On Tue, 2016-02-23 at 17:48 -0800, Armin Kuster wrote: > From: Armin Kuster <akus...@mvista.com> > > please consider these changes for the next fido update. > > This is to meet our obligation for Yocto compatibility > > The following changes since commit > 9037f2c7c797367c2d09b87f344ecf749d28cb41: > > gdk-pixbuf: Security fix CVE-2015-7674 (2016-02-22 19:08:53 -0800) > > are available in the git repository at: > > git://git.yoctoproject.org/poky-contrib akuster/fido_cve_fixes > http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=akuster/fi > do_cve_fixes > > Armin Kuster (10): > busybox: Security fix CVE-2011-5325
This doesn't appear to actually fix anything, it just adds this patch which notes a potential security issue: https://git.busybox.net/busybox/commit/?id=a116552869db5e7793ae10968eb3 c962c69b3d8c > libpng: Security fix CVE-2015-8126 > libpng: Security fix CVE-2015-8472 > libgcrypt: Security fix CVE-2015-7511 > curl: Security fix CVE-2016-0754 > curl: Secuirty fix CVE-2016-0755 > bind: Security fix CVE-2015-8461 > nettle: Security fix CVE-2015-8803 and CVE-2015-8805 > nettle: Security fix CVE-2015-8804 > git: Security fixes CVE-2015-7545 > > Li Zhou (1): > rpcbind: Security Advisory - rpcbind - CVE-2015-7236 Queued in joshuagl/fido-next Regards, Joshua -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core