[OE-core] OE-core CVE metrics for nanbield on Sun 28 Apr 2024 04:00:01 AM HST
Branch: nanbield New this week: 1 CVEs CVE-2024-26592 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26592 * Removed this week: 0 CVEs Full list: Found 155 unpatched CVEs CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 * CVE-2021-3714 (CVSS3: 5.9 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3714 * CVE-2021-3864 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3864 * CVE-2022-0400 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0400 * CVE-2022-1247 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1247 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-36402 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36402 * CVE-2022-38096 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38096 * CVE-2022-4543 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4543 * CVE-2022-46456 (CVSS3: 6.1 MEDIUM): nasm:nasm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46456 * CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * CVE-2023-3019 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3019 * CVE-2023-3397 (CVSS3: 6.3 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3397 * CVE-2023-3640 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3640 * CVE-2023-39189 (CVSS3: 6.0 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39189 * CVE-2023-39192 (CVSS3: 6.0 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39192 * CVE-2023-39193 (CVSS3: 6.0 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39193 * CVE-2023-39928 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39928 * CVE-2023-4001 (CVSS3: 6.8 MEDIUM): grub:grub-efi:grub-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4001 * CVE-2023-4010 (CVSS3: 4.6 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4010 * CVE-2023-42363 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42363 * CVE-2023-42364 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42364 * CVE-2023-42365 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42365 * CVE-2023-42366 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42366 * CVE-2023-42753 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42753 * CVE-2023-42754 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42754 * CVE-2023-42756 (CVSS3: 4.7 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42756 * CVE-2023-4623 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4623 * CVE-2023-46407 (CVSS3: 5.5 MEDIUM): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-46407 * CVE-2023-46838 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-46838 * CVE-2023-47470 (CVSS3: 7.8 HIGH): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-47470 * CVE-2023-48795 (CVSS3: 5.9 MEDIUM): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48795 * CVE-2023-4921 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4921 * CVE-2023-49292 (CVSS3: 4.8 MEDIUM): go:go-binary-native:go-cross-core2-64:go-runtime https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-49292 * CVE-2023-50431 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-50431 * CVE-2023-5088 (CVSS3: 7.0 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5088 * CVE-2023-51384 (CVSS3: 5.5 MEDIUM): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51384 * CVE-2023-51385 (CVSS3: 6.5 MEDIUM): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51385 * CVE-2023-51767 (CVSS3: 7.0 HIGH): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51767 * CVE-2023-5178 (CVSS3: 9.8 CRITICAL): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5178 * CVE-2023-51780 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51780 * CVE-2023-51781 (CVSS3: 7.0 HIGH):
[OE-core] OE-core CVE metrics for kirkstone on Sun 28 Apr 2024 03:00:01 AM HST
Branch: kirkstone New this week: 0 CVEs Removed this week: 1 CVEs CVE-2023-48795 (CVSS3: 5.9 MEDIUM): libssh2:libssh2-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48795 * Full list: Found 33 unpatched CVEs CVE-2021-35937 (CVSS3: 6.4 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35937 * CVE-2021-35938 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35938 * CVE-2021-35939 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35939 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-3515 (CVSS3: 9.8 CRITICAL): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3515 * CVE-2022-36648 (CVSS3: 10.0 CRITICAL): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36648 * CVE-2022-3872 (CVSS3: 8.6 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3872 * CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * CVE-2023-24532 (CVSS3: 5.3 MEDIUM): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24532 * CVE-2023-27043 (CVSS3: 5.3 MEDIUM): python3:python3-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27043 * CVE-2023-2731 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2731 * CVE-2023-28198 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-28198 * CVE-2023-29403 (CVSS3: 7.8 HIGH): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29403 * CVE-2023-3019 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3019 * CVE-2023-3164 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3164 * CVE-2023-32370 (CVSS3: 5.3 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-32370 * CVE-2023-37769 (CVSS3: 6.5 MEDIUM): pixman:pixman-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37769 * CVE-2023-39323 (CVSS3: 8.1 HIGH): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39323 * CVE-2023-4001 (CVSS3: 6.8 MEDIUM): grub:grub-efi:grub-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4001 * CVE-2023-40397 (CVSS3: 9.8 CRITICAL): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40397 * CVE-2023-44487 (CVSS3: 7.5 HIGH): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-44487 * CVE-2023-46407 (CVSS3: 5.5 MEDIUM): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-46407 * CVE-2023-47470 (CVSS3: 7.8 HIGH): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-47470 * CVE-2023-49292 (CVSS3: 4.8 MEDIUM): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-49292 * CVE-2023-52355 (CVSS3: 7.5 HIGH): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52355 * CVE-2023-52425 (CVSS3: 7.5 HIGH): expat:expat-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52425 * CVE-2023-5380 (CVSS3: 4.7 MEDIUM): xwayland https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5380 * CVE-2023-5574 (CVSS3: 7.0 HIGH): xserver-xorg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5574 * CVE-2023-7216 (CVSS3: 5.3 MEDIUM): cpio https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-7216 * CVE-2024-1048 (CVSS3: 3.3 LOW): grub:grub-efi:grub-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-1048 * CVE-2024-22860 (CVSS3: 9.8 CRITICAL): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-22860 * CVE-2024-22861 (CVSS3: 7.5 HIGH): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-22861 * CVE-2024-22862 (CVSS3: 9.8 CRITICAL): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-22862 * Summary of CVE counts by recipe: ffmpeg: 5 go: 5 qemu:qemu-native:qemu-system-native: 4 rpm:rpm-native: 3 tiff: 3 webkitgtk: 3 gnupg:gnupg-native: 2 grub:grub-efi:grub-native: 2 cpio: 1 expat:expat-native: 1 pixman:pixman-native: 1 python3:python3-native: 1 xserver-xorg: 1 xwayland: 1 For further information see: https://autobuilder.yocto.io/pub/non-release/patchmetrics/ -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198729): https://lists.openembedded.org/g/openembedded-core/message/198729 Mute This Topic: https://lists.openembedded.org/mt/105782382/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] OE-core CVE metrics for dunfell on Sun 28 Apr 2024 02:00:01 AM HST
Branch: dunfell New this week: 0 CVEs Removed this week: 1 CVEs CVE-2023-6683 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6683 * Full list: Found 105 unpatched CVEs CVE-2020-15705 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15705 * CVE-2020-25742 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25742 * CVE-2020-25743 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25743 * CVE-2020-27918 (CVSS3: 7.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27918 * CVE-2020-29623 (CVSS3: 3.3 LOW): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29623 * CVE-2020-35503 (CVSS3: 6.0 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35503 * CVE-2020-35506 (CVSS3: 6.7 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35506 * CVE-2020-9948 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9948 * CVE-2020-9951 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9951 * CVE-2020-9952 (CVSS3: 7.1 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9952 * CVE-2021-1765 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1765 * CVE-2021-1789 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1789 * CVE-2021-1799 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1799 * CVE-2021-1801 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1801 * CVE-2021-1870 (CVSS3: 9.8 CRITICAL): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1870 * CVE-2021-27097 (CVSS3: 7.8 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27097 * CVE-2021-27138 (CVSS3: 7.8 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27138 * CVE-2021-31879 (CVSS3: 6.1 MEDIUM): wget https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31879 * CVE-2021-3418 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3418 * CVE-2021-3445 (CVSS3: 7.5 HIGH): libdnf https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3445 * CVE-2021-35937 (CVSS3: 6.4 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35937 * CVE-2021-35938 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35938 * CVE-2021-35939 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35939 * CVE-2021-3611 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3611 * CVE-2021-42762 (CVSS3: 5.3 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42762 * CVE-2021-45085 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45085 * CVE-2021-45086 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45086 * CVE-2021-45087 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45087 * CVE-2021-45088 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45088 * CVE-2021-45481 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45481 * CVE-2021-45482 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45482 * CVE-2021-45483 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45483 * CVE-2022-0358 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0358 * CVE-2022-2294 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2294 * CVE-2022-2347 (CVSS3: 7.1 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2347 * CVE-2022-23773 (CVSS3: 7.5 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23773 * CVE-2022-24765 (CVSS3: 7.8 HIGH): git https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24765 * CVE-2022-2953 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2953 * CVE-2022-2962 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2962 * CVE-2022-30293 (CVSS3: 7.5 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30293 * CVE-2022-30767 (CVSS3: 9.8 CRITICAL): u-boot
[OE-core] OE-core CVE metrics for master on Sun 28 Apr 2024 01:00:01 AM HST
Branch: master New this week: 0 CVEs Removed this week: 0 CVEs Full list: Found 38 unpatched CVEs CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 * CVE-2021-3714 (CVSS3: 5.9 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3714 * CVE-2021-3864 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3864 * CVE-2022-0400 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0400 * CVE-2022-1247 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1247 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-38096 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38096 * CVE-2022-4543 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4543 * CVE-2022-46456 (CVSS3: 6.1 MEDIUM): nasm:nasm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46456 * CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * CVE-2023-3397 (CVSS3: 6.3 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3397 * CVE-2023-3640 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3640 * CVE-2023-4010 (CVSS3: 4.6 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4010 * CVE-2023-42363 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42363 * CVE-2023-42364 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42364 * CVE-2023-42365 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42365 * CVE-2023-42366 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42366 * CVE-2023-51767 (CVSS3: 7.0 HIGH): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51767 * CVE-2023-6238 (CVSS3: 6.7 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6238 * CVE-2023-6240 (CVSS3: 6.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6240 * CVE-2023-6270 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6270 * CVE-2023-6356 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6356 * CVE-2023-6535 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6535 * CVE-2023-6536 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6536 * CVE-2023-7042 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-7042 * CVE-2023-7216 (CVSS3: 5.3 MEDIUM): cpio https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-7216 * CVE-2024-0841 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-0841 * CVE-2024-21803 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-21803 * CVE-2024-23307 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-23307 * CVE-2024-23848 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-23848 * CVE-2024-24857 (CVSS3: 6.8 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24857 * CVE-2024-24858 (CVSS3: 5.3 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24858 * CVE-2024-24859 (CVSS3: 4.8 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24859 * CVE-2024-24861 (CVSS3: 6.3 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24861 * CVE-2024-24864 (CVSS3: 4.7 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24864 * CVE-2024-25739 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-25739 * CVE-2024-25740 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-25740 * CVE-2024-26596 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26596 * Summary of CVE counts by recipe: linux-yocto: 29 busybox: 4 cpio: 1 gnupg:gnupg-native: 1 nasm:nasm-native: 1 openssh: 1 qemu:qemu-native:qemu-system-native: 1 For further information see: https://autobuilder.yocto.io/pub/non-release/patchmetrics/ -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198727): https://lists.openembedded.org/g/openembedded-core/message/198727 Mute This Topic: https://lists.openembedded.org/mt/105781100/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe:
Re: [OE-core][kirkstone][PATCH] rpm: Backport fix CVE-2021-35939
This patch caused multiple build failures both locally and on the autobuilder. Here is a link to the autobuilder run: https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6845 Sample error log: https://errors.yoctoproject.org/Errors/Details/763370/ Steve On Tue, Apr 23, 2024 at 9:30 AM Vivek Kumbhar via lists.openembedded.org wrote: > > Upstream-Status: Backport > https://github.com/rpm-software-management/rpm/commit/96ec957e281220f8e137a2d5eb23b83a6377d556 > > https://github.com/rpm-software-management/rpm/commit/fb13f7fd9eff012cb7b9dbf94ac5381c69404055 > > Signed-off-by: Vivek Kumbhar > --- > .../rpm/files/CVE-2021-35939.patch| 378 ++ > meta/recipes-devtools/rpm/rpm_4.17.1.bb | 1 + > 2 files changed, 379 insertions(+) > create mode 100644 meta/recipes-devtools/rpm/files/CVE-2021-35939.patch > > diff --git a/meta/recipes-devtools/rpm/files/CVE-2021-35939.patch > b/meta/recipes-devtools/rpm/files/CVE-2021-35939.patch > new file mode 100644 > index 00..b60cc0e5ce > --- /dev/null > +++ b/meta/recipes-devtools/rpm/files/CVE-2021-35939.patch > @@ -0,0 +1,378 @@ > +From 96ec957e281220f8e137a2d5eb23b83a6377d556 Mon Sep 17 00:00:00 2001 > +From: Panu Matilainen > +Date: Thu, 10 Feb 2022 14:32:43 +0200 > +Subject: [PATCH] Validate intermediate symlinks during installation, > + CVE-2021-35939 > + > +Whenever directory changes during unpacking, walk the entire tree from > +starting from / and validate any symlinks crossed, fail the install > +on invalid links. > + > +This is the first of step of many towards securing our file operations > +against local tamperers and besides plugging that one CVE, paves the way > +for the next step by adding the necessary directory fd tracking. > +This also bumps the rpm OS requirements to a whole new level by requiring > +the *at() family of calls from POSIX-1.2008. > + > +This necessarily does a whole lot of huffing and puffing we previously > +did not do. It should be possible to cache secure (ie root-owned) > +directory structures to avoid validating everything a million times > +but for now, just keeping things simple. > + > +Upstream-Status: Backport > [https://github.com/rpm-software-management/rpm/commit/96ec957e281220f8e137a2d5eb23b83a6377d556] > +CVE: CVE-2021-35939 > +Signed-off-by: Vivek Kumbhar > +--- > + INSTALL | 2 + > + configure.ac | 3 +- > + lib/fsm.c| 144 +-- > + lib/rpmfi.c | 27 +++- > + lib/rpmfi_internal.h | 17 + > + 5 files changed, 183 insertions(+), 10 deletions(-) > + > +diff --git a/INSTALL b/INSTALL > +index 358e5ae0d..9a9c7b0d0 100644 > +--- a/INSTALL > b/INSTALL > +@@ -103,6 +103,8 @@ option to configure). For GCC, OpenMP 4.5 is fully > supported since GCC 6.1, > + which is available from > + http://www.gnu.org/ > + > ++Rpm requires a POSIX.1-2008 level operating system. > ++ > + To compile RPM: > + -- > + > +diff --git a/configure.ac b/configure.ac > +index 78c555f90..4ddacdfe2 100644 > +--- a/configure.ac > b/configure.ac > +@@ -570,7 +570,8 @@ AC_CHECK_FUNCS([secure_getenv __secure_getenv]) > + > + AC_CHECK_FUNCS( > +[mkstemp getcwd basename dirname realpath setenv unsetenv regcomp lchown > \ > +-utimes getline localtime_r statvfs getaddrinfo ], > ++utimes getline localtime_r statvfs getaddrinfo \ > ++openat mkdirat fstatat ], > +[], [AC_MSG_ERROR([function required by rpm])]) > + > + AC_LIBOBJ(fnmatch) > +diff --git a/lib/fsm.c b/lib/fsm.c > +index 935a0a5c6..0b29284e8 100644 > +--- a/lib/fsm.c > b/lib/fsm.c > +@@ -8,6 +8,7 @@ > + #include > + #include > + #include > ++#include > + #if WITH_CAP > + #include > + #endif > +@@ -20,6 +21,7 @@ > + #include "rpmio/rpmio_internal.h" /* fdInit/FiniDigest */ > + #include "lib/fsm.h" > + #include "lib/rpmte_internal.h" /* XXX rpmfs */ > ++#include "lib/rpmfi_internal.h" /* rpmfiSetOnChdir */ > + #include "lib/rpmplugins.h" /* rpm plugins hooks */ > + #include "lib/rpmug.h" > + > +@@ -406,17 +408,118 @@ static int fsmRmdir(const char *path) > + return rc; > + } > + > +-static int fsmMkdir(const char *path, mode_t mode) > ++static int fsmMkdir(int dirfd, const char *path, mode_t mode) > + { > +-int rc = mkdir(path, (mode & 0)); > ++int rc = mkdirat(dirfd, path, (mode & 0)); > + if (_fsm_debug) > +- rpmlog(RPMLOG_DEBUG, " %8s (%s, 0%04o) %s\n", __func__, > +- path, (unsigned)(mode & 0), > ++ rpmlog(RPMLOG_DEBUG, " %8s (%d %s, 0%04o) %s\n", __func__, > ++ dirfd, path, (unsigned)(mode & 0), > + (rc < 0 ? strerror(errno) : "")); > + if (rc < 0) rc = RPMERR_MKDIR_FAILED; > + return rc; > + } > + > ++static int fsmOpenat(int dirfd, const char *path, int flags) > ++{ > ++struct stat lsb, sb; > ++int sflags = flags | O_NOFOLLOW; > ++int fd =
Re: [OE-core][kirkstone][PATCH] libssh2: backport fix for CVE-2023-48795
There is already a fix for this CVE in kirkstone: https://git.yoctoproject.org/poky/commit/?h=kirkstone=888ea24812c21910e74c864313be56f02fad6c2e Steve On Fri, Apr 19, 2024 at 1:19 AM dnyandev via lists.openembedded.org wrote: > > Backport the upstream fix for CVE-2023-48795. > > (From OE-Core rev: 314fa19c5e07fa632ff0434a6adbb97de1319a02) > > Signed-off-by: Ross Burton > Signed-off-by: Richard Purdie > (cherry picked from commit 3adac25f899054b7d1d8c14458a1a4cd310abbd7) > Signed-off-by: Bhabu Bindu > --- > .../libssh2/libssh2/CVE-2023-48795.patch | 469 ++ > .../recipes-support/libssh2/libssh2_1.10.0.bb | 1 + > 2 files changed, 470 insertions(+) > create mode 100644 meta/recipes-support/libssh2/libssh2/CVE-2023-48795.patch > > diff --git a/meta/recipes-support/libssh2/libssh2/CVE-2023-48795.patch > b/meta/recipes-support/libssh2/libssh2/CVE-2023-48795.patch > new file mode 100644 > index 00..9aaa92bb1c > --- /dev/null > +++ b/meta/recipes-support/libssh2/libssh2/CVE-2023-48795.patch > @@ -0,0 +1,469 @@ > +From d4634630432594b139b3af6b9f254b890c0f275d Mon Sep 17 00:00:00 2001 > +From: Michael Buckley > +Date: Thu, 30 Nov 2023 15:08:02 -0800 > +Subject: [PATCH] src: add 'strict KEX' to fix CVE-2023-48795 "Terrapin > Attack" > + > +Refs: > +https://terrapin-attack.com/ > +https://seclists.org/oss-sec/2023/q4/292 > +https://osv.dev/list?ecosystem==CVE-2023-48795 > +https://github.com/advisories/GHSA-45x7-px36-x8w8 > +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 > + > +Fixes #1290 > +Closes #1291 > + > +CVE: CVE-2023-48795 > +Upstream-Status: Backport > +Comments: Refreshed Hunks > + > +Signed-off-by: Ross Burton > +Signed-off-by: Bindu Bhabu > +--- > + src/kex.c | 63 +++ > + src/libssh2_priv.h | 18 +++--- > + src/packet.c | 83 +++--- > + src/packet.h | 2 +- > + src/session.c | 3 ++ > + src/transport.c| 12 ++- > + 6 files changed, 149 insertions(+), 32 deletions(-) > + > +diff --git a/src/kex.c b/src/kex.c > +index d4034a0a..b4b748ca 100644 > +--- a/src/kex.c > b/src/kex.c > +@@ -3026,6 +3026,13 @@ kex_method_ssh_curve25519_sha256 = { > + }; > + #endif > + > ++static const LIBSSH2_KEX_METHOD > ++kex_method_strict_client_extension = { > ++"kex-strict-c-...@openssh.com", > ++NULL, > ++0, > ++}; > ++ > + static const LIBSSH2_KEX_METHOD *libssh2_kex_methods[] = { > + #if LIBSSH2_ED25519 > + _method_ssh_curve25519_sha256, > +@@ -3043,6 +3050,7 @@ static const LIBSSH2_KEX_METHOD *libssh2 > + _method_diffie_helman_group14_sha1, > + _method_diffie_helman_group1_sha1, > + _method_diffie_helman_group_exchange_sha1, > ++_method_strict_client_extension, > + NULL > + }; > + > +@@ -3281,13 +3289,13 @@ static int kexinit(LIBSSH2_SESSION * ses > + return 0; > + } > + > +-/* kex_agree_instr > ++/* _libssh2_kex_agree_instr > + * Kex specific variant of strstr() > + * Needle must be precede by BOL or ',', and followed by ',' or EOL > + */ > +-static unsigned char * > +-kex_agree_instr(unsigned char *haystack, unsigned long haystack_len, > +-const unsigned char *needle, unsigned long needle_len) > ++unsigned char * > ++_libssh2_kex_agree_instr(unsigned char *haystack, size_t haystack_len, > ++ const unsigned char *needle, size_t needle_len) > + { > + unsigned char *s; > + unsigned char *end_haystack; > +@@ -3398,7 +3406,7 @@ static int kex_agree_hostkey(LIBSSH2_SESSION * session, > + while(s && *s) { > + unsigned char *p = (unsigned char *) strchr((char *) s, ','); > + size_t method_len = (p ? (size_t)(p - s) : strlen((char *) s)); > +-if(kex_agree_instr(hostkey, hostkey_len, s, method_len)) { > ++if(_libssh2_kex_agree_instr(hostkey, hostkey_len, s, > method_len)) { > + const LIBSSH2_HOSTKEY_METHOD *method = > + (const LIBSSH2_HOSTKEY_METHOD *) > + kex_get_method_by_name((char *) s, method_len, > +@@ -3432,9 +3440,9 @@ static int kex_agree_hostkey(LIBSSH2_SESSION * session, > + } > + > + while(hostkeyp && (*hostkeyp) && (*hostkeyp)->name) { > +-s = kex_agree_instr(hostkey, hostkey_len, > +-(unsigned char *) (*hostkeyp)->name, > +-strlen((*hostkeyp)->name)); > ++s = _libssh2_kex_agree_instr(hostkey, hostkey_len, > ++ (unsigned char *) (*hostkeyp)->name, > ++ strlen((*hostkeyp)->name)); > + if(s) { > + /* So far so good, but does it suit our purposes? (Encrypting vs > +Signing) */ > +@@ -3468,6 +3476,12 @@ static int kex_agree_kex_hostkey(LIBSSH2_SESSION * > session, unsigned char *kex, > + { > + const LIBSSH2_KEX_METHOD **kexp = libssh2_kex_methods; > + unsigned
Re: [OE-core] [dunfell][PATCH] populate_sdk_ext.bbclass: only overwrite lsb string if uninative is used
Dunfell has reached end of life and we are no longer taking changes. The final build was done on April 15. Steve On Mon, Apr 15, 2024 at 12:21 AM Timon Bergelt via lists.openembedded.org wrote: > > Overwriting the lsb string without inheriting from uninative causes > shared state cache entries to end up in the wrong path where they are > not beeing picked up by the extensible SDK environment. > > Signed-off-by: Timon Bergelt > --- > meta/classes/populate_sdk_ext.bbclass | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/meta/classes/populate_sdk_ext.bbclass > b/meta/classes/populate_sdk_ext.bbclass > index 1bdfd92847..899f198659 100644 > --- a/meta/classes/populate_sdk_ext.bbclass > +++ b/meta/classes/populate_sdk_ext.bbclass > @@ -449,7 +449,7 @@ python copy_buildsystem () { > bb.utils.remove(sstate_out, True) > > # uninative.bbclass sets NATIVELSBSTRING to 'universal%s' % > oe.utils.host_gcc_version(d) > -fixedlsbstring = "universal%s" % oe.utils.host_gcc_version(d) > +fixedlsbstring = "universal%s" % oe.utils.host_gcc_version(d) if > bb.data.inherits_class('uninative', d) else "" > > sdk_include_toolchain = (d.getVar('SDK_INCLUDE_TOOLCHAIN') == '1') > sdk_ext_type = d.getVar('SDK_EXT_TYPE') > -- > 2.34.1 > > > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198619): https://lists.openembedded.org/g/openembedded-core/message/198619 Mute This Topic: https://lists.openembedded.org/mt/105531768/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core][dunfell][PATCH 1/4] binutils: Fix CVE-2022-44840
Dunfell has reached end of life and we are no longer taking changes. The final build was done on April 15. Steve On Tue, Apr 23, 2024 at 12:35 AM virendra thakur via lists.openembedded.org wrote: > > Add patch file to fix CVE-2022-44840 > > Reference: > https://answers.launchpad.net/ubuntu/+archive/primary/+sourcefiles/binutils/2.34-6ubuntu1.8/binutils_2.34-6ubuntu1.8.debian.tar.xz > > Signed-off-by: virendra thakur > --- > .../binutils/binutils-2.34.inc| 1 + > .../binutils/binutils/CVE-2022-44840.patch| 162 ++ > 2 files changed, 163 insertions(+) > create mode 100644 > meta/recipes-devtools/binutils/binutils/CVE-2022-44840.patch > > diff --git a/meta/recipes-devtools/binutils/binutils-2.34.inc > b/meta/recipes-devtools/binutils/binutils-2.34.inc > index 032263fe63..64f66a30a9 100644 > --- a/meta/recipes-devtools/binutils/binutils-2.34.inc > +++ b/meta/recipes-devtools/binutils/binutils-2.34.inc > @@ -62,5 +62,6 @@ SRC_URI = "\ > file://CVE-2022-47011.patch \ > file://CVE-2022-48063.patch \ > file://CVE-2022-47695.patch \ > + file://CVE-2022-44840.patch \ > " > S = "${WORKDIR}/git" > diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2022-44840.patch > b/meta/recipes-devtools/binutils/binutils/CVE-2022-44840.patch > new file mode 100644 > index 00..288219871d > --- /dev/null > +++ b/meta/recipes-devtools/binutils/binutils/CVE-2022-44840.patch > @@ -0,0 +1,162 @@ > +[Ubuntu note: commit af2ddf69ab85 is not included in this version of the > code, > + so adjustments had to be made to the 2nd hunk in order for it to apply > + cleanly and in order to have the added code match correct macro usage for > + this version of binutils (SAFE_BYTE_GET64 is called with signature_high and > + signature_low in this version of the code, but not in the added lines of the > + original patch). > + -- Camila Camargo de Matos ] > + > +Origin: backport, > https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=28750e3b967da2207d51cbce9fc8be262817ee59 > + > +From 28750e3b967da2207d51cbce9fc8be262817ee59 Mon Sep 17 00:00:00 2001 > +From: Alan Modra > +Date: Sun, 30 Oct 2022 19:08:51 +1030 > +Subject: [PATCH] Pool section entries for DWP version 1 > + > +Ref: https://gcc.gnu.org/wiki/DebugFissionDWP?action=recall=3 > + > +Fuzzers have found a weakness in the code stashing pool section > +entries. With random nonsensical values in the index entries (rather > +than each index pointing to its own set distinct from other sets), > +it's possible to overflow the space allocated, losing the NULL > +terminator. Without a terminator, find_section_in_set can run off the > +end of the shndx_pool buffer. Fix this by scanning the pool directly. > + > +binutils/ > + * dwarf.c (add_shndx_to_cu_tu_entry): Delete range check. > + (end_cu_tu_entry): Likewise. > + (process_cu_tu_index): Fill shndx_pool by directly scanning > + pool, rather than indirectly from index entries. > + > +Upstream-Status: Backport > [https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=28750e3b967da2207d51cbce9fc8be262817ee59] > + > +CVE: CVE-2022-44840 > + > +Signed-off-by: Virendra Thakur > +--- > + binutils/dwarf.c | 90 ++-- > + 1 file changed, 41 insertions(+), 49 deletions(-) > + > +Index: binutils-2.34/binutils/dwarf.c > +=== > +--- binutils-2.34.orig/binutils/dwarf.c > binutils-2.34/binutils/dwarf.c > +@@ -9454,22 +9454,12 @@ prealloc_cu_tu_list (unsigned int nshndx > + static void > + add_shndx_to_cu_tu_entry (unsigned int shndx) > + { > +- if (shndx_pool_used >= shndx_pool_size) > +-{ > +- error (_("Internal error: out of space in the shndx pool.\n")); > +- return; > +-} > + shndx_pool [shndx_pool_used++] = shndx; > + } > + > + static void > + end_cu_tu_entry (void) > + { > +- if (shndx_pool_used >= shndx_pool_size) > +-{ > +- error (_("Internal error: out of space in the shndx pool.\n")); > +- return; > +-} > + shndx_pool [shndx_pool_used++] = 0; > + } > + > +@@ -9578,54 +9568,55 @@ process_cu_tu_index (struct dwarf_sectio > + > + if (version == 1) > + { > ++ unsigned char *shndx_list; > ++ unsigned int shndx; > ++ > + if (!do_display) > +- prealloc_cu_tu_list ((limit - ppool) / 4); > +- for (i = 0; i < nslots; i++) > + { > +-unsigned char *shndx_list; > +-unsigned int shndx; > +- > +-SAFE_BYTE_GET64 (phash, _high, _low, limit); > +-if (signature_high != 0 || signature_low != 0) > ++ prealloc_cu_tu_list ((limit - ppool) / 4); > ++ for (shndx_list = ppool + 4; shndx_list <= limit - 4; shndx_list > += 4) > + { > +-SAFE_BYTE_GET (j, pindex, 4, limit); > +-shndx_list = ppool + j * 4; > +-/* PR 17531: file: 705e010d. */ > +-if (shndx_list < ppool)
Re: [OE-core][dunfell][PATCH] perl: Fix CVE-2023-31486
Dunfell has reached end of life and we are no longer taking changes. The final build was done on April 15. Steve On Tue, Apr 23, 2024 at 1:21 AM virendra thakur wrote: > > From: Soumya > > HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available > standalone on CPAN, has an insecure default TLS configuration where > users must opt in to verify certificates. > > References: > https://nvd.nist.gov/vuln/detail/CVE-2023-31486 > > Upstream patches: > https://github.com/chansen/p5-http-tiny/commit/77f557ef84698efeb6eed04e4a9704eaf85b741d > https://github.com/chansen/p5-http-tiny/commit/a22785783b17cbaa28afaee4a024d81a1903701d > > (From OE-Core rev: 5819c839e1de92ab7669a0d4997886d0306c4cc1) > > Signed-off-by: Soumya > Signed-off-by: Steve Sakoman > (cherry picked from commit 80ecd63cc84d7eb9db26ec47d4afcf5a59d598e8) > > Signed-off-by: virendra thakur > --- > .../perl/files/CVE-2023-31486-0001.patch | 216 ++ > .../perl/files/CVE-2023-31486-0002.patch | 36 +++ > meta/recipes-devtools/perl/perl_5.30.1.bb | 2 + > 3 files changed, 254 insertions(+) > create mode 100644 meta/recipes-devtools/perl/files/CVE-2023-31486-0001.patch > create mode 100644 meta/recipes-devtools/perl/files/CVE-2023-31486-0002.patch > > diff --git a/meta/recipes-devtools/perl/files/CVE-2023-31486-0001.patch > b/meta/recipes-devtools/perl/files/CVE-2023-31486-0001.patch > new file mode 100644 > index 00..d8326b4ef8 > --- /dev/null > +++ b/meta/recipes-devtools/perl/files/CVE-2023-31486-0001.patch > @@ -0,0 +1,216 @@ > +From 77f557ef84698efeb6eed04e4a9704eaf85b741d > +From: Stig Palmquist > +Date: Mon Jun 5 16:46:22 2023 +0200 > +Subject: [PATCH] Change verify_SSL default to 1, add ENV var to enable > + insecure default - Changes the `verify_SSL` default parameter from `0` to > `1` > + > + Based on patch by Dominic Hargreaves: > + > https://salsa.debian.org/perl-team/interpreter/perl/-/commit/1490431e40e22052f75a0b3449f1f53cbd27ba92 > + > + CVE: CVE-2023-31486 > + > +- Add check for `$ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT}` that > + enables the previous insecure default behaviour if set to `1`. > + > + This provides a workaround for users who encounter problems with the > + new `verify_SSL` default. > + > + Example to disable certificate checks: > + ``` > +$ PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT=1 ./script.pl > + ``` > + > +- Updates to documentation: > + - Describe changing the verify_SSL value > + - Describe the escape-hatch environment variable > + - Remove rationale for not enabling verify_SSL > + - Add missing certificate search paths > + - Replace "SSL" with "TLS/SSL" where appropriate > + - Use "machine-in-the-middle" instead of "man-in-the-middle" > + > +Upstream-Status: Backport > [https://github.com/chansen/p5-http-tiny/commit/77f557ef84698efeb6eed04e4a9704eaf85b741d] > + > +Signed-off-by: Soumya > +Signed-off-by: virendra thakur > +--- > + cpan/HTTP-Tiny/lib/HTTP/Tiny.pm | 86 ++--- > + 1 file changed, 57 insertions(+), 29 deletions(-) > + > +diff --git a/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm > b/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm > +index 5803e45..1808c41 100644 > +--- a/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm > b/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm > +@@ -39,10 +39,14 @@ sub _croak { require Carp; Carp::croak(@_) } > + #pod C<$ENV{no_proxy}> —) > + #pod * C — Request timeout in seconds (default is 60) If a socket > open, > + #pod read or write takes longer than the timeout, an exception is thrown. > +-#pod * C — A boolean that indicates whether to validate the SSL > +-#pod certificate of an C — connection (default is false) > ++#pod * C — A boolean that indicates whether to validate the > TLS/SSL > ++#pod certificate of an C — connection (default is true). Changed > from false > ++#pod to true in version 0.083. > + #pod * C — A hashref of C — options to pass through to > + #pod L > ++#pod * C<$ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT}> - Changes the default > ++#pod certificate verification behavior to not check server identity if > set to 1. > ++#pod Only effective if C is not set. Added in version 0.083. > + #pod > + #pod Passing an explicit C for C, C or > C will > + #pod prevent getting the corresponding proxies from the environment. > +@@ -108,11 +112,17 @@ sub timeout { > + sub new { > + my($class, %args) = @_; > + > ++# Support lower case verify_ssl argument, but only if verify_SSL is not > ++# true. > ++if ( exists $args{verify_ssl} ) { > ++$args{verify_SSL} ||= $args{
[OE-core] OE-core CVE metrics for nanbield on Sun 21 Apr 2024 04:00:02 AM HST
Branch: nanbield New this week: 26 CVEs CVE-2023-52436 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52436 * CVE-2023-52454 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52454 * CVE-2023-52458 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52458 * CVE-2023-52462 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52462 * CVE-2023-52463 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52463 * CVE-2023-52464 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52464 * CVE-2023-52465 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52465 * CVE-2023-52467 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52467 * CVE-2023-52468 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52468 * CVE-2023-52469 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52469 * CVE-2023-52470 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52470 * CVE-2023-52472 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52472 * CVE-2023-52473 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52473 * CVE-2024-26581 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26581 * CVE-2024-26593 (CVSS3: 7.1 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26593 * CVE-2024-26594 (CVSS3: 7.1 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26594 * CVE-2024-26595 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26595 * CVE-2024-26596 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26596 * CVE-2024-26597 (CVSS3: 7.1 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26597 * CVE-2024-26598 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26598 * CVE-2024-26599 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26599 * CVE-2024-26600 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26600 * CVE-2024-26601 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26601 * CVE-2024-26602 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26602 * CVE-2024-26603 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26603 * CVE-2024-26606 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26606 * Removed this week: 0 CVEs Full list: Found 154 unpatched CVEs CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 * CVE-2021-3714 (CVSS3: 5.9 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3714 * CVE-2021-3864 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3864 * CVE-2022-0400 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0400 * CVE-2022-1247 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1247 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-36402 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36402 * CVE-2022-38096 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38096 * CVE-2022-4543 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4543 * CVE-2022-46456 (CVSS3: 6.1 MEDIUM): nasm:nasm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46456 * CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * CVE-2023-3019 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3019 * CVE-2023-3397 (CVSS3: 6.3 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3397 * CVE-2023-3640 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3640 * CVE-2023-39189 (CVSS3: 6.0 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39189 * CVE-2023-39192 (CVSS3: 6.0 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39192 * CVE-2023-39193 (CVSS3: 6.0 MEDIUM): linux-yocto
[OE-core] OE-core CVE metrics for kirkstone on Sun 21 Apr 2024 03:00:01 AM HST
