summaryrefslogtreecommitdiffstats
path: root/meta-oe/recipes-support
Commit message (Collapse)AuthorAgeFilesLines
* c-ares: Backport fix for CVE-2024-25629Ashish Sharma2024-04-022-0/+33
| | | | | | | | | | | | Upstream-Status: Backport [https://github.com/c-ares/c-ares/commit/a804c04ddc8245fc8adf0e92368709639125e183] References: https://nvd.nist.gov/vuln/detail/CVE-2024-25629 https://github.com/c-ares/c-ares/security/advisories/GHSA-mg26-v6qh-x48q https://security-tracker.debian.org/tracker/CVE-2024-25629 Signed-off-by: Ashish Sharma <asharma@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* opensc: Fix CVE-2023-40661virendra thakur2024-01-168-0/+245
| | | | | | | Upstream-Status: Backport[https://salsa.debian.org/opensc-team/opensc/-/commit/8026fb4ca0ed53d970c6c497252eb264d4192d50] Signed-off-by: virendra thakur <virendrak@kpit.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* opensc: Fix CVE-2023-40660virendra thakur2024-01-162-0/+56
| | | | | | | Upstream-Status: Backport [https://salsa.debian.org/opensc-team/opensc/-/commit/940e8bc764047c873f88bb1396933a5368d03533] Signed-off-by: virendra thakur <virendrak@kpit.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libiio: use main branch instead of masterMartin Jansa2023-11-121-1/+1
| | | | | | | | * the branch was renamed upstream Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libssh2: Backport fix for CVE-2020-22218Vijay Anusuri2023-10-212-0/+40
| | | | | | | | | | | Bug: https://github.com/libssh2/libssh2/pull/476 Upstream-Status: Backport [https://github.com/libssh2/libssh2/commit/642eec48ff3adfdb7a9e562b6d7fc865d1733f45 & https://github.com/libssh2/libssh2/commit/0b44e558f311671f6e6d14c559bc1c9bda59b8df] Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* open-vm-tools: Security fix for CVE-2023-20900Priyal Doshi2023-09-302-0/+36
| | | | | | | Backport-from: https://github.com/vmware/open-vm-tools/commit/74b6d0d9000eda1a2c8f31c40c725fb0b8520b16 Signed-off-by: Priyal Doshi <pdoshi@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* c-ares: CVE-2023-32067 0-byte UDP payload Denial of ServiceVijay Anusuri2023-07-222-0/+85
| | | | | | | Upstream-Status: Backport from https://github.com/c-ares/c-ares/commit/b9b8413cfdb70a3f99e1573333b23052d57ec1ae Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libb64: Add recipeKhem Raj2023-07-228-0/+337
| | | | | | | | | | | | Add Base64 encode/decode library, some packages e.g. sysdig can benefit from it Disable parallel make as it races at times make[1]: *** No rule to make target 'libb64.a', needed by 'c-example1'. Stop. Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 6946f40707ed43426cd05ada1933e4867c7f6d4f) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* openldap: fix CVE-2021-27212 Assertion failure in slapdHitendra Prajapati2023-07-142-0/+32
| | | | | | | Upstream-Status: Backport from https://git.openldap.org/openldap/openldap/-/commit/9badb73425a67768c09bcaed1a9c26c684af6c30 Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* multipath-tools: fix CVE-2022-41974Hitendra Prajapati2023-07-142-0/+163
| | | | | | | Upstream-Status: Backport from https://github.com/openSUSE/multipath-tools/commit/fbbf280a0e26026c19879d938ebb2a8200b6357c Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* c-ares: whitelist CVE-2023-31124virendra thakur2023-07-141-0/+4
| | | | | | | | | | | | CVE-2023-31124 applies only when cross-compiling using autotools. Yocto cross-compiles via cmake which is also listed as official workaround. See: * https://nvd.nist.gov/vuln/detail/CVE-2023-31124 * https://github.com/c-ares/c-ares/security/advisories/GHSA-54xr-f67r-4pc4 Signed-off-by: virendra thakur <virendrak@kpit.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libssh: CVE-2020-16135 NULL pointer dereference in sftpserver.c if ↵Vijay Anusuri2023-07-145-1/+193
