mbox series

kirkstone merge request: July 6th

Message ID 1623b1e1-d1cb-25a2-f1f1-7c665e766957@gmail.com
State New
Headers show
Series kirkstone merge request: July 6th | expand

Pull-request

https://git.openembedded.org/meta-openembedded kirkstone-next

Message

akuster808 July 6, 2023, 11:23 a.m. UTC
The following changes since commit a82d92c8a6525da01524bf8f4a60bf6b35dcbb3d:

   ExprTk: Update package to release/0.0.2 (2023-06-19 09:17:01 -0400)

are available in the Git repository at:

   https://git.openembedded.org/meta-openembedded kirkstone-next

for you to fetch changes up to 346753705e49a2486867dc150181a1c7f4d69377:

   webserver: nginx: Add stream Signed-off-by: Luke Schaefer 
<lukeschafer17@gmail.com> (2023-07-04 10:20:46 -0400)

----------------------------------------------------------------
Beniamin Sandu (1):
       mbedtls: add support for v3.x

Hitendra Prajapati (3):
       wireshark: Fix Multiple CVEs
       libssh: CVE-2020-16135 Fix NULL pointer dereference in sftpserver.c
       yajl: CVE-2023-33460 memory leak in yajl_tree_parse function

Luke Schaefer (1):
       webserver: nginx: Add stream Signed-off-by: Luke Schaefer 
<lukeschafer17@gmail.com>

Narpat Mali (3):
       opencv: fix for CVE-2023-2618
       frr: fix for CVE-2023-31489
       python3-werkzeug: fix for patch-fuzz

Peter Marko (3):
       c-ares: backport patch for CVE-2023-31147
       grpc: ignore CVE-2023-32732
       ntp: backport patch for 5 CVEs CVE-2023-26551/2/3/4/5

Polampalli, Archana (1):
       tcpreplay: upgrade 4.4.2 -> 4.4.4

Soumya (1):
       opensc: Fix CVE-2023-2977

vkumbhar (1):
       postgresql: fix CVE-2023-2454 & CVE-2023-2455

  ...1-aesce-do-not-specify-an-arch-version-when-enabling-c.patch | 33 ++
  ...2-aesce-use-correct-target-attribute-when-building-wit.patch | 34 ++
  meta-networking/recipes-connectivity/mbedtls/mbedtls/run-ptest  | 17 +
  meta-networking/recipes-connectivity/mbedtls/mbedtls_3.4.0.bb   | 83 ++++
  meta-networking/recipes-protocols/frr/frr/CVE-2023-31489.patch  | 52 ++
  meta-networking/recipes-protocols/frr/frr_8.2.2.bb              | 1 +
  meta-networking/recipes-support/ntp/ntp/CVE-2023-2655x.patch    | 323 
+++++++++++++
  meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb             | 9 +
  .../tcpreplay/{tcpreplay_4.4.2.bb => tcpreplay_4.4.4.bb} |   2 +-
  .../recipes-support/wireshark/files/CVE-2023-0666.patch         | 122 
+++++
  .../recipes-support/wireshark/files/CVE-2023-0667.patch         | 66 +++
  .../recipes-support/wireshark/files/CVE-2023-0668.patch         | 33 ++
  meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb   | 3 +
  meta-oe/recipes-dbs/postgresql/files/CVE-2023-2454.patch        | 235 
+++++++++
  meta-oe/recipes-dbs/postgresql/files/CVE-2023-2455.patch        | 118 
+++++
  meta-oe/recipes-dbs/postgresql/postgresql_14.5.bb               | 2 +
  meta-oe/recipes-devtools/grpc/grpc_1.46.7.bb                    | 3 +
  meta-oe/recipes-devtools/yajl/yajl/CVE-2023-33460.patch         | 29 ++
  meta-oe/recipes-devtools/yajl/yajl_2.1.0.bb                     | 4 +-
  meta-oe/recipes-support/c-ares/c-ares/CVE-2023-31147.patch      | 717 
++++++++++++++++++++++++++++
  meta-oe/recipes-support/c-ares/c-ares_1.18.1.bb                 | 1 +
  meta-oe/recipes-support/libssh/libssh/CVE-2020-16135.patch      | 44 ++
  meta-oe/recipes-support/libssh/libssh_0.8.9.bb                  | 4 +-
  meta-oe/recipes-support/opencv/opencv/CVE-2023-2618.patch       | 32 ++
  meta-oe/recipes-support/opencv/opencv_4.5.5.bb                  | 1 +
  meta-oe/recipes-support/opensc/files/CVE-2023-2977.patch        | 53 ++
  meta-oe/recipes-support/opensc/opensc_0.22.0.bb                 | 1 +
  .../python/python3-werkzeug/CVE-2023-23934.patch                | 35 +-
  meta-webserver/recipes-httpd/nginx/nginx.inc                    | 1 +
  29 files changed, 2038 insertions(+), 20 deletions(-)
  create mode 100644 
meta-networking/recipes-connectivity/mbedtls/mbedtls/0001-aesce-do-not-specify-an-arch-version-when-enabling-c.patch
  create mode 100644 
meta-networking/recipes-connectivity/mbedtls/mbedtls/0002-aesce-use-correct-target-attribute-when-building-wit.patch
  create mode 100644 
meta-networking/recipes-connectivity/mbedtls/mbedtls/run-ptest
  create mode 100644 
meta-networking/recipes-connectivity/mbedtls/mbedtls_3.4.0.bb
  create mode 100644 
meta-networking/recipes-protocols/frr/frr/CVE-2023-31489.patch
  create mode 100755 
meta-networking/recipes-support/ntp/ntp/CVE-2023-2655x.patch
  rename meta-networking/recipes-support/tcpreplay/{tcpreplay_4.4.2.bb 
=> tcpreplay_4.4.4.bb} (85%)
  create mode 100644 
meta-networking/recipes-support/wireshark/files/CVE-2023-0666.patch
  create mode 100644 
meta-networking/recipes-support/wireshark/files/CVE-2023-0667.patch
  create mode 100644 
meta-networking/recipes-support/wireshark/files/CVE-2023-0668.patch
  create mode 100644 
meta-oe/recipes-dbs/postgresql/files/CVE-2023-2454.patch
  create mode 100644 
meta-oe/recipes-dbs/postgresql/files/CVE-2023-2455.patch
  create mode 100644 meta-oe/recipes-devtools/yajl/yajl/CVE-2023-33460.patch
  create mode 100644 
meta-oe/recipes-support/c-ares/c-ares/CVE-2023-31147.patch
  create mode 100644 
meta-oe/recipes-support/libssh/libssh/CVE-2020-16135.patch
  create mode 100644 
meta-oe/recipes-support/opencv/opencv/CVE-2023-2618.patch
  create mode 100644 
meta-oe/recipes-support/opensc/files/CVE-2023-2977.patch

