OpenEmbedded Core Layer

Show patches with: Submitter = Vivek Kumbhar | State = Action Required | 44 patches

Patch	Series	A/R/T	S/W/F	Date	Submitter	Delegate	State
[kirkstone] libsndfile: fix CVE-2022-33065 Signed integer overflow in src/mat4.c	[kirkstone] libsndfile: fix CVE-2022-33065 Signed integer overflow in src/mat4.c	- - -	---	2023-11-30	Vivek Kumbhar	sakoman	New
[kirkstone] openssl: fix CVE-2023-5678 Generating excessively long X9.42 DH keys or checking excess…	[kirkstone] openssl: fix CVE-2023-5678 Generating excessively long X9.42 DH keys or checking excess…	- - -	---	2023-11-22	Vivek Kumbhar	sakoman	New
[kirkstone] qemu: fix CVE-2023-3354 VNC: improper I/O watch removal in TLS handshake can lead to re…	[kirkstone] qemu: fix CVE-2023-3354 VNC: improper I/O watch removal in TLS handshake can lead to re…	- - -	---	2023-08-10	Vivek Kumbhar		New
[kirkstone] go: fix CVE-2023-29406 net/http insufficient sanitization of Host header	[kirkstone] go: fix CVE-2023-29406 net/http insufficient sanitization of Host header	- - -	---	2023-07-26	Vivek Kumbhar		New
[meta-oe,kirkstone,v3] curl: Added CVE-2023-28320 Follow-up patch	[meta-oe,kirkstone,v3] curl: Added CVE-2023-28320 Follow-up patch	- - -	---	2023-07-13	Vivek Kumbhar		New
[kirkstone,v2] curl: fix CVE-2023-28320 siglongjmp race condition may lead to crash	[kirkstone,v2] curl: fix CVE-2023-28320 siglongjmp race condition may lead to crash	- - -	---	2023-07-12	Vivek Kumbhar		New
python3: fix CVE-2023-24329 urllib.parse url blocklisting bypass	python3: fix CVE-2023-24329 urllib.parse url blocklisting bypass	- - -	---	2023-07-11	Vivek Kumbhar		New
[dunfell] curl: fix CVE-2023-28320 siglongjmp race condition may lead to crash	[dunfell] curl: fix CVE-2023-28320 siglongjmp race condition may lead to crash	- - -	---	2023-07-10	Vivek Kumbhar		New
[kirkstone] cups: fix CVE-2023-34241 use-after-free in cupsdAcceptClient() in scheduler/client.c	[kirkstone] cups: fix CVE-2023-34241 use-after-free in cupsdAcceptClient() in scheduler/client.c	- - -	---	2023-07-05	Vivek Kumbhar		New
[kirkstone,v3] libcap: fix CVE-2023-2603 Integer Overflow in _libcap_strdup()	[kirkstone,v3] libcap: fix CVE-2023-2603 Integer Overflow in _libcap_strdup()	- - -	---	2023-06-29	Vivek Kumbhar		New
[kirkstone] go: fix CVE-2023-29400 html/template improper handling of empty HTML attributes	[kirkstone] go: fix CVE-2023-29400 html/template improper handling of empty HTML attributes	- - -	---	2023-06-28	Vivek Kumbhar		New
[kirkstone,v2] libcap: fix CVE-2023-2603 Integer Overflow in _libcap_strdup()	[kirkstone,v2] libcap: fix CVE-2023-2603 Integer Overflow in _libcap_strdup()	- - -	---	2023-06-26	Vivek Kumbhar		New
[kirkstone] libcap: CVE-2023-2603 Integer Overflow in _libcap_strdup()	[kirkstone] libcap: CVE-2023-2603 Integer Overflow in _libcap_strdup()	- - -	---	2023-06-23	Vivek Kumbhar		New
