Age | Commit message (Collapse) | Author |
|
"master" branch does not exist in original repo.
Signed-off-by: Kirill Esipov <yesipov@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/44dc70cc5aadca91cb8ba3710c59c3651b7b0d4d
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
iperf3 before 3.14 allows peers to cause an integer overflow and heap
corruption via a crafted length field.
NVD link: https://nvd.nist.gov/vuln/detail/CVE-2023-38403
Upstream-Status: Backported from https://github.com/esnet/iperf/commit/0ef151550d96cc4460f98832df84b4a1e87c65e9
Signed-off-by: Bhargav Das <bhargav.das@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
fixes:
WARNING: postgresql-12.16-r0 do_patch: Fuzz detected:
Applying patch 0001-Add-support-for-RISC-V.patch
patching file src/include/storage/s_lock.h
Hunk #2 succeeded at 339 with fuzz 1.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The usage of nobranch=1 in SRC_URI allows using unprotected branches.
This change updates the real branch name in place of nobranch=1 for these components.
Signed-off-by: Sourav Kumar Pramanik <pramanik.souravkumar@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The usage of nobranch=1 in SRC_URI allows using unprotected branches.
This change updates the real branch name in place of nobranch=1.
Signed-off-by: Sourav Kumar Pramanik <pramanik.souravkumar@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The usage of nobranch=1 in SRC_URI allows using unprotected branches.
This change updates the real branch name in place of nobranch=1.
Signed-off-by: Sourav Kumar Pramanik <pramanik.souravkumar@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This is a minor release to address CVEs and other bug fixes without new
features. Remove patches that are fixed in this release. Release notes are
available at:
https://www.postgresql.org/docs/release/12.10/
https://www.postgresql.org/docs/release/12.11/
https://www.postgresql.org/docs/release/12.12/
https://www.postgresql.org/docs/release/12.13/
https://www.postgresql.org/docs/release/12.14/
https://www.postgresql.org/docs/release/12.15/
https://www.postgresql.org/docs/release/12.16/
License-Update: Copyright year updated
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Ashish Sharma <asharma@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Fixes nodejs-native build with gcc-13 on host:
http://errors.yoctoproject.org/Errors/Details/728221/
nodejs-12 doesn't need it yet and nodejs-16 doesn't need it as well
'-DV8_TYPED_ARRAY_MAX_SIZE_IN_HEAP=64' '-D__STDC_FORMAT_MACROS' '-DOPENSSL_NO_PINSHARED' '-DOPENSSL_THREADS' '-DV8_TARGET_ARCH_X64' '-DV8_EMBEDDER_STRING="-node.84"' '-DENABLE_DISASSEMBLER' '-DV8_PROMISE_INTERNAL_FIELD_COUNT=1' '-DENABLE_MINOR_MC' '-DOBJECT_PRINT' '-DV8_INTL_SUPPORT' '-DV8_CONCURRENT_MARKING' '-DV8_ARRAY_BUFFER_EXTENSION' '-DV8_ENABLE_LAZY_SOURCE_POSITIONS' '-DV8_USE_SIPHASH' '-DDISABLE_UNTRUSTED_CODE_MITIGATIONS' '-DV8_WIN64_UNWINDING_INFO' '-DV8_ENABLE_REGEXP_INTERPRETER_THREADED_DISPATCH' '-DV8_SNAPSHOT_COMPRESSION' -ITOPDIR/tmp-glibc/work/x86_64-linux/nodejs-native/14.18.1-r0/recipe-sysroot-native/usr/include -I../deps/v8 -I../deps/v8/include -I.//Release/obj/gen/torque-output-root -I.//Release/obj/gen/generate-bytecode-output-root -pthread -Wno-unused-parameter -m64 -Wno-return-type -fno-strict-aliasing -m64 -O3 -fno-omit-frame-pointer -fdata-sections -ffunction-sections -O3 -fno-rtti -fno-exceptions -std=gnu++1y -MMD -MF .//Release/.deps/Release/obj.host/v8_initializers/gen/torque-output-root/torque-generated/../../deps/v8/src/builtins/array-find-tq-csa.o.d.raw -isystemTOPDIR/tmp-glibc/work/x86_64-linux/nodejs-native/14.18.1-r0/recipe-sysroot-native/usr/include -isystemTOPDIR/tmp-glibc/work/x86_64-linux/nodejs-native/14.18.1-r0/recipe-sysroot-native/usr/include -O2 -pipe -c
