From patchwork Fri Jan 9 13:04:15 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 78337 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0ABDCD1A619 for ; Fri, 9 Jan 2026 13:05:18 +0000 (UTC) Received: from mail-wr1-f50.google.com (mail-wr1-f50.google.com [209.85.221.50]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.9455.1767963915212043182 for ; Fri, 09 Jan 2026 05:05:15 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=F7/D5zTo; spf=pass (domain: gmail.com, ip: 209.85.221.50, mailfrom: skandigraun@gmail.com) Received: by mail-wr1-f50.google.com with SMTP id ffacd0b85a97d-42fb4eeb482so2362337f8f.0 for ; Fri, 09 Jan 2026 05:05:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1767963913; x=1768568713; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:message-id:date:subject:to :from:from:to:cc:subject:date:message-id:reply-to; bh=sVAffkYMGO7hTdfB9gMihERzNBV0owVoho+yGwmnqI0=; b=F7/D5zTocqFJRII+KwnyyfaIrgM/pEQEYC0Bkf4hyVurWUcpX74KMHZY7PWQfvnhQe XBZEsnCZ8nOoZIlE57aC4hmbBfXmMhKVMOYYCNwKlE4ZewvA6CFD16lbqvDIQtldiP+Z iT1YNRasoT7PUxmXHKjxnrzksEJmdnNcnuCWQ1kVFGBQXeq0xyWcXCqKs2riiCRUP0Qj UV+5QHv4oftnAH0oz/kQid49qJIOvqeCrQfz8JrgemwNdJQTacaqeZexlhGnstFu92hO cj65LEqV4l+9aR8AizEk70QyG52MTlfIPXE8At9sur5hhfBu1uICvQYjv2OzbQmU665Y 4/sg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1767963913; x=1768568713; h=content-transfer-encoding:mime-version:message-id:date:subject:to :from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=sVAffkYMGO7hTdfB9gMihERzNBV0owVoho+yGwmnqI0=; b=sw4y1d3+PuGzs9DlSXAHrvXUDeAVCt6ZIuxkYu1smUn+QhZdfp037btkIgMjauCaya vkqjdDf7cLmojJr6Zb0Mq8JgpvKyzB8C/Q1Wb7LgQsiQC6ClxkBLOXyR1UHYhcXbrTxb fCKkQlNyGkZIVkOPuL+SwvdMBOLOgVnO0EhZ/caiPqrG1rLGKfWaeZsXUL9fjSC5gi7J nfE+lcYummu/zmJsPv7+9ntXX1b5mxgP9fFEiygW/g8mM/FHBa2opjSfBNslHQnx/Iog 6EKLMwsZyvKUL1oTOVm19G5betCHx8zy9DSFzGMpcPjnoiHwtafsp8qoc7ZhUCs6kLOU lFwA== X-Gm-Message-State: AOJu0YwvJ6dLz4EOxWRfdRSCkP2D8gJbKLHIG8kF+1z6Rkz/0g9eAInc y0gB8P0DdvTpuDv0/KyIOA3/cRsUME4bLzYtOJGEVG2jdllT5bXHY31H76lYxw== X-Gm-Gg: AY/fxX7RbZCZhDhme2jneBnJlLU82dI9tP6Bwj2sGgGBiBibOojesFKczzwFYJF9l5X KMkH83AhHn4fyloqR4n2B12nZ0xH88DdxyadijUtniSgUWWcrVVxsGrIBdbpQyROpcDqPiNHUk6 YIB+WBwzQH2bs9JNcBEuQuOinyEwVT0hzQPh7JwVtTd4IBXk11R0ct9mMc7TJvp0H+8Y7TlLf4B HFQRHGB+jU2N/NsBaO8n01x/5DQg84bAGqLFiDIi1503uSYwW05sqdQZMT6dJ0MoqQC8WHUzSKh sv/+VIpwwhZCYyQQLR0u+NDVqB81lT2CbqZqwZtEAKTxFABsL40rS2vfiVHHBsCREwSSyQmcqKr j3QvBZvtJDJEyrRrBk9I0YGpGeyfLX1XEupbkHaEyDco1AaE4haDo96Ogtd8av2dXKEJC9eht7s hjfJSEHCb6 X-Google-Smtp-Source: AGHT+IEbrGuSHKng+bKCFMP2RQMMBNWs2kUoc5x/GitEFwN7ycVAhqLmQWzCq9At+hLJY3Ni8w+uuA== X-Received: by 2002:a05:6000:24c8:b0:431:2cb:d335 with SMTP id ffacd0b85a97d-432c375b114mr11107519f8f.34.1767963913316; Fri, 09 Jan 2026 05:05:13 -0800 (PST) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-432bd5ee870sm22363067f8f.36.2026.01.09.05.04.34 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 09 Jan 2026 05:04:49 -0800 (PST) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-networking][kirkstone][PATCH 1/3] wireshark: upgrade 3.4.12 -> 3.4.16 Date: Fri, 9 Jan 2026 14:04:15 +0100 Message-ID: <20260109130417.1591074-1-skandigraun@gmail.com> X-Mailer: git-send-email 2.52.0 MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 09 Jan 2026 13:05:18 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/123300 These are all bugfix releases. Drop CVE-2022-3190.patch, as it is included in 3.4.16. Changelogs: 3.4.13: https://www.wireshark.org/docs/relnotes/wireshark-3.4.13.html 3.4.14: https://www.wireshark.org/docs/relnotes/wireshark-3.4.14.html 3.4.15: https://www.wireshark.org/docs/relnotes/wireshark-3.4.15.html 3.4.16: https://www.wireshark.org/docs/relnotes/wireshark-3.4.16.html Signed-off-by: Gyorgy Sarvari --- .../wireshark/files/CVE-2022-3190.patch | 145 ------------------ ...ireshark_3.4.12.bb => wireshark_3.4.16.bb} | 3 +- 2 files changed, 1 insertion(+), 147 deletions(-) delete mode 100644 meta-networking/recipes-support/wireshark/files/CVE-2022-3190.patch rename meta-networking/recipes-support/wireshark/{wireshark_3.4.12.bb => wireshark_3.4.16.bb} (96%) diff --git a/meta-networking/recipes-support/wireshark/files/CVE-2022-3190.patch b/meta-networking/recipes-support/wireshark/files/CVE-2022-3190.patch deleted file mode 100644 index 0b987700f5..0000000000 --- a/meta-networking/recipes-support/wireshark/files/CVE-2022-3190.patch +++ /dev/null @@ -1,145 +0,0 @@ -From 4585d515b962f3b3a5e81caa64e13e8d9ed2e431 Mon Sep 17 00:00:00 2001 -From: Hitendra Prajapati -Date: Mon, 26 Sep 2022 12:47:00 +0530 -Subject: [PATCH] CVE-2022-3190 - -Upstream-Status: Backport [https://gitlab.com/wireshark/wireshark/-/commit/67326401a595fffbc67eeed48eb6c55d66a55f67] -CVE : CVE-2022-3190 -Signed-off-by: Hitendra Prajapati ---- - epan/dissectors/packet-f5ethtrailer.c | 108 +++++++++++++------------- - 1 file changed, 56 insertions(+), 52 deletions(-) - -diff --git a/epan/dissectors/packet-f5ethtrailer.c b/epan/dissectors/packet-f5ethtrailer.c -index ed77dfd..b15b0d4 100644 ---- a/epan/dissectors/packet-f5ethtrailer.c -+++ b/epan/dissectors/packet-f5ethtrailer.c -@@ -2741,69 +2741,73 @@ dissect_dpt_trailer(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *d - static gint - dissect_old_trailer(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data) - { -- proto_tree *type_tree = NULL; -- proto_item *ti = NULL; - guint offset = 0; -- guint processed = 0; -- f5eth_tap_data_t *tdata = (f5eth_tap_data_t *)data; -- guint8 type; -- guint8 len; -- guint8 ver; - - /* While we still have data in the trailer. For old format trailers, this needs - * type, length, version (3 bytes) and for new format trailers, the magic header (4 bytes). - * All old format trailers are at least 4 bytes long, so just check for length of magic. - */ -- while (tvb_reported_length_remaining(tvb, offset)) { -- type = tvb_get_guint8(tvb, offset); -- len = tvb_get_guint8(tvb, offset + F5_OFF_LENGTH) + F5_OFF_VERSION; -- ver = tvb_get_guint8(tvb, offset + F5_OFF_VERSION); -- -- if (len <= tvb_reported_length_remaining(tvb, offset) && type >= F5TYPE_LOW -- && type <= F5TYPE_HIGH && len >= F5_MIN_SANE && len <= F5_MAX_SANE -- && ver <= F5TRAILER_VER_MAX) { -- /* Parse out the specified trailer. */ -- switch (type) { -- case F5TYPE_LOW: -- ti = proto_tree_add_item(tree, hf_low_id, tvb, offset, len, ENC_NA); -- type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_low); -- -- processed = dissect_low_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata); -- if (processed > 0) { -- tdata->trailer_len += processed; -- tdata->noise_low = 1; -- } -- break; -- case F5TYPE_MED: -- ti = proto_tree_add_item(tree, hf_med_id, tvb, offset, len, ENC_NA); -- type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_med); -- -- processed = dissect_med_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata); -- if (processed > 0) { -- tdata->trailer_len += processed; -- tdata->noise_med = 1; -- } -- break; -- case F5TYPE_HIGH: -- ti = proto_tree_add_item(tree, hf_high_id, tvb, offset, len, ENC_NA); -- type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_high); -- -- processed = -- dissect_high_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata); -- if (processed > 0) { -- tdata->trailer_len += processed; -- tdata->noise_high = 1; -- } -- break; -+ while (tvb_reported_length_remaining(tvb, offset) >= F5_MIN_SANE) { -+ /* length field does not include the type and length bytes. Add them back in */ -+ guint8 len = tvb_get_guint8(tvb, offset + F5_OFF_LENGTH) + F5_OFF_VERSION; -+ if (len > tvb_reported_length_remaining(tvb, offset) -+ || len < F5_MIN_SANE || len > F5_MAX_SANE) { -+ /* Invalid length - either a malformed trailer, corrupt packet, or not f5ethtrailer */ -+ return offset; -+ } -+ guint8 type = tvb_get_guint8(tvb, offset); -+ guint8 ver = tvb_get_guint8(tvb, offset + F5_OFF_VERSION); -+ -+ /* Parse out the specified trailer. */ -+ proto_tree *type_tree = NULL; -+ proto_item *ti = NULL; -+ f5eth_tap_data_t *tdata = (f5eth_tap_data_t *)data; -+ guint processed = 0; -+ -+ switch (type) { -+ case F5TYPE_LOW: -+ ti = proto_tree_add_item(tree, hf_low_id, tvb, offset, len, ENC_NA); -+ type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_low); -+ -+ processed = dissect_low_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata); -+ if (processed > 0) { -+ tdata->trailer_len += processed; -+ tdata->noise_low = 1; - } -- if (processed == 0) { -- proto_item_set_len(ti, 1); -- return offset; -+ break; -+ case F5TYPE_MED: -+ ti = proto_tree_add_item(tree, hf_med_id, tvb, offset, len, ENC_NA); -+ type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_med); -+ -+ processed = dissect_med_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata); -+ if (processed > 0) { -+ tdata->trailer_len += processed; -+ tdata->noise_med = 1; -+ } -+ break; -+ case F5TYPE_HIGH: -+ ti = proto_tree_add_item(tree, hf_high_id, tvb, offset, len, ENC_NA); -+ type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_high); -+ -+ processed = -+ dissect_high_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata); -+ if (processed > 0) { -+ tdata->trailer_len += processed; -+ tdata->noise_high = 1; - } -+ break; -+ default: -+ /* Unknown type - malformed trailer, corrupt packet, or not f5ethtrailer - bali out*/ -+ return offset; -+ } -+ if (processed == 0) { -+ /* couldn't process trailer - bali out */ -+ proto_item_set_len(ti, 1); -+ return offset; - } - offset += processed; - } --return offset; -+ return offset; - } /* dissect_old_trailer() */ - - /*---------------------------------------------------------------------------*/ --- -2.25.1 - diff --git a/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb b/meta-networking/recipes-support/wireshark/wireshark_3.4.16.bb similarity index 96% rename from meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb rename to meta-networking/recipes-support/wireshark/wireshark_3.4.16.bb index afee5561c4..4835a72d76 100644 --- a/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb +++ b/meta-networking/recipes-support/wireshark/wireshark_3.4.16.bb @@ -15,7 +15,6 @@ SRC_URI += " \ file://0002-flex-Remove-line-directives.patch \ file://0003-bison-Remove-line-directives.patch \ file://0004-lemon-Remove-line-directives.patch \ - file://CVE-2022-3190.patch \ file://CVE-2023-2855.patch \ file://CVE-2023-2856.patch \ file://CVE-2023-2858.patch \ @@ -37,7 +36,7 @@ SRC_URI += " \ UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src" -SRC_URI[sha256sum] = "881a13303e263b7dc7fe337534c8a541d4914552287879bed30bbe76c5bf68ca" +SRC_URI[sha256sum] = "6acb3155b89b65bcdbcdac7a9e6a59013a6e21d8ae6a8249a9af4fe9ce3d91ba" PE = "1" From patchwork Fri Jan 9 13:04:16 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 78338 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 09D65D1A619 for ; Fri, 9 Jan 2026 13:06:08 +0000 (UTC) Received: from mail-wr1-f48.google.com (mail-wr1-f48.google.com [209.85.221.48]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.9487.1767963958176150100 for ; Fri, 09 Jan 2026 05:05:58 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=Zg00BWov; spf=pass (domain: gmail.com, ip: 209.85.221.48, mailfrom: skandigraun@gmail.com) Received: by mail-wr1-f48.google.com with SMTP id ffacd0b85a97d-430f3ef2d37so3652240f8f.3 for ; Fri, 09 Jan 2026 05:05:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1767963956; x=1768568756; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=XjPJBeeaV0AF/m5RPUX0VrysRdy0GvKjIBUm33sOIK0=; b=Zg00BWovMaf03WEh+NBS5GED0pUwlMEzlkDKkzN6ic/RFenyZbMJrSyqhxDs4k+OFT ZlHyP4LNgWoLPOBmljDrqkmzZp5GxPMp78mBflsVjG+ZNctGhseKLXMPQ8hgMuSKq0eq goipWGrI4mNwcjpebAROQHDsS4BjxYFyiLSrIXXXOMAH5uOzwOQe3iSbRV3TmKWh3X+v DhE30h/RbU2PwLNe5dmtwGIdeRsMwl9zBPrvHO45SdPSQ2LY75rqoj1tO1ASV00ah9P8 