[kirkstone-nut] go: fix CVE-2023-24539 html/template improper sanitization of CSS values	[kirkstone-nut] go: fix CVE-2023-24539 html/template improper sanitization of CSS values	- - -	---	2023-05-31	Vivek Kumbhar		New
[dunfell] freetype: fix CVE-2023-2004 integer overflowin in tt_hvadvance_adjust() in src/truetype/t…	[dunfell] freetype: fix CVE-2023-2004 integer overflowin in tt_hvadvance_adjust() in src/truetype/t…	- - -	---	2023-05-03	Vivek Kumbhar		New
[kirkstone] freetype: fix CVE-2023-2004 integer overflowin in tt_hvadvance_adjust() in src/truetype…	[kirkstone] freetype: fix CVE-2023-2004 integer overflowin in tt_hvadvance_adjust() in src/truetype…	- - -	---	2023-04-29	Vivek Kumbhar		New
[kirkstone] go: fix CVE-2023-24534 denial of service from excessive memory allocation	[kirkstone] go: fix CVE-2023-24534 denial of service from excessive memory allocation	- - -	---	2023-04-29	Vivek Kumbhar		New
[dunfell] gnutls: fix CVE-2023-0361 timing side-channel in the TLS RSA key exchange code	[dunfell] gnutls: fix CVE-2023-0361 timing side-channel in the TLS RSA key exchange code	- - -	---	2023-03-08	Vivek Kumbhar		New
[kirkstone] gnutls: fix CVE-2023-0361 timing side-channel in the TLS RSA key exchange code	[kirkstone] gnutls: fix CVE-2023-0361 timing side-channel in the TLS RSA key exchange code	- - -	---	2023-03-07	Vivek Kumbhar		New
[kirkstone,v2] rpm: fix CVE-2021-35938 races with chown/chmod/capabilities calls during installation	[kirkstone,v2] rpm: fix CVE-2021-35938 races with chown/chmod/capabilities calls during installation	- - -	---	2023-03-02	Vivek Kumbhar		New
[master] Upgrade bind-9.18.11 -> bind-9.19.9	[master] Upgrade bind-9.18.11 -> bind-9.19.9	- - -	---	2023-02-27	Vivek Kumbhar		New
[kirkstone] rpm: update 4.17.1 -> 4.18	[kirkstone] rpm: update 4.17.1 -> 4.18	- - -	---	2023-02-27	Vivek Kumbhar		New
[dunfell] harfbuzz: fix CVE-2023-25193 allows attackers to trigger O(n^2) growth via consecutive ma…	[dunfell] harfbuzz: fix CVE-2023-25193 allows attackers to trigger O(n^2) growth via consecutive ma…	- - -	---	2023-02-27	Vivek Kumbhar		New
[kirkstone] harfbuzz: fix CVE-2023-25193 allows attackers to trigger O(n^2) growth via consecutive …	[kirkstone] harfbuzz: fix CVE-2023-25193 allows attackers to trigger O(n^2) growth via consecutive …	- - -	---	2023-02-27	Vivek Kumbhar		New
[kirkstone] bind: Upgrade bind-9.18.11 -> bind-9.19.9	[kirkstone] bind: Upgrade bind-9.18.11 -> bind-9.19.9	- - -	---	2023-02-24	Vivek Kumbhar		New
[dunfell] qemu: fix CVE-2021-3929 nvme DMA reentrancy issue leads to use-after-free	[dunfell] qemu: fix CVE-2021-3929 nvme DMA reentrancy issue leads to use-after-free	- - -	---	2023-02-08	Vivek Kumbhar		New
[dunfell,v2] go: fix CVE-2022-1962 go/parser stack exhaustion in all Parse* functions	[dunfell,v2] go: fix CVE-2022-1962 go/parser stack exhaustion in all Parse* functions	- - -	---	2023-01-31	Vivek Kumbhar		New
[kirkstone] xorg-x11-server: fix multiple xorg-x11-server bugs.	[kirkstone] xorg-x11-server: fix multiple xorg-x11-server bugs.	- - -	---	2023-01-25	Vivek Kumbhar		New