Branch: kirkstone New this week: 1 CVEs CVE-2023-52425 (CVSS3: 7.5 HIGH): expat:expat-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52425 * Removed this week: 2 CVEs CVE-2023-47100 (CVSS3: 9.8 CRITICAL): perl:perl-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-47100 * CVE-2023-51767 (CVSS3: 7.0 HIGH): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51767 * Full list: Found 34 unpatched CVEs CVE-2021-35937 (CVSS3: 6.4 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35937 * CVE-2021-35938 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35938 * CVE-2021-35939 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35939 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-3515 (CVSS3: 9.8 CRITICAL): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3515 * CVE-2022-36648 (CVSS3: 10.0 CRITICAL): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36648 * CVE-2022-3872 (CVSS3: 8.6 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3872 * CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * CVE-2023-24532 (CVSS3: 5.3 MEDIUM): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24532 * CVE-2023-27043 (CVSS3: 5.3 MEDIUM): python3:python3-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27043 * CVE-2023-2731 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2731 * CVE-2023-28198 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-28198 * CVE-2023-29403 (CVSS3: 7.8 HIGH): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29403 * CVE-2023-3019 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3019 * CVE-2023-3164 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3164 * CVE-2023-32370 (CVSS3: 5.3 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-32370 * CVE-2023-37769 (CVSS3: 6.5 MEDIUM): pixman:pixman-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37769 * CVE-2023-39323 (CVSS3: 8.1 HIGH): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39323 * CVE-2023-4001 (CVSS3: 6.8 MEDIUM): grub:grub-efi:grub-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4001 * CVE-2023-40397 (CVSS3: 9.8 CRITICAL): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40397 * CVE-2023-44487 (CVSS3: 7.5 HIGH): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-44487 * CVE-2023-46407 (CVSS3: 5.5 MEDIUM): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-46407 * CVE-2023-47470 (CVSS3: 7.8 HIGH): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-47470 * CVE-2023-48795 (CVSS3: 5.9 MEDIUM): libssh2:libssh2-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48795 * CVE-2023-49292 (CVSS3: 4.8 MEDIUM): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-49292 * CVE-2023-52355 (CVSS3: 7.5 HIGH): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52355 * CVE-2023-52425 (CVSS3: 7.5 HIGH): expat:expat-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52425 * CVE-2023-5380 (CVSS3: 4.7 MEDIUM): xwayland https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5380 * CVE-2023-5574 (CVSS3: 7.0 HIGH): xserver-xorg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5574 * CVE-2023-7216 (CVSS3: 5.3 MEDIUM): cpio https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-7216 * CVE-2024-1048 (CVSS3: 3.3 LOW): grub:grub-efi:grub-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-1048 * CVE-2024-22860 (CVSS3: 9.8 CRITICAL): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-22860 * CVE-2024-22861 (CVSS3: 7.5 HIGH): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-22861 * CVE-2024-22862 (CVSS3: 9.8 CRITICAL): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-22862 * Summary of CVE counts by recipe: ffmpeg: 5 go: 5 qemu:qemu-native:qemu-system-native: 4 rpm:rpm-native: 3 tiff: 3 webkitgtk: 3 gnupg:gnupg-native: 2 grub:grub-efi:grub-native: 2 cpio: 1 expat:expat-native: 1 libssh2:libssh2-native: 1 pixman:pixman-native: 1 python3:python3-native: 1 xserver-xorg: 1 xwayland: 1 For further information see: https://autobuilder.yocto.io/pub/non-release/patchmetrics/ -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198575):
[OE-core] OE-core CVE metrics for dunfell on Sun 21 Apr 2024 02:00:01 AM HST
Branch: dunfell New this week: 0 CVEs Removed this week: 0 CVEs Full list: Found 106 unpatched CVEs CVE-2020-15705 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15705 * CVE-2020-25742 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25742 * CVE-2020-25743 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25743 * CVE-2020-27918 (CVSS3: 7.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27918 * CVE-2020-29623 (CVSS3: 3.3 LOW): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29623 * CVE-2020-35503 (CVSS3: 6.0 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35503 * CVE-2020-35506 (CVSS3: 6.7 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35506 * CVE-2020-9948 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9948 * CVE-2020-9951 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9951 * CVE-2020-9952 (CVSS3: 7.1 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9952 * CVE-2021-1765 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1765 * CVE-2021-1789 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1789 * CVE-2021-1799 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1799 * CVE-2021-1801 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1801 * CVE-2021-1870 (CVSS3: 9.8 CRITICAL): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1870 * CVE-2021-27097 (CVSS3: 7.8 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27097 * CVE-2021-27138 (CVSS3: 7.8 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27138 * CVE-2021-31879 (CVSS3: 6.1 MEDIUM): wget https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31879 * CVE-2021-3418 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3418 * CVE-2021-3445 (CVSS3: 7.5 HIGH): libdnf https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3445 * CVE-2021-35937 (CVSS3: 6.4 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35937 * CVE-2021-35938 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35938 * CVE-2021-35939 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35939 * CVE-2021-3611 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3611 * CVE-2021-42762 (CVSS3: 5.3 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42762 * CVE-2021-45085 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45085 * CVE-2021-45086 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45086 * CVE-2021-45087 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45087 * CVE-2021-45088 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45088 * CVE-2021-45481 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45481 * CVE-2021-45482 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45482 * CVE-2021-45483 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45483 * CVE-2022-0358 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0358 * CVE-2022-2294 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2294 * CVE-2022-2347 (CVSS3: 7.1 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2347 * CVE-2022-23773 (CVSS3: 7.5 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23773 * CVE-2022-24765 (CVSS3: 7.8 HIGH): git https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24765 * CVE-2022-2953 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2953 * CVE-2022-2962 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2962 * CVE-2022-30293 (CVSS3: 7.5 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30293 * CVE-2022-30767 (CVSS3: 9.8 CRITICAL): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30767 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 *
[OE-core] OE-core CVE metrics for master on Sun 21 Apr 2024 01:00:01 AM HST
Branch: master New this week: 1 CVEs CVE-2024-26596 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26596 * Removed this week: 0 CVEs Full list: Found 38 unpatched CVEs CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 * CVE-2021-3714 (CVSS3: 5.9 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3714 * CVE-2021-3864 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3864 * CVE-2022-0400 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0400 * CVE-2022-1247 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1247 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-38096 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38096 * CVE-2022-4543 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4543 * CVE-2022-46456 (CVSS3: 6.1 MEDIUM): nasm:nasm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46456 * CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * CVE-2023-3397 (CVSS3: 6.3 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3397 * CVE-2023-3640 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3640 * CVE-2023-4010 (CVSS3: 4.6 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4010 * CVE-2023-42363 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42363 * CVE-2023-42364 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42364 * CVE-2023-42365 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42365 * CVE-2023-42366 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42366 * CVE-2023-51767 (CVSS3: 7.0 HIGH): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51767 * CVE-2023-6238 (CVSS3: 6.7 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6238 * CVE-2023-6240 (CVSS3: 6.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6240 * CVE-2023-6270 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6270 * CVE-2023-6356 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6356 * CVE-2023-6535 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6535 * CVE-2023-6536 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6536 * CVE-2023-7042 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-7042 * CVE-2023-7216 (CVSS3: 5.3 MEDIUM): cpio https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-7216 * CVE-2024-0841 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-0841 * CVE-2024-21803 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-21803 * CVE-2024-23307 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-23307 * CVE-2024-23848 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-23848 * CVE-2024-24857 (CVSS3: 6.8 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24857 * CVE-2024-24858 (CVSS3: 5.3 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24858 * CVE-2024-24859 (CVSS3: 4.8 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24859 * CVE-2024-24861 (CVSS3: 6.3 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24861 * CVE-2024-24864 (CVSS3: 4.7 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24864 * CVE-2024-25739 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-25739 * CVE-2024-25740 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-25740 * CVE-2024-26596 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26596 * Summary of CVE counts by recipe: linux-yocto: 29 busybox: 4 cpio: 1 gnupg:gnupg-native: 1 nasm:nasm-native: 1 openssh: 1 qemu:qemu-native:qemu-system-native: 1 For further information see: https://autobuilder.yocto.io/pub/non-release/patchmetrics/ -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198571): https://lists.openembedded.org/g/openembedded-core/message/198571 Mute This Topic:
Re: [OE-core][kirkstone 6/7] ppp: Add RSA-MD in LICENSE
On Wed, Apr 17, 2024 at 3:33 PM Steve Sakoman via lists.openembedded.org wrote: > > > > On Wed, Apr 17, 2024, 2:33 PM Richard Purdie > wrote: >> >> On Wed, 2024-04-17 at 13:35 -0700, Steve Sakoman via lists.openembedded.org >> wrote: >> > From: Poonam Jadhav >> > >> > ppp package has "RSA Data Security" license text >> > in Message-Digest Algorithm source file md5.c and md4.c >> > Add RSA-MD in LICENSE field for ppp package >> > >> > Signed-off-by: Poonam Jadhav >> > Signed-off-by: Steve Sakoman >> > --- >> > meta/recipes-connectivity/ppp/ppp_2.4.9.bb | 2 +- >> > 1 file changed, 1 insertion(+), 1 deletion(-) >> > >> > diff --git a/meta/recipes-connectivity/ppp/ppp_2.4.9.bb >> > b/meta/recipes-connectivity/ppp/ppp_2.4.9.bb >> > index 7e3ae43b58..b7f71b673d 100644 >> > --- a/meta/recipes-connectivity/ppp/ppp_2.4.9.bb >> > +++ b/meta/recipes-connectivity/ppp/ppp_2.4.9.bb >> > @@ -5,7 +5,7 @@ SECTION = "console/network" >> > HOMEPAGE = "http://samba.org/ppp/; >> > BUGTRACKER = "http://ppp.samba.org/cgi-bin/ppp-bugs; >> > DEPENDS = "libpcap openssl virtual/crypt" >> > -LICENSE = "BSD-3-Clause & BSD-3-Clause-Attribution & GPL-2.0-or-later & >> > LGPL-2.0-or-later & PD" >> > +LICENSE = "BSD-3-Clause & BSD-3-Clause-Attribution & GPL-2.0-or-later & >> > LGPL-2.0-or-later & PD & RSA-MD" >> > LIC_FILES_CHKSUM = >> > "file://pppd/ccp.c;beginline=1;endline=29;md5=e2c43fe6e81ff77d87dc9c290a424dea >> > \ >> > >> > file://pppd/plugins/passprompt.c;beginline=1;endline=10;md5=3bcbcdbf0e369c9a3e0b8c8275b065d8 >> > \ >> > >> > file://pppd/tdb.c;beginline=1;endline=27;md5=4ca3a9991b011038d085d6675ae7c4e6 >> > \ >> > >> >> This isn't in master yet! > > > Good catch! I'll text this patch and request that out be sent for master. Heh, drop not text :-) And I see that he has already submitted for master. Steve -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198491): https://lists.openembedded.org/g/openembedded-core/message/198491 Mute This Topic: https://lists.openembedded.org/mt/105585677/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core][kirkstone 6/7] ppp: Add RSA-MD in LICENSE
On Wed, Apr 17, 2024, 2:33 PM Richard Purdie < richard.pur...@linuxfoundation.org> wrote: > On Wed, 2024-04-17 at 13:35 -0700, Steve Sakoman via > lists.openembedded.org wrote: > > From: Poonam Jadhav > > > > ppp package has "RSA Data Security" license text > > in Message-Digest Algorithm source file md5.c and md4.c > > Add RSA-MD in LICENSE field for ppp package > > > > Signed-off-by: Poonam Jadhav > > Signed-off-by: Steve Sakoman > > --- > > meta/recipes-connectivity/ppp/ppp_2.4.9.bb | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/meta/recipes-connectivity/ppp/ppp_2.4.9.bb > b/meta/recipes-connectivity/ppp/ppp_2.4.9.bb > > index 7e3ae43b58..b7f71b673d 100644 > > --- a/meta/recipes-connectivity/ppp/ppp_2.4.9.bb > > +++ b/meta/recipes-connectivity/ppp/ppp_2.4.9.bb > > @@ -5,7 +5,7 @@ SECTION = "console/network" > > HOMEPAGE = "http://samba.org/ppp/; > > BUGTRACKER = "http://ppp.samba.org/cgi-bin/ppp-bugs; > > DEPENDS = "libpcap openssl virtual/crypt" > > -LICENSE = "BSD-3-Clause & BSD-3-Clause-Attribution & GPL-2.0-or-later & > LGPL-2.0-or-later & PD" > > +LICENSE = "BSD-3-Clause & BSD-3-Clause-Attribution & GPL-2.0-or-later & > LGPL-2.0-or-later & PD & RSA-MD" > > LIC_FILES_CHKSUM = > "file://pppd/ccp.c;beginline=1;endline=29;md5=e2c43fe6e81ff77d87dc9c290a424dea > \ > > > file://pppd/plugins/passprompt.c;beginline=1;endline=10;md5=3bcbcdbf0e369c9a3e0b8c8275b065d8 > \ > > > file://pppd/tdb.c;beginline=1;endline=27;md5=4ca3a9991b011038d085d6675ae7c4e6 > \ > > > > This isn't in master yet! > Good catch! I'll text this patch and request that out be sent for master. Steve > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198490): https://lists.openembedded.org/g/openembedded-core/message/198490 Mute This Topic: https://lists.openembedded.org/mt/105585677/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][kirkstone 5/7] valgrind: skip intermittently failing ptest
Intermittent failures on autobuilder: AssertionError: Failed ptests: {'valgrind': ['memcheck/tests/linux/timerfd-syscall']} Signed-off-by: Steve Sakoman --- meta/recipes-devtools/valgrind/valgrind/remove-for-all | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/recipes-devtools/valgrind/valgrind/remove-for-all b/meta/recipes-devtools/valgrind/valgrind/remove-for-all index cb8d10b18f..226f97b50e 100644 --- a/meta/recipes-devtools/valgrind/valgrind/remove-for-all +++ b/meta/recipes-devtools/valgrind/valgrind/remove-for-all @@ -1,8 +1,10 @@ none/tests/amd64/fb_test_amd64 gdbserver_tests/hginfo +memcheck/tests/linux/timerfd-syscall memcheck/tests/supp_unknown helgrind/tests/tls_threads drd/tests/bar_bad_xml drd/tests/pth_barrier_thr_cr drd/tests/thread_name_xml massif/tests/deep-D + -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198482): https://lists.openembedded.org/g/openembedded-core/message/198482 Mute This Topic: https://lists.openembedded.org/mt/105585676/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][kirkstone 7/7] systemd: Fix vlan qos mapping
From: Sana Kazi Drop unnecessary restriction for QoS mapping. Also adds tests for vlan QoS mapping. Link: https://github.com/systemd/systemd/commit/fe830b84d4002582e7aefb16e5e09fd0195f21c8.patch PR: https://github.com/systemd/systemd/pull/27761 Signed-off-by: Sana Kazi Signed-off-by: Sana Kazi Signed-off-by: Steve Sakoman --- .../systemd/fix-vlan-qos-mapping.patch| 140 ++ meta/recipes-core/systemd/systemd_250.5.bb| 1 + 2 files changed, 141 insertions(+) create mode 100644 meta/recipes-core/systemd/systemd/fix-vlan-qos-mapping.patch diff --git a/meta/recipes-core/systemd/systemd/fix-vlan-qos-mapping.patch b/meta/recipes-core/systemd/systemd/fix-vlan-qos-mapping.patch new file mode 100644 index 00..c530de7f50 --- /dev/null +++ b/meta/recipes-core/systemd/systemd/fix-vlan-qos-mapping.patch @@ -0,0 +1,140 @@ +From 4d13d175f8454df63843a880c78badd4f6d720ca Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Wed, 24 May 2023 11:02:36 +0900 +Subject: [PATCH 1/3] network/vlan: drop unnecessary restriction for QoS + mapping + +Fixes #27460. + +Upstream-Status: Backport [https://github.com/systemd/systemd/commit/fe830b84d4002582e7aefb16e5e09fd0195f21c8.patch] +Signed-off-by: Sana Kazi +--- + src/network/netdev/vlan.c | 5 - + 1 file changed, 5 deletions(-) + +diff --git a/src/network/netdev/vlan.c b/src/network/netdev/vlan.c +index a3d961dac3ca4..d61e9486abc47 100644 +--- a/src/network/netdev/vlan.c b/src/network/netdev/vlan.c +@@ -165,11 +165,6 @@ int config_parse_vlan_qos_maps( + continue; + } + +-if (m->to > m->from || m->to == 0 || m->from == 0) { +-log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid %s, ignoring: %s", lvalue, w); +-continue; +-} +- + r = set_ensure_consume(s, _qos_maps_hash_ops, TAKE_PTR(m)); + if (r < 0) { + log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to store %s, ignoring: %s", lvalue, w); + +From 4194478af861f80a73905d1f9e570a09862f91a7 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Wed, 24 May 2023 11:06:35 +0900 +Subject: [PATCH 2/3] network/vlan: paranoia about type safety + +No functional change, as the struct is defined as the following: +``` +struct ifla_vlan_qos_mapping { + __u32 from; + __u32 to; +}; +``` +--- + src/network/netdev/vlan.c | 16 +++- + 1 file changed, 11 insertions(+), 5 deletions(-) + +diff --git a/src/network/netdev/vlan.c b/src/network/netdev/vlan.c +index d61e9486abc47..5eb36ef6801f3 100644 +--- a/src/network/netdev/vlan.c b/src/network/netdev/vlan.c +@@ -144,6 +144,7 @@ int config_parse_vlan_qos_maps( + for (const char *p = rvalue;;) { + _cleanup_free_ struct ifla_vlan_qos_mapping *m = NULL; + _cleanup_free_ char *w = NULL; ++unsigned from, to; + + r = extract_first_word(, , NULL, EXTRACT_CUNESCAPE|EXTRACT_UNQUOTE); + if (r == -ENOMEM) +@@ -155,16 +156,21 @@ int config_parse_vlan_qos_maps( + if (r == 0) + return 0; + +-m = new0(struct ifla_vlan_qos_mapping, 1); +-if (!m) +-return log_oom(); +- +-r = parse_range(w, >from, >to); ++r = parse_range(w, , ); + if (r < 0) { + log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse %s, ignoring: %s", lvalue, w); + continue; + } + ++m = new(struct ifla_vlan_qos_mapping, 1); ++if (!m) ++return log_oom(); ++ ++*m = (struct ifla_vlan_qos_mapping) { ++.from = from, ++.to = to, ++}; ++ + r = set_ensure_consume(s, _qos_maps_hash_ops, TAKE_PTR(m)); + if (r < 0) { + log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to store %s, ignoring: %s", lvalue, w); + +From 73d24e45f8ac18eaaebf1df2b1f055c14179c6ff Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Wed, 24 May 2023 11:15:44 +0900 +Subject: [PATCH 3/3] test-network: add tests for vlan QoS mapping + +--- + .../conf/21-vlan.netdev.d/override.conf| 10 ++ + test/test-network/systemd-networkd-tests.py| 14 -- + 2 files changed, 14 insertions(+), 10 deletions(-) + +diff --git a/test/test-network/conf/21-vlan.netdev.d/override.conf b/test/test-network/conf/21-vlan.netdev.d/override.conf +index 3b8d47d9b1db5..c71077d274a69 100644 +--- a/test/test-network/conf/21-vlan.netdev.d/override.conf b/test/test-network/conf/21-vlan.netdev.d/override.conf +@@ -3,7 +3,9 @@ MTUByte
[OE-core][kirkstone 6/7] ppp: Add RSA-MD in LICENSE
From: Poonam Jadhav ppp package has "RSA Data Security" license text in Message-Digest Algorithm source file md5.c and md4.c Add RSA-MD in LICENSE field for ppp package Signed-off-by: Poonam Jadhav Signed-off-by: Steve Sakoman --- meta/recipes-connectivity/ppp/ppp_2.4.9.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-connectivity/ppp/ppp_2.4.9.bb b/meta/recipes-connectivity/ppp/ppp_2.4.9.bb index 7e3ae43b58..b7f71b673d 100644 --- a/meta/recipes-connectivity/ppp/ppp_2.4.9.bb +++ b/meta/recipes-connectivity/ppp/ppp_2.4.9.bb @@ -5,7 +5,7 @@ SECTION = "console/network" HOMEPAGE = "http://samba.org/ppp/; BUGTRACKER = "http://ppp.samba.org/cgi-bin/ppp-bugs; DEPENDS = "libpcap openssl virtual/crypt" -LICENSE = "BSD-3-Clause & BSD-3-Clause-Attribution & GPL-2.0-or-later & LGPL-2.0-or-later & PD" +LICENSE = "BSD-3-Clause & BSD-3-Clause-Attribution & GPL-2.0-or-later & LGPL-2.0-or-later & PD & RSA-MD" LIC_FILES_CHKSUM = "file://pppd/ccp.c;beginline=1;endline=29;md5=e2c43fe6e81ff77d87dc9c290a424dea \ file://pppd/plugins/passprompt.c;beginline=1;endline=10;md5=3bcbcdbf0e369c9a3e0b8c8275b065d8 \ file://pppd/tdb.c;beginline=1;endline=27;md5=4ca3a9991b011038d085d6675ae7c4e6 \ -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198483): https://lists.openembedded.org/g/openembedded-core/message/198483 Mute This Topic: https://lists.openembedded.org/mt/105585677/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][kirkstone 4/7] nghttp2: Fix CVE-2024-28182
From: Soumya Sambu nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbounded number of HTTP/2 CONTINUATION frames even after a stream is reset to keep HPACK context in sync. This causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates this vulnerability by limiting the number of CONTINUATION frames it accepts per stream. There is no workaround for this vulnerability. References: https://nvd.nist.gov/vuln/detail/CVE-2024-28182 Signed-off-by: Soumya Sambu Signed-off-by: Steve Sakoman --- .../nghttp2/nghttp2/CVE-2024-28182-0001.patch | 110 ++ .../nghttp2/nghttp2/CVE-2024-28182-0002.patch | 105 + .../recipes-support/nghttp2/nghttp2_1.47.0.bb | 2 + 3 files changed, 217 insertions(+) create mode 100644 meta/recipes-support/nghttp2/nghttp2/CVE-2024-28182-0001.patch create mode 100644 meta/recipes-support/nghttp2/nghttp2/CVE-2024-28182-0002.patch diff --git a/meta/recipes-support/nghttp2/nghttp2/CVE-2024-28182-0001.patch b/meta/recipes-support/nghttp2/nghttp2/CVE-2024-28182-0001.patch new file mode 100644 index 00..e1d909b0d1 --- /dev/null +++ b/meta/recipes-support/nghttp2/nghttp2/CVE-2024-28182-0001.patch @@ -0,0 +1,110 @@ +From 00201ecd8f982da3b67d4f6868af72a1b03b14e0 Mon Sep 17 00:00:00 2001 +From: Tatsuhiro Tsujikawa +Date: Sat, 9 Mar 2024 16:26:42 +0900 +Subject: [PATCH] Limit CONTINUATION frames following an incoming HEADER frame + +CVE: CVE-2024-28182 + +Upstream-Status: Backport [https://github.com/nghttp2/nghttp2/commit/00201ecd8f982da3b67d4f6868af72a1b03b14e0] + +Signed-off-by: Soumya Sambu +--- + lib/includes/nghttp2/nghttp2.h | 7 ++- + lib/nghttp2_helper.c | 2 ++ + lib/nghttp2_session.c | 7 +++ + lib/nghttp2_session.h | 10 ++ + 4 files changed, 25 insertions(+), 1 deletion(-) + +diff --git a/lib/includes/nghttp2/nghttp2.h b/lib/includes/nghttp2/nghttp2.h +index 2bd35f4..6cc8c0c 100644 +--- a/lib/includes/nghttp2/nghttp2.h b/lib/includes/nghttp2/nghttp2.h +@@ -440,7 +440,12 @@ typedef enum { +* exhaustion on server side to send these frames forever and does +* not read network. +*/ +- NGHTTP2_ERR_FLOODED = -904 ++ NGHTTP2_ERR_FLOODED = -904, ++ /** ++ * When a local endpoint receives too many CONTINUATION frames ++ * following a HEADER frame. ++ */ ++ NGHTTP2_ERR_TOO_MANY_CONTINUATIONS = -905, + } nghttp2_error; + + /** +diff --git a/lib/nghttp2_helper.c b/lib/nghttp2_helper.c +index 588e269..98989f6 100644 +--- a/lib/nghttp2_helper.c b/lib/nghttp2_helper.c +@@ -336,6 +336,8 @@ const char *nghttp2_strerror(int error_code) { +"closed"; + case NGHTTP2_ERR_TOO_MANY_SETTINGS: + return "SETTINGS frame contained more than the maximum allowed entries"; ++ case NGHTTP2_ERR_TOO_MANY_CONTINUATIONS: ++return "Too many CONTINUATION frames following a HEADER frame"; + default: + return "Unknown error code"; + } +diff --git a/lib/nghttp2_session.c b/lib/nghttp2_session.c +index 5c834fa..537127c 100644 +--- a/lib/nghttp2_session.c b/lib/nghttp2_session.c +@@ -464,6 +464,7 @@ static int session_new(nghttp2_session **session_ptr, + (*session_ptr)->max_send_header_block_length = NGHTTP2_MAX_HEADERSLEN; + (*session_ptr)->max_outbound_ack = NGHTTP2_DEFAULT_MAX_OBQ_FLOOD_ITEM; + (*session_ptr)->max_settings = NGHTTP2_DEFAULT_MAX_SETTINGS; ++ (*session_ptr)->max_continuations = NGHTTP2_DEFAULT_MAX_CONTINUATIONS; + + if (option) { + if ((option->opt_set_mask & NGHTTP2_OPT_NO_AUTO_WINDOW_UPDATE) && +@@ -6307,6 +6308,8 @@ ssize_t nghttp2_session_mem_recv(nghttp2_session *session, const uint8_t *in, + } + } + session_inbound_frame_reset(session); ++ ++session->num_continuations = 0; + } + break; + } +@@ -6428,6 +6431,10 @@ ssize_t nghttp2_session_mem_recv(nghttp2_session *session, const uint8_t *in, + } + #endif /* DEBUGBUILD */ + ++ if (++session->num_continuations > session->max_continuations) { ++return NGHTTP2_ERR_TOO_MANY_CONTINUATIONS; ++ } ++ + readlen = inbound_frame_buf_read(iframe, in, last); + in += readlen; + +diff --git a/lib/nghttp2_session.h b/lib/nghttp2_session.h +index 5f71a16..9a00b0e 100644 +--- a/lib/nghttp2_session.h b/lib/nghttp2_session.h +@@ -107,6 +107,10 @@ typedef struct { + #define NGHTTP2_DEFAULT_STREAM_RESET_BURST 1000 + #define NGHTTP2_DEFAULT_STREAM_RESET_RATE 33 + ++/* The default max number of CONTINUATION frames following an incoming ++ HEADER frame. */ ++#define NGHTTP2_DEFAULT_MAX_CONTINUATIONS 8 ++ + /* Internal state when receiving incoming frame */ + typedef enum { + /* Receiving frame header */ +@@ -279,6 +283,12 @@ struct nghttp2_session { + size_t max_send_header_block_length; + /* The maximum number of setti
[OE-core][kirkstone 3/7] rust: add CVE_CHECK_IGNORE for CVE-2024-24576
From: Harish Sadineni CVE-2024-24576 only applies when invoking batch files (with the `bat` and `cmd` extensions) on Windows & No other platform or use is affected. More details about CVE is here: https://nvd.nist.gov/vuln/detail/CVE-2024-24576 Signed-off-by: Harish Sadineni Signed-off-by: Steve Sakoman --- meta/recipes-devtools/rust/rust-source.inc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/recipes-devtools/rust/rust-source.inc b/meta/recipes-devtools/rust/rust-source.inc index ea70ad786f..c377a680a7 100644 --- a/meta/recipes-devtools/rust/rust-source.inc +++ b/meta/recipes-devtools/rust/rust-source.inc @@ -5,3 +5,6 @@ RUSTSRC = "${WORKDIR}/rustc-${PV}-src" UPSTREAM_CHECK_URI = "https://forge.rust-lang.org/infra/other-installation-methods.html; UPSTREAM_CHECK_REGEX = "rustc-(?P\d+(\.\d+)+)-src" + +#CVE-2024-24576 is specific to Microsoft Windows +CVE_CHECK_IGNORE += "CVE-2024-24576" -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198480): https://lists.openembedded.org/g/openembedded-core/message/198480 Mute This Topic: https://lists.openembedded.org/mt/105585672/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][kirkstone 2/7] ruby: fix CVE-2024-27281
From: Yogita Urade ruby: RCE vulnerability with .rdoc_options in RDoc References: https://github.com/ruby/ruby/pull/10316 https://security-tracker.debian.org/tracker/CVE-2024-27281 Signed-off-by: Yogita Urade Signed-off-by: Steve Sakoman --- .../ruby/ruby/CVE-2024-27281.patch| 97 +++ meta/recipes-devtools/ruby/ruby_3.1.3.bb | 1 + 2 files changed, 98 insertions(+) create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-27281.patch diff --git a/meta/recipes-devtools/ruby/ruby/CVE-2024-27281.patch b/meta/recipes-devtools/ruby/ruby/CVE-2024-27281.patch new file mode 100644 index 00..6f4b35a786 --- /dev/null +++ b/meta/recipes-devtools/ruby/ruby/CVE-2024-27281.patch @@ -0,0 +1,97 @@ +From da7a0c7553ef7250ca665a3fecdc01dbaacbb43d Mon Sep 17 00:00:00 2001 +From: Nobuyoshi Nakada +Date: Mon, 15 Apr 2024 11:40:00 + +Subject: [PATCH] Filter marshaled objets + +CVE: CVE-2024-27281 +Upstream-Status: Backport [https://github.com/ruby/rdoc/commit/da7a0c7553ef7250ca665a3fecdc01dbaacbb43d] + +Signed-off-by: Yogita Urade +--- + lib/rdoc/store.rb | 45 ++--- + 1 file changed, 26 insertions(+), 19 deletions(-) + +diff --git a/lib/rdoc/store.rb b/lib/rdoc/store.rb +index 5ba671c..c793e49 100644 +--- a/lib/rdoc/store.rb b/lib/rdoc/store.rb +@@ -556,9 +556,7 @@ class RDoc::Store + def load_cache + #orig_enc = @encoding + +-File.open cache_path, 'rb' do |io| +- @cache = Marshal.load io.read +-end ++@cache = marshal_load(cache_path) + + load_enc = @cache[:encoding] + +@@ -615,9 +613,7 @@ class RDoc::Store + def load_class_data klass_name + file = class_file klass_name + +-File.open file, 'rb' do |io| +- Marshal.load io.read +-end ++marshal_load(file) + rescue Errno::ENOENT => e + error = MissingFileError.new(self, file, klass_name) + error.set_backtrace e.backtrace +@@ -630,14 +626,10 @@ class RDoc::Store + def load_method klass_name, method_name + file = method_file klass_name, method_name + +-File.open file, 'rb' do |io| +- obj = Marshal.load io.read +- obj.store = self +- obj.parent = +-find_class_or_module(klass_name) || load_class(klass_name) unless +- obj.parent +- obj +-end ++obj = marshal_load(file) ++obj.store = self ++obj.parent ||= find_class_or_module(klass_name) || load_class(klass_name) ++obj + rescue Errno::ENOENT => e + error = MissingFileError.new(self, file, klass_name + method_name) + error.set_backtrace e.backtrace +@@ -650,11 +642,9 @@ class RDoc::Store + def load_page page_name + file = page_file page_name + +-File.open file, 'rb' do |io| +- obj = Marshal.load io.read +- obj.store = self +- obj +-end ++obj = marshal_load(file) ++obj.store = self ++obj + rescue Errno::ENOENT => e + error = MissingFileError.new(self, file, page_name) + error.set_backtrace e.backtrace +@@ -976,4 +966,21 @@ class RDoc::Store + @unique_modules + end + ++ private ++ def marshal_load(file) ++File.open(file, 'rb') {|io| Marshal.load(io, MarshalFilter)} ++ end ++ ++ MarshalFilter = proc do |obj| ++case obj ++when true, false, nil, Array, Class, Encoding, Hash, Integer, String, Symbol, RDoc::Text ++else ++ unless obj.class.name.start_with?("RDoc::") ++raise TypeError, "not permitted class: #{obj.class.name}" ++ end ++end ++obj ++ end ++ private_constant :MarshalFilter ++ + end +-- +2.35.5 diff --git a/meta/recipes-devtools/ruby/ruby_3.1.3.bb b/meta/recipes-devtools/ruby/ruby_3.1.3.bb index 228a2204db..2ad3c9e207 100644 --- a/meta/recipes-devtools/ruby/ruby_3.1.3.bb +++ b/meta/recipes-devtools/ruby/ruby_3.1.3.bb @@ -33,6 +33,7 @@ SRC_URI = "http://cache.ruby-lang.org/pub/ruby/${SHRT_VER}/ruby-${PV}.tar.gz \ file://CVE-2023-28755.patch \ file://CVE-2023-36617_1.patch \ file://CVE-2023-36617_2.patch \ + file://CVE-2024-27281.patch \ " UPSTREAM_CHECK_URI = "https://www.ruby-lang.org/en/downloads/; -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198479): https://lists.openembedded.org/g/openembedded-core/message/198479 Mute This Topic: https://lists.openembedded.org/mt/105585671/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][kirkstone 1/7] libssh2: fix CVE-2023-48795
From: Meenali Gupta References: https://nvd.nist.gov/vuln/detail/CVE-2023-48795 Signed-off-by: Meenali Gupta Signed-off-by: Steve Sakoman --- .../libssh2/libssh2/CVE-2023-48795.patch | 459 ++ .../recipes-support/libssh2/libssh2_1.10.0.bb | 1 + 2 files changed, 460 insertions(+) create mode 100644 meta/recipes-support/libssh2/libssh2/CVE-2023-48795.patch diff --git a/meta/recipes-support/libssh2/libssh2/CVE-2023-48795.patch b/meta/recipes-support/libssh2/libssh2/CVE-2023-48795.patch new file mode 100644 index 00..c7a228217f --- /dev/null +++ b/meta/recipes-support/libssh2/libssh2/CVE-2023-48795.patch @@ -0,0 +1,459 @@ +From d34d9258b8420b19ec3f97b4cc5bf7aa7d98e35a Mon Sep 17 00:00:00 2001 +From: Michael Buckley +Date: Thu, 30 Nov 2023 15:08:02 -0800 +Subject: [PATCH] src: add 'strict KEX' to fix CVE-2023-48795 "Terrapin Attack" + +Refs: +https://terrapin-attack.com/ https://seclists.org/oss-sec/2023/q4/292 +https://osv.dev/list?ecosystem==CVE-2023-48795 GHSA-45x7-px36-x8w8 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 + +Fixes #1290 +Closes #1291 + +CVE: CVE-2023-48795 +Upstream-Status: Backport [https://github.com/libssh2/libssh2/commit/d34d9258b8420b19ec3f97b4cc5bf7aa7d98e35a] + +Signed-off-by: Meenali Gupta +--- + src/kex.c | 64 +- + src/libssh2_priv.h | 18 +++--- + src/packet.c | 85 +++--- + src/packet.h | 2 +- + src/session.c | 3 ++ + src/transport.c| 12 ++- + 6 files changed, 150 insertions(+), 34 deletions(-) + +diff --git a/src/kex.c b/src/kex.c +index 9f3ef79..e040dcd 100644 +--- a/src/kex.c b/src/kex.c +@@ -3026,6 +3026,13 @@ kex_method_ssh_curve25519_sha256 = { + }; + #endif + ++static const LIBSSH2_KEX_METHOD ++kex_method_strict_client_extension = { ++"kex-strict-c-...@openssh.com", ++NULL, ++0, ++}; ++ + static const LIBSSH2_KEX_METHOD *libssh2_kex_methods[] = { + #if LIBSSH2_ED25519 + _method_ssh_curve25519_sha256, +@@ -3043,6 +3050,7 @@ static const LIBSSH2_KEX_METHOD *libssh2_kex_methods[] = { + _method_diffie_helman_group14_sha1, + _method_diffie_helman_group1_sha1, + _method_diffie_helman_group_exchange_sha1, ++_method_strict_client_extension, + NULL + }; + +@@ -3281,13 +3289,13 @@ static int kexinit(LIBSSH2_SESSION * session) + return 0; + } + +-/* kex_agree_instr ++/* _libssh2_kex_agree_instr + * Kex specific variant of strstr() + * Needle must be precede by BOL or ',', and followed by ',' or EOL + */ +-static unsigned char * +-kex_agree_instr(unsigned char *haystack, unsigned long haystack_len, +-const unsigned char *needle, unsigned long needle_len) ++unsigned char * ++_libssh2_kex_agree_instr(unsigned char *haystack, size_t haystack_len, ++ const unsigned char *needle, size_t needle_len) + { + unsigned char *s; + unsigned char *end_haystack; +@@ -3371,7 +3379,7 @@ static int kex_agree_hostkey(LIBSSH2_SESSION * session, + while(s && *s) { + unsigned char *p = (unsigned char *) strchr((char *) s, ','); + size_t method_len = (p ? (size_t)(p - s) : strlen((char *) s)); +-if(kex_agree_instr(hostkey, hostkey_len, s, method_len)) { ++ if(_libssh2_kex_agree_instr(hostkey, hostkey_len, s, method_len)) { + const LIBSSH2_HOSTKEY_METHOD *method = + (const LIBSSH2_HOSTKEY_METHOD *) + kex_get_method_by_name((char *) s, method_len, +@@ -3405,9 +3413,9 @@ static int kex_agree_hostkey(LIBSSH2_SESSION * session, + } + + while(hostkeyp && (*hostkeyp) && (*hostkeyp)->name) { +-s = kex_agree_instr(hostkey, hostkey_len, +-(unsigned char *) (*hostkeyp)->name, +-strlen((*hostkeyp)->name)); ++s = _libssh2_kex_agree_instr(hostkey, hostkey_len, ++ (unsigned char *) (*hostkeyp)->name, ++ strlen((*hostkeyp)->name)); + if(s) { + /* So far so good, but does it suit our purposes? (Encrypting vs +Signing) */ +@@ -3442,13 +3450,19 @@ static int kex_agree_kex_hostkey(LIBSSH2_SESSION * session, unsigned char *kex, + const LIBSSH2_KEX_METHOD **kexp = libssh2_kex_methods; + unsigned char *s; + ++const unsigned char *strict = ++(unsigned char *)"kex-strict-s-...@openssh.com"; ++ ++if(_libssh2_kex_agree_instr(kex, kex_len, strict, 28)) { ++session->kex_strict = 1; ++} + if(session->kex_prefs) { + s = (unsigned char *) session->kex_prefs; + + while(s && *s) { + unsigned char *q, *p = (unsigned char *) strchr((char *) s, ','); + size_t method_len = (p ? (size_t)(p - s) : strlen((char *
[OE-core][kirkstone 0/7] Patch review
Please review this set of changes for kirkstone and have comments back by end of day Friday, April 19 Passed a-full on autobuilder: https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6817 The following changes since commit f94c74cee8b2650dd3211a49dc7e88bf60d2e6a7: tcl: skip async and event tests in run-ptest (2024-04-16 05:00:24 -0700) are available in the Git repository at: https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut Harish Sadineni (1): rust: add CVE_CHECK_IGNORE for CVE-2024-24576 Meenali Gupta (1): libssh2: fix CVE-2023-48795 Poonam Jadhav (1): ppp: Add RSA-MD in LICENSE Sana Kazi (1): systemd: Fix vlan qos mapping Soumya Sambu (1): nghttp2: Fix CVE-2024-28182 Steve Sakoman (1): valgrind: skip intermittently failing ptest Yogita Urade (1): ruby: fix CVE-2024-27281 meta/recipes-connectivity/ppp/ppp_2.4.9.bb| 2 +- .../systemd/fix-vlan-qos-mapping.patch| 140 ++ meta/recipes-core/systemd/systemd_250.5.bb| 1 + .../ruby/ruby/CVE-2024-27281.patch| 97 meta/recipes-devtools/ruby/ruby_3.1.3.bb | 1 + meta/recipes-devtools/rust/rust-source.inc| 3 + .../valgrind/valgrind/remove-for-all | 2 + .../libssh2/libssh2/CVE-2023-48795.patch | 459 ++ .../recipes-support/libssh2/libssh2_1.10.0.bb | 1 + .../nghttp2/nghttp2/CVE-2024-28182-0001.patch | 110 + .../nghttp2/nghttp2/CVE-2024-28182-0002.patch | 105 .../recipes-support/nghttp2/nghttp2_1.47.0.bb | 2 + 12 files changed, 922 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-core/systemd/systemd/fix-vlan-qos-mapping.patch create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-27281.patch create mode 100644 meta/recipes-support/libssh2/libssh2/CVE-2023-48795.patch create mode 100644 meta/recipes-support/nghttp2/nghttp2/CVE-2024-28182-0001.patch create mode 100644 meta/recipes-support/nghttp2/nghttp2/CVE-2024-28182-0002.patch -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198477): https://lists.openembedded.org/g/openembedded-core/message/198477 Mute This Topic: https://lists.openembedded.org/mt/105585663/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][kirkstone 10/10] tcl: skip async and event tests in run-ptest
From: Ross Burton These test suites are full of timing-sensitive test cases, so skip them too. [ YOCTO #15321 ] Signed-off-by: Ross Burton Signed-off-by: Richard Purdie (cherry picked from commit dd06c3668dbe9ec1cf9a0a84d7a6bc9851f9c662) Signed-off-by: Steve Sakoman --- meta/recipes-devtools/tcltk/tcl/run-ptest | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta/recipes-devtools/tcltk/tcl/run-ptest b/meta/recipes-devtools/tcltk/tcl/run-ptest index 51e1e4aa7b..87e025fce1 100644 --- a/meta/recipes-devtools/tcltk/tcl/run-ptest +++ b/meta/recipes-devtools/tcltk/tcl/run-ptest @@ -5,8 +5,8 @@ export TZ="Europe/London" export TCL_LIBRARY=library # Some tests are overly strict with timings and fail on loaded systems. -# See bugs #14825 #14882 #15081. -SKIPPED_TESTS='cmdMZ-6.6 exit-1.* socket-* socket_inet-*' +# See bugs #14825 #14882 #15081 #15321. +SKIPPED_TESTS='async-* cmdMZ-6.6 event-* exit-1.* socket-* socket_inet-*' for i in `ls tests/*.test | awk -F/ '{print $2}'`; do ./tcltest tests/all.tcl -file $i -skip "$SKIPPED_TESTS" >$i.log 2>&1 -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198447): https://lists.openembedded.org/g/openembedded-core/message/198447 Mute This Topic: https://lists.openembedded.org/mt/105554923/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][kirkstone 09/10] tcl: skip timing-dependent tests in run-ptest
From: Ross Burton There are several tests in the test suite which are very dependent on timing and fail on a loaded host system, so skip them. [ YOCTO #14825 #14882 #15081 ] Signed-off-by: Ross Burton Signed-off-by: Alexandre Belloni (cherry picked from commit 68beb4f4b5a0bea5d431decddf7656f18ac7a04a) Signed-off-by: Steve Sakoman --- meta/recipes-devtools/tcltk/tcl/run-ptest | 6 +- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/meta/recipes-devtools/tcltk/tcl/run-ptest b/meta/recipes-devtools/tcltk/tcl/run-ptest index 5b9127784e..51e1e4aa7b 100644 --- a/meta/recipes-devtools/tcltk/tcl/run-ptest +++ b/meta/recipes-devtools/tcltk/tcl/run-ptest @@ -3,7 +3,11 @@ # clock.test needs a timezone to be set export TZ="Europe/London" export TCL_LIBRARY=library -SKIPPED_TESTS= + +# Some tests are overly strict with timings and fail on loaded systems. +# See bugs #14825 #14882 #15081. +SKIPPED_TESTS='cmdMZ-6.6 exit-1.* socket-* socket_inet-*' + for i in `ls tests/*.test | awk -F/ '{print $2}'`; do ./tcltest tests/all.tcl -file $i -skip "$SKIPPED_TESTS" >$i.log 2>&1 grep -q -F -e "Files with failing tests:" -e "Test files exiting with errors:" $i.log -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198446): https://lists.openembedded.org/g/openembedded-core/message/198446 Mute This Topic: https://lists.openembedded.org/mt/105554922/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][kirkstone 07/10] Revert "expat: fix CVE-2023-52425"
