| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
| |
A flaw was found in all released versions of m2crypto, where they are
vulnerable to Bleichenbacher timing attacks in the RSA decryption API
via the timed processing of valid PKCS#1 v1.5 Ciphertext. The highest
threat from this vulnerability is to confidentiality.
Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This patch fixes a bug in libyang which could cause a null
pointer dereference from a call to strcmp.
Since this recipe includes ptests, the tests were run twice
(once before the patch and once after) with the same results:
all tests passing except utest_types, which is skipped.
Signed-off-by: Natasha Bailey <nat.bailey@windriver.com>
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Django 4.2* is designated as a long-term support release. It will receive
security updates for at least three years after its release (From April-2023
to April-2026).
The delta between 4.0.2 and 4.2.1 contain numerous CVEs and other
bugfixes.
Changelog: https://docs.djangoproject.com/en/dev/releases/4.2.1/
Signed-off-by: Randy MacLeod <randy.macleod@windriver.com>
Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a security fix cherry-picked from master:
CVE-2022-40318:
An out-of-bounds read exists in the BGP daemon of FRRouting FRR through
8.4. When sending a malformed BGP OPEN message that ends with the option
length octet (or the option length word, in case of an extended OPEN
message), the FRR code reads of out of the bounds of the packet,
throwing a SIGABRT signal and exiting. This results in a bgpd daemon
restart, causing a Denial-of-Service condition.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2022-43681
https://cyberriskleaders.com/new-vulnerabilities-disclosed-in-frrouting-software/
Patch from:
https://github.com/FRRouting/frr/commit/766eec1b7accffe2c04a5c9ebb14e9f487bb9f78
Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a security fix from the stable/8.2 branch:
CVE-2022-40318:
An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By
crafting a BGP OPEN message with an option of type 0xff (Extended Length
from RFC 9072), attackers may cause a denial of service (assertion
failure and daemon restart, or out-of-bounds read). This is possible
because of inconsistent boundary checks that do not account for reading
3 bytes (instead of 2) in this 0xff case. NOTE: this behavior occurs in
bgp_open_option_parse in the bgp_open.c file, a different location (with
a different attack vector) relative to CVE-2022-40302.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2022-40318
https://cyberriskleaders.com/new-vulnerabilities-disclosed-in-frrouting-software/
Patch from:
https://github.com/FRRouting/frr/commit/72088b05d469a6b6a8b9a2b250885246ea0c2acb
Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a security fix from the stable/8.2 branch for two CVEs for the same
vulneratiblity:
CVE-2022-36440:
A reachable assertion was found in Frrouting frr-bgpd 8.3.0 in the
peek_for_as4_capability function. Attackers can maliciously construct
BGP open packets and send them to BGP peers running frr-bgpd, resulting
in DoS.
CVE-2022-40302:
An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By
crafting a BGP OPEN message with an option of type 0xff (Extended Length
from RFC 9072), attackers may cause a denial of service (assertion
failure and daemon restart, or out-of-bounds read). This is possible
because of inconsistent boundary checks that do not account for reading
3 bytes (instead of 2) in this 0xff case.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2022-36440
https://nvd.nist.gov/vuln/detail/CVE-2022-40302
https://cyberriskleaders.com/new-vulnerabilities-disclosed-in-frrouting-software/
https://github.com/FRRouting/frr/issues/13202
Patch from:
https://github.com/FRRouting/frr/commit/02a0e45f66160f571196a105b217e1bb84d1a835
Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
using libbpf-native provided headers for pahole-native or other application.
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
This reverts commit 0cc8e22c463324ddd833239116b1ff82ef82f42c.
The pahole-native package should use the header from libbpf instead of linux-libc-headers,
the 0cc8e22c would cause compile error, so revert it.
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
* needed for abseil-cpp-native on hosts with gcc-13"
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
upgrade include fix for CVE-2022-46149
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
(cherry-picked from 795ccdd86cad05c425adae15af27797f42f33c56)
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
python3-gcovr requires standard python module multiprocessing as runtime
dependency.
Upstream-Status: Inappropriate [configuration]
Signed-off-by: Jasper Orschulko <jasper@fancydomain.eu>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(Cherry-picked from commit 5564dbb8ff22d9ca4296a68f92f3c9d05fbdf99f)
Signed-off-by: Jasper Orschulko <jasper@fancydomain.eu>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This removes the old unused license for netperf as upstream
moved to using the MIT license for netperf.