oUTf53vK+P40PKGacCruQ7gpJ5P+EGnbe+atktX1f0FstYLrCkrhsqG6QyQHmMAi0kz6 ieNA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1767963956; x=1768568756; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=XjPJBeeaV0AF/m5RPUX0VrysRdy0GvKjIBUm33sOIK0=; b=IXz01Hd0Y6aMhVjhCs7lr6okQFaPeCOgg6TICEeS/Sq5yqt2Yen2a44meIVBPmUKPF 1CpGSlcUQy5Xhe0iEwPgg56F/bJiYk5DlR8+XddS3ozG7qawQA3ZGu30KWZh9lW97071 AAXBY60ZRz62x4rV3q4BEBuhPnVU8HF0rjGXKJI1VxSGGBdDHIoHJ1bxiydssDPnYIUv D9Soo45wT44CuWytbYOlZpGQe2Nee0Hih+OkGUt9LlDe3muZ3YoZbI+nhO2frF7/Mwnc v98jGCMV/rJThv5RhvXWhw85umG2kA5EcAkWmHlQeHgqa/HElL7slpCjVjJ+Cu7Oa++a 7GQA== X-Gm-Message-State: AOJu0Yxr9t6RoOXydM2pC8vQgiktVKD+TUS7gXnkxUYrkgSHX1kA0Fg6 tuqGqETIoykmGUurkQxBdcB+vneJcR2QG5Tg0pw27MCxYpWbn6Gv5S2UR63J2Q== X-Gm-Gg: AY/fxX4u2FMDjAEJUGzwv8Xi/76yD8f3amPGsiWq90vvTa73eB+tdGhQn5Rw/oOlyce CCrCNYoXTWCS0QK3u7R4f5QlpaYbd4HhslFu9cP+5W/1KverrPhK2r2doZj60A0Qy6VO++BGtrr yF5T58Fu1duWnxGtvAtC36/D09v/44taApCe4zTaH1XI+fYJYS07ukXeajQh66w/VfCWhyAlP1L TC3nmMxxKx6Z4frvU1z+n0ToRNI+15ft+WX5v6F5T5ilotDpTOdlZC+4apYCS/PwL8vZO1bEZja cDfeIYi6ZjpdV0af22e3zJyEQ6TsWxzJ1yv+MYIB04H2XZ5XaWl1Qwb+gNDfx+TOrAm2XoQK/E8 aVYV0IGwpQj1bKuxEW/wrzJv56f6N7HKMpjxMx7zu48OqduBa9P5duG12vtMNTQpigUDBrfGy3o JzRxRp472p X-Google-Smtp-Source: AGHT+IHh5DpYBa0REkRHBf7ZYyiID8nxgFbFIdPnKPT/URIKRsQJkskUaKB0MkOjxSZjWCZRPJDjmA== X-Received: by 2002:a05:6000:144f:b0:42f:f627:3a99 with SMTP id ffacd0b85a97d-432c37c87efmr12719999f8f.38.1767963956336; Fri, 09 Jan 2026 05:05:56 -0800 (PST) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-432bd5ee870sm22363067f8f.36.2026.01.09.05.05.13 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 09 Jan 2026 05:05:29 -0800 (PST) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-networking][kirkstone][PATCH 2/3] wireshark: ignore CVE-2024-24476, CVE-2024-24478 and CVE-2024-24479 Date: Fri, 9 Jan 2026 14:04:16 +0100 Message-ID: <20260109130417.1591074-2-skandigraun@gmail.com> X-Mailer: git-send-email 2.52.0 In-Reply-To: <20260109130417.1591074-1-skandigraun@gmail.com> References: <20260109130417.1591074-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 09 Jan 2026 13:06:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/123301 Details: https://nvd.nist.gov/vuln/detail/CVE-2024-24476 https://nvd.nist.gov/vuln/detail/CVE-2024-24478 https://nvd.nist.gov/vuln/detail/CVE-2024-24479 Upstream disputes all three vulnerabilities[1]. Looking at the history, even though they were valid issues for some period of time, none of them made it to an actual stable release: the vulnerabilities were caused, caught and fixed in the same development cycle between two releases. CVE-2024-24476: vulnerability introduced with[2], fixed with[3] CVE-2024-24478: vulnerability introduced with[4], fixed with[5] CVE-2024-24479: vulnerability introduced with[6], fixed with[7] Ignore all three of these vulnerabilities, as they are not present in the used recipe version. [1]: https://www.wireshark.org/docs/relnotes/wireshark-4.2.4.html [2]: https://github.com/wireshark/wireshark/commit/395e3b6cb595bfc610f3c26e7e9eb1f8729fd952 [3]: https://github.com/wireshark/wireshark/commit/108217f4bb1afb8b25fc705c2722b3e328b1ad78 [4]: https://github.com/wireshark/wireshark/commit/a9a62ff576ae79e0d6afb3214a5d409ec4cdf9d7 [5]: https://github.com/wireshark/wireshark/commit/80a4dc55f4d2fa33c2b36a99406500726d3faaef [6]: https://github.com/wireshark/wireshark/commit/53ec634ac2bf5f87a594aa72f16ca21c25a146a9 [7]: https://github.com/wireshark/wireshark/commit/c3720cff158c265dec2a0c6104b1d65954ae6bfd Signed-off-by: Gyorgy Sarvari --- meta-networking/recipes-support/wireshark/wireshark_3.4.16.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta-networking/recipes-support/wireshark/wireshark_3.4.16.bb b/meta-networking/recipes-support/wireshark/wireshark_3.4.16.bb index 4835a72d76..a8eafe4a05 100644 --- a/meta-networking/recipes-support/wireshark/wireshark_3.4.16.bb +++ b/meta-networking/recipes-support/wireshark/wireshark_3.4.16.bb @@ -102,4 +102,7 @@ FILES:${PN} += "${datadir}*" RDEPENDS:tshark = "wireshark" +# disputed, vulnerabilities didn't appear in any releases +CVE_CHECK_IGNORE = "CVE-2024-24476 CVE-2024-24478 CVE-2024-24479" + BBCLASSEXTEND = "native" From patchwork Fri Jan 9 13:04:17 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 78339 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 08135D1A618 for ; Fri, 9 Jan 2026 13:06:28 +0000 (UTC) Received: from mail-wr1-f46.google.com (mail-wr1-f46.google.com [209.85.221.46]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.9498.1767963984321131706 for ; Fri, 09 Jan 2026 05:06:24 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=TUY+zEin; spf=pass (domain: gmail.com, ip: 209.85.221.46, mailfrom: skandigraun@gmail.com) Received: by mail-wr1-f46.google.com with SMTP id ffacd0b85a97d-432d2c7dd52so1246347f8f.2 for ; Fri, 09 Jan 2026 05:06:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1767963982; x=1768568782; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=b4tePouu+nmCl0r8qRh7FuEO6rOIM0wD6Yw6P8NdsnU=; b=TUY+zEinqMdtt4bCl8iunHq7udzoQe1C2UonKRo7g9dy77LBe3F4UXquM0W7eTZLF/ Vzqaler1f3ivAE73OydYIMoZVHecnF2OgN/rg7NIx707XCoCK6mgWua5b14CamvbkIuS pjNNcpcS3fzY1wb/PKgh8l6itJ7eAOqYaR1CFe3uJ2EgMkbGs8GO6hpoRWyH0+K5qUHi E6jnpXFNb37i8htJTaoSZB3mpQ7TEocdGyjqPrLZ7tkmTJE6KkyBhETGuAwZNn7KK4DE ZS8SnlV4aAYAzuGTVw4PNw5Eed8ylW3wjHbQ2U7tvjpxYxVSmMhpn1qG0GWJGlsJpR7w J21Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1767963982; x=1768568782; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=b4tePouu+nmCl0r8qRh7FuEO6rOIM0wD6Yw6P8NdsnU=; b=Kvby4i6WSXPuxStPhwYgLkwKYe1jCp0CeGcHFNz+kqDyDk9WpAhIRCf3gqfBNKFtDq nyUWpUQPaGuluoGFHmHU6wNbiJXbvTEFz4CQSshaqXc6Q+Y/tSp4i/LPrDn1K8TUsXjG BXZOrRfa/wy7jlNR/orKV47g+dYrwt5Pewl6nKd241RwfH/J/rrS51XRqsEWFL8LOJwk +Iq3FjEjZNHALmVOrmv5xFYYKHaWalFRu6oWmF1jkIDX88GstEn2zlyhat5arvcsw13i fjwTSdwGx1SdYEAZwOWxd2BQvahLGOy/CGRiiHHT5qvz5jzifRstnZePTHXzR8sdgQ2s