Re: [OE-core][kirkstone][PATCH] go: fix CVE-2023-29406 net/http insufficient sanitization of Host header

t atm since CVE-2023-29406 is a medium bug. > > // Robert > > On 7/26/23 12:37, vkumbhar wrote: > > Signed-off-by: Vivek Kumbhar > > --- > > meta/recipes-devtools/go/go-1.17.13.inc | 1 + > > .../go/go-1.18/CVE-2023-29406.patch | 210 +

[OE-core][dunfell][PATCH] rsync: fix CVE-2022-29154

Source: https://git.samba.org/?p=rsync.git;a=patch;h=b7231c7d02cfb65d291af74ff66e7d8c507ee871 MR: 120436 Type: Security Fix Disposition: Backport from https://git.samba.org/?p=rsync.git;a=patch;h=b7231c7d02cfb65d291af74ff66e7d8c507ee871 ChangeID: c343a62e84fc2bd4793bda2f45e603a1347d0672

[OE-core][dunfell][PATCH] bind: fix CVE-2022-38178

Source: https://gitlab.isc.org/isc-projects/bind9/-/commit/1af23378ebb11da2eb0f412e4563d6c4165fbd3d MR: 122537 Type: Security Fix Disposition: Backport from https://gitlab.isc.org/isc-projects/bind9/-/commit/1af23378ebb11da2eb0f412e4563d6c4165fbd3d ChangeID:

[OE-core][dunfell][PATCH] bluez: fix CVE-2022-39177

Source: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=e2b0f0d8d63e1223bb714a9efb37e2257818268b MR: 122138 Type: Security Fix Disposition: Backport from https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=e2b0f0d8d63e1223bb714a9efb37e2257818268b ChangeID:

[OE-core][dunfell][PATCH] qemu: fix CVE-2021-20196

Source: https://gitlab.com/qemu-project/qemu/-/commit/1ab95af033a419e7a64e2d58e67dd96b20af5233 MR: 111637 Type: Security Fix Disposition: Backport from https://gitlab.com/qemu-project/qemu/-/commit/1ab95af033a419e7a64e2d58e67dd96b20af5233 ChangeID: c1e435aa25bb60b362bb68ab253ff55504e0328d

[OE-core][dunfell][PATCH] qemu: fix CVE-2021-3638

Source: https://lists.nongnu.org/archive/html/qemu-devel/2021-09/msg01682.html MR: 116345 Type: Security Fix Disposition: Backport from https://lists.nongnu.org/archive/html/qemu-devel/2021-09/msg01682.html ChangeID: 16be2d24b89b9ff8f492b034f77eb24800771910 Description: When building QEMU

[OE-core][dunfell][PATCH v2] rsync: fix CVE-2022-29154 remote arbitrary files write inside the directories of connecting peers

From: Vivek Kumbhar Signed-off-by: Vivek Kumbhar --- .../rsync/files/CVE-2022-29154.patch | 334 ++ meta/recipes-devtools/rsync/rsync_3.1.3.bb| 1 + 2 files changed, 335 insertions(+) create mode 100644 meta/recipes-devtools/rsync/files/CVE-2022-29154.patch

[OE-core][dunfell][PATCH v2] libx11: fix CVE-2022-3555 memory leak in _XFreeX11XCBStructure() of xcb_disp.c

From: Vivek Kumbhar Signed-off-by: Vivek Kumbhar --- .../xorg-lib/libx11/CVE-2022-3555.patch | 38 +++ .../recipes-graphics/xorg-lib/libx11_1.6.9.bb | 1 + 2 files changed, 39 insertions(+) create mode 100644 meta/recipes-graphics/xorg-lib/libx11/CVE-2022-3555.patch

[OE-core][dunfell][PATCH] qemu: fix CVE-2021-3507 fdc heap buffer overflow in DMA read data transfers

From: Vivek Kumbhar Signed-off-by: Vivek Kumbhar --- meta/recipes-devtools/qemu/qemu.inc | 1 + .../qemu/qemu/CVE-2021-3507.patch | 87 +++ 2 files changed, 88 insertions(+) create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3507.patch diff

[OE-core][dunfell][PATCH] go: fix CVE-2022-41717 Excessive memory use in got server

From: Vivek Kumbhar Signed-off-by: Vivek Kumbhar --- meta/recipes-devtools/go/go-1.14.inc | 1 + .../go/go-1.14/CVE-2022-41717.patch | 75 +++ 2 files changed, 76 insertions(+) create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-41717.patch diff

[OE-core][kirkstone][PATCH] sqlite: fix CVE-2022-46908 safe mode authorizer callback allows disallowed UDFs.