In file included from /usr/lib/gcc/x86_64-pc-linux-gnu/13/include/g++-v13/bits/move.h:37,
from /usr/lib/gcc/x86_64-pc-linux-gnu/13/include/g++-v13/bits/stl_function.h:60,
from /usr/lib/gcc/x86_64-pc-linux-gnu/13/include/g++-v13/functional:49,
from ../deps/v8/src/codegen/code-stub-assembler.h:8,
from ../deps/v8/src/builtins/builtins-promise-gen.h:8,
from ../deps/v8/src/builtins/builtins-async-gen.h:8,
from ../deps/v8/src/builtins/builtins-async-function-gen.cc:5:
/usr/lib/gcc/x86_64-pc-linux-gnu/13/include/g++-v13/type_traits: In instantiation of ‘struct std::is_convertible<v8::internal::Cell, v8::internal::Object>’:
../deps/v8/src/codegen/tnode.h:262:72: required from ‘const bool v8::internal::is_subtype<v8::internal::Cell, v8::internal::Cell>::value’
../deps/v8/src/codegen/tnode.h:346:75: required by substitution of ‘template<class U, typename std::enable_if<v8::internal::is_subtype<U, v8::internal::Cell>::value, int>::type <anonymous> > v8::internal::TNode<v8::internal::Cell>::TNode(const v8::internal::TNode<T>&) [with U = v8::internal::Cell; typename std::enable_if<v8::internal::is_subtype<U, v8::internal::Cell>::value, int>::type <anonymous> = <missing>]’
../deps/v8/src/codegen/code-stub-assembler.h:1868:33: required from here
/usr/lib/gcc/x86_64-pc-linux-gnu/13/include/g++-v13/type_traits:1417:30: error: invalid use of incomplete type ‘class v8::internal::Cell’ [-fpermissive]
1417 | : public __bool_constant<__is_convertible(_From, _To)>
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../deps/v8/src/objects/objects.h:26,
from ../deps/v8/src/objects/fixed-array.h:10,
from ../deps/v8/src/objects/contexts.h:8,
from ../deps/v8/src/execution/thread-local-top.h:10,
from ../deps/v8/src/execution/isolate-data.h:12,
from ../deps/v8/src/execution/isolate.h:24,
from ../deps/v8/src/codegen/interface-descriptors.h:14,
from ../deps/v8/src/codegen/callable.h:8,
from ../deps/v8/src/codegen/code-factory.h:8,
from ../deps/v8/src/compiler/code-assembler.h:17,
from ../deps/v8/src/codegen/code-stub-assembler.h:15:
../deps/v8/src/objects/object-list-macros.h:19:7: note: forward declaration of ‘class v8::internal::Cell’
19 | class Cell;
| ^~~~
In file included from ../deps/v8/src/codegen/interface-descriptors.h:12:
../deps/v8/src/codegen/tnode.h: In instantiation of ‘const bool v8::internal::is_subtype<v8::internal::Cell, v8::internal::Cell>::value’:
../deps/v8/src/codegen/tnode.h:346:75: required by substitution of ‘template<class U, typename std::enable_if<v8::internal::is_subtype<U, v8::internal::Cell>::value, int>::type <anonymous> > v8::internal::TNode<v8::internal::Cell>::TNode(const v8::internal::TNode<T>&) [with U = v8::internal::Cell; typename std::enable_if<v8::internal::is_subtype<U, v8::internal::Cell>::value, int>::type <anonymous> = <missing>]’
../deps/v8/src/codegen/code-stub-assembler.h:1868:33: required from here
../deps/v8/src/codegen/tnode.h:262:72: error: ‘value’ is not a member of ‘std::is_convertible<v8::internal::Cell, v8::internal::Object>’
262 | std::is_convertible<T, Object>::value);
| ^~~~~
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
* MJ: remove AUTHORS modification from the original patch from
nodejs-16, so that the same patch does apply for both 14 and 12
versions used in dunfell
* MJ: gcc-13 isn't used for target builds in dunfell, but can be used
on host, so this is useful backport for nodejs-native
* MJ: this fixes default nodejs-native-12, nodejs-native-14 with negative
D_P might need additional fix on top
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Upstream-Status: Backport from https://github.com/c-ares/c-ares/commit/b9b8413cfdb70a3f99e1573333b23052d57ec1ae
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
avoid using vendored version
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d8053b7e2b21c651b34b48f025f47cb511c36e37)
[FIxes this error
--- LOG END ---
| error: downloading 'http://download.draios.com/dependencies/libb64-1.2.src.zip' failed
| status_code: 22
| status_string: "HTTP response code said error"
| log:
| --- LOG BEGIN ---
]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Add Base64 encode/decode library, some packages e.g. sysdig can benefit
from it
Disable parallel make as it races at times
make[1]: *** No rule to make target 'libb64.a', needed by 'c-example1'. Stop.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 6946f40707ed43426cd05ada1933e4867c7f6d4f)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 447de4d47ba2deba1af80201b91bb312f184fe0e)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit b3b00a270edfd27e2dfc05d5a6a5cab94324ad65)
[Fixup for Dunfell context]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Upstream-Status: Backport from https://git.openldap.org/openldap/openldap/-/commit/9badb73425a67768c09bcaed1a9c26c684af6c30
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
escalation
Upstream-Status: Backport from https://build.opensuse.org/package/view_file/network/quagga/remove-chown-chmod.service.patch
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Upstream-Status: Backport from https://github.com/openSUSE/multipath-tools/commit/fbbf280a0e26026c19879d938ebb2a8200b6357c
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Upstream-Status: Backport from https://archive.ntp.org/ntp4/ntp-4.2/ntp-4.2.8p15-3806-3807.patch
Patch taken from https://archive.ntp.org/ntp4/ntp-4.2/ntp-4.2.8p15-3806-3807.patch
It is linked as official patch for p15 in:
- https://www.ntp.org/support/securitynotice/ntpbug3807/
- https://www.ntp.org/support/securitynotice/ntpbug3806/
Small adaptation to build is needed because of how tests are built.
Backport fixes for:
CVE: CVE-2023-26551
CVE: CVE-2023-26552
CVE: CVE-2023-26553
CVE: CVE-2023-26554
CVE: CVE-2023-26555
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Upstream-Status: Backport from https://github.com/openEuler-BaseService/yajl/commit/23a122eddaa28165a6c219000adcc31ff9a8a698
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Backport fixes for:
* CVE-2023-0667 - Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/35418a73f7c9cefebe392b1ea0f012fccaf89801 && https://gitlab.com/wireshark/wireshark/-/commit/85fbca8adb09ea8e1af635db3d92727fbfa1e28a
* CVE-2023-0668 - Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/c4f37d77b29ec6a9754795d0efb6f68d633728d9
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
fixed Below security CVE:
1)CVE-2023-2454 postgresql: schema_element defeats protective search_path changes.
2)CVE-2023-2455 postgresql: row security policies disregard user ID changes after inlining.
Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
CVE-2023-31124 applies only when cross-compiling using autotools.
Yocto cross-compiles via cmake which is also listed as official workaround.
See:
* https://nvd.nist.gov/vuln/detail/CVE-2023-31124
* https://github.com/c-ares/c-ares/security/advisories/GHSA-54xr-f67r-4pc4
Signed-off-by: virendra thakur <virendrak@kpit.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Backport fixes for:
* CVE-2023-2855 - Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/0181fafb2134a177328443a60b5e29c4ee1041cb
* CVE-2023-2856 - Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/db5135826de3a5fdb3618225c2ff02f4207012ca
* CVE-2023-2858 - Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/cb190d6839ddcd4596b0205844f45553f1e77105
* CVE-2023-2952 - Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/e18d0e369729b0fff5f76f41cbae67e97c2e52e5
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
ssh_buffer_new returns NULL
Upstream-Status: Backport
[https://gitlab.com/libssh/libssh-mirror/-/commit/533d881b0f4b24c72b35ecc97fa35d295d063e53
&
https://gitlab.com/libssh/libssh-mirror/-/commit/2782cb0495b7450bd8fe43ce4af886b66fea6c40
&
https://gitlab.com/libssh/libssh-mirror/-/commit/10b3ebbe61a7031a3dae97f05834442220447181
&
https://gitlab.com/libssh/libssh-mirror/-/commit/245ad744b5ab0582fef7cf3905a717b791d7e08b]
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Upstream-Status: Backport from https://github.com/c-ares/c-ares/commit/823df3b989e59465d17b0a2eb1239a5fc048b4e5
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Upstream-Status: Backport from https://github.com/c-ares/c-ares/commit/f22cc01039b6473b736d3bf438f56a2654cdf2b2
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Upstream-Status: Backport
[https://github.com/pyca/cryptography/commit/9fbf84efc861668755ab645530ec7be9cf3c6696]
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Upstream-Status: Backport
[https://git.openembedded.org/meta-openembedded-contrib/commit/?h=stable/kirkstone-nut&id=092e125f44f65427d42db95db3779daf4893d10f
& https://git.openembedded.org/meta-openembedded-contrib/commit/meta-oe/recipes-support/c-ares/c-ares_1.18.1.bb?h=stable/kirkstone-nut&id=b402a3076fbafe05d0b8621e50603b65c3fe8147
Upstream-Commit:
https://github.com/c-ares/c-ares/commit/9903253c347f9e0bffd285ae3829aef251cc852d]
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Upstream-Status: Backport
[https://git.openldap.org/openldap/openldap/-/commit/752d320cf96e46f24c0900f1a8f6af0a3fc3c4ce
&
https://git.openldap.org/openldap/openldap/-/commit/6563fab9e2feccb0a684d0398e78571d09fb808b]
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
As per gnulib_2018-03-07 recipe information,
SRCREV = "0d6e3307bbdb8df4d56043d5f373eeeffe4cbef3"
This revision was committed on "2018-12-18".
There is a discrepancy between SRCREV and the recipe version.
Which reports "CVE-2018-17942" as unpatched.
To report "CVE-2018-17942" as patched,
We need to align a recipe name with SRCREV commit date.
Signed-off-by: Sanjay Chitroda <schitrod@cisco.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9edbe7033cc41f4a49f74717cd3146b52588ce22)
Signed-off-by: Sanjay Chitroda <schitrod@cisco.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Samuli Piippo <samuli.piippo@qt.io>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Chromium 112 needs nodejs-native version 14 or later.
Add the nodejs_14.18.1 recipe from kirkstone:
246b20b92 nodejs: Upgrade to 14.18.1
but, use DEFAULT_PREFERENCE to make sure that the default version of nodejs
remains 12.x.
7 patches which were modified between nodejs 12 & nodejs 14 were renamed by
adding the suffix "-nodejs14". Note there are some common patches used by
nodejs 12 & 14 so, that will require attention during future maintenance.
In addition, there were 3 CVE-2022* patches which applied cleanly to nodejs
14 so, they were added to the nodejs 14 recipe. One patch, CVE-llhttp.patch
conflicted so, it has not been applied in nodejs 14 yet.
Nodejs 14 compile for qemux86-64 but, no run-time testing has been performed.
For chromium, we would either require users to modify the local.conf file or
we may create a dunfell specific branch in meta-browser.
See: https://github.com/OSSystems/meta-browser/pull/709
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Upstream-Status: Backport
Link: https://github.com/nss-dev/nss/commit/cbf5a2bce75ca2c2fd3e247796b9892f5298584e
Signed-off-by: Jack Mitchell <ml@embed.me.uk>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Upstream-Status: Backport
Link: https://github.com/nss-dev/nss/commit/4e7e332b25a2794f381323518e52d8d95273b69e
Signed-off-by: Jack Mitchell <ml@embed.me.uk>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Changelog:
Changes with Apache 2.4.57
*) mod_proxy: Check before forwarding that a nocanon path has not been
rewritten with spaces during processing. [Yann Ylavic]
*) mod_proxy: In case that AllowEncodedSlashes is set to NoDecode do not
double encode encoded slashes in the URL sent by the reverse proxy to the
backend. [Ruediger Pluem]
*) mod_http2: fixed a crash during connection termination. See PR 66539.
[Stefan Eissing]
*) mod_rewrite: Fix a 2.4.56 regression for substitutions ending
in a question mark. PR66547. [Eric Covener]
*) mod_rewrite: Add "BCTLS" and "BNE" RewriteRule flags. Re-allow encoded
characters on redirections without the "NE" flag.
[Yann Ylavic, Eric Covener]
*) mod_proxy: Fix double encoding of the uri-path of the request forwarded
to the origin server, when using mapping=encoded|servlet. [Yann Ylavic]
*) mod_mime: Do not match the extention against possible query string
parameters in case ProxyPass was used with the nocanon option.
[Ruediger Pluem]
New patch:
0011-modules-mappers-config9.m4-Add-server-directory-to-i.patch
Accepted in upstream, expected to be removed at next apache2 2.4.58 update.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 0b9305faa29f6e26871e7662391efbaae4ae92d9)
[Fixup for Dunfell context]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Upstream-Status: Backport from https://github.com/opensvc/multipath-tools/commit/cb57b930fa690ab79b3904846634681685e3470f
dev/shm may have unsafe permissions. Use /run instead.
Use systemd's tmpfiles.d mechanism to create /run/multipath
early during boot.
For backward compatibilty, make the runtime directory configurable
via the "runtimedir" make variable.
QA Issue: non -dev/-dbg/nativesdk- package multipath-tools-libs
contains symlink .so '/usr/lib/libdmmp.so'
...
Fix this by making the new pattern for multipath-tools-libs package
more specific.
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Fixes an issue where lcov is using the system Perl rather than the yocto
provided Perl. This causes packages to not be found during runtime such
as PerlIO::gzip.
Signed-off-by: Alex Yao <alexyao1@meraki.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Applying this backported patch from upstream fixes the following
BAT test failure:
jsoncpp.jsoncpp_system_tests.TestJsoncpp.test_run_jsoncpp_test
(from systemtests--bmt--BAT) :
* Detail of EscapeSequenceTest/writeEscapeSequence test failure:
/usr/src/debug/jsoncpp/1.9.2-r0/git/src/test_lib_json/main.cpp(3370): expected == result
Expected: '["\"","\\","\b","\f","\n","\r","\t","\u0278","\ud852\udf62"]
'
Actual : '["\"","\\","\b","\f","\n","\r","\t","ɸ","𤭢"]
This test failure happens because aarch64 uses unsigned char as
default type for char, while x86 uses signed char. Also, there
is another bug in the code that is fixed by this upstream patch:
"static_cast<unsigned char>(*cur) < 0x80" should be:
"static_cast<unsigned char>(*cur) >= 0x80"
Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Hugo SIMELIERE <hsimeliere.opensource@witekio.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Fixes below CVEs:
* CVE-2022-0547
* CVE-2020-15078
Signed-off-by: Hugo SIMELIERE <hsimeliere.opensource@witekio.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
CVE-2020-7224 and CVE-2020-27569 are for Aviatrix OpenVPN client,
not for openvpn.
Signed-off-by: Akifumi Chikazawa <chikazawa.akifu@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(upstream from commit d49e96aac4616c439a2d778b95a793037dac884e)
Signed-off-by: Hugo SIMELIERE <hsimeliere.opensource@witekio.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Source: Mariadb.org
MR: 119595, 119604, 119613, 119622, 119631, 119640, 119649, 119658, 119573
Type: Security Fix
Disposition: Backport from mariadb.org
ChangeID: 2aacce87739247d98ee5b61d1b714930da961a30
Description:
This is a bug fix only update. Includes these CVES:
CVE-2022-32081
CVE-2022-32083
CVE-2022-32084
CVE-2022-32085
CVE-2022-32086
CVE-2022-32087
CVE-2022-32088
CVE-2022-32089
CVE-2022-32091
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
--
V2]
Missed on CVE reference.
|
|
Upstream-Status: Backport from https://github.com/syslog-ng/syslog-ng/commit/b5a060f2ebb8d794f508436a12e4d4163f94b1b8 && https://github.com/syslog-ng/syslog-ng/commit/81a07263f1e522a376d3a30f96f51df3f2879f8a && https://github.com/syslog-ng/syslog-ng/commit/4b8dc56ca8eaeac4c8751a305eb7eeefab8dc89d && https://github.com/syslog-ng/syslog-ng/commit/73b5c300b8fde5e7a4824baa83a04931279abb37 && https://github.com/syslog-ng/syslog-ng/commit/45f051239312e43bd4f92b9339fe67c6798a0321 && https://github.com/syslog-ng/syslog-ng/commit/09f489c89c826293ff8cbd282cfc866ab56054c4 && https://github.com/syslog-ng/syslog-ng/commit/8c6e2c1c41b0fcc5fbd464c35f4dac7102235396 && https://github.com/syslog-ng/syslog-ng/commit/56f881c5eaa3d8c02c96607c4b9e4eaf959a044d
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
spider_db_mbase::print_warnings()
The function spider_db_mbase::print_warnings() can potentially result
in a null pointer dereference.
Remove the null pointer dereference by cleaning up the function.
Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
to 4096 but should be 1232
Set the default maximum DNS UDP packet size to 1232.
http://www.dnsflagday.net/2020/ refers.
Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Kerberos to modified server
Upstream-Status: Backport from https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=3f7342671341a7a137f2d8b06ab3461cdb0e1d88
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Add CVE-2023-0767.patch to fix CVE-2023-0767
Signed-off-by: Virendra Thakur <virendrak@kpit.com>
Signed-off-by: Bhabu Bindu <bindudaniel1996@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Changelog:
==========
- rotatelogs: Add -T flag to allow subsequent rotated logfiles to be
truncated without the initial logfile being truncated.
- mod_ldap: LDAPConnectionPoolTTL should accept negative values in order to
allow connections of any age to be reused. Up to now, a negative value
was handled as an error when parsing the configuration file. PR 66421.
- mod_proxy_ajp: Report an error if the AJP backend sends an invalid number
of headers.
- mod_md:
- Enabling ED25519 support and certificate transparency information when
building with libressl v3.5.0 and newer.
- MDChallengeDns01 can now be configured for individual domains.
- Fixed a bug that caused the challenge
teardown not being invoked as it should.
- mod_http2: client resets of HTTP/2 streams led to unwanted 500 errors
reported in access logs and error documents. The processing of the
reset was correct, only unneccesary reporting was caused.
- mod_proxy_uwsgi: Stricter backend HTTP response parsing/validation.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|