| Age | Commit message (Collapse) | Author |
|---|
|
its been shoved out of setuptools3 in oe-core now
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Acked-by: Trevor Gamblin <trevor.gamblin@windriver.com>
(cherry picked from commit 50bbf80abf570d1d652ec2f4bc5878e939c688d3)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit fbe2e79ab0dd4e0b2fd6433d0cfe10d66c7c7181)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Acked-by: Trevor Gamblin <trevor.gamblin@windriver.com>
(cherry picked from commit 6b3e3bdaf878881bd6dee09ae369e379fd7b8149)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit c3a9e5b9907279043bb7b270e9c6b4e587881d9a)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
it now ends up searching native python shared libraries and tries to
link with it and fails on non-host architectures
recipe-sysroot-native/usr/lib/libpython3.9.so: file not recognized: file format not recognized
collect2: error: ld returned 1 exit status
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c499aaeef80b5af8d20521658449c4148f3d0806)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit 572d4148267c6ff1b43dd3498020349cb0aa77c7)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Fixes
configure: error:
Could not link test program to Python. Maybe the main Python library has been
installed in some non-standard library path. If so, pass it to configure,
via the LIBS environment variable.
Example: ./configure LIBS="-L/usr/non-standard-path/python/lib"
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit be7d2286bfe80835e8e014114aaf587e2930c683)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit a0c26ca2b4c5e18a22b8d6f3c952fb00caf2bd34)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Fixes
configure: error:
Could not link test program to Python. Maybe the main Python library has been
installed in some non-standard library path. If so, pass it to configure,
via the LIBS environment variable.
Example: ./configure LIBS="-L/usr/non-standard-path/python/lib"
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 59f817bbe374799e4398766c2a444692d932d979)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit 59d3d64e902d4d2e7ea9c3d2e1fec442912bcdd5)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This is needed to find _PYTHON_SYSCONFIGDATA_NAME
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit a06cdf5a4cd3769982ca861aa9aaff312277df51)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit 4a5719ffb1fee9ee7657d93994e3ac880396c048)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Systemd service file option 'ExecStopPre' is warned and ignored by
systemd. By replacing 'ExecStopPre' with 'ExecStop', the intended
behavior is realized. The 'ExecStop' commands are executed one after the
other.
Signed-off-by: Mario Schuknecht <mario.schuknecht@dresearch-fe.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 55c94cb3196f53d0c1c76bbd74136d1b5d51802d)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit 83842c9150fdead52dc7b0913ffac32677720f98)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
original SRC_URI is not valid now, offical CELT repository
moved to gitlab
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 5450c958bf66afd560fd8dff5b432ea71f10165c)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit 1de0f4c33b92b9bbd885044df505154c177db59e)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
When building on Ubuntu 20.04, luajit needs 32bit support
so install 'gcc-multilib'
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 973fe410d238e0c361f8bc4d9ba7915464217e22)
[Minor fixup for Dunfell]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The project appears to have moved.
Update HOMEPAGE and SRC_URI. bz2 is not available, use gz
Update HASH accordingly.
Fixes:
WARNING: enca-1.9-r0 do_fetch: Failed to fetch URL http://www.sourcefiles.org/Networking/Tools/Miscellanenous/enca-1.9.tar.bz2, attempting MIRRORS if available
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 460077d30ffedca4c794f60cd0f21404fc1736d7)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
* it's not clear why it was added in first place and it's causing issues since:
"package: get_package_mapping: avoid dependency mapping if renamed package provides original name"
commit in oe-core as discussed in:
https://lists.openembedded.org/g/openembedded-core/message/143672
https://github.com/openembedded/meta-openembedded/issues/285
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 304f660f880bdf7dd5c51695875ab0a73aaed8b2)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit f9502868169715ee4945f5d8bef7c845dbb7b9e0)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Optimize _encode_invalid_chars for a denial of service (CPU consumption)
CVE: CVE-2020-7212
Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Harpritkaur Bhandari <Harpritkaur.Bhandari@kpit.com>
[Add CVE: CVE-2020-7212 to the patch itself]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Source: meta-openembedded
MR: 108384, 108398, 108412, 108426, 108440, 108454, 108468, 108482, 108496, 108510
Type: Security Fix
Disposition: Backport from https://git.openembedded.org/meta-openembedded/commit/meta-oe/recipes-support/openldap?id=0282b8ce6a5a5f082a37cb0863b3e62ad8e56a5a
ChangeID: 0282b8ce6a5a5f082a37cb0863b3e62ad8e56a5a
Description:
-License-Update: Copyright year updated to 2021.