This reverts commit 1bdcd10930a2998f6bbe56b3ba4c9b6c91203b39. Causes ptest failures: {'expat': ['test_accounting_precision', 'test_return_ns_triplet', 'test_column_number_after_parse', 'test_default_current', 'test_external_entity_values']} Signed-off-by: Steve Sakoman --- .../expat/expat/CVE-2023-52425-0001.patch | 40 .../expat/expat/CVE-2023-52425-0002.patch | 87 --- .../expat/expat/CVE-2023-52425-0003.patch | 222 -- .../expat/expat/CVE-2023-52425-0004.patch | 42 .../expat/expat/CVE-2023-52425-0005.patch | 69 -- .../expat/expat/CVE-2023-52425-0006.patch | 67 -- .../expat/expat/CVE-2023-52425-0007.patch | 159 - .../expat/expat/CVE-2023-52425-0008.patch | 95 .../expat/expat/CVE-2023-52425-0009.patch | 52 .../expat/expat/CVE-2023-52425-0010.patch | 111 - .../expat/expat/CVE-2023-52425-0011.patch | 89 --- .../expat/expat/CVE-2023-52425-0012.patch | 87 --- meta/recipes-core/expat/expat_2.5.0.bb| 12 - 13 files changed, 1132 deletions(-) delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0001.patch delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0002.patch delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0003.patch delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0004.patch delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0005.patch delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0006.patch delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0007.patch delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0008.patch delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0009.patch delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0010.patch delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0011.patch delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0012.patch diff --git a/meta/recipes-core/expat/expat/CVE-2023-52425-0001.patch b/meta/recipes-core/expat/expat/CVE-2023-52425-0001.patch deleted file mode 100644 index 4e21ade018..00 --- a/meta/recipes-core/expat/expat/CVE-2023-52425-0001.patch +++ /dev/null @@ -1,40 +0,0 @@ -From d5b02e96ab95d2a7ae0aea72d00054b9d036d76d Mon Sep 17 00:00:00 2001 -From: Sebastian Pipping -Date: Thu, 9 Nov 2023 19:28:05 +0100 -Subject: [PATCH] xmlwf: Document argument "-q" - -Rebased-and-adapted-by: Snild Dolkow - -CVE: CVE-2023-52425 - -Upstream-Status: Backport [https://github.com/libexpat/libexpat/commit/d5b02e96ab95d2a7ae0aea72d00054b9d036d76d] - -Signed-off-by: Meenali Gupta - doc/xmlwf.xml | 10 ++ - 1 file changed, 10 insertions(+) - -diff --git a/doc/xmlwf.xml b/doc/xmlwf.xml -index 9603abf..3d35393 100644 a/doc/xmlwf.xml -+++ b/doc/xmlwf.xml -@@ -313,6 +313,16 @@ supports both. - - - -+ -+-q -+ -+ -+Disable reparse deferral, and allow quadratic parse runtime -+on large tokens (default: reparse deferral enabled). -+ -+ -+ -+ - - -r - --- -2.40.0 - diff --git a/meta/recipes-core/expat/expat/CVE-2023-52425-0002.patch b/meta/recipes-core/expat/expat/CVE-2023-52425-0002.patch deleted file mode 100644 index 8376727778..00 --- a/meta/recipes-core/expat/expat/CVE-2023-52425-0002.patch +++ /dev/null @@ -1,87 +0,0 @@ -From 09fdf998e7cf3f8f9327e6602077791095aedd4d Mon Sep 17 00:00:00 2001 -From: Sebastian Pipping -Date: Thu, 9 Nov 2023 19:14:14 +0100 -Subject: [PATCH] xmlwf: Support disabling reparse deferral - -Rebased-and-adapted-by: Snild Dolkow - -CVE: CVE-2023-52425 - -Upstream-Status: Backport [https://github.com/libexpat/libexpat/commit/09fdf998e7cf3f8f9327e6602077791095aedd4d] - -Signed-off-by: Meenali Gupta - xmlwf/xmlwf.c | 20 - xmlwf/xmlwf_helpgen.py | 4 - 2 files changed, 24 insertions(+) - -diff --git a/xmlwf/xmlwf.c b/xmlwf/xmlwf.c -index dd023a9..9a5441c 100644 a/xmlwf/xmlwf.c -+++ b/xmlwf/xmlwf.c -@@ -911,6 +911,9 @@ usage(const XML_Char *prog, int rc) { - T("billion laughs attack protection:\n") - T(" NOTE: If you ever need to increase these values for non-attack payload, please file a bug report.\n") - T("\n") -+ T("reparse deferral:\n") -+ T(" -q disable reparse deferral, and allow [q]uadratic parse runtime with large tokens\n") -+ T("\n") - T(" -a FACTOR set maximum tolerated [a]mplification factor (default: 100.0)\n") - T(" -b BYTES set number of output [b]ytes needed to activate (default: 8 MiB)\n") - T("\n") -@@ -967,6 +970,8 @@ tmain(int argc, XML_Char **argv) { - unsigned long long attackThresh
[OE-core][kirkstone 08/10] tcl: Add a way to skip ptests
From: Khem Raj Some tests hardcode assumptions on locales, which may not be present in musl systems e.g., therefore add a way to skip such tests using -skip option. Skip unixInit-3* test on musl Signed-off-by: Khem Raj Signed-off-by: Alexandre Belloni (cherry picked from commit fa66f1cee2d88c2276442e8b4aaeccde5490f9ea) Signed-off-by: Steve Sakoman --- meta/recipes-devtools/tcltk/tcl/run-ptest | 4 ++-- meta/recipes-devtools/tcltk/tcl_8.6.11.bb | 5 + 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/meta/recipes-devtools/tcltk/tcl/run-ptest b/meta/recipes-devtools/tcltk/tcl/run-ptest index a62b703082..5b9127784e 100644 --- a/meta/recipes-devtools/tcltk/tcl/run-ptest +++ b/meta/recipes-devtools/tcltk/tcl/run-ptest @@ -3,9 +3,9 @@ # clock.test needs a timezone to be set export TZ="Europe/London" export TCL_LIBRARY=library - +SKIPPED_TESTS= for i in `ls tests/*.test | awk -F/ '{print $2}'`; do -./tcltest tests/all.tcl -file $i >$i.log 2>&1 +./tcltest tests/all.tcl -file $i -skip "$SKIPPED_TESTS" >$i.log 2>&1 grep -q -F -e "Files with failing tests:" -e "Test files exiting with errors:" $i.log if [ $? -eq 0 ]; then echo "FAIL: $i" diff --git a/meta/recipes-devtools/tcltk/tcl_8.6.11.bb b/meta/recipes-devtools/tcltk/tcl_8.6.11.bb index b591671868..f8f3d7dd3f 100644 --- a/meta/recipes-devtools/tcltk/tcl_8.6.11.bb +++ b/meta/recipes-devtools/tcltk/tcl_8.6.11.bb @@ -89,6 +89,11 @@ do_install_ptest() { cp -r ${S}/tests ${D}${PTEST_PATH} } +do_install_ptest:append:libc-musl () { + # Assumes locales other than provided by musl-locales + sed -i -e 's|SKIPPED_TESTS=|SKIPPED_TESTS="unixInit-3*"|' ${D}${PTEST_PATH}/run-ptest +} + # Fix some paths that might be used by Tcl extensions BINCONFIG_GLOB = "*Config.sh" -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198445): https://lists.openembedded.org/g/openembedded-core/message/198445 Mute This Topic: https://lists.openembedded.org/mt/105554921/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][kirkstone 06/10] ncurses: patch CVE-2023-50495
From: Peter Marko backport relevant parts from https://invisible-island.net/archives/ncurses/6.4/ncurses-6.4-20230424.patch.gz Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../ncurses/files/CVE-2023-50495.patch| 81 +++ .../ncurses/ncurses_6.3+20220423.bb | 1 + 2 files changed, 82 insertions(+) create mode 100644 meta/recipes-core/ncurses/files/CVE-2023-50495.patch diff --git a/meta/recipes-core/ncurses/files/CVE-2023-50495.patch b/meta/recipes-core/ncurses/files/CVE-2023-50495.patch new file mode 100644 index 00..e5a8f43b01 --- /dev/null +++ b/meta/recipes-core/ncurses/files/CVE-2023-50495.patch @@ -0,0 +1,81 @@ +commit ebc08cff36689eec54edc1ce2de6ebac826bd6cd +Author: Peter Marko +Date: Fri Apr 12 23:56:25 2024 +0200 + +check return value of _nc_save_str(), in special case for tic where +extended capabilities are processed but the terminal description was +not initialized (report by Ziqiao Kong). + +Only parts relevant for this CVE was extracted from upstream patch. + +CVE: CVE-2023-45853 +Upstream-Status: Backport [https://invisible-island.net/archives/ncurses/6.4/ncurses-6.4-20230424.patch.gz] + +Signed-off-by: Peter Marko + +--- + ncurses/tinfo/parse_entry.c | 23 --- + 1 file changed, 16 insertions(+), 7 deletions(-) + +diff --git a/ncurses/tinfo/parse_entry.c b/ncurses/tinfo/parse_entry.c +index a77cd0b..8ac02ac 100644 +--- a/ncurses/tinfo/parse_entry.c b/ncurses/tinfo/parse_entry.c +@@ -110,7 +110,7 @@ _nc_extend_names(ENTRY * entryp, const char *name, int token_type) + /* Well, we are given a cancel for a name that we don't recognize */ + return _nc_extend_names(entryp, name, STRING); + default: +- return 0; ++ return NULL; + } + + /* Adjust the 'offset' (insertion-point) to keep the lists of extended +@@ -142,6 +142,11 @@ _nc_extend_names(ENTRY * entryp, const char *name, int token_type) + for (last = (unsigned) (max - 1); last > tindex; last--) + + if (!found) { ++ char *saved; ++ ++ if ((saved = _nc_save_str(name)) == NULL) ++ return NULL; ++ + switch (token_type) { + case BOOLEAN: + tp->ext_Booleans++; +@@ -169,7 +174,7 @@ _nc_extend_names(ENTRY * entryp, const char *name, int token_type) + TYPE_REALLOC(char *, actual, tp->ext_Names); + while (--actual > offset) + tp->ext_Names[actual] = tp->ext_Names[actual - 1]; +- tp->ext_Names[offset] = _nc_save_str(name); ++ tp->ext_Names[offset] = saved; + } + + temp.nte_name = tp->ext_Names[offset]; +@@ -337,6 +342,8 @@ _nc_parse_entry(ENTRY * entryp, int literal, bool silent) + bool is_use = (strcmp(_nc_curr_token.tk_name, "use") == 0); + bool is_tc = !is_use && (strcmp(_nc_curr_token.tk_name, "tc") == 0); + if (is_use || is_tc) { ++ char *saved; ++ + if (!VALID_STRING(_nc_curr_token.tk_valstring) + || _nc_curr_token.tk_valstring[0] == '\0') { + _nc_warning("missing name for use-clause"); +@@ -350,11 +357,13 @@ _nc_parse_entry(ENTRY * entryp, int literal, bool silent) + _nc_curr_token.tk_valstring); + continue; + } +- entryp->uses[entryp->nuses].name = _nc_save_str(_nc_curr_token.tk_valstring); +- entryp->uses[entryp->nuses].line = _nc_curr_line; +- entryp->nuses++; +- if (entryp->nuses > 1 && is_tc) { +- BAD_TC_USAGE ++ if ((saved = _nc_save_str(_nc_curr_token.tk_valstring)) != NULL) { ++ entryp->uses[entryp->nuses].name = saved; ++ entryp->uses[entryp->nuses].line = _nc_curr_line; ++ entryp->nuses++; ++ if (entryp->nuses > 1 && is_tc) { ++ BAD_TC_USAGE ++ } + } + } else { + /* normal token lookup */ diff --git a/meta/recipes-core/ncurses/ncurses_6.3+20220423.bb b/meta/recipes-core/ncurses/ncurses_6.3+20220423.bb index a34a7bdfdc..da1e6d838d 100644 --- a/meta/recipes-core/ncurses/ncurses_6.3+20220423.bb +++ b/meta/recipes-core/ncurses/ncurses_6.3+20220423.bb @@ -4,6 +4,7 @@ SRC_URI += "file://0001-tic-hang.patch \ file://0002-configure-reproducible.patch \ file://0003-gen-pkgconfig.in-Do-not-include-LDFLAGS-in-generated.patch \ file://CVE-2023-29491.patch \ + file://CVE-2023-50495.patch \ " # commit id corresponds to the revision in package version SRCREV = "a0bc708bc6954b5d3c0a38d92b683c3ec3135260" -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198443): https://lists.openembedded.org/g/openembedded-core/message/198443 Mute This Topic: https://lists.openembedded.org/mt/105554917/21656 G
[OE-core][kirkstone 05/10] openssl: patch CVE-2024-2511
From: Peter Marko Patch: https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d News: https://github.com/openssl/openssl/commit/daee101e39073d4b65a68faeb2f2de5ad7b05c36 Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../openssl/openssl/CVE-2024-2511.patch | 122 ++ .../openssl/openssl_3.0.13.bb | 1 + 2 files changed, 123 insertions(+) create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch new file mode 100644 index 00..8aea686205 --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch @@ -0,0 +1,122 @@ +From b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Tue, 5 Mar 2024 15:43:53 + +Subject: [PATCH] Fix unconstrained session cache growth in TLSv1.3 + +In TLSv1.3 we create a new session object for each ticket that we send. +We do this by duplicating the original session. If SSL_OP_NO_TICKET is in +use then the new session will be added to the session cache. However, if +early data is not in use (and therefore anti-replay protection is being +used), then multiple threads could be resuming from the same session +simultaneously. If this happens and a problem occurs on one of the threads, +then the original session object could be marked as not_resumable. When we +duplicate the session object this not_resumable status gets copied into the +new session object. The new session object is then added to the session +cache even though it is not_resumable. + +Subsequently, another bug means that the session_id_length is set to 0 for +sessions that are marked as not_resumable - even though that session is +still in the cache. Once this happens the session can never be removed from +the cache. When that object gets to be the session cache tail object the +cache never shrinks again and grows indefinitely. + +CVE-2024-2511 + +Reviewed-by: Neil Horman +Reviewed-by: Tomas Mraz +(Merged from https://github.com/openssl/openssl/pull/24044) + +(cherry picked from commit 7e4d731b1c07201ad9374c1cd9ac5263bdf35bce) + +CVE: CVE-2024-2511 +Upstream-Status: Backport [https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d] +Signed-off-by: Peter Marko +--- + ssl/ssl_lib.c| 5 +++-- + ssl/ssl_sess.c | 28 ++-- + ssl/statem/statem_srvr.c | 5 ++--- + 3 files changed, 27 insertions(+), 11 deletions(-) + +diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c +index 2c8479eb5fc69..eed649c6fdee9 100644 +--- a/ssl/ssl_lib.c b/ssl/ssl_lib.c +@@ -3736,9 +3736,10 @@ void ssl_update_cache(SSL *s, int mode) + + /* + * If the session_id_length is 0, we are not supposed to cache it, and it +- * would be rather hard to do anyway :-) ++ * would be rather hard to do anyway :-). Also if the session has already ++ * been marked as not_resumable we should not cache it for later reuse. + */ +-if (s->session->session_id_length == 0) ++if (s->session->session_id_length == 0 || s->session->not_resumable) + return; + + /* +diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c +index d836b33ed0e81..75adbd9e52b40 100644 +--- a/ssl/ssl_sess.c b/ssl/ssl_sess.c +@@ -152,16 +152,11 @@ SSL_SESSION *SSL_SESSION_new(void) + return ss; + } + +-SSL_SESSION *SSL_SESSION_dup(const SSL_SESSION *src) +-{ +-return ssl_session_dup(src, 1); +-} +- + /* + * Create a new SSL_SESSION and duplicate the contents of |src| into it. If + * ticket == 0 then no ticket information is duplicated, otherwise it is. + */ +-SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket) ++static SSL_SESSION *ssl_session_dup_intern(const SSL_SESSION *src, int ticket) + { + SSL_SESSION *dest; + +@@ -285,6 +280,27 @@ SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket) + return NULL; + } + ++SSL_SESSION *SSL_SESSION_dup(const SSL_SESSION *src) ++{ ++return ssl_session_dup_intern(src, 1); ++} ++ ++/* ++ * Used internally when duplicating a session which might be already shared. ++ * We will have resumed the original session. Subsequently we might have marked ++ * it as non-resumable (e.g. in another thread) - but this copy should be ok to ++ * resume from. ++ */ ++SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket) ++{ ++SSL_SESSION *sess = ssl_session_dup_intern(src, ticket); ++ ++if (sess != NULL) ++sess->not_resumable = 0; ++ ++return sess; ++} ++ + const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len) + { + if (len) +diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c +index a9e67f9d32a77..6c942e6bcec29 100644 +--- a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c +@@ -2338,9 +2338,8 @@ int tls_c
[OE-core][kirkstone 04/10] xserver-xorg: Fix for CVE-2024-31080 and CVE-2024-31081
From: Vijay Anusuri Upstream-Status: Backport from https://gitlab.freedesktop.org/xorg/xserver/-/commit/96798fc1967491c80a4d0c8d9e0a80586cb2152b & https://gitlab.freedesktop.org/xorg/xserver/-/commit/3e77295f888c67fc7645db5d0c00926a29ffecee Signed-off-by: Vijay Anusuri Signed-off-by: Steve Sakoman --- .../xserver-xorg/CVE-2024-31080.patch | 49 +++ .../xserver-xorg/CVE-2024-31081.patch | 47 ++ .../xorg-xserver/xserver-xorg_21.1.8.bb | 2 + 3 files changed, 98 insertions(+) create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31080.patch create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31081.patch diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31080.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31080.patch new file mode 100644 index 00..40296903cd --- /dev/null +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31080.patch @@ -0,0 +1,49 @@ +From 96798fc1967491c80a4d0c8d9e0a80586cb2152b Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith +Date: Fri, 22 Mar 2024 18:51:45 -0700 +Subject: [PATCH] Xi: ProcXIGetSelectedEvents needs to use unswapped length to + send reply + +CVE-2024-31080 + +Reported-by: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=69762 +Fixes: 53e821ab4 ("Xi: add request processing for XIGetSelectedEvents.") +Signed-off-by: Alan Coopersmith +Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1463> + +Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/96798fc1967491c80a4d0c8d9e0a80586cb2152b] +CVE: CVE-2024-31080 +Signed-off-by: Vijay Anusuri +--- + Xi/xiselectev.c | 5 - + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/Xi/xiselectev.c b/Xi/xiselectev.c +index edcb8a0d36..ac14949871 100644 +--- a/Xi/xiselectev.c b/Xi/xiselectev.c +@@ -349,6 +349,7 @@ ProcXIGetSelectedEvents(ClientPtr client) + InputClientsPtr others = NULL; + xXIEventMask *evmask = NULL; + DeviceIntPtr dev; ++uint32_t length; + + REQUEST(xXIGetSelectedEventsReq); + REQUEST_SIZE_MATCH(xXIGetSelectedEventsReq); +@@ -418,10 +419,12 @@ ProcXIGetSelectedEvents(ClientPtr client) + } + } + ++/* save the value before SRepXIGetSelectedEvents swaps it */ ++length = reply.length; + WriteReplyToClient(client, sizeof(xXIGetSelectedEventsReply), ); + + if (reply.num_masks) +-WriteToClient(client, reply.length * 4, buffer); ++WriteToClient(client, length * 4, buffer); + + free(buffer); + return Success; +-- +GitLab + diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31081.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31081.patch new file mode 100644 index 00..4380004700 --- /dev/null +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31081.patch @@ -0,0 +1,47 @@ +From 3e77295f888c67fc7645db5d0c00926a29ffecee Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith +Date: Fri, 22 Mar 2024 18:56:27 -0700 +Subject: [PATCH] Xi: ProcXIPassiveGrabDevice needs to use unswapped length to + send reply + +CVE-2024-31081 + +Fixes: d220d6907 ("Xi: add GrabButton and GrabKeysym code.") +Signed-off-by: Alan Coopersmith +Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1463> + +Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/3e77295f888c67fc7645db5d0c00926a29ffecee] +CVE: CVE-2024-31081 +Signed-off-by: Vijay Anusuri +--- + Xi/xipassivegrab.c | 5 - + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/Xi/xipassivegrab.c b/Xi/xipassivegrab.c +index c9ac2f8553..896233bec2 100644 +--- a/Xi/xipassivegrab.c b/Xi/xipassivegrab.c +@@ -93,6 +93,7 @@ ProcXIPassiveGrabDevice(ClientPtr client) + GrabParameters param; + void *tmp; + int mask_len; ++uint32_t length; + + REQUEST(xXIPassiveGrabDeviceReq); + REQUEST_FIXED_SIZE(xXIPassiveGrabDeviceReq, +@@ -247,9 +248,11 @@ ProcXIPassiveGrabDevice(ClientPtr client) + } + } + ++/* save the value before SRepXIPassiveGrabDevice swaps it */ ++length = rep.length; + WriteReplyToClient(client, sizeof(rep), ); + if (rep.num_modifiers) +-WriteToClient(client, rep.length * 4, modifiers_failed); ++WriteToClient(client, length * 4, modifiers_failed); + + out: + free(modifiers_failed); +-- +GitLab + diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.8.bb b/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.8.bb index e62babd4cb..b9eed92103 100644 --- a/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.8.bb +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.8.bb @@ -16,6 +16,8 @@ SRC_URI += "file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.pat file://CVE-2024-21886-2.patch \ file://CVE-2024
[OE-core][kirkstone 03/10] openssh: Add CVE-2023-51767 to CVE_CHECK_IGNORE
From: Sana Kazi Add CVE-2023-51767 to CVE_CHECK_IGNORE to avoid in cve-check reports as upstream does not consider CVE-2023-51767 a bug underlying in OpenSSH and does not intent to address it in OpenSSH. Signed-off-by: Sana Kazi Signed-off-by: Sana Kazi Signed-off-by: Steve Sakoman --- meta/recipes-connectivity/openssh/openssh_8.9p1.bb | 5 + 1 file changed, 5 insertions(+) diff --git a/meta/recipes-connectivity/openssh/openssh_8.9p1.bb b/meta/recipes-connectivity/openssh/openssh_8.9p1.bb index bc8e2d81b8..6411a64eff 100644 --- a/meta/recipes-connectivity/openssh/openssh_8.9p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_8.9p1.bb @@ -49,6 +49,11 @@ CVE_CHECK_IGNORE += "CVE-2014-9278" # CVE only applies to some distributed RHEL binaries CVE_CHECK_IGNORE += "CVE-2008-3844" +# Upstream does not consider CVE-2023-51767 a bug underlying in OpenSSH and +# does not intent to address it in OpenSSH +# https://security-tracker.debian.org/tracker/CVE-2023-51767 +CVE_CHECK_IGNORE += "CVE-2023-51767" + PAM_SRC_URI = "file://sshd" inherit manpages useradd update-rc.d update-alternatives systemd -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198440): https://lists.openembedded.org/g/openembedded-core/message/198440 Mute This Topic: https://lists.openembedded.org/mt/105554913/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][kirkstone 02/10] perl: ignore CVE-2023-47100
From: Alex Stewart CVE-2023-47100 is a duplicate of CVE-2023-47038. They have the same advertised fix commit, which has already been merged into the perl_5.34.3 sources used in kirkstone. Signed-off-by: Alex Stewart Signed-off-by: Steve Sakoman --- meta/recipes-devtools/perl/perl_5.34.3.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/recipes-devtools/perl/perl_5.34.3.bb b/meta/recipes-devtools/perl/perl_5.34.3.bb index e8b518adc9..215990c8fa 100644 --- a/meta/recipes-devtools/perl/perl_5.34.3.bb +++ b/meta/recipes-devtools/perl/perl_5.34.3.bb @@ -48,6 +48,9 @@ PACKAGECONFIG[gdbm] = ",-Ui_gdbm,gdbm" # Don't generate comments in enc2xs output files. They are not reproducible export ENC2XS_NO_COMMENTS = "1" +# Duplicate of CVE-2023-47038, which has already been patched as of perl_5.34.3 +CVE_CHECK_IGNORE:append = " CVE-2023-47100" + do_configure:prepend() { cp -rfp ${STAGING_DATADIR_NATIVE}/perl-cross/* ${S} } -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198439): https://lists.openembedded.org/g/openembedded-core/message/198439 Mute This Topic: https://lists.openembedded.org/mt/105554912/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][kirkstone 01/10] cups: fix typo in CVE-2023-32360 backport patch
From: Jonathan GUILLOT Typo prevents cupsd to start correctly with following error: Unable to read "/etc/cups/cupsd.conf" due to errors. Using `/usr/sbin/cupsd -t` to check the configuration: Unknown authorization type Defaul on line 77 of /etc/cups/cupsd.conf. Unknown Policy Limit directive AuthType on line 77 of /etc/cups/cupsd.conf. Signed-off-by: Jonathan GUILLOT Signed-off-by: Steve Sakoman --- meta/recipes-extended/cups/cups/CVE-2023-32360.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-extended/cups/cups/CVE-2023-32360.patch b/meta/recipes-extended/cups/cups/CVE-2023-32360.patch index f1b0f9f918..c3db722f1f 100644 --- a/meta/recipes-extended/cups/cups/CVE-2023-32360.patch +++ b/meta/recipes-extended/cups/cups/CVE-2023-32360.patch @@ -27,7 +27,7 @@ index b258849..08f5070 100644 + + + -+AuthType Defaul ++AuthType Default Require user @OWNER @SYSTEM Order deny,allow -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198438): https://lists.openembedded.org/g/openembedded-core/message/198438 Mute This Topic: https://lists.openembedded.org/mt/105554911/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][kirkstone 00/10] Patch review
Please review this set of changes for kirkstone and have comments back by end of day Thursday, April 18 Passed a-full on autobuilder: https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6811 The following changes since commit 26a878cbfbb3bc7a6e892e105577ebf8138ce150: common-licenses: Backport missing license (2024-04-02 08:04:42 -1000) are available in the Git repository at: https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut Alex Stewart (1): perl: ignore CVE-2023-47100 Jonathan GUILLOT (1): cups: fix typo in CVE-2023-32360 backport patch Khem Raj (1): tcl: Add a way to skip ptests Peter Marko (2): openssl: patch CVE-2024-2511 ncurses: patch CVE-2023-50495 Ross Burton (2): tcl: skip timing-dependent tests in run-ptest tcl: skip async and event tests in run-ptest Sana Kazi (1): openssh: Add CVE-2023-51767 to CVE_CHECK_IGNORE Steve Sakoman (1): Revert "expat: fix CVE-2023-52425" Vijay Anusuri (1): xserver-xorg: Fix for CVE-2024-31080 and CVE-2024-31081 .../openssh/openssh_8.9p1.bb | 5 + .../openssl/openssl/CVE-2024-2511.patch | 122 ++ .../openssl/openssl_3.0.13.bb | 1 + .../expat/expat/CVE-2023-52425-0001.patch | 40 .../expat/expat/CVE-2023-52425-0002.patch | 87 --- .../expat/expat/CVE-2023-52425-0003.patch | 222 -- .../expat/expat/CVE-2023-52425-0004.patch | 42 .../expat/expat/CVE-2023-52425-0005.patch | 69 -- .../expat/expat/CVE-2023-52425-0006.patch | 67 -- .../expat/expat/CVE-2023-52425-0007.patch | 159 - .../expat/expat/CVE-2023-52425-0008.patch | 95 .../expat/expat/CVE-2023-52425-0009.patch | 52 .../expat/expat/CVE-2023-52425-0010.patch | 111 - .../expat/expat/CVE-2023-52425-0011.patch | 89 --- .../expat/expat/CVE-2023-52425-0012.patch | 87 --- meta/recipes-core/expat/expat_2.5.0.bb| 12 - .../ncurses/files/CVE-2023-50495.patch| 81 +++ .../ncurses/ncurses_6.3+20220423.bb | 1 + meta/recipes-devtools/perl/perl_5.34.3.bb | 3 + meta/recipes-devtools/tcltk/tcl/run-ptest | 6 +- meta/recipes-devtools/tcltk/tcl_8.6.11.bb | 5 + .../cups/cups/CVE-2023-32360.patch| 2 +- .../xserver-xorg/CVE-2024-31080.patch | 49 .../xserver-xorg/CVE-2024-31081.patch | 47 .../xorg-xserver/xserver-xorg_21.1.8.bb | 2 + 25 files changed, 322 insertions(+), 1134 deletions(-) create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0001.patch delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0002.patch delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0003.patch delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0004.patch delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0005.patch delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0006.patch delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0007.patch delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0008.patch delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0009.patch delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0010.patch delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0011.patch delete mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0012.patch create mode 100644 meta/recipes-core/ncurses/files/CVE-2023-50495.patch create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31080.patch create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31081.patch -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198437): https://lists.openembedded.org/g/openembedded-core/message/198437 Mute This Topic: https://lists.openembedded.org/mt/105554910/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [kirkstone][PATCH] rust: set CVE_STATUS for CVE-2024-24576
CVE_STATUS is not supported in kirkstone, you should use CVE_CHECK_IGNORE Steve On Mon, Apr 15, 2024 at 5:01 AM Sadineni, Harish via lists.openembedded.org wrote: > > From: Harish Sadineni > > CVE-2024-24576 only applies when invoking batch files (with the `bat` and > `cmd` extensions) on Windows & No other platform or use is affected. > More details about CVE is here: > https://nvd.nist.gov/vuln/detail/CVE-2024-24576 > > Signed-off-by: Harish Sadineni > --- > meta/recipes-devtools/rust/rust-source.inc | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/meta/recipes-devtools/rust/rust-source.inc > b/meta/recipes-devtools/rust/rust-source.inc > index ea70ad786f..b8dcc56482 100644 > --- a/meta/recipes-devtools/rust/rust-source.inc > +++ b/meta/recipes-devtools/rust/rust-source.inc > @@ -5,3 +5,5 @@ RUSTSRC = "${WORKDIR}/rustc-${PV}-src" > > UPSTREAM_CHECK_URI = > "https://forge.rust-lang.org/infra/other-installation-methods.html; > UPSTREAM_CHECK_REGEX = "rustc-(?P\d+(\.\d+)+)-src" > + > +CVE_STATUS[CVE-2024-24576] = "not-applicable-platform: Issue only applies on > Windows" > -- > 2.43.0 > > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198238): https://lists.openembedded.org/g/openembedded-core/message/198238 Mute This Topic: https://lists.openembedded.org/mt/105534166/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] OE-core CVE metrics for nanbield on Sun 14 Apr 2024 04:00:01 AM HST
Branch: nanbield New this week: 0 CVEs Removed this week: 0 CVEs Full list: Found 128 unpatched CVEs CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 * CVE-2021-3714 (CVSS3: 5.9 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3714 * CVE-2021-3864 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3864 * CVE-2022-0400 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0400 * CVE-2022-1247 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1247 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-36402 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36402 * CVE-2022-38096 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38096 * CVE-2022-4543 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4543 * CVE-2022-46456 (CVSS3: 6.1 MEDIUM): nasm:nasm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46456 * CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * CVE-2023-3019 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3019 * CVE-2023-3397 (CVSS3: 6.3 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3397 * CVE-2023-3640 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3640 * CVE-2023-39189 (CVSS3: 6.0 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39189 * CVE-2023-39192 (CVSS3: 6.0 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39192 * CVE-2023-39193 (CVSS3: 6.0 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39193 * CVE-2023-39928 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39928 * CVE-2023-4001 (CVSS3: 6.8 MEDIUM): grub:grub-efi:grub-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4001 * CVE-2023-4010 (CVSS3: 4.6 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4010 * CVE-2023-42363 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42363 * CVE-2023-42364 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42364 * CVE-2023-42365 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42365 * CVE-2023-42366 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42366 * CVE-2023-42753 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42753 * CVE-2023-42754 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42754 * CVE-2023-42756 (CVSS3: 4.7 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42756 * CVE-2023-4623 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4623 * CVE-2023-46407 (CVSS3: 5.5 MEDIUM): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-46407 * CVE-2023-46838 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-46838 * CVE-2023-47470 (CVSS3: 7.8 HIGH): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-47470 * CVE-2023-48795 (CVSS3: 5.9 MEDIUM): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48795 * CVE-2023-4921 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4921 * CVE-2023-49292 (CVSS3: 4.8 MEDIUM): go:go-binary-native:go-cross-core2-64:go-runtime https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-49292 * CVE-2023-50431 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-50431 * CVE-2023-5088 (CVSS3: 7.0 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5088 * CVE-2023-51384 (CVSS3: 5.5 MEDIUM): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51384 * CVE-2023-51385 (CVSS3: 6.5 MEDIUM): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51385 * CVE-2023-51767 (CVSS3: 7.0 HIGH): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51767 * CVE-2023-5178 (CVSS3: 9.8 CRITICAL): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5178 * CVE-2023-51780 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51780 * CVE-2023-51781 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51781 * CVE-2023-51782 (CVSS3: 7.0 HIGH):
[OE-core] OE-core CVE metrics for kirkstone on Sun 14 Apr 2024 03:00:01 AM HST
Branch: kirkstone New this week: 0 CVEs Removed this week: 0 CVEs Full list: Found 35 unpatched CVEs CVE-2021-35937 (CVSS3: 6.4 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35937 * CVE-2021-35938 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35938 * CVE-2021-35939 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35939 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-3515 (CVSS3: 9.8 CRITICAL): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3515 * CVE-2022-36648 (CVSS3: 10.0 CRITICAL): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36648 * CVE-2022-3872 (CVSS3: 8.6 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3872 * CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * CVE-2023-24532 (CVSS3: 5.3 MEDIUM): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24532 * CVE-2023-27043 (CVSS3: 5.3 MEDIUM): python3:python3-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27043 * CVE-2023-2731 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2731 * CVE-2023-28198 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-28198 * CVE-2023-29403 (CVSS3: 7.8 HIGH): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29403 * CVE-2023-3019 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3019 * CVE-2023-3164 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3164 * CVE-2023-32370 (CVSS3: 5.3 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-32370 * CVE-2023-37769 (CVSS3: 6.5 MEDIUM): pixman:pixman-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37769 * CVE-2023-39323 (CVSS3: 8.1 HIGH): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39323 * CVE-2023-4001 (CVSS3: 6.8 MEDIUM): grub:grub-efi:grub-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4001 * CVE-2023-40397 (CVSS3: 9.8 CRITICAL): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40397 * CVE-2023-44487 (CVSS3: 7.5 HIGH): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-44487 * CVE-2023-46407 (CVSS3: 5.5 MEDIUM): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-46407 * CVE-2023-47100 (CVSS3: 9.8 CRITICAL): perl:perl-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-47100 * CVE-2023-47470 (CVSS3: 7.8 HIGH): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-47470 * CVE-2023-48795 (CVSS3: 5.9 MEDIUM): libssh2:libssh2-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48795 * CVE-2023-49292 (CVSS3: 4.8 MEDIUM): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-49292 * CVE-2023-51767 (CVSS3: 7.0 HIGH): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51767 * CVE-2023-52355 (CVSS3: 7.5 HIGH): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52355 * CVE-2023-5380 (CVSS3: 4.7 MEDIUM): xwayland https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5380 * CVE-2023-5574 (CVSS3: 7.0 HIGH): xserver-xorg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5574 * CVE-2023-7216 (CVSS3: 5.3 MEDIUM): cpio https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-7216 * CVE-2024-1048 (CVSS3: 3.3 LOW): grub:grub-efi:grub-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-1048 * CVE-2024-22860 (CVSS3: 9.8 CRITICAL): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-22860 * CVE-2024-22861 (CVSS3: 7.5 HIGH): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-22861 * CVE-2024-22862 (CVSS3: 9.8 CRITICAL): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-22862 * Summary of CVE counts by recipe: ffmpeg: 5 go: 5 qemu:qemu-native:qemu-system-native: 4 rpm:rpm-native: 3 tiff: 3 webkitgtk: 3 gnupg:gnupg-native: 2 grub:grub-efi:grub-native: 2 cpio: 1 libssh2:libssh2-native: 1 openssh: 1 perl:perl-native: 1 pixman:pixman-native: 1 python3:python3-native: 1 xserver-xorg: 1 xwayland: 1 For further information see: https://autobuilder.yocto.io/pub/non-release/patchmetrics/ -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198208): https://lists.openembedded.org/g/openembedded-core/message/198208 Mute This Topic: https://lists.openembedded.org/mt/105516435/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[OE-core] OE-core CVE metrics for dunfell on Sun 14 Apr 2024 02:00:01 AM HST
Branch: dunfell New this week: 0 CVEs Removed this week: 0 CVEs Full list: Found 106 unpatched CVEs CVE-2020-15705 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15705 * CVE-2020-25742 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25742 * CVE-2020-25743 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25743 * CVE-2020-27918 (CVSS3: 7.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27918 * CVE-2020-29623 (CVSS3: 3.3 LOW): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29623 * CVE-2020-35503 (CVSS3: 6.0 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35503 * CVE-2020-35506 (CVSS3: 6.7 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35506 * CVE-2020-9948 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9948 * CVE-2020-9951 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9951 * CVE-2020-9952 (CVSS3: 7.1 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9952 * CVE-2021-1765 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1765 * CVE-2021-1789 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1789 * CVE-2021-1799 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1799 * CVE-2021-1801 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1801 * CVE-2021-1870 (CVSS3: 9.8 CRITICAL): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1870 * CVE-2021-27097 (CVSS3: 7.8 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27097 * CVE-2021-27138 (CVSS3: 7.8 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27138 * CVE-2021-31879 (CVSS3: 6.1 MEDIUM): wget https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31879 * CVE-2021-3418 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3418 * CVE-2021-3445 (CVSS3: 7.5 HIGH): libdnf https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3445 * CVE-2021-35937 (CVSS3: 6.4 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35937 * CVE-2021-35938 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35938 * CVE-2021-35939 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35939 * CVE-2021-3611 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3611 * CVE-2021-42762 (CVSS3: 5.3 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42762 * CVE-2021-45085 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45085 * CVE-2021-45086 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45086 * CVE-2021-45087 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45087 * CVE-2021-45088 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45088 * CVE-2021-45481 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45481 * CVE-2021-45482 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45482 * CVE-2021-45483 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45483 * CVE-2022-0358 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0358 * CVE-2022-2294 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2294 * CVE-2022-2347 (CVSS3: 7.1 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2347 * CVE-2022-23773 (CVSS3: 7.5 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23773 * CVE-2022-24765 (CVSS3: 7.8 HIGH): git https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24765 * CVE-2022-2953 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2953 * CVE-2022-2962 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2962 * CVE-2022-30293 (CVSS3: 7.5 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30293 * CVE-2022-30767 (CVSS3: 9.8 CRITICAL): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30767 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 *
