From: Armin Kuster <akuster808@gmail.com>
To: openembedded-core@lists.openembedded.org,
joshua.g.lock@intel.com, akuster@mvista.com
Subject: [fido][PATCH 00/11] Fido Security fixes #2
Date: Tue, 23 Feb 2016 17:48:23 -0800 [thread overview]
Message-ID: <cover.1456278327.git.akuster@mvista.com> (raw)
From: Armin Kuster <akuster@mvista.com>
please consider these changes for the next fido update.
This is to meet our obligation for Yocto compatibility
The following changes since commit 9037f2c7c797367c2d09b87f344ecf749d28cb41:
gdk-pixbuf: Security fix CVE-2015-7674 (2016-02-22 19:08:53 -0800)
are available in the git repository at:
git://git.yoctoproject.org/poky-contrib akuster/fido_cve_fixes
http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=akuster/fido_cve_fixes
Armin Kuster (10):
busybox: Security fix CVE-2011-5325
libpng: Security fix CVE-2015-8126
libpng: Security fix CVE-2015-8472
libgcrypt: Security fix CVE-2015-7511
curl: Security fix CVE-2016-0754
curl: Secuirty fix CVE-2016-0755
bind: Security fix CVE-2015-8461
nettle: Security fix CVE-2015-8803 and CVE-2015-8805
nettle: Security fix CVE-2015-8804
git: Security fixes CVE-2015-7545
Li Zhou (1):
rpcbind: Security Advisory - rpcbind - CVE-2015-7236
.../bind/bind/CVE-2015-8461.patch | 45 +++
meta/recipes-connectivity/bind/bind_9.9.5.bb | 3 +-
.../busybox/busybox/CVE-2011-5325.patch | 48 +++
meta/recipes-core/busybox/busybox_1.23.1.bb | 1 +
.../git/git-2.3.0/CVE-2015-7545_1.patch | 445 +++++++++++++++++++++
.../git/git-2.3.0/CVE-2015-7545_2.patch | 113 ++++++
.../git/git-2.3.0/CVE-2015-7545_3.patch | 110 +++++
.../git/git-2.3.0/CVE-2015-7545_4.patch | 146 +++++++
.../git/git-2.3.0/CVE-2015-7545_5.patch | 67 ++++
meta/recipes-devtools/git/git_2.3.0.bb | 7 +
.../rpcbind/rpcbind/cve-2015-7236.patch | 83 ++++
meta/recipes-extended/rpcbind/rpcbind_0.2.2.bb | 1 +
.../libpng/libpng-1.6.16/CVE-2015-8126_1.patch | 91 +++++
.../libpng/libpng-1.6.16/CVE-2015-8126_2.patch | 134 +++++++
.../libpng/libpng-1.6.16/CVE-2015-8126_3.patch | 79 ++++
.../libpng/libpng-1.6.16/CVE-2015-8126_4.patch | 48 +++
.../libpng/libpng-1.6.16/CVE-2015-8472.patch | 29 ++
meta/recipes-multimedia/libpng/libpng_1.6.16.bb | 7 +
meta/recipes-support/curl/curl/CVE-2016-0754.patch | 384 ++++++++++++++++++
meta/recipes-support/curl/curl/CVE-2016-0755.patch | 133 ++++++
meta/recipes-support/curl/curl_7.40.0.bb | 4 +-
.../libgcrypt/files/CVE-2015-7511_1.patch | 245 ++++++++++++
.../libgcrypt/files/CVE-2015-7511_2.patch | 55 +++
meta/recipes-support/libgcrypt/libgcrypt_1.6.2.bb | 5 +
.../nettle/nettle-2.7.1/CVE-2015-8803_8805.patch | 71 ++++
.../nettle/nettle-2.7.1/CVE-2015-8804.patch | 272 +++++++++++++
meta/recipes-support/nettle/nettle_2.7.1.bb | 5 +
27 files changed, 2629 insertions(+), 2 deletions(-)
create mode 100644 meta/recipes-connectivity/bind/bind/CVE-2015-8461.patch
create mode 100644 meta/recipes-core/busybox/busybox/CVE-2011-5325.patch
create mode 100644 meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_1.patch
create mode 100644 meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_2.patch
create mode 100644 meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_3.patch
create mode 100644 meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_4.patch
create mode 100644 meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_5.patch
create mode 100644 meta/recipes-extended/rpcbind/rpcbind/cve-2015-7236.patch
create mode 100644 meta/recipes-multimedia/libpng/libpng-1.6.16/CVE-2015-8126_1.patch
create mode 100644 meta/recipes-multimedia/libpng/libpng-1.6.16/CVE-2015-8126_2.patch
create mode 100644 meta/recipes-multimedia/libpng/libpng-1.6.16/CVE-2015-8126_3.patch
create mode 100644 meta/recipes-multimedia/libpng/libpng-1.6.16/CVE-2015-8126_4.patch
create mode 100644 meta/recipes-multimedia/libpng/libpng-1.6.16/CVE-2015-8472.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2016-0754.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2016-0755.patch
create mode 100644 meta/recipes-support/libgcrypt/files/CVE-2015-7511_1.patch
create mode 100644 meta/recipes-support/libgcrypt/files/CVE-2015-7511_2.patch
create mode 100644 meta/recipes-support/nettle/nettle-2.7.1/CVE-2015-8803_8805.patch
create mode 100644 meta/recipes-support/nettle/nettle-2.7.1/CVE-2015-8804.patch
--
2.3.5
next reply other threads:[~2016-02-24 1:48 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-24 1:48 Armin Kuster [this message]
2016-02-29 15:17 ` [fido][PATCH 00/11] Fido Security fixes #2 Joshua G Lock
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1456278327.git.akuster@mvista.com \
--to=akuster808@gmail.com \
--cc=akuster@mvista.com \
--cc=joshua.g.lock@intel.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox