-by: Hitendra Prajapati
---
.../openjdk/openjdk-8-release-common.inc | 2 +
.../patches-openjdk-8/CVE-2024-20919.patch| 126
.../patches-openjdk-8/CVE-2024-20921.patch| 657 ++
3 files changed, 785 insertions(+)
create mode 100644 recipes-core/openjdk/patches
Upstream-Status: Backport from
https://github.com/openjdk/jdk8u/commit/961ab463974b7d05600b826303f9111c4f367a04
Signed-off-by: Hitendra Prajapati
---
.../openjdk/openjdk-8-release-common.inc | 1 +
.../patches-openjdk-8/CVE-2022-40433.patch| 233 ++
2 files changed
Upstream-Status: Backport from
https://github.com/the-tcpdump-group/tcpdump/commit/b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2
Signed-off-by: Hitendra Prajapati
---
.../tcpdump/tcpdump/CVE-2024-2397.patch | 129 ++
.../recipes-support/tcpdump/tcpdump_4.99.4.bb | 1 +
2
Hi Team,
any update on this ??
Regards,
Hitendra
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#110146):
https://lists.openembedded.org/g/openembedded-devel/message/110146
Mute This Topic: https://lists.openembedded.org/mt/105213134/21656
Group
Hi Team,
any update on this ??
Regards,
Hitendra
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#110145):
https://lists.openembedded.org/g/openembedded-devel/message/110145
Mute This Topic: https://lists.openembedded.org/mt/105323917/21656
Group
Upstream-Status: Backport from
https://gitlab.com/wireshark/wireshark/-/commit/3be1c99180a6fc48c34ae4bfc79bfd840b29ae3e
Signed-off-by: Hitendra Prajapati
---
.../wireshark/files/CVE-2023-6175.patch | 246 ++
.../wireshark/wireshark_3.2.18.bb | 1 +
2 files
Upstream-Status: Backport from
https://gitlab.com/wireshark/wireshark/-/commit/3be1c99180a6fc48c34ae4bfc79bfd840b29ae3e
Signed-off-by: Hitendra Prajapati
---
.../wireshark/files/CVE-2023-6175.patch | 246 ++
.../wireshark/wireshark_3.4.12.bb | 1 +
2 files
Upstream-Status: Backport from
https://gitlab.com/wireshark/wireshark/-/commit/3be1c99180a6fc48c34ae4bfc79bfd840b29ae3e
Signed-off-by: Hitendra Prajapati
---
.../wireshark/files/CVE-2023-6175.patch | 246 ++
.../wireshark/wireshark_3.4.12.bb | 1 +
2 files
Upstream-Status: Backport from
https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55
Signed-off-by: Hitendra Prajapati
---
.../python3-cryptography/CVE-2024-26130.patch | 66 +++
.../python/python3-cryptography_2.8.bb| 1 +
2 files
Upstream-Status: Backport from
https://github.com/proftpd/proftpd/commit/743330874ee19dfcf2405827274015da0663bd2b
Signed-off-by: Hitendra Prajapati
---
.../proftpd/files/CVE-2020-9272.patch | 2839 +
.../recipes-daemons/proftpd/proftpd_1.3.6.bb |1 +
2 files
Upstream-Status: Backport from
https://gitlab.com/wireshark/wireshark/-/commit/a8586fde3a6512466afb2a660538ef3fe712076b
Signed-off-by: Hitendra Prajapati
---
.../wireshark/files/CVE-2024-0208.patch | 42 +++
.../wireshark/wireshark_3.2.18.bb | 1 +
2 files
Upstream-Status: Backport from
https://gitlab.com/wireshark/wireshark/-/commit/a8586fde3a6512466afb2a660538ef3fe712076b
Signed-off-by: Hitendra Prajapati
---
.../wireshark/files/CVE-2024-0208.patch | 42 +++
.../wireshark/wireshark_3.4.12.bb | 1 +
2 files
s://downloads.apache.org/httpd/CHANGES_2.4.58
References:
https://httpd.apache.org/security/vulnerabilities_24.html
https://security-tracker.debian.org/tracker/CVE-2023-31122
https://security-tracker.debian.org/tracker/CVE-2023-43622
https://security-tracker.debian.org/tracker/CVE-2023-45802
Upstream-Status: Backport from
https://github.com/proftpd/proftpd/commit/97bbe68363ccf2de0c07f67170ec64a8b4d62592
Signed-off-by: Hitendra Prajapati
---
.../proftpd/files/CVE-2023-51713.patch| 277 ++