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 0282b8ce6a5a5f082a37cb0863b3e62ad8e56a5a)
[Maintance update only]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit cef93b7b00e620d90a610112ee574fa60b691cf8)
[Fixes CVE:
CVE-2020-36221
CVE-2020-36222
CVE-2020-36223
CVE-2020-36224
CVE-2020-36225
CVE-2020-36226
CVE-2020-36227
CVE-2020-36228
CVE-2020-36229
CVE-2020-36230
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Source: meta-openembedded
MR: 107249
Type: Security Fix
Disposition: Backport from https://git.openembedded.org/meta-openembedded/commit/meta-oe/recipes-support/openldap?id=768345053e83623e286ce3140756036e75c023bc
ChangeID: fbcadc7f563891b4aa489557c8d518ed46de5e9d
Description:
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 768345053e83623e286ce3140756036e75c023bc)
[Maintenance update only]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit e615c6fceff7275d93e462f4cd4a14cc55b2d656)
[Fixed CVE-2020-25692]
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 70860d99bf4e8036af1adccced8f9066f6dd50a6)
[Bug fix only update]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Sean Nyekjaer <sean@geanix.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 04afc692a3c82a93da0f079b1a3f90c8188e8c86)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Fix the installation of the pam.so for 64bit builds.
This is an indirect backport of commit
8fa0a3ace6b8835ba623fac118e0bdb4ea0f1f24 ("mariadb: upgrade to 10.5.4")
from the master branch.
Signed-off-by: Dan Murphy <dmurphy@ti.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
* now the gitlab QA check was backported to dunfell as well in:
https://git.openembedded.org/openembedded-core/commit/?h=dunfell&id=72f2c45880afbba1745e5e0cbd841d7fd666f374
and this started failing with:
ERROR: networkd-dispatcher-2.0.1-r0 do_package_qa: QA Issue: networkd-dispatcher: SRC_URI uses unstable GitHub/GitLab archives, convert recipe to use git protocol [src-uri-bad]
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Backport upstream patch for CVE-2019-15133.
Set CVE_PRODUCT to "giflib_project:giflib" which is used
in NVD. https://nvd.nist.gov/vuln/detail/CVE-2019-15133
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Upgrade to release 4.19.23:
- Added some missing quotes to configure.py
- Fixed a race condition when calling the PyQt5-specific meta-call
helper.
- Fixed the wrapping of methods that return a Py_Ssize_t.
- The code generator now distinguishes between the copy/assignment
helper and the array helper when determining which helpers can
be generated.
- Fixed the code generation when making a copy of C++ object on
the stack to the heap when the class has no suitable ctor.
- Check there is a public copy ctor when we can't using an
assigment operator as a workaround.
- Preserve any current exception in the implementation of the
wrapper dealloc functions.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 358b3982583c93fdc0a4cebdab31f923d77b7f8b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Consolidate inc and bb files into a single bb file.
Fix the broken link for HOMEPAGE.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 2bc281393aa6c6b83218f2996c32b793ac79a42a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Søren Andersen <san@skov.dk>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 3c8ad9192c1c9f4323bdc7ff28456f11db689adb)
Signed-off-by: Ulrich Ölmann <u.oelmann@pengutronix.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Upgrade SRCREV to latest as it fixes the below issue:
Running UndefinedBehaviorSanitizer on projects that use
rapidjson triggers 'applying non-zero offset <NN> to null
pointer' findings in 'internal/stack.h' which are hard
to suppress by library users.
Removed "0001-CMake-remove-hardcoded-CMAKECONFIG_INSTALL_DIR-path.patch"
as the changes are already incorporated in the latest
codebase.