[OE-core] OE-core CVE metrics for master on Sun 14 Apr 2024 01:00:01 AM HST
Branch: master New this week: 0 CVEs Removed this week: 21 CVEs CVE-2014-4859 (CVSS3: 6.8 MEDIUM): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4859 * CVE-2014-4860 (CVSS3: 6.8 MEDIUM): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4860 * CVE-2019-14553 (CVSS3: 4.9 MEDIUM): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14553 * CVE-2019-14559 (CVSS3: 7.5 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14559 * CVE-2019-14562 (CVSS3: 5.5 MEDIUM): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14562 * CVE-2019-14563 (CVSS3: 7.8 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14563 * CVE-2019-14575 (CVSS3: 7.8 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14575 * CVE-2019-14586 (CVSS3: 8.0 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14586 * CVE-2019-14587 (CVSS3: 6.5 MEDIUM): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14587 * CVE-2022-36763 (CVSS3: 7.8 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36763 * CVE-2022-36764 (CVSS3: 7.8 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36764 * CVE-2022-36765 (CVSS3: 7.8 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36765 * CVE-2023-45229 (CVSS3: 6.5 MEDIUM): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45229 * CVE-2023-45230 (CVSS3: 8.8 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45230 * CVE-2023-45231 (CVSS3: 6.5 MEDIUM): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45231 * CVE-2023-45232 (CVSS3: 7.5 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45232 * CVE-2023-45233 (CVSS3: 7.5 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45233 * CVE-2023-45234 (CVSS3: 8.8 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45234 * CVE-2023-45235 (CVSS3: 8.8 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45235 * CVE-2023-45236 (CVSS3: 7.5 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45236 * CVE-2023-45237 (CVSS3: 7.5 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45237 * Full list: Found 37 unpatched CVEs CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 * CVE-2021-3714 (CVSS3: 5.9 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3714 * CVE-2021-3864 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3864 * CVE-2022-0400 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0400 * CVE-2022-1247 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1247 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-38096 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38096 * CVE-2022-4543 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4543 * CVE-2022-46456 (CVSS3: 6.1 MEDIUM): nasm:nasm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46456 * CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * CVE-2023-3397 (CVSS3: 6.3 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3397 * CVE-2023-3640 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3640 * CVE-2023-4010 (CVSS3: 4.6 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4010 * CVE-2023-42363 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42363 * CVE-2023-42364 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42364 * CVE-2023-42365 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42365 * CVE-2023-42366 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42366 * CVE-2023-51767 (CVSS3: 7.0 HIGH): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51767 * CVE-2023-6238 (CVSS3: 6.7 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6238 * CVE-2023-6240 (CVSS3: 6.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6240 * CVE-2023-6270 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6270 * CVE-2023-6356 (CVSS3:
Re: [OE-core] [kirkstone][PATCH] kernel.bbclass: check, if directory exists before removing empty module directory
On Fri, Apr 12, 2024 at 2:52 AM Heiko wrote: > > I used "git send-email". I don`t know, why the tabs were replaced. > > I have attached the patch with tabs. (Or do I have to create a new post?) You should send a new patch targeted for the master branch since we need to fix this there first before I can backport it to kirkstone. Thanks! Steve -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198165): https://lists.openembedded.org/g/openembedded-core/message/198165 Mute This Topic: https://lists.openembedded.org/mt/105458549/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [kirkstone][PATCH] kernel.bbclass: check, if directory exists before removing empty module directory
This patch doesn't apply for me: Applying: kernel.bbclass: check, if directory exists before removing empty module directory Using index info to reconstruct a base tree... error: patch failed: meta/classes/kernel.bbclass:452 error: meta/classes/kernel.bbclass: patch does not apply error: Did you hand edit your patch? It does not apply to blobs recorded in its index. Patch failed at 0001 kernel.bbclass: check, if directory exists before removing empty module directory Steve On Thu, Apr 11, 2024 at 1:06 AM Heiko wrote: > > If the kernel folder does not exist, find will result in an error. > This can occur if the kernel has no modules but, for example, custom modules > are created. > > Add check before deleting. > > Signed-off-by: Heiko Thole > --- > meta/classes/kernel.bbclass | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/meta/classes/kernel.bbclass b/meta/classes/kernel.bbclass > index dbd89057f3..988a489396 100644 > --- a/meta/classes/kernel.bbclass > +++ b/meta/classes/kernel.bbclass > @@ -452,7 +452,7 @@ kernel_do_install() { > rm -f > "${D}${nonarch_base_libdir}/modules/${KERNEL_VERSION}/build" > rm -f > "${D}${nonarch_base_libdir}/modules/${KERNEL_VERSION}/source" > # Remove empty module directories to prevent QA issues > - find > "${D}${nonarch_base_libdir}/modules/${KERNEL_VERSION}/kernel" -type d -empty > -delete > + [ -d > "${D}${nonarch_base_libdir}/modules/${KERNEL_VERSION}/kernel" ] && find > "${D}${nonarch_base_libdir}/modules/${KERNEL_VERSION}/kernel" -type d -empty > -delete > else > bbnote "no modules to install" > fi > -- > 2.41.0 > > eQ-3 Entwicklung GmbH, Maiburger Str. 36, 26789 Leer > Geschäftsführer: Prof. Heinz-G. Redeker > Registergericht: Amtsgericht Aurich, HRB 110388 > eQ-3 AG, Maiburger Str. 29, 26789 Leer > Vorstand: Prof. Heinz-G. Redeker (Vorsitzender), Helga Redeker > Vorsitzende des Aufsichtsrats: Irmgard Keplin > Registergericht: Amtsgericht Aurich, HRB 200335 > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198129): https://lists.openembedded.org/g/openembedded-core/message/198129 Mute This Topic: https://lists.openembedded.org/mt/105458549/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 5/5] licenses.conf: Add missing LGPLv2.0+ license
From: Colin McAllister Adds LGPLv2.0+ license variation to match LGPLv2+. Signed-off-by: Colin McAllister Signed-off-by: Steve Sakoman --- meta/conf/licenses.conf | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/conf/licenses.conf b/meta/conf/licenses.conf index d14c365977..c78823e847 100644 --- a/meta/conf/licenses.conf +++ b/meta/conf/licenses.conf @@ -37,6 +37,7 @@ SPDXLICENSEMAP[GPL-3.0-only] = "GPL-3.0" SPDXLICENSEMAP[LGPLv2] = "LGPL-2.0" SPDXLICENSEMAP[LGPLv2+] = "LGPL-2.0+" SPDXLICENSEMAP[LGPLv2.0] = "LGPL-2.0" +SPDXLICENSEMAP[LGPLv2.0+] = "LGPL-2.0+" SPDXLICENSEMAP[LGPL-2.0-only] = "LGPL-2.0" SPDXLICENSEMAP[LGPL2.1] = "LGPL-2.1" SPDXLICENSEMAP[LGPLv2.1] = "LGPL-2.1" -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198098): https://lists.openembedded.org/g/openembedded-core/message/198098 Mute This Topic: https://lists.openembedded.org/mt/105441138/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 4/5] xserver-xorg: Backport fix for CVE-2024-31080
From: Ashish Sharma Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/96798fc1967491c80a4d0c8d9e0a80586cb2152b] Signed-off-by: Ashish Sharma Signed-off-by: Steve Sakoman --- .../xserver-xorg/CVE-2024-31080.patch | 49 +++ .../xorg-xserver/xserver-xorg_1.20.14.bb | 1 + 2 files changed, 50 insertions(+) create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31080.patch diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31080.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31080.patch new file mode 100644 index 00..da735efb2b --- /dev/null +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31080.patch @@ -0,0 +1,49 @@ +From 96798fc1967491c80a4d0c8d9e0a80586cb2152b Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith +Date: Fri, 22 Mar 2024 18:51:45 -0700 +Subject: [PATCH] Xi: ProcXIGetSelectedEvents needs to use unswapped length to + send reply + +CVE-2024-31080 + +Reported-by: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=69762 +Fixes: 53e821ab4 ("Xi: add request processing for XIGetSelectedEvents.") +Signed-off-by: Alan Coopersmith +Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1463> + +Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/96798fc1967491c80a4d0c8d9e0a80586cb2152b] +CVE: CVE-2024-31080 +Signed-off-by: Ashish Sharma + + Xi/xiselectev.c | 5 - + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/Xi/xiselectev.c b/Xi/xiselectev.c +index edcb8a0d36..ac14949871 100644 +--- a/Xi/xiselectev.c b/Xi/xiselectev.c +@@ -349,6 +349,7 @@ ProcXIGetSelectedEvents(ClientPtr client) + InputClientsPtr others = NULL; + xXIEventMask *evmask = NULL; + DeviceIntPtr dev; ++uint32_t length; + + REQUEST(xXIGetSelectedEventsReq); + REQUEST_SIZE_MATCH(xXIGetSelectedEventsReq); +@@ -418,10 +419,12 @@ ProcXIGetSelectedEvents(ClientPtr client) + } + } + ++/* save the value before SRepXIGetSelectedEvents swaps it */ ++length = reply.length; + WriteReplyToClient(client, sizeof(xXIGetSelectedEventsReply), ); + + if (reply.num_masks) +-WriteToClient(client, reply.length * 4, buffer); ++WriteToClient(client, length * 4, buffer); + + free(buffer); + return Success; +-- +GitLab + diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.14.bb b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.14.bb index ade250542f..04a6e734ef 100644 --- a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.14.bb +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.14.bb @@ -31,6 +31,7 @@ SRC_URI += "file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.pat file://CVE-2024-0408.patch \ file://CVE-2024-0409.patch \ file://CVE-2024-31081.patch \ + file://CVE-2024-31080.patch \ " SRC_URI[md5sum] = "453fc86aac8c629b3a5b77e8dcca30bf" SRC_URI[sha256sum] = "54b199c9280ff8bf0f73a54a759645bd0eeeda7255d1c99310d5b7595f3ac066" -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198097): https://lists.openembedded.org/g/openembedded-core/message/198097 Mute This Topic: https://lists.openembedded.org/mt/105441137/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 3/5] xserver-xorg: Backport fix for CVE-2024-31081
From: Ashish Sharma Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/3e77295f888c67fc7645db5d0c00926a29ffecee] Signed-off-by: Ashish Sharma Signed-off-by: Steve Sakoman --- .../xserver-xorg/CVE-2024-31081.patch | 47 +++ .../xorg-xserver/xserver-xorg_1.20.14.bb | 1 + 2 files changed, 48 insertions(+) create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31081.patch diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31081.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31081.patch new file mode 100644 index 00..d2c551a0e5 --- /dev/null +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31081.patch @@ -0,0 +1,47 @@ +From 3e77295f888c67fc7645db5d0c00926a29ffecee Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith +Date: Fri, 22 Mar 2024 18:56:27 -0700 +Subject: [PATCH] Xi: ProcXIPassiveGrabDevice needs to use unswapped length to + send reply + +CVE-2024-31081 + +Fixes: d220d6907 ("Xi: add GrabButton and GrabKeysym code.") +Signed-off-by: Alan Coopersmith +Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1463> + +Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/3e77295f888c67fc7645db5d0c00926a29ffecee] +CVE: CVE-2024-31081 +Signed-off-by: Ashish Sharma + + Xi/xipassivegrab.c | 5 - + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/Xi/xipassivegrab.c b/Xi/xipassivegrab.c +index c9ac2f8553..896233bec2 100644 +--- a/Xi/xipassivegrab.c b/Xi/xipassivegrab.c +@@ -93,6 +93,7 @@ ProcXIPassiveGrabDevice(ClientPtr client) + GrabParameters param; + void *tmp; + int mask_len; ++uint32_t length; + + REQUEST(xXIPassiveGrabDeviceReq); + REQUEST_FIXED_SIZE(xXIPassiveGrabDeviceReq, +@@ -247,9 +248,11 @@ ProcXIPassiveGrabDevice(ClientPtr client) + } + } + ++/* save the value before SRepXIPassiveGrabDevice swaps it */ ++length = rep.length; + WriteReplyToClient(client, sizeof(rep), ); + if (rep.num_modifiers) +-WriteToClient(client, rep.length * 4, modifiers_failed); ++WriteToClient(client, length * 4, modifiers_failed); + + out: + free(modifiers_failed); +-- +GitLab + diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.14.bb b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.14.bb index d6c6c5bd45..ade250542f 100644 --- a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.14.bb +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.14.bb @@ -30,6 +30,7 @@ SRC_URI += "file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.pat file://CVE-2024-21886-2.patch \ file://CVE-2024-0408.patch \ file://CVE-2024-0409.patch \ + file://CVE-2024-31081.patch \ " SRC_URI[md5sum] = "453fc86aac8c629b3a5b77e8dcca30bf" SRC_URI[sha256sum] = "54b199c9280ff8bf0f73a54a759645bd0eeeda7255d1c99310d5b7595f3ac066" -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198096): https://lists.openembedded.org/g/openembedded-core/message/198096 Mute This Topic: https://lists.openembedded.org/mt/105441136/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 2/5] go: Backport fix for CVE-2024-24784
From: Ashish Sharma Upstream-Status: Backport [https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c] Signed-off-by: Ashish Sharma Signed-off-by: Steve Sakoman --- meta/recipes-devtools/go/go-1.14.inc | 1 + .../go/go-1.14/CVE-2024-24784.patch | 205 ++ 2 files changed, 206 insertions(+) create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2024-24784.patch diff --git a/meta/recipes-devtools/go/go-1.14.inc b/meta/recipes-devtools/go/go-1.14.inc index 69b65f3eb2..9c7ceda891 100644 --- a/meta/recipes-devtools/go/go-1.14.inc +++ b/meta/recipes-devtools/go/go-1.14.inc @@ -91,6 +91,7 @@ SRC_URI += "\ file://CVE-2023-45289.patch \ file://CVE-2023-45290.patch \ file://CVE-2024-24785.patch \ +file://CVE-2024-24784.patch \ " SRC_URI_append_libc-musl = " file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch" diff --git a/meta/recipes-devtools/go/go-1.14/CVE-2024-24784.patch b/meta/recipes-devtools/go/go-1.14/CVE-2024-24784.patch new file mode 100644 index 00..e9d9d972b9 --- /dev/null +++ b/meta/recipes-devtools/go/go-1.14/CVE-2024-24784.patch @@ -0,0 +1,205 @@ +From 5330cd225ba54c7dc78c1b46dcdf61a4671a632c Mon Sep 17 00:00:00 2001 +From: Roland Shoemaker +Date: Wed, 10 Jan 2024 11:02:14 -0800 +Subject: [PATCH] [release-branch.go1.22] net/mail: properly handle special + characters in phrase and obs-phrase + +Fixes a couple of misalignments with RFC 5322 which introduce +significant diffs between (mostly) conformant parsers. + +This change reverts the changes made in CL50911, which allowed certain +special RFC 5322 characters to appear unquoted in the "phrase" syntax. +It is unclear why this change was made in the first place, and created +a divergence from comformant parsers. In particular this resulted in +treating comments in display names incorrectly. + +Additionally properly handle trailing malformed comments in the group +syntax. + +For #65083 +Fixed #65849 + +Change-Id: I00dddc044c6ae3381154e43236632604c390f672 +Reviewed-on: https://go-review.googlesource.com/c/go/+/96 +Reviewed-by: Damien Neil +LUCI-TryBot-Result: Go LUCI +Reviewed-on: https://go-review.googlesource.com/c/go/+/566215 +Reviewed-by: Carlos Amedee + +Upstream-Status: Backport [https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c] +CVE: CVE-2024-24784 +Signed-off-by: Ashish Sharma + + src/net/mail/message.go | 30 +++ + src/net/mail/message_test.go | 40 ++-- + 2 files changed, 46 insertions(+), 24 deletions(-) + +diff --git a/src/net/mail/message.go b/src/net/mail/message.go +index af516fc30f470..fc2a9e46f811b 100644 +--- a/src/net/mail/message.go b/src/net/mail/message.go +@@ -280,7 +280,7 @@ func (a *Address) String() string { + // Add quotes if needed + quoteLocal := false + for i, r := range local { +- if isAtext(r, false, false) { ++ if isAtext(r, false) { + continue + } + if r == '.' { +@@ -444,7 +444,7 @@ func (p *addrParser) parseAddress(handleGroup bool) ([]*Address, error) { + if !p.consume('<') { + atext := true + for _, r := range displayName { +- if !isAtext(r, true, false) { ++ if !isAtext(r, true) { + atext = false + break + } +@@ -479,7 +479,9 @@ func (p *addrParser) consumeGroupList() ([]*Address, error) { + // handle empty group. + p.skipSpace() + if p.consume(';') { +- p.skipCFWS() ++ if !p.skipCFWS() { ++ return nil, errors.New("mail: misformatted parenthetical comment") ++ } + return group, nil + } + +@@ -496,7 +498,9 @@ func (p *addrParser) consumeGroupList() ([]*Address, error) { + return nil, errors.New("mail: misformatted parenthetical comment") + } + if p.consume(';') { +- p.skipCFWS() ++ if !p.skipCFWS() { ++ return nil, errors.New("mail: misformatted parenthetical comment") ++ } + break + } + if !p.consume(',') { +@@ -566,6 +570,12 @@ func (p *addrParser) consumePhrase() (phrase string, err error) { + var words []string + var isPrevEncoded bool + for { ++ // obs-phrase allows CFWS after one word ++ if len(words) > 0 { ++ if !p.skipCFWS() { ++ return "", errors.New("mail: misformatted parenthetical comment") ++ } ++ } + // word = atom / quoted-
[OE-core][dunfell 1/5] ncurses: Backport fix for CVE-2023-50495
From: Vijay Anusuri Upstream-Status: Backport from https://github.com/ThomasDickey/ncurses-snapshots/commit/efe9674ee14b14b788f9618941f97d31742f0adc Reference: https://invisible-island.net/archives/ncurses/6.4/ncurses-6.4-20230424.patch.gz Signed-off-by: Vijay Anusuri Signed-off-by: Steve Sakoman --- .../ncurses/files/CVE-2023-50495.patch| 79 +++ meta/recipes-core/ncurses/ncurses_6.2.bb | 1 + 2 files changed, 80 insertions(+) create mode 100644 meta/recipes-core/ncurses/files/CVE-2023-50495.patch diff --git a/meta/recipes-core/ncurses/files/CVE-2023-50495.patch b/meta/recipes-core/ncurses/files/CVE-2023-50495.patch new file mode 100644 index 00..58c23866d1 --- /dev/null +++ b/meta/recipes-core/ncurses/files/CVE-2023-50495.patch @@ -0,0 +1,79 @@ +Fix for CVE-2023-50495 from upstream: +https://github.com/ThomasDickey/ncurses-snapshots/commit/efe9674ee14b14b788f9618941f97d31742f0adc + +Reference: +https://invisible-island.net/archives/ncurses/6.4/ncurses-6.4-20230424.patch.gz + +Upstream-Status: Backport [import from suse ftp.pbone.net/mirror/ftp.opensuse.org/update/leap-micro/5.3/sle/src/ncurses-6.1-15.5.20.1.src.rpm +Upstream commit https://github.com/ThomasDickey/ncurses-snapshots/commit/efe9674ee14b14b788f9618941f97d31742f0adc] +CVE: CVE-2023-50495 +Signed-off-by: Vijay Anusuri +--- + ncurses/tinfo/parse_entry.c | 23 --- + 1 file changed, 16 insertions(+), 7 deletions(-) + +diff --git a/ncurses/tinfo/parse_entry.c b/ncurses/tinfo/parse_entry.c +index 23574b66..56ba9ae6 100644 +--- a/ncurses/tinfo/parse_entry.c b/ncurses/tinfo/parse_entry.c +@@ -110,7 +110,7 @@ _nc_extend_names(ENTRY * entryp, const char *name, int token_type) + /* Well, we are given a cancel for a name that we don't recognize */ + return _nc_extend_names(entryp, name, STRING); + default: +- return 0; ++ return NULL; + } + + /* Adjust the 'offset' (insertion-point) to keep the lists of extended +@@ -142,6 +142,11 @@ _nc_extend_names(ENTRY * entryp, const char *name, int token_type) + for (last = (unsigned) (max - 1); last > tindex; last--) + + if (!found) { ++ char *saved; ++ ++ if ((saved = _nc_save_str(name)) == NULL) ++ return NULL; ++ + switch (token_type) { + case BOOLEAN: + tp->ext_Booleans++; +@@ -169,7 +174,7 @@ _nc_extend_names(ENTRY * entryp, const char *name, int token_type) + TYPE_REALLOC(char *, actual, tp->ext_Names); + while (--actual > offset) + tp->ext_Names[actual] = tp->ext_Names[actual - 1]; +- tp->ext_Names[offset] = _nc_save_str(name); ++ tp->ext_Names[offset] = saved; + } + + temp.nte_name = tp->ext_Names[offset]; +@@ -337,6 +342,8 @@ _nc_parse_entry(ENTRY * entryp, int literal, bool silent) + bool is_use = (strcmp(_nc_curr_token.tk_name, "use") == 0); + bool is_tc = !is_use && (strcmp(_nc_curr_token.tk_name, "tc") == 0); + if (is_use || is_tc) { ++ char *saved; ++ + if (!VALID_STRING(_nc_curr_token.tk_valstring) + || _nc_curr_token.tk_valstring[0] == '\0') { + _nc_warning("missing name for use-clause"); +@@ -350,11 +357,13 @@ _nc_parse_entry(ENTRY * entryp, int literal, bool silent) + _nc_curr_token.tk_valstring); + continue; + } +- entryp->uses[entryp->nuses].name = _nc_save_str(_nc_curr_token.tk_valstring); +- entryp->uses[entryp->nuses].line = _nc_curr_line; +- entryp->nuses++; +- if (entryp->nuses > 1 && is_tc) { +- BAD_TC_USAGE ++ if ((saved = _nc_save_str(_nc_curr_token.tk_valstring)) != NULL) { ++ entryp->uses[entryp->nuses].name = saved; ++ entryp->uses[entryp->nuses].line = _nc_curr_line; ++ entryp->nuses++; ++ if (entryp->nuses > 1 && is_tc) { ++ BAD_TC_USAGE ++ } + } + } else { + /* normal token lookup */ +-- +2.25.1 + diff --git a/meta/recipes-core/ncurses/ncurses_6.2.bb b/meta/recipes-core/ncurses/ncurses_6.2.bb index 33285bcb5b..dbff149f55 100644 --- a/meta/recipes-core/ncurses/ncurses_6.2.bb +++ b/meta/recipes-core/ncurses/ncurses_6.2.bb @@ -6,6 +6,7 @@ SRC_URI += "file://0001-tic-hang.patch \ file://CVE-2021-39537.patch \ file://CVE-2022-29458.patch \ file://CVE-2023-29491.patch \ + file://CVE-2023-50495.patch \ " # commit id corresponds to the revision in package version SRCREV = "a669013cd5e9d6434e5301348ea51baf306c93c4" -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198094): https://lists.openembedded.org/g/openembedded-core/message/198094 Mu
[OE-core][dunfell 0/5] Patch review
Please review this set of changes for dunfell and have comments back by end of day Friday, April 12 Passed a-full on autobuilder: https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6774 The following changes since commit 47ce772102b45db14dc21112367534ea1c37e33c: perf: bump PR to deal with sstate corruption on autobuilder (2024-04-02 05:46:56 -1000) are available in the Git repository at: https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut Ashish Sharma (3): go: Backport fix for CVE-2024-24784 xserver-xorg: Backport fix for CVE-2024-31081 xserver-xorg: Backport fix for CVE-2024-31080 Colin McAllister (1): licenses.conf: Add missing LGPLv2.0+ license Vijay Anusuri (1): ncurses: Backport fix for CVE-2023-50495 meta/conf/licenses.conf | 1 + .../ncurses/files/CVE-2023-50495.patch| 79 +++ meta/recipes-core/ncurses/ncurses_6.2.bb | 1 + meta/recipes-devtools/go/go-1.14.inc | 1 + .../go/go-1.14/CVE-2024-24784.patch | 205 ++ .../xserver-xorg/CVE-2024-31080.patch | 49 + .../xserver-xorg/CVE-2024-31081.patch | 47 .../xorg-xserver/xserver-xorg_1.20.14.bb | 2 + 8 files changed, 385 insertions(+) create mode 100644 meta/recipes-core/ncurses/files/CVE-2023-50495.patch create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2024-24784.patch create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31080.patch create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31081.patch -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198093): https://lists.openembedded.org/g/openembedded-core/message/198093 Mute This Topic: https://lists.openembedded.org/mt/105441132/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [oe-core][kirkstone][PATCH v2 1/1] expat: fix CVE-2023-52425
Unfortunately this change is causing ptest failures: {'expat': ['test_accounting_precision', 'test_return_ns_triplet', 'test_column_number_after_parse', 'test_default_current', 'test_external_entity_values']} Could you investigate and see if you can provide a fix? Otherwise I'll need to revert this prior to the next kirkstone release. Steve On Fri, Mar 29, 2024 at 4:12 AM Meenali Gupta via lists.openembedded.org wrote: > > From: Meenali Gupta > > libexpat through 2.5.0 allows a denial of service (resource consumption) > because > many full reparsings are required in the case of a large token for which > multiple > buffer fills are needed. > > References: > https://nvd.nist.gov/vuln/detail/CVE-2023-52425 > > Changes related to test directory are not included as most of the files are > not present > and are introduced in the later version. > > Signed-off-by: Meenali Gupta > --- > .../expat/expat/CVE-2023-52425-0001.patch | 40 > .../expat/expat/CVE-2023-52425-0002.patch | 87 +++ > .../expat/expat/CVE-2023-52425-0003.patch | 222 ++ > .../expat/expat/CVE-2023-52425-0004.patch | 42 > .../expat/expat/CVE-2023-52425-0005.patch | 69 ++ > .../expat/expat/CVE-2023-52425-0006.patch | 67 ++ > .../expat/expat/CVE-2023-52425-0007.patch | 159 + > .../expat/expat/CVE-2023-52425-0008.patch | 95 > .../expat/expat/CVE-2023-52425-0009.patch | 52 > .../expat/expat/CVE-2023-52425-0010.patch | 111 + > .../expat/expat/CVE-2023-52425-0011.patch | 89 +++ > .../expat/expat/CVE-2023-52425-0012.patch | 87 +++ > meta/recipes-core/expat/expat_2.5.0.bb| 12 + > 13 files changed, 1132 insertions(+) > create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0001.patch > create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0002.patch > create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0003.patch > create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0004.patch > create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0005.patch > create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0006.patch > create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0007.patch > create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0008.patch > create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0009.patch > create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0010.patch > create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0011.patch > create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0012.patch > > diff --git a/meta/recipes-core/expat/expat/CVE-2023-52425-0001.patch > b/meta/recipes-core/expat/expat/CVE-2023-52425-0001.patch > new file mode 100644 > index 00..4e21ade018 > --- /dev/null > +++ b/meta/recipes-core/expat/expat/CVE-2023-52425-0001.patch > @@ -0,0 +1,40 @@ > +From d5b02e96ab95d2a7ae0aea72d00054b9d036d76d Mon Sep 17 00:00:00 2001 > +From: Sebastian Pipping > +Date: Thu, 9 Nov 2023 19:28:05 +0100 > +Subject: [PATCH] xmlwf: Document argument "-q" > + > +Rebased-and-adapted-by: Snild Dolkow > + > +CVE: CVE-2023-52425 > + > +Upstream-Status: Backport > [https://github.com/libexpat/libexpat/commit/d5b02e96ab95d2a7ae0aea72d00054b9d036d76d] > + > +Signed-off-by: Meenali Gupta > +--- > + doc/xmlwf.xml | 10 ++ > + 1 file changed, 10 insertions(+) > + > +diff --git a/doc/xmlwf.xml b/doc/xmlwf.xml > +index 9603abf..3d35393 100644 > +--- a/doc/xmlwf.xml > b/doc/xmlwf.xml > +@@ -313,6 +313,16 @@ supports both. > + > + > + > ++ > ++-q > ++ > ++ > ++Disable reparse deferral, and allow quadratic parse runtime > ++on large tokens (default: reparse deferral enabled). > ++ > ++ > ++ > ++ > + > + -r > + > +-- > +2.40.0 > + > diff --git a/meta/recipes-core/expat/expat/CVE-2023-52425-0002.patch > b/meta/recipes-core/expat/expat/CVE-2023-52425-0002.patch > new file mode 100644 > index 00..8376727778 > --- /dev/null > +++ b/meta/recipes-core/expat/expat/CVE-2023-52425-0002.patch > @@ -0,0 +1,87 @@ > +From 09fdf998e7cf3f8f9327e6602077791095aedd4d Mon Sep 17 00:00:00 2001 > +From: Sebastian Pipping > +Date: Thu, 9 Nov 2023 19:14:14 +0100 > +Subject: [PATCH] xmlwf: Support disabling reparse deferral > + > +Rebased-and-adapted-by: Snild Dolkow > + > +CVE: CVE-2023-52425 > + > +Upstream-Status: Backport > [https://github.com/libexpat/libexpat/commit/09fdf998e7cf3f8f9327e6602077791095aedd4d] > + > +Signed-off-by: Meenali Gupta > +--- > + xmlwf/xmlwf.c | 20 > + xmlwf/xmlwf_helpgen.py | 4 > + 2 files changed, 24 insertions(+) > + > +diff --git a/xmlwf/xmlwf.c b/xmlwf/xmlwf.c > +index dd023a9..9a5441c 100644 > +--- a/xmlwf/xmlwf.c >
[OE-core] OE-core CVE metrics for nanbield on Sun 07 Apr 2024 04:00:01 AM HST
Branch: nanbield New this week: 0 CVEs Removed this week: 0 CVEs Full list: Found 128 unpatched CVEs CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 * CVE-2021-3714 (CVSS3: 5.9 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3714 * CVE-2021-3864 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3864 * CVE-2022-0400 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0400 * CVE-2022-1247 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1247 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-36402 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36402 * CVE-2022-38096 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38096 * CVE-2022-4543 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4543 * CVE-2022-46456 (CVSS3: 6.1 MEDIUM): nasm:nasm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46456 * CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * CVE-2023-3019 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3019 * CVE-2023-3397 (CVSS3: 6.3 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3397 * CVE-2023-3640 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3640 * CVE-2023-39189 (CVSS3: 6.0 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39189 * CVE-2023-39192 (CVSS3: 6.0 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39192 * CVE-2023-39193 (CVSS3: 6.0 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39193 * CVE-2023-39928 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39928 * CVE-2023-4001 (CVSS3: 6.8 MEDIUM): grub:grub-efi:grub-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4001 * CVE-2023-4010 (CVSS3: 4.6 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4010 * CVE-2023-42363 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42363 * CVE-2023-42364 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42364 * CVE-2023-42365 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42365 * CVE-2023-42366 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42366 * CVE-2023-42753 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42753 * CVE-2023-42754 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42754 * CVE-2023-42756 (CVSS3: 4.7 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42756 * CVE-2023-4623 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4623 * CVE-2023-46407 (CVSS3: 5.5 MEDIUM): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-46407 * CVE-2023-46838 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-46838 * CVE-2023-47470 (CVSS3: 7.8 HIGH): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-47470 * CVE-2023-48795 (CVSS3: 5.9 MEDIUM): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48795 * CVE-2023-4921 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4921 * CVE-2023-49292 (CVSS3: 4.8 MEDIUM): go:go-binary-native:go-cross-core2-64:go-runtime https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-49292 * CVE-2023-50431 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-50431 * CVE-2023-5088 (CVSS3: 7.0 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5088 * CVE-2023-51384 (CVSS3: 5.5 MEDIUM): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51384 * CVE-2023-51385 (CVSS3: 6.5 MEDIUM): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51385 * CVE-2023-51767 (CVSS3: 7.0 HIGH): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51767 * CVE-2023-5178 (CVSS3: 9.8 CRITICAL): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5178 * CVE-2023-51780 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51780 * CVE-2023-51781 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51781 * CVE-2023-51782 (CVSS3: 7.0 HIGH):
[OE-core] OE-core CVE metrics for kirkstone on Sun 07 Apr 2024 03:00:01 AM HST
Branch: kirkstone New this week: 1 CVEs CVE-2023-44487 (CVSS3: 7.5 HIGH): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-44487 * Removed this week: 9 CVEs CVE-2023-44487 (CVSS3: 7.5 HIGH): go:nghttp2 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-44487 * CVE-2023-45803 (CVSS3: 4.2 MEDIUM): python3-urllib3 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45803 * CVE-2023-52356 (CVSS3: 7.5 HIGH): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52356 * CVE-2023-52425 (CVSS3: 7.5 HIGH): expat:expat-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52425 * CVE-2023-6277 (CVSS3: 6.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6277 * CVE-2023-6683 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6683 * CVE-2023-6816 (CVSS3: 9.8 CRITICAL): xwayland https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6816 * CVE-2024-0408 (CVSS3: 5.5 MEDIUM): xwayland https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-0408 * CVE-2024-0409 (CVSS3: 7.8 HIGH): xwayland https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-0409 * Full list: Found 35 unpatched CVEs CVE-2021-35937 (CVSS3: 6.4 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35937 * CVE-2021-35938 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35938 * CVE-2021-35939 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35939 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-3515 (CVSS3: 9.8 CRITICAL): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3515 * CVE-2022-36648 (CVSS3: 10.0 CRITICAL): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36648 * CVE-2022-3872 (CVSS3: 8.6 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3872 * CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * CVE-2023-24532 (CVSS3: 5.3 MEDIUM): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24532 * CVE-2023-27043 (CVSS3: 5.3 MEDIUM): python3:python3-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27043 * CVE-2023-2731 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2731 * CVE-2023-28198 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-28198 * CVE-2023-29403 (CVSS3: 7.8 HIGH): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29403 * CVE-2023-3019 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3019 * CVE-2023-3164 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3164 * CVE-2023-32370 (CVSS3: 5.3 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-32370 * CVE-2023-37769 (CVSS3: 6.5 MEDIUM): pixman:pixman-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37769 * CVE-2023-39323 (CVSS3: 8.1 HIGH): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39323 * CVE-2023-4001 (CVSS3: 6.8 MEDIUM): grub:grub-efi:grub-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4001 * CVE-2023-40397 (CVSS3: 9.8 CRITICAL): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40397 * CVE-2023-44487 (CVSS3: 7.5 HIGH): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-44487 * CVE-2023-46407 (CVSS3: 5.5 MEDIUM): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-46407 * CVE-2023-47100 (CVSS3: 9.8 CRITICAL): perl:perl-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-47100 * CVE-2023-47470 (CVSS3: 7.8 HIGH): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-47470 * CVE-2023-48795 (CVSS3: 5.9 MEDIUM): libssh2:libssh2-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48795 * CVE-2023-49292 (CVSS3: 4.8 MEDIUM): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-49292 * CVE-2023-51767 (CVSS3: 7.0 HIGH): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51767 * CVE-2023-52355 (CVSS3: 7.5 HIGH): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52355 * CVE-2023-5380 (CVSS3: 4.7 MEDIUM): xwayland https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5380 * CVE-2023-5574 (CVSS3: 7.0 HIGH): xserver-xorg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5574 * CVE-2023-7216 (CVSS3: 5.3 MEDIUM): cpio https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-7216 * CVE-2024-1048 (CVSS3: 3.3 LOW): grub:grub-efi:grub-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-1048 * CVE-2024-22860 (CVSS3: 9.8
[OE-core] OE-core CVE metrics for dunfell on Sun 07 Apr 2024 02:00:01 AM HST
Branch: dunfell New this week: 0 CVEs Removed this week: 3 CVEs CVE-2023-52356 (CVSS3: 7.5 HIGH): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52356 * CVE-2023-6277 (CVSS3: 6.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6277 * CVE-2024-0727 (CVSS3: 5.5 MEDIUM): openssl:openssl-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-0727 * Full list: Found 106 unpatched CVEs CVE-2020-15705 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15705 * CVE-2020-25742 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25742 * CVE-2020-25743 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25743 * CVE-2020-27918 (CVSS3: 7.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27918 * CVE-2020-29623 (CVSS3: 3.3 LOW): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29623 * CVE-2020-35503 (CVSS3: 6.0 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35503 * CVE-2020-35506 (CVSS3: 6.7 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35506 * CVE-2020-9948 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9948 * CVE-2020-9951 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9951 * CVE-2020-9952 (CVSS3: 7.1 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9952 * CVE-2021-1765 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1765 * CVE-2021-1789 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1789 * CVE-2021-1799 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1799 * CVE-2021-1801 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1801 * CVE-2021-1870 (CVSS3: 9.8 CRITICAL): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1870 * CVE-2021-27097 (CVSS3: 7.8 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27097 * CVE-2021-27138 (CVSS3: 7.8 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27138 * CVE-2021-31879 (CVSS3: 6.1 MEDIUM): wget https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31879 * CVE-2021-3418 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3418 * CVE-2021-3445 (CVSS3: 7.5 HIGH): libdnf https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3445 * CVE-2021-35937 (CVSS3: 6.4 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35937 * CVE-2021-35938 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35938 * CVE-2021-35939 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35939 * CVE-2021-3611 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3611 * CVE-2021-42762 (CVSS3: 5.3 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42762 * CVE-2021-45085 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45085 * CVE-2021-45086 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45086 * CVE-2021-45087 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45087 * CVE-2021-45088 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45088 * CVE-2021-45481 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45481 * CVE-2021-45482 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45482 * CVE-2021-45483 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45483 * CVE-2022-0358 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0358 * CVE-2022-2294 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2294 * CVE-2022-2347 (CVSS3: 7.1 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2347 * CVE-2022-23773 (CVSS3: 7.5 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23773 * CVE-2022-24765 (CVSS3: 7.8 HIGH): git https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24765 * CVE-2022-2953 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2953 * CVE-2022-2962 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2962 *