From: Vivek Kumbhar Signed-off-by: Vivek Kumbhar --- .../sqlite/files/CVE-2022-46908.patch | 39 +++ meta/recipes-support/sqlite/sqlite3_3.38.5.bb | 1 + 2 files changed, 40 insertions(+) create mode 100644 meta/recipes-support/sqlite/files/CVE-2022-46908.patch diff

[OE-core][dunfell][PATCH] go: fix CVE-2022-1962 go/parser stack exhaustion in all Parse* functions

From: Vivek Kumbhar Signed-off-by: Vivek Kumbhar --- meta/recipes-devtools/go/go-1.14.inc | 1 + .../go/go-1.14/CVE-2022-1962.patch| 421 ++ 2 files changed, 422 insertions(+) create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-1962.patch diff

[OE-core][kirkstone][PATCH] python3: fix CVE-2022-42919 local privilege escalation via the multiprocessing forkserver start method

From: Vivek Kumbhar Upstream-Status: Backport from https://github.com/python/cpython/commit/eae692eed18892309bcc25a2c0f8980038305ea2 Signed-off-by: Vivek Kumbhar --- .../python/python3/CVE-2022-42919.patch | 70 +++ .../recipes-devtools/python/python3_3.10.7.bb | 1 +

[OE-core][dunfell][PATCH v2] python3: fix CVE-2022-42919 local privilege escalation via the multiprocessing forkserver start method

From: Vivek Kumbhar Upstream-Status: Backport from https://github.com/python/cpython/commit/eae692eed18892309bcc25a2c0f8980038305ea2 Signed-off-by: Vivek Kumbhar --- .../python/python3/CVE-2022-42919.patch | 70 +++ .../recipes-devtools/python/python3_3.10.7.bb | 1 +

[OE-core][dunfell][PATCH v2] qemu: fix CVE-2021-20196 block fdc null pointer dereference may lead to guest crash

From: Vivek Kumbhar Upstream-Status: Backport [https://gitlab.com/qemu-project/qemu/-/commit/1ab95af033a419e7a64e2d58e67dd96b20af5233] Signed-off-by: Vivek Kumbhar --- meta/recipes-devtools/qemu/qemu.inc | 1 + .../qemu/qemu/CVE-2021-20196.patch| 62 +++

[OE-core][dunfell][PATCH v2] libx11: fix CVE-2022-3555 memory leak in _XFreeX11XCBStructure() of xcb_disp.c

From: Vivek Kumbhar Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/8a368d808fec166b5fb3dfe6312aab22c7ee20af] Signed-off-by: Vivek Kumbhar --- .../xorg-lib/libx11/CVE-2022-3555.patch | 38 +++

[OE-core][dunfell][PATCH] python: fix CVE-2022-42919 local privilege escalation via the multiprocessing forkserver start method

From: Vivek Kumbhar Upstream-Status: Backport from https://github.com/python/cpython/commit/eae692eed18892309bcc25a2c0f8980038305ea2 Signed-off-by: Vivek Kumbhar --- .../python/python3/CVE-2022-42919.patch | 71 +++ .../recipes-devtools/python/python3_3.10.7.bb | 1 +

[OE-core][dunfell][PATCH] libtasn1: fix CVE-2021-46848 off-by-one in asn1_encode_simple_der

From: Vivek Kumbhar Upstream-Status: Backport [https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5] Signed-off-by: Vivek Kumbhar --- .../gnutls/libtasn1/CVE-2021-46848.patch | 45 +++ .../recipes-support/gnutls/libtasn1_4.16.0.bb | 1 +

[OE-core][dunfell][PATCH v2] qemu: fix CVE-2021-20196 block fdc null pointer dereference may lead to guest crash

From: Vivek Kumbhar Upstream-Status: Backport [https://gitlab.com/qemu-project/qemu/-/commit/1ab95af033a419e7a64e2d58e67dd96b20af5233] Signed-off-by: Vivek Kumbhar --- meta/recipes-devtools/qemu/qemu.inc | 1 + .../qemu/qemu/CVE-2021-20196.patch| 50 +++