As per abi-compliance-checker report the source compatibility
and binary compatibility between previous SRCREV
6a905f9311f82d306da77bd963ec5aa5da07da9c and current
SRCREV 0ccdbf364c577803e2a751f5aededce935314313
is 100% and this patch is already tested on 64bit
ARM (aarch64) in a product with on target CI tests.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 04d9ea0ba7ece968244bf049893dd5636675b76f)
Signed-off-by: Harpritkaur Bhandari <Harpritkaur.Bhandari@kpit.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
CVE-2020-35864 is for the rust crate for flatbuffers, not
flatbuffers itself.
https://security-tracker.debian.org/tracker/CVE-2020-35864
"NOT-FOR-US: flatbuffers rust crate"
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Source: git.openembedded.org
MR: 108115, 108125, 108095, 108105
Type: Security Fix
Disposition: Backport from https://git.openembedded.org/meta-openembedded/commit/meta-networking/recipes-daemons/iscsi-initiator-utils?id=46e30569e3b3d0cc66ce05e9accd759f37705feb
ChangeID: 46e30569e3b3d0cc66ce05e9accd759f37705feb
Description:
0001-libopeniscsiusr-Compare-with-max-int-instead-of-max-.patch
Removed since this is included in 2.1.3
Bugfix only update. Also includes these CVE fixes:
CVE-2020-13988
CVE-2020-13987
CVE-2020-17438
CVE-2020-17437
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
This unbreaks the build with clang as well.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 409032dcc59bed5051cca454f7344b3cd207cebf)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Fix build with clang
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit b99b2f5297a587188cf28e687111b58d7e358fb7)
[Bug fix only update]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 8826791d795e65851ad20bbc0f34e74b2bf72e07)
(cherry picked from commit 2ed77abf132696b7f3a8b9f8f422eb33ff711038)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Modify recipe to install application desktop files for xterm.
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 593f21eda5b119f6408975c6b15e94fb168cc9dc)
(cherry picked from commit a653238398d483c805c3d026d890162f131ecc01)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
gupnp 1.2.3 adds mitigation for CVE-2020-12695 (CallStranger)
Signed-off-by: Diego Santa Cruz <Diego.SantaCruz@spinetix.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit 25285ded6360a3a25216b66e89e346b89500b5b2)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Dependency of gupnp 1.2.3
Signed-off-by: Diego Santa Cruz <Diego.SantaCruz@spinetix.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit e788d4673888f15c302842fb1ce0284aafa6e3d7)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Fixes the following CVEs:
CVE-2020-25694
CVE-2020-25695
CVE-2020-25696
Full release notes at:
https://www.postgresql.org/docs/12/release-12-5.html
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit 6ff4bd4f345b4e8030b9197d13097308df521576)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
geoclue serivce rely on avahi-daemon, so enable it by default.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9239584e717bb2093c9bfd6972bb2f01507ab859)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 69bae2a2360643805de2ae1cd9ebc4202cd5a2fb)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Remove --enable-music-ogg-tremor as it broke vorbis support:
checking tremor/ivorbisfile.h usability... no
checking tremor/ivorbisfile.h presence... no
checking for tremor/ivorbisfile.h... no
checking for ov_open_callbacks in -lvorbisidec... no
configure: WARNING: *** Unable to find Ogg Vorbis Tremor library (http://www.xiph.org/)
configure: WARNING: Ogg Vorbis support disabled
With this change:
checking vorbis/vorbisfile.h usability... yes
checking vorbis/vorbisfile.h presence... yes
checking for vorbis/vorbisfile.h... yes
checking for ov_open_callbacks in -lvorbisfile... yes
-- dynamic libvorbisfile -> libvorbisfile.so.3
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 074c7d9a1ebb86674f02d8a5545e1ed54f6d87fe)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Sean Nyekjaer <sean@geanix.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit cde1019804c2f7b67bf89d178eec9f4efafea414)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit ac6bc96e7da6b3c9d5b9c9272b487a926fbb462e)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Uprev nodejs in order to fix CVE-2020-8277.
This CVE allows an attacker to trigger a DNS request for a host
of their choice, which could trigger a Denial of Service in
nodejs versions < 12.19.1.
See https://nvd.nist.gov/vuln/detail/CVE-2020-8277 for details.
CVE: CVE-2020-8277
Signed-off-by: Stacy Gaikovaia <Stacy.Gaikovaia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit a44015408253d8a4f64055f41fa1f497aeacfc30)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit 387f40ce8068ec8848c2e3b76ce2e3267b98c3d6)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This perhaps is last release in 12.x LTS
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit a10f894a8e7f800d2412fff8d47fb37d363fa322)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Backport a patch from upstream to take care of build failure e.g.
