From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 0/6] Patch review
Date: Sun, 21 Jan 2024 08:57:49 -1000 [thread overview]
Message-ID: <cover.1705863274.git.steve@sakoman.com> (raw)
Please review this set of changes for kirkstone and have comments back by
end of day Tuesday, January 23
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6471
The following changes since commit ebd61290a644a6d9f2b3701e0e7ea050636da76c:
pybootchartgui: fix 2 SyntaxWarnings (2024-01-16 04:10:03 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Hitendra Prajapati (2):
openssl: fix CVE-2023-6237 Excessive time spent checking invalid RSA
public keys
pam: fix CVE-2024-22365 pam_namespace misses
Peter Marko (1):
dropbear: backport patch for CVE-2023-48795
Vijay Anusuri (2):
gnutls: Fix for CVE-2024-0553 and CVE-2024-0567
xserver-xorg: Multiple CVE fixes
Yogita Urade (1):
tiff: fix CVE-2023-6228
.../openssl/openssl/CVE-2023-6237.patch | 127 ++++++++++
.../openssl/openssl_3.0.12.bb | 1 +
meta/recipes-core/dropbear/dropbear.inc | 1 +
.../dropbear/dropbear/CVE-2023-48795.patch | 234 ++++++++++++++++++
.../pam/libpam/CVE-2024-22365.patch | 62 +++++
meta/recipes-extended/pam/libpam_1.5.2.bb | 1 +
.../xserver-xorg/CVE-2023-6816.patch | 55 ++++
.../xserver-xorg/CVE-2024-0229-1.patch | 87 +++++++
.../xserver-xorg/CVE-2024-0229-2.patch | 221 +++++++++++++++++
.../xserver-xorg/CVE-2024-0229-3.patch | 41 +++
.../xserver-xorg/CVE-2024-0229-4.patch | 45 ++++
.../xserver-xorg/CVE-2024-0408.patch | 64 +++++
.../xserver-xorg/CVE-2024-0409.patch | 46 ++++
.../xserver-xorg/CVE-2024-21885.patch | 113 +++++++++
.../xserver-xorg/CVE-2024-21886-1.patch | 74 ++++++
.../xserver-xorg/CVE-2024-21886-2.patch | 57 +++++
.../xorg-xserver/xserver-xorg_21.1.8.bb | 10 +
.../libtiff/tiff/CVE-2023-6228.patch | 31 +++
meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 1 +
.../gnutls/gnutls/CVE-2024-0553.patch | 125 ++++++++++
.../gnutls/gnutls/CVE-2024-0567.patch | 184 ++++++++++++++
meta/recipes-support/gnutls/gnutls_3.7.4.bb | 2 +
22 files changed, 1582 insertions(+)
create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2023-6237.patch
create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2023-48795.patch
create mode 100644 meta/recipes-extended/pam/libpam/CVE-2024-22365.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-6816.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-0229-1.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-0229-2.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-0229-3.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-0229-4.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-0408.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-0409.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-21885.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-21886-1.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-21886-2.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-6228.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2024-0553.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2024-0567.patch
--
2.34.1
next reply other threads:[~2024-01-21 18:58 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-21 18:57 Steve Sakoman [this message]
2024-01-21 18:57 ` [OE-core][kirkstone 1/6] dropbear: backport patch for CVE-2023-48795 Steve Sakoman
2024-01-21 18:57 ` [OE-core][kirkstone 2/6] openssl: fix CVE-2023-6237 Excessive time spent checking invalid RSA public keys Steve Sakoman
2024-01-21 18:57 ` [OE-core][kirkstone 3/6] tiff: fix CVE-2023-6228 Steve Sakoman
2024-01-21 18:57 ` [OE-core][kirkstone 4/6] gnutls: Fix for CVE-2024-0553 and CVE-2024-0567 Steve Sakoman
2024-01-21 18:57 ` [OE-core][kirkstone 5/6] pam: fix CVE-2024-22365 pam_namespace misses Steve Sakoman
2024-01-21 18:57 ` [OE-core][kirkstone 6/6] xserver-xorg: Multiple CVE fixes Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2025-05-09 16:16 [OE-core][kirkstone 0/6] Patch review Steve Sakoman
2025-03-24 19:36 Steve Sakoman
2025-03-10 13:36 Steve Sakoman
2024-09-05 12:40 Steve Sakoman
2024-08-25 18:49 Steve Sakoman
2024-07-20 12:42 Steve Sakoman
2024-05-13 12:18 Steve Sakoman
2024-01-08 16:14 Steve Sakoman
2023-10-21 15:28 Steve Sakoman
2023-04-05 2:29 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1705863274.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.