Re: [OE-core][dunfell][PATCH v2] python3: fix CVE-2022-42919 local privilege escalation via the multiprocessing forkserver start method

Hi Steve, This patch was sent in error to dunfell, Please consider the patch sent for Kirkstone. Kind regards, Vivek On Fri, 25 Nov 2022 at 10:26 PM, Steve Sakoman wrote: > On Thu, Nov 24, 2022 at 2:25 AM vkumbhar wrote: > > > > From: Vivek Kumbhar > > > > Ups

[OE-core][kirkstone][PATCH] openssl: fix CVE-2022-3996 double locking leads to denial of service

From: Vivek Kumbhar Signed-off-by: Vivek Kumbhar --- .../openssl/openssl/CVE-2022-3996.patch | 43 +++ .../openssl/openssl_3.0.7.bb | 1 + 2 files changed, 44 insertions(+) create mode 100644

Re: [OE-core][kirkstone][PATCH] openssl: fix CVE-2022-3996 double locking leads to denial of service

Okay, Sure. Kind Regards, Vivek On Mon, Jan 23, 2023 at 5:37 PM Ross Burton wrote: > Can you also send this for langdale and master? > > Ross > > > On 20 Jan 2023, at 02:56, vkumbhar via lists.openembedded.org mvista@lists.openembedded.org> wrote: > &

[OE-core][kirkstone][PATCH] xorg-x11-server: fix multiple xorg-x11-server bugs.

From: Vivek Kumbhar Fixed Below CVE: CVE-2022-4283 CVE-2022-46340 CVE-2022-46341 CVE-2022-46342 CVE-2022-46343 CVE-2022-46344 Signed-off-by: Vivek Kumbhar --- .../xserver-xorg/CVE-2022-4283.patch | 39 + .../xserver-xorg/CVE-2022-46340.patch | 55

[OE-core][dunfell][PATCH v2] go: fix CVE-2022-1962 go/parser stack exhaustion in all Parse* functions

From: Vivek Kumbhar Signed-off-by: Vivek Kumbhar --- meta/recipes-devtools/go/go-1.14.inc | 1 + .../go/go-1.14/CVE-2022-1962.patch| 357 ++ 2 files changed, 358 insertions(+) create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-1962.patch diff

Re: [OE-core][kirkstone][PATCH] xorg-x11-server: fix multiple xorg-x11-server bugs.

Thanks for the information. Okay, will modify the patch accordingly. -Thanks, Vivek On Mon, Jan 30, 2023 at 11:17 PM Steve Sakoman wrote: > On Wed, Jan 25, 2023 at 1:55 AM vkumbhar wrote: > > > > From: Vivek Kumbhar > > > > Fixed Below CVE: > > CVE-2022-428

Re: [OE-core][langdale][PATCH] openssl: fix CVE-2022-3996 double locking leads to denial of service

Yes, It was intended for the master. Kind regards, Vivek On Mon, 23 Jan 2023 at 10:19 PM, Steve Sakoman wrote: > Hi Vivek, > > You sent two seemingly identical patches for langdale. Was one > perhaps intended for master? > > Steve > > On Mon, Jan 23, 2023 at

[OE-core][langdale][PATCH] openssl: fix CVE-2022-3996 double locking leads to denial of service

From: Vivek Kumbhar Signed-off-by: Vivek Kumbhar --- .../openssl/openssl/CVE-2022-3996.patch | 43 +++ .../openssl/openssl_3.0.7.bb | 1 + 2 files changed, 44 insertions(+) create mode 100644

[OE-core][langdale][PATCH] openssl: fix CVE-2022-3996 double locking leads to denial of service

From: Vivek Kumbhar Signed-off-by: Vivek Kumbhar --- .../openssl/openssl/CVE-2022-3996.patch | 43 +++ .../openssl/openssl_3.0.7.bb | 1 + 2 files changed, 44 insertions(+) create mode 100644

[OE-core][dunfell][PATCH v2] curl: fix CVE-2022-32221 POST following PUT

From: Vivek Kumbhar Upstream-Status: Backport from https://github.com/curl/curl/commit/a64e3e59938abd7d6 Signed-off-by: Vivek Kumbhar --- .../curl/curl/CVE-2022-32221.patch| 29 +++ meta/recipes-support/curl/curl_7.69.1.bb | 1 + 2 files changed, 30