.../recipes-daemons/proftpd/proftpd_1.3.7c.bb | 1 +
2 files changed
Upstream-Status: Backport from
https://github.com/proftpd/proftpd/commit/97bbe68363ccf2de0c07f67170ec64a8b4d62592
Signed-off-by: Hitendra Prajapati
---
.../proftpd/files/CVE-2023-51713.patch| 278 ++
.../recipes-daemons/proftpd/proftpd_1.3.6.bb | 1 +
2 files changed
Upstream-Status: Backport from
https://github.com/proftpd/proftpd/commit/97bbe68363ccf2de0c07f67170ec64a8b4d62592
Signed-off-by: Hitendra Prajapati
---
.../proftpd/files/CVE-2023-51713.patch| 277 ++
.../recipes-daemons/proftpd/proftpd_1.3.7c.bb | 1 +
2 files changed
Upstream-Status: Backport from
https://git.libssh.org/projects/libssh.git/log/?qt=grep=cve-2023-1667
Signed-off-by: Hitendra Prajapati
---
.../libssh/libssh/CVE-2023-1667.patch | 724 ++
.../recipes-support/libssh/libssh_0.8.9.bb| 1 +
2 files changed, 725
Upstream-Status: Backport from
https://packages.debian.org/buster/libssh-dev/libssh_0.8.7-1+deb10u2.debian.tar.xz
Signed-off-by: Hitendra Prajapati
---
.../libssh/libssh/CVE-2023-1667.patch | 724 ++
.../recipes-support/libssh/libssh_0.8.9.bb| 1 +
2 files changed
Upstream-Status: Backport from
https://www.samba.org/samba/ftp/patches/security/samba-4.17.12-security-2023-10-10.patch
Signed-off-by: Hitendra Prajapati
---
.../samba/samba/CVE-2023-42669.patch | 93 +++
.../samba/samba_4.10.18.bb| 1 +
2 files
Upstream-Status: Backport from
https://github.com/php/php-src/commit/789a37f14405e2d1a05a76c9fb4ed2d49d4580d5
Signed-off-by: Hitendra Prajapati
---
.../php/php/CVE-2022-4900.patch | 48 +++
meta-oe/recipes-devtools/php/php_7.4.33.bb| 1 +
2 files changed, 49
Upstream-Status: Backport from
https://gitlab.com/wireshark/wireshark/-/commit/8d3c2177793e900cfc7cfaac776a2807e4ea289f
&&
https://gitlab.com/wireshark/wireshark/-/commit/118815ca7c9f82c1f83f8f64d9e0e54673f31677
Signed-off-by: Hitendra Prajapati
---
.../files/CVE-2022-0585-CVE-2
Upstream-Status: Backport from
https://gitlab.com/wireshark/wireshark/-/commit/75e0ffcb42f3816e5f2fdef12f3c9ae906130b0c
Signed-off-by: Hitendra Prajapati
---
.../wireshark/files/CVE-2023-3649.patch | 231 ++
.../wireshark/wireshark_3.2.18.bb | 1 +
2 files
Upstream-Status: Backport from
https://gitlab.com/wireshark/wireshark/-/commit/44dc70cc5aadca91cb8ba3710c59c3651b7b0d4d
Signed-off-by: Hitendra Prajapati
---
.../wireshark/files/CVE-2023-2906.patch | 38 +++
.../wireshark/wireshark_3.2.18.bb | 1 +
2 files
Upstream-Status: Backport from
https://gitlab.com/wireshark/wireshark/-/commit/44dc70cc5aadca91cb8ba3710c59c3651b7b0d4d
Signed-off-by: Hitendra Prajapati
---
.../wireshark/files/CVE-2023-2906.patch | 38 +++
.../wireshark/wireshark_3.4.12.bb | 1 +
2 files
Upstream-Status: Backport from
https://git.openldap.org/openldap/openldap/-/commit/9badb73425a67768c09bcaed1a9c26c684af6c30
Signed-off-by: Hitendra Prajapati
---
.../openldap/openldap/CVE-2021-27212.patch| 31 +++
.../openldap/openldap_2.4.57.bb | 1 +
2
Upstream-Status: Backport from
https://build.opensuse.org/package/view_file/network/quagga/remove-chown-chmod.service.patch
Signed-off-by: Hitendra Prajapati
---
.../quagga/files/CVE-2021-44038.patch | 117 ++
.../recipes-protocols/quagga/quagga.inc | 2 +-
2
Upstream-Status: Backport from
https://github.com/openSUSE/multipath-tools/commit/fbbf280a0e26026c19879d938ebb2a8200b6357c
Signed-off-by: Hitendra Prajapati
---
.../files/CVE-2022-41974.patch| 162 ++
.../multipath-tools/multipath-tools_0.8.4.bb | 1 +
2
://www.ntp.org/support/securitynotice/ntpbug3806/
Small adaptation to build is needed because of how tests are built.