Comments

Khem Raj July 6, 2023, 2:59 p.m. UTC | #1
merged thanks Armin

On Thu, Jul 6, 2023 at 4:23 AM akuster808 <akuster808@gmail.com> wrote:
>
> The following changes since commit a82d92c8a6525da01524bf8f4a60bf6b35dcbb3d:
>
>    ExprTk: Update package to release/0.0.2 (2023-06-19 09:17:01 -0400)
>
> are available in the Git repository at:
>
>    https://git.openembedded.org/meta-openembedded kirkstone-next
>
> for you to fetch changes up to 346753705e49a2486867dc150181a1c7f4d69377:
>
>    webserver: nginx: Add stream Signed-off-by: Luke Schaefer
> <lukeschafer17@gmail.com> (2023-07-04 10:20:46 -0400)
>
> ----------------------------------------------------------------
> Beniamin Sandu (1):
>        mbedtls: add support for v3.x
>
> Hitendra Prajapati (3):
>        wireshark: Fix Multiple CVEs
>        libssh: CVE-2020-16135 Fix NULL pointer dereference in sftpserver.c
>        yajl: CVE-2023-33460 memory leak in yajl_tree_parse function
>
> Luke Schaefer (1):
>        webserver: nginx: Add stream Signed-off-by: Luke Schaefer
> <lukeschafer17@gmail.com>
>
> Narpat Mali (3):
>        opencv: fix for CVE-2023-2618
>        frr: fix for CVE-2023-31489
>        python3-werkzeug: fix for patch-fuzz
>
> Peter Marko (3):
>        c-ares: backport patch for CVE-2023-31147
>        grpc: ignore CVE-2023-32732
>        ntp: backport patch for 5 CVEs CVE-2023-26551/2/3/4/5
>
> Polampalli, Archana (1):
>        tcpreplay: upgrade 4.4.2 -> 4.4.4
>
> Soumya (1):
>        opensc: Fix CVE-2023-2977
>
> vkumbhar (1):
>        postgresql: fix CVE-2023-2454 & CVE-2023-2455
>
>   ...1-aesce-do-not-specify-an-arch-version-when-enabling-c.patch | 33 ++
>   ...2-aesce-use-correct-target-attribute-when-building-wit.patch | 34 ++
>   meta-networking/recipes-connectivity/mbedtls/mbedtls/run-ptest  | 17 +
>   meta-networking/recipes-connectivity/mbedtls/mbedtls_3.4.0.bb   | 83 ++++
>   meta-networking/recipes-protocols/frr/frr/CVE-2023-31489.patch  | 52 ++
>   meta-networking/recipes-protocols/frr/frr_8.2.2.bb              | 1 +
>   meta-networking/recipes-support/ntp/ntp/CVE-2023-2655x.patch    | 323
> +++++++++++++
>   meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb             | 9 +
>   .../tcpreplay/{tcpreplay_4.4.2.bb => tcpreplay_4.4.4.bb} |   2 +-
>   .../recipes-support/wireshark/files/CVE-2023-0666.patch         | 122
> +++++
>   .../recipes-support/wireshark/files/CVE-2023-0667.patch         | 66 +++
>   .../recipes-support/wireshark/files/CVE-2023-0668.patch         | 33 ++
>   meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb   | 3 +
>   meta-oe/recipes-dbs/postgresql/files/CVE-2023-2454.patch        | 235
> +++++++++
>   meta-oe/recipes-dbs/postgresql/files/CVE-2023-2455.patch        | 118