[OE-core][dunfell][PATCH v2] qemu: fix CVE-2021-3638 ati-vga: inconsistent check in ati_2d_blt() may lead to out-of-bounds write

From: Vivek Kumbhar Upstream-Status: Backport from https://lists.nongnu.org/archive/html/qemu-devel/2021-09/msg01682.html Signed-off-by: Vivek Kumbhar --- meta/recipes-devtools/qemu/qemu.inc | 1 + .../qemu/qemu/CVE-2021-3638.patch | 80 +++ 2 files

[OE-core][dunfell][PATCH] curl: fix CVE-2022-32221 POST following PUT confusion

From: Vivek Kumbhar Signed-off-by: Vivek Kumbhar --- .../curl/curl/CVE-2022-32221.patch| 29 +++ meta/recipes-support/curl/curl_7.69.1.bb | 1 + 2 files changed, 30 insertions(+) create mode 100644 meta/recipes-support/curl/curl/CVE-2022-32221.patch diff

[OE-core][dunfell][PATCH] gnutls: fix CVE-2023-0361 timing side-channel in the TLS RSA key exchange code

Remove branching that depends on secret data. since the `ok` variable isn't used any more, we can remove all code used to calculate it Signed-off-by: Vivek Kumbhar --- .../gnutls/gnutls/CVE-2023-0361.patch | 85 +++ meta/recipes-support/gnutls/gnutls_3.6.14.bb | 1 +

[OE-core][kirkstone][PATCH] gnutls: fix CVE-2023-0361 timing side-channel in the TLS RSA key exchange code

Remove branching that depends on secret data. since the `ok` variable isn't used any more, we can remove all code used to calculate it Signed-off-by: Vivek Kumbhar --- .../gnutls/gnutls/CVE-2023-0361.patch | 85 +++ meta/recipes-support/gnutls/gnutls_3.7.4.bb | 1 +

[OE-core][kirkstone][PATCH] harfbuzz: fix CVE-2023-25193 allows attackers to trigger O(n^2) growth via consecutive marks

[layout] Limit how far we skip when looking back Signed-off-by: Vivek Kumbhar --- .../harfbuzz/harfbuzz/CVE-2023-25193.patch| 71 +++ .../harfbuzz/harfbuzz_4.0.1.bb| 4 +- 2 files changed, 74 insertions(+), 1 deletion(-) create mode 100644

[OE-core][master][PATCH] Upgrade bind-9.18.11 -> bind-9.19.9

Fix below security CVEs: CVE-2022-3094 CVE-2022-3736 CVE-2022-3924 Fix serve-stale crash when recursive clients soft quota is reached. (CVE-2022-3924) [GL #3619] Handle RRSIG lookups when serve-stale is active. (CVE-2022-3736) [GL #3622] An UPDATE message flood could cause named to exhaust all

[OE-core][dunfell][PATCH] harfbuzz: fix CVE-2023-25193 allows attackers to trigger O(n^2) growth via consecutive marks

[layout] Limit how far we skip when looking back Signed-off-by: Vivek Kumbhar --- .../harfbuzz/harfbuzz/CVE-2023-25193.patch| 71 +++ .../harfbuzz/harfbuzz_2.6.4.bb| 5 +- 2 files changed, 75 insertions(+), 1 deletion(-) create mode 100644

[OE-core][kirkstone][PATCH] rpm: update 4.17.1 -> 4.18

(From OE-Core rev: 5bef402da334595ed9302b8bca1acdf5e88bfe11) This will fix #CVE-2021-35938 rpm: races with chown/chmod/capabilities calls during installation upstream branch=rpm-4.18: git://github.com/rpm-software-management/rpm Signed-off-by: Vivek Kumbhar ---

Re: [OE-core][kirkstone][PATCH] rpm: update 4.17.1 -> 4.18

Okay Sure, I will backport the fix only instead of upgrading. -Thanks, Vivek On Mon, Feb 27, 2023 at 2:51 PM Alexander Kanavin wrote: > You have to backport the fix I'm afraid. Stable releases do not allow > major upgrades like that. > > Alex > > On Mon, 27 Feb 2023 at 04:2

[OE-core][kirkstone][PATCH v2] rpm: fix CVE-2021-35938 races with chown/chmod/capabilities calls during installation

