tcpreplay_4.4.4.bb} | 2 +-
.../recipes-support/wireshark/files/CVE-2023-0666.patch | 122
+++++
.../recipes-support/wireshark/files/CVE-2023-0667.patch | 66 +++
.../recipes-support/wireshark/files/CVE-2023-0668.patch | 33 ++
meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb | 3 +
meta-oe/recipes-dbs/postgresql/files/CVE-2023-2454.patch | 235
+++++++++
meta-oe/recipes-dbs/postgresql/files/CVE-2023-2455.patch | 118
+++++
meta-oe/recipes-dbs/postgresql/postgresql_14.5.bb | 2 +
meta-oe/recipes-devtools/grpc/grpc_1.46.7.bb | 3 +
meta-oe/recipes-devtools/yajl/yajl/CVE-2023-33460.patch | 29 ++
meta-oe/recipes-devtools/yajl/yajl_2.1.0.bb | 4 +-
meta-oe/recipes-support/c-ares/c-ares/CVE-2023-31147.patch | 717
++++++++++++++++++++++++++++
meta-oe/recipes-support/c-ares/c-ares_1.18.1.bb | 1 +
meta-oe/recipes-support/libssh/libssh/CVE-2020-16135.patch | 44 ++
meta-oe/recipes-support/libssh/libssh_0.8.9.bb | 4 +-
meta-oe/recipes-support/opencv/opencv/CVE-2023-2618.patch | 32 ++
meta-oe/recipes-support/opencv/opencv_4.5.5.bb | 1 +
meta-oe/recipes-support/opensc/files/CVE-2023-2977.patch | 53 ++
meta-oe/recipes-support/opensc/opensc_0.22.0.bb | 1 +
.../python/python3-werkzeug/CVE-2023-23934.patch | 35 +-
meta-webserver/recipes-httpd/nginx/nginx.inc | 1 +
29 files changed, 2038 insertions(+), 20 deletions(-)
create mode 100644
meta-networking/recipes-connectivity/mbedtls/mbedtls/0001-aesce-do-not-specify-an-arch-version-when-enabling-c.patch
create mode 100644
meta-networking/recipes-connectivity/mbedtls/mbedtls/0002-aesce-use-correct-target-attribute-when-building-wit.patch
create mode 100644
meta-networking/recipes-connectivity/mbedtls/mbedtls/run-ptest
create mode 100644
meta-networking/recipes-connectivity/mbedtls/mbedtls_3.4.0.bb
create mode 100644
meta-networking/recipes-protocols/frr/frr/CVE-2023-31489.patch
create mode 100755
meta-networking/recipes-support/ntp/ntp/CVE-2023-2655x.patch
rename meta-networking/recipes-support/tcpreplay/{tcpreplay_4.4.2.bb
=> tcpreplay_4.4.4.bb} (85%)
create mode 100644
meta-networking/recipes-support/wireshark/files/CVE-2023-0666.patch
create mode 100644
meta-networking/recipes-support/wireshark/files/CVE-2023-0667.patch
create mode 100644
meta-networking/recipes-support/wireshark/files/CVE-2023-0668.patch
create mode 100644
meta-oe/recipes-dbs/postgresql/files/CVE-2023-2454.patch
create mode 100644
meta-oe/recipes-dbs/postgresql/files/CVE-2023-2455.patch
create mode 100644 meta-oe/recipes-devtools/yajl/yajl/CVE-2023-33460.patch
create mode 100644
meta-oe/recipes-support/c-ares/c-ares/CVE-2023-31147.patch
create mode 100644
meta-oe/recipes-support/libssh/libssh/CVE-2020-16135.patch
create mode 100644
meta-oe/recipes-support/opencv/opencv/CVE-2023-2618.patch
create mode 100644
meta-oe/recipes-support/opensc/files/CVE-2023-2977.patch
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: kirkstone merge request: July 6th
2023-07-06 11:23 kirkstone merge request: July 6th akuster808
@ 2023-07-06 14:59 ` Khem Raj
0 siblings, 0 replies; 2+ messages in thread
From: Khem Raj @ 2023-07-06 14:59 UTC (permalink / raw)
To: akuster808; +Cc: OpenEmbedded Devel List
merged thanks Armin
On Thu, Jul 6, 2023 at 4:23 AM akuster808 <akuster808@gmail.com> wrote:
>
> The following changes since commit a82d92c8a6525da01524bf8f4a60bf6b35dcbb3d:
>
> ExprTk: Update package to release/0.0.2 (2023-06-19 09:17:01 -0400)
>
> are available in the Git repository at:
>
> https://git.openembedded.org/meta-openembedded kirkstone-next
>
> for you to fetch changes up to 346753705e49a2486867dc150181a1c7f4d69377:
>
> webserver: nginx: Add stream Signed-off-by: Luke Schaefer
> <lukeschafer17@gmail.com> (2023-07-04 10:20:46 -0400)
>
> ----------------------------------------------------------------
> Beniamin Sandu (1):
> mbedtls: add support for v3.x
>
> Hitendra Prajapati (3):
> wireshark: Fix Multiple CVEs
> libssh: CVE-2020-16135 Fix NULL pointer dereference in sftpserver.c
> yajl: CVE-2023-33460 memory leak in yajl_tree_parse function
>
> Luke Schaefer (1):
> webserver: nginx: Add stream Signed-off-by: Luke Schaefer
> <lukeschafer17@gmail.com>
>
> Narpat Mali (3):
> opencv: fix for CVE-2023-2618
> frr: fix for CVE-2023-31489
