mbox series

kirkstone merge request May 28th

Message ID b1a6597a-0aa1-43cb-99a2-9894ac502123@gmail.com
State New
Headers show
Series kirkstone merge request May 28th | expand

Pull-request

https://git.openembedded.org/meta-openembedded kirkstone-next

Message

akuster808 May 28, 2024, 10:20 a.m. UTC
The following changes since commit 70b217ecc812296d98e1aa027a7d182a8019dded:

   python3-pyyaml-include: Drop pytest --automake (2024-05-22 12:50:26 
-0700)

are available in the Git repository at:

   https://git.openembedded.org/meta-openembedded kirkstone-next

for you to fetch changes up to 0560b848996a0feb410a8cd8ca07c60fe2f3b5bc:

   ITS#10094 libldap/OpenSSL: fix setting ciphersuites (2024-05-28 
06:17:26 -0400)

----------------------------------------------------------------
Meenali Gupta (1):
       nginx: fix CVE-2023-44487

Peter Marko (3):
       nss: patch CVE-2023-5388
       nss: patch CVE-2024-0743
       uriparser: upgrade 0.9.6 -> 0.9.8

Priyal Doshi (1):
       ITS#10094 libldap/OpenSSL: fix setting ciphersuites

Soumya Sambu (1):
       php: upgrade 8.1.22 -> 8.1.28

Vivek Kumbhar (1):
       nss: Backport fix CVE-2023-0767

Yogita Urade (1):
       mbedtls: upgrade 2.28.7->2.28.8

akash hadke (1):
       libeigen: Update GPL-3.0-only to GPL-2.0-only

nikhil (1):
       libssh: Fix CVE CVE-2023-6004

  .../mbedtls/{mbedtls_2.28.7.bb => mbedtls_2.28.8.bb} |   4 +-
  meta-oe/recipes-devtools/php/{php_8.1.22.bb => php_8.1.28.bb} |   2 +-
  meta-oe/recipes-support/libeigen/libeigen_3.4.0.bb              | 2 +-
  ...1-config-Move-common-parser-functions-to-config_parser.patch | 464 
+++++++++++++++++++
  meta-oe/recipes-support/libssh/libssh/001_CVE-2023-6004.patch   | 30 ++
  meta-oe/recipes-support/libssh/libssh/002_CVE-2023-6004.patch   | 83 ++++
  meta-oe/recipes-support/libssh/libssh/003_CVE-2023-6004.patch   | 117 
+++++
  meta-oe/recipes-support/libssh/libssh/004_CVE-2023-6004.patch   | 57 +++
  meta-oe/recipes-support/libssh/libssh/005_CVE-2023-6004.patch   | 142 
++++++
  meta-oe/recipes-support/libssh/libssh/006_CVE-2023-6004.patch   | 117 
+++++
  meta-oe/recipes-support/libssh/libssh_0.8.9.bb                  | 7 +
  ...1-Bug-1780432-CVE-2023-5388-Timing-attack-against-RSA-.patch | 681 
++++++++++++++++++++++++++++
  ...1-Bug-1867408-add-a-defensive-check-for-large-ssl_DefS.patch | 40 ++
  meta-oe/recipes-support/nss/nss/CVE-2023-0767.patch             | 102 
+++++
  meta-oe/recipes-support/nss/nss_3.74.bb                         | 3 +
  ...001-ITS-10094-libldap-OpenSSL-fix-setting-ciphersuites.patch | 69 +++
  meta-oe/recipes-support/openldap/openldap_2.5.16.bb             | 1 +
  .../uriparser/{uriparser_0.9.6.bb => uriparser_0.9.8.bb} |   2 +-
  meta-webserver/recipes-httpd/nginx/files/CVE-2023-44487.patch   | 79 ++++
  meta-webserver/recipes-httpd/nginx/nginx.inc                    | 1 +
  20 files changed, 1998 insertions(+), 5 deletions(-)
  rename meta-networking/recipes-connectivity/mbedtls/{mbedtls_2.28.7.bb 
=> mbedtls_2.28.8.bb} (93%)
  rename meta-oe/recipes-devtools/php/{php_8.1.22.bb => php_8.1.28.bb} (99%)
  create mode 100644 
meta-oe/recipes-support/libssh/libssh/0001-config-Move-common-parser-functions-to-config_parser.patch
  create mode 100644 
meta-oe/recipes-support/libssh/libssh/001_CVE-2023-6004.patch
  create mode 100644 
meta-oe/recipes-support/libssh/libssh/002_CVE-2023-6004.patch
  create mode 100644 
meta-oe/recipes-support/libssh/libssh/003_CVE-2023-6004.patch
  create mode 100644 
meta-oe/recipes-support/libssh/libssh/004_CVE-2023-6004.patch
  create mode 100644 
meta-oe/recipes-support/libssh/libssh/005_CVE-2023-6004.patch
  create mode 100644 
meta-oe/recipes-support/libssh/libssh/006_CVE-2023-6004.patch
  create mode 100644 
meta-oe/recipes-support/nss/nss/0001-Bug-1780432-CVE-2023-5388-Timing-attack-against-RSA-.patch
  create mode 100644 
meta-oe/recipes-support/nss/nss/0001-Bug-1867408-add-a-defensive-check-for-large-ssl_DefS.patch
  create mode 100644 meta-oe/recipes-support/nss/nss/CVE-2023-0767.patch
  create mode 100644 
meta-oe/recipes-support/openldap/openldap/0001-ITS-10094-libldap-OpenSSL-fix-setting-ciphersuites.patch
  rename meta-oe/recipes-support/uriparser/{uriparser_0.9.6.bb => 
uriparser_0.9.8.bb} (84%)
  create mode 100644 
meta-webserver/recipes-httpd/nginx/files/CVE-2023-44487.patch