Set file metadata via fd-based ops for everything but symlinks Regular file ops are fd-based already, for the rest we need to open them manually. Files with temporary suffix must never be followed, for directories (and pre-existing FA_TOUCHed files) use the rpm symlink "root or target owner

Re: [OE-core] [Kirkstone][Patch review] harfbuzz: CVE-2023-25193 doesn't fix the issue and still exhibits O(n^2) behaviour #kirkstone

Yes, will revert that patch and backport the correct one. Thanks vivek On Mon, Mar 6, 2023 at 10:47 AM DC wrote: > The patches submitted to > dunfell -> > https://lists.openembedded.org/g/openembedded-core/message/177768 > Kirkstone -> >

[OE-core][kirkstone][PATCH] bind: Upgrade bind-9.18.11 -> bind-9.19.9

Fix below security CVEs: CVE-2022-3094 CVE-2022-3736 CVE-2022-3924 Fix serve-stale crash when recursive clients soft quota is reached. (CVE-2022-3924) [GL #3619] Handle RRSIG lookups when serve-stale is active. (CVE-2022-3736) [GL #3622] An UPDATE message flood could cause named to exhaust all

[OE-core][kirkstone][PATCH] go: fix CVE-2023-24537 Infinite loop in parsing

Setting a large line or column number using a //line directive can cause integer overflow even in small source files. Limit line and column numbers in //line directives to 2^30-1, which is small enough to avoid int32 overflow on all reasonbly-sized files. Fixes CVE-2023-24537 Fixes #59273 For

Re: [OE-core][kirkstone][PATCH] go: fix CVE-2023-24537 Infinite loop in parsing

force-patch-refresh go-cross-core2-64 > > Don't forget to review changes done by devtool! > > WARNING: go-cross-core2-64-1.17.13-r0 do_patch: QA Issue: Patch log > indicates that patches do not apply cleanly. [patch-fuzz] > > Steve > > On Wed, Apr 19, 2023 at 11:31 PM vk

[OE-core][kirkstone][PATCH v2] go: fix CVE-2023-24537 Infinite loop in parsing

Setting a large line or column number using a //line directive can cause integer overflow even in small source files. Limit line and column numbers in //line directives to 2^30-1, which is small enough to avoid int32 overflow on all reasonbly-sized files. Fixes CVE-2023-24537 Fixes #59273 For

[OE-core][dunfell][PATCH] go: fix CVE-2023-24537 Infinite loop in parsing

Setting a large line or column number using a //line directive can cause integer overflow even in small source files. Limit line and column numbers in //line directives to 2^30-1, which is small enough to avoid int32 overflow on all reasonbly-sized files. Fixes CVE-2023-24537 Fixes #59273 For

[OE-core][kirkstone][PATCH] go: fix CVE-2023-24534 denial of service from excessive memory allocation

From: Vivek Kumbhar A parsed MIME header is a map[string][]string. In the common case, a header contains many one-element []string slices. To avoid allocating a separate slice for each key, ReadMIMEHeader looks ahead in the input to predict the number of keys that will be parsed, and allocates a

[OE-core][kirkstone][PATCH] freetype: fix CVE-2023-2004 integer overflowin in tt_hvadvance_adjust() in src/truetype/ttgxvar.c

From: Vivek Kumbhar Fix An integer overflow vulnerability was discovered in Freetype in tt_hvadvance_adjust() function in src/truetype/ttgxvar.c Signed-off-by: Vivek Kumbhar --- .../freetype/freetype/CVE-2023-2004.patch | 41 +++ .../freetype/freetype_2.11.1.bb

Re: [OE-core] [kirkstone][PATCH v2] rpm: fix CVE-2021-35938 races with chown/chmod/capabilities calls during installation

Hi Steve, Any update on this patch? Kind Regards, Vivek -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#180117): https://lists.openembedded.org/g/openembedded-core/message/180117 Mute This Topic: https://lists.openembedded.org/mt/97334710/21656

Re: [OE-core][kirkstone][PATCH] xorg-x11-server: fix multiple xorg-x11-server bugs.