[OE-core] OE-core CVE metrics for master on Sun 07 Apr 2024 01:00:01 AM HST
Branch: master New this week: 21 CVEs CVE-2014-4859 (CVSS3: 6.8 MEDIUM): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4859 * CVE-2014-4860 (CVSS3: 6.8 MEDIUM): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4860 * CVE-2019-14553 (CVSS3: 4.9 MEDIUM): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14553 * CVE-2019-14559 (CVSS3: 7.5 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14559 * CVE-2019-14562 (CVSS3: 5.5 MEDIUM): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14562 * CVE-2019-14563 (CVSS3: 7.8 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14563 * CVE-2019-14575 (CVSS3: 7.8 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14575 * CVE-2019-14586 (CVSS3: 8.0 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14586 * CVE-2019-14587 (CVSS3: 6.5 MEDIUM): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14587 * CVE-2022-36763 (CVSS3: 7.8 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36763 * CVE-2022-36764 (CVSS3: 7.8 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36764 * CVE-2022-36765 (CVSS3: 7.8 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36765 * CVE-2023-45229 (CVSS3: 6.5 MEDIUM): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45229 * CVE-2023-45230 (CVSS3: 8.8 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45230 * CVE-2023-45231 (CVSS3: 6.5 MEDIUM): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45231 * CVE-2023-45232 (CVSS3: 7.5 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45232 * CVE-2023-45233 (CVSS3: 7.5 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45233 * CVE-2023-45234 (CVSS3: 8.8 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45234 * CVE-2023-45235 (CVSS3: 8.8 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45235 * CVE-2023-45236 (CVSS3: 7.5 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45236 * CVE-2023-45237 (CVSS3: 7.5 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45237 * Removed this week: 0 CVEs Full list: Found 58 unpatched CVEs CVE-2014-4859 (CVSS3: 6.8 MEDIUM): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4859 * CVE-2014-4860 (CVSS3: 6.8 MEDIUM): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4860 * CVE-2019-14553 (CVSS3: 4.9 MEDIUM): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14553 * CVE-2019-14559 (CVSS3: 7.5 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14559 * CVE-2019-14562 (CVSS3: 5.5 MEDIUM): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14562 * CVE-2019-14563 (CVSS3: 7.8 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14563 * CVE-2019-14575 (CVSS3: 7.8 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14575 * CVE-2019-14586 (CVSS3: 8.0 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14586 * CVE-2019-14587 (CVSS3: 6.5 MEDIUM): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14587 * CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 * CVE-2021-3714 (CVSS3: 5.9 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3714 * CVE-2021-3864 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3864 * CVE-2022-0400 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0400 * CVE-2022-1247 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1247 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-36763 (CVSS3: 7.8 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36763 * CVE-2022-36764 (CVSS3: 7.8 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36764 * CVE-2022-36765 (CVSS3: 7.8 HIGH): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36765 * CVE-2022-38096 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38096 * CVE-2022-4543 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4543 * CVE-2022-46456 (CVSS3: 6.1 MEDIUM): nasm:nasm-native
Re: [OE-core] [PATCH][dunfell] linux-yocto/5.4: update to v5.4.273
Hi Bruce, I'm getting warnings in my autobuilder testing: WARNING: linux-yocto-5.4.273+gitAUTOINC+c841eec84c_fe901e2f4b-r0 do_kernel_configcheck: [kernel config]: This BSP sets config options that are not offered anywhere within this kernel: CONFIG_NET_SCH_DSMARK CONFIG_NET_SCH_CBQ Steve On Wed, Apr 3, 2024 at 11:18 AM wrote: > > From: Bruce Ashfield > > Updating linux-yocto/5.4 to the latest korg -stable release that comprises > the following commits: > > 24489321d0cd Linux 5.4.273 > b37f030486d5 regmap: Add missing map->bus check > 55f8ea6731aa spi: spi-mt65xx: Fix NULL pointer access in interrupt handler > 59426454b812 bpf: report RCU QS in cpumap kthread > 3ffe591b27fc rcu: add a helper to report consolidated flavor QS > 2531f907d3e4 netfilter: nf_tables: do not compare internal table flags on > updates > 71002d9eb1ca ARM: dts: sun8i-h2-plus-bananapi-m2-zero: add regulator > nodes vcc-dram and vcc1v2 > 94cb17e5cf3a octeontx2-af: Use separate handlers for interrupts > 4f37d3a7e004 net/bnx2x: Prevent access to a freed page in page_pool > 69f9f55891ef hsr: Handle failures in module init > f781fb5177cd rds: introduce acquire/release ordering in > acquire/release_in_xmit() > 84c510411e32 packet: annotate data-races around ignore_outgoing > 889ed056eae7 hsr: Fix uninit-value access in hsr_get_node() > 48cef94b6910 s390/vtime: fix average steal time calculation > 305c31b9707d octeontx2-af: Use matching wake_up API variant in CGX > command interface > b63362b317a8 usb: gadget: net2272: Use irqflags in the call to > net2272_probe_fin > 254b27c4ae2d staging: greybus: fix get_channel_from_mode() failure path > f6bf49e76f05 serial: 8250_exar: Don't remove GPIO device on suspend > 8dd52ab78fd3 rtc: mt6397: select IRQ_DOMAIN instead of depending on it > ca6279d1a1ee kconfig: fix infinite loop when expanding a macro at the end > of file > a8cc354a8155 tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT > f1c9a0c33814 serial: max310x: fix syntax error in IRQ error message > bd2f4df25945 tty: vt: fix 20 vs 0x20 typo in EScsiignore > 854ebf45a4dd afs: Revert "afs: Hide silly-rename files from userspace" > afcbba70bf55 NFS: Fix an off by one in root_nfs_cat() > bcc3ec2bdbda watchdog: stm32_iwdg: initialize default timeout > e95eeb7f7d8c net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() > 3b8415daaad2 scsi: bfa: Fix function pointer type mismatch for > hcb_qe->cbfn > 2b38dbd7facd RDMA/device: Fix a race between mad_client and cm_client init > 39b1af7bc99d scsi: csiostor: Avoid function pointer casts > 6d5dc96b154b ALSA: usb-audio: Stop parsing channels bits when all > channels are found. > d7ae7d126568 clk: Fix clk_core_get NULL dereference > a1129b09228f sparc32: Fix section mismatch in leon_pci_grpci > c8c038beb40c backlight: lp8788: Fully initialize backlight_properties > during probe > 8c351a9ef5f5 backlight: lm3639: Fully initialize backlight_properties > during probe > 12a0153f78c7 backlight: da9052: Fully initialize backlight_properties > during probe > 1c8d8c6b4e70 backlight: lm3630a: Don't set bl->props.brightness in > get_brightness > 40a89f1bc42d backlight: lm3630a: Initialize backlight_properties on init > bb9981f915b9 powerpc/embedded6xx: Fix no previous prototype for > avr_uart_send() etc. > a6e96cc26560 drm/msm/dpu: add division of drm_display_mode's hskew > parameter > 41eec45c7126 powerpc/hv-gpci: Fix the H_GET_PERF_COUNTER_INFO hcall > return value checks > dfde84cc6c58 drm/mediatek: Fix a null pointer crash in > mtk_drm_crtc_finish_page_flip > af37aed04997 media: ttpci: fix two memleaks in budget_av_attach > 353f980a5d7a media: media/pci: rename VFL_TYPE_GRABBER to _VIDEO > fa83fca55cbe media: rename VFL_TYPE_GRABBER to _VIDEO > 25f576552133 media: v4l2-core: correctly validate video and metadata > ioctls > 291cda0b805f media: go7007: fix a memleak in go7007_load_encoder > fa8b472952ef media: dvb-frontends: avoid stack overflow warnings with > clang > d29ed08964ce media: pvrusb2: fix uaf in pvr2_context_set_notify > 86c10c56f253 drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of > atom_get_src_int() > 23d57b99ca3f ASoC: meson: axg-tdm-interface: fix mclk setup without > mclk-fs > 8df143c608fc mtd: rawnand: lpc32xx_mlc: fix irq handler prototype > d9d4d1363bb1 mtd: maps: physmap-core: fix flash size larger than 32-bit > a8c73f0439f3 crypto: arm/sha - fix function cast warnings > 4b6569e14226 mfd: altera-sysmgr: Call of_node_put() only when > of_parse_phandle() takes a ref > ac1170674d54 mfd: syscon: Call of_node_put() only when of_parse_phandle() > takes a ref > 3472fa83d97e drm/tegra: put drm_gem_object ref on error in tegra_fb_create > f27aaaecf747 clk: hisilicon: hi3519: Release the correct number of gates > in
Re: [OE-core] [dunfell][PATCH] shadow: fix CVE-2023-4641
On Wed, Apr 3, 2024 at 2:29 AM Hugo Simeliere via lists.openembedded.org wrote: > > From: Hugo SIMELIERE > > Upstream-Status: Backport > [https://github.com/shadow-maint/shadow/commit/65c88a43a23c2391dcc90c0abda3e839e9c57904] > > Signed-off-by: Hugo SIMELIERE > --- > .../shadow/files/CVE-2023-4641.patch | 145 ++ > meta/recipes-extended/shadow/shadow.inc | 1 + > 2 files changed, 146 insertions(+) > create mode 100644 meta/recipes-extended/shadow/files/CVE-2023-4641.patch > > diff --git a/meta/recipes-extended/shadow/files/CVE-2023-4641.patch > b/meta/recipes-extended/shadow/files/CVE-2023-4641.patch > new file mode 100644 > index 00..709813ab31 > --- /dev/null > +++ b/meta/recipes-extended/shadow/files/CVE-2023-4641.patch > @@ -0,0 +1,145 @@ > +From 51731b01fd9a608397da22b7b9164e4996f3d4c6 Mon Sep 17 00:00:00 2001 > +From: Alejandro Colomar > +Date: Sat, 10 Jun 2023 16:20:05 +0200 > +Subject: [PATCH] gpasswd(1): Fix password leak > + > +CVE: CVE-2023-4641 > +Upstream-Status: Backport > [https://github.com/shadow-maint/shadow/commit/65c88a43a23c2391dcc90c0abda3e839e9c57904] Missing Signed-off-by in the patch file, please submit a V2 Thanks, Steve > + > +How to trigger this password leak? > +~~ > + > +When gpasswd(1) asks for the new password, it asks twice (as is usual > +for confirming the new password). Each of those 2 password prompts > +uses agetpass() to get the password. If the second agetpass() fails, > +the first password, which has been copied into the 'static' buffer > +'pass' via STRFCPY(), wasn't being zeroed. > + > +agetpass() is defined in <./libmisc/agetpass.c> (around line 91), and > +can fail for any of the following reasons: > + > +- malloc(3) or readpassphrase(3) failure. > + > + These are going to be difficult to trigger. Maybe getting the system > + to the limits of memory utilization at that exact point, so that the > + next malloc(3) gets ENOMEM, and possibly even the OOM is triggered. > + About readpassphrase(3), ENFILE and EINTR seem the only plausible > + ones, and EINTR probably requires privilege or being the same user; > + but I wouldn't discard ENFILE so easily, if a process starts opening > + files. > + > +- The password is longer than PASS_MAX. > + > + The is plausible with physical access. However, at that point, a > + keylogger will be a much simpler attack. > + > +And, the attacker must be able to know when the second password is being > +introduced, which is not going to be easy. > + > +How to read the password after the leak? > + > + > +Provoking the leak yourself at the right point by entering a very long > +password is easy, and inspecting the process stack at that point should > +be doable. Try to find some consistent patterns. > + > +Then, search for those patterns in free memory, right after the victim > +leaks their password. > + > +Once you get the leak, a program should read all the free memory > +searching for patterns that gpasswd(1) leaves nearby the leaked > +password. > + > +On 6/10/23 03:14, Seth Arnold wrote: > +> An attacker process wouldn't be able to use malloc(3) for this task. > +> There's a handful of tools available for userspace to allocate memory: > +> > +> - brk / sbrk > +> - mmap MAP_ANONYMOUS > +> - mmap /dev/zero > +> - mmap some other file > +> - shm_open > +> - shmget > +> > +> Most of these return only pages of zeros to a process. Using mmap of an > +> existing file, you can get some of the contents of the file demand-loaded > +> into the memory space on the first use. > +> > +> The MAP_UNINITIALIZED flag only works if the kernel was compiled with > +> CONFIG_MMAP_ALLOW_UNINITIALIZED. This is rare. > +> > +> malloc(3) doesn't zero memory, to our collective frustration, but all the > +> garbage in the allocations is from previous allocations in the current > +> process. It isn't leftover from other processes. > +> > +> The avenues available for reading the memory: > +> - /dev/mem and /dev/kmem (requires root, not available with Secure Boot) > +> - /proc/pid/mem (requires ptrace privileges, mediated by YAMA) > +> - ptrace (requires ptrace privileges, mediated by YAMA) > +> - causing memory to be swapped to disk, and then inspecting the swap > +> > +> These all require a certain amount of privileges. > + > +How to fix it? > +~~ > + > +memzero(), which internally calls explicit_bzero(3), or whatever > +alternative the system provides with a slightly different name, will > +make sure that the buffer is zeroed in memory, and optimizations are not > +allowed to impede this zeroing. > + > +This is not really 100% effective, since compilers may place copies of > +the string somewhere hidden in the stack. Those copies won't get zeroed > +by explicit_bzero(3). However, that's arguably a compiler bug, since > +compilers should make everything possible to avoid optimizing
[OE-core][kirkstone 9/9] common-licenses: Backport missing license
From: Colin McAllister Backports missing license from master to kirkstone. Signed-off-by: Colin McAllister Signed-off-by: Steve Sakoman --- .../LGPL-3.0-with-zeromq-exception| 181 ++ 1 file changed, 181 insertions(+) create mode 100644 meta/files/common-licenses/LGPL-3.0-with-zeromq-exception diff --git a/meta/files/common-licenses/LGPL-3.0-with-zeromq-exception b/meta/files/common-licenses/LGPL-3.0-with-zeromq-exception new file mode 100644 index 00..02e943c4ac --- /dev/null +++ b/meta/files/common-licenses/LGPL-3.0-with-zeromq-exception @@ -0,0 +1,181 @@ +GNU LESSER GENERAL PUBLIC LICENSE + Version 3, 29 June 2007 + + Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/> + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + + This version of the GNU Lesser General Public License incorporates +the terms and conditions of version 3 of the GNU General Public +License, supplemented by the additional permissions listed below. + + 0. Additional Definitions. + + As used herein, "this License" refers to version 3 of the GNU Lesser +General Public License, and the "GNU GPL" refers to version 3 of the GNU +General Public License. + + "The Library" refers to a covered work governed by this License, +other than an Application or a Combined Work as defined below. + + An "Application" is any work that makes use of an interface provided +by the Library, but which is not otherwise based on the Library. +Defining a subclass of a class defined by the Library is deemed a mode +of using an interface provided by the Library. + + A "Combined Work" is a work produced by combining or linking an +Application with the Library. The particular version of the Library +with which the Combined Work was made is also called the "Linked +Version". + + The "Minimal Corresponding Source" for a Combined Work means the +Corresponding Source for the Combined Work, excluding any source code +for portions of the Combined Work that, considered in isolation, are +based on the Application, and not on the Linked Version. + + The "Corresponding Application Code" for a Combined Work means the +object code and/or source code for the Application, including any data +and utility programs needed for reproducing the Combined Work from the +Application, but excluding the System Libraries of the Combined Work. + + 1. Exception to Section 3 of the GNU GPL. + + You may convey a covered work under sections 3 and 4 of this License +without being bound by section 3 of the GNU GPL. + + 2. Conveying Modified Versions. + + If you modify a copy of the Library, and, in your modifications, a +facility refers to a function or data to be supplied by an Application +that uses the facility (other than as an argument passed when the +facility is invoked), then you may convey a copy of the modified +version: + + a) under this License, provided that you make a good faith effort to + ensure that, in the event an Application does not supply the + function or data, the facility still operates, and performs + whatever part of its purpose remains meaningful, or + + b) under the GNU GPL, with none of the additional permissions of + this License applicable to that copy. + + 3. Object Code Incorporating Material from Library Header Files. + + The object code form of an Application may incorporate material from +a header file that is part of the Library. You may convey such object +code under terms of your choice, provided that, if the incorporated +material is not limited to numerical parameters, data structure +layouts and accessors, or small macros, inline functions and templates +(ten or fewer lines in length), you do both of the following: + + a) Give prominent notice with each copy of the object code that the + Library is used in it and that the Library and its use are + covered by this License. + + b) Accompany the object code with a copy of the GNU GPL and this license + document. + + 4. Combined Works. + + You may convey a Combined Work under terms of your choice that, +taken together, effectively do not restrict modification of the +portions of the Library contained in the Combined Work and reverse +engineering for debugging such modifications, if you also do each of +the following: + + a) Give prominent notice with each copy of the Combined Work that + the Library is used in it and that the Library and its use are + covered by this License. + + b) Accompany the Combined Work with a copy of the GNU GPL and this license + document. + + c) For a Combined Work that displays copyright notices during + execution, include the copyright notice for the Library among + these notices, as well as a reference directing the user to the + copies of the GNU GPL and th
[OE-core][kirkstone 8/9] gcc: Backport sanitizer fix for 32-bit ALSR
From: Claus Stovgaard When using the gcc-sanitizers as part of the SDK on a Linux with a newer kernel, the ASAN fails randomly. This was seen on Ubuntu 22.04. This is also described at https://stackoverflow.com/questions/77894856/possible-bug-in-gcc-sanitizers Backport the fix from LLVM project, as gcc has not yet backported anything for the 11 series. Signed-off-by: Claus Stovgaard Signed-off-by: Steve Sakoman --- meta/recipes-devtools/gcc/gcc-11.4.inc| 1 + .../gcc/gcc/0031-gcc-sanitizers-fix.patch | 63 +++ 2 files changed, 64 insertions(+) create mode 100644 meta/recipes-devtools/gcc/gcc/0031-gcc-sanitizers-fix.patch diff --git a/meta/recipes-devtools/gcc/gcc-11.4.inc b/meta/recipes-devtools/gcc/gcc-11.4.inc index 88310e6b79..fd6a3e92e3 100644 --- a/meta/recipes-devtools/gcc/gcc-11.4.inc +++ b/meta/recipes-devtools/gcc/gcc-11.4.inc @@ -59,6 +59,7 @@ SRC_URI = "\ file://0028-debug-101473-apply-debug-prefix-maps-before-checksum.patch \ file://0029-Fix-install-path-of-linux64.h.patch \ file://0030-rust-recursion-limit.patch \ + file://0031-gcc-sanitizers-fix.patch \ file://0001-CVE-2021-42574.patch \ file://0002-CVE-2021-42574.patch \ file://0003-CVE-2021-42574.patch \ diff --git a/meta/recipes-devtools/gcc/gcc/0031-gcc-sanitizers-fix.patch b/meta/recipes-devtools/gcc/gcc/0031-gcc-sanitizers-fix.patch new file mode 100644 index 00..d63618132a --- /dev/null +++ b/meta/recipes-devtools/gcc/gcc/0031-gcc-sanitizers-fix.patch @@ -0,0 +1,63 @@ +From fb77ca05ffb4f8e666878f2f6718a9fb4d686839 Mon Sep 17 00:00:00 2001 +From: Thurston Dang +Date: Thu, 13 Apr 2023 23:55:01 + +Subject: [PATCH] Re-land 'ASan: move allocator base to avoid conflict with + high-entropy ASLR for x86-64 Linux' + +D147984 was reverted because it broke lit tests on Mac. This revision is based on D147984 +but maintains the old behavior for Apple. + +Note that, per the follow-up discussion with MaskRay in D147984, this patch excludes Apple +but includes other platforms (e.g., aarch64, MIPS64) and OSes (e.g., FreeBSD, S390X), not just +x86-64 Linux. + +Original commit message from D147984: + +Users have discovered [*] that when CONFIG_ARCH_MMAP_RND_BITS == 32, +it will frequently conflict with ASan's allocator on x86-64 Linux, because the +PIE program segment base address of 0x5554 plus an ASLR shift of up to +((2**32) * 4K == 0x1000) will sometimes exceed ASan's hardcoded +base address of 0x6000. We fix this by simply moving the allocator base +to 0x5000, which is below the PIE program segment base address. This is +cleaner than trying to move it to another location that is sandwiched between +the PIE program and library segments, because if either of those grow too large, +it will collide with the allocator region. + +Note that we will never need to change this base address again (unless we want to increase +the size of the allocator), because ASLR cannot be set above 32-bits for x86-64 Linux (the +PIE program segment and library segments would collide with each other; see also +ARCH_MMAP_RND_BITS_MAX in https://github.com/torvalds/linux/blob/master/arch/x86/Kconfig). + +[*] see https://b.corp.google.com/issues/276925478 +and https://groups.google.com/a/google.com/g/chrome-os-gardeners/c/BbfzCP3dEeo/m/h3C_vVUxCQAJ + +Differential Revision: https://reviews.llvm.org/D148280 + +Upstream-Status: Backport from llvm-project: https://github.com/llvm/llvm-project/commit/fb77ca05ffb4f8e666878f2f6718a9fb4d686839 +Signed-off-by: Claus Stovgaard +--- + libsanitizer/asan/asan_allocator.h | 8 ++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/libsanitizer/asan/asan_allocator.h b/libsanitizer/asan/asan_allocator.h +index 0b4dbf03bb9d53..6a12a6c6025283 100644 +--- a/libsanitizer/asan/asan_allocator.h b/libsanitizer/asan/asan_allocator.h +@@ -143,11 +143,15 @@ typedef DefaultSizeClassMap SizeClassMap; + const uptr kAllocatorSpace = ~(uptr)0; + const uptr kAllocatorSize = 0x80ULL; // 500G + typedef DefaultSizeClassMap SizeClassMap; +-# else ++# elif SANITIZER_APPLE + const uptr kAllocatorSpace = 0x6000ULL; + const uptr kAllocatorSize = 0x400ULL; // 4T. + typedef DefaultSizeClassMap SizeClassMap; +-# endif ++# else ++const uptr kAllocatorSpace = 0x5000ULL; ++const uptr kAllocatorSize = 0x400ULL; // 4T. ++typedef DefaultSizeClassMap SizeClassMap; ++# endif + template + struct AP64 { // Allocator64 parameters. Deliberately using a short name. + static const uptr kSpaceBeg = kAllocatorSpace; -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197901): https://lists.openembedded.org/g/openembedded-core/message/197901 Mute This Topic: https://lists.openembedded.org/mt/105302706/21656 Group Owner: openembedded-core+ow...@lists.openembedde
[OE-core][kirkstone 7/9] python3-urllib3: update to v1.26.18
From: Tan Wen Yan https://github.com/urllib3/urllib3/releases/tag/1.26.18 Major changes in python3-urllib3 1.26.18: - Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses. (CVE-2023-45803) (cherry picked from OE-Core rev: 74da05b63634c248910594456dae286947f33da5) Signed-off-by: Tan Wen Yan Signed-off-by: Steve Sakoman Signed-off-by: Lee Chee Yang Signed-off-by: Steve Sakoman --- .../{python3-urllib3_1.26.17.bb => python3-urllib3_1.26.18.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-devtools/python/{python3-urllib3_1.26.17.bb => python3-urllib3_1.26.18.bb} (86%) diff --git a/meta/recipes-devtools/python/python3-urllib3_1.26.17.bb b/meta/recipes-devtools/python/python3-urllib3_1.26.18.bb similarity index 86% rename from meta/recipes-devtools/python/python3-urllib3_1.26.17.bb rename to meta/recipes-devtools/python/python3-urllib3_1.26.18.bb index 57b166870a..d384b5eb2f 100644 --- a/meta/recipes-devtools/python/python3-urllib3_1.26.17.bb +++ b/meta/recipes-devtools/python/python3-urllib3_1.26.18.bb @@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/shazow/urllib3; LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=c2823cb995439c984fd62a973d79815c" -SRC_URI[sha256sum] = "24d6a242c28d29af46c3fae832c36db3bbebcc533dd1bb549172cd739c82df21" +SRC_URI[sha256sum] = "f8ecc1bba5667413457c529ab955bf8c67b45db799d159066261719e328580a0" inherit pypi setuptools3 -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197900): https://lists.openembedded.org/g/openembedded-core/message/197900 Mute This Topic: https://lists.openembedded.org/mt/105302705/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][kirkstone 6/9] tiff: fix CVE-2023-52356 CVE-2023-6277
From: Lee Chee Yang import patch from ubuntu to fix CVE-2023-52356 CVE-2023-6277 import from http://archive.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_4.3.0-6ubuntu0.8.debian.tar.xz Signed-off-by: Lee Chee Yang Signed-off-by: Steve Sakoman --- .../libtiff/tiff/CVE-2023-52356.patch | 54 ++ .../libtiff/tiff/CVE-2023-6277-1.patch| 178 ++ .../libtiff/tiff/CVE-2023-6277-2.patch| 151 +++ .../libtiff/tiff/CVE-2023-6277-3.patch| 46 + .../libtiff/tiff/CVE-2023-6277-4.patch| 93 + meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 5 + 6 files changed, 527 insertions(+) create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-52356.patch create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-1.patch create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-2.patch create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-3.patch create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-4.patch diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2023-52356.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2023-52356.patch new file mode 100644 index 00..4eb7d79c8f --- /dev/null +++ b/meta/recipes-multimedia/libtiff/tiff/CVE-2023-52356.patch @@ -0,0 +1,54 @@ +CVE: CVE-2023-52356 +Upstream-Status: Backport [upstream : https://gitlab.com/libtiff/libtiff/-/commit/51558511bdbbcffdce534db21dbaf5d54b31638a +ubuntu : http://archive.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_4.3.0-6ubuntu0.8.debian.tar.xz ] +Signed-off-by: Lee Chee Yang + +[Ubuntu note: Backport of the following patch from upstream, with a few changes +to match the current version of the file in the present Ubuntu release: + . using TIFFErrorExt instead of TIFFErrorExtR (the latter did not exist yet); +-- Rodrigo Figueiredo Zaiden] + +Backport of: + +From 51558511bdbbcffdce534db21dbaf5d54b31638a Mon Sep 17 00:00:00 2001 +From: Even Rouault +Date: Tue, 31 Oct 2023 15:58:41 +0100 +Subject: [PATCH] TIFFReadRGBAStrip/TIFFReadRGBATile: add more validation of + col/row (fixes #622) + +--- + libtiff/tif_getimage.c | 15 +++ + 1 file changed, 15 insertions(+) + + +--- tiff-4.3.0.orig/libtiff/tif_getimage.c tiff-4.3.0/libtiff/tif_getimage.c +@@ -2942,6 +2942,13 @@ TIFFReadRGBAStripExt(TIFF* tif, uint32_t + } + + if (TIFFRGBAImageOK(tif, emsg) && TIFFRGBAImageBegin(, tif, stop_on_error, emsg)) { ++if (row >= img.height) ++{ ++TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), ++ "Invalid row passed to TIFFReadRGBAStrip()."); ++TIFFRGBAImageEnd(); ++return (0); ++} + + img.row_offset = row; + img.col_offset = 0; +@@ -3018,6 +3025,14 @@ TIFFReadRGBATileExt(TIFF* tif, uint32_t + return( 0 ); + } + ++if (col >= img.width || row >= img.height) ++{ ++TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), ++ "Invalid row/col passed to TIFFReadRGBATile()."); ++TIFFRGBAImageEnd(); ++return (0); ++} ++ + /* + * The TIFFRGBAImageGet() function doesn't allow us to get off the + * edge of the image, even to fill an otherwise valid tile. So we diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-1.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-1.patch new file mode 100644 index 00..453df897ac --- /dev/null +++ b/meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-1.patch @@ -0,0 +1,178 @@ +CVE: CVE-2023-6277 +Upstream-Status: Backport [upstream : https://gitlab.com/libtiff/libtiff/-/commit/5320c9d89c054fa805d037d84c57da874470b01a +ubuntu : http://archive.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_4.3.0-6ubuntu0.8.debian.tar.xz ] +Signed-off-by: Lee Chee Yang + +[Ubuntu note: Backport of the following patch from upstream, with a few changes +to match the current version of the file in the present Ubuntu release: + . using TIFFWarningExt instead of TIFFWarningExtR (the latter did not exist yet); + . calling _TIFFfree(data) instead of _TIFFfreeExt(tif, data) (the latter did not exist yet); +-- Rodrigo Figueiredo Zaiden] + +Backport of: + +From 5320c9d89c054fa805d037d84c57da874470b01a Mon Sep 17 00:00:00 2001 +From: Su Laus +Date: Tue, 31 Oct 2023 15:43:29 + +Subject: [PATCH] Prevent some out-of-memory attacks + +Some small fuzzer files fake large amounts of data and provoke out-of-memory situations. For non-compressed data content / tags, out-of-memory can be prevented by comparing with the file size. + +At image reading, data size of some tags / data structures (StripByteCounts, StripOffsets, StripArray, TIFF directory) is compared with file size to prevent provoked out-of-memory attacks. + +See issue https://gitlab.com/libtiff/libtiff/-/issues/614#note_1602683857 +--- + libtiff/tif_dirread.c | 92 +
[OE-core][kirkstone 5/9] qemu: Fix for CVE-2023-6683
From: Vijay Anusuri Upstream-Status: Backport from https://gitlab.com/qemu-project/qemu/-/commit/405484b29f6548c7b86549b0f961b906337aa68a Reference: https://security-tracker.debian.org/tracker/CVE-2023-6683 Signed-off-by: Vijay Anusuri Signed-off-by: Steve Sakoman --- meta/recipes-devtools/qemu/qemu.inc | 1 + .../qemu/qemu/CVE-2023-6683.patch | 92 +++ 2 files changed, 93 insertions(+) create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-6683.patch diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc index ad6b310137..4747310ae4 100644 --- a/meta/recipes-devtools/qemu/qemu.inc +++ b/meta/recipes-devtools/qemu/qemu.inc @@ -108,6 +108,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \ file://scsi-disk-allow-MODE-SELECT-block-desriptor-to-set-the-block-size.patch \ file://scsi-disk-ensure-block-size-is-non-zero-and-changes-limited-to-bits-8-15.patch \ file://CVE-2023-42467.patch \ + file://CVE-2023-6683.patch \ " UPSTREAM_CHECK_REGEX = "qemu-(?P\d+(\.\d+)+)\.tar" diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2023-6683.patch b/meta/recipes-devtools/qemu/qemu/CVE-2023-6683.patch new file mode 100644 index 00..e528574076 --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2023-6683.patch @@ -0,0 +1,92 @@ +From 405484b29f6548c7b86549b0f961b906337aa68a Mon Sep 17 00:00:00 2001 +From: Fiona Ebner +Date: Wed, 24 Jan 2024 11:57:48 +0100 +Subject: [PATCH] ui/clipboard: mark type as not available when there is no + data +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +With VNC, a client can send a non-extended VNC_MSG_CLIENT_CUT_TEXT +message with len=0. In qemu_clipboard_set_data(), the clipboard info +will be updated setting data to NULL (because g_memdup(data, size) +returns NULL when size is 0). If the client does not set the +VNC_ENCODING_CLIPBOARD_EXT feature when setting up the encodings, then +the 'request' callback for the clipboard peer is not initialized. +Later, because data is NULL, qemu_clipboard_request() can be reached +via vdagent_chr_write() and vdagent_clipboard_recv_request() and +there, the clipboard owner's 'request' callback will be attempted to +be called, but that is a NULL pointer. + +In particular, this can happen when using the KRDC (22.12.3) VNC +client. + +Another scenario leading to the same issue is with two clients (say +noVNC and KRDC): + +The noVNC client sets the extension VNC_FEATURE_CLIPBOARD_EXT and +initializes its cbpeer. + +The KRDC client does not, but triggers a vnc_client_cut_text() (note +it's not the _ext variant)). There, a new clipboard info with it as +the 'owner' is created and via qemu_clipboard_set_data() is called, +which in turn calls qemu_clipboard_update() with that info. + +In qemu_clipboard_update(), the notifier for the noVNC client will be +called, i.e. vnc_clipboard_notify() and also set vs->cbinfo for the +noVNC client. The 'owner' in that clipboard info is the clipboard peer +for the KRDC client, which did not initialize the 'request' function. +That sounds correct to me, it is the owner of that clipboard info. + +Then when noVNC sends a VNC_MSG_CLIENT_CUT_TEXT message (it did set +the VNC_FEATURE_CLIPBOARD_EXT feature correctly, so a check for it +passes), that clipboard info is passed to qemu_clipboard_request() and +the original segfault still happens. + +Fix the issue by handling updates with size 0 differently. In +particular, mark in the clipboard info that the type is not available. + +While at it, switch to g_memdup2(), because g_memdup() is deprecated. + +Cc: qemu-sta...@nongnu.org +Fixes: CVE-2023-6683 +Reported-by: Markus Frank +Suggested-by: Marc-André Lureau +Signed-off-by: Fiona Ebner +Reviewed-by: Marc-André Lureau +Tested-by: Markus Frank +Message-ID: <20240124105749.204610-1-f.eb...@proxmox.com> + +Upstream-Status: Backport [https://gitlab.com/qemu-project/qemu/-/commit/405484b29f6548c7b86549b0f961b906337aa68a] +CVE: CVE-2023-6683 +Signed-off-by: Vijay Anusuri +--- + ui/clipboard.c | 12 +--- + 1 file changed, 9 insertions(+), 3 deletions(-) + +diff --git a/ui/clipboard.c b/ui/clipboard.c +index 3d14bffaf80..b3f6fa3c9e1 100644 +--- a/ui/clipboard.c b/ui/clipboard.c +@@ -163,9 +163,15 @@ void qemu_clipboard_set_data(QemuClipboardPeer *peer, + } + + g_free(info->types[type].data); +-info->types[type].data = g_memdup(data, size); +-info->types[type].size = size; +-info->types[type].available = true; ++if (size) { ++info->types[type].data = g_memdup2(data, size); ++info->types[type].size = size; ++info->types[type].available = true; ++} else { ++info->types[type].data = NULL; ++info->types[type].size = 0; ++info->types[type].available = false; ++}
[OE-core][kirkstone 3/9] expat: fix CVE-2023-52425
From: Meenali Gupta libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed. References: https://nvd.nist.gov/vuln/detail/CVE-2023-52425 Changes related to test directory are not included as most of the files are not present and are introduced in the later version. Signed-off-by: Meenali Gupta Signed-off-by: Steve Sakoman --- .../expat/expat/CVE-2023-52425-0001.patch | 40 .../expat/expat/CVE-2023-52425-0002.patch | 87 +++ .../expat/expat/CVE-2023-52425-0003.patch | 222 ++ .../expat/expat/CVE-2023-52425-0004.patch | 42 .../expat/expat/CVE-2023-52425-0005.patch | 69 ++ .../expat/expat/CVE-2023-52425-0006.patch | 67 ++ .../expat/expat/CVE-2023-52425-0007.patch | 159 + .../expat/expat/CVE-2023-52425-0008.patch | 95 .../expat/expat/CVE-2023-52425-0009.patch | 52 .../expat/expat/CVE-2023-52425-0010.patch | 111 + .../expat/expat/CVE-2023-52425-0011.patch | 89 +++ .../expat/expat/CVE-2023-52425-0012.patch | 87 +++ meta/recipes-core/expat/expat_2.5.0.bb| 12 + 13 files changed, 1132 insertions(+) create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0001.patch create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0002.patch create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0003.patch create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0004.patch create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0005.patch create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0006.patch create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0007.patch create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0008.patch create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0009.patch create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0010.patch create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0011.patch create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0012.patch diff --git a/meta/recipes-core/expat/expat/CVE-2023-52425-0001.patch b/meta/recipes-core/expat/expat/CVE-2023-52425-0001.patch new file mode 100644 index 00..4e21ade018 --- /dev/null +++ b/meta/recipes-core/expat/expat/CVE-2023-52425-0001.patch @@ -0,0 +1,40 @@ +From d5b02e96ab95d2a7ae0aea72d00054b9d036d76d Mon Sep 17 00:00:00 2001 +From: Sebastian Pipping +Date: Thu, 9 Nov 2023 19:28:05 +0100 +Subject: [PATCH] xmlwf: Document argument "-q" + +Rebased-and-adapted-by: Snild Dolkow + +CVE: CVE-2023-52425 + +Upstream-Status: Backport [https://github.com/libexpat/libexpat/commit/d5b02e96ab95d2a7ae0aea72d00054b9d036d76d] + +Signed-off-by: Meenali Gupta +--- + doc/xmlwf.xml | 10 ++ + 1 file changed, 10 insertions(+) + +diff --git a/doc/xmlwf.xml b/doc/xmlwf.xml +index 9603abf..3d35393 100644 +--- a/doc/xmlwf.xml b/doc/xmlwf.xml +@@ -313,6 +313,16 @@ supports both. + + + ++ ++-q ++ ++ ++Disable reparse deferral, and allow quadratic parse runtime ++on large tokens (default: reparse deferral enabled). ++ ++ ++ ++ + + -r + +-- +2.40.0 + diff --git a/meta/recipes-core/expat/expat/CVE-2023-52425-0002.patch b/meta/recipes-core/expat/expat/CVE-2023-52425-0002.patch new file mode 100644 index 00..8376727778 --- /dev/null +++ b/meta/recipes-core/expat/expat/CVE-2023-52425-0002.patch @@ -0,0 +1,87 @@ +From 09fdf998e7cf3f8f9327e6602077791095aedd4d Mon Sep 17 00:00:00 2001 +From: Sebastian Pipping +Date: Thu, 9 Nov 2023 19:14:14 +0100 +Subject: [PATCH] xmlwf: Support disabling reparse deferral + +Rebased-and-adapted-by: Snild Dolkow + +CVE: CVE-2023-52425 + +Upstream-Status: Backport [https://github.com/libexpat/libexpat/commit/09fdf998e7cf3f8f9327e6602077791095aedd4d] + +Signed-off-by: Meenali Gupta +--- + xmlwf/xmlwf.c | 20 + xmlwf/xmlwf_helpgen.py | 4 + 2 files changed, 24 insertions(+) + +diff --git a/xmlwf/xmlwf.c b/xmlwf/xmlwf.c +index dd023a9..9a5441c 100644 +--- a/xmlwf/xmlwf.c b/xmlwf/xmlwf.c +@@ -911,6 +911,9 @@ usage(const XML_Char *prog, int rc) { + T("billion laughs attack protection:\n") + T(" NOTE: If you ever need to increase these values for non-attack payload, please file a bug report.\n") + T("\n") ++ T("reparse deferral:\n") ++ T(" -q disable reparse deferral, and allow [q]uadratic parse runtime with large tokens\n") ++ T("\n") + T(" -a FACTOR set maximum tolerated [a]mplification factor (default: 100.0)\n") + T(" -b BYTES set number of output [b]ytes needed to activate (def
[OE-core][kirkstone 4/9] curl: backport Debian patch for CVE-2024-2398