| | | | | | | | | | | | | | | | ssh_buffer_new returns NULL Upstream-Status: Backport [https://gitlab.com/libssh/libssh-mirror/-/commit/533d881b0f4b24c72b35ecc97fa35d295d063e53 & https://gitlab.com/libssh/libssh-mirror/-/commit/2782cb0495b7450bd8fe43ce4af886b66fea6c40 & https://gitlab.com/libssh/libssh-mirror/-/commit/10b3ebbe61a7031a3dae97f05834442220447181 & https://gitlab.com/libssh/libssh-mirror/-/commit/245ad744b5ab0582fef7cf3905a717b791d7e08b] Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* c-ares: CVE-2023-31147 Insufficient randomness in generation of DNS query IDsHitendra Prajapati2023-06-232-0/+718
| | | | | | | Upstream-Status: Backport from https://github.com/c-ares/c-ares/commit/823df3b989e59465d17b0a2eb1239a5fc048b4e5 Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* c-ares: CVE-2023-31130 fix Buffer UnderwriteHitendra Prajapati2023-06-232-0/+330
| | | | | | | Upstream-Status: Backport from https://github.com/c-ares/c-ares/commit/f22cc01039b6473b736d3bf438f56a2654cdf2b2 Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* c-ares: fix CVE-2022-4904 & Update SRC_URI branch and protocolsVijay Anusuri2023-06-232-1/+70
| | | | | | | | | | | Upstream-Status: Backport [https://git.openembedded.org/meta-openembedded-contrib/commit/?h=stable/kirkstone-nut&id=092e125f44f65427d42db95db3779daf4893d10f & https://git.openembedded.org/meta-openembedded-contrib/commit/meta-oe/recipes-support/c-ares/c-ares_1.18.1.bb?h=stable/kirkstone-nut&id=b402a3076fbafe05d0b8621e50603b65c3fe8147 Upstream-Commit: https://github.com/c-ares/c-ares/commit/9903253c347f9e0bffd285ae3829aef251cc852d] Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* openldap: Fix CVE-2023-2953Vijay Anusuri2023-06-233-0/+108
| | | | | | | | | | Upstream-Status: Backport [https://git.openldap.org/openldap/openldap/-/commit/752d320cf96e46f24c0900f1a8f6af0a3fc3c4ce & https://git.openldap.org/openldap/openldap/-/commit/6563fab9e2feccb0a684d0398e78571d09fb808b] Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* gnulib: Update recipe name to 2018-12-18schitrod=cisco.com@lists.openembedded.org2023-06-231-0/+0
| | | | | | | | | | | | | | | | | | As per gnulib_2018-03-07 recipe information, SRCREV = "0d6e3307bbdb8df4d56043d5f373eeeffe4cbef3" This revision was committed on "2018-12-18". There is a discrepancy between SRCREV and the recipe version. Which reports "CVE-2018-17942" as unpatched. To report "CVE-2018-17942" as patched, We need to align a recipe name with SRCREV commit date. Signed-off-by: Sanjay Chitroda <schitrod@cisco.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 9edbe7033cc41f4a49f74717cd3146b52588ce22) Signed-off-by: Sanjay Chitroda <schitrod@cisco.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nss: backport fix for native build failure due to dangling pointer with gcc13Jack Mitchell2023-05-162-0/+76
| | | | | | | | Upstream-Status: Backport Link: https://github.com/nss-dev/nss/commit/cbf5a2bce75ca2c2fd3e247796b9892f5298584e Signed-off-by: Jack Mitchell <ml@embed.me.uk> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nss: backport fix for native build failure due to implicit casting with gcc13Jack Mitchell2023-05-162-0/+47
| | | | | | | | Upstream-Status: Backport Link: https://github.com/nss-dev/nss/commit/4e7e332b25a2794f381323518e52d8d95273b69e Signed-off-by: Jack Mitchell <ml@embed.me.uk> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* multipath-tools: CVE-2022-41973 Symlink attack multipathd operates insecurelyHitendra Prajapati2023-05-052-0/+158
| | | | | | | | | | | | | | | | | | | | | Upstream-Status: Backport from https://github.com/opensvc/multipath-tools/commit/cb57b930fa690ab79b3904846634681685e3470f dev/shm may have unsafe permissions. Use /run instead. Use systemd's tmpfiles.d mechanism to create /run/multipath early during boot. For backward compatibilty, make the runtime directory configurable via the "runtimedir" make variable. QA Issue: non -dev/-dbg/nativesdk- package multipath-tools-libs contains symlink .so '/usr/lib/libdmmp.so' ... Fix this by making the new pattern for multipath-tools-libs package more specific. Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* lcov: Fix Perl PathAlex Yao2023-05-051-1/+1
