When building nfs-utils with gss and svcgss if the Host OS has krb5
development package build works, but it looks like a host pollution.
Signed-off-by: Stefan Ghinea
---
...with-enable-gss-enable-svcgss-option.patch | 52 +++
.../nfs-utils/nfs-utils_2.5.3.bb | 5
nfs-utils with gss and svcgss has libtirpc configured with gssapi option
as a dependency.
Signed-off-by: Stefan Ghinea
---
meta/recipes-extended/libtirpc/libtirpc_1.3.1.bb | 6 +-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/meta/recipes-extended/libtirpc/libtirpc_1.3.1.bb
Bintray service has been discontinued causing boost do_fetch to fail:
WARNING: boost-1.76.0-r0 do_fetch: Failed to fetch URL
https://dl.bintray.com/boostorg/release/1.76.0/source/boost_1_76_0.tar.bz2,
attempting MIRRORS if available
Signed-off-by: Stefan Ghinea
---
meta/recipes-support/boost
/7aaf54a1884f71dc363f0b884e57bcb67407a6cd
Signed-off-by: Stefan Ghinea
---
.../xserver-xorg/CVE-2021-3472.patch | 43 +++
.../xorg-xserver/xserver-xorg_1.20.10.bb | 1 +
2 files changed, 44 insertions(+)
create mode 100644
meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021
h2/libssh2/commit/1f76151c92e1b52e9c24ebf06adc77fbd6c062bc
Signed-off-by: Stefan Ghinea
---
...EC-macro-outside-of-if-check-549-550.patch | 112 ++
meta/recipes-support/libssh2/libssh2_1.9.0.bb | 1 +
2 files changed, 113 insertions(+)
create mode 100644
meta/recipes-support/lib
=a0541334a6394f8237a4393b7372693cd7e96f15
Signed-off-by: Stefan Ghinea
---
.../wpa-supplicant/CVE-2021-30004.patch | 123 ++
.../wpa-supplicant/wpa-supplicant_2.9.bb | 1 +
2 files changed, 124 insertions(+)
create mode 100644
meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2021-30004
WARNING: quagga-1.2.4-r0 do_fetch: Failed to fetch URL
https://download.savannah.gnu.org/releases/quagga/quagga-1.2.4.tar.gz;,
attempting MIRRORS if available
Signed-off-by: Stefan Ghinea
---
meta-networking/recipes-protocols/quagga/quagga.inc | 2 +-
1 file changed, 1 insertion(+), 1 deletion
://nvd.nist.gov/vuln/detail/CVE-2021-27803
Upstream patches:
https://w1.fi/cgit/hostap/commit/?id=8460e3230988ef2ec13ce6b69b687e941f6cdb32
Signed-off-by: Stefan Ghinea
---
.../hostapd/hostapd/CVE-2021-27803.patch | 58 +++
.../hostapd/hostapd_2.9.bb| 1 +
2
://nvd.nist.gov/vuln/detail/CVE-2021-27803
Upstream patches:
https://w1.fi/cgit/hostap/commit/?id=8460e3230988ef2ec13ce6b69b687e941f6cdb32
Signed-off-by: Stefan Ghinea
---
.../wpa-supplicant/CVE-2021-27803.patch | 58 +++
.../wpa-supplicant/wpa-supplicant_2.9.bb | 1 +
2
A buffer (read) overflow in the ippReadIO function.
References:
https://nvd.nist.gov/vuln/detail/CVE-2020-10001
Upstream patches:
https://github.com/OpenPrinting/cups/commit/efbea1742bd30f842fbbfb87a473e5c84f4162f9
Signed-off-by: Stefan Ghinea
---
meta/recipes-extended/cups/cups.inc
for exploitation.Product: AndroidVersions: Android-10 Android-11
Android-8.1 Android-9 Android ID: A-172937525
References:
https://nvd.nist.gov/vuln/detail/CVE-2021-0326
Upstream patches:
https://w1.fi/cgit/hostap/commit/?id=947272febe24a8f0ea828b5b2f35f13c3821901e
Signed-off-by: Stefan Ghinea
---
.../hostapd
for exploitation.Product: AndroidVersions: Android-10 Android-11
Android-8.1 Android-9 Android ID: A-172937525
References:
https://nvd.nist.gov/vuln/detail/CVE-2021-0326
Upstream patches:
https://w1.fi/cgit/hostap/commit/?id=947272febe24a8f0ea828b5b2f35f13c3821901e
Signed-off-by: Stefan Ghinea
---
.../wpa
://nvd.nist.gov/vuln/detail/CVE-2021-3281
Upstream patches:
https://github.com/django/django/commit/21e7622dec1f8612c85c2fc37fe8efbfd3311e37
https://github.com/django/django/commit/02e6592835b4559909aa3aaaf67988fef435f624
Signed-off-by: Stefan Ghinea
---
.../python3-django-2.2.16/CVE-2021-3281.patch | 138
/c7ede54cbd2e2b25385325600958ba0124e31cc0
Signed-off-by: Stefan Ghinea
---
meta/recipes-devtools/qemu/qemu.inc | 1 +
.../qemu/qemu/CVE-2020-10756.patch| 40 +++
2 files changed, 41 insertions(+)
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-10756.patch
Enache
Signed-off-by: Stefan Ghinea
---
meta/recipes-multimedia/pulseaudio/pulseaudio.inc | 8
1 file changed, 8 insertions(+)
diff --git a/meta/recipes-multimedia/pulseaudio/pulseaudio.inc
b/meta/recipes-multimedia/pulseaudio/pulseaudio.inc
index 4e32b27087..c7f3e67022 100644
Upstream patches:
https://github.com/GNUAspell/aspell/commit/de29341638833ba7717bd6b5e6850998454b044b
https://github.com/GNUAspell/aspell/commit/cefd447e5528b08bb0cd6656bc52b4255692cefc
Signed-off-by: Stefan Ghinea
---
.../aspell/aspell/CVE-2019-20433-0001.patch | 999
escalate privileges within the Ghostscript
and access files outside of restricted areas or execute commands.
References:
https://nvd.nist.gov/vuln/detail/CVE-2019-14869
Upstream patches:
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=485904
Signed-off-by: Stefan Ghinea
=885444fcbe10dc42787ecb76686c8ee4dd33bf33
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=cd1b1cacadac2479e291efe611979bdc1b3bdb19
Signed-off-by: Stefan Ghinea
---
.../ghostscript/CVE-2019-14811-0001.patch | 68 +
.../ghostscript/CVE-2019-14817-0001.patch | 270
;a=commitdiff;h=885444fcbe10dc42787ecb76686c8ee4dd33bf33
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=cd1b1cacadac2479e291efe611979bdc1b3bdb19
Signed-off-by: Stefan Ghinea
---
.../ghostscript/CVE-2019-14811-0001.patch | 68 +
.../ghostscript/CVE-2019-14817-0001.patch
19 matches
Mail list logo