> python3-werkzeug: fix for patch-fuzz
>
> Peter Marko (3):
> c-ares: backport patch for CVE-2023-31147
> grpc: ignore CVE-2023-32732
> ntp: backport patch for 5 CVEs CVE-2023-26551/2/3/4/5
>
> Polampalli, Archana (1):
> tcpreplay: upgrade 4.4.2 -> 4.4.4
>
> Soumya (1):
> opensc: Fix CVE-2023-2977
>
> vkumbhar (1):
> postgresql: fix CVE-2023-2454 & CVE-2023-2455
>
> ...1-aesce-do-not-specify-an-arch-version-when-enabling-c.patch | 33 ++
> ...2-aesce-use-correct-target-attribute-when-building-wit.patch | 34 ++
> meta-networking/recipes-connectivity/mbedtls/mbedtls/run-ptest | 17 +
> meta-networking/recipes-connectivity/mbedtls/mbedtls_3.4.0.bb | 83 ++++
> meta-networking/recipes-protocols/frr/frr/CVE-2023-31489.patch | 52 ++
> meta-networking/recipes-protocols/frr/frr_8.2.2.bb | 1 +
> meta-networking/recipes-support/ntp/ntp/CVE-2023-2655x.patch | 323
> +++++++++++++
> meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb | 9 +
> .../tcpreplay/{tcpreplay_4.4.2.bb => tcpreplay_4.4.4.bb} | 2 +-
> .../recipes-support/wireshark/files/CVE-2023-0666.patch | 122
> +++++
> .../recipes-support/wireshark/files/CVE-2023-0667.patch | 66 +++
> .../recipes-support/wireshark/files/CVE-2023-0668.patch | 33 ++
> meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb | 3 +
> meta-oe/recipes-dbs/postgresql/files/CVE-2023-2454.patch | 235
> +++++++++
> meta-oe/recipes-dbs/postgresql/files/CVE-2023-2455.patch | 118
> +++++
> meta-oe/recipes-dbs/postgresql/postgresql_14.5.bb | 2 +
> meta-oe/recipes-devtools/grpc/grpc_1.46.7.bb | 3 +
> meta-oe/recipes-devtools/yajl/yajl/CVE-2023-33460.patch | 29 ++
> meta-oe/recipes-devtools/yajl/yajl_2.1.0.bb | 4 +-
> meta-oe/recipes-support/c-ares/c-ares/CVE-2023-31147.patch | 717
> ++++++++++++++++++++++++++++
> meta-oe/recipes-support/c-ares/c-ares_1.18.1.bb | 1 +
> meta-oe/recipes-support/libssh/libssh/CVE-2020-16135.patch | 44 ++
> meta-oe/recipes-support/libssh/libssh_0.8.9.bb | 4 +-
> meta-oe/recipes-support/opencv/opencv/CVE-2023-2618.patch | 32 ++
> meta-oe/recipes-support/opencv/opencv_4.5.5.bb | 1 +
> meta-oe/recipes-support/opensc/files/CVE-2023-2977.patch | 53 ++
> meta-oe/recipes-support/opensc/opensc_0.22.0.bb | 1 +
> .../python/python3-werkzeug/CVE-2023-23934.patch | 35 +-
> meta-webserver/recipes-httpd/nginx/nginx.inc | 1 +
> 29 files changed, 2038 insertions(+), 20 deletions(-)
> create mode 100644
> meta-networking/recipes-connectivity/mbedtls/mbedtls/0001-aesce-do-not-specify-an-arch-version-when-enabling-c.patch
> create mode 100644
> meta-networking/recipes-connectivity/mbedtls/mbedtls/0002-aesce-use-correct-target-attribute-when-building-wit.patch
> create mode 100644
> meta-networking/recipes-connectivity/mbedtls/mbedtls/run-ptest
> create mode 100644
> meta-networking/recipes-connectivity/mbedtls/mbedtls_3.4.0.bb
> create mode 100644
> meta-networking/recipes-protocols/frr/frr/CVE-2023-31489.patch
> create mode 100755
> meta-networking/recipes-support/ntp/ntp/CVE-2023-2655x.patch
> rename meta-networking/recipes-support/tcpreplay/{tcpreplay_4.4.2.bb
> => tcpreplay_4.4.4.bb} (85%)
> create mode 100644
> meta-networking/recipes-support/wireshark/files/CVE-2023-0666.patch
> create mode 100644
> meta-networking/recipes-support/wireshark/files/CVE-2023-0667.patch
> create mode 100644
> meta-networking/recipes-support/wireshark/files/CVE-2023-0668.patch
> create mode 100644
> meta-oe/recipes-dbs/postgresql/files/CVE-2023-2454.patch
> create mode 100644
> meta-oe/recipes-dbs/postgresql/files/CVE-2023-2455.patch
> create mode 100644 meta-oe/recipes-devtools/yajl/yajl/CVE-2023-33460.patch
> create mode 100644
> meta-oe/recipes-support/c-ares/c-ares/CVE-2023-31147.patch
> create mode 100644
> meta-oe/recipes-support/libssh/libssh/CVE-2020-16135.patch
> create mode 100644
> meta-oe/recipes-support/opencv/opencv/CVE-2023-2618.patch
> create mode 100644
> meta-oe/recipes-support/opensc/files/CVE-2023-2977.patch
>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-07-06 15:00 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-07-06 11:23 kirkstone merge request: July 6th akuster808
2023-07-06 14:59 ` Khem Raj
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.