Backport fixes for:
CVE: CVE-2023-26551
CVE: CVE-2023-26552
CVE: CVE-2023-26553
CVE: CVE-2023-26554
CVE: CVE-2023-26555
Signed-off-by: Hitendra Prajapati
---
.../ntp/ntp/CVE-2023
Hi Team,
Gentle reminder for this patch review .
Thank you
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#103654):
https://lists.openembedded.org/g/openembedded-devel/message/103654
Mute This Topic:
Hi Team,
Gentle reminder for this patch review .
Thank you
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#103653):
https://lists.openembedded.org/g/openembedded-devel/message/103653
Mute This Topic:
Upstream-Status: Backport from
https://github.com/openEuler-BaseService/yajl/commit/23a122eddaa28165a6c219000adcc31ff9a8a698
Signed-off-by: Hitendra Prajapati
---
.../yajl/yajl/CVE-2023-33460.patch| 29 +++
meta-oe/recipes-devtools/yajl/yajl_2.1.0.bb | 4 ++-
2
Upstream-Status: Backport from
https://github.com/openEuler-BaseService/yajl/commit/23a122eddaa28165a6c219000adcc31ff9a8a698
Signed-off-by: Hitendra Prajapati
---
.../yajl/yajl/CVE-2023-33460.patch| 29 +++
meta-oe/recipes-devtools/yajl/yajl_2.1.0.bb | 4 ++-
2
Upstream-Status: Backport from
https://git.libssh.org/projects/libssh.git/patch/?id=0a9268a60f2d3748ca69bde5651f20e72761058c
Signed-off-by: Hitendra Prajapati
---
.../libssh/libssh/CVE-2020-16135.patch| 44 +++
.../recipes-support/libssh/libssh_0.8.9.bb| 4 +-
2
Upstream-Status: Backport from
https://gitlab.com/libssh/libssh-mirror/-/commit/1493b4466fa394b321d196ad63dd6a4fa395d337
Signed-off-by: Hitendra Prajapati
---
.../libssh/libssh/CVE-2020-16135.patch| 105 ++
.../recipes-support/libssh/libssh_0.8.9.bb| 4 +-
2 files
Backport from
https://gitlab.com/wireshark/wireshark/-/commit/c4f37d77b29ec6a9754795d0efb6f68d633728d9
Signed-off-by: Hitendra Prajapati
---
.../wireshark/files/CVE-2023-0667-pre1.patch | 153 ++
.../wireshark/files/CVE-2023-0667.patch | 66
.../wireshark/files/
-by: Hitendra Prajapati
---
.../wireshark/files/CVE-2023-2855.patch | 117 ++
.../wireshark/files/CVE-2023-2856.patch | 68 ++
.../wireshark/files/CVE-2023-2858.patch | 94 ++
.../wireshark/files/CVE-2023-2952.patch | 97
* CVE-2023-0668 - Upstream-Status: Backport from
https://gitlab.com/wireshark/wireshark/-/commit/c4f37d77b29ec6a9754795d0efb6f68d633728d9
Signed-off-by: Hitendra Prajapati
---
.../wireshark/files/CVE-2023-0666.patch | 122 ++
.../wireshark/files/CVE-2023-0667.patch
* CVE-2023-0668 - Upstream-Status: Backport from
https://gitlab.com/wireshark/wireshark/-/commit/c4f37d77b29ec6a9754795d0efb6f68d633728d9
Signed-off-by: Hitendra Prajapati
---
.../wireshark/files/CVE-2023-0666.patch | 122 ++
.../wireshark/files/CVE-2023-0667.patch
Upstream-Status: Backport from
https://gitlab.com/wireshark/wireshark/-/commit/e18d0e369729b0fff5f76f41cbae67e97c2e52e5
Signed-off-by: Hitendra Prajapati