From: Vijay Anusuri import patch from ubuntu to fix CVE-2024-2398 Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/curl/tree/debian/patches/?h=ubuntu%2Fjammy-security Upstream commit https://github.com/curl/curl/commit/deca8039991886a559b67bcd6701db800a5cf764] Signed-off-by: Vijay Anusuri Signed-off-by: Steve Sakoman --- .../curl/curl/CVE-2024-2398.patch | 89 +++ meta/recipes-support/curl/curl_7.82.0.bb | 1 + 2 files changed, 90 insertions(+) create mode 100644 meta/recipes-support/curl/curl/CVE-2024-2398.patch diff --git a/meta/recipes-support/curl/curl/CVE-2024-2398.patch b/meta/recipes-support/curl/curl/CVE-2024-2398.patch new file mode 100644 index 00..ea55117f4d --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2024-2398.patch @@ -0,0 +1,89 @@ +Backport of: + +From deca8039991886a559b67bcd6701db800a5cf764 Mon Sep 17 00:00:00 2001 +From: Stefan Eissing +Date: Wed, 6 Mar 2024 09:36:08 +0100 +Subject: [PATCH] http2: push headers better cleanup + +- provide common cleanup method for push headers + +Closes #13054 + +Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/curl/tree/debian/patches/CVE-2024-2398.patch?h=ubuntu/jammy-security +Upstream commit https://github.com/curl/curl/commit/deca8039991886a559b67bcd6701db800a5cf764] +CVE: CVE-2024-2398 +Signed-off-by: Vijay Anusuri +--- + lib/http2.c | 34 +++--- + 1 file changed, 15 insertions(+), 19 deletions(-) + +--- a/lib/http2.c b/lib/http2.c +@@ -555,6 +555,15 @@ static int set_transfer_url(struct Curl_ + return 0; + } + ++static void free_push_headers(struct HTTP *stream) ++{ ++ size_t i; ++ for(i = 0; ipush_headers_used; i++) ++free(stream->push_headers[i]); ++ Curl_safefree(stream->push_headers); ++ stream->push_headers_used = 0; ++} ++ + static int push_promise(struct Curl_easy *data, + struct connectdata *conn, + const nghttp2_push_promise *frame) +@@ -568,7 +577,6 @@ static int push_promise(struct Curl_easy + struct curl_pushheaders heads; + CURLMcode rc; + struct http_conn *httpc; +-size_t i; + /* clone the parent */ + struct Curl_easy *newhandle = duphandle(data); + if(!newhandle) { +@@ -604,11 +612,7 @@ static int push_promise(struct Curl_easy + Curl_set_in_callback(data, false); + + /* free the headers again */ +-for(i = 0; ipush_headers_used; i++) +- free(stream->push_headers[i]); +-free(stream->push_headers); +-stream->push_headers = NULL; +-stream->push_headers_used = 0; ++free_push_headers(stream); + + if(rv) { + DEBUGASSERT((rv > CURL_PUSH_OK) && (rv <= CURL_PUSH_ERROROUT)); +@@ -1045,10 +1049,10 @@ static int on_header(nghttp2_session *se + stream->push_headers_alloc) { + char **headp; + stream->push_headers_alloc *= 2; +- headp = Curl_saferealloc(stream->push_headers, +- stream->push_headers_alloc * sizeof(char *)); ++ headp = realloc(stream->push_headers, ++ stream->push_headers_alloc * sizeof(char *)); + if(!headp) { +-stream->push_headers = NULL; ++free_push_headers(stream); + return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE; + } + stream->push_headers = headp; +@@ -1214,15 +1218,7 @@ void Curl_http2_done(struct Curl_easy *d + setup */ + Curl_dyn_free(>header_recvbuf); + Curl_dyn_free(>trailer_recvbuf); +- if(http->push_headers) { +-/* if they weren't used and then freed before */ +-for(; http->push_headers_used > 0; --http->push_headers_used) { +- free(http->push_headers[http->push_headers_used - 1]); +-} +-free(http->push_headers); +-http->push_headers = NULL; +- } +- ++ free_push_headers(http); + if(!(data->conn->handler->protocol_FAMILY_HTTP) || + !httpc->h2) /* not HTTP/2 ? */ + return; diff --git a/meta/recipes-support/curl/curl_7.82.0.bb b/meta/recipes-support/curl/curl_7.82.0.bb index 383cf415d9..72d8544e08 100644 --- a/meta/recipes-support/curl/curl_7.82.0.bb +++ b/meta/recipes-support/curl/curl_7.82.0.bb @@ -57,6 +57,7 @@ SRC_URI = "https://curl.se/download/${BP}.tar.xz \ file://CVE-2023-46219-0001.patch \ file://CVE-2023-46219-0002.patch \ file://CVE-2023-46219-0003.patch \ + file://CVE-2024-2398.patch \ " SRC_URI[sha256sum] = "0aaa12d7bd04b0966254f2703ce80dd5c38dbbd76af0297d3d690cdce58a583c" -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197897): https://lists.openembedded.org/g/openembedded-core/message/197897 Mute This Topic: https://lists.openembedded.org/mt/105302702/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][kirkstone 2/9] xwayland: fix CVE-2023-6816 CVE-2024-0408/0409
From: Lee Chee Yang fix CVE-2023-6816 CVE-2024-0408 CVE-2024-0409 Signed-off-by: Lee Chee Yang Signed-off-by: Steve Sakoman --- .../xwayland/xwayland/CVE-2023-6816.patch | 57 .../xwayland/xwayland/CVE-2024-0408.patch | 65 +++ .../xwayland/xwayland/CVE-2024-0409.patch | 47 ++ .../xwayland/xwayland_22.1.8.bb | 3 + 4 files changed, 172 insertions(+) create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2023-6816.patch create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2024-0408.patch create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2024-0409.patch diff --git a/meta/recipes-graphics/xwayland/xwayland/CVE-2023-6816.patch b/meta/recipes-graphics/xwayland/xwayland/CVE-2023-6816.patch new file mode 100644 index 00..5c68bfb3c1 --- /dev/null +++ b/meta/recipes-graphics/xwayland/xwayland/CVE-2023-6816.patch @@ -0,0 +1,57 @@ +CVE: CVE-2023-6816 +Upstream-Status: Backport [ https://gitlab.freedesktop.org/xorg/xserver/-/commit/b5cb27032d3e486ba84a491e1420e85171c4c0a3 ] +Signed-off-by: Lee Chee Yang + +From b5cb27032d3e486ba84a491e1420e85171c4c0a3 Mon Sep 17 00:00:00 2001 +From: Peter Hutterer +Date: Thu, 14 Dec 2023 11:29:49 +1000 +Subject: [PATCH] dix: allocate enough space for logical button maps + +Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for +each logical button currently down. Since buttons can be arbitrarily mapped +to anything up to 255 make sure we have enough bits for the maximum mapping. + +CVE-2023-6816, ZDI-CAN-22664, ZDI-CAN-22665 + +This vulnerability was discovered by: +Jan-Niklas Sohn working with Trend Micro Zero Day Initiative + +(cherry picked from commit 9e2ecb2af8302dedc49cb6a63ebe063c58a9e7e3) +--- + Xi/xiquerypointer.c | 3 +-- + dix/enterleave.c| 5 +++-- + 2 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/Xi/xiquerypointer.c b/Xi/xiquerypointer.c +index 5b77b1a444..2b05ac5f39 100644 +--- a/Xi/xiquerypointer.c b/Xi/xiquerypointer.c +@@ -149,8 +149,7 @@ ProcXIQueryPointer(ClientPtr client) + if (pDev->button) { + int i; + +-rep.buttons_len = +-bytes_to_int32(bits_to_bytes(pDev->button->numButtons)); ++rep.buttons_len = bytes_to_int32(bits_to_bytes(256)); /* button map up to 255 */ + rep.length += rep.buttons_len; + buttons = calloc(rep.buttons_len, 4); + if (!buttons) +diff --git a/dix/enterleave.c b/dix/enterleave.c +index 867ec74363..ded8679d76 100644 +--- a/dix/enterleave.c b/dix/enterleave.c +@@ -784,8 +784,9 @@ DeviceFocusEvent(DeviceIntPtr dev, int type, int mode, int detail, + + mouse = IsFloating(dev) ? dev : GetMaster(dev, MASTER_POINTER); + +-/* XI 2 event */ +-btlen = (mouse->button) ? bits_to_bytes(mouse->button->numButtons) : 0; ++/* XI 2 event contains the logical button map - maps are CARD8 ++ * so we need 256 bits for the possibly maximum mapping */ ++btlen = (mouse->button) ? bits_to_bytes(256) : 0; + btlen = bytes_to_int32(btlen); + len = sizeof(xXIFocusInEvent) + btlen * 4; + +-- +GitLab + diff --git a/meta/recipes-graphics/xwayland/xwayland/CVE-2024-0408.patch b/meta/recipes-graphics/xwayland/xwayland/CVE-2024-0408.patch new file mode 100644 index 00..9063cd00b2 --- /dev/null +++ b/meta/recipes-graphics/xwayland/xwayland/CVE-2024-0408.patch @@ -0,0 +1,65 @@ +CVE: CVE-2024-0408 +Upstream-Status: Backport [ https://gitlab.freedesktop.org/xorg/xserver/-/commit/4093057b98bc5a178f130c9ba6b0b28385e24ae5 ] +Signed-off-by: Lee Chee Yang + +From 4093057b98bc5a178f130c9ba6b0b28385e24ae5 Mon Sep 17 00:00:00 2001 +From: Olivier Fourdan +Date: Wed, 6 Dec 2023 12:09:41 +0100 +Subject: [PATCH] glx: Call XACE hooks on the GLX buffer + +The XSELINUX code will label resources at creation by checking the +access mode. When the access mode is DixCreateAccess, it will call the +function to label the new resource SELinuxLabelResource(). + +However, GLX buffers do not go through the XACE hooks when created, +hence leaving the resource actually unlabeled. + +When, later, the client tries to create another resource using that +drawable (like a GC for example), the XSELINUX code would try to use +the security ID of that object which has never been labeled, get a NULL +pointer and crash when checking whether the requested permissions are +granted for subject security ID. + +To avoid the issue, make sure to call the XACE hooks when creating the +GLX buffers. + +Credit goes to Donn Seeley for providing the patch. + +CVE-2024-0408 + +Signed-off-by: Olivier Fourdan +Acked-by: Peter Hutterer +(cherry picked from commit e5e8586a12a3ec915673edffa10dc8fe5e15dac3) +--- + glx/glxcmds.c | 8 + 1 file changed, 8 insertions(+) + +diff --git a/glx/glxcmds.c b/glx/glxcmds.c +index fc26a2e345..1e46d0c723 100644 +--- a/glx/glxcmds.c b/glx/glxcmds.c +@@ -48,6 +48,7 @@ + #include "i
[OE-core][kirkstone 1/9] nghttp2: fix CVE-2023-44487
From: aszh07 The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. References: https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://github.com/nghttp2/nghttp2/commit/72b4af6143681f528f1d237b21a9a7aee1738832 Signed-off-by: Zahir Hussain Signed-off-by: Steve Sakoman --- .../nghttp2/nghttp2/CVE-2023-44487.patch | 927 ++ .../recipes-support/nghttp2/nghttp2_1.47.0.bb | 1 + 2 files changed, 928 insertions(+) create mode 100644 meta/recipes-support/nghttp2/nghttp2/CVE-2023-44487.patch diff --git a/meta/recipes-support/nghttp2/nghttp2/CVE-2023-44487.patch b/meta/recipes-support/nghttp2/nghttp2/CVE-2023-44487.patch new file mode 100644 index 00..3cba83307c --- /dev/null +++ b/meta/recipes-support/nghttp2/nghttp2/CVE-2023-44487.patch @@ -0,0 +1,927 @@ +From 72b4af6143681f528f1d237b21a9a7aee1738832 Mon Sep 17 00:00:00 2001 +From: Tatsuhiro Tsujikawa +Date: Sun, 1 Oct 2023 00:05:01 +0900 +Subject: [PATCH] Rework session management + +CVE: CVE-2023-44487 + +Upstream-Status: Backport [https://github.com/nghttp2/nghttp2/commit/72b4af6143681f528f1d237b21a9a7aee1738832] + +Signed-off-by: Zahir Hussain zahir.ba...@kpit.com +Signed-off-by: aszh07 +--- +CMakeLists.txt | 4 ++ +cmakeconfig.h.in | 9 +++ +configure.ac | 21 +++ +doc/Makefile.am| 1 + +lib/CMakeLists.txt | 2 + +lib/Makefile.am| 4 ++ +lib/includes/nghttp2/nghttp2.h | 17 ++ +lib/nghttp2_option.c | 7 +++ +lib/nghttp2_ratelim.c | 75 +lib/nghttp2_ratelim.h | 57 ++ +lib/nghttp2_session.c | 34 ++- +lib/nghttp2_session.h | 12 +++- +lib/nghttp2_time.c | 62 +lib/nghttp2_time.h | 38 +tests/nghttp2_ratelim_test.c | 101 +tests/nghttp2_ratelim_test.h | 35 +++ +tests/nghttp2_session_test.c | 103 + +tests/nghttp2_session_test.h | 1 + +tests/CMakeLists.txt | 1 + +tests/Makefile.am | 6 +- +lib/nghttp2_option.h | 6 ++ +tests/main.c | 7 ++- +22 files changed, 598 insertions(+), 5 deletions(-) +create mode 100644 lib/nghttp2_ratelim.c +create mode 100644 lib/nghttp2_ratelim.h +create mode 100644 lib/nghttp2_time.c +create mode 100644 lib/nghttp2_time.h +create mode 100644 tests/nghttp2_ratelim_test.c +create mode 100644 tests/nghttp2_ratelim_test.h + +--- a/CMakeLists.txt b/CMakeLists.txt +@@ -262,6 +262,7 @@ check_include_file("netinet/in.h" HAVE + check_include_file("pwd.h" HAVE_PWD_H) + check_include_file("sys/socket.h" HAVE_SYS_SOCKET_H) + check_include_file("sys/time.h" HAVE_SYS_TIME_H) ++check_include_file("sysinfoapi.h" HAVE_SYSINFOAPI_H) + check_include_file("syslog.h" HAVE_SYSLOG_H) + check_include_file("time.h" HAVE_TIME_H) + check_include_file("unistd.h" HAVE_UNISTD_H) +@@ -302,8 +303,11 @@ check_type_size("time_t" SIZEOF_TIME_T) + include(CheckFunctionExists) + check_function_exists(_Exit HAVE__EXIT) + check_function_exists(accept4 HAVE_ACCEPT4) ++check_function_exists(clock_gettime HAVE_CLOCK_GETTIME) + check_function_exists(mkostemp HAVE_MKOSTEMP) + ++check_symbol_exists(GetTickCount64 sysinfoapi.h HAVE_GETTICKCOUNT64) ++ + include(CheckSymbolExists) + # XXX does this correctly detect initgroups (un)availability on cygwin? + check_symbol_exists(initgroups grp.h HAVE_DECL_INITGROUPS) +--- a/cmakeconfig.h.in b/cmakeconfig.h.in +@@ -34,9 +34,15 @@ + /* Define to 1 if you have the `accept4` function. */ + #cmakedefine HAVE_ACCEPT4 1 + ++/* Define to 1 if you have the `clock_gettime` function. */ ++#cmakedefine HAVE_CLOCK_GETTIME 1 ++ + /* Define to 1 if you have the `mkostemp` function. */ + #cmakedefine HAVE_MKOSTEMP 1 + ++/* Define to 1 if you have the `GetTickCount64` function. */ ++#cmakedefine HAVE_GETTICKCOUNT64 1 ++ + /* Define to 1 if you have the `initgroups` function. */ + #cmakedefine01 HAVE_DECL_INITGROUPS + +@@ -73,6 +79,9 @@ + /* Define to 1 if you have the header file. */ + #cmakedefine HAVE_SYS_TIME_H 1 + ++/* Define to 1 if you have the header file. */ ++#cmakedefine HAVE_SYSINFOAPI_H 1 ++ + /* Define to 1 if you have the header file. */ + #cmakedefine HAVE_SYSLOG_H 1 + +--- a/configure.ac b/configure.ac +@@ -607,6 +607,7 @@ AC_CHECK_HEADERS([ \ + string.h \ + sys/socket.h \ + sys/time.h \ ++ sysinfoapi.h \ + syslog.h \ + time.h \ + unistd.h \ +@@ -681,6 +682,7 @@ AC_FUNC_STRNLEN + AC_CHECK_FUNCS([ \ + _Exit \ + accept4 \ ++ clock_gettime \ + dup2 \ + getcwd
[OE-core][kirkstone 0/9] Patch review
Please review this set of changes for kirkstone and have comments back by end of day Thursday, April 4 Passed a-full on autobuilder: https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6758 The following changes since commit 1b5405955c7c2579ed1f52522e2e177d0281fa33: glibc: Fix subscript typos for get_nscd_addresses (2024-03-19 03:33:32 -1000) are available in the Git repository at: https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut Claus Stovgaard (1): gcc: Backport sanitizer fix for 32-bit ALSR Colin McAllister (1): common-licenses: Backport missing license Lee Chee Yang (2): xwayland: fix CVE-2023-6816 CVE-2024-0408/0409 tiff: fix CVE-2023-52356 CVE-2023-6277 Meenali Gupta (1): expat: fix CVE-2023-52425 Tan Wen Yan (1): python3-urllib3: update to v1.26.18 Vijay Anusuri (2): curl: backport Debian patch for CVE-2024-2398 qemu: Fix for CVE-2023-6683 aszh07 (1): nghttp2: fix CVE-2023-44487 .../LGPL-3.0-with-zeromq-exception| 181 .../expat/expat/CVE-2023-52425-0001.patch | 40 + .../expat/expat/CVE-2023-52425-0002.patch | 87 ++ .../expat/expat/CVE-2023-52425-0003.patch | 222 + .../expat/expat/CVE-2023-52425-0004.patch | 42 + .../expat/expat/CVE-2023-52425-0005.patch | 69 ++ .../expat/expat/CVE-2023-52425-0006.patch | 67 ++ .../expat/expat/CVE-2023-52425-0007.patch | 159 +++ .../expat/expat/CVE-2023-52425-0008.patch | 95 ++ .../expat/expat/CVE-2023-52425-0009.patch | 52 + .../expat/expat/CVE-2023-52425-0010.patch | 111 +++ .../expat/expat/CVE-2023-52425-0011.patch | 89 ++ .../expat/expat/CVE-2023-52425-0012.patch | 87 ++ meta/recipes-core/expat/expat_2.5.0.bb| 12 + meta/recipes-devtools/gcc/gcc-11.4.inc| 1 + .../gcc/gcc/0031-gcc-sanitizers-fix.patch | 63 ++ ..._1.26.17.bb => python3-urllib3_1.26.18.bb} | 2 +- meta/recipes-devtools/qemu/qemu.inc | 1 + .../qemu/qemu/CVE-2023-6683.patch | 92 ++ .../xwayland/xwayland/CVE-2023-6816.patch | 57 ++ .../xwayland/xwayland/CVE-2024-0408.patch | 65 ++ .../xwayland/xwayland/CVE-2024-0409.patch | 47 + .../xwayland/xwayland_22.1.8.bb | 3 + .../libtiff/tiff/CVE-2023-52356.patch | 54 + .../libtiff/tiff/CVE-2023-6277-1.patch| 178 .../libtiff/tiff/CVE-2023-6277-2.patch| 151 +++ .../libtiff/tiff/CVE-2023-6277-3.patch| 46 + .../libtiff/tiff/CVE-2023-6277-4.patch| 93 ++ meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 5 + .../curl/curl/CVE-2024-2398.patch | 89 ++ meta/recipes-support/curl/curl_7.82.0.bb | 1 + .../nghttp2/nghttp2/CVE-2023-44487.patch | 927 ++ .../recipes-support/nghttp2/nghttp2_1.47.0.bb | 1 + 33 files changed, 3188 insertions(+), 1 deletion(-) create mode 100644 meta/files/common-licenses/LGPL-3.0-with-zeromq-exception create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0001.patch create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0002.patch create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0003.patch create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0004.patch create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0005.patch create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0006.patch create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0007.patch create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0008.patch create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0009.patch create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0010.patch create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0011.patch create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0012.patch create mode 100644 meta/recipes-devtools/gcc/gcc/0031-gcc-sanitizers-fix.patch rename meta/recipes-devtools/python/{python3-urllib3_1.26.17.bb => python3-urllib3_1.26.18.bb} (86%) create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-6683.patch create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2023-6816.patch create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2024-0408.patch create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2024-0409.patch create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-52356.patch create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-1.patch create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-2.patch create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-3.patch create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-4.patch create mode 100644 meta/recipes-support/curl/curl/CVE-2024-2398.patch create mode 100644
[OE-core][dunfell 7/7] perf: bump PR to deal with sstate corruption on autobuilder
Testing of an SPDX patch corrupted sstate, so bump PR to work around the issue Signed-off-by: Steve Sakoman --- meta/recipes-kernel/perf/perf.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-kernel/perf/perf.bb b/meta/recipes-kernel/perf/perf.bb index 91bf648caa..42621e47d3 100644 --- a/meta/recipes-kernel/perf/perf.bb +++ b/meta/recipes-kernel/perf/perf.bb @@ -9,7 +9,7 @@ HOMEPAGE = "https://perf.wiki.kernel.org/index.php/Main_Page; LICENSE = "GPLv2" -PR = "r9" +PR = "r10" PACKAGECONFIG ??= "scripting tui libunwind" PACKAGECONFIG[dwarf] = ",NO_DWARF=1" -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197892): https://lists.openembedded.org/g/openembedded-core/message/197892 Mute This Topic: https://lists.openembedded.org/mt/105302364/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 5/7] openssl: Fix CVE-2024-0727
From: virendra thakur PKCS12 structures contain PKCS7 ContentInfo fields. These fields are optional and can be NULL even if the "type" is a valid value. OpenSSL was not properly accounting for this and a NULL dereference can occur causing a crash. Signed-off-by: virendra thakur Signed-off-by: Steve Sakoman --- .../openssl/openssl/CVE-2024-0727.patch | 122 ++ .../openssl/openssl_1.1.1w.bb | 1 + 2 files changed, 123 insertions(+) create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-0727.patch diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-0727.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-0727.patch new file mode 100644 index 00..3da6879ccb --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-0727.patch @@ -0,0 +1,122 @@ +Backport of: + +From 09df4395b5071217b76dc7d3d2e630eb8c5a79c2 Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Fri, 19 Jan 2024 11:28:58 + +Subject: [PATCH] Add NULL checks where ContentInfo data can be NULL + +PKCS12 structures contain PKCS7 ContentInfo fields. These fields are +optional and can be NULL even if the "type" is a valid value. OpenSSL +was not properly accounting for this and a NULL dereference can occur +causing a crash. + +CVE-2024-0727 + +Reviewed-by: Tomas Mraz +Reviewed-by: Hugo Landau +Reviewed-by: Neil Horman +(Merged from https://github.com/openssl/openssl/pull/23362) + +(cherry picked from commit d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c) + +Upstream-Status: Backport [https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c] + +CVE: CVE-2024-0727 + +Signed-off-by: virendra thakur +--- + crypto/pkcs12/p12_add.c | 18 ++ + crypto/pkcs12/p12_mutl.c | 5 + + crypto/pkcs12/p12_npas.c | 5 +++-- + crypto/pkcs7/pk7_mime.c | 7 +-- + 4 files changed, 31 insertions(+), 4 deletions(-) + +--- a/crypto/pkcs12/p12_add.c b/crypto/pkcs12/p12_add.c +@@ -76,6 +76,13 @@ STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_ + PKCS12_R_CONTENT_TYPE_NOT_DATA); + return NULL; + } ++ ++if (p7->d.data == NULL) { ++PKCS12err(PKCS12_F_PKCS12_UNPACK_P7DATA, ++ PKCS12_R_DECODE_ERROR); ++return NULL; ++} ++ + return ASN1_item_unpack(p7->d.data, ASN1_ITEM_rptr(PKCS12_SAFEBAGS)); + } + +@@ -132,6 +139,12 @@ STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_ + { + if (!PKCS7_type_is_encrypted(p7)) + return NULL; ++ ++if (p7->d.encrypted == NULL) { ++PKCS12err(PKCS12_F_PKCS12_UNPACK_P7DATA, PKCS12_R_DECODE_ERROR); ++return NULL; ++} ++ + return PKCS12_item_decrypt_d2i(p7->d.encrypted->enc_data->algorithm, +ASN1_ITEM_rptr(PKCS12_SAFEBAGS), +pass, passlen, +@@ -159,6 +172,13 @@ STACK_OF(PKCS7) *PKCS12_unpack_authsafes + PKCS12_R_CONTENT_TYPE_NOT_DATA); + return NULL; + } ++ ++if (p12->authsafes->d.data == NULL) { ++PKCS12err(PKCS12_F_PKCS12_UNPACK_AUTHSAFES, ++ PKCS12_R_DECODE_ERROR); ++return NULL; ++} ++ + return ASN1_item_unpack(p12->authsafes->d.data, + ASN1_ITEM_rptr(PKCS12_AUTHSAFES)); + } +--- a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c +@@ -93,6 +93,11 @@ static int pkcs12_gen_mac(PKCS12 *p12, c + return 0; + } + ++if (p12->authsafes->d.data == NULL) { ++PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_DECODE_ERROR); ++return 0; ++} ++ + salt = p12->mac->salt->data; + saltlen = p12->mac->salt->length; + if (!p12->mac->iter) +--- a/crypto/pkcs12/p12_npas.c b/crypto/pkcs12/p12_npas.c +@@ -78,8 +78,9 @@ static int newpass_p12(PKCS12 *p12, cons + bags = PKCS12_unpack_p7data(p7); + } else if (bagnid == NID_pkcs7_encrypted) { + bags = PKCS12_unpack_p7encdata(p7, oldpass, -1); +-if (!alg_get(p7->d.encrypted->enc_data->algorithm, +- _nid, _iter, _saltlen)) ++if (p7->d.encrypted == NULL ++|| !alg_get(p7->d.encrypted->enc_data->algorithm, ++_nid, _iter, _saltlen)) + goto err; + } else { + continue; +--- a/crypto/pkcs7/pk7_mime.c b/crypto/pkcs7/pk7_mime.c +@@ -30,10 +30,13 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p + { + STACK_OF(X509_ALGOR) *mdalgs; + int ctype_nid = OBJ_obj2nid(p7->type); +-if (ctype_nid == NID_pkcs7_signed) ++if (ctype_nid == NID_pkcs7_signed) { ++if (p7->d.sign == NULL) ++return 0; + mdalgs = p7->d.sign->md_algs; +-else ++} else { + mdalgs = NULL; ++} + + flags ^= SMIME_OLDMIME; + diff --git a/meta/recipes-connectiv
[OE-core][dunfell 6/7] tar: bump PR to deal with sstate corruption on autobuilder
Testing of an SPDX patch corrupted sstate, so bump PR to work around the issue Signed-off-by: Steve Sakoman --- meta/recipes-extended/tar/tar_1.32.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/recipes-extended/tar/tar_1.32.bb b/meta/recipes-extended/tar/tar_1.32.bb index c560741599..9297480e85 100644 --- a/meta/recipes-extended/tar/tar_1.32.bb +++ b/meta/recipes-extended/tar/tar_1.32.bb @@ -6,6 +6,8 @@ SECTION = "base" LICENSE = "GPLv3" LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" +PR = "r1" + SRC_URI = "${GNU_MIRROR}/tar/tar-${PV}.tar.bz2 \ file://musl_dirent.patch \ file://CVE-2021-20193.patch \ -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197891): https://lists.openembedded.org/g/openembedded-core/message/197891 Mute This Topic: https://lists.openembedded.org/mt/105302363/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 4/7] curl: backport Debian patch for CVE-2024-2398
From: Vijay Anusuri import patch from ubuntu to fix CVE-2024-2398 Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/curl/tree/debian/patches/?h=ubuntu%2Ffocal-security Upstream commit https://github.com/curl/curl/commit/deca8039991886a559b67bcd6701db800a5cf764] Signed-off-by: Vijay Anusuri Signed-off-by: Steve Sakoman --- .../curl/curl/CVE-2024-2398.patch | 88 +++ meta/recipes-support/curl/curl_7.69.1.bb | 1 + 2 files changed, 89 insertions(+) create mode 100644 meta/recipes-support/curl/curl/CVE-2024-2398.patch diff --git a/meta/recipes-support/curl/curl/CVE-2024-2398.patch b/meta/recipes-support/curl/curl/CVE-2024-2398.patch new file mode 100644 index 00..a3840336f0 --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2024-2398.patch @@ -0,0 +1,88 @@ +Backport of: + +From deca8039991886a559b67bcd6701db800a5cf764 Mon Sep 17 00:00:00 2001 +From: Stefan Eissing +Date: Wed, 6 Mar 2024 09:36:08 +0100 +Subject: [PATCH] http2: push headers better cleanup + +- provide common cleanup method for push headers + +Closes #13054 + +Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/curl/tree/debian/patches/CVE-2024-2398.patch?h=ubuntu/focal-security +Upstream commit https://github.com/curl/curl/commit/deca8039991886a559b67bcd6701db800a5cf764] +CVE: CVE-2024-2398 +Signed-off-by: Vijay Anusuri +--- + lib/http2.c | 34 +++--- + 1 file changed, 15 insertions(+), 19 deletions(-) + +--- a/lib/http2.c b/lib/http2.c +@@ -515,6 +515,15 @@ static struct Curl_easy *duphandle(struc + } + + ++static void free_push_headers(struct HTTP *stream) ++{ ++ size_t i; ++ for(i = 0; ipush_headers_used; i++) ++free(stream->push_headers[i]); ++ Curl_safefree(stream->push_headers); ++ stream->push_headers_used = 0; ++} ++ + static int push_promise(struct Curl_easy *data, + struct connectdata *conn, + const nghttp2_push_promise *frame) +@@ -528,7 +537,6 @@ static int push_promise(struct Curl_easy + struct curl_pushheaders heads; + CURLMcode rc; + struct http_conn *httpc; +-size_t i; + /* clone the parent */ + struct Curl_easy *newhandle = duphandle(data); + if(!newhandle) { +@@ -557,11 +565,7 @@ static int push_promise(struct Curl_easy + Curl_set_in_callback(data, false); + + /* free the headers again */ +-for(i = 0; ipush_headers_used; i++) +- free(stream->push_headers[i]); +-free(stream->push_headers); +-stream->push_headers = NULL; +-stream->push_headers_used = 0; ++free_push_headers(stream); + + if(rv) { + /* denied, kill off the new handle again */ +@@ -995,10 +999,10 @@ static int on_header(nghttp2_session *se + stream->push_headers_alloc) { + char **headp; + stream->push_headers_alloc *= 2; +- headp = Curl_saferealloc(stream->push_headers, +- stream->push_headers_alloc * sizeof(char *)); ++ headp = realloc(stream->push_headers, ++ stream->push_headers_alloc * sizeof(char *)); + if(!headp) { +-stream->push_headers = NULL; ++free_push_headers(stream); + return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE; + } + stream->push_headers = headp; +@@ -1179,14 +1183,7 @@ void Curl_http2_done(struct Curl_easy *d + if(http->header_recvbuf) { + Curl_add_buffer_free(>header_recvbuf); + Curl_add_buffer_free(>trailer_recvbuf); +-if(http->push_headers) { +- /* if they weren't used and then freed before */ +- for(; http->push_headers_used > 0; --http->push_headers_used) { +-free(http->push_headers[http->push_headers_used - 1]); +- } +- free(http->push_headers); +- http->push_headers = NULL; +-} ++free_push_headers(http); + } + + if(!httpc->h2) /* not HTTP/2 ? */ diff --git a/meta/recipes-support/curl/curl_7.69.1.bb b/meta/recipes-support/curl/curl_7.69.1.bb index 980b4224a8..2f351d585a 100644 --- a/meta/recipes-support/curl/curl_7.69.1.bb +++ b/meta/recipes-support/curl/curl_7.69.1.bb @@ -58,6 +58,7 @@ SRC_URI = "https://curl.haxx.se/download/curl-${PV}.tar.bz2 \ file://CVE-2023-28321.patch \ file://CVE-2023-28322.patch \ file://CVE-2023-46218.patch \ + file://CVE-2024-2398.patch \ " SRC_URI[md5sum] = "ec5fc263f898a3dfef08e805f1ecca42" -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197889): https://lists.openembedded.org/g/openembedded-core/message/197889 Mute This Topic: https://lists.openembedded.org/mt/105302361/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 3/7] tar: Fix for CVE-2023-39804
From: Vijay Anusuri Upstream-Status: Backport from https://git.savannah.gnu.org/cgit/tar.git/commit/?id=a339f05cd269013fa133d2f148d73f6f7d4247e4 Signed-off-by: Vijay Anusuri Signed-off-by: Steve Sakoman --- .../tar/tar/CVE-2023-39804.patch | 64 +++ meta/recipes-extended/tar/tar_1.32.bb | 1 + 2 files changed, 65 insertions(+) create mode 100644 meta/recipes-extended/tar/tar/CVE-2023-39804.patch diff --git a/meta/recipes-extended/tar/tar/CVE-2023-39804.patch b/meta/recipes-extended/tar/tar/CVE-2023-39804.patch new file mode 100644 index 00..f550928540 --- /dev/null +++ b/meta/recipes-extended/tar/tar/CVE-2023-39804.patch @@ -0,0 +1,64 @@ +From a339f05cd269013fa133d2f148d73f6f7d4247e4 Mon Sep 17 00:00:00 2001 +From: Sergey Poznyakoff +Date: Sat, 28 Aug 2021 16:02:12 +0300 +Subject: Fix handling of extended header prefixes + +* src/xheader.c (locate_handler): Recognize prefix keywords only +when followed by a dot. +(xattr_decoder): Use xmalloc/xstrdup instead of alloc + +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/tar.git/commit/?id=a339f05cd269013fa133d2f148d73f6f7d4247e4] +CVE: CVE-2023-39804 +Signed-off-by: Vijay Anusuri +--- + src/xheader.c | 17 + + 1 file changed, 9 insertions(+), 8 deletions(-) + +diff --git a/src/xheader.c b/src/xheader.c +index 4f8b2b2..3cd694d 100644 +--- a/src/xheader.c b/src/xheader.c +@@ -637,11 +637,11 @@ static struct xhdr_tab const * + locate_handler (char const *keyword) + { + struct xhdr_tab const *p; +- + for (p = xhdr_tab; p->keyword; p++) + if (p->prefix) + { +-if (strncmp (p->keyword, keyword, strlen(p->keyword)) == 0) ++ size_t kwlen = strlen (p->keyword); ++if (keyword[kwlen] == '.' && strncmp (p->keyword, keyword, kwlen) == 0) + return p; + } + else +@@ -1716,19 +1716,20 @@ xattr_decoder (struct tar_stat_info *st, +char const *keyword, char const *arg, size_t size) + { + char *xstr, *xkey; +- ++ + /* copy keyword */ +- size_t klen_raw = strlen (keyword); +- xkey = alloca (klen_raw + 1); +- memcpy (xkey, keyword, klen_raw + 1) /* including null-terminating */; ++ xkey = xstrdup (keyword); + + /* copy value */ +- xstr = alloca (size + 1); ++ xstr = xmalloc (size + 1); + memcpy (xstr, arg, size + 1); /* separator included, for GNU tar '\n' */; + + xattr_decode_keyword (xkey); + +- xheader_xattr_add (st, xkey + strlen("SCHILY.xattr."), xstr, size); ++ xheader_xattr_add (st, xkey + strlen ("SCHILY.xattr."), xstr, size); ++ ++ free (xkey); ++ free (xstr); + } + + static void +-- +cgit v1.1 + diff --git a/meta/recipes-extended/tar/tar_1.32.bb b/meta/recipes-extended/tar/tar_1.32.bb index 1246f01256..c560741599 100644 --- a/meta/recipes-extended/tar/tar_1.32.bb +++ b/meta/recipes-extended/tar/tar_1.32.bb @@ -10,6 +10,7 @@ SRC_URI = "${GNU_MIRROR}/tar/tar-${PV}.tar.bz2 \ file://musl_dirent.patch \ file://CVE-2021-20193.patch \ file://CVE-2022-48303.patch \ + file://CVE-2023-39804.patch \ " SRC_URI[md5sum] = "17917356fff5cb4bd3cd5a6c3e727b05" -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197888): https://lists.openembedded.org/g/openembedded-core/message/197888 Mute This Topic: https://lists.openembedded.org/mt/105302360/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 2/7] go: Fix for CVE-2023-45289 CVE-2023-45290 & CVE-2024-24785
From: Vijay Anusuri Upstream-Status: Backport [https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 & https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 & https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e] Signed-off-by: Vijay Anusuri Signed-off-by: Steve Sakoman --- meta/recipes-devtools/go/go-1.14.inc | 3 + .../go/go-1.14/CVE-2023-45289.patch | 121 .../go/go-1.14/CVE-2023-45290.patch | 271 ++ .../go/go-1.14/CVE-2024-24785.patch | 197 + 4 files changed, 592 insertions(+) create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-45289.patch create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-45290.patch create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2024-24785.patch diff --git a/meta/recipes-devtools/go/go-1.14.inc b/meta/recipes-devtools/go/go-1.14.inc index 4fbf9d7590..69b65f3eb2 100644 --- a/meta/recipes-devtools/go/go-1.14.inc +++ b/meta/recipes-devtools/go/go-1.14.inc @@ -88,6 +88,9 @@ SRC_URI += "\ file://CVE-2023-45287-pre2.patch \ file://CVE-2023-45287-pre3.patch \ file://CVE-2023-45287.patch \ +file://CVE-2023-45289.patch \ +file://CVE-2023-45290.patch \ +file://CVE-2024-24785.patch \ " SRC_URI_append_libc-musl = " file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch" diff --git a/meta/recipes-devtools/go/go-1.14/CVE-2023-45289.patch b/meta/recipes-devtools/go/go-1.14/CVE-2023-45289.patch new file mode 100644 index 00..13d3510504 --- /dev/null +++ b/meta/recipes-devtools/go/go-1.14/CVE-2023-45289.patch @@ -0,0 +1,121 @@ +From 20586c0dbe03d144f914155f879fa5ee287591a1 Mon Sep 17 00:00:00 2001 +From: Damien Neil +Date: Thu, 11 Jan 2024 11:31:57 -0800 +Subject: [PATCH] [release-branch.go1.21] net/http, net/http/cookiejar: avoid + subdomain matches on IPv6 zones + +When deciding whether to forward cookies or sensitive headers +across a redirect, do not attempt to interpret an IPv6 address +as a domain name. + +Avoids a case where a maliciously-crafted redirect to an +IPv6 address with a scoped addressing zone could be +misinterpreted as a within-domain redirect. For example, +we could interpret "::1%.www.example.com" as a subdomain +of "www.example.com". + +Thanks to Juho Nurminen of Mattermost for reporting this issue. + +Fixes CVE-2023-45289 +Fixes #65385 +For #65065 + +Change-Id: I8f463f59f0e700c8a18733d2b264a8bcb3a19599 +Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/2131938 +Reviewed-by: Tatiana Bradley +Reviewed-by: Roland Shoemaker +Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/2173775 +Reviewed-by: Carlos Amedee +Reviewed-on: https://go-review.googlesource.com/c/go/+/569239 +Reviewed-by: Carlos Amedee +Auto-Submit: Michael Knyszek +TryBot-Bypass: Michael Knyszek + +Upstream-Status: Backport [https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1] +CVE: CVE-2023-45289 +Signed-off-by: Vijay Anusuri +--- + src/net/http/client.go | 6 ++ + src/net/http/client_test.go| 1 + + src/net/http/cookiejar/jar.go | 7 +++ + src/net/http/cookiejar/jar_test.go | 10 ++ + 4 files changed, 24 insertions(+) + +diff --git a/src/net/http/client.go b/src/net/http/client.go +index a496f1c..2031834 100644 +--- a/src/net/http/client.go b/src/net/http/client.go +@@ -973,6 +973,12 @@ func isDomainOrSubdomain(sub, parent string) bool { + if sub == parent { + return true + } ++ // If sub contains a :, it's probably an IPv6 address (and is definitely not a hostname). ++ // Don't check the suffix in this case, to avoid matching the contents of a IPv6 zone. ++ // For example, "::1%.www.example.com" is not a subdomain of "www.example.com". ++ if strings.ContainsAny(sub, ":%") { ++ return false ++ } + // If sub is "foo.example.com" and parent is "example.com", + // that means sub must end in "."+parent. + // Do it without allocating. +diff --git a/src/net/http/client_test.go b/src/net/http/client_test.go +index 2b4f53f..442fe35 100644 +--- a/src/net/http/client_test.go b/src/net/http/client_test.go +@@ -1703,6 +1703,7 @@ func TestShouldCopyHeaderOnRedirect(t *testing.T) { + {"cookie2", "http://foo.com/;, "http://bar.com/;, false}, + {"authorization", "http://foo.com/;, "http://bar.com/;, false}, + {"www-authenticate", "http://foo.com/;, "http://bar.com/;, false}, ++ {"authorization", "http://foo.com/;, "http://[::1%25.foo.com]/;, false}, + + // But subdomains should work: + {"www-authenticat
[OE-core][dunfell 1/7] libtiff: backport Debian patch for CVE-2023-6277 & CVE-2023-52356
From: Vijay Anusuri import patches from ubuntu to fix CVE-2023-6277 CVE-2023-52356 Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/tiff/tree/debian/patches/?h=ubuntu%2Ffocal-security Upstream commit https://gitlab.com/libtiff/libtiff/-/commit/5320c9d89c054fa805d037d84c57da874470b01a & https://gitlab.com/libtiff/libtiff/-/commit/0b025324711213a75e38b52f7e7ba60235f108aa & https://gitlab.com/libtiff/libtiff/-/commit/de7bfd7d4377c266f81849579f696fa1ad5ba6c3 & https://gitlab.com/libtiff/libtiff/-/commit/dbb825a8312f30e63a06c272010967d51af5c35a & https://gitlab.com/libtiff/libtiff/-/commit/51558511bdbbcffdce534db21dbaf5d54b31638a] Signed-off-by: Vijay Anusuri Signed-off-by: Steve Sakoman --- .../libtiff/files/CVE-2023-52356.patch| 53 + .../libtiff/files/CVE-2023-6277-1.patch | 191 ++ .../libtiff/files/CVE-2023-6277-2.patch | 152 ++ .../libtiff/files/CVE-2023-6277-3.patch | 46 + .../libtiff/files/CVE-2023-6277-4.patch | 94 + meta/recipes-multimedia/libtiff/tiff_4.1.0.bb | 5 + 6 files changed, 541 insertions(+) create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2023-52356.patch create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2023-6277-1.patch create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2023-6277-2.patch create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2023-6277-3.patch create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2023-6277-4.patch diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2023-52356.patch b/meta/recipes-multimedia/libtiff/files/CVE-2023-52356.patch new file mode 100644 index 00..1b651e6529 --- /dev/null +++ b/meta/recipes-multimedia/libtiff/files/CVE-2023-52356.patch @@ -0,0 +1,53 @@ +[Ubuntu note: Backport of the following patch from upstream, with a few changes +to match the current version of the file in the present Ubuntu release: + . using TIFFErrorExt instead of TIFFErrorExtR (the latter did not exist yet); +-- Rodrigo Figueiredo Zaiden] + +Backport of: + +From 51558511bdbbcffdce534db21dbaf5d54b31638a Mon Sep 17 00:00:00 2001 +From: Even Rouault +Date: Tue, 31 Oct 2023 15:58:41 +0100 +Subject: [PATCH] TIFFReadRGBAStrip/TIFFReadRGBATile: add more validation of + col/row (fixes #622) + +Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/tiff/tree/debian/patches/CVE-2023-52356.patch?h=ubuntu/focal-security +Upstream commit https://gitlab.com/libtiff/libtiff/-/commit/51558511bdbbcffdce534db21dbaf5d54b31638a] +CVE: CVE-2023-52356 +Signed-off-by: Vijay Anusuri +--- + libtiff/tif_getimage.c | 15 +++ + 1 file changed, 15 insertions(+) + + +--- tiff-4.1.0+git191117.orig/libtiff/tif_getimage.c tiff-4.1.0+git191117/libtiff/tif_getimage.c +@@ -2926,6 +2926,13 @@ TIFFReadRGBAStripExt(TIFF* tif, uint32 r + } + + if (TIFFRGBAImageOK(tif, emsg) && TIFFRGBAImageBegin(, tif, stop_on_error, emsg)) { ++if (row >= img.height) ++{ ++TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), ++ "Invalid row passed to TIFFReadRGBAStrip()."); ++TIFFRGBAImageEnd(); ++return (0); ++} + + img.row_offset = row; + img.col_offset = 0; +@@ -3002,6 +3009,14 @@ TIFFReadRGBATileExt(TIFF* tif, uint32 co + return( 0 ); + } + ++if (col >= img.width || row >= img.height) ++{ ++TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), ++ "Invalid row/col passed to TIFFReadRGBATile()."); ++TIFFRGBAImageEnd(); ++return (0); ++} ++ + /* + * The TIFFRGBAImageGet() function doesn't allow us to get off the + * edge of the image, even to fill an otherwise valid tile. So we diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2023-6277-1.patch b/meta/recipes-multimedia/libtiff/files/CVE-2023-6277-1.patch new file mode 100644 index 00..e955b3f2e4 --- /dev/null +++ b/meta/recipes-multimedia/libtiff/files/CVE-2023-6277-1.patch @@ -0,0 +1,191 @@ +[Ubuntu note: Backport of the following patch from upstream, with a few changes +to match the current version of the file in the present Ubuntu release: + . included inttypes.h header to support PRIu32 and PRIu64; + . using TIFFWarningExt instead of TIFFWarningExtR (the latter did not exist yet); + . using uint64 instead of uint64_t to preserve the current code usage; + . calling _TIFFfree(data) instead of _TIFFfreeExt(tif, data) (the latter did not exist yet); + . calls to the check size, that is the idea of the patch, were added before + _TIFFCheckMalloc and may note match the original patch methods; +-- Rodrigo Figueiredo Zaiden] + +Backport of: + +From 5320c9d89c054fa805d037d84c57da874470b01a Mon Sep 17 00:00:00 2001 +From: Su Laus +Date: Tue, 31 Oct 2023 15:43:29
[OE-core][dunfell 0/7] Patch review