| | | | | | | | | | Fixes an issue where lcov is using the system Perl rather than the yocto provided Perl. This causes packages to not be found during runtime such as PerlIO::gzip. Signed-off-by: Alex Yao <alexyao1@meraki.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* syslog-ng: CVE-2022-38725 An integer overflow in the RFC3164 parserHitendra Prajapati2023-04-062-0/+630
| | | | | | | Upstream-Status: Backport from https://github.com/syslog-ng/syslog-ng/commit/b5a060f2ebb8d794f508436a12e4d4163f94b1b8 && https://github.com/syslog-ng/syslog-ng/commit/81a07263f1e522a376d3a30f96f51df3f2879f8a && https://github.com/syslog-ng/syslog-ng/commit/4b8dc56ca8eaeac4c8751a305eb7eeefab8dc89d && https://github.com/syslog-ng/syslog-ng/commit/73b5c300b8fde5e7a4824baa83a04931279abb37 && https://github.com/syslog-ng/syslog-ng/commit/45f051239312e43bd4f92b9339fe67c6798a0321 && https://github.com/syslog-ng/syslog-ng/commit/09f489c89c826293ff8cbd282cfc866ab56054c4 && https://github.com/syslog-ng/syslog-ng/commit/8c6e2c1c41b0fcc5fbd464c35f4dac7102235396 && https://github.com/syslog-ng/syslog-ng/commit/56f881c5eaa3d8c02c96607c4b9e4eaf959a044d Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nss: Fix CVE CVE-2023-0767Virendra Thakur2023-04-062-0/+125
| | | | | | | | Add CVE-2023-0767.patch to fix CVE-2023-0767 Signed-off-by: Virendra Thakur <virendrak@kpit.com> Signed-off-by: Bhabu Bindu <bindudaniel1996@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* open-vm-tools: Security fix for CVE-2022-31676Priyal Doshi2023-03-182-0/+40
| | | | | | | Backport from https://github.com/vmware/open-vm-tools/commit/70a74758bfe0042c27f15ce590fb21a2bc54d745 Signed-off-by: Priyal Doshi <pdoshi@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nss: Fix CVE-2020-25648Mathieu Dubois-Briand2023-02-222-0/+164
| | | | | Signed-off-by: Mathieu Dubois-Briand <mbriand@witekio.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nss: Whitelist CVEs related to libnssdbmMathieu Dubois-Briand2023-02-221-0/+4
| | | | | | | | | | | | These CVEs only affect libnssdbm, compiled when --enable-legacy-db is used. https://bugzilla.mozilla.org/show_bug.cgi?id=1360782#c6 https://bugzilla.mozilla.org/show_bug.cgi?id=1360778#c8 https://bugzilla.mozilla.org/show_bug.cgi?id=1360900#c6 https://bugzilla.mozilla.org/show_bug.cgi?id=1360779#c9 Signed-off-by: Mathieu Dubois-Briand <mbriand@witekio.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nss: Add missing CVE productMathieu Dubois-Briand2023-02-221-0/+2
| | | | | Signed-off-by: Mathieu Dubois-Briand <mbriand@witekio.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* c-ares: upgrade 1.17.2 -> 1.18.1wangmy2022-09-111-1/+1
| | | | | | | | | | | | | | | | | | c-ares version 1.18.1 - Oct 27 2021 Bug fixes: ares_getaddrinfo() would return ai_addrlen of 16 for ipv6 adddresses rather than the sizeof(struct sockaddr_in6) Conflicts: meta-oe/recipes-support/c-ares/c-ares_1.18.1.bb Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit e251d7b827d63277a36f1b8094d992303329b866) Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com> Signed-off-by: Akash Hadke <akash.hadke@kpit.com> Signed-off-by: Armin Kuster <akuster808@gmail.vom>
* c-ares: remove custom patchesSinan Kaya2022-09-113-108/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Current patch is breaking the library dependencies added by cmake especially when you are static linking. Applications need the ws2_32 library to be linked for mingw32 and with the existing patch this is not getting passed to the users. Current patch seems to address this issue: https://github.com/c-ares/c-ares/issues/373 Both issues are resolved in 1.17.2: 1.17.2-r0/git $ find . | grep c-ares-config.cmake.in ./c-ares-config.cmake.in 1.17.2-r0/git $ find . | grep libcares.pc.cmake ./libcares.pc.cmake Conflicts: meta-oe/recipes-support/c-ares/c-ares_1.17.2.bb Signed-off-by: Sinan Kaya <okaya@kernel.org> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 621bdc1993d2e8da08b9b240043dc13481cd644f) Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com> Signed-off-by: Akash Hadke <akash.hadke@kpit.com> Signed-off-by: Armin Kuster <akuster808@gmail.vom>