---
.../wireshark/files/CVE-2023-2952.patch | 98 +++
.../wireshark/wireshark_3.4.12.bb | 1 +
2 files
Upstream-Status: Backport from
https://gitlab.com/wireshark/wireshark/-/commit/e18d0e369729b0fff5f76f41cbae67e97c2e52e5
Signed-off-by: Hitendra Prajapati
---
.../wireshark/files/CVE-2023-2952.patch | 98 +++
.../wireshark/wireshark_3.4.12.bb | 1 +
2 files
Hi,
It is not included in the 5.15.9 release used in mickledore.
I'll try to work on that branch .
On 14/06/23 19:50, Martin Jansa wrote:
5.15.9 release used in mickledor
--
Regards,
Hitendra Prajapati
MontaVista Software LLC
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent
Upstream-Status: Backport from
https://download.qt.io/official_releases/qt/5.15/CVE-2023-32763-qtbase-5.15.diff
Signed-off-by: Hitendra Prajapati
---
recipes-qt/qt5/qtbase/CVE-2023-32763.patch | 74 ++
recipes-qt/qt5/qtbase_git.bb | 1 +
2 files changed, 75
Upstream-Status: Backport from
https://github.com/c-ares/c-ares/commit/823df3b989e59465d17b0a2eb1239a5fc048b4e5
Signed-off-by: Hitendra Prajapati
---
.../c-ares/c-ares/CVE-2023-31147.patch| 717 ++
.../recipes-support/c-ares/c-ares_1.18.1.bb | 1 +
2 files changed
Upstream-Status: Backport from
https://github.com/c-ares/c-ares/commit/f22cc01039b6473b736d3bf438f56a2654cdf2b2
Signed-off-by: Hitendra Prajapati
---
.../c-ares/c-ares/CVE-2023-31130.patch| 329 ++
.../recipes-support/c-ares/c-ares_1.18.1.bb | 5 +-
2 files changed
Upstream-Status: Backport from
https://gitlab.com/wireshark/wireshark/-/commit/e18d0e369729b0fff5f76f41cbae67e97c2e52e5
Signed-off-by: Hitendra Prajapati
---
.../wireshark/files/CVE-2023-2952.patch | 98 +++
.../wireshark/wireshark_3.4.12.bb | 1 +
2 files
Upstream-Status: Backport from
https://gitlab.com/wireshark/wireshark/-/commit/e18d0e369729b0fff5f76f41cbae67e97c2e52e5
Signed-off-by: Hitendra Prajapati
---
.../wireshark/files/CVE-2023-2952.patch | 98 +++
.../wireshark/wireshark_3.4.12.bb | 1 +
2 files
Signed-off-by: Hitendra Prajapati
---
.../wireshark/files/CVE-2023-2858.patch | 95 +++
.../wireshark/files/CVE-2023-2879.patch | 37
.../wireshark/wireshark_3.4.12.bb | 2 +
3 files changed, 134 insertions(+)
create mode 100644
meta-networking
Signed-off-by: Hitendra Prajapati
---
.../wireshark/files/CVE-2023-2858.patch | 95 +++
.../wireshark/files/CVE-2023-2879.patch | 37
.../wireshark/wireshark_3.4.12.bb | 2 +
3 files changed, 134 insertions(+)
create mode 100644
meta-networking
Signed-off-by: Hitendra Prajapati
---
.../wireshark/files/CVE-2023-2855.patch | 108 ++
.../wireshark/files/CVE-2023-2856.patch | 69 +++
.../wireshark/wireshark_3.4.12.bb | 2 +
3 files changed, 179 insertions(+)
create mode 100644
meta
Signed-off-by: Hitendra Prajapati
---
.../wireshark/files/CVE-2023-2855.patch | 108 ++
.../wireshark/files/CVE-2023-2856.patch | 69 +++