Please review this set of changes for dunfell and have comments back by end of day Thursday, April 4 Passed a-full on autobuilder: https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6757 The following changes since commit d0811b98fa3847dbbfcfe6a80694509bb29aaf9c: yocto-uninative: Update to 4.4 for glibc 2.39 (2024-03-18 11:44:32 -1000) are available in the Git repository at: https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut Steve Sakoman (2): tar: bump PR to deal with sstate corruption on autobuilder perf: bump PR to deal with sstate corruption on autobuilder Vijay Anusuri (4): libtiff: backport Debian patch for CVE-2023-6277 & CVE-2023-52356 go: Fix for CVE-2023-45289 CVE-2023-45290 & CVE-2024-24785 tar: Fix for CVE-2023-39804 curl: backport Debian patch for CVE-2024-2398 virendra thakur (1): openssl: Fix CVE-2024-0727 .../openssl/openssl/CVE-2024-0727.patch | 122 .../openssl/openssl_1.1.1w.bb | 1 + meta/recipes-devtools/go/go-1.14.inc | 3 + .../go/go-1.14/CVE-2023-45289.patch | 121 .../go/go-1.14/CVE-2023-45290.patch | 271 ++ .../go/go-1.14/CVE-2024-24785.patch | 197 + .../tar/tar/CVE-2023-39804.patch | 64 + meta/recipes-extended/tar/tar_1.32.bb | 3 + meta/recipes-kernel/perf/perf.bb | 2 +- .../libtiff/files/CVE-2023-52356.patch| 53 .../libtiff/files/CVE-2023-6277-1.patch | 191 .../libtiff/files/CVE-2023-6277-2.patch | 152 ++ .../libtiff/files/CVE-2023-6277-3.patch | 46 +++ .../libtiff/files/CVE-2023-6277-4.patch | 94 ++ meta/recipes-multimedia/libtiff/tiff_4.1.0.bb | 5 + .../curl/curl/CVE-2024-2398.patch | 88 ++ meta/recipes-support/curl/curl_7.69.1.bb | 1 + 17 files changed, 1413 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-0727.patch create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-45289.patch create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-45290.patch create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2024-24785.patch create mode 100644 meta/recipes-extended/tar/tar/CVE-2023-39804.patch create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2023-52356.patch create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2023-6277-1.patch create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2023-6277-2.patch create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2023-6277-3.patch create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2023-6277-4.patch create mode 100644 meta/recipes-support/curl/curl/CVE-2024-2398.patch -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197885): https://lists.openembedded.org/g/openembedded-core/message/197885 Mute This Topic: https://lists.openembedded.org/mt/105302356/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core][kirkstone][PATCH 1/1] qemu: fix CVE-2023-3019
I'm getting oe-selftest failures with this patch: https://errors.yoctoproject.org/Errors/Details/761408/ "Failed: qemux86 does not shutdown within timeout(120)" Steve On Fri, Mar 29, 2024 at 12:38 AM Urade, Yogita via lists.openembedded.org wrote: > > From: Yogita Urade > > A DMA reentrancy issue leading to a use-after-free error was > found in the e1000e NIC emulation code in QEMU. This issue > could allow a privileged guest user to crash the QEMU process > on the host, resulting in a denial of service. > > Fix indent issue in qemu.inc file > > References: > https://nvd.nist.gov/vuln/detail/CVE-2023-3019 > > Signed-off-by: Yogita Urade > --- > meta/recipes-devtools/qemu/qemu.inc | 19 +- > .../qemu/qemu/CVE-2023-3019-0001.patch| 135 > .../qemu/qemu/CVE-2023-3019-0002.patch| 610 ++ > .../qemu/qemu/CVE-2023-3019-0003.patch| 88 +++ > 4 files changed, 844 insertions(+), 8 deletions(-) > create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-3019-0001.patch > create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-3019-0002.patch > create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-3019-0003.patch > > diff --git a/meta/recipes-devtools/qemu/qemu.inc > b/meta/recipes-devtools/qemu/qemu.inc > index ad6b310137..08ce72546d 100644 > --- a/meta/recipes-devtools/qemu/qemu.inc > +++ b/meta/recipes-devtools/qemu/qemu.inc > @@ -97,17 +97,20 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \ > file://CVE-2023-3301.patch \ > file://CVE-2023-3255.patch \ > file://CVE-2023-2861.patch \ > - file://CVE-2020-14394.patch \ > - file://CVE-2023-3354.patch \ > - file://CVE-2023-3180.patch \ > - file://CVE-2021-3638.patch \ > - file://CVE-2023-1544.patch \ > - file://CVE-2023-5088.patch \ > - file://CVE-2024-24474.patch \ > - file://CVE-2023-6693.patch \ > + file://CVE-2020-14394.patch \ > + file://CVE-2023-3354.patch \ > + file://CVE-2023-3180.patch \ > + file://CVE-2021-3638.patch \ > + file://CVE-2023-1544.patch \ > + file://CVE-2023-5088.patch \ > + file://CVE-2024-24474.patch \ > + file://CVE-2023-6693.patch \ > > file://scsi-disk-allow-MODE-SELECT-block-desriptor-to-set-the-block-size.patch > \ > > file://scsi-disk-ensure-block-size-is-non-zero-and-changes-limited-to-bits-8-15.patch > \ > file://CVE-2023-42467.patch \ > + file://CVE-2023-3019-0001.patch \ > + file://CVE-2023-3019-0002.patch \ > + file://CVE-2023-3019-0003.patch \ > " > UPSTREAM_CHECK_REGEX = "qemu-(?P\d+(\.\d+)+)\.tar" > > diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2023-3019-0001.patch > b/meta/recipes-devtools/qemu/qemu/CVE-2023-3019-0001.patch > new file mode 100644 > index 00..c1ef645eaf > --- /dev/null > +++ b/meta/recipes-devtools/qemu/qemu/CVE-2023-3019-0001.patch > @@ -0,0 +1,135 @@ > +From a2e1753b8054344f32cf94f31c6399a58794a380 Mon Sep 17 00:00:00 2001 > +From: Alexander Bulekov > +Date: Wed, 27 Mar 2024 09:41:44 + > +Subject: [PATCH] memory: prevent dma-reentracy issues > + > +Add a flag to the DeviceState, when a device is engaged in PIO/MMIO/DMA. > +This flag is set/checked prior to calling a device's MemoryRegion > +handlers, and set when device code initiates DMA. The purpose of this > +flag is to prevent two types of DMA-based reentrancy issues: > + > +1.) mmio -> dma -> mmio case > +2.) bh -> dma write -> mmio case > + > +These issues have led to problems such as stack-exhaustion and > +use-after-frees. > + > +Summary of the problem from Peter Maydell: > +https://lore.kernel.org/qemu-devel/cafeaca_23vc7he3iam-jva6w38lk4hjowae5kcknhprd5fp...@mail.gmail.com > + > +Resolves: https://gitlab.com/qemu-project/qemu/-/issues/62 > +Resolves: https://gitlab.com/qemu-project/qemu/-/issues/540 > +Resolves: https://gitlab.com/qemu-project/qemu/-/issues/541 > +Resolves: https://gitlab.com/qemu-project/qemu/-/issues/556 > +Resolves: https://gitlab.com/qemu-project/qemu/-/issues/557 > +Resolves: https://gitlab.com/qemu-project/qemu/-/issues/827 > +Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1282 > +Resolves: CVE-2023-0330 > + > +Signed-off-by: Alexander Bulekov > +Reviewed-by: Thomas Huth > +Message-Id: <20230427211013.2994127-2-alx...@bu.edu> > +[thuth: Replace warn_report() with warn_report_once()] > +Signed-off-by: Thomas Huth > + > +CVE: CVE-2023-3019 > +Upstream-Status: Backport > [https://github.com/qemu/qemu/commit/a2e1753b8054344f32cf94f31c6399a58794a380] > + > +Signed-off-by: Yogita Urade > +--- > + include/exec/memory.h | 5 + > + include/hw/qdev-core.h | 7 +++ > + softmmu/memory.c | 16 > + 3 files changed, 28 insertions(+) > + > +diff --git a/include/exec/memory.h b/include/exec/memory.h > +index
Re: [OE-core][kirkstone][PATCH] util-linux: Fix for CVE-2024-28085
On Sun, Mar 31, 2024 at 3:50 PM Vijay Anusuri wrote: > > Sure Randy. > > Issue introduced last year in util-linux v2.39. > > The offending commits are: > > * https://github.com/util-linux/util-linux/commit/8a7b8456d1dc0e7c >("write: correctly handle wide characters") > * https://github.com/util-linux/util-linux/commit/aa13246a1bf1be9e >("wall: use fputs_careful()") > > I have added offending commits as dependency patches. As vulnerable code is > not present, it's not affected. So, I want it to be ignored. Ok, ignored it is :-) Steve > > Thanks & Regards, > Vijay > > > On Sun, Mar 31, 2024 at 5:54 AM Randy MacLeod wrote: >> >> >> >> On Fri, Mar 29, 2024, 11:52 Vijay Anusuri via lists.openembedded.org >> wrote: >>> >>> Hi Steve, >>> >>> Please ignore this patch. >>> >>> Thanks & Regards, >>> Vijay >> >> >> >> Hi Vijay, >> >> I expect that's fine with Steve but in the future, it would be good if, when >> you ask for a patch to be ignored, you briefly explain why you'd like it to >> be ignored. >> >> Randy >> >> -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197672): https://lists.openembedded.org/g/openembedded-core/message/197672 Mute This Topic: https://lists.openembedded.org/mt/105213911/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] OE-core CVE metrics for nanbield on Sun 31 Mar 2024 04:00:01 AM HST
Branch: nanbield New this week: 0 CVEs Removed this week: 0 CVEs Full list: Found 128 unpatched CVEs CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 * CVE-2021-3714 (CVSS3: 5.9 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3714 * CVE-2021-3864 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3864 * CVE-2022-0400 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0400 * CVE-2022-1247 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1247 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-36402 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36402 * CVE-2022-38096 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38096 * CVE-2022-4543 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4543 * CVE-2022-46456 (CVSS3: 6.1 MEDIUM): nasm:nasm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46456 * CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * CVE-2023-3019 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3019 * CVE-2023-3397 (CVSS3: 6.3 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3397 * CVE-2023-3640 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3640 * CVE-2023-39189 (CVSS3: 6.0 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39189 * CVE-2023-39192 (CVSS3: 6.0 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39192 * CVE-2023-39193 (CVSS3: 6.0 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39193 * CVE-2023-39928 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39928 * CVE-2023-4001 (CVSS3: 6.8 MEDIUM): grub:grub-efi:grub-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4001 * CVE-2023-4010 (CVSS3: 4.6 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4010 * CVE-2023-42363 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42363 * CVE-2023-42364 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42364 * CVE-2023-42365 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42365 * CVE-2023-42366 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42366 * CVE-2023-42753 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42753 * CVE-2023-42754 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42754 * CVE-2023-42756 (CVSS3: 4.7 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42756 * CVE-2023-4623 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4623 * CVE-2023-46407 (CVSS3: 5.5 MEDIUM): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-46407 * CVE-2023-46838 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-46838 * CVE-2023-47470 (CVSS3: 7.8 HIGH): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-47470 * CVE-2023-48795 (CVSS3: 5.9 MEDIUM): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48795 * CVE-2023-4921 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4921 * CVE-2023-49292 (CVSS3: 4.8 MEDIUM): go:go-binary-native:go-cross-core2-64:go-runtime https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-49292 * CVE-2023-50431 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-50431 * CVE-2023-5088 (CVSS3: 7.0 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5088 * CVE-2023-51384 (CVSS3: 5.5 MEDIUM): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51384 * CVE-2023-51385 (CVSS3: 6.5 MEDIUM): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51385 * CVE-2023-51767 (CVSS3: 7.0 HIGH): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51767 * CVE-2023-5178 (CVSS3: 9.8 CRITICAL): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5178 * CVE-2023-51780 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51780 * CVE-2023-51781 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51781 * CVE-2023-51782 (CVSS3: 7.0 HIGH):
[OE-core] OE-core CVE metrics for kirkstone on Sun 31 Mar 2024 03:00:01 AM HST
Branch: kirkstone New this week: 0 CVEs Removed this week: 1 CVEs CVE-2023-52426 (CVSS3: 5.5 MEDIUM): expat:expat-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52426 * Full list: Found 43 unpatched CVEs CVE-2021-35937 (CVSS3: 6.4 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35937 * CVE-2021-35938 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35938 * CVE-2021-35939 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35939 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-3515 (CVSS3: 9.8 CRITICAL): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3515 * CVE-2022-36648 (CVSS3: 10.0 CRITICAL): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36648 * CVE-2022-3872 (CVSS3: 8.6 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3872 * CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * CVE-2023-24532 (CVSS3: 5.3 MEDIUM): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24532 * CVE-2023-27043 (CVSS3: 5.3 MEDIUM): python3:python3-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27043 * CVE-2023-2731 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2731 * CVE-2023-28198 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-28198 * CVE-2023-29403 (CVSS3: 7.8 HIGH): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29403 * CVE-2023-3019 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3019 * CVE-2023-3164 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3164 * CVE-2023-32370 (CVSS3: 5.3 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-32370 * CVE-2023-37769 (CVSS3: 6.5 MEDIUM): pixman:pixman-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37769 * CVE-2023-39323 (CVSS3: 8.1 HIGH): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39323 * CVE-2023-4001 (CVSS3: 6.8 MEDIUM): grub:grub-efi:grub-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4001 * CVE-2023-40397 (CVSS3: 9.8 CRITICAL): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40397 * CVE-2023-44487 (CVSS3: 7.5 HIGH): go:nghttp2 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-44487 * CVE-2023-45803 (CVSS3: 4.2 MEDIUM): python3-urllib3 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45803 * CVE-2023-46407 (CVSS3: 5.5 MEDIUM): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-46407 * CVE-2023-47100 (CVSS3: 9.8 CRITICAL): perl:perl-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-47100 * CVE-2023-47470 (CVSS3: 7.8 HIGH): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-47470 * CVE-2023-48795 (CVSS3: 5.9 MEDIUM): libssh2:libssh2-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48795 * CVE-2023-49292 (CVSS3: 4.8 MEDIUM): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-49292 * CVE-2023-51767 (CVSS3: 7.0 HIGH): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51767 * CVE-2023-52355 (CVSS3: 7.5 HIGH): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52355 * CVE-2023-52356 (CVSS3: 7.5 HIGH): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52356 * CVE-2023-52425 (CVSS3: 7.5 HIGH): expat:expat-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52425 * CVE-2023-5380 (CVSS3: 4.7 MEDIUM): xwayland https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5380 * CVE-2023-5574 (CVSS3: 7.0 HIGH): xserver-xorg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5574 * CVE-2023-6277 (CVSS3: 6.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6277 * CVE-2023-6683 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6683 * CVE-2023-6816 (CVSS3: 9.8 CRITICAL): xwayland https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6816 * CVE-2023-7216 (CVSS3: 5.3 MEDIUM): cpio https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-7216 * CVE-2024-0408 (CVSS3: 5.5 MEDIUM): xwayland https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-0408 * CVE-2024-0409 (CVSS3: 7.8 HIGH): xwayland https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-0409 * CVE-2024-1048 (CVSS3: 3.3 LOW): grub:grub-efi:grub-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-1048 * CVE-2024-22860 (CVSS3: 9.8 CRITICAL): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-22860 *
[OE-core] OE-core CVE metrics for dunfell on Sun 31 Mar 2024 02:00:01 AM HST
Branch: dunfell New this week: 0 CVEs Removed this week: 1 CVEs CVE-2024-25062 (CVSS3: 7.5 HIGH): libxml2:libxml2-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-25062 * Full list: Found 109 unpatched CVEs CVE-2020-15705 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15705 * CVE-2020-25742 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25742 * CVE-2020-25743 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25743 * CVE-2020-27918 (CVSS3: 7.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27918 * CVE-2020-29623 (CVSS3: 3.3 LOW): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29623 * CVE-2020-35503 (CVSS3: 6.0 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35503 * CVE-2020-35506 (CVSS3: 6.7 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35506 * CVE-2020-9948 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9948 * CVE-2020-9951 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9951 * CVE-2020-9952 (CVSS3: 7.1 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9952 * CVE-2021-1765 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1765 * CVE-2021-1789 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1789 * CVE-2021-1799 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1799 * CVE-2021-1801 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1801 * CVE-2021-1870 (CVSS3: 9.8 CRITICAL): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1870 * CVE-2021-27097 (CVSS3: 7.8 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27097 * CVE-2021-27138 (CVSS3: 7.8 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27138 * CVE-2021-31879 (CVSS3: 6.1 MEDIUM): wget https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31879 * CVE-2021-3418 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3418 * CVE-2021-3445 (CVSS3: 7.5 HIGH): libdnf https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3445 * CVE-2021-35937 (CVSS3: 6.4 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35937 * CVE-2021-35938 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35938 * CVE-2021-35939 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35939 * CVE-2021-3611 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3611 * CVE-2021-42762 (CVSS3: 5.3 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42762 * CVE-2021-45085 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45085 * CVE-2021-45086 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45086 * CVE-2021-45087 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45087 * CVE-2021-45088 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45088 * CVE-2021-45481 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45481 * CVE-2021-45482 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45482 * CVE-2021-45483 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45483 * CVE-2022-0358 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0358 * CVE-2022-2294 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2294 * CVE-2022-2347 (CVSS3: 7.1 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2347 * CVE-2022-23773 (CVSS3: 7.5 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23773 * CVE-2022-24765 (CVSS3: 7.8 HIGH): git https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24765 * CVE-2022-2953 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2953 * CVE-2022-2962 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2962 * CVE-2022-30293 (CVSS3: 7.5 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30293 * CVE-2022-30767 (CVSS3: 9.8 CRITICAL): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30767 *
[OE-core] OE-core CVE metrics for master on Sun 31 Mar 2024 01:00:01 AM HST
Branch: master New this week: 0 CVEs Removed this week: 0 CVEs Full list: Found 37 unpatched CVEs CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 * CVE-2021-3714 (CVSS3: 5.9 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3714 * CVE-2021-3864 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3864 * CVE-2022-0400 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0400 * CVE-2022-1247 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1247 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-38096 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38096 * CVE-2022-4543 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4543 * CVE-2022-46456 (CVSS3: 6.1 MEDIUM): nasm:nasm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46456 * CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * CVE-2023-3397 (CVSS3: 6.3 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3397 * CVE-2023-3640 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3640 * CVE-2023-4010 (CVSS3: 4.6 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4010 * CVE-2023-42363 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42363 * CVE-2023-42364 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42364 * CVE-2023-42365 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42365 * CVE-2023-42366 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42366 * CVE-2023-51767 (CVSS3: 7.0 HIGH): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51767 * CVE-2023-6238 (CVSS3: 6.7 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6238 * CVE-2023-6240 (CVSS3: 6.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6240 * CVE-2023-6270 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6270 * CVE-2023-6356 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6356 * CVE-2023-6535 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6535 * CVE-2023-6536 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6536 * CVE-2023-7042 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-7042 * CVE-2023-7216 (CVSS3: 5.3 MEDIUM): cpio https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-7216 * CVE-2024-0841 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-0841 * CVE-2024-21803 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-21803 * CVE-2024-23307 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-23307 * CVE-2024-23848 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-23848 * CVE-2024-24857 (CVSS3: 6.8 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24857 * CVE-2024-24858 (CVSS3: 5.3 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24858 * CVE-2024-24859 (CVSS3: 4.8 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24859 * CVE-2024-24861 (CVSS3: 6.3 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24861 * CVE-2024-24864 (CVSS3: 4.7 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24864 * CVE-2024-25739 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-25739 * CVE-2024-25740 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-25740 * Summary of CVE counts by recipe: linux-yocto: 28 busybox: 4 cpio: 1 gnupg:gnupg-native: 1 nasm:nasm-native: 1 openssh: 1 qemu:qemu-native:qemu-system-native: 1 For further information see: https://autobuilder.yocto.io/pub/non-release/patchmetrics/ -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197658): https://lists.openembedded.org/g/openembedded-core/message/197658 Mute This Topic: https://lists.openembedded.org/mt/105245840/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH][kirkstone] openssl: fix crash on aarch64 if BTI is enabled but no Crypto instructions
Sorry for the delayed response, but I found the same issue with the kirkstone version that Vivek did. Awaiting a V2 :-) Steve On Thu, Mar 28, 2024 at 5:51 PM Vivek Kumbhar via lists.openembedded.org wrote: > > Kirkstone-nut openssl compile error: > > Error Log: > > ERROR: openssl-3.0.13-r0 do_patch: Applying patch 'bti.patch' on target > directory > '/home/vkumbhar/kirkstone-nut/build/tmp-glibc/work/core2-64-oe-linux/openssl/3.0.13-r0/openssl-3.0.13' > CmdError('quilt --quiltrc > /home/vkumbhar/kirkstone-nut/build/tmp-glibc/work/core2-64-oe-linux/openssl/3.0.13-r0/recipe-sysroot-native/etc/quiltrc > push', 0, "stdout: Applying patch bti.patch > can't find file to patch at input line 23 > Perhaps you used the wrong -p or --strip option? > The text leading up to this was: > -- > |From ba8a599395f8b770c76316b5f5b0f3838567014f Mon Sep 17 00:00:00 2001 > |From: Tom Cosgrove > |Date: Tue, 26 Mar 2024 13:18:00 + > |Subject: [PATCH] aarch64: fix BTI in bsaes assembly code > | > |In Arm systems where BTI is enabled but the Crypto extensions are not (more > |likely in FVPs than in real hardware), the bit-sliced assembler code will > |be used. However, this wasn't annotated with BTI instructions when BTI was > |enabled, so the moment libssl jumps into this code it (correctly) aborts. > | > |Solve this by adding the missing BTI landing pads. > | > |Upstream-Status: Submitted [https://github.com/openssl/openssl/pull/23982] > |Signed-off-by: Ross Burton > |--- > | crypto/aes/asm/bsaes-armv8.pl | 5 - > | 1 file changed, 4 insertions(+), 1 deletion(-) > | > |diff --git a/crypto/aes/asm/bsaes-armv8.pl b/crypto/aes/asm/bsaes-armv8.pl > |index b3c97e439f..c3c5ff3e05 100644 > |--- a/crypto/aes/asm/bsaes-armv8.pl > |+++ b/crypto/aes/asm/bsaes-armv8.pl > -- > No file to patch. Skipping patch. > 4 out of 4 hunks ignored > Patch bti.patch does not apply (enforce with -f) > > stderr: ") > ERROR: Logfile of failure stored in: > /home/vkumbhar/kirkstone-nut/build/tmp-glibc/work/core2-64-oe-linux/openssl/3.0.13-r0/temp/log.do_patch.152571 > ERROR: Task > (/home/vkumbhar/kirkstone-nut/meta/recipes-connectivity/openssl/openssl_3.0.13.bb:do_patch) > failed with exit code '1' > > > > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197630): https://lists.openembedded.org/g/openembedded-core/message/197630 Mute This Topic: https://lists.openembedded.org/mt/105174962/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [kirkstone][PATCH 1/2] python3-unittest-automake-output: add new recipe for ptest integration
Sorry, it is outside of stable branch policy to add features so I can't take this patch series. Steve On Tue, Mar 26, 2024 at 9:22 PM Yu, Mingli wrote: > > From: Ross Burton > > This package contains modules for both unittest and pytest that alter > the output to look like automake's 'make check' output, for better > integration with ptest. > > Signed-off-by: Ross Burton > Signed-off-by: Richard Purdie > (cherry picked from commit 961e4f3fc786715fc136fa446686972a4a95a3d5) > Signed-off-by: Mingli Yu > --- > meta/conf/distro/include/maintainers.inc| 1 + > .../python/python3-unittest-automake-output_0.1.bb | 13 + > 2 files changed, 14 insertions(+) > create mode 100644 > meta/recipes-devtools/python/python3-unittest-automake-output_0.1.bb > > diff --git a/meta/conf/distro/include/maintainers.inc > b/meta/conf/distro/include/maintainers.inc > index bfc14951fe..09c1599915 100644 > --- a/meta/conf/distro/include/maintainers.inc > +++ b/meta/conf/distro/include/maintainers.inc > @@ -684,6 +684,7 @@ RECIPE_MAINTAINER:pn-python3-toml = "Tim Orling > " > RECIPE_MAINTAINER:pn-python3-tomli = "Tim Orling " > RECIPE_MAINTAINER:pn-python3-typing-extensions = "Tim Orling > " > RECIPE_MAINTAINER:pn-python3-typogrify = "Alexander Kanavin > " > +RECIPE_MAINTAINER:pn-python3-unittest-automake-output = "Ross Burton > " > RECIPE_MAINTAINER:pn-python3-urllib3 = "Tim Orling " > RECIPE_MAINTAINER:pn-python3-vcversioner = "Bruce Ashfield > " > RECIPE_MAINTAINER:pn-python3-wcwidth = "Tim Orling " > diff --git > a/meta/recipes-devtools/python/python3-unittest-automake-output_0.1.bb > b/meta/recipes-devtools/python/python3-unittest-automake-output_0.1.bb > new file mode 100644 > index 00..ba58c18df0 > --- /dev/null > +++ b/meta/recipes-devtools/python/python3-unittest-automake-output_0.1.bb > @@ -0,0 +1,13 @@ > +SUMMARY = "Modules to make unittest and pytest look like Automake output, > for ptest" > +HOMEPAGE = "https://gitlab.com/rossburton/python-unittest-automake-output; > +LICENSE = "MIT" > +LIC_FILES_CHKSUM = "file://LICENSE;md5=f6f16008d9fb7349f06609329f1ab93b" > + > +SRC_URI = > "git://gitlab.com/rossburton/python-unittest-automake-output;protocol=https;branch=main" > +SRCREV = "06537edb18f3641c70bce25256f6ecf5f5164ead" > + > +S = "${WORKDIR}/git" > + > +inherit python_flit_core > + > +BBCLASSEXTEND = "native nativesdk" > -- > 2.25.1 > > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197563): https://lists.openembedded.org/g/openembedded-core/message/197563 Mute This Topic: https://lists.openembedded.org/mt/105173226/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core][kirkstone][PATCH] openssl: Improve FIPS RSA keygen performac
On Tue, Mar 26, 2024 at 11:34 AM Randy MacLeod via lists.openembedded.org wrote: > > On 2024-03-19 7:23 p.m., Steve Sakoman wrote: > > On Tue, Mar 19, 2024 at 11:45 AM Randy MacLeod > wrote: > > Hi Haitao, et al, > > > Summary: > > I think we could bring these two commits back to kirkstone even though > upstream openssl mtc > does not plan to do so, at least not without "very good reasons". > > but I have some comments and questions below that I'd like you to respond to > before sending a v2. > > ../Randy > > > > Typo in the subject: >[OE-core][kirkstone][PATCH] openssl: Improve FIPS RSA keygen performac > should be: >[OE-core][kirkstone][PATCH] openssl: Improve FIPS RSA keygen performance > > On 2024-03-18 2:55 a.m., jason.lau via lists.openembedded.org wrote: > > The ssh-keygen would take a long time to generate the entropy of a key > > It's best to be more specific. > > You mentioned in: > > https://github.com/openssl/openssl/issues/23766 > > that "ssh-keygen (built with openssl3.0) is taking 1-2s to execute whereas in > openssl3.1 it was hardly half a second" > > so you should mention that in the commit log. > > You should also include a link to the upstream issue you opened to explain > that: > >"Performance fixes are in general not eligible for backports to stable > release branches. > In specific cases an exception could be given by OTC but there would have > to be very good reasons for such an exception." > > I saw that comment last week and wondered if we should push harder for > upstream to backport these commits but > I understand your reluctance to do that when it might make sense to just > backport here in oe-core. > > Note that the commits are only part of 3.2.0+: > > ❯ git tag --contains dd1d7bcb69994d81662e709b0ad838880b943870 > openssl-3.2.0 > openssl-3.2.0-alpha1 > openssl-3.2.0-alpha2 > openssl-3.2.0-beta1 > openssl-3.2.1 > > ❯ git tag --contains d2f6e66d2837bff1f5f7636bb2118e3a45c9df61 > openssl-3.2.0 > openssl-3.2.0-alpha1 > openssl-3.2.0-alpha2 > openssl-3.2.0-beta1 > openssl-3.2.1 > > so they'd also have to be back-ported to nanbield technically: > > https://git.openembedded.org/openembedded-core/tree/meta/recipes-connectivity/openssl/openssl_3.1.4.bb?h=nanbield > > Steve, > Given that nanbield is a week or so away from EOL, is it worth doing that? > > I'm going to close down changes to nanbield in the next day or so, so > there probably isn't time to get such a change in. > > And I suspect that the kirkstone v2 patch won't make it through > > Haitao, > > Steve has NOT merged this to kirkstone: > > https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut > > https://git.openembedded.org/openembedded-core/log/?h=kirkstone Correct, I've been waiting for V2 Steve > Please reply to and/or deal with my comments and send a v2. > > Thanks! > > ../Randy > > > testing until after the nanbield final release is done, so I don't > have an issue with taking it. > > Steve > > Note that the original commits were from Nov 2, 2022 so they've had some time > to ummm, bake but > the 3.2.0 release was 'only' on Nov 23, 2023: >https://www.openssl.org/source/old/3.2/index.html > so it's got 3 or 4 months of the public being able to test it. > > I've taken a look at the commits and haven't seen a problem with the backport. > > Haitao, > Did you have to adjust the patches at all? If so please explain what you did. > > Your tests show that openssl is faster, have you tested for correctness at > all? > Does it make sense to run: test/bntest.c ? Steve will likely run the ptests > of course. > > Do we need the oneline change: "Fix incorrect error branch in > ossl_bn_rsa_fips186_4_derive_prime()" > from: > openssl.git on master > ❯ git log --oneline crypto/bn/bn_rsa_fips186_4.c > da1c088f59 Copyright year updates > 835b90a19c Fix incorrect error branch in ossl_bn_rsa_fips186_4_derive_prime() > d2f6e66d28 Improve FIPS RSA keygen performance. > dd1d7bcb69 Improve FIPS RSA keygen performance. > > > Are there any other changes to the files touched by these commits that would > affect > the correctness or performance of the code introduced? > > ../Randy > > > > The following commits have fixed the issue. > https://github.com/openssl/openssl/commit/dd1d7bcb69994d81662e709b0ad838880b943870 > https://github.com/openssl/openssl/commit/d2f6e66d2837bff1f5f7636bb2118e3a45c9df61 > > Signed-off-by: Haitao Liu > --- > ...-Improve-FIPS-RSA-keygen-performance.patch | 271 +
[OE-core] OE-core CVE metrics for nanbield on Sun 24 Mar 2024 04:00:01 AM HST
Branch: nanbield New this week: 11 CVEs CVE-2023-52448 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52448 * CVE-2023-52449 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52449 * CVE-2023-52450 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52450 * CVE-2023-52451 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52451 * CVE-2023-52452 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52452 * CVE-2024-26586 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26586 * CVE-2024-26587 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26587 * CVE-2024-26588 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26588 * CVE-2024-26589 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26589 * CVE-2024-26590 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26590 * CVE-2024-26591 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26591 * Removed this week: 3 CVEs CVE-2023-5678 (CVSS3: 5.3 MEDIUM): openssl:openssl-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5678 * CVE-2023-6129 (CVSS3: 6.5 MEDIUM): openssl:openssl-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6129 * CVE-2024-0727 (CVSS3: 5.5 MEDIUM): openssl:openssl-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-0727 * Full list: Found 128 unpatched CVEs CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 * CVE-2021-3714 (CVSS3: 5.9 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3714 * CVE-2021-3864 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3864 * CVE-2022-0400 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0400 * CVE-2022-1247 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1247 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-36402 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36402 * CVE-2022-38096 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38096 * CVE-2022-4543 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4543 * CVE-2022-46456 (CVSS3: 6.1 MEDIUM): nasm:nasm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46456 * CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * CVE-2023-3019 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3019 * CVE-2023-3397 (CVSS3: 6.3 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3397 * CVE-2023-3640 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3640 * CVE-2023-39189 (CVSS3: 6.0 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39189 * CVE-2023-39192 (CVSS3: 6.0 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39192 * CVE-2023-39193 (CVSS3: 6.0 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39193 * CVE-2023-39928 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39928 * CVE-2023-4001 (CVSS3: 6.8 MEDIUM): grub:grub-efi:grub-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4001 * CVE-2023-4010 (CVSS3: 4.6 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4010 * CVE-2023-42363 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42363 * CVE-2023-42364 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42364 * CVE-2023-42365 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42365 * CVE-2023-42366 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42366 * CVE-2023-42753 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42753 * CVE-2023-42754 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42754 * CVE-2023-42756 (CVSS3: 4.7 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42756 * CVE-2023-4623 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4623 * CVE-2023-46407 (CVSS3: 5.5 MEDIUM):
Re: [OE-core] [yocto-security] OE-core CVE metrics for master on Sun 24 Mar 2024 01:00:01 AM HST
https://www.scmagazine.com/news/update-delays-to-nist-vulnerability-database-alarms-researchers On Sun, Mar 24, 2024, 4:11 AM Alexander Kanavin wrote: > I’m getting slightly concerned, no new CVEs second week in a row? Did the > checker break? > > Alex > > On Sun 24. Mar 2024 at 12.18, Steve Sakoman wrote: > >> Branch: master >> >> New this week: 0 CVEs >> >> Removed this week: 0 CVEs >> >> Full list: Found 37 unpatched CVEs >> CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 * >> CVE-2021-3714 (CVSS3: 5.9 MEDIUM): linux-yocto >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3714 * >> CVE-2021-3864 (CVSS3: 7.0 HIGH): linux-yocto >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3864 * >> CVE-2022-0400 (CVSS3: 7.5 HIGH): linux-yocto >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0400 * >> CVE-2022-1247 (CVSS3: 7.0 HIGH): linux-yocto >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1247 * >> CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * >> CVE-2022-38096 (CVSS3: 5.5 MEDIUM): linux-yocto >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38096 * >> CVE-2022-4543 (CVSS3: 5.5 MEDIUM): linux-yocto >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4543 * >> CVE-2022-46456 (CVSS3: 6.1 MEDIUM): nasm:nasm-native >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46456 * >> CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * >> CVE-2023-3397 (CVSS3: 6.3 MEDIUM): linux-yocto >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3397 * >> CVE-2023-3640 (CVSS3: 7.8 HIGH): linux-yocto >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3640 * >> CVE-2023-4010 (CVSS3: 4.6 MEDIUM): linux-yocto >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4010 * >> CVE-2023-42363 (CVSS3: 5.5 MEDIUM): busybox >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42363 * >> CVE-2023-42364 (CVSS3: 5.5 MEDIUM): busybox >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42364 * >> CVE-2023-42365 (CVSS3: 5.5 MEDIUM): busybox >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42365 * >> CVE-2023-42366 (CVSS3: 5.5 MEDIUM): busybox >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42366 * >> CVE-2023-51767 (CVSS3: 7.0 HIGH): openssh >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51767 * >> CVE-2023-6238 (CVSS3: 6.7 MEDIUM): linux-yocto >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6238 * >> CVE-2023-6240 (CVSS3: 6.5 MEDIUM): linux-yocto >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6240 * >> CVE-2023-6270 (CVSS3: 7.0 HIGH): linux-yocto >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6270 * >> CVE-2023-6356 (CVSS3: 7.5 HIGH): linux-yocto >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6356 * >> CVE-2023-6535 (CVSS3: 7.5 HIGH): linux-yocto >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6535 * >> CVE-2023-6536 (CVSS3: 7.5 HIGH): linux-yocto >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6536 * >> CVE-2023-7042 (CVSS3: 5.5 MEDIUM): linux-yocto >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-7042 * >> CVE-2023-7216 (CVSS3: 5.3 MEDIUM): cpio >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-7216 * >> CVE-2024-0841 (CVSS3: 7.8 HIGH): linux-yocto >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-0841 * >> CVE-2024-21803 (CVSS3: 7.8 HIGH): linux-yocto >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-21803 * >> CVE-2024-23307 (CVSS3: 7.8 HIGH): linux-yocto >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-23307 * >> CVE-2024-23848 (CVSS3: 5.5 MEDIUM): linux-yocto >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-23848 * >> CVE-2024-24857 (CVSS3: 6.8 MEDIUM): linux-yocto >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24857 * >> CVE-2024-24858 (CVSS3: 5.3 MEDIUM): linux-yocto >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24858 * >> CVE-2024-24859 (CVSS3: 4.8 MEDIUM): linux-yocto >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24859 * >> CVE-2024-24861 (CVSS3: 6.3 MEDIUM): linux-yocto >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24861 * >> CVE-2024-24864 (CVSS3: 4.7 MEDIUM): linux-yocto >> https:
