| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
| |
Includes fix for CVE-2024-49767
Changelog:
==========
https://github.com/pallets/werkzeug/blob/3.0.6/CHANGES.rst
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ChangeLog:
https://github.com/FreeRADIUS/freeradius-server/releases/tag/release_3_2_4
https://github.com/FreeRADIUS/freeradius-server/releases/tag/release_3_2_5
Security fixes:
CVE-2024-3596:
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a
local attacker who can modify any valid Response (Access-Accept,
Access-Reject, or Access-Challenge) to any other response using a
chosen-prefix collision attack against MD5 Response Authenticator
signature.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2024-3596
https://www.freeradius.org/security/
https://www.blastradius.fail/
https://www.inkbridgenetworks.com/web/content/2557?unique=47be02c8aed46c53b0765db185320249ad873d95
(master rev: 28d82d17c8174ee17271ca43ad7eb2175211cacc)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Haixiao Yan <haixiao.yan.cn@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
Change the SRC_URI to the correct value due to the following error:
WARNING: libdev-checklib-perl-native-1.16-r0 do_fetch: Failed to fetch URL https://cpan.metacpan.org/modules/by-module/Devel/Devel-CheckLib-1.16.tar.gz, attempting MIRRORS if available
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
Change the SRC_URI to the correct value due to the following error:
WARNING: eject-2.1.5-r0.wr2401 do_fetch: Failed to fetch URL http://sources.openembedded.org/eject-2.1.5.tar.gz, attempting MIRRORS if available
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
Change the SRC_URI to the correct value due to the following error:
WARNING: xfce-dusk-gtk3-1.3-r0 do_fetch: Failed to fetch URL http://sources.openembedded.org/141404-xfce_dusk_gtk3-1_3.tar.gz;subdir=xfce-dusk-gtk3-1.3, attempting MIRRORS if available
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ChangeLog:
https://github.com/OpenVPN/openvpn/blob/v2.6.12/Changes.rst
Security fixes:
CVE-2024-4877: Windows: harden interactive service pipe.
Security scope: a malicious process with "some" elevated privileges
(SeImpersonatePrivilege) could open the pipe a second time,
tricking openvn GUI into providing user credentials (tokens),
getting full access to the account openvpn-gui.exe runs as.
CVE-2024-5594: control channel: refuse control channel messages with
nonprintable characters in them.
Security scope: a malicious openvpn peer can send garbage to openvpn log,
or cause high CPU load.
CVE-2024-28882: only call schedule_exit() once (on a given peer).
Security scope: an authenticated client can make the server "keep the
session" even when the server has been told to disconnect this client.
Signed-off-by: Haixiao Yan <haixiao.yan.cn@windriver.com>
[Drop CVE-2024-28882 patch not yet in stable]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Fixes for uninitialized memory issues
Hunk present in card-entersafe.c and card-gids.c are refresehed base
on codebase.
Signed-off-by: Virendra Thakur <virendrak@kpit.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
CVE-2024-28882: OpenVPN in a server role accepts multiple exit
notifications from authenticated clients which will extend the
validity of a closing session
References:
https://community.openvpn.net/openvpn/wiki/CVE-2024-28882
Signed-off-by: Haixiao Yan <haixiao.yan.cn@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
OpenSSL's soversion will not change for any 3.x minor release.
https://www.openssl.org/policies/general/versioning-policy.html
Signed-off-by: Sana Kazi <sanakazi720@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c3e4879c5c7abbf57b0c2633a66137e302604e0a)
Signed-off-by: Akash Hadke <akash.hadke27@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
According to [1] the ESI feature implementation in squid is vulnerable
without any fix available.
NVD says it's fixed in 6.10, however the change in this release only
disables ESI by default (which we always did via PACKAGECONFIG).
Commit in master branch related to this CVE is [2].
Title is "Remove Edge Side Include (ESI) protocol" and it's also what it
does. So there will never be a fix for these ESI vulnerabilities.
We should not break features in LTS branch and cannot fix this problem.
So ignrore this CVE based on set PACKAGECONFIG which should remove it
from reports for most users. Thos who need ESI need to assess the risk
themselves.
[1] https://github.com/squid-cache/squid/security/advisories/GHSA-f975-v7qw-q7hj
[2] https://github.com/squid-cache/squid/commit/5eb89ef3d828caa5fc43cd8064f958010dbc8158
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Null Pointer Dereference in mask_cidr6 component at cidr.c in Tcpreplay
4.4.4 allows attackers to crash the application via crafted tcprewrite
command.