| ../deps/v8/src/codegen/arm/cpu-arm.cc:38:16: error: write to reserved register 'R7'
| asm volatile("svc 0\n"
| ^
| 1 error generated.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 45a2dfdd0f16ed6941926e2dca1ad90f36e120bc)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Drop already upstreamed patches
use builtin uv, it does not build without it
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit bda3ee6276d76a10d2b5564da5709db4c21b8f13)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Remove soon-to-be removed getAllFieldPositions
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Andrej Valek <andrej.valek@siemens.com>
(cherry picked from commit 7910f2b64575dcd3352effd441accb3b56e3554d)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Source: Wireshark.org
MR: 106181, 106696, 107655, 107673, 107682
Type: Security Fix
Disposition: Backport from wireshark.org
ChangeID: 57df6ac3b11aabd96e6aec728501ce7988bc176a
Description:
Bugfix only update including these cves:
3.2.8
CVE-2020-26575
CVE-2020-28030
3.2.9
CVE-2020-26418
CVE-2020-26421
CVE-2020-26420
Signed-off-by: Armin Kuster <akuster@mvista.com>
(cherry picked from commit a10ea62a1c9c7b0c4810f2e4ef0dcc6f75b0ca6b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Source: Mozilla.org
MR: 106876
Type: Security Fix
Disposition: Backport from https://hg.mozilla.org/projects/nss/raw-rev/aeb2e583ee957a699d949009c7ba37af76515c20
ChangeID: a61d4926f8ab5afc54c23e58cd86b4a7609c9708
Description:
Fixes CVE-2020-12401
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
LIC_FILES_CHKSUM changed to do year updates
This is the last 5.3.x update. This will give us the best
starting point for doing Maintence moving forward.
Its a bug fix only update. See http://www.lua.org/work/diffs-lua-5.3.5-lua-5.3.6.html
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Source: openembedded.org
MR: 105165
Type: Security Fix
Disposition: Backport from https://git.openembedded.org/meta-openembedded gatesgarth
ChangeID: 747161877824daae061bc4fb458f55ab033f62f4
Description:
Fix CVE-2020-24371
Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Source: openembedded.org
MR: 104897
Type: Security Fix
Disposition: Backport from https://git.openembedded.org/meta-openembedded gatesgarth
ChangeID: 6c43941d116bbb9f0d62ca5376da24ae03eb9eab
Description:
Fixes CVE-2020-15945
Backport with modifications to apply successfully.
Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Source: mariadb.org
MR: 107836, 107837, 107838, 107839, 107840, 107852, 106414, 106414, 107864, 107876, 107888
Type: Security Fix
Disposition: Backport from mariadb.org
ChangeID: 75fb83ced15990b94659af6e107c063d288cb037
Description:
refresh several patches
Drop 0001-Fix-build-breakage-from-lock_guard-error-6161.patch as fix included in update
Bugfix only update including these cves:
10.4.13
CVE-2020-2752
CVE-2020-2812
CVE-2020-2814
CVE-2020-2760
CVE-2020-13249
10.4.15
CVE-2020-15180
10.4.16
CVE-2020-14812
CVE-2020-14765
CVE-2020-14776
CVE-2020-14789
CVE-2020-28912 (MDEV-24040)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Source: meta-openembedded.org
MR: 105034, 105034, 105124
Type: Security Fix
Disposition: Backport from https://git.openembedded.org/meta-openembedded/commit/meta-webserver/recipes-httpd/apache2?h=gatesgarth&id=fc995b3cfed86850ce5ab1b70da1e31560ac350f
ChangeID: 37b9f376c5e4b9a9355f867bac56454e2630d86c
Description:
Minor upgrade inluding bug and CVE fixes, namely:
- CVE-2020-9490
- CVE-2020-11984
- CVE-2020-11993
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit fc995b3cfed86850ce5ab1b70da1e31560ac350f)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Security Advisory
References
https://nvd.nist.gov/vuln/detail/CVE-2020-7069
https://bugs.php.net/patch-display.php?bug_id=79601&patch=openssl_aes_ccm_iv_fix&revision=latest
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit fa80193468745a11bc12d5845f66412a0d62e0e2)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit 992e09f09a40e7a8d03c7c4b5adf40f821ed3774)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
Khem Raj
Mario Schuknecht
changqing.li@windriver.com
akuster
Martin Jansa
Haiqing Bai
Andrej Kozemcak
zhengruoqin
zangrc
Sean Nyekjaer
Dan Murphy
Mikko Rapeli
Leon Anavi
Søren Andersen
Harpritkaur Bhandari
Dmitry Baryshkov
Diego Santa Cruz
Robert Joslyn
Chenxi Mao
jabdoa2
Stacy Gaikovaia
Armin Kuster
Wenlin Kang
Sakib Sajal