.../wireshark/wireshark_3.4.12.bb | 2 +
3 files changed, 179 insertions(+)
create mode 100644
meta
Upstream-Status: Backport from
https://gitlab.com/wireshark/wireshark/-/commit/db5135826de3a5fdb3618225c2ff02f4207012ca
Signed-off-by: Hitendra Prajapati
---
.../wireshark/files/CVE-2023-2856.patch | 69 +++
.../wireshark/wireshark_3.4.12.bb | 1 +
2 files
Upstream-Status: Backport from
https://gitlab.com/wireshark/wireshark/-/commit/0181fafb2134a177328443a60b5e29c4ee1041cb
Signed-off-by: Hitendra Prajapati
---
.../wireshark/files/CVE-2023-2855.patch | 108 ++
.../wireshark/wireshark_3.4.12.bb | 1 +
2 files
the runtime directory configurable
via the "runtimedir" make variable.
QA Issue: non -dev/-dbg/nativesdk- package multipath-tools-libs
contains symlink .so '/usr/lib/libdmmp.so'
...
Fix this by making the new pattern for multipath-tools-libs package
more specific.
Signed-off-by: Hitendra
Hi Armin,
No problem.
Thank you for the update.
Regards,
Hitendra
On Mon, 3 Apr 2023, 8:59 pm Armin Kuster, wrote:
>
>
> On 4/3/23 7:15 AM, Hitendra Prajapati wrote:
> > Hi Team,
> >
> > Any update on this issue ?
>
> Don't know yet. I have only on build
Hi Team,
Any update on this issue ?
Regards,
Hitendra
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#101937):
https://lists.openembedded.org/g/openembedded-devel/message/101937
Mute This Topic: https://lists.openembedded.org/mt/97822021/21656
Hi Team,
Any update on this ??
Regards,
Hitendra
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#101936):
https://lists.openembedded.org/g/openembedded-devel/message/101936
Mute This Topic: https://lists.openembedded.org/mt/97967253/21656
Group
26293ff8cbd282cfc866ab56054c4
&&
https://github.com/syslog-ng/syslog-ng/commit/8c6e2c1c41b0fcc5fbd464c35f4dac7102235396
&&
https://github.com/syslog-ng/syslog-ng/commit/56f881c5eaa3d8c02c96607c4b9e4eaf959a044d
Signed-off-by: Hitendra Prajapati
---
.../syslog-ng/files/CVE-2022-38725.p
Upstream-Status: Backport from
https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=3f7342671341a7a137f2d8b06ab3461cdb0e1d88
Signed-off-by: Hitendra Prajapati
---
.../postgresql/files/CVE-2022-41862.patch | 48 +++
.../recipes-dbs/postgresql/postgresql_12.9.bb
Hi Team,
Gentle reminder !
Regards,
Hitendra
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#101345):
https://lists.openembedded.org/g/openembedded-devel/message/101345
Mute This Topic: https://lists.openembedded.org/mt/97200229/21656
Group
Hi Armin/Team,
Please ignore this mail.
I have just seen that somebody update the package.
Thank you
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#101248):
https://lists.openembedded.org/g/openembedded-devel/message/101248
Mute This Topic:
Hi Armin,
Does any one update apache2 package to 2.4.55 which includes this fix ?
Gentle reminder .