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-43279
Upstream patches:
https://github.com/appneta/tcpreplay/pull/860/commits/963842ceca79e97ac3242448a0de94fb901d3560
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
Without this the native recipe cannot be built.
Signed-off-by: Justin Bronder <jsbronder@cold-front.org>
(cherry picked from commit 4a86f8a54fe96f4aa05232180a2a744a15638f55)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
Full changelog:
https://sourceforge.net/p/openipmi/news/
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pick the same patch as Debian took for bullseye.
There is no direct backport to version prior 3.102 because
commit NSS_3_101_BETA2-12-g8d94c529b [1] rewrote this code.
Applied patch was proposed for old versions in [2] and already
applied in Debian bullseye.
I could not find suitable upstream status, inappropriate is the best
I could pick from offered possibilities.
[1] https://github.com/nss-dev/nss/commit/8d94c529b333194d080c4885ddd3a40e6c296ae9<
[2] https://groups.google.com/a/mozilla.org/g/dev-tech-crypto/c/t9JmsYkujWM/m/HjKuk-ngBAAJ
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Pick the same patch as Debian took for bullseye.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
ChangeLog:
https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.6.2
Security Fix:
CVE-2024-49195
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove 0001-Set-use_tcl-to-be-empty-string-if-tcl-is-disabled.patch.
This patch is obsolete and not needed because the current graphviz
configure.ac has correct logic of checking use_tcl. This use_tcl
variable needs to be set when '--disable-tcl' is set, otherwise,
things will behave as if no option is supplied and the configure
process will check tcl automatically.
This patch is problematic because its logic against the current version
is wrong. The recipe has already explicitly set '--disable-tcl', so
the configure process should not do automatic checking for tcl at do_configure.
This patch fixes do_configure error when host has tcl8.6-dev installed. The
error is like below:
QA Issue: This autoconf log indicates errors, it looked at host include and/or
library paths while determining system capabilities.
Rerun configure task after fixing this. [configure-unsafe]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Change the SRC_URI to the correct value due to the following error:
WARNING: vlock-2.2.3-r0.vr2401 do_fetch: Failed to fetch URL http://distfiles.gentoo.org/distfiles/vlock-2.2.3.tar.gz, attempting MIRRORS if available
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Change the SRC_URI to the correct value due to the following error:
WARNING: wireguard-tools-1.0.20210914-r0 do_fetch: Failed to fetch URL git://git.zx2c4.com/wireguard-tools;branch=master, attempting MIRRORS if available
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Drop two patches which haven't been referenced by the nodejs recipe since the
20.11.0 version checkin.
0001-build-fix-build-with-Python-3.12.patch
0001-gyp-resolve-python-3.12-issues.patch
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Change the SRC_URI to the correct value due to the following error:
WARNING: debootstrap-1.0.132-r0.vr2401 do_fetch: Failed to fetch URL http://ftp.debian.org/debian/pool/main/d/debootstrap/debootstrap_1.0.132.tar.gz, attempting MIRRORS if available
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* github repo was force pushed and git history re-written since 2018 commit:
69ee98df Release 1.43.07
* $ git branch -a --contains 352aeaa9ae49e90e55187cbda839f2113df06278
$
* $ git diff 352aeaa9ae49e90e55187cbda839f2113df06278 08b052692b70171a6fcb437d4f52a46977eda62e
$
* so at least the 1.59.01 content is the same
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In testing adding in more kernel-selftests there were a number of issues
that arose that require changes that are more appropriate for the main
recipe and not a bbappend.
1) Stop looping over TEST_LIST ourselves and use the TARGETS="" provided
by the kernel-sefltest Makefiles. This correctly sets up various
variables that the selftest Makefiles all need. Also, do_install
becomes cleaner because the main Makefile already installs the list of
tests and the top level script.
2) Add DEBUG_PREFIX_MAP to the CC setting to avoid some "buildpaths" QA
errors.
3) Add two INSANE_SKIPS for "already-stripped" and "ldflags". Some of
the selftest Makefiles are adding flags to their compiles that basically
break the above checks. Since these compiles are not really meant as
user level tools and instead testing, it should be ok to just always set
INSANE_SKIP for these two.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Affected components:
- cpupower
- intel-speed-select
- spidev-test
When the externalsrc class is used the tasks listed in SRCTREECOVEREDTASKS
are deleted to prevent them being executed. If externalsrc is used for
the kernel then this will include virtual/kernel:do_patch.
Signed-off-by: Andrej Valek <andrej.v@skyrain.eu>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Modify the CMakeLists.txt to add an Option for
STATIC target import, as available for shared library.