No changes required, As all the fixes available in this version. -Thanks, Vivek On Mon, Jan 30, 2023 at 11:17 PM Steve Sakoman wrote: > On Wed, Jan 25, 2023 at 1:55 AM vkumbhar wrote: > > > > From: Vivek Kumbhar > > > > Fixed Below CVE: > > CVE-2022-4283 >

[OE-core][dunfell][PATCH] qemu: fix CVE-2021-3929 nvme DMA reentrancy issue leads to use-after-free

From: Vivek Kumbhar Signed-off-by: Vivek Kumbhar --- meta/recipes-devtools/qemu/qemu.inc | 1 + .../qemu/qemu/CVE-2021-3929.patch | 78 +++ 2 files changed, 79 insertions(+) create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3929.patch diff

[OE-core][dunfell][PATCH] go: fix CVE-2023-24534 denial of service from excessive memory allocation

From: Vivek Kumbhar A parsed MIME header is a map[string][]string. In the common case, a header contains many one-element []string slices. To avoid allocating a separate slice for each key, ReadMIMEHeader looks ahead in the input to predict the number of keys that will be parsed, and allocates a

[OE-core] [PATCH] python3: fix CVE-2023-24329 urllib.parse url blocklisting bypass

Signed-off-by: Vivek Kumbhar --- .../python/python3/CVE-2023-24329.patch | 81 +++ .../recipes-devtools/python/python3_3.8.14.bb | 1 + 2 files changed, 82 insertions(+) create mode 100644 meta/recipes-devtools/python/python3/CVE-2023-24329.patch diff --git

Re: [OE-core][dunfell][PATCH v2] curl: fix CVE-2023-28320 siglongjmp race condition may lead to crash

e/commit/?h=kirkstone=c761d822be5ffc4a88600fbd7282c469b1e9902a > > However it seems from your work that a follow on patch is also > necessary to fix this issue completely. > > Could you submit a v3 that takes into account the above commit? > > Thanks, > > Steve > > On Wed, Jul 12, 2023 at 12

[OE-core][dunfell][PATCH] python3: fix CVE-2023-24329 urllib.parse url blocklisting bypass

Signed-off-by: Vivek Kumbhar --- .../python/python3/CVE-2023-24329.patch | 80 +++ .../recipes-devtools/python/python3_3.8.17.bb | 1 + 2 files changed, 81 insertions(+) create mode 100644 meta/recipes-devtools/python/python3/CVE-2023-24329.patch diff --git

Re: [OE-core][dunfell][PATCH v2] curl: fix CVE-2023-28320 siglongjmp race condition may lead to crash

Thanks, > > Steve > > On Wed, Jul 12, 2023 at 12:17 AM vkumbhar wrote: > > > > Introduced by: > https://github.com/curl/curl/commit/3c49b405de4fbf1fd7127f91908261268640e54f > (curl-7_9_8) > > Fixed by: > https://github.com/curl/curl/commit/13718030ad4b3209a758

[OE-core] [meta-oe][kirkstone][PATCH v3] curl: Added CVE-2023-28320 Follow-up patch

Introduced by: https://github.com/curl/curl/commit/3c49b405de4fbf1fd7127f91908261268640e54f (curl-7_9_8) Fixed by: https://github.com/curl/curl/commit/13718030ad4b3209a7583b4f27f683cd3a6fa5f2 (curl-8_1_0) Follow-up: https://github.com/curl/curl/commit/f446258f0269a62289cca0210157cb8558d0edc3

Re: [OE-core] [PATCH] python3: fix CVE-2023-24329 urllib.parse url blocklisting bypass

This is for dunfell-nut branch. Kind regards, Vivek On Tue, Jul 11, 2023 at 4:14 PM Ross Burton wrote: > What branch is this for? It doesn’t apply to master, I’m guessing > kirkstone? Is the same fix needed for other branches? > > Ross > > > On 11 Jul 2023, a

[OE-core][dunfell][PATCH] curl: fix CVE-2023-28320 siglongjmp race condition may lead to crash

Introduced by: https://github.com/curl/curl/commit/3c49b405de4fbf1fd7127f91908261268640e54f (curl-7_9_8) Fixed by: https://github.com/curl/curl/commit/13718030ad4b3209a7583b4f27f683cd3a6fa5f2 (curl-8_1_0) Follow-up: https://github.com/curl/curl/commit/f446258f0269a62289cca0210157cb8558d0edc3

[OE-core][kirkstone][PATCH] cups: fix CVE-2023-34241 use-after-free in cupsdAcceptClient() in scheduler/client.c

