From: Khairul Rohaizzat Jamaluddin
40.4 Changelogs:
Fix crash when clearing all passwords (#1570)
Fix security indicator disappearing after entering reader mode (#1580)
Fix crash opening PDFs not loaded via HTTP (#1611)
Fix CVE-2021-45085, CVE-2021-45086, CVE-2021-45087, CVE-2021-45088 (#1612)
Fi
From: Khairul Rohaizzat Jamaluddin
Includes fix patches for epiphany CVE.
CVE: CVE-2021-45085 CVE-2021-45086 CVE-2021-45087 CVE-2021-45088
Signed-off-by: Khairul Rohaizzat Jamaluddin
---
.../epiphany/{epiphany_41.0.bb => epiphany_41.3.bb} | 2 +-
1 file changed, 1 insertion(+), 1
From: Khairul Rohaizzat Jamaluddin
CVE:
CVE-2021-33574
Signed-off-by: Khairul Rohaizzat Jamaluddin
---
.../glibc/glibc/CVE-2021-33574_1.patch| 76 +++
.../glibc/glibc/CVE-2021-33574_2.patch| 61 +++
meta/recipes-core/glibc/glibc_2.33.bb | 2
From: Khairul Rohaizzat Jamaluddin
CVE:
CVE-2021-22897
Signed-off-by: Khairul Rohaizzat Jamaluddin
---
.../curl/curl/CVE-2021-22897.patch| 72 +++
meta/recipes-support/curl/curl_7.75.0.bb | 1 +
2 files changed, 73 insertions(+)
create mode 100644 meta/recip
From: Khairul Rohaizzat Jamaluddin
CVE:
CVE-2021-22898
Signed-off-by: Khairul Rohaizzat Jamaluddin
---
.../curl/curl/CVE-2021-22898.patch| 33 +++
meta/recipes-support/curl/curl_7.75.0.bb | 1 +
2 files changed, 34 insertions(+)
create mode 100644 meta/recip
From: Khairul Rohaizzat Jamaluddin
CVE:
CVE-2020-35517
Signed-off-by: Khairul Rohaizzat Jamaluddin
---
meta/recipes-devtools/qemu/qemu.inc | 3 +
.../qemu/qemu/CVE-2020-35517_1.patch | 153 +
.../qemu/qemu/CVE-2020-35517_2.patch | 117 +++
.../qemu/qe
Anatol Belski
Sent: Wednesday, March 17, 2021 4:24 AM
To: Steve Sakoman
Cc: Denys Dmytriyenko ; Jamaluddin, Khairul Rohaizzat
; Khem Raj ;
Patches and discussions about the oe-core layer
Subject: Re: [OE-core] [PATCH] glibc: Fix CVE-2021-27645
Hi,
On 3/16/2021 4:45 PM, Steve Sakoman wrote:
----
From: Jamaluddin, Khairul Rohaizzat
Sent: Saturday, March 13, 2021 3:34 AM
To: Khem Raj
Cc: Patches and discussions about the oe-core layer
Subject: RE: [OE-core] [PATCH] glibc: Fix CVE-2021-27645
Yes, seems to be in the list as well..
The version for both branch is within the versions mentioned i
M
To: Jamaluddin, Khairul Rohaizzat
Cc: Patches and discussions about the oe-core layer
Subject: Re: [OE-core] [PATCH] glibc: Fix CVE-2021-27645
On Thu, Mar 11, 2021 at 7:21 AM Jamaluddin, Khairul Rohaizzat
wrote:
>
> From: Khairul Rohaizzat Jamaluddin
>
>
> CVE:
> CVE-2021-27645
From: Khairul Rohaizzat Jamaluddin
CVE:
CVE-2021-27645
Signed-off-by: Khairul Rohaizzat Jamaluddin
---
.../glibc/glibc/CVE-2021-27645.patch | 51 +++
meta/recipes-core/glibc/glibc_2.33.bb | 1 +
2 files changed, 52 insertions(+)
create mode 100644 meta/recip
From: Khairul Rohaizzat Jamaluddin
It is an reported as to affect on rc0 release of qemu-5.1.0
https://nvd.nist.gov/vuln/detail/CVE-2020-15863
It was already patched in
https://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?id=d3c60cde03fd7de11776ec04ff50c61b6e1f6140
Signed-off-by: Khairul Roh
Please ignore this. Wrongly sent.