See: meta-openembedded commit 587fe5877790b6c2e1d337c351b8f50603ad4db9
Signed-off-by: Arsalan H. Awan <arsalan.awan@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 27bdecd1bcf1fa86bf4ebbc527fceb455efe2970)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
To build pahole-native we need libbpf-native
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(backport from commit a28b7fdbf4bf973112530219d63f7559060ec8c7)
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Add support for building native and nativesdk variants.
Signed-off-by: Bhargav Das <bhargav.das@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
pahole-native package needs some uapi headers such like linux/btf.h,
otherwise it would report error as below:
btf_loader.c:342:54: error: invalid use of undefined type ‘struct btf_enum64’
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Add support for building native and nativesdk variants.
Signed-off-by: Bhargav Das <bhargav.das@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Werkzeug is a comprehensive WSGI web application library. Prior to
version 2.2.3, Werkzeug's multipart form data parser will parse an
unlimited number of parts, including file parts. Parts can be a
small amount of bytes, but each requires CPU time to parse and may
use more memory as Python data. If a request can be made to an
endpoint that accesses `request.data`, `request.form`, `request.files`,
or `request.get_data(parse_form_data=False)`, it can cause unexpectedly
high resource usage. This allows an attacker to cause a denial of
service by sending crafted multipart data to an endpoint that will
parse it. The amount of CPU time required can block worker processes
from handling legitimate requests. The amount of RAM required can
trigger an out of memory kill of the process. Unlimited file parts
can use up memory and file handles. If many concurrent requests are
sent continuously, this can exhaust or kill all available workers.
Version 2.2.3 contains a patch for this issue.
Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix:
WARNING: lib32-redis-7.0.4-r0 do_patch: Fuzz detected:
Applying patch GNU_SOURCE.patch
patching file src/zmalloc.c
Hunk #1 succeeded at 32 with fuzz 2 (offset 4 lines).
There are two version of redis, and need different GNU_SOURCE.patch
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
Changes with Apache 2.4.57
*) mod_proxy: Check before forwarding that a nocanon path has not been
rewritten with spaces during processing. [Yann Ylavic]
*) mod_proxy: In case that AllowEncodedSlashes is set to NoDecode do not
double encode encoded slashes in the URL sent by the reverse proxy to the
backend. [Ruediger Pluem]
*) mod_http2: fixed a crash during connection termination. See PR 66539.
[Stefan Eissing]
*) mod_rewrite: Fix a 2.4.56 regression for substitutions ending
in a question mark. PR66547. [Eric Covener]
*) mod_rewrite: Add "BCTLS" and "BNE" RewriteRule flags. Re-allow encoded
characters on redirections without the "NE" flag.
[Yann Ylavic, Eric Covener]
*) mod_proxy: Fix double encoding of the uri-path of the request forwarded
to the origin server, when using mapping=encoded|servlet. [Yann Ylavic]
*) mod_mime: Do not match the extention against possible query string
parameters in case ProxyPass was used with the nocanon option.
[Ruediger Pluem]
New patch:
0011-modules-mappers-config9.m4-Add-server-directory-to-i.patch
Accepted in upstream, expected to be removed at next apache2 2.4.58 update.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 0b9305faa29f6e26871e7662391efbaae4ae92d9)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade urgency: SECURITY, contains fixes to security issues.
Security Fixes:
* (CVE-2023-28425) Specially crafted MSETNX command can lead to assertion and denial-of-service
Bug Fixes
=========
* Large blocks of replica client output buffer may lead to psync loops and unnecessary memory usage (#11666)
* Fix CLIENT REPLY OFF|SKIP to not silence push notifications (#11875)
* Trim excessive memory usage in stream nodes when exceeding `stream-node-max-bytes` (#11885)
* Fix module RM_Call commands failing with OOM when maxmemory is changed to zero (#11319)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Refer: https://support.zabbix.com/browse/ZBX-22587
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
An issue was discovered in the Connected Vehicle Systems Alliance (COVESA; formerly GENIVI)
dlt-daemon through 2.18.8. Dynamic memory is not released after
it is allocated in dlt-control-common.c.