* c-ares: upgrade 1.17.1 -> 1.17.2wangmy2022-09-111-8/+5
| | | | | | | | | | | | Conflicts: meta-oe/recipes-support/c-ares/c-ares_1.17.2.bb Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit c49173b09c998bb3893ae873f68823647f1a7e18) Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com> Signed-off-by: Akash Hadke <akash.hadke@kpit.com> Signed-off-by: Armin Kuster <akuster808@gmail.vom>
* c-ares: Upgrade to 1.17.1 releaseKhem Raj2022-09-112-19/+12
| | | | | | | | | | | | | | | | | | Forward port cmake-install-libcares.pc.patch, drop the need to install pkgconfig files as its already being done by main Makefile Signed-off-by: Khem Raj <raj.khem@gmail.com> Forward port cmake-install-libcares.pc.patch, drop the need to install pkgconfig files as its already being done by main Makefile Conflicts: meta-oe/recipes-support/c-ares/c-ares_1.17.1.bb Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit b65f2904191b8d309b3971d4e65c5e1701156b1c) Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com> Signed-off-by: Akash Hadke <akash.hadke@kpit.com> Signed-off-by: Armin Kuster <akuster808@gmail.vom>
* Revert "c-ares: Add fix for CVE-2021-3672"Armin Kuster2022-09-113-207/+0
| | | | | | | | | This reverts commit b06724bc274f751004ade2ceeddfb8ec40d93f16. Revert this CVE fix as we upgrade c-ares to 1.18.1 Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com> Signed-off-by: Akash Hadke <akash.hadke@kpit.com> Signed-off-by: Armin Kuster <akuster808@gmail.vom>
* meta-oe: Add leading whitespace for append operatorKhem Raj2022-08-021-2/+2
| | | | | | Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 92441f9d6a958c245a03f89ec44ef2c17dd6b0ee) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* openldap: CVE-2022-29155 OpenLDAP SQL injectionHitendra Prajapati2022-07-162-1/+278
| | | | | | | | | | | | | Source: https://git.openldap.org/openldap/openldap MR: 117821 Type: Security Fix Disposition: Backport from https://git.openldap.org/openldap/openldap/-/commit/87df6c19915042430540931d199a39105544a134 ChangeID: d534808c796600ca5994bcda28938d45405bc7b4 Description: CVE-2022-29155 openldap: OpenLDAP SQL injection Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* multipath-tools: update SRC_URIMinjae Kim2022-04-181-1/+1
| | | | | | | | The git repo for multipath-tools was changed, so update the SRC_URI accordingly with the new link. Signed-off-by:Minjae Kim <flowergom@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* cli11: switch from default master branch to main to fix do_fetch failureChristian Ege2022-04-181-1/+1
| | | | | | | The branch was renamed in the upstream repository Signed-off-by: Christian Ege <christian.ege@ifm.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* imagemagick: update SRC_URI branch from master to mainDaniel Stadelmann2022-04-181-1/+1
| | | | | | | master branch in imagemagick was renamed to main (https://github.com/ImageMagick/ImageMagick). Similar change is already in master branch for version 7.0.10 (see 248739128389) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nss: Add fix for CVE-2022-22747Ranjitsinh Rathod2022-02-132-0/+64
| | | | | | | | Add a patch to fix CVE-2022-22747 Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com> Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* udisks2: Fix for CVE-2021-3802Virendra Thakur2022-01-292-0/+64
| | | | | | | Add patch to fix CVE-2021-3802 Signed-off-by: Virendra Thakur <virendra.thakur@kpit.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* c-ares: bump PV in recipe to 1.16.1Armin Kuster2022-01-271-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libmicrohttpd: Add patch to fix CVE-2021-3466Ernst Sjöstrand2021-12-272-1/+160