Regards,
Hitendra
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#101247):
https://lists.openembedded.org/g/openembedded-devel/message/101247
Mute
Upstream-Status: Backport from
https://github.com/SSSD/sssd/commit/1c40208aa1e0f9a17cc4f336c99bcaa6977592d3 &
https://github.com/SSSD/sssd/commit/a2b9a84460429181f2a4fa7e2bb5ab49fd561274
Signed-off-by: Hitendra Prajapati
---
.../sssd/files/CVE-2022-4254-1.patch |
Upstream-Status: Backport from
https://github.com/apache/httpd/commit/8b6d55f6a047acf62675e32606b037f5eea8ccc7
Signed-off-by: Hitendra Prajapati
---
.../apache2/apache2/CVE-2022-37436.patch | 138 ++
.../recipes-httpd/apache2/apache2_2.4.54.bb | 1 +
2 files changed
Upstream-Status: Backport from
https://github.com/apache/httpd/commit/8b6d55f6a047acf62675e32606b037f5eea8ccc7
Signed-off-by: Hitendra Prajapati
---
.../apache2/apache2/CVE-2022-37436.patch | 138 ++
.../recipes-httpd/apache2/apache2_2.4.54.bb | 1 +
2 files changed
Upstream-Status: Backport from
https://github.com/apache/httpd/commit/d93e61e3e9622bacff746772cb9c97fdcaed8baf
Signed-off-by: Hitendra Prajapati
---
.../apache2/apache2/CVE-2022-36760.patch | 37 +++
.../recipes-httpd/apache2/apache2_2.4.54.bb | 1 +
2 files changed, 38
Upstream-Status: Backport from
https://github.com/krb5/krb5/commit/4e661f0085ec5f969c76c0896a34322c6c432de4
Signed-off-by: Hitendra Prajapati
---
.../krb5/krb5/CVE-2022-42898.patch| 110 ++
.../recipes-connectivity/krb5/krb5_1.17.1.bb | 1 +
2 files changed, 111
Upstream-Status: Backport from
https://github.com/krb5/krb5/commit/4e661f0085ec5f969c76c0896a34322c6c432de4
Signed-off-by: Hitendra Prajapati
---
.../krb5/krb5/CVE-2022-42898.patch| 110 ++
.../recipes-connectivity/krb5/krb5_1.17.2.bb | 1 +
2 files changed, 111
Upstream-Status: Backport from
https://github.com/net-snmp/net-snmp/commit/be804106fd0771a7d05236cff36e199af077af57
Signed-off-by: Hitendra Prajapati
---
.../CVE-2022-44792-CVE-2022-44793.patch | 116 ++
.../net-snmp/net-snmp_5.9.3.bb| 1 +
2 files
Upstream-Status: Backport from
https://github.com/net-snmp/net-snmp/commit/be804106fd0771a7d05236cff36e199af077af57
Signed-off-by: Hitendra Prajapati
---
.../CVE-2022-44792-CVE-2022-44793.patch | 116 ++
.../net-snmp/net-snmp_5.8.bb | 1 +
2 files
Hi Team,
gentle reminder .
Regards,
Hitendra
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#100119):
https://lists.openembedded.org/g/openembedded-devel/message/100119
Mute This Topic: https://lists.openembedded.org/mt/95533615/21656
Group
Upstream-Status: Backport from
https://github.com/proftpd/proftpd/commit/10a227b4d50e0a2cd2faf87926f58d865da44e43
Signed-off-by: Hitendra Prajapati
---
.../proftpd/files/CVE-2021-46854.patch| 51 +++
.../recipes-daemons/proftpd/proftpd_1.3.6.bb | 1 +
2 files changed
Upstream-Status: Backport from
https://github.com/proftpd/proftpd/commit/10a227b4d50e0a2cd2faf87926f58d865da44e43
Signed-off-by: Hitendra Prajapati
---
.../proftpd/files/CVE-2021-46854.patch| 51 +++
.../recipes-daemons/proftpd/proftpd_1.3.6.bb | 1 +
2 files changed
Hi Armin,
Can you please accept/validate this patch or Upgrade the postgresql version to
12.12 as you said in your reply.