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-26257
https://github.com/COVESA/dlt-daemon/issues/440
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* fixes:
lib32-zsh-5.8: lib32-zsh: Files/directories were installed but not shipped in any package:
/usr/share/lib32-zsh
/usr/share/lib32-zsh/5.8
/usr/share/lib32-zsh/site-functions
/usr/share/lib32-zsh/5.8/functions
/usr/share/lib32-zsh/5.8/functions/_selinux_users
... 1000+ lines ...
/usr/share/lib32-zsh/5.8/functions/VCS_INFO_bydir_detect
Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install.
lib32-zsh: 1116 installed and not shipped files. [installed-vs-shipped]
* they will clash if someone is trying to install both zsh
and lib32-zsh, but it's not very likely as nobody sane
was building lib32-zsh with 1000+ line warning regularly
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
* the libdir is arch specific, but the subdirectory is always BPN
* fixes:
lib32-dleyna-server-0.6.0+gitAUTOINC+eb895ae827: non -dev/-dbg/nativesdk- package lib32-dleyna-server contains symlink .so '/usr/lib/dleyna-server/libdleyna-server-1.0.so' [dev-so]
lib32-dleyna-renderer-0.6.0: non -dev/-dbg/nativesdk- package lib32-dleyna-renderer contains symlink .so '/usr/lib/dleyna-renderer/libdleyna-renderer-1.0.so' [dev-so]
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
* use ${S} instead of ${WORKDIR}/${PN}-${PV}
and ${BP} instead of ${PN}-${PV}
to fix build with multilib, where PN is lib32-lirc, but S is correctly set
as ${WORKDIR}/${BP} and do_install fails with:
mkdir: cannot create directory ‘lib32-lirc/0.10.1-r0/lib32-lirc-0.10.1/python-pkg/dist/’: No such file or directory
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
Added refreshed patch for CVE issue CVE-2020-12825
Link: https://gitlab.com/inkscape/inkscape/-/commit/203d62efefe6f79080863dda61593003b4c31f25
Signed-off-by: Neetika.Singh <Neetika.Singh@kpit.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* with multilib BASELIB is just "lib" while baselib is "lib64"
and libdir is "/usr/lib64".
* fixes:
ERROR: QA Issue: lvgl: Files/directories were installed but not shipped in any package:
/usr/lib
/usr/lib/liblvgl.a
Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install.
lvgl: 2 installed and not shipped files. [installed-vs-shipped]
* lowercase baselib should work for ppc64 as well (I hope)
# $baselib [3 operations]
# set oe-core/meta/conf/bitbake.conf:10
# "${BASELIB}"
# set oe-core/meta/conf/bitbake.conf:11
# [vardepvalue] "${baselib}"
# set oe-core/meta/conf/multilib.conf:2
# "${@d.getVar('BASE_LIB:tune-' + (d.getVar('DEFAULTTUNE') or 'INVALID')) or d.getVar('BASELIB')}"
# pre-expansion value:
# "${@d.getVar('BASE_LIB:tune-' + (d.getVar('DEFAULTTUNE') or 'INVALID')) or d.getVar('BASELIB')}"
baselib="lib64"
* simplify destsuffix/S setting
* I was surprised that ${WORKDIR}/${PN}-${PV} works in multilib build
but then I've noticed that it's because destsuffix is set to S which
is a bit uncommon, so drop that and use default "git"
* use ${STAGING_INCDIR} instead of ${RECIPE_SYSROOT}/${includedir}
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
* use the same expression as cmake.bbclass is using:
CMAKE_INSTALL_LIBDIR:PATH=${@os.path.relpath(d.getVar('libdir'), d.getVar('prefix') + '/')}
but ${baselib} should work here as well
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
* cherry-picked from langdale "postfix: Upgrade to 3.7.3" commit
dd5226bed9cc76f2a26a1dce046d9de98c8b4cb4 without the upgrade.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
* the user is named mongodb (BPN) and in multilib builds this fails with:
chown: invalid user: 'lib32-mongodb:lib32-mongodb'
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
* do_populate_lic as well as do_configure fails in multilib builds, because S points to empty:
lib32-restinio/0.6.13-r0/lib32-restinio-0.6.13/dev
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
| |
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
In postgresql sysview ptest are failing due to hidden debug info in pg_config table.
The information is hidden due to existing patch 0001-config_info.c-not-expose-build-info.patch
So for passing the test we need to reduce the row count in the sysviews test.
