ries running with an effective UID of 0 are
unaffected.
Backport the CVE patche from https://github.com/bminor/bash/commit/
951bdaad7a18cc0dc1036bba86b18b90874d39ff to fix CVE-2019-18276
Signed-off-by: Chet Ramey
Signed-off-by: De Huo
---
.../bash/bash/bash-CVE-2019-18276.patch | 402
Signed-off-by: Khem Raj
The vlock doesn't exist if PAM isn't enabled.
Signed-off-by: Hongxu Jia
Signed-off-by: Richard Purdie
Signed-off-by: De Huo
---
meta/recipes-core/kbd/kbd_2.0.4.bb | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/meta/recipes-core/kbd/kbd
Downstream bug report: https://bugs.gentoo.org/661650
Upstream-Status: Backport [f7f357ef079b6d185f340e716d7c72a98d82bad0]
Signed-off-by: Lars Wendler
Signed-off-by: De Huo
---
...-Fix-logic-of-vlock-configure-switch.patch | 31 +++
meta/recipes-core/kbd/kbd_2.0.4.bb
man/rng-tools/commit/cf1475fbdf33d5c3a62099b6b20f2b2017d6de33
Signed-off-by: De Huo
---
.../0001-Allow-jitter-threads-to-exit-faster.patch | 130 +
.../rng-tools/0002-Daemonize-earlier-in-init.patch | 88 ++
meta/recipes-support/rng-tools/rng-tools_6.7.bb| 2 +
3 files changed, 220 insert
(CVE-2020-10543) On 32bit systems the size calculations for nested regular
expression quantifiers could overflow causing heap memory corruption.
Fixes: Perl/perl5-security#125
(cherry picked from commit bfd31397db5dc1a5c5d3e0a1f753a4f89a736e71)
Signed-off-by: De Huo
---
.../perl/files/CVE-2020
-off-by: De Huo
---
.../perl/files/CVE-2020-12723.patch | 306 ++
meta/recipes-devtools/perl/perl_5.30.1.bb | 1 +
2 files changed, 307 insertions(+)
create mode 100644 meta/recipes-devtools/perl/files/CVE-2020-12723.patch
diff --git a/meta/recipes-devtools/perl