[OE-core] [thud][PATCH v2] python3: Fix CVEs

From: Dan Tran Fixes CVE-2018-14647, CVE-2018-20406, CVE-2018-20852, CVE-2019-9636, CVE-2019-9740, and CVE-2019-9747. Signed-off-by: Dan Tran --- .../python/python3/CVE-2018-14647.patch| 95 + .../python/python3/CVE-2018-20406.patch| 217 +

[OE-core] [thud][PATCH] python3: Fix CVEs

From: Dan Tran Fixes CVE-2018-14647, CVE-2018-20406, CVE-2018-20852, CVE-2019-9636, CVE-2019-9740, and CVE-2019-9747. --- .../python/python3/CVE-2018-14647.patch| 95 + .../python/python3/CVE-2018-20406.patch| 217 +

[OE-core] [thud] binutils: Fix 4 CVEs

From: Dan Tran Fixes CVE-2018-20623, CVE-2018-20651, CVE-2018-20-671, and CVE-2018-1000876 for binutils 2.31.1. Signed-off-by: Dan Tran --- meta/recipes-devtools/binutils/binutils-2.31.inc | 4 + .../binutils/binutils/CVE-2018-1000876.patch | 180 +

[OE-core] [thud] python: Fix 3 CVEs

From: Dan Tran Fixes CVE-2018-20852, CVE-2019-9740, and CVE-2019-9747 Signed-off-by: Dan Tran --- .../python/python/bpo-30458-cve-2019-9740.patch| 219 + .../python/python/bpo-35121-cve-2018-20852.patch | 127

[OE-core] [thud][PATCH] qemu: Fix 4 CVEs

From: Dan Tran Fixes CVE-2018-18954, CVE-2019-3812, CVE-2019-6778, and CVE-2019-8934. Also deleted duplicated patch and cleanup. Signed-off-by: Dan Tran --- .../qemu/qemu/CVE-2018-10839.patch| 2 +- .../qemu/qemu/CVE-2018-17958.patch| 52 -

[OE-core] [thud][PATCH] unzip: fix CVE-2019-13232

From: Dan Tran Signed-off-by: Dan Tran --- .../unzip/unzip/CVE-2019-13232.patch | 389 + meta/recipes-extended/unzip/unzip_6.0.bb | 1 + 2 files changed, 390 insertions(+) create mode 100644 meta/recipes-extended/unzip/unzip/CVE-2019-13232.patch

[OE-core] [oe-core][thud][PATCH] perl: Fix CVE-2018-18311 to 18314

From: Dan Tran Signed-off-by: Dan Tran --- .../perl/perl/CVE-2018-18311.patch| 183 .../perl/perl/CVE-2018-18312.patch| Bin 0 -> 2125 bytes .../perl/perl/CVE-2018-18313.patch| 60 .../perl/perl/CVE-2018-18314.patch| 271

[OE-core] [oe-core][PATCH] unzip: Fix CVE-2019-13232

From: Dan Tran Signed-off-by: Dan Tran --- .../unzip/unzip/CVE-2019-13232_p1.patch | 33 ++ .../unzip/unzip/CVE-2019-13232_p2.patch | 356 ++ .../unzip/unzip/CVE-2019-13232_p3.patch | 121 ++ meta/recipes-extended/unzip/unzip_6.0.bb | 3 + 4 files

[OE-core] [oe-core][warrior][PATCH] unzip: Fix CVE-2019-13232

From: Dan Tran Signed-off-by: Dan Tran --- .../unzip/unzip/CVE-2019-13232_p1.patch | 33 ++ .../unzip/unzip/CVE-2019-13232_p2.patch | 356 ++ .../unzip/unzip/CVE-2019-13232_p3.patch | 121 ++ meta/recipes-extended/unzip/unzip_6.0.bb | 3 + 4 files

[OE-core] [oe-core][thud][PATCH v3] unzip: fix CVE-2019-13232

From: Dan Tran Signed-off-by: Dan Tran --- .../unzip/unzip/CVE-2019-13232_p1.patch | 33 ++ .../unzip/unzip/CVE-2019-13232_p2.patch | 356 ++ .../unzip/unzip/CVE-2019-13232_p3.patch | 121 ++ meta/recipes-extended/unzip/unzip_6.0.bb | 3 + 4 files

[OE-core] [oe-core][thud][PATCH] openssh: Fix three CVEs

From: Dan Tran Signed-off-by: Dan Tran --- .../openssh/openssh/CVE-2018-20685.patch | 42 +++ .../openssh/openssh/CVE-2019-6109_p1.patch| 278 ++ .../openssh/openssh/CVE-2019-6109_p2.patch| 125 ++ .../openssh/openssh/CVE-2019-6111_p1.patch| 189 ++

[OE-core] [thud][PATCH] tar: Fix CVE-2018-20482

From: Dan Tran Signed-off-by: Dan Tran --- .../tar/tar/CVE-2018-20482.patch | 405 ++ meta/recipes-extended/tar/tar_1.30.bb | 1 + 2 files changed, 406 insertions(+) create mode 100644 meta/recipes-extended/tar/tar/CVE-2018-20482.patch diff --git

[OE-core] [thud][PATCH] sudo: Fix CVE-2019-14287

From: Dan Tran Signed-off-by: Dan Tran --- .../sudo/sudo/CVE-2019-14287_p1.patch | 168 ++ .../sudo/sudo/CVE-2019-14287_p2.patch | 96 ++ meta/recipes-extended/sudo/sudo_1.8.23.bb | 2 + 3 files changed, 266 insertions(+) create mode 100644

[OE-core] [thud][PATCH v2] sudo: Fix CVE-2019-14287

From: Dan Tran Signed-off-by: Dan Tran --- .../sudo/sudo/CVE-2019-14287_p1.patch | 170 ++ .../sudo/sudo/CVE-2019-14287_p2.patch | 98 ++ meta/recipes-extended/sudo/sudo_1.8.23.bb | 2 + 3 files changed, 270 insertions(+) create mode 100644

[OE-core] [warrior][PATCH] qemu: Fix CVE-2019-8934

From: Dan Tran Signed-off-by: Dan Tran --- meta/recipes-devtools/qemu/qemu.inc | 3 +- .../qemu/qemu/CVE-2019-8934.patch | 215 ++ 2 files changed, 217 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2019-8934.patch

[OE-core] [oe-core][thud][PATCH v2] unzip: fix CVE-2019-13232

From: Dan Tran Signed-off-by: Dan Tran --- .../unzip/unzip/CVE-2019-13232.patch | 388 ++ meta/recipes-extended/unzip/unzip_6.0.bb | 1 + 2 files changed, 389 insertions(+) create mode 100644 meta/recipes-extended/unzip/unzip/CVE-2019-13232.patch diff --git

[OE-core] [oe-core][thud][PATCH] gnutls: Fix CVE-2019-3829 and CVE-2019-3836

From: Dan Tran Signed-off-by: Dan Tran --- .../gnutls/gnutls/CVE-2019-3829_p1.patch | 39 + .../gnutls/gnutls/CVE-2019-3829_p2.patch | 871 ++ .../gnutls/gnutls/CVE-2019-3829_p3.patch | 36 + .../gnutls/gnutls/CVE-2019-3836.patch | 35 +