Comments

Khem Raj May 28, 2024, 3:45 p.m. UTC | #1
merged thanks Armin

On Tue, May 28, 2024 at 3:20 AM akuster808 <akuster808@gmail.com> wrote:
>
> The following changes since commit 70b217ecc812296d98e1aa027a7d182a8019dded:
>
>    python3-pyyaml-include: Drop pytest --automake (2024-05-22 12:50:26
> -0700)
>
> are available in the Git repository at:
>
>    https://git.openembedded.org/meta-openembedded kirkstone-next
>
> for you to fetch changes up to 0560b848996a0feb410a8cd8ca07c60fe2f3b5bc:
>
>    ITS#10094 libldap/OpenSSL: fix setting ciphersuites (2024-05-28
> 06:17:26 -0400)
>
> ----------------------------------------------------------------
> Meenali Gupta (1):
>        nginx: fix CVE-2023-44487
>
> Peter Marko (3):
>        nss: patch CVE-2023-5388
>        nss: patch CVE-2024-0743
>        uriparser: upgrade 0.9.6 -> 0.9.8
>
> Priyal Doshi (1):
>        ITS#10094 libldap/OpenSSL: fix setting ciphersuites
>
> Soumya Sambu (1):
>        php: upgrade 8.1.22 -> 8.1.28
>
> Vivek Kumbhar (1):
>        nss: Backport fix CVE-2023-0767
>
> Yogita Urade (1):
>        mbedtls: upgrade 2.28.7->2.28.8
>
> akash hadke (1):
>        libeigen: Update GPL-3.0-only to GPL-2.0-only
>
> nikhil (1):
>        libssh: Fix CVE CVE-2023-6004
>
>   .../mbedtls/{mbedtls_2.28.7.bb => mbedtls_2.28.8.bb} |   4 +-
>   meta-oe/recipes-devtools/php/{php_8.1.22.bb => php_8.1.28.bb} |   2 +-
>   meta-oe/recipes-support/libeigen/libeigen_3.4.0.bb              | 2 +-
>   ...1-config-Move-common-parser-functions-to-config_parser.patch | 464
> +++++++++++++++++++
>   meta-oe/recipes-support/libssh/libssh/001_CVE-2023-6004.patch   | 30 ++
>   meta-oe/recipes-support/libssh/libssh/002_CVE-2023-6004.patch   | 83 ++++
>   meta-oe/recipes-support/libssh/libssh/003_CVE-2023-6004.patch   | 117
> +++++
>   meta-oe/recipes-support/libssh/libssh/004_CVE-2023-6004.patch   | 57 +++
>   meta-oe/recipes-support/libssh/libssh/005_CVE-2023-6004.patch   | 142
> ++++++
>   meta-oe/recipes-support/libssh/libssh/006_CVE-2023-6004.patch   | 117
> +++++
>   meta-oe/recipes-support/libssh/libssh_0.8.9.bb                  | 7 +
>   ...1-Bug-1780432-CVE-2023-5388-Timing-attack-against-RSA-.patch | 681