Link: https://github.com/facebook/rocksdb/pull/12890
Configure static library default to switched off
as shared libraries are sufficient in most cases.
Signed-off-by: Bhabu Bindu <bindu.bhabu@kpit.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 233079a41caded6b68972317f01dc09435ba1ae0)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Pick patches according to
http://w1.fi/security/2024-2/sae-h2h-and-incomplete-downgrade-protection-for-group-negotiation.txt
SAE H2E and incomplete downgrade protection for group negotiation
Patch 0002-SAE-Check-for-invalid-Rejected-Groups-element-length.patch
was removed as it only patched wpa_supplicant. The patch names were
not changed so it is comparable with wpa_supplicant recipe.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Picked patches according to
http://w1.fi/security/2024-1/hostapd-and-radius-protocol-forgery-attacks.txt
First patch is style commit picked to have a clean cherry-pick of all
mentioned commits without any conflict.
Patch CVE-2024-3596_03.patch was removed as it only patched
wpa_supplicant. The patch names were not changed so it is comparable
with wpa_supplicant recipe.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Busybox can optionally provide an httpd server, but by default The Yocto
Project defconfig for busybox does not enable it. If it is enabled,
busybox puts the resulting /usr/sbin/httpd object under the control of
update-alternatives.
apache2, on the other hand, does not put /usr/sbin/httpd under the control
of update-alternatives. Therefore, in the off chance a user enables the
busybox httpd server, it does not play well with apache2.
Add update-alternatives information to apache2 so that it plays nicely with
busybox which can optionally provide an httpd server at /usr/sbin/httpd.
Signed-off-by: Trevor Woerner <twoerner@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Drop upstreamed patches
Fixes build with fmt11
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
This reverts commit e5c0a0be96eb549858a987b353263c877eae275e.
pkg being updated
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Location of the file that systemd uses to check whether to
start adbd or not has been updated from /var to /etc in
android-tools-adbd.service. This change changes the path
of creation of usb-debugging-enabled flag file in
android-tools recipes from /var/usb-debugging-enabled to
/etc/usb-debugging-enabled
Backport-of: 2a3d4be9994e ("android-tools: create flag flag file for adbd at a proper location")
Fixes: a29c6386d576 ("android-toold-adbd: Fix inconsistency between selinux configurations")
Fixes: 8106cfe769aa ("android-tools-adbd.service: Change /var to /etc in ConditionPathExists")
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Raghuvarya S <quic_raghuvar@quicinc.com>
Acked-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ConditionPathExists is set to /etc/usb-debugging-enabled as part of
meta-oe/recipes-devtools/android-tools/android-tools/android-tools-
-adbd.service file. However, in meta-oe/dynamic-layers/selinux/
recipes-devtool/android-tools/android-tools/android-tools-adbd.service
file ConditionPathExists is set to /var/usb-debugging-enabled
This causes an internal inconsistency between selinux-enabled and
selinux-disabled configurations.
Backport-of: a29c6386d576 ("android-toold-adbd: Fix inconsistency between selinux configurations")
Reported-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Raghuvarya S <quic_raghuvar@quicinc.com>
Acked-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To ensure android-tools-adbd.service starts at boot, the path
for ConditionPathExists must be present at build time. /etc is
more suitable for build-time files than /var, which is for
runtime files. Changed ConditionPathExists from
/var/usb-debugging-enabled to /etc/usb-debugging-enabled
Backport-of: 8106cfe769aa ("android-tools-adbd.service: Change /var to /etc in ConditionPathExists")
CC: Khem Raj <raj.khem@gmail.com>
CC: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Raghuvarya S <quic_raghuvar@quicinc.com>
Acked-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fixes following stringop-overflow warning with gcc-13:
In file included from /usr/include/c++/13/atomic:41,
from /poky/build/tmp/work/x86_64-linux/tbb-native/2021.11.0/git/src/tbb/../../include/oneapi/tbb/detail/_utils.h:22,
from /poky/build/tmp/work/x86_64-linux/tbb-native/2021.11.0/git/src/tbb/task_dispatcher.h:20,
from /poky/build/tmp/work/x86_64-linux/tbb-native/2021.11.0/git/src/tbb/arena.cpp:17:
In member function ‘void std::__atomic_base<_IntTp>::store(__int_type, std::memory_order) [with _ITp = bool]’,
inlined from ‘void std::atomic<bool>::store(bool, std::memory_order)’ at /usr/include/c++/13/atomic:104:20,
inlined from ‘void tbb::detail::r1::concurrent_monitor_base<Context>::notify_one_relaxed() [with Context = long unsigned int]’ at /poky/build/tmp/work/x86_64-linux/tbb-native/2021.11.0/git/src/tbb/concurrent_monitor.h:293:53:
/usr/include/c++/13/bits/atomic_base.h:481:25: error: ‘void __atomic_store_1(volatile void*, unsigned char, int)’ writing 1 byte into a region of size 0 overflows the destination [-Werror=stringop-overflow=]
481 | __atomic_store_n(&_M_i, __i, int(__m));
| ~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~
compilation terminated due to -Wfatal-errors.