Thank you & Kind regards,
Khairul
-Original Message-
From: openembedded-core@lists.openembedded.org
On Behalf Of Jamaluddin, Khairul
Rohaizzat
Sent: Thursday, January 14, 2021 12:40 AM
To: openembedded-core@lists.openembedded.org
Cc: Jamalu
From: Khairul Rohaizzat Jamaluddin
Backport the CVE patches from upstream:
https://github.com/FFmpeg/FFmpeg/commit/27a99e2c7d450fef15594671eef4465c8a166bd7
https://github.com/FFmpeg/FFmpeg/commit/3e5959b3457f7f1856d997261e6ac672bba49e8b
CVE:
CVE-2020-35964
CVE-2020-35965
Signed-off-by: Khairul
From: Khairul Rohaizzat Jamaluddin
Backport the CVE patches from upstream:
https://github.com/FFmpeg/FFmpeg/commit/27a99e2c7d450fef15594671eef4465c8a166bd7
https://github.com/FFmpeg/FFmpeg/commit/3e5959b3457f7f1856d997261e6ac672bba49e8b
CVE:
CVE-2020-35964
CVE-2020-35965
Signed-off-by: Khairul
From: Khairul Rohaizzat Jamaluddin
Backport the CVE patches from upstream
https://github.com/curl/curl/commit/ec9cc725d598ac
https://github.com/curl/curl/commit/a95a6ce6b809693a1195e3b4347a6cfa0fbc2ee7
https://github.com/curl/curl/commit/69a358f2186e04
https://github.com/curl/curl/commit/d9d01672
From: Khairul Rohaizzat Jamaluddin
update to version 7.74.0
curl 7.74.0 hsts: add experimental support for Strict-Transport-Security with
various bug fixes
Reference:
https://curl.se/changes.html#7_74_0
update includes fix for CVE:
CVE-2020-8284
CVE-2020-8285
CVE-2020-8286
Signed-off-by: Kha
From: Khairul Rohaizzat Jamaluddin
update to version 7.74.0
curl 7.74.0 hsts: add experimental support for Strict-Transport-Security with
various bug fixes
Reference:
https://curl.se/changes.html#7_74_0
update includes fix for CVE:
CVE-2020-8284
CVE-2020-8285
CVE-2020-8286
Signed-off-by: Kha
From: Khairul Rohaizzat Jamaluddin
update to version 7.74.0
curl 7.74.0 hsts: add experimental support for Strict-Transport-Security with
various bug fixes
Reference:
https://curl.se/changes.html#7_74_0
update includes fix for CVE:
CVE-2020-8284
CVE-2020-8285
CVE-2020-8286
Signed-off-by: Kha
My apologies for the mistake earlier.. I didn’t notice it was sent in that
format..
Thank you & Kind regards,
Khairul
From: openembedded-core@lists.openembedded.org
On Behalf Of Alexander Kanavin
Sent: Tuesday, December 15, 2020 8:38 PM
To: Jamaluddin, Khairul Rohaizzat
Cc: OE-core
Sub
From: Khairul Rohaizzat Jamaluddin
update version to 1.1.1i
openssl 1.1.1i Fixed NULL pointer deref in GENERAL_NAME_cmp (CVE-2020-1971)
updates include fix for CVE:
CVE-2020-1971
Signed-off-by: Khairul Rohaizzat Jamaluddin
---
.../openssl/{openssl_1.1.1h.bb => openssl_1.1.1i.bb}
From: Khairul Rohaizzat Jamaluddin
update version to 1.1.1i
openssl 1.1.1i Fixed NULL pointer deref in GENERAL_NAME_cmp (CVE-2020-1971)
updates include fix for CVE:
CVE-2020-1971
Signed-off-by: Khairul Rohaizzat Jamaluddin
---
.../recipes-connectivity/openssl/openssl_1.1.1h.bb | 216 ---
1:37 AM
To: Jamaluddin, Khairul Rohaizzat
Cc: openembedded-core@lists.openembedded.org
Subject: Re: [OE-core] [PATCH][gatesgarth] go: 1.15.2 -> 1.15.6
Can you first update it on master and then do needed backport ?
