| Message ID | 20251215193340.1057380-2-skandigraun@gmail.com |
|---|---|
| State | New |
| Headers | show |
| Series | [meta-oe,kirkstone,1/2] audit: Fix CVE_PRODUCT | expand |
diff --git a/meta-oe/recipes-crypto/botan/botan/0001-Address-various-name-constraint-bugs.patch b/meta-oe/recipes-crypto/botan/botan/0001-Address-various-name-constraint-bugs.patch index e9abdaedb3..9ce4a4c67b 100644 --- a/meta-oe/recipes-crypto/botan/botan/0001-Address-various-name-constraint-bugs.patch +++ b/meta-oe/recipes-crypto/botan/botan/0001-Address-various-name-constraint-bugs.patch @@ -3,7 +3,7 @@ From: Jack Lloyd <jack@randombit.net> Date: Sun, 7 Jul 2024 05:02:48 -0400 Subject: [PATCH] Address various name constraint bugs -CVE: CVE-2024-39312 +CVE: CVE-2024-39312 CVE-2024-34702 Upstream-Status: Backport [https://github.com/randombit/botan/commit/68338f5912534c74469f7f4e6e22b37aa5159952] Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-34702 The same patch fixes both CVE-2024-39312 and CVE-2024-34702, according to the release notes[1] of the final 2.9.x release. [1]: https://github.com/randombit/botan/blob/2.19.5/news.rst Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> --- .../botan/botan/0001-Address-various-name-constraint-bugs.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)