Re: [oe][meta-networking][kirkstone][PATCH V2 1/2] samba: fix CVE-2023-4091

Hi Anuj, I have sent V3 with updated commit message, please let me know if any changes are required. Regards, Archana From: openembedded-devel@lists.openembedded.org on behalf of Anuj Mittal via lists.openembedded.org Sent: Thursday, November 23, 2023 06:51 T

[oe][meta-networking][kirkstone][PATCH V3 1/1] samba: fix CVE-2023-4091

From: Archana Polampalli A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". The SMB protocol allows opening files when the clie

[oe] [meta-java][PATCH v2] commons-collections3: update SRC_URI

Older tarballs have been moved to archive: https://archive.apache.org/dist/commons/collections/source/ Also drop obsolete SRC_URI[md5sum] Signed-off-by: Tim Orling --- Changes in v2: Fix parse error by adding closing " to SRC_URI recipes-core/jakarta-commons/commons-collections3_3.2.2.bb | 3

[oe] [meta-java][PATCH] commons-collections3: update SRC_URI

Older tarballs have been moved to archive: https://archive.apache.org/dist/commons/collections/source/ Also drop obsolete SRC_URI[md5sum] Signed-off-by: Tim Orling --- recipes-core/jakarta-commons/commons-collections3_3.2.2.bb | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git

Re: [oe][meta-networking][kirkstone][PATCH V2 1/2] samba: fix CVE-2023-4091

On Wed, 2023-11-22 at 08:51 +, Polampalli, Archana via lists.openembedded.org wrote: > From: Archana Polampalli > > A vulnerability was discovered in Samba, where the flaw allows SMB > clients to > truncate files, even with read-only permissions when the Samba VFS > module > "acl_xattr" is co

[oe] [meta-networking][PATCH 2/2] libexosip2: package binaries in a separate package

Put sip_monitor, sip_reg and sip_storm in a separate libexosip2-tools package as they won't be needed most of the time. Signed-off-by: Charles Perry --- meta-networking/recipes-support/libexosip2/libexosip2_5.3.0.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta-networking/recipes-s

[oe] [meta-networking][PATCH 1/2] libexosip2: add c-ares and openssl PACKAGECONFIG

They are enabled by default as libexosip2 works better with those. Signed-off-by: Charles Perry --- .../recipes-support/libexosip2/libexosip2_5.3.0.bb| 4 1 file changed, 4 insertions(+) diff --git a/meta-networking/recipes-support/libexosip2/libexosip2_5.3.0.bb b/meta-network

[oe] [meta-oe][dunfell][PATCH] spirv-tools: Use main branch for all repos

From: Frieder Schrempf The master branch has been removed in all of the repos used in SRC_URI. Switch to the main branch instead. Signed-off-by: Frieder Schrempf --- meta-oe/recipes-graphics/spir/spirv-tools_git.bb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/meta-

Re: [oe] [meta-java][PATCH] layer.conf: Mark as compatible with nanbield

I have created the mickledore branches on git.yoctoproject.org, github.com/meta-java and gitlab.com/meta-java I will edit in place to drop mickledore and replace with nanbield for "master" branches Thank you for the contribution. On Wed, Nov 22, 2023 at 5:58 AM Anthony Bagwell wrote: > Signed-

[oe] [meta-java][PATCH] layer.conf: Mark as compatible with nanbield

Signed-off-by: AJ Bagwell --- conf/layer.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conf/layer.conf b/conf/layer.conf index c571df5..fb8590e 100644 --- a/conf/layer.conf +++ b/conf/layer.conf @@ -7,7 +7,7 @@ BBFILES += "${LAYERDIR}/recipes*/*/*.bb ${LAYERDIR}/recipe

[oe] [nanbield][meta-oe][PATCH] yajl: fix CVE-2017-16516, CVE-2022-24795, CVE-2023-33460

From: Ross Burton Take three CVE fixes from Fedora, as the upstream repository is now dead. Signed-off-by: Ross Burton Signed-off-by: Khem Raj Signed-off-by: Tan Wen Yan --- .../yajl/yajl/CVE-2017-16516.patch| 37 .../yajl/yajl/CVE-2022-24795.patch| 59 ++

[oe] [mickledore][meta-oe][PATCH] libvpx: upgrade 1.13.0 -> 1.13.1

From: Benjamin Bara Changelog: = This release contains two security related fixes. One each for VP8 and VP9. - Upgrading: This release is ABI compatible with the previous release. - Bug fixes: https://crbug.com/1486441 (CVE-2023-5217) Fix to a crash related to VP9 encoding (#1642)

[oe] [mickledore][meta-oe][PATCH] gattlib: Upgrade to latest tip of trunk

From: Khem Raj License-Update: Year changed [1] Remove build directory from include directives in generated sourcecode via gdbus-codegen Upgrade includes fix for CVE-2019-6498 [1] https://github.com/labapart/gattlib/commit/5c87eda925c597e72107b5026c6b8d490ce76d62 Signed-off-by: Khem Raj Sig

[oe] [meta-networking][PATCH] frr: fix CVEs CVE-2023-4675{2,3} and CVE-2023-4723{4,5}

Add patches fixing CVE CVE-2023-46752, CVE-2023-46753, CVE-2023-47234, and CVE-2023-47235 to FRR 9.0. Patch order is commit order, not CVE numerical order, to avoid fuzz / need for rebasing of the patches. References: https://nvd.nist.gov/vuln/detail/CVE-2023-46752 https://nvd.nist.gov/vuln/detai

Re: [oe][meta-networking][kirkstone][PATCH 1/2] samba: fix CVE-2023-4091

It affects all versions of Samba, Sent V2. https://www.samba.org/samba/security/CVE-2023-4091.html Thank you, Regards, Archana From: Mittal, Anuj s Sent: Wednesday, November 22, 2023 11:28 To: Polampalli, Archana ; openembedded-devel@lists.openembedded.org Sub

[oe][meta-networking][kirkstone][PATCH V2 1/2] samba: fix CVE-2023-4091

From: Archana Polampalli A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". The SMB protocol allows opening files when the clie