| | | | | | | | | | Extract patch from the 0.9.71 release commit. Upstream-Status: Backport CVE: CVE-2021-3466 Signed-off-by: Ernst Sjöstrand <ernst.sjostrand@verisure.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nss: Fix CVE-2021-43527sana kazi2021-12-182-0/+284
| | | | | | | | Add patch to fix CVE-2021-43527 which causes heap overflow in nss. Signed-off-by: Sana Kazi <Sana.Kazi@kpit.com> Signed-off-by: Sana Kazi <sanakazisk19@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* c-ares: switch from master to mainJeremy Puhlman2021-12-181-1/+1
| | | | | Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nss: Fix CVE-2020-12403Ranjitsinh Rathod2021-11-173-0/+147
| | | | | | | | | | | | Add patch for CVE-2020-12403 Link: https://github.com/nss-dev/nss/commit/9ff9d3925d31ab265a965ab1d16d76c496ddb5c8 https://github.com/nss-dev/nss/commit/06b2b1c50bd4eaa7f65d858e5e3f44f678cb3c45 Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com> Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* recipes: Update SRC_URI branch and protocolsArmin Kuster2021-11-1792-97/+97
| | | | | | | | This patch updates SRC_URIs using git to include branch=master if no branch is set and also to use protocol=https for github urls as generated by the conversion script in OE-Core. Signed-off-by: Armin Kuster <akuster808@gmail.com>
* dstat: Add missing python-six runtime dependencyMarek Vasut2021-09-201-1/+1
| | | | | | | | | | | | | | | The tool depends on the six module, add it, otherwise the following traceback happens when running it on the target: Traceback (most recent call last): File "/usr/bin/dstat", line 32, in <module> import six ModuleNotFoundError: No module named 'six' Signed-off-by: Marek Vasut <marex@denx.de> Cc: Khem Raj <raj.khem@gmail.com> Cc: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* c-ares: Add fix for CVE-2021-3672Neetika Singh2021-09-203-0/+207
| | | | | | | | | | | | | Added below patches to fix CVE-2021-3672 1. ares_expand_name-should-escape-more-characters.patch 2. ares_expand_name-fix-formatting-and-handling-of-root.patch Link: http://snapshot.debian.org/archive/debian-security/20210810T064453Z/pool/updates/main/c/c-ares/c-ares_1.17.1-1%2Bdeb11u1.debian.tar.xz Signed-off-by: akash hadke <Akash.Hadke@kpit.com> Signed-off-by: Neetika Singh <Neetika.Singh@kpit.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nss: Two Security fixes CVE-2020-6829 and 12400Armin Kuster2021-09-052-0/+19790
| | | | | | | | | | | | | | Source: https://hg.mozilla.org/projects/nss MR: 106863 Type: Security Fix Disposition: Backport from https://hg.mozilla.org/projects/nss/rev/e55ab3145546ae3cf1333b43956a974675d2d25c and 3f022d5eca5d3cd0e366a825a5681953d76299d0 ChangeID: f7f16ca20fbb2436071fde063fe56aa8b319ce41 Description: Affects NSS < 3.55 This address both VE-2020-6829 and CVE-2020-12400 Signed-off-by: Armin Kuster <akuster@mvista.com>
* c-ares: upgrade 1.16.0 -> 1.16.1Zang Ruochen2021-09-051-1/+1
| | | | | | | | | | | | | | | Source: https://git.openembedded.org MR: 111050 Type: Security Fix Disposition: Backport from https://git.openembedded.org/meta-openembedded/commit/meta-oe/recipes-support/c-ares?h=hardknott&id=dc25d9f11f3c7abc84700fc1d51fe6c2088a11c4 ChangeID: dc25d9f11f3c7abc84700fc1d51fe6c2088a11c4 Description: Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit dc25d9f11f3c7abc84700fc1d51fe6c2088a11c4) [Includes cve: CVE-2020-14354. Bug fix update, no ABI changes] Signed-off-by: Armin Kuster <akuster@mvista.com>
* backport: xmlsec1: Fix configure QA error caused by host lookup pathAnatol Belski2021-08-152-0/+23
| | | | | | | | | | | | The configure script contains hardcoded lookup paths to /usr and other paths that might interfere with the host. These are overwritten with the staging dir locations for Poky compatibility. Backport from meta-oe master rev. 74b66d1911118bac53033f77ba6d3923f4809d5a Signed-off-by: Anatol Belski <anbelski@linux.microsoft.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Jan-Simon Moeller <dl9pf@gmx.de>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-08-04 11:27:17 +0000