[langdale] openssl: fix CVE-2022-3996 double locking leads to denial of service	[langdale] openssl: fix CVE-2022-3996 double locking leads to denial of service	- - -	---	2023-01-23	Vivek Kumbhar		New
[langdale] openssl: fix CVE-2022-3996 double locking leads to denial of service	[langdale] openssl: fix CVE-2022-3996 double locking leads to denial of service	- - -	---	2023-01-23	Vivek Kumbhar		New
[dunfell] go: fix CVE-2022-1962 go/parser stack exhaustion in all Parse* functions	[dunfell] go: fix CVE-2022-1962 go/parser stack exhaustion in all Parse* functions	- - -	---	2022-12-21	Vivek Kumbhar		New
[kirkstone] python3: fix CVE-2022-42919 local privilege escalation via the multiprocessing forkserv…	[kirkstone] python3: fix CVE-2022-42919 local privilege escalation via the multiprocessing forkserv…	- - -	---	2022-11-24	Vivek Kumbhar		New
[dunfell,v2] python3: fix CVE-2022-42919 local privilege escalation via the multiprocessing forkser…	[dunfell,v2] python3: fix CVE-2022-42919 local privilege escalation via the multiprocessing forkser…	- - -	---	2022-11-24	Vivek Kumbhar		New
[dunfell,v2] qemu: fix CVE-2021-20196 block fdc null pointer dereference may lead to guest crash	[dunfell,v2] qemu: fix CVE-2021-20196 block fdc null pointer dereference may lead to guest crash	- - -	---	2022-11-17	Vivek Kumbhar		New
[dunfell,v2] libx11: fix CVE-2022-3555 memory leak in _XFreeX11XCBStructure() of xcb_disp.c	[dunfell,v2] libx11: fix CVE-2022-3555 memory leak in _XFreeX11XCBStructure() of xcb_disp.c	- - -	---	2022-11-17	Vivek Kumbhar		New
[dunfell] python: fix CVE-2022-42919 local privilege escalation via the multiprocessing forkserver …	[dunfell] python: fix CVE-2022-42919 local privilege escalation via the multiprocessing forkserver …	- - -	---	2022-11-17	Vivek Kumbhar		New
[dunfell,v2] qemu: fix CVE-2021-3638 ati-vga: inconsistent check in ati_2d_blt() may lead to out-of…	[dunfell,v2] qemu: fix CVE-2021-3638 ati-vga: inconsistent check in ati_2d_blt() may lead to out-of…	- - -	---	2022-11-11	Vivek Kumbhar		New
[dunfell,v2] curl: fix CVE-2022-32221 POST following PUT	[dunfell,v2] curl: fix CVE-2022-32221 POST following PUT	- - -	---	2022-11-11	Vivek Kumbhar		New
[dunfell] curl: fix CVE-2022-32221 POST following PUT confusion	[dunfell] curl: fix CVE-2022-32221 POST following PUT confusion	- - -	---	2022-11-10	Vivek Kumbhar		New
[dunfell] qemu: fix CVE-2021-3638	[dunfell] qemu: fix CVE-2021-3638	- - -	---	2022-10-11	Vivek Kumbhar		New
[dunfell] bind: fix CVE-2022-38178	[dunfell] bind: fix CVE-2022-38178	- - -	---	2022-10-11	Vivek Kumbhar		New
[dunfell] bluez: fix CVE-2022-39177	[dunfell] bluez: fix CVE-2022-39177	- - -	---	2022-10-11	Vivek Kumbhar		New
[dunfell] rsync: fix CVE-2022-29154	[dunfell] rsync: fix CVE-2022-29154	- - -	---	2022-10-11	Vivek Kumbhar		New
[dunfell] qemu: fix CVE-2021-20196	[dunfell] qemu: fix CVE-2021-20196	- - -	---	2022-10-11	Vivek Kumbhar		New