From: Joshua Lock <joshua.g.lock@intel.com>
To: openembedded-core@lists.openembedded.org
Subject: [PATCH 00/16][Fido] Consolidated pull
Date: Mon, 18 Jan 2016 09:18:55 +0000 [thread overview]
Message-ID: <cover.1452889139.git.joshua.g.lock@intel.com> (raw)
The following changes since commit 3f2701c102e4e5b95fc79a8d967f9c48f8232fc6:
grub2: Fix CVE-2015-8370 (2016-01-11 11:10:11 +0000)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib joshuagl/fido-next
http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=joshuagl/fido-next
Armin Kuster (13):
openssl: fix for CVE-2015-3193
openssl: fix for CVE-2015-3194
openssl: fix for CVE-2015-3195
libxml2: security fix CVE-2015-7941
libxml2: security fix CVE-2015-8317
libxml2: security fix CVE-2015-7942
libxml2: security fix CVE-2015-8035
libxml2: security fix CVE-2015-7498
libxml2: security fix CVE-2015-7497
libxml2: security fix CVE-2015-7499
libxml2: security fix CVE-2015-7500
libxml2: security fix CVE-2015-8242
libxml2: security fix CVE-2015-5312
Hongxu Jia (1):
logrotate: do not move binary logrotate to /usr/bin
Joshua Lock (1):
libxml2: remove files for easier maintenance
Martin Jansa (1):
texinfo: don't create dependency on INHERIT variable
.../openssl/0001-Add-test-for-CVE-2015-3194.patch | 66 ++++++++++
...64-mont5.pl-fix-carry-propagating-bug-CVE.patch | 101 +++++++++++++++
.../CVE-2015-3194-1-Add-PSS-parameter-check.patch | 45 +++++++
...CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch | 66 ++++++++++
.../recipes-connectivity/openssl/openssl_1.0.2d.bb | 4 +
meta/recipes-core/libxml/libxml2.inc | 16 ++-
...-2015-5312-Another-entity-expansion-issue.patch | 39 ++++++
...97-Avoid-an-heap-buffer-overflow-in-xmlDi.patch | 40 ++++++
...00-Fix-memory-access-error-due-to-incorre.patch | 131 +++++++++++++++++++
...015-8035-Fix-XZ-compression-support-loop.patch} | 9 +-
...42-Buffer-overead-with-HTML-parser-in-pus.patch | 49 ++++++++
...n-name-parsing-at-the-end-of-current-inpu.patch | 138 +++++++++++++++++++++
...ssing-entities-after-encoding-conversion-.patch | 89 +++++++++++++
...99-1-Add-xmlHaltParser-to-stop-the-parser.patch | 88 +++++++++++++
...VE-2015-7499-2-Detect-incoherency-on-GROW.patch | 43 +++++++
...top-parsing-on-entities-boundaries-errors.patch | 39 ++++++
...eanup-conditional-section-error-handling.patch} | 25 ++--
...ror-in-previous-Conditional-section-patch.patch | 35 ++++++
...iation-of-overflow-in-Conditional-section.patch | 39 ++++++
...ng-early-on-if-encoding-conversion-failed.patch | 42 +++++++
meta/recipes-extended/logrotate/logrotate_3.8.8.bb | 2 +-
meta/recipes-extended/texinfo/texinfo_5.2.bb | 2 +-
22 files changed, 1086 insertions(+), 22 deletions(-)
create mode 100644 meta/recipes-connectivity/openssl/openssl/0001-Add-test-for-CVE-2015-3194.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2015-3193-bn-asm-x86_64-mont5.pl-fix-carry-propagating-bug-CVE.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2015-3194-1-Add-PSS-parameter-check.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch
create mode 100644 meta/recipes-core/libxml/libxml2/0001-CVE-2015-5312-Another-entity-expansion-issue.patch
create mode 100644 meta/recipes-core/libxml/libxml2/0001-CVE-2015-7497-Avoid-an-heap-buffer-overflow-in-xmlDi.patch
create mode 100644 meta/recipes-core/libxml/libxml2/0001-CVE-2015-7500-Fix-memory-access-error-due-to-incorre.patch
rename meta/recipes-core/libxml/libxml2/{CVE-2015-8035.patch => 0001-CVE-2015-8035-Fix-XZ-compression-support-loop.patch} (83%)
create mode 100644 meta/recipes-core/libxml/libxml2/0001-CVE-2015-8242-Buffer-overead-with-HTML-parser-in-pus.patch
create mode 100644 meta/recipes-core/libxml/libxml2/0001-Fix-a-bug-on-name-parsing-at-the-end-of-current-inpu.patch
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2015-7498-Avoid-processing-entities-after-encoding-conversion-.patch
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2015-7499-1-Add-xmlHaltParser-to-stop-the-parser.patch
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2015-7499-2-Detect-incoherency-on-GROW.patch
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2015-7941-1-Stop-parsing-on-entities-boundaries-errors.patch
rename meta/recipes-core/libxml/libxml2/{CVE-2015-7942.patch => CVE-2015-7941-2-Cleanup-conditional-section-error-handling.patch} (68%)
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2015-7942-2-Fix-an-error-in-previous-Conditional-section-patch.patch
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2015-7942-Another-variation-of-overflow-in-Conditional-section.patch
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2015-8317-Fail-parsing-early-on-if-encoding-conversion-failed.patch
--
2.5.0
next reply other threads:[~2016-01-18 9:19 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-18 9:18 Joshua Lock [this message]
2016-01-20 11:37 ` [PATCH 00/16][Fido] Consolidated pull Joshua G Lock
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1452889139.git.joshua.g.lock@intel.com \
--to=joshua.g.lock@intel.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.