On Sun, Dec 13, 2020 at 5:53 PM Jamaluddin, Khairul Ro
Hi Anuj,
Duly noted. Please do proceed as needed.
Thank you & Kind regards,
Khairul
-Original Message-
From: Mittal, Anuj
Sent: Monday, December 14, 2020 12:15 PM
To: openembedded-core@lists.openembedded.org; Jamaluddin, Khairul Rohaizzat
Subject: Re: [OE-core] [PATCH][gatesg
From: Khairul Rohaizzat Jamaluddin
update minor version to 1.15.6
go-1.15.3 includes fixes to cgo, the compiler, runtime, the go command, and the
bytes, plugin, and testing packages.
go-1.15.4 includes fixes to cgo, the compiler, linker, runtime, and the
compress/flate, net/http, reflect, and
From: Khairul Rohaizzat Jamaluddin
The deleted patch file mentioned below is removed since 1.15.6
already has the issue patched.
Signed-off-by: Khairul Rohaizzat Jamaluddin
---
meta/recipes-devtools/go/go-1.15.inc | 5 +-
...permit-CGO_LDFLAGS-to-appear-in-go-ldflag.patch | 10
From: Khairul Rohaizzat Jamaluddin
IMAGE_EFI_BOOT_FILES created to help differentiate files needed between
bootimg-efi and bootimg-partition when creating the installer/.wic file.
Signed-off-by: Khairul Rohaizzat Jamaluddin
---
documentation/ref-manual/ref-variables.xml | 55 +
From: Khairul Rohaizzat Jamaluddin
Due to recent changes in bootimg-efi to include IMAGE_BOOT_FILES,
when both bootimg-partition and bootimg-efi occur in a single .wks
and IMAGE_BOOT_FILES are defined, files listed in IMAGE_BOOT_FILES
will be duplicated in both partition.
Since IMAGE_BOOT_FILES a
From: Khairul Rohaizzat Jamaluddin
Due to recent changes in bootimg-efi to include IMAGE_BOOT_FILES,
when both bootimg-partition and bootimg-efi occur in a single .wks
and IMAGE_BOOT_FILES are defined, files listed in IMAGE_BOOT_FILES
will be duplicated in both partition.
Since IMAGE_BOOT_FILES a
From: Khairul Rohaizzat Jamaluddin
Due to recent changes in bootimg-efi to include IMAGE_BOOT_FILES,
when both bootimg-partition and bootimg-efi occur in a single .wks
and IMAGE_BOOT_FILES are defined, files listed in IMAGE_BOOT_FILES
will be duplicated in both partition.
Since IMAGE_BOOT_FILES a
From: Khairul Rohaizzat Jamaluddin
Due to recent changes in bootimg-efi to include IMAGE_BOOT_FILES,
when both bootimg-partition and bootimg-efi occur in a single .wks
and IMAGE_BOOT_FILES are defined, files listed in IMAGE_BOOT_FILES
will be duplicated in both partition.
Since IMAGE_BOOT_FILES a
From: Khairul Rohaizzat Jamaluddin
Due to recent changes in bootimg-efi to include IMAGE_BOOT_FILES,
when both bootimg-partition and bootimg-efi occur in a single .wks
and IMAGE_BOOT_FILES are defined, files listed in IMAGE_BOOT_FILES
will be duplicated in both partition.
Since IMAGE_BOOT_FILES a
From: Richard Purdie
Sent: Tuesday, August 25, 2020 6:26 AM
To: Jamaluddin, Khairul Rohaizzat ;
openembedded-core@lists.openembedded.org
Subject: Re: [OE-core] [PATCH] wic/bootimg-efi: Added feature to exclude
IMAGE_BOOT_FILES
On Mon, 2020-08-24 at 14:39 +0800, khairul.rohaizzat.jamalud...@intel.com w
32 matches
Mail list logo