[kirkstone,0/5] kirkstone CVE cleanup

Message ID	20241231212511.3649711-1-peter.marko@siemens.com
Headers	show Return-Path: <peter.marko@siemens.com> ip: 185.136.64.228, mailfrom: fm-256628-20241231212559ae8a7479c326801ea6-ciimcy@rts-flowmailer.siemens.com) From: Peter Marko <peter.marko@siemens.com> To: openembedded-core@lists.openembedded.org Cc: Peter Marko <peter.marko@siemens.com> Subject: [OE-core][kirkstone][PATCH 0/5] kirkstone CVE cleanup Date: Tue, 31 Dec 2024 22:25:06 +0100 Message-Id: <20241231212511.3649711-1-peter.marko@siemens.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Feedback-ID: 519:519-256628:519-21489:flowmailer
Series	kirkstone CVE cleanup \| expand [kirkstone,0/5] kirkstone CVE cleanup [kirkstone,1/5] ghostscript: ignore CVE-2024-46954 [kirkstone,2/5] tiff: ignore CVE-2023-2731 [kirkstone,3/5] tiff: patch CVE-2023-3164 [kirkstone,4/5] gstreame1.0: ignore CVEs from gstreamer1.0-plugins-bad [kirkstone,5/5] xwayland: patch CVE-2023-5380 CVE-2024-0229

Message ID

20241231212511.3649711-1-peter.marko@siemens.com

Headers

From: Peter Marko <peter.marko@siemens.com>
To: openembedded-core@lists.openembedded.org
Cc: Peter Marko <peter.marko@siemens.com>
Subject: [OE-core][kirkstone][PATCH 0/5] kirkstone CVE cleanup
Date: Tue, 31 Dec 2024 22:25:06 +0100
Message-Id: <20241231212511.3649711-1-peter.marko@siemens.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Feedback-ID: 519:519-256628:519-21489:flowmailer

Series

kirkstone CVE cleanup | expand

Message

Peter Marko Dec. 31, 2024, 9:25 p.m. UTC

Handle some CVEs from kirkstone cve metrics

Peter Marko (5):
  ghostscript: ignore CVE-2024-46954
  tiff: ignore CVE-2023-2731
  tiff: patch CVE-2023-3164
  gstreame1.0: ignore CVEs from gstreamer1.0-plugins-bad
  xwayland: patch CVE-2023-5380 CVE-2024-0229

 .../ghostscript/ghostscript_9.55.0.bb         |   2 +-
 .../xwayland/xwayland/CVE-2023-5380.patch     | 103 ++++++++
 .../xwayland/xwayland/CVE-2024-0229-1.patch   |  88 +++++++
 .../xwayland/xwayland/CVE-2024-0229-2.patch   | 222 ++++++++++++++++++
 .../xwayland/xwayland/CVE-2024-0229-3.patch   |  42 ++++
 .../xwayland/xwayland/CVE-2024-0229-4.patch   |  46 ++++
 .../xwayland/xwayland_22.1.8.bb               |   5 +
 .../gstreamer/gstreamer1.0_1.20.7.bb          |   4 +-
 .../libtiff/tiff/CVE-2023-3164.patch          | 114 +++++++++
 meta/recipes-multimedia/libtiff/tiff_4.3.0.bb |   5 +-
 10 files changed, 626 insertions(+), 5 deletions(-)
 create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2023-5380.patch
 create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2024-0229-1.patch
 create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2024-0229-2.patch
 create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2024-0229-3.patch
 create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2024-0229-4.patch
 create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-3164.patch