Regards,
Hitendra
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#99907):
Upstream-Status: Backport from
https://github.com/nginx/nginx/commit/6b022a5556af22b6e18532e547a6ae46b0d8c6ea
Signed-off-by: Hitendra Prajapati
---
.../files/CVE-2022-41741-CVE-2022-41742.patch | 319 ++
.../recipes-httpd/nginx/nginx_1.20.1.bb | 4 +-
2 files changed
Upstream-Status: Backport from
https://github.com/nginx/nginx/commit/6b022a5556af22b6e18532e547a6ae46b0d8c6ea
Signed-off-by: Hitendra Prajapati
---
.../files/CVE-2022-41741-CVE-2022-41742.patch | 319 ++
.../recipes-httpd/nginx/nginx_1.16.1.bb | 4 +-
2 files changed
Upstream-Status: Backport from
https://download.strongswan.org/security/CVE-2022-40617
Affects "strongswan < 5.9.8"
Signed-off-by: Hitendra Prajapati
---
.../strongswan/files/CVE-2022-40617.patch | 157 ++
.../strongswan/strongswan_5.9.6.bb|
Hi Team,
Any update or comments on that patches ??
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#99440):
https://lists.openembedded.org/g/openembedded-devel/message/99440
Mute This Topic: https://lists.openembedded.org/mt/94230529/21656
Group
Upstream-Status: Backport from
https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=5579726bd60a6e7afb04a3548bced348cd5ffd89
Description:
CVE-2022-2625 postgresql: Extension scripts replace objects not
belonging to the extension.
Signed-off-by: Hitendra Prajapati
-off-by: Hitendra Prajapati
---
.../dhcp/dhcp-relay_4.4.3.bb | 2 +
.../dhcp/files/CVE-2022-2928.patch| 120 ++
.../dhcp/files/CVE-2022-2929.patch| 40 ++
3 files changed, 162 insertions(+)
create mode 100644
meta-networking/recipes
Description:
CVE-2022-3190 wireshark: Infinite loop in legacy style dissector.
Signed-off-by: Hitendra Prajapati
---
.../wireshark/files/CVE-2022-3190.patch | 145 ++
.../wireshark/wireshark_3.4.12.bb | 1 +
2 files changed, 146 insertions(+)
create
-0934 dnsmasq: Heap use after free in dhcp6_no_relay.
Signed-off-by: Hitendra Prajapati
---
.../dnsmasq/dnsmasq/CVE-2022-0934.patch | 188 ++
.../recipes-support/dnsmasq/dnsmasq_2.81.bb | 1 +
2 files changed, 189 insertions(+)
create mode 100644
meta-networking/recipes
commit;h=677a494789062ca88e0142a17bedd5415f6ab0aa
ChangeID: 5011e2e09f30f76fc27dc4cb5fa98a504d1aaec9
Description:
CVE-2022-1552 postgresql: Autovacuum, REINDEX, and others omit
"security restricted operation" sandbox.
Signed-off-by: Hitendra Prajapati
---
.../postgresql/files/C
commit;h=677a494789062ca88e0142a17bedd5415f6ab0aa
ChangeID: 5011e2e09f30f76fc27dc4cb5fa98a504d1aaec9
Description:
CVE-2022-1552 postgresql: Autovacuum, REINDEX, and others omit
"security restricted operation" sandbox.
Signed-off-by: Hitendra Prajapati
---
.../postgresql/files/C
Upstream-Status: Backport
[https://github.com/qemu/qemu/commit/418ade7849ce7641c0f7333718caf5091a02fd4c]
CVE: CVE-2022-35414
Signed-off-by: Hitendra Prajapati
---
meta/recipes-devtools/qemu/qemu.inc | 1 +
.../qemu/qemu/CVE-2022-35414.patch| 53 +++
2
attackers to
cause a denial of service.
Signed-off-by: Hitendra Prajapati
---
.../recipes-devtools/python/python-lxml.inc | 2 +
.../python/python3-lxml/CVE-2022-2309.patch | 94 +++
2 files changed, 96 insertions(+)
create mode 100644
meta-python/recipes-devtools/python
: failure to properly escape SQL input allows
an attacker to execute arbitrary SQL commands.
