| Message ID | 1623b1e1-d1cb-25a2-f1f1-7c665e766957@gmail.com |
|---|---|
| State | New |
| Headers | show |
| Series | kirkstone merge request: July 6th | expand |
merged thanks Armin On Thu, Jul 6, 2023 at 4:23 AM akuster808 <akuster808@gmail.com> wrote: > > The following changes since commit a82d92c8a6525da01524bf8f4a60bf6b35dcbb3d: > > ExprTk: Update package to release/0.0.2 (2023-06-19 09:17:01 -0400) > > are available in the Git repository at: > > https://git.openembedded.org/meta-openembedded kirkstone-next > > for you to fetch changes up to 346753705e49a2486867dc150181a1c7f4d69377: > > webserver: nginx: Add stream Signed-off-by: Luke Schaefer > <lukeschafer17@gmail.com> (2023-07-04 10:20:46 -0400) > > ---------------------------------------------------------------- > Beniamin Sandu (1): > mbedtls: add support for v3.x > > Hitendra Prajapati (3): > wireshark: Fix Multiple CVEs > libssh: CVE-2020-16135 Fix NULL pointer dereference in sftpserver.c > yajl: CVE-2023-33460 memory leak in yajl_tree_parse function > > Luke Schaefer (1): > webserver: nginx: Add stream Signed-off-by: Luke Schaefer > <lukeschafer17@gmail.com> > > Narpat Mali (3): > opencv: fix for CVE-2023-2618 > frr: fix for CVE-2023-31489 > python3-werkzeug: fix for patch-fuzz > > Peter Marko (3): > c-ares: backport patch for CVE-2023-31147 > grpc: ignore CVE-2023-32732 > ntp: backport patch for 5 CVEs CVE-2023-26551/2/3/4/5 > > Polampalli, Archana (1): > tcpreplay: upgrade 4.4.2 -> 4.4.4 > > Soumya (1): > opensc: Fix CVE-2023-2977 > > vkumbhar (1): > postgresql: fix CVE-2023-2454 & CVE-2023-2455 > > ...1-aesce-do-not-specify-an-arch-version-when-enabling-c.patch | 33 ++ > ...2-aesce-use-correct-target-attribute-when-building-wit.patch | 34 ++ > meta-networking/recipes-connectivity/mbedtls/mbedtls/run-ptest | 17 + > meta-networking/recipes-connectivity/mbedtls/mbedtls_3.4.0.bb | 83 ++++ > meta-networking/recipes-protocols/frr/frr/CVE-2023-31489.patch | 52 ++ > meta-networking/recipes-protocols/frr/frr_8.2.2.bb | 1 + > meta-networking/recipes-support/ntp/ntp/CVE-2023-2655x.patch | 323 > +++++++++++++ > meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb | 9 + > .../tcpreplay/{tcpreplay_4.4.2.bb => tcpreplay_4.4.4.bb} | 2 +- > .../recipes-support/wireshark/files/CVE-2023-0666.patch | 122 > +++++ > .../recipes-support/wireshark/files/CVE-2023-0667.patch | 66 +++ > .../recipes-support/wireshark/files/CVE-2023-0668.patch | 33 ++ > meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb | 3 + > meta-oe/recipes-dbs/postgresql/files/CVE-2023-2454.patch | 235 > +++++++++ > meta-oe/recipes-dbs/postgresql/files/CVE-2023-2455.patch | 118 > +++++ > meta-oe/recipes-dbs/postgresql/postgresql_14.5.bb | 2 + > meta-oe/recipes-devtools/grpc/grpc_1.46.7.bb | 3 + > meta-oe/recipes-devtools/yajl/yajl/CVE-2023-33460.patch | 29 ++ > meta-oe/recipes-devtools/yajl/yajl_2.1.0.bb | 4 +- > meta-oe/recipes-support/c-ares/c-ares/CVE-2023-31147.patch | 717 > ++++++++++++++++++++++++++++ > meta-oe/recipes-support/c-ares/c-ares_1.18.1.bb | 1 + > meta-oe/recipes-support/libssh/libssh/CVE-2020-16135.patch | 44 ++ > meta-oe/recipes-support/libssh/libssh_0.8.9.bb | 4 +- > meta-oe/recipes-support/opencv/opencv/CVE-2023-2618.patch | 32 ++ > meta-oe/recipes-support/opencv/opencv_4.5.5.bb | 1 + > meta-oe/recipes-support/opensc/files/CVE-2023-2977.patch | 53 ++ > meta-oe/recipes-support/opensc/opensc_0.22.0.bb | 1 + > .../python/python3-werkzeug/CVE-2023-23934.patch | 35 +- > meta-webserver/recipes-httpd/nginx/nginx.inc | 1 + > 29 files changed, 2038 insertions(+), 20 deletions(-) > create mode 100644 > meta-networking/recipes-connectivity/mbedtls/mbedtls/0001-aesce-do-not-specify-an-arch-version-when-enabling-c.patch > create mode 100644 > meta-networking/recipes-connectivity/mbedtls/mbedtls/0002-aesce-use-correct-target-attribute-when-building-wit.patch > create mode 100644 > meta-networking/recipes-connectivity/mbedtls/mbedtls/run-ptest > create mode 100644 > meta-networking/recipes-connectivity/mbedtls/mbedtls_3.4.0.bb > create mode 100644 > meta-networking/recipes-protocols/frr/frr/CVE-2023-31489.patch > create mode 100755 > meta-networking/recipes-support/ntp/ntp/CVE-2023-2655x.patch > rename meta-networking/recipes-support/tcpreplay/{tcpreplay_4.4.2.bb > => tcpreplay_4.4.4.bb} (85%) > create mode 100644 > meta-networking/recipes-support/wireshark/files/CVE-2023-0666.patch > create mode 100644 > meta-networking/recipes-support/wireshark/files/CVE-2023-0667.patch > create mode 100644 > meta-networking/recipes-support/wireshark/files/CVE-2023-0668.patch > create mode 100644 > meta-oe/recipes-dbs/postgresql/files/CVE-2023-2454.patch > create mode 100644 > meta-oe/recipes-dbs/postgresql/files/CVE-2023-2455.patch > create mode 100644 meta-oe/recipes-devtools/yajl/yajl/CVE-2023-33460.patch > create mode 100644 > meta-oe/recipes-support/c-ares/c-ares/CVE-2023-31147.patch > create mode 100644 > meta-oe/recipes-support/libssh/libssh/CVE-2020-16135.patch > create mode 100644 > meta-oe/recipes-support/opencv/opencv/CVE-2023-2618.patch > create mode 100644 > meta-oe/recipes-support/opensc/files/CVE-2023-2977.patch >
The following changes since commit a82d92c8a6525da01524bf8f4a60bf6b35dcbb3d: ExprTk: Update package to release/0.0.2 (2023-06-19 09:17:01 -0400) are available in the Git repository at: https://git.openembedded.org/meta-openembedded kirkstone-next for you to fetch changes up to 346753705e49a2486867dc150181a1c7f4d69377: webserver: nginx: Add stream Signed-off-by: Luke Schaefer <lukeschafer17@gmail.com> (2023-07-04 10:20:46 -0400) ---------------------------------------------------------------- Beniamin Sandu (1): mbedtls: add support for v3.x Hitendra Prajapati (3): wireshark: Fix Multiple CVEs libssh: CVE-2020-16135 Fix NULL pointer dereference in sftpserver.c yajl: CVE-2023-33460 memory leak in yajl_tree_parse function Luke Schaefer (1): webserver: nginx: Add stream Signed-off-by: Luke Schaefer <lukeschafer17@gmail.com> Narpat Mali (3): opencv: fix for CVE-2023-2618 frr: fix for CVE-2023-31489 python3-werkzeug: fix for patch-fuzz Peter Marko (3): c-ares: backport patch for CVE-2023-31147 grpc: ignore CVE-2023-32732 ntp: backport patch for 5 CVEs CVE-2023-26551/2/3/4/5 Polampalli, Archana (1): tcpreplay: upgrade 4.4.2 -> 4.4.4 Soumya (1): opensc: Fix CVE-2023-2977 vkumbhar (1): postgresql: fix CVE-2023-2454 & CVE-2023-2455 ...1-aesce-do-not-specify-an-arch-version-when-enabling-c.patch | 33 ++ ...2-aesce-use-correct-target-attribute-when-building-wit.patch | 34 ++ meta-networking/recipes-connectivity/mbedtls/mbedtls/run-ptest | 17 + meta-networking/recipes-connectivity/mbedtls/mbedtls_3.4.0.bb | 83 ++++ meta-networking/recipes-protocols/frr/frr/CVE-2023-31489.patch | 52 ++ meta-networking/recipes-protocols/frr/frr_8.2.2.bb | 1 + meta-networking/recipes-support/ntp/ntp/CVE-2023-2655x.patch | 323 +++++++++++++ meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb | 9 + .../tcpreplay/{tcpreplay_4.4.2.bb => tcpreplay_4.4.4.bb} | 2 +- .../recipes-support/wireshark/files/CVE-2023-0666.patch | 122 +++++ .../recipes-support/wireshark/files/CVE-2023-0667.patch | 66 +++ .../recipes-support/wireshark/files/CVE-2023-0668.patch | 33 ++ meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb | 3 + meta-oe/recipes-dbs/postgresql/files/CVE-2023-2454.patch | 235 +++++++++ meta-oe/recipes-dbs/postgresql/files/CVE-2023-2455.patch | 118 +++++ meta-oe/recipes-dbs/postgresql/postgresql_14.5.bb | 2 + meta-oe/recipes-devtools/grpc/grpc_1.46.7.bb | 3 + meta-oe/recipes-devtools/yajl/yajl/CVE-2023-33460.patch | 29 ++ meta-oe/recipes-devtools/yajl/yajl_2.1.0.bb | 4 +- meta-oe/recipes-support/c-ares/c-ares/CVE-2023-31147.patch | 717 ++++++++++++++++++++++++++++ meta-oe/recipes-support/c-ares/c-ares_1.18.1.bb | 1 + meta-oe/recipes-support/libssh/libssh/CVE-2020-16135.patch | 44 ++ meta-oe/recipes-support/libssh/libssh_0.8.9.bb | 4 +- meta-oe/recipes-support/opencv/opencv/CVE-2023-2618.patch | 32 ++ meta-oe/recipes-support/opencv/opencv_4.5.5.bb | 1 + meta-oe/recipes-support/opensc/files/CVE-2023-2977.patch | 53 ++ meta-oe/recipes-support/opensc/opensc_0.22.0.bb | 1 + .../python/python3-werkzeug/CVE-2023-23934.patch | 35 +- meta-webserver/recipes-httpd/nginx/nginx.inc | 1 + 29 files changed, 2038 insertions(+), 20 deletions(-) create mode 100644 meta-networking/recipes-connectivity/mbedtls/mbedtls/0001-aesce-do-not-specify-an-arch-version-when-enabling-c.patch create mode 100644 meta-networking/recipes-connectivity/mbedtls/mbedtls/0002-aesce-use-correct-target-attribute-when-building-wit.patch create mode 100644 meta-networking/recipes-connectivity/mbedtls/mbedtls/run-ptest create mode 100644 meta-networking/recipes-connectivity/mbedtls/mbedtls_3.4.0.bb create mode 100644 meta-networking/recipes-protocols/frr/frr/CVE-2023-31489.patch create mode 100755 meta-networking/recipes-support/ntp/ntp/CVE-2023-2655x.patch rename meta-networking/recipes-support/tcpreplay/{tcpreplay_4.4.2.bb => tcpreplay_4.4.4.bb} (85%) create mode 100644 meta-networking/recipes-support/wireshark/files/CVE-2023-0666.patch create mode 100644 meta-networking/recipes-support/wireshark/files/CVE-2023-0667.patch create mode 100644 meta-networking/recipes-support/wireshark/files/CVE-2023-0668.patch create mode 100644 meta-oe/recipes-dbs/postgresql/files/CVE-2023-2454.patch create mode 100644 meta-oe/recipes-dbs/postgresql/files/CVE-2023-2455.patch create mode 100644 meta-oe/recipes-devtools/yajl/yajl/CVE-2023-33460.patch create mode 100644 meta-oe/recipes-support/c-ares/c-ares/CVE-2023-31147.patch create mode 100644 meta-oe/recipes-support/libssh/libssh/CVE-2020-16135.patch create mode 100644 meta-oe/recipes-support/opencv/opencv/CVE-2023-2618.patch create mode 100644 meta-oe/recipes-support/opensc/files/CVE-2023-2977.patch