[OE-core] OE-core CVE metrics for kirkstone on Sun 24 Mar 2024 03:00:01 AM HST
Branch: kirkstone New this week: 0 CVEs Removed this week: 0 CVEs Full list: Found 44 unpatched CVEs CVE-2021-35937 (CVSS3: 6.4 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35937 * CVE-2021-35938 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35938 * CVE-2021-35939 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35939 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-3515 (CVSS3: 9.8 CRITICAL): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3515 * CVE-2022-36648 (CVSS3: 10.0 CRITICAL): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36648 * CVE-2022-3872 (CVSS3: 8.6 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3872 * CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * CVE-2023-24532 (CVSS3: 5.3 MEDIUM): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24532 * CVE-2023-27043 (CVSS3: 5.3 MEDIUM): python3:python3-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27043 * CVE-2023-2731 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2731 * CVE-2023-28198 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-28198 * CVE-2023-29403 (CVSS3: 7.8 HIGH): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29403 * CVE-2023-3019 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3019 * CVE-2023-3164 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3164 * CVE-2023-32370 (CVSS3: 5.3 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-32370 * CVE-2023-37769 (CVSS3: 6.5 MEDIUM): pixman:pixman-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37769 * CVE-2023-39323 (CVSS3: 8.1 HIGH): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39323 * CVE-2023-4001 (CVSS3: 6.8 MEDIUM): grub:grub-efi:grub-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4001 * CVE-2023-40397 (CVSS3: 9.8 CRITICAL): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40397 * CVE-2023-44487 (CVSS3: 7.5 HIGH): go:nghttp2 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-44487 * CVE-2023-45803 (CVSS3: 4.2 MEDIUM): python3-urllib3 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45803 * CVE-2023-46407 (CVSS3: 5.5 MEDIUM): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-46407 * CVE-2023-47100 (CVSS3: 9.8 CRITICAL): perl:perl-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-47100 * CVE-2023-47470 (CVSS3: 7.8 HIGH): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-47470 * CVE-2023-48795 (CVSS3: 5.9 MEDIUM): libssh2:libssh2-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48795 * CVE-2023-49292 (CVSS3: 4.8 MEDIUM): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-49292 * CVE-2023-51767 (CVSS3: 7.0 HIGH): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51767 * CVE-2023-52355 (CVSS3: 7.5 HIGH): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52355 * CVE-2023-52356 (CVSS3: 7.5 HIGH): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52356 * CVE-2023-52425 (CVSS3: 7.5 HIGH): expat:expat-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52425 * CVE-2023-52426 (CVSS3: 5.5 MEDIUM): expat:expat-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52426 * CVE-2023-5380 (CVSS3: 4.7 MEDIUM): xwayland https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5380 * CVE-2023-5574 (CVSS3: 7.0 HIGH): xserver-xorg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5574 * CVE-2023-6277 (CVSS3: 6.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6277 * CVE-2023-6683 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6683 * CVE-2023-6816 (CVSS3: 9.8 CRITICAL): xwayland https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6816 * CVE-2023-7216 (CVSS3: 5.3 MEDIUM): cpio https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-7216 * CVE-2024-0408 (CVSS3: 5.5 MEDIUM): xwayland https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-0408 * CVE-2024-0409 (CVSS3: 7.8 HIGH): xwayland https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-0409 * CVE-2024-1048 (CVSS3: 3.3 LOW): grub:grub-efi:grub-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-1048 * CVE-2024-22860 (CVSS3: 9.8 CRITICAL): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-22860 *
[OE-core] OE-core CVE metrics for dunfell on Sun 24 Mar 2024 02:00:01 AM HST
Branch: dunfell New this week: 0 CVEs Removed this week: 0 CVEs Full list: Found 110 unpatched CVEs CVE-2020-15705 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15705 * CVE-2020-25742 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25742 * CVE-2020-25743 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25743 * CVE-2020-27918 (CVSS3: 7.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27918 * CVE-2020-29623 (CVSS3: 3.3 LOW): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29623 * CVE-2020-35503 (CVSS3: 6.0 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35503 * CVE-2020-35506 (CVSS3: 6.7 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35506 * CVE-2020-9948 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9948 * CVE-2020-9951 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9951 * CVE-2020-9952 (CVSS3: 7.1 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9952 * CVE-2021-1765 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1765 * CVE-2021-1789 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1789 * CVE-2021-1799 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1799 * CVE-2021-1801 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1801 * CVE-2021-1870 (CVSS3: 9.8 CRITICAL): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1870 * CVE-2021-27097 (CVSS3: 7.8 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27097 * CVE-2021-27138 (CVSS3: 7.8 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27138 * CVE-2021-31879 (CVSS3: 6.1 MEDIUM): wget https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31879 * CVE-2021-3418 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3418 * CVE-2021-3445 (CVSS3: 7.5 HIGH): libdnf https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3445 * CVE-2021-35937 (CVSS3: 6.4 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35937 * CVE-2021-35938 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35938 * CVE-2021-35939 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35939 * CVE-2021-3611 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3611 * CVE-2021-42762 (CVSS3: 5.3 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42762 * CVE-2021-45085 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45085 * CVE-2021-45086 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45086 * CVE-2021-45087 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45087 * CVE-2021-45088 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45088 * CVE-2021-45481 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45481 * CVE-2021-45482 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45482 * CVE-2021-45483 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45483 * CVE-2022-0358 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0358 * CVE-2022-2294 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2294 * CVE-2022-2347 (CVSS3: 7.1 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2347 * CVE-2022-23773 (CVSS3: 7.5 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23773 * CVE-2022-24765 (CVSS3: 7.8 HIGH): git https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24765 * CVE-2022-2953 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2953 * CVE-2022-2962 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2962 * CVE-2022-30293 (CVSS3: 7.5 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30293 * CVE-2022-30767 (CVSS3: 9.8 CRITICAL): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30767 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 *
[OE-core] OE-core CVE metrics for master on Sun 24 Mar 2024 01:00:01 AM HST
Branch: master New this week: 0 CVEs Removed this week: 0 CVEs Full list: Found 37 unpatched CVEs CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 * CVE-2021-3714 (CVSS3: 5.9 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3714 * CVE-2021-3864 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3864 * CVE-2022-0400 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0400 * CVE-2022-1247 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1247 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-38096 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38096 * CVE-2022-4543 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4543 * CVE-2022-46456 (CVSS3: 6.1 MEDIUM): nasm:nasm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46456 * CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * CVE-2023-3397 (CVSS3: 6.3 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3397 * CVE-2023-3640 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3640 * CVE-2023-4010 (CVSS3: 4.6 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4010 * CVE-2023-42363 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42363 * CVE-2023-42364 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42364 * CVE-2023-42365 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42365 * CVE-2023-42366 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42366 * CVE-2023-51767 (CVSS3: 7.0 HIGH): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51767 * CVE-2023-6238 (CVSS3: 6.7 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6238 * CVE-2023-6240 (CVSS3: 6.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6240 * CVE-2023-6270 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6270 * CVE-2023-6356 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6356 * CVE-2023-6535 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6535 * CVE-2023-6536 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6536 * CVE-2023-7042 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-7042 * CVE-2023-7216 (CVSS3: 5.3 MEDIUM): cpio https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-7216 * CVE-2024-0841 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-0841 * CVE-2024-21803 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-21803 * CVE-2024-23307 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-23307 * CVE-2024-23848 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-23848 * CVE-2024-24857 (CVSS3: 6.8 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24857 * CVE-2024-24858 (CVSS3: 5.3 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24858 * CVE-2024-24859 (CVSS3: 4.8 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24859 * CVE-2024-24861 (CVSS3: 6.3 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24861 * CVE-2024-24864 (CVSS3: 4.7 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24864 * CVE-2024-25739 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-25739 * CVE-2024-25740 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-25740 * Summary of CVE counts by recipe: linux-yocto: 28 busybox: 4 cpio: 1 gnupg:gnupg-native: 1 nasm:nasm-native: 1 openssh: 1 qemu:qemu-native:qemu-system-native: 1 For further information see: https://autobuilder.yocto.io/pub/non-release/patchmetrics/ -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197473): https://lists.openembedded.org/g/openembedded-core/message/197473 Mute This Topic: https://lists.openembedded.org/mt/105117572/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] Final dunfell release build on April 15, 2024
If you have any patches you would like to submit for dunfell before it goes EOL, please do so now! I'll be taking patches until around April 8 in preparation for an April 15 build. Steve -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197417): https://lists.openembedded.org/g/openembedded-core/message/197417 Mute This Topic: https://lists.openembedded.org/mt/105069079/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 12/12] yocto-uninative: Update to 4.4 for glibc 2.39
From: Michael Halstead Signed-off-by: Michael Halstead Signed-off-by: Richard Purdie (cherry picked from commit 56fdd8b79e2f7ec30d2cdcfa0c399a6553efac1e) Signed-off-by: Steve Sakoman --- meta/conf/distro/include/yocto-uninative.inc | 10 +- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/meta/conf/distro/include/yocto-uninative.inc b/meta/conf/distro/include/yocto-uninative.inc index eaa3e9b31c..4ac66fd506 100644 --- a/meta/conf/distro/include/yocto-uninative.inc +++ b/meta/conf/distro/include/yocto-uninative.inc @@ -6,10 +6,10 @@ # to the distro running on the build machine. # -UNINATIVE_MAXGLIBCVERSION = "2.38" -UNINATIVE_VERSION = "4.3" +UNINATIVE_MAXGLIBCVERSION = "2.39" +UNINATIVE_VERSION = "4.4" UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/${UNINATIVE_VERSION}/; -UNINATIVE_CHECKSUM[aarch64] ?= "8df05f4a41455018b4303b2e0ea4eac5c960b5a13713f6dbb33dfdb3e32753ec" -UNINATIVE_CHECKSUM[i686] ?= "bea76b4a97c9ba0077c0dd1295f519cd599dbf71f0ca1c964471c4cdb043addd" -UNINATIVE_CHECKSUM[x86_64] ?= "1c35f09a75c4096749bbe1e009df4e3968cde151424062cf4aa3ed89db22b030" +UNINATIVE_CHECKSUM[aarch64] ?= "b61876130f494f75092f21086b4a64ea5fb064045769bf1d32e9cb6af17ea8ec" +UNINATIVE_CHECKSUM[i686] ?= "9f28627828f0082cc0344eede4d9a861a9a064bfa8f36e072e46212f0fe45fcc" +UNINATIVE_CHECKSUM[x86_64] ?= "d81c54284be2bb886931fc87281d58177a2cd381cf99d1981f8923039a72a302" -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197399): https://lists.openembedded.org/g/openembedded-core/message/197399 Mute This Topic: https://lists.openembedded.org/mt/105048448/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 11/12] linux-firmware: upgrade 20231211 -> 20240220
From: Alexander Kanavin License-Update: additional files Signed-off-by: Alexander Kanavin Signed-off-by: Richard Purdie (cherry picked from commit add81ef0299ea5260f9bdc59ffc8f5cc0e74276f) Signed-off-by: Steve Sakoman --- ...{linux-firmware_20231211.bb => linux-firmware_20240220.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta/recipes-kernel/linux-firmware/{linux-firmware_20231211.bb => linux-firmware_20240220.bb} (99%) diff --git a/meta/recipes-kernel/linux-firmware/linux-firmware_20231211.bb b/meta/recipes-kernel/linux-firmware/linux-firmware_20240220.bb similarity index 99% rename from meta/recipes-kernel/linux-firmware/linux-firmware_20231211.bb rename to meta/recipes-kernel/linux-firmware/linux-firmware_20240220.bb index 3f201d853f..873ba9cdf0 100644 --- a/meta/recipes-kernel/linux-firmware/linux-firmware_20231211.bb +++ b/meta/recipes-kernel/linux-firmware/linux-firmware_20240220.bb @@ -134,7 +134,7 @@ LIC_FILES_CHKSUM = "file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \ " # WHENCE checksum is defined separately to ease overriding it if # class-devupstream is selected. -WHENCE_CHKSUM = "3113c4ea08e5171555f3bf49eceb5b07" +WHENCE_CHKSUM = "a344e6c28970fc7daafa81c10247aeb6" # These are not common licenses, set NO_GENERIC_LICENSE for them # so that the license files will be copied from fetched source @@ -212,7 +212,7 @@ SRC_URI:class-devupstream = "git://git.kernel.org/pub/scm/linux/kernel/git/firmw # Pin this to the 20220509 release, override this in local.conf SRCREV:class-devupstream ?= "b19cbdca78ab2adfd210c91be15a22568e8b8cae" -SRC_URI[sha256sum] = "96af7e4b5eabd37869cdb3dcbb7ab36911106d39b76e799fa1caab16a9dbe8bb" +SRC_URI[sha256sum] = "bf0f239dc0801e9d6bf5d5fb3e2f549575632cf4688f4348184199cb02c2bcd7" inherit allarch -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197398): https://lists.openembedded.org/g/openembedded-core/message/197398 Mute This Topic: https://lists.openembedded.org/mt/105048447/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 10/12] linux-firmware: upgrade 20231030 -> 20231211
From: Alexander Sverdlin Signed-off-by: Alexander Sverdlin Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie (cherry picked from commit 0caafdbbf4e7dc84b919afe14f7cb8c46a9e4ac2) Signed-off-by: Steve Sakoman --- ...nux-firmware_20231030.bb => linux-firmware_20231211.bb} | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) rename meta/recipes-kernel/linux-firmware/{linux-firmware_20231030.bb => linux-firmware_20231211.bb} (99%) diff --git a/meta/recipes-kernel/linux-firmware/linux-firmware_20231030.bb b/meta/recipes-kernel/linux-firmware/linux-firmware_20231211.bb similarity index 99% rename from meta/recipes-kernel/linux-firmware/linux-firmware_20231030.bb rename to meta/recipes-kernel/linux-firmware/linux-firmware_20231211.bb index 65cbca798e..3f201d853f 100644 --- a/meta/recipes-kernel/linux-firmware/linux-firmware_20231030.bb +++ b/meta/recipes-kernel/linux-firmware/linux-firmware_20231211.bb @@ -134,7 +134,7 @@ LIC_FILES_CHKSUM = "file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \ " # WHENCE checksum is defined separately to ease overriding it if # class-devupstream is selected. -WHENCE_CHKSUM = "ceb5248746d24d165b603e71b288cf75" +WHENCE_CHKSUM = "3113c4ea08e5171555f3bf49eceb5b07" # These are not common licenses, set NO_GENERIC_LICENSE for them # so that the license files will be copied from fetched source @@ -212,7 +212,7 @@ SRC_URI:class-devupstream = "git://git.kernel.org/pub/scm/linux/kernel/git/firmw # Pin this to the 20220509 release, override this in local.conf SRCREV:class-devupstream ?= "b19cbdca78ab2adfd210c91be15a22568e8b8cae" -SRC_URI[sha256sum] = "c98d200fc4a3120de1a594713ce34e135819dff23e883a4ed387863ba25679c7" +SRC_URI[sha256sum] = "96af7e4b5eabd37869cdb3dcbb7ab36911106d39b76e799fa1caab16a9dbe8bb" inherit allarch @@ -223,7 +223,8 @@ do_compile() { } do_install() { -oe_runmake 'DESTDIR=${D}' 'FIRMWAREDIR=${nonarch_base_libdir}/firmware' install +# install-nodedup avoids rdfind dependency +oe_runmake 'DESTDIR=${D}' 'FIRMWAREDIR=${nonarch_base_libdir}/firmware' install-nodedup cp GPL-2 LICEN[CS]E.* WHENCE ${D}${nonarch_base_libdir}/firmware/ } -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197397): https://lists.openembedded.org/g/openembedded-core/message/197397 Mute This Topic: https://lists.openembedded.org/mt/105048446/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 09/12] wireless-regdb: Upgrade 2023.09.01 -> 2024.01.23
From: Alex Kiernan Upstream maintainer has changed to Chen-Yu Tsai : https://lore.kernel.org/all/CAGb2v657baNMPKU3QADijx7hZa=GUcSv2LEDdn6N=qqafx8...@mail.gmail.com/ Note that fb768d3b13ff ("wifi: cfg80211: Add my certificate") and 3c2a8ebe3fe6 ("wifi: cfg80211: fix certs build to not depend on file order") are required if you are using kernel signature verification. Signed-off-by: Alex Kiernan Signed-off-by: Alexandre Belloni (cherry picked from commit abf169fbbf8bab13224adf4c8bfa2e26607f360c) Signed-off-by: Steve Sakoman --- ...eless-regdb_2023.09.01.bb => wireless-regdb_2024.01.23.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2023.09.01.bb => wireless-regdb_2024.01.23.bb} (88%) diff --git a/meta/recipes-kernel/wireless-regdb/wireless-regdb_2023.09.01.bb b/meta/recipes-kernel/wireless-regdb/wireless-regdb_2024.01.23.bb similarity index 88% rename from meta/recipes-kernel/wireless-regdb/wireless-regdb_2023.09.01.bb rename to meta/recipes-kernel/wireless-regdb/wireless-regdb_2024.01.23.bb index 9187d257ca..6489bc90d9 100644 --- a/meta/recipes-kernel/wireless-regdb/wireless-regdb_2023.09.01.bb +++ b/meta/recipes-kernel/wireless-regdb/wireless-regdb_2024.01.23.bb @@ -5,7 +5,7 @@ LICENSE = "ISC" LIC_FILES_CHKSUM = "file://LICENSE;md5=07c4f6dea3845b02a18dc00c8c87699c" SRC_URI = "https://www.kernel.org/pub/software/network/${BPN}/${BP}.tar.xz; -SRC_URI[sha256sum] = "26d4c2a727cc59239b84735aad856b7c7d0b04e30aa5c235c4f7f47f5f053491" +SRC_URI[sha256sum] = "c8a61c9acf76fa7eb4239e89f640dee3e87098d9f69b4d3518c9c60fc6d20c55" inherit bin_package allarch @@ -13,7 +13,7 @@ do_install() { install -d -m0755 ${D}${nonarch_libdir}/crda install -d -m0755 ${D}${sysconfdir}/wireless-regdb/pubkeys install -m 0644 regulatory.bin ${D}${nonarch_libdir}/crda/regulatory.bin -install -m 0644 sforshee.key.pub.pem ${D}${sysconfdir}/wireless-regdb/pubkeys/sforshee.key.pub.pem +install -m 0644 wens.key.pub.pem ${D}${sysconfdir}/wireless-regdb/pubkeys/wens.key.pub.pem install -m 0644 -D regulatory.db ${D}${nonarch_base_libdir}/firmware/regulatory.db install -m 0644 regulatory.db.p7s ${D}${nonarch_base_libdir}/firmware/regulatory.db.p7s -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197396): https://lists.openembedded.org/g/openembedded-core/message/197396 Mute This Topic: https://lists.openembedded.org/mt/105048445/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 08/12] wireless-regdb: upgrade 2023.05.03 -> 2023.09.01
From: Wang Mingyu Changelog: == wireless-regdb: update regulatory database based on preceding changes wireless-regdb: Update regulatory rules for Australia (AU) for June 2023 wireless-regdb: Update regulatory info for Türkiye (TR) wireless-regdb: Update regulatory rules for Egypt (EG) from March 2022 guidel... wireless-regdb: Update regulatory rules for Philippines (PH) Signed-off-by: Wang Mingyu Signed-off-by: Richard Purdie (cherry picked from commit 2f5edb6904bf16a9c52a9b124aeb5297487cd716) Signed-off-by: Steve Sakoman --- ...ireless-regdb_2023.05.03.bb => wireless-regdb_2023.09.01.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2023.05.03.bb => wireless-regdb_2023.09.01.bb} (94%) diff --git a/meta/recipes-kernel/wireless-regdb/wireless-regdb_2023.05.03.bb b/meta/recipes-kernel/wireless-regdb/wireless-regdb_2023.09.01.bb similarity index 94% rename from meta/recipes-kernel/wireless-regdb/wireless-regdb_2023.05.03.bb rename to meta/recipes-kernel/wireless-regdb/wireless-regdb_2023.09.01.bb index f3c3cd78e9..9187d257ca 100644 --- a/meta/recipes-kernel/wireless-regdb/wireless-regdb_2023.05.03.bb +++ b/meta/recipes-kernel/wireless-regdb/wireless-regdb_2023.09.01.bb @@ -5,7 +5,7 @@ LICENSE = "ISC" LIC_FILES_CHKSUM = "file://LICENSE;md5=07c4f6dea3845b02a18dc00c8c87699c" SRC_URI = "https://www.kernel.org/pub/software/network/${BPN}/${BP}.tar.xz; -SRC_URI[sha256sum] = "f254d08ab3765aeae2b856222e11a95d44aef519a6663877c71ef68fae4c8c12" +SRC_URI[sha256sum] = "26d4c2a727cc59239b84735aad856b7c7d0b04e30aa5c235c4f7f47f5f053491" inherit bin_package allarch -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197395): https://lists.openembedded.org/g/openembedded-core/message/197395 Mute This Topic: https://lists.openembedded.org/mt/105048444/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 07/12] cve-update-nvd2-native: Remove rejected CVE from database
From: Yoann Congal When a CVE is updated to be rejected, matching database entries must be removed. Otherwise: * an incremental update is not equivalent the to an initial download. * rejected CVEs might still appear as Unpatched in cve-check. Signed-off-by: Yoann Congal Signed-off-by: Richard Purdie (cherry picked from commit f276a980b8930b98e6c8f0e1a865d77dfcfe5085) Signed-off-by: Steve Sakoman --- meta/recipes-core/meta/cve-update-nvd2-native.bb | 4 1 file changed, 4 insertions(+) diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb b/meta/recipes-core/meta/cve-update-nvd2-native.bb index 0044529b7d..1a3eeba6d0 100644 --- a/meta/recipes-core/meta/cve-update-nvd2-native.bb +++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb @@ -323,6 +323,10 @@ def update_db(conn, elt): accessVector = None cveId = elt['cve']['id'] if elt['cve']['vulnStatus'] == "Rejected": +c = conn.cursor() +c.execute("delete from PRODUCTS where ID = ?;", [cveId]) +c.execute("delete from NVD where ID = ?;", [cveId]) +c.close() return cveDesc = "" for desc in elt['cve']['descriptions']: -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197394): https://lists.openembedded.org/g/openembedded-core/message/197394 Mute This Topic: https://lists.openembedded.org/mt/105048443/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 06/12] cve-update-nvd2-native: Fix CVE configuration update
From: Yoann Congal When a CVE is created, it often has no precise version information and this is stored as "-" (matching any version). After an update, version information is added. The previous "-" must be removed, otherwise, the CVE is still "Unpatched" for cve-check. Signed-off-by: Yoann Congal Signed-off-by: Richard Purdie (cherry picked from commit 641ae3f36e09af9932dc33043a0a5fbfce62122e) Signed-off-by: Steve Sakoman --- meta/recipes-core/meta/cve-update-nvd2-native.bb | 4 1 file changed, 4 insertions(+) diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb b/meta/recipes-core/meta/cve-update-nvd2-native.bb index a703b68aac..0044529b7d 100644 --- a/meta/recipes-core/meta/cve-update-nvd2-native.bb +++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb @@ -352,6 +352,10 @@ def update_db(conn, elt): [cveId, cveDesc, cvssv2, cvssv3, date, accessVector]).close() try: +# Remove any pre-existing CVE configuration. Even for partial database +# update, those will be repopulated. This ensures that old +# configuration is not kept for an updated CVE. +conn.execute("delete from PRODUCTS where ID = ?", [cveId]).close() for config in elt['cve']['configurations']: # This is suboptimal as it doesn't handle AND/OR and negate, but is better than nothing for node in config["nodes"]: -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197393): https://lists.openembedded.org/g/openembedded-core/message/197393 Mute This Topic: https://lists.openembedded.org/mt/105048442/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 05/12] cve-update-nvd2-native: nvd_request_next: Improve comment
From: Yoann Congal Add a URL to the doc of the API used in the function. ... and fix a small typo dabase -> database Signed-off-by: Yoann Congal Signed-off-by: Richard Purdie (cherry picked from commit e0157b3b81333a24abd31dbb23a6abebca3e7ba7) Signed-off-by: Steve Sakoman --- meta/recipes-core/meta/cve-update-nvd2-native.bb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb b/meta/recipes-core/meta/cve-update-nvd2-native.bb index 506b4b6bbf..a703b68aac 100644 --- a/meta/recipes-core/meta/cve-update-nvd2-native.bb +++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb @@ -123,7 +123,8 @@ def nvd_request_wait(attempt, min_wait): def nvd_request_next(url, attempts, api_key, args, min_wait): """ -Request next part of the NVD dabase +Request next part of the NVD database +NVD API documentation: https://nvd.nist.gov/developers/vulnerabilities """ import urllib.request -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197392): https://lists.openembedded.org/g/openembedded-core/message/197392 Mute This Topic: https://lists.openembedded.org/mt/105048439/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 04/12] cve-update-nvd2-native: Remove duplicated CVE_CHECK_DB_FILE definition
From: Yoann Congal CVE_CHECK_DB_FILE is already defined in cve-check.bbclass which is always inherited in cve-update-nvd2-native (There is a check line 40). Remove it to avoid confusion. Otherwise, this should not change anything. Signed-off-by: Yoann Congal Signed-off-by: Richard Purdie (cherry picked from commit e5f3f223885c17b7007c310273fc7c80b90a4105) Signed-off-by: Steve Sakoman --- meta/recipes-core/meta/cve-update-nvd2-native.bb | 2 -- 1 file changed, 2 deletions(-) diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb b/meta/recipes-core/meta/cve-update-nvd2-native.bb index af21989d58..506b4b6bbf 100644 --- a/meta/recipes-core/meta/cve-update-nvd2-native.bb +++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb @@ -37,8 +37,6 @@ CVE_DB_UPDATE_ATTEMPTS ?= "5" CVE_DB_TEMP_FILE ?= "${CVE_CHECK_DB_DIR}/temp_nvdcve_2.db" -CVE_CHECK_DB_FILE ?= "${CVE_CHECK_DB_DIR}/nvdcve_2.db" - python () { if not bb.data.inherits_class("cve-check", d): raise bb.parse.SkipRecipe("Skip recipe when cve-check class is not loaded.") -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197391): https://lists.openembedded.org/g/openembedded-core/message/197391 Mute This Topic: https://lists.openembedded.org/mt/105048436/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 03/12] cve-update-nvd2-native: Add an age threshold for incremental update
From: Yoann Congal Add a new variable "CVE_DB_INCR_UPDATE_AGE_THRES", which can be used to specify the maximum age of the database for doing an incremental update For older databases, a full re-download is done. With a value of "0", this forces a full-redownload. Signed-off-by: Yoann Congal Signed-off-by: Richard Purdie (cherry picked from commit 74c1765111b6610348eae4b7e41d7045ce58ef86) Signed-off-by: Steve Sakoman --- .../meta/cve-update-nvd2-native.bb| 20 +++ 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb b/meta/recipes-core/meta/cve-update-nvd2-native.bb index 9b6e746add..af21989d58 100644 --- a/meta/recipes-core/meta/cve-update-nvd2-native.bb +++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb @@ -26,6 +26,12 @@ NVDCVE_API_KEY ?= "" # Use a negative value to skip the update CVE_DB_UPDATE_INTERVAL ?= "86400" +# CVE database incremental update age threshold, in seconds. If the database is +# older than this threshold, do a full re-download, else, do an incremental +# update. By default: the maximum allowed value from NVD: 120 days (120*24*60*60) +# Use 0 to force a full download. +CVE_DB_INCR_UPDATE_AGE_THRES ?= "10368000" + # Number of attempts for each http query to nvd server before giving up CVE_DB_UPDATE_ATTEMPTS ?= "5" @@ -172,18 +178,24 @@ def update_db_file(db_tmp_file, d, database_time): req_args = {'startIndex' : 0} -# The maximum range for time is 120 days -# Force a complete update if our range is longer -if (database_time != 0): +incr_update_threshold = int(d.getVar("CVE_DB_INCR_UPDATE_AGE_THRES")) +if database_time != 0: database_date = datetime.datetime.fromtimestamp(database_time, tz=datetime.timezone.utc) today_date = datetime.datetime.now(tz=datetime.timezone.utc) delta = today_date - database_date -if delta.days < 120: +if incr_update_threshold == 0: +bb.note("CVE database: forced full update") +elif delta < datetime.timedelta(seconds=incr_update_threshold): bb.note("CVE database: performing partial update") +# The maximum range for time is 120 days +if delta > datetime.timedelta(days=120): +bb.error("CVE database: Trying to do an incremental update on a larger than supported range") req_args['lastModStartDate'] = database_date.isoformat() req_args['lastModEndDate'] = today_date.isoformat() else: bb.note("CVE database: file too old, forcing a full update") +else: +bb.note("CVE database: no preexisting database, do a full download") with bb.progress.ProgressHandler(d) as ph, open(os.path.join(d.getVar("TMPDIR"), 'cve_check'), 'a') as cve_f: -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197390): https://lists.openembedded.org/g/openembedded-core/message/197390 Mute This Topic: https://lists.openembedded.org/mt/105048434/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 02/12] cve-update-nvd2-native: Fix typo in comment
From: Yoann Congal attmepts -> attempts Signed-off-by: Yoann Congal Signed-off-by: Richard Purdie (cherry picked from commit dc18aaeda8e810f9082a0ceac08e5e4275bbd0f7) Signed-off-by: Steve Sakoman --- meta/recipes-core/meta/cve-update-nvd2-native.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb b/meta/recipes-core/meta/cve-update-nvd2-native.bb index 69ba20a6cb..9b6e746add 100644 --- a/meta/recipes-core/meta/cve-update-nvd2-native.bb +++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb @@ -26,7 +26,7 @@ NVDCVE_API_KEY ?= "" # Use a negative value to skip the update CVE_DB_UPDATE_INTERVAL ?= "86400" -# Number of attmepts for each http query to nvd server before giving up +# Number of attempts for each http query to nvd server before giving up CVE_DB_UPDATE_ATTEMPTS ?= "5" CVE_DB_TEMP_FILE ?= "${CVE_CHECK_DB_DIR}/temp_nvdcve_2.db" -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197389): https://lists.openembedded.org/g/openembedded-core/message/197389 Mute This Topic: https://lists.openembedded.org/mt/105048432/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 01/12] libxml2: Backport fix for CVE-2024-25062
From: Vijay Anusuri Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/-/commit/31c6ce3b63f8a494ad9e31ca65187a73d8ad3508 & https://gitlab.gnome.org/GNOME/libxml2/-/commit/2b0aac140d739905c7848a42efc60bfe783a39b7] Signed-off-by: Vijay Anusuri Signed-off-by: Steve Sakoman --- .../libxml/libxml2/CVE-2024-25062-pre1.patch | 38 +++ .../libxml/libxml2/CVE-2024-25062.patch | 33 meta/recipes-core/libxml/libxml2_2.9.10.bb| 2 + 3 files changed, 73 insertions(+) create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2024-25062-pre1.patch create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2024-25062.patch diff --git a/meta/recipes-core/libxml/libxml2/CVE-2024-25062-pre1.patch b/meta/recipes-core/libxml/libxml2/CVE-2024-25062-pre1.patch new file mode 100644 index 00..31183399f8 --- /dev/null +++ b/meta/recipes-core/libxml/libxml2/CVE-2024-25062-pre1.patch @@ -0,0 +1,38 @@ +From 31c6ce3b63f8a494ad9e31ca65187a73d8ad3508 Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Mon, 9 Nov 2020 17:55:44 +0100 +Subject: [PATCH] Avoid call stack overflow with XML reader and recursive + XIncludes + +Don't process XIncludes in the result of another inclusion to avoid +infinite recursion resulting in a call stack overflow. + +This is something the XInclude engine shouldn't allow but correct +handling of intra-document includes would require major changes. + +Found by OSS-Fuzz. + +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/-/commit/31c6ce3b63f8a494ad9e31ca65187a73d8ad3508] +CVE: CVE-2024-25062 #Dependency Patch +Signed-off-by: Vijay Anusuri +--- + xmlreader.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/xmlreader.c b/xmlreader.c +index 01adf74f4..72e40b032 100644 +--- a/xmlreader.c b/xmlreader.c +@@ -1585,7 +1585,8 @@ node_found: + /* + * Handle XInclude if asked for + */ +-if ((reader->xinclude) && (reader->node != NULL) && ++if ((reader->xinclude) && (reader->in_xinclude == 0) && ++(reader->node != NULL) && + (reader->node->type == XML_ELEMENT_NODE) && + (reader->node->ns != NULL) && + ((xmlStrEqual(reader->node->ns->href, XINCLUDE_NS)) || +-- +GitLab + diff --git a/meta/recipes-core/libxml/libxml2/CVE-2024-25062.patch b/meta/recipes-core/libxml/libxml2/CVE-2024-25062.patch new file mode 100644 index 00..5365d5546a --- /dev/null +++ b/meta/recipes-core/libxml/libxml2/CVE-2024-25062.patch @@ -0,0 +1,33 @@ +From 2b0aac140d739905c7848a42efc60bfe783a39b7 Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Sat, 14 Oct 2023 22:45:54 +0200 +Subject: [PATCH] [CVE-2024-25062] xmlreader: Don't expand XIncludes when + backtracking + +Fixes a use-after-free if XML Reader if used with DTD validation and +XInclude expansion. + +Fixes #604. + +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/-/commit/2b0aac140d739905c7848a42efc60bfe783a39b7] +CVE: CVE-2024-25062 +Signed-off-by: Vijay Anusuri +--- + xmlreader.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/xmlreader.c b/xmlreader.c +index 979385a13..fefd68e0b 100644 +--- a/xmlreader.c b/xmlreader.c +@@ -1443,6 +1443,7 @@ node_found: + * Handle XInclude if asked for + */ + if ((reader->xinclude) && (reader->in_xinclude == 0) && ++(reader->state != XML_TEXTREADER_BACKTRACK) && + (reader->node != NULL) && + (reader->node->type == XML_ELEMENT_NODE) && + (reader->node->ns != NULL) && +-- +GitLab + diff --git a/meta/recipes-core/libxml/libxml2_2.9.10.bb b/meta/recipes-core/libxml/libxml2_2.9.10.bb index 90d30f1ea7..72f830b6d3 100644 --- a/meta/recipes-core/libxml/libxml2_2.9.10.bb +++ b/meta/recipes-core/libxml/libxml2_2.9.10.bb @@ -44,6 +44,8 @@ SRC_URI += "http://www.w3.org/XML/Test/xmlts20080827.tar.gz;subdir=${BP};name=te file://CVE-2021-3516.patch \ file://CVE-2023-45322-1.patch \ file://CVE-2023-45322-2.patch \ + file://CVE-2024-25062-pre1.patch \ + file://CVE-2024-25062.patch \ " SRC_URI[archive.sha256sum] = "593b7b751dd18c2d6abcd0c4bcb29efc203d0b4373a6df98e3a455ea74ae2813" -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197388): https://lists.openembedded.org/g/openembedded-core/message/197388 Mute This Topic: https://lists.openembedded.org/mt/105048429/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 00/12] Patch review
Please review this set of changes for dunfell and have comments back by end of day Friday, March 22 Passed a-full on autobuilder: https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6692 The following changes since commit b49b0a3dd74c24f3a011c9c0b5cf8f6530956cfa: build-appliance-image: Update to dunfell head revision (2024-03-01 03:19:51 -1000) are available in the Git repository at: https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut Alex Kiernan (1): wireless-regdb: Upgrade 2023.09.01 -> 2024.01.23 Alexander Kanavin (1): linux-firmware: upgrade 20231211 -> 20240220 Alexander Sverdlin (1): linux-firmware: upgrade 20231030 -> 20231211 Michael Halstead (1): yocto-uninative: Update to 4.4 for glibc 2.39 Vijay Anusuri (1): libxml2: Backport fix for CVE-2024-25062 Wang Mingyu (1): wireless-regdb: upgrade 2023.05.03 -> 2023.09.01 Yoann Congal (6): cve-update-nvd2-native: Fix typo in comment cve-update-nvd2-native: Add an age threshold for incremental update cve-update-nvd2-native: Remove duplicated CVE_CHECK_DB_FILE definition cve-update-nvd2-native: nvd_request_next: Improve comment cve-update-nvd2-native: Fix CVE configuration update cve-update-nvd2-native: Remove rejected CVE from database meta/conf/distro/include/yocto-uninative.inc | 10 ++--- .../libxml/libxml2/CVE-2024-25062-pre1.patch | 38 +++ .../libxml/libxml2/CVE-2024-25062.patch | 33 meta/recipes-core/libxml/libxml2_2.9.10.bb| 2 + .../meta/cve-update-nvd2-native.bb| 35 + ...20231030.bb => linux-firmware_20240220.bb} | 7 ++-- 05.03.bb => wireless-regdb_2024.01.23.bb} | 4 +- 7 files changed, 111 insertions(+), 18 deletions(-) create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2024-25062-pre1.patch create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2024-25062.patch rename meta/recipes-kernel/linux-firmware/{linux-firmware_20231030.bb => linux-firmware_20240220.bb} (99%) rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2023.05.03.bb => wireless-regdb_2024.01.23.bb} (88%) -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197387): https://lists.openembedded.org/g/openembedded-core/message/197387 Mute This Topic: https://lists.openembedded.org/mt/105048428/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-