> +++++
>   meta-oe/recipes-dbs/postgresql/postgresql_14.5.bb               | 2 +
>   meta-oe/recipes-devtools/grpc/grpc_1.46.7.bb                    | 3 +
>   meta-oe/recipes-devtools/yajl/yajl/CVE-2023-33460.patch         | 29 ++
>   meta-oe/recipes-devtools/yajl/yajl_2.1.0.bb                     | 4 +-
>   meta-oe/recipes-support/c-ares/c-ares/CVE-2023-31147.patch      | 717
> ++++++++++++++++++++++++++++
>   meta-oe/recipes-support/c-ares/c-ares_1.18.1.bb                 | 1 +
>   meta-oe/recipes-support/libssh/libssh/CVE-2020-16135.patch      | 44 ++
>   meta-oe/recipes-support/libssh/libssh_0.8.9.bb                  | 4 +-
>   meta-oe/recipes-support/opencv/opencv/CVE-2023-2618.patch       | 32 ++
>   meta-oe/recipes-support/opencv/opencv_4.5.5.bb                  | 1 +
>   meta-oe/recipes-support/opensc/files/CVE-2023-2977.patch        | 53 ++
>   meta-oe/recipes-support/opensc/opensc_0.22.0.bb                 | 1 +
>   .../python/python3-werkzeug/CVE-2023-23934.patch                | 35 +-
>   meta-webserver/recipes-httpd/nginx/nginx.inc                    | 1 +
>   29 files changed, 2038 insertions(+), 20 deletions(-)
>   create mode 100644
> meta-networking/recipes-connectivity/mbedtls/mbedtls/0001-aesce-do-not-specify-an-arch-version-when-enabling-c.patch
>   create mode 100644
> meta-networking/recipes-connectivity/mbedtls/mbedtls/0002-aesce-use-correct-target-attribute-when-building-wit.patch
>   create mode 100644
> meta-networking/recipes-connectivity/mbedtls/mbedtls/run-ptest
>   create mode 100644
> meta-networking/recipes-connectivity/mbedtls/mbedtls_3.4.0.bb
>   create mode 100644
> meta-networking/recipes-protocols/frr/frr/CVE-2023-31489.patch
>   create mode 100755
> meta-networking/recipes-support/ntp/ntp/CVE-2023-2655x.patch
>   rename meta-networking/recipes-support/tcpreplay/{tcpreplay_4.4.2.bb
> => tcpreplay_4.4.4.bb} (85%)
>   create mode 100644
> meta-networking/recipes-support/wireshark/files/CVE-2023-0666.patch
>   create mode 100644
> meta-networking/recipes-support/wireshark/files/CVE-2023-0667.patch
>   create mode 100644
> meta-networking/recipes-support/wireshark/files/CVE-2023-0668.patch
>   create mode 100644
> meta-oe/recipes-dbs/postgresql/files/CVE-2023-2454.patch
>   create mode 100644
> meta-oe/recipes-dbs/postgresql/files/CVE-2023-2455.patch
>   create mode 100644 meta-oe/recipes-devtools/yajl/yajl/CVE-2023-33460.patch
>   create mode 100644
> meta-oe/recipes-support/c-ares/c-ares/CVE-2023-31147.patch
>   create mode 100644
> meta-oe/recipes-support/libssh/libssh/CVE-2020-16135.patch
>   create mode 100644
> meta-oe/recipes-support/opencv/opencv/CVE-2023-2618.patch
>   create mode 100644
> meta-oe/recipes-support/opensc/files/CVE-2023-2977.patch
>