Signed-off-by: Vivek Kumbhar --- meta/recipes-extended/cups/cups.inc | 1 + .../cups/cups/CVE-2023-34241.patch| 68 +++ 2 files changed, 69 insertions(+) create mode 100644 meta/recipes-extended/cups/cups/CVE-2023-34241.patch diff --git

Re: [OE-core][dunfell][PATCH] curl: fix CVE-2023-28320 siglongjmp race condition may lead to crash

As it is a followup patch I have added it as fol1. If you want this as pre1, I will send v2 again. Kind regards, Vivek On Mon, Jul 10, 2023 at 8:01 PM Steve Sakoman wrote: > On Sun, Jul 9, 2023 at 7:28 PM vkumbhar wrote: > > > > Introduced by: > https://github.co

Re: [OE-core][dunfell][PATCH] curl: fix CVE-2023-28320 siglongjmp race condition may lead to crash

dd it > to SRC_URI. > > Make sense? > > Steve > > > On Mon, Jul 10, 2023 at 8:01 PM Steve Sakoman wrote: > >> > >> On Sun, Jul 9, 2023 at 7:28 PM vkumbhar wrote: > >> > > >> > Introduced by: > https://github.com/curl/curl/com

[OE-core][kirkstone][PATCH v2] curl: fix CVE-2023-28320 siglongjmp race condition may lead to crash

Introduced by: https://github.com/curl/curl/commit/3c49b405de4fbf1fd7127f91908261268640e54f (curl-7_9_8) Fixed by: https://github.com/curl/curl/commit/13718030ad4b3209a7583b4f27f683cd3a6fa5f2 (curl-8_1_0) Follow-up: https://github.com/curl/curl/commit/f446258f0269a62289cca0210157cb8558d0edc3

[OE-core][dunfell][PATCH v2] curl: fix CVE-2023-28320 siglongjmp race condition may lead to crash

Introduced by: https://github.com/curl/curl/commit/3c49b405de4fbf1fd7127f91908261268640e54f (curl-7_9_8) Fixed by: https://github.com/curl/curl/commit/13718030ad4b3209a7583b4f27f683cd3a6fa5f2 (curl-8_1_0) Follow-up: https://github.com/curl/curl/commit/f446258f0269a62289cca0210157cb8558d0edc3

[OE-core][kirkstone-nut][PATCH] go: fix CVE-2023-24539 html/template improper sanitization of CSS values

Angle brackets should not appear in CSS contexts, as they may affect token boundaries (such as closing a

[OE-core][kirkstone][PATCH] go: fix CVE-2023-29406 net/http insufficient sanitization of Host header

Signed-off-by: Vivek Kumbhar --- meta/recipes-devtools/go/go-1.17.13.inc | 1 + .../go/go-1.18/CVE-2023-29406.patch | 210 ++ 2 files changed, 211 insertions(+) create mode 100644 meta/recipes-devtools/go/go-1.18/CVE-2023-29406.patch diff --git

[OE-core][dunfell][PATCH] go: fix CVE-2023-29406 net/http: insufficient sanitization of Host header

Signed-off-by: Vivek Kumbhar --- meta/recipes-devtools/go/go-1.14.inc | 1 + .../go/go-1.14/CVE-2023-29406.patch | 212 ++ 2 files changed, 213 insertions(+) create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-29406.patch diff --git

[OE-core][kirkstone][PATCH] qemu: fix CVE-2023-3354 VNC: improper I/O watch removal in TLS handshake can lead to remote unauthenticated denial of service

Signed-off-by: Vivek Kumbhar --- meta/recipes-devtools/qemu/qemu.inc | 1 + .../qemu/qemu/CVE-2023-3354.patch | 87 +++ 2 files changed, 88 insertions(+) create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-3354.patch diff --git

[OE-core][dunfell][PATCH] qemu:fix CVE-2023-3354 VNC: improper I/O watch removal in TLS handshake can lead to remote unauthenticated denial of service

Signed-off-by: Vivek Kumbhar --- meta/recipes-devtools/qemu/qemu.inc | 1 + .../qemu/qemu/CVE-2023-3354.patch | 87 +++ 2 files changed, 88 insertions(+) create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-3354.patch diff --git