> ++++++++++++++++++++++++++++
>   ...1-Bug-1867408-add-a-defensive-check-for-large-ssl_DefS.patch | 40 ++
>   meta-oe/recipes-support/nss/nss/CVE-2023-0767.patch             | 102
> +++++
>   meta-oe/recipes-support/nss/nss_3.74.bb                         | 3 +
>   ...001-ITS-10094-libldap-OpenSSL-fix-setting-ciphersuites.patch | 69 +++
>   meta-oe/recipes-support/openldap/openldap_2.5.16.bb             | 1 +
>   .../uriparser/{uriparser_0.9.6.bb => uriparser_0.9.8.bb} |   2 +-
>   meta-webserver/recipes-httpd/nginx/files/CVE-2023-44487.patch   | 79 ++++
>   meta-webserver/recipes-httpd/nginx/nginx.inc                    | 1 +
>   20 files changed, 1998 insertions(+), 5 deletions(-)
>   rename meta-networking/recipes-connectivity/mbedtls/{mbedtls_2.28.7.bb
> => mbedtls_2.28.8.bb} (93%)
>   rename meta-oe/recipes-devtools/php/{php_8.1.22.bb => php_8.1.28.bb} (99%)
>   create mode 100644
> meta-oe/recipes-support/libssh/libssh/0001-config-Move-common-parser-functions-to-config_parser.patch
>   create mode 100644
> meta-oe/recipes-support/libssh/libssh/001_CVE-2023-6004.patch
>   create mode 100644
> meta-oe/recipes-support/libssh/libssh/002_CVE-2023-6004.patch
>   create mode 100644
> meta-oe/recipes-support/libssh/libssh/003_CVE-2023-6004.patch
>   create mode 100644
> meta-oe/recipes-support/libssh/libssh/004_CVE-2023-6004.patch
>   create mode 100644
> meta-oe/recipes-support/libssh/libssh/005_CVE-2023-6004.patch
>   create mode 100644
> meta-oe/recipes-support/libssh/libssh/006_CVE-2023-6004.patch
>   create mode 100644
> meta-oe/recipes-support/nss/nss/0001-Bug-1780432-CVE-2023-5388-Timing-attack-against-RSA-.patch
>   create mode 100644
> meta-oe/recipes-support/nss/nss/0001-Bug-1867408-add-a-defensive-check-for-large-ssl_DefS.patch
>   create mode 100644 meta-oe/recipes-support/nss/nss/CVE-2023-0767.patch
>   create mode 100644
> meta-oe/recipes-support/openldap/openldap/0001-ITS-10094-libldap-OpenSSL-fix-setting-ciphersuites.patch
>   rename meta-oe/recipes-support/uriparser/{uriparser_0.9.6.bb =>
> uriparser_0.9.8.bb} (84%)
>   create mode 100644
> meta-webserver/recipes-httpd/nginx/files/CVE-2023-44487.patch
>