0257:file = file.replace("%", "")
*** 0258:attr = get_attr(file)
...
*** 0203:stat_f = os.stat(rootpath + "/" + path,
follow_symlinks=False)
Exception: FileNotFoundError: [Errno 2] No such file or directory:
From: Simone Weiß
Upgrade version to adress recent CVE findings.
Changelog
=
** libgnutls: Fix more timing side-channel inside RSA-PSK key exchange
[GNUTLS-SA-2024-01-14, CVSS: medium] [CVE-2024-0553]
** libgnutls: Fix assertion failure when verifying a certificate chain with a
Cumulative Fixes for CVE-2023-6816, CVE-2024-0229, CVE-2024-21885,
CVE-2024-21886,
CVE-2024-0408, CVE-2024-0409
Signed-off-by: Khem Raj
---
.../xwayland/{xwayland_23.2.3.bb => xwayland_23.2.4.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename
Thank you for your submission. Patchtest identified one
or more issues with the patch. Please see the log below for
more information:
---
Testing patch
/home/patchtest/share/mboxes/kirkstone-sqlite3-ignore-CVE-2024-0232.patch
FAIL: test CVE check ignore: CVE_CHECK_IGNORE is deprecated and
From: Peter Marko
CVE-2023-36191 is now rejected in NVD DB so it won't shoup up in
cve-check report anymore.
Signed-off-by: Peter Marko
---
meta/recipes-support/sqlite/sqlite3_3.43.2.bb | 3 ---
1 file changed, 3 deletions(-)
diff --git a/meta/recipes-support/sqlite/sqlite3_3.43.2.bb
From: Peter Marko
This fixes CVE-2024-0232
Signed-off-by: Peter Marko
---
.../sqlite/{sqlite3_3.43.1.bb => sqlite3_3.43.2.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-support/sqlite/{sqlite3_3.43.1.bb => sqlite3_3.43.2.bb}
(78%)
diff --git
From: Peter Marko
This CVE reports bug which was fixed in 3.43.2 by [1].
Code analysis shows that it is fixing caching issue
and this cache was introduced by [2].
This landed only in 3.43.0 so 3.85.5 is not affected.
[1] https://sqlite.org/src/info/5b09212ac05615fc
[2]
From: Peter Marko
This CVE reports bug which was fixed in 3.43.2 by [1].
Code analysis shows that it is fixing caching issue
and this cache was introduced by [2].
This landed only in 3.43.0 so 3.85.5 is not affected.
[1] https://sqlite.org/src/info/5b09212ac05615fc
[2]
I am seeing some failures in meta-oe ( especially nodejs ) which I
suspect are due to rpm upgrade and patches around it.
https://autobuilder.yoctoproject.org/typhoon/#/builders/88/builds/3566/steps/15/logs/stdio
On Fri, Jan 26, 2024 at 5:35 AM Alexander Kanavin
wrote:
>
> Upstream has replaced
Branch: nanbield
New this week: 16 CVEs
CVE-2023-4001 (CVSS3: 6.8 MEDIUM): grub:grub-efi:grub-native
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4001 *
CVE-2023-6129 (CVSS3: 6.5 MEDIUM): openssl:openssl-native
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6129 *
Branch: kirkstone
New this week: 5 CVEs
CVE-2023-4001 (CVSS3: 6.8 MEDIUM): grub:grub-efi:grub-native
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4001 *
CVE-2023-48795 (CVSS3: 5.9 MEDIUM): libssh2:libssh2-native
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48795 *
Branch: dunfell
New this week: 6 CVEs
CVE-2023-4001 (CVSS3: 6.8 MEDIUM): grub:grub-efi:grub-efi-native
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4001 *
CVE-2023-6683 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native
Branch: master
New this week: 14 CVEs
CVE-2023-4001 (CVSS3: 6.8 MEDIUM): grub:grub-efi:grub-native
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4001 *
CVE-2023-4692 (CVSS3: 7.8 HIGH): grub:grub-efi:grub-native
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4692 *
yamllint requires pathspec module to be available
Signed-off-by: Konrad Weihmann
---
meta/recipes-devtools/python/python3-yamllint_1.33.0.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-devtools/python/python3-yamllint_1.33.0.bb
14 matches
Mail list logo