[OE-core][kirkstone][PATCH] libcap: CVE-2023-2603 Integer Overflow in _libcap_strdup()

Signed-off-by: Vivek Kumbhar --- .../libcap/files/CVE-2023-2603.patch | 31 +++ meta/recipes-support/libcap/libcap_2.66.bb| 1 + 2 files changed, 32 insertions(+) create mode 100644 meta/recipes-support/libcap/files/CVE-2023-2603.patch diff --git

Re: [OE-core][kirkstone][PATCH] libcap: CVE-2023-2603 Integer Overflow in _libcap_strdup()

; > https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=422bec25ae4a1ab03fd4d6f728695ed279173b18 > -- > *From:* openembedded-core@lists.openembedded.org < > openembedded-core@lists.openembedded.org> on behalf of vkumbhar via > lists.openembedded

[OE-core][kirkstone][PATCH v2] libcap: fix CVE-2023-2603 Integer Overflow in _libcap_strdup()

Signed-off-by: Vivek Kumbhar --- .../libcap/files/CVE-2023-2603.patch | 60 +++ meta/recipes-support/libcap/libcap_2.66.bb| 1 + 2 files changed, 61 insertions(+) create mode 100644 meta/recipes-support/libcap/files/CVE-2023-2603.patch diff --git

[OE-core][kirkstone][PATCH v3] libcap: fix CVE-2023-2603 Integer Overflow in _libcap_strdup()

Signed-off-by: Vivek Kumbhar --- .../libcap/files/CVE-2023-2603.patch | 60 +++ meta/recipes-support/libcap/libcap_2.66.bb| 1 + 2 files changed, 61 insertions(+) create mode 100644 meta/recipes-support/libcap/files/CVE-2023-2603.patch diff --git

[OE-core][kirkstone][PATCH] go: fix CVE-2023-29400 html/template improper handling of empty HTML attributes

Signed-off-by: Vivek Kumbhar --- meta/recipes-devtools/go/go-1.17.13.inc | 1 + .../go/go-1.18/CVE-2023-29400.patch | 99 +++ 2 files changed, 100 insertions(+) create mode 100644 meta/recipes-devtools/go/go-1.18/CVE-2023-29400.patch diff --git

[OE-core][dunfell][PATCH] freetype: fix CVE-2023-2004 integer overflowin in tt_hvadvance_adjust() in src/truetype/ttgxvar.c

Fix An integer overflow vulnerability was discovered in Freetype in tt_hvadvance_adjust() function in src/truetype/ttgxvar.c Signed-off-by: Vivek Kumbhar --- .../freetype/freetype/CVE-2023-2004.patch | 40 +++ .../freetype/freetype_2.10.1.bb | 1 + 2 files

[OE-core][dunfell][PATCH] libsndfile: fix CVE-2021-4156 heap out-of-bounds read in src/flac.c in flac_buffer_copy

Upstream-Status: Backport from https://github.com/libsndfile/libsndfile/commit/ced91d7b971be6173b604154c39279ce90ad87cc Signed-off-by: Vivek Kumbhar --- .../libsndfile1/CVE-2021-4156.patch | 30 +++ .../libsndfile/libsndfile1_1.0.28.bb | 1 + 2 files

[OE-core][kirkstone][PATCH] libsndfile: fix CVE-2022-33065 Signed integer overflow in src/mat4.c

Signed-off-by: Vivek Kumbhar --- .../libsndfile1/CVE-2022-33065.patch | 46 +++ .../libsndfile/libsndfile1_1.0.31.bb | 1 + 2 files changed, 47 insertions(+) create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065.patch diff --git

[OE-core][dunfell][PATCH] libsndfile: fix CVE-2022-33065 Signed integer overflow in src/mat4.c

Signed-off-by: Vivek Kumbhar --- .../libsndfile1/CVE-2022-33065.patch | 46 +++ .../libsndfile/libsndfile1_1.0.28.bb | 3 +- 2 files changed, 48 insertions(+), 1 deletion(-) create mode 100644

[OE-core][kirkstone][PATCH] openssl: fix CVE-2023-5678 Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow

Signed-off-by: Vivek Kumbhar --- .../openssl/openssl/CVE-2023-5678.patch | 180 ++ .../openssl/openssl_3.0.12.bb | 1 + 2 files changed, 181 insertions(+) create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2023-5678.patch diff --git