Signed-off-by: Hitendra Prajapati
---
.../cyrus-sasl/CVE-2022-24407.patch | 27 +++
.../cyrus-sasl/cyrus-sasl_2.1.28.bb | 1 +
2 files changed, 28 insertions(+)
create mode
Regards,
Hitendra
On 29/06/22 22:38, Khem Raj wrote:
this patch is needed on master too, please send a version against
master as well. We want to apply that before
backporting it to releases
On 6/28/22 1:55 AM, Hitendra Prajapati wrote:
Source: https://github.com/cyrusimap/cyrus-sasl
MR
Backport from
https://github.com/cyrusimap/cyrus-sasl/commit/9eff746c9daecbcc0041b09a5a51ba30738cdcbc
CVE-2022-24407 cyrus-sasl: failure to properly escape SQL input allows an
attacker to execute arbitrary SQL commands.
Signed-off-by: Hitendra Prajapati
---
.../cyrus-sasl/CVE-2022-24407.patch
: failure to properly escape SQL input allows
an attacker to execute arbitrary SQL commands.
Signed-off-by: Hitendra Prajapati
---
.../cyrus-sasl/CVE-2022-24407.patch | 83 +++
.../cyrus-sasl/cyrus-sasl_2.1.28.bb | 1 +
2 files changed, 84 insertions(+)
create mode
: failure to properly escape SQL input allows
an attacker to execute arbitrary SQL commands.
Signed-off-by: Hitendra Prajapati
---
.../cyrus-sasl/CVE-2022-24407.patch | 83 +++
.../cyrus-sasl/cyrus-sasl_2.1.27.bb | 1 +
2 files changed, 84 insertions(+)
create mode
xterm: Buffer overflow in set_sixel in graphics_sixel.c.
Signed-off-by: Hitendra Prajapati
---
.../xorg-app/xterm/CVE-2022-24130.patch | 84 +++
.../recipes-graphics/xorg-app/xterm_353.bb| 2 +-
2 files changed, 85 insertions(+), 1 deletion(-)
create mode 100644 meta
: OpenLDAP SQL injection
Signed-off-by: Hitendra Prajapati
---
.../openldap/openldap/CVE-2022-29155.patch| 277 ++
.../openldap/openldap_2.4.57.bb | 2 +-
2 files changed, 278 insertions(+), 1 deletion(-)
create mode 100644
meta-oe/recipes-support/openldap
: OpenLDAP SQL injection
Signed-off-by: Hitendra Prajapati
---
.../openldap/openldap/CVE-2022-29155.patch| 277 ++
.../openldap/openldap_2.4.57.bb | 2 +-
2 files changed, 278 insertions(+), 1 deletion(-)
create mode 100644
meta-oe/recipes-support/openldap
: failure to properly escape SQL input allows
an attacker to execute arbitrary SQL commands.
Signed-off-by: Hitendra Prajapati
---
.../cyrus-sasl/CVE-2022-24407.patch | 83 +++
.../cyrus-sasl/cyrus-sasl_2.1.27.bb | 1 +
2 files changed, 84 insertions(+)
create mode
: failure to properly escape SQL input allows
an attacker to execute arbitrary SQL commands.
Signed-off-by: Hitendra Prajapati
---
.../cyrus-sasl/CVE-2022-24407.patch | 83 +++
.../cyrus-sasl/cyrus-sasl_2.1.27.bb | 1 +
2 files changed, 84 insertions(+)
create mode
: OpenLDAP SQL injection
Signed-off-by: Hitendra Prajapati
---
.../openldap/openldap/CVE-2022-29155.patch| 277 ++
.../openldap/openldap_2.4.57.bb | 2 +-
2 files changed, 278 insertions(+), 1 deletion(-)
create mode 100644
meta-oe/recipes-support/openldap
: failure to properly escape SQL input allows
an attacker to execute arbitrary SQL commands.
Signed-off-by: Hitendra Prajapati
---
.../cyrus-sasl/CVE-2022-24407.patch | 83 +++
.../cyrus-sasl/cyrus-sasl_2.1.27.bb | 1 +
2 files changed, 84 insertions(+)
create mode
97 matches
Mail list logo