Also for test results to be shown as pass we need to reduce the row count for
the expected count in the sysviews.out file.
Signed-off-by: Manoj Saun <manojsingh.saun@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Flatbuffers contains a library and a schema compiler. The package
contains cmake files to discover the libraries and the compiler tool.
Currently, all of these cmake files are installed into the target
sysroot. However, the compiler utility isn't installed into the sysroot
(as it is not runnable on the build machine).
When an application that depends on flatbuffers gets built, it uses
flatbuffers' exported cmake targets to configure the project. One of the
exported targets is FlatcTarget.cmake which expects to see flatc binary
in /usr/bin of the sysroot. Since binaries for target don't end up in
target sysroot, cmake configuration fails.
This patch addresses this problem of flatbuffers' build infrastructure
in cross-compiling environments. By removing FlatcTarget.cmake for
target builds from the sysroot we essentially skip this step of
flatbuffers' configuration.
Signed-off-by: Ivan Stepic <Ivan.Stepic@bmw.de>
Signed-off-by: Bhabu Bindu <bindudaniel1996@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fix buffer handling of syslog and timestamp parsers.
References:
https://nvd.nist.gov/vuln/detail/CVE-2022-38725
https://github.com/syslog-ng/syslog-ng/releases
https://github.com/syslog-ng/syslog-ng/pull/4110
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In phpMyAdmin before 4.9.11 and 5.x before 5.2.1,
an authenticated user can trigger XSS by
uploading a crafted .sql file through the drag-and-drop interface.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2023-25727
Upstream patch:
https://github.com/phpmyadmin/phpmyadmin/commit/efa2406695551667f726497750d3db91fb6f662e
Signed-off-by: Dragos-Marian Panait <dragos.panait@windriver.com>
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Ptest for duktape executes below tests:
1. hello - a helloworld example is basic compilation test
that test the APIs - duk_get_top(), duk_push_c_function(),
duk_eval_string()
2. eval - a very simple for evaluating expressions from
command line which test the APIs - duk_push_string(),
duk_insert(), duk_join(), duk_pop()
3. evloop - a basic eventloop implementation test
that test the APIs - duk_is_object(), duk_compile()
duk_push_c_function(), duk_safe_call()
Test Summary:
Execution time = 46 sec
Signed-off-by: Nikhil R <nikhil.r@kpit.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 3277a81937bee01437a7ca8634e0f056e318f21b)
Signed-off-by: Nikhil R <nikhil.r@kpit.com>
(cherry picked from commit 5f935c35de9ea620bcbf0d55b096b1a328563a8a)
Signed-off-by: Sana.Kazi <Sana.Kazi@kpit.com>
Signed-off-by: Nikhil R <nikhilar2410@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Backport patch [1] to fix CVE-2022-47015 [2].
[1] https://github.com/MariaDB/server/commit/b98375f9df0
[2] https://jira.mariadb.org/browse/MDEV-29644
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
0001-Fix-for-Issue-31.patch
removed since it's included in 0.33
Changelog:
=========
- Update for windows github CI
- Remove duplicit 'LICENSE' key
- Remove EUMM Remove version check
- #31 by removing reference to RSA_SSLV23_PADDING (removed from OpenSSL starting from v3.0.0)
- support passphase protected private key load
- fix 'unsupported encryption' error on old library versions
- Clarify croak message for missing passphrase on older cyphers
- More structs opaqued in LibreSSL 3.5
- Use a macro for dealing with older SSL lacking macros
- more CI fixups. Drop testing for 5.10 and 5.8. Something is broken upstream.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit a97f771d35d85dfa0a428fbeea7405ad9754a5f8)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* monkey-project.com doesn't resolve anymore
* use v1.6.9 tag from github
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d04444509a220fcb61496d7e64f3ba09c647543b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit 16c5d44d421a10510e7d31f9368df5a9560ddd05)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 8f44a8894f1e24cc7c59250e5dd07e1cc420430a)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
The patch is modified by removing irrelevant and conflicting
CHANGELOG entry.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Backport based on https://github.com/c-ares/c-ares/issues/496
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
ChangeLog:
https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2
Security Fixes:
CVE-2022-46392:
https://nvd.nist.gov/vuln/detail/CVE-2022-46392
CVE-2022-46393:
https://nvd.nist.gov/vuln/detail/CVE-2022-46393
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