cc1plus: all warnings being treated as errors
(cherry picked from commit e131071769ee3df51b56b053ba6bfa06ae9eff25)
Signed-off-by: Yogesh Tyagi <yogesh.tyagi@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit updates the RDEPENDS for the ptest package to include
${PN}-python only when the 'python' PACKAGECONFIG option is enabled.
This fix is required as ptest is enabled in the Distro features,
which was causing the following error:
ERROR: Nothing RPROVIDES 'nftables-python' (but /home/builder/src/base/node0/meta-openembedded/meta-networking/recipes-filter/nftables/nftables_1.0.9.bb RDEPENDS on or otherwise requires it)
NOTE: Runtime target 'nftables-python' is unbuildable, removing...
Missing or unbuildable dependency chain was: ['nftables-python']
ERROR: Required build target 'nftables' has no buildable providers.
Missing or unbuildable dependency chain was: ['nftables', 'nftables-python']
Signed-off-by: Nikhil R <nikhil.r@kpit.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use inherit_defer instead of inhert. This way, setuptools3 is not
inherited when python is removed from PACKAGECONFIG in a .bbappend file.
This avoids dependencies added by setuptools3.
Don't add nftables-python to PACKAGES if python is disabled. It adds
extra runtime dependencies on python3-core and python3-json.
Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 5cf3766cf6395d4bfa5de20cf7427950ca498eaa)
Signed-off-by: Nikhil R <nikhil.r@kpit.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 09f8ef2242c2d7f83101effed09ee7894e14c069)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Upstream-Status: Backport from https://github.com/fujita/tgt/commit/abd8e0d987ab56013d360077202bf2aca20a42dd
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
ChangeLog
https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-2.28.9
Security fix:
CVE-2024-45157
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ChangeLog:
https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.6.1
Security fixes:
CVE-2024-45157
CVE-2024-45158
CVE-2024-45159
* According to commit[1], install data_files into framework directory
for ptest.
[1] https://github.com/Mbed-TLS/mbedtls/commit/9c4dd4ee6fe570b6a50a275d78b7d140fec0e02f
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2024-45230: Potential denial-of-service vulnerability in
django.utils.html.urlize()
urlize and urlizetrunc were subject to a potential denial-of-service attack
via very large inputs with a specific sequence of characters.
CVE-2024-45231: Potential user email enumeration via response status on
password reset
Due to unhandled email sending failures, the
django.contrib.auth.forms.PasswordResetForm class allowed remote attackers to
enumerate user emails by issuing password reset requests and observing the
outcomes.
To mitigate this risk, exceptions occurring during password reset email
sending are now handled and logged using the django.contrib.auth logger.
CVE-2024-41989: Memory exhaustion in django.utils.numberformat.floatformat()
The floatformat template filter is subject to significant memory consumption
when given a string representation of a number in scientific notation with
a large exponent.
CVE-2024-41990: Potential denial-of-service in django.utils.html.urlize()
The urlize() and urlizetrunc() template filters are subject to a potential
denial-of-service attack via very large inputs with a specific sequence of
characters.
CVE-2024-41991: Potential denial-of-service vulnerability in
django.utils.html.urlize() and AdminURLFieldWidget
The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget,
are subject to a potential denial-of-service attack via certain inputs with
a very large number of Unicode characters.
CVE-2024-42005: Potential SQL injection in QuerySet.values() and values_list()
QuerySet.values() and values_list() methods on models with a JSONField are
subject to SQL injection in column aliases via a crafted JSON object key as
a passed *arg.
CVE-2024-38875: Potential denial-of-service in django.utils.html.urlize()
urlize() and urlizetrunc() were subject to a potential denial-of-service
attack via certain inputs with a very large number of brackets.
CVE-2024-39329: Username enumeration through timing difference for users with
unusable passwords
The django.contrib.auth.backends.ModelBackend.authenticate() method allowed
remote attackers to enumerate users via a timing attack involving login
requests for users with unusable passwords.