NK7g== X-Gm-Message-State: AOJu0YxA4APqXFeDuZ4JTkpruMcs/VB46HJjOEdx26p6WEVjVt++U1/l ZPxrQptzCumly4Ng5+/31jeUYMgcDYzJaQ2Apr08We6CJwVJWFBaodG9bjl5XQ== X-Gm-Gg: AY/fxX6SetDdxOH+TpFPj/0DgwYEG0/qYQ4LEyzo6CdLlaG/yhKT7aV36uItyW2KZ73 AyP4PpuHSBfr7yf7+VehojjIaS2Aicbhj6NHQu/6FKh985Cny0AnjQyshnnXoqL1pF8O15RB1ds sUDFAN4lrY3GcS4KWwRJr+81hYU9JRkFFlEOR3GMkMMfiePuHFR1DnOtjPMcf6vjAONWfST8rki cxcJwW41rKfzmx1eYuR66DIpRRYijeBJ1YQlHQ5RvnyvcKeS98fRC+DRxDTkBCQ2oBJb2Bw0OBw iDhUD8W5/DjYlDlLQO50d36CrxrwviSCEUMALHEcv0/+ktImUF1Ut4b/uSGikyL8TKjGO9EgvHo I5TIHSTeuH72t9LMWlqZs6X//eS9TIZ2Sr78PDcNCP6Af7T4z3nZ9A/XqWDmYo3e0044GOSO1e+ 8Y+llzBkP7 X-Google-Smtp-Source: AGHT+IE8S+GbG/IzAtjyz1bYQAKx9OuoCNSqiuiLOWbDnEVNt1K3sqgSCbAzu+gfs+oVfhhAyp+WGQ== X-Received: by 2002:a5d:64c8:0:b0:431:32f:3140 with SMTP id ffacd0b85a97d-432c376107dmr11900171f8f.12.1767963982437; Fri, 09 Jan 2026 05:06:22 -0800 (PST) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-432bd5ee870sm22363067f8f.36.2026.01.09.05.05.56 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 09 Jan 2026 05:06:09 -0800 (PST) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-networking][kirkstone][PATCH 3/3] memcached: ignore disputed CVE-2022-26635 Date: Fri, 9 Jan 2026 14:04:17 +0100 Message-ID: <20260109130417.1591074-3-skandigraun@gmail.com> X-Mailer: git-send-email 2.52.0 In-Reply-To: <20260109130417.1591074-1-skandigraun@gmail.com> References: <20260109130417.1591074-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 09 Jan 2026 13:06:28 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/123302 From: Peter Marko Per [1] this is a problem of applications using memcached inproperly. This should not be a CVE against php-memcached, but for whatever software the issue was actually found in. php-memcached and libmemcached provide a VERIFY_KEY flag if they're too lazy to filter untrusted user input. [1] https://github.com/php-memcached-dev/php-memcached/issues/519 Signed-off-by: Peter Marko Signed-off-by: Khem Raj (cherry picked from commit 889ccce6848276fa68b3736b345552a533bc6bd2) Adapted to Kirkstone (CVE_STATUS -> CVE_CHECK_IGNORE) Signed-off-by: Gyorgy Sarvari --- meta-networking/recipes-support/memcached/memcached_1.6.15.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta-networking/recipes-support/memcached/memcached_1.6.15.bb b/meta-networking/recipes-support/memcached/memcached_1.6.15.bb index b28bfe72b7..76e4768fb9 100644 --- a/meta-networking/recipes-support/memcached/memcached_1.6.15.bb +++ b/meta-networking/recipes-support/memcached/memcached_1.6.15.bb @@ -24,6 +24,9 @@ SRC_URI = "http://www.memcached.org/files/${BP}.tar.gz \ " SRC_URI[sha256sum] = "8d7abe3d649378edbba16f42ef1d66ca3f2ac075f2eb97145ce164388e6ed515" +# disputed: this is a problem of applications using php-memcached inproperly +CVE_CHECK_IGNORE = "CVE-2022-26635" + # set the same COMPATIBLE_HOST as libhugetlbfs COMPATIBLE_HOST = "(i.86|x86_64|powerpc|powerpc64|aarch64|arm).*-linux*"