[Daisy CVEs CONSOLIDATED Pull 00/12] Tested Last Week

All of lore.kernel.org
 help / color / mirror / Atom feed

* [Daisy CVEs CONSOLIDATED Pull 00/12] Tested Last Week
@ 2014-09-29 17:00 Saul Wold
  0 siblings, 0 replies; only message in thread
From: Saul Wold @ 2014-09-29 17:00 UTC (permalink / raw)
  To: openembedded-core

Richard,

Here is a batch of Daisy CVEs that have been pending for a while.

Sau!


The following changes since commit e358d20e8ccf1299e8a046e743a31e92546cd239:

  bash: Fix CVE-2014-7169 (2014-09-29 12:15:51 +0100)

are available in the git repository at:

  git://git.openembedded.org/openembedded-core-contrib sgw/daisy-next
  http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=sgw/daisy-next

Chong Lu (1):
  adt-installer: fix sed input file error

Guillem Jover (2):
  dpkg: Security Advisory - CVE-2014-0471
  dpkg: Security Advisory - CVE-2014-3127

Li Wang (1):
  nss: CVE-2014-1544

Muzaffar Mahmood (1):
  libtiff: fix CVE-2013-1961

Richard Purdie (1):
  binutils: Add fix for recent patch on older gcc

Shan Hai (1):
  pulseaudio: fix CVE-2014-3970

Xufeng Zhang (1):
  nspr: Fix for CVE-2014-1545

Yue Tao (3):
  gst-ffmpeg: Add CVE patches
  libtiff: Security Advisory - CVE-2012-4564
  libpam: Security Advisory - CVE-2014-2583

yanjun.zhu (1):
  perl: fix for CVE-2010-4777

 meta/recipes-devtools/binutils/binutils-2.24.inc   |   1 +
 .../binutils/binutils-uninitialised-warning.patch  |  50 ++
 .../dpkg-1.17.4-CVE-2014-0471-CVE-2014-3127.patch  |  68 ++
 .../dpkg/dpkg/dpkg-1.17.4-CVE-2014-0471.patch      |  97 +++
 meta/recipes-devtools/dpkg/dpkg_1.17.4.bb          |   2 +
 .../adt-installer/scripts/adt_installer_internal   |   1 +
 .../perl-5.14.3-fix-CVE-2010-4777.patch            |  45 ++
 meta/recipes-devtools/perl/perl-native_5.14.3.bb   |   3 +-
 meta/recipes-devtools/perl/perl_5.14.3.bb          |   3 +-
 ...mp-fix-potential-directory-traversal-issu.patch |  63 ++
 meta/recipes-extended/pam/libpam_1.1.6.bb          |   1 +
 .../0001-aacdec-check-channel-count.patch          |  34 +
 ...util-fix-signedness-in-sizeof-comparissio.patch |  40 ++
 ...c-parser-reset-indexes-on-realloc-failure.patch |  50 ++
 ...a-Perform-pointer-advance-and-checks-befo.patch |  81 +++
 ...-error-concealment-initialize-block-index.patch |  29 +
 ...alment-Check-that-the-picture-is-not-in-a.patch |  37 +
 .../0001-ffserver-set-oformat.patch                |  36 +
 .../0001-h264_sei-Fix-infinite-loop.patch          |  39 +
 ...check-width-more-completely-avoid-out-of-.patch |  30 +
 ...f-compute-probe-buffer-size-more-reliably.patch |  45 ++
 ...er-dont-access-out-of-array-elements-at-t.patch |  44 ++
 ...array-index-before-use-fix-out-of-array-a.patch |  30 +
 .../0001-qdm2dec-fix-buffer-overflow.patch         |  58 ++
 ...Check-that-the-last-indexes-are-within-th.patch |  32 +
 ...-vp3-Copy-all-3-frames-for-thread-updates.patch |  32 +
 ...-read-for-negative-tokens-and-memleaks-on.patch | 183 +++++
 .../gst-ffmpeg-CVE-2013-0855.patch                 | 100 +++
 .../gstreamer/gst-ffmpeg_0.10.13.bb                |  17 +
 .../libtiff/files/libtiff-CVE-2013-1961.patch      | 786 +++++++++++++++++++++
 .../libtiff/files/tiff-CVE-2012-4564.patch         |  99 +++
 meta/recipes-multimedia/libtiff/tiff_4.0.3.bb      |   4 +-
 .../pulseaudio/pulseaudio/CVE-2014-3970.patch      |  52 ++
 .../pulseaudio/pulseaudio_5.0.bb                   |   4 +-
 .../nspr/nspr/nspr-CVE-2014-1545.patch             |  67 ++
 meta/recipes-support/nspr/nspr_4.10.3.bb           |   1 +
 .../nss/files/nss-CVE-2014-1544.patch              |  41 ++
 meta/recipes-support/nss/nss.inc                   |   1 +
 38 files changed, 2302 insertions(+), 4 deletions(-)
 create mode 100644 meta/recipes-devtools/binutils/binutils/binutils-uninitialised-warning.patch
 create mode 100644 meta/recipes-devtools/dpkg/dpkg/dpkg-1.17.4-CVE-2014-0471-CVE-2014-3127.patch
 create mode 100644 meta/recipes-devtools/dpkg/dpkg/dpkg-1.17.4-CVE-2014-0471.patch
 create mode 100644 meta/recipes-devtools/perl/perl-5.14.3/perl-5.14.3-fix-CVE-2010-4777.patch
 create mode 100644 meta/recipes-extended/pam/libpam/pam_timestamp-fix-potential-directory-traversal-issu.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-aacdec-check-channel-count.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-avcodec-dsputil-fix-signedness-in-sizeof-comparissio.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-avcodec-parser-reset-indexes-on-realloc-failure.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-avcodec-rpza-Perform-pointer-advance-and-checks-befo.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-error-concealment-initialize-block-index.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-error_concealment-Check-that-the-picture-is-not-in-a.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-ffserver-set-oformat.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-h264_sei-Fix-infinite-loop.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-huffyuvdec-check-width-more-completely-avoid-out-of-.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-lavf-compute-probe-buffer-size-more-reliably.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-pngdec-filter-dont-access-out-of-array-elements-at-t.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-qdm2-check-array-index-before-use-fix-out-of-array-a.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-qdm2dec-fix-buffer-overflow.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-smackerdec-Check-that-the-last-indexes-are-within-th.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-vp3-Copy-all-3-frames-for-thread-updates.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-vp3-fix-oob-read-for-negative-tokens-and-memleaks-on.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/gst-ffmpeg-CVE-2013-0855.patch
 create mode 100644 meta/recipes-multimedia/libtiff/files/libtiff-CVE-2013-1961.patch
 create mode 100644 meta/recipes-multimedia/libtiff/files/tiff-CVE-2012-4564.patch
 create mode 100644 meta/recipes-multimedia/pulseaudio/pulseaudio/CVE-2014-3970.patch
 create mode 100644 meta/recipes-support/nspr/nspr/nspr-CVE-2014-1545.patch
 create mode 100644 meta/recipes-support/nss/files/nss-CVE-2014-1544.patch

-- 
1.8.3.1



^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2014-09-29 17:00 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-09-29 17:00 [Daisy CVEs CONSOLIDATED Pull 00/12] Tested Last Week Saul Wold

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.