CVE-2024-39330: Potential directory-traversal in
django.core.files.storage.Storage.save()
Derived classes of the django.core.files.storage.Storage base class which
override generate_filename() without replicating the file path validations
existing in the parent class, allowed for potential directory-traversal via
certain inputs when calling save().
Built-in Storage sub-classes were not affected by this vulnerability.
CVE-2024-39614: Potential denial-of-service in
django.utils.translation.get_supported_language_variant()
get_supported_language_variant() was subject to a potential denial-of-service
attack when used with very long strings containing specific characters.
To mitigate this vulnerability, the language code provided to
get_supported_language_variant() is now parsed up to a maximum length of
500 characters.
Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2024-45230: Potential denial-of-service vulnerability in
django.utils.html.urlize()
urlize and urlizetrunc were subject to a potential denial-of-service attack
via very large inputs with a specific sequence of characters.
CVE-2024-45231: Potential user email enumeration via response status on
password reset
Due to unhandled email sending failures, the
django.contrib.auth.forms.PasswordResetForm class allowed remote attackers to
enumerate user emails by issuing password reset requests and observing the
outcomes.
To mitigate this risk, exceptions occurring during password reset email
sending are now handled and logged using the django.contrib.auth logger.
CVE-2024-41989: Memory exhaustion in django.utils.numberformat.floatformat()
The floatformat template filter is subject to significant memory consumption
when given a string representation of a number in scientific notation with
a large exponent.
CVE-2024-41990: Potential denial-of-service in django.utils.html.urlize()
The urlize() and urlizetrunc() template filters are subject to a potential
denial-of-service attack via very large inputs with a specific sequence of
characters.
CVE-2024-41991: Potential denial-of-service vulnerability in
django.utils.html.urlize() and AdminURLFieldWidget
The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget,
are subject to a potential denial-of-service attack via certain inputs with
a very large number of Unicode characters.
CVE-2024-42005: Potential SQL injection in QuerySet.values() and values_list()
QuerySet.values() and values_list() methods on models with a JSONField are
subject to SQL injection in column aliases via a crafted JSON object key as
a passed *arg.
CVE-2024-38875: Potential denial-of-service in django.utils.html.urlize()
urlize() and urlizetrunc() were subject to a potential denial-of-service
attack via certain inputs with a very large number of brackets.
CVE-2024-39329: Username enumeration through timing difference for users with
unusable passwords
The django.contrib.auth.backends.ModelBackend.authenticate() method allowed
remote attackers to enumerate users via a timing attack involving login
requests for users with unusable passwords.
CVE-2024-39330: Potential directory-traversal in
django.core.files.storage.Storage.save()
Derived classes of the django.core.files.storage.Storage base class which
override generate_filename() without replicating the file path validations
existing in the parent class, allowed for potential directory-traversal via
certain inputs when calling save().
Built-in Storage sub-classes were not affected by this vulnerability.
CVE-2024-39614: Potential denial-of-service in
django.utils.translation.get_supported_language_variant()
get_supported_language_variant() was subject to a potential denial-of-service
attack when used with very long strings containing specific characters.
To mitigate this vulnerability, the language code provided to
get_supported_language_variant() is now parsed up to a maximum length of
500 characters.
Fixed a crash in Django 4.2 when validating email max line lengths with content
decoded using the surrogateescape error handling scheme (#35361)
Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
This fixes errors from buildhistory changes where packages-split would
be empty.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 90f96e053ad3eefa7693d9748efdfbfa72d7dcfd)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
bpftool is supported for riscv64 and tested on qemuriscv64.
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
0003-configure.ac-bypass-autoconf-2.69-version-check.patch
refreshed for 16.4
drop: CVE-2024-7348.patch
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 4d253bca26c5e6f9d79e19ab1b62fa34b5c05429)
[Drop CVE patch now included in update]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
[V2]
Missed dropping CVE patch
|
| |
|
|
|
|
|
|
|
|
| |
Changelog:
https://www.samba.org/samba/history/samba-4.19.8.html
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 3cbd140c7d85d99afc81ffd83b75698ee621c1c1)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
ChangeLog:
https://www.samba.org/samba/history/samba-4.19.7.html
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 41df431b91f1d81070c1f0e8633995d7afba52e4)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit bbcb7d6023a516f3d432fbf01b78cdcc486e31ba)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 7e8a786c291659083d746a4fe066fbc68c2abf34)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
Project has moved to github.
Signed-off-by: Marc Ferland <marc.ferland@gmail.com>
(cherry picked from commit fb3408270282fbd619df7a5efac5178cabc37ddb)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
