[OE-core] [fido][PATCH 00/11] Fido Security fixes #2
Armin Kuster
akuster808 at gmail.com
Wed Feb 24 01:48:23 UTC 2016
From: Armin Kuster <akuster at mvista.com>
please consider these changes for the next fido update.
This is to meet our obligation for Yocto compatibility
The following changes since commit 9037f2c7c797367c2d09b87f344ecf749d28cb41:
gdk-pixbuf: Security fix CVE-2015-7674 (2016-02-22 19:08:53 -0800)
are available in the git repository at:
git://git.yoctoproject.org/poky-contrib akuster/fido_cve_fixes
http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=akuster/fido_cve_fixes
Armin Kuster (10):
busybox: Security fix CVE-2011-5325
libpng: Security fix CVE-2015-8126
libpng: Security fix CVE-2015-8472
libgcrypt: Security fix CVE-2015-7511
curl: Security fix CVE-2016-0754
curl: Secuirty fix CVE-2016-0755
bind: Security fix CVE-2015-8461
nettle: Security fix CVE-2015-8803 and CVE-2015-8805
nettle: Security fix CVE-2015-8804
git: Security fixes CVE-2015-7545
Li Zhou (1):
rpcbind: Security Advisory - rpcbind - CVE-2015-7236
.../bind/bind/CVE-2015-8461.patch | 45 +++
meta/recipes-connectivity/bind/bind_9.9.5.bb | 3 +-
.../busybox/busybox/CVE-2011-5325.patch | 48 +++
meta/recipes-core/busybox/busybox_1.23.1.bb | 1 +
.../git/git-2.3.0/CVE-2015-7545_1.patch | 445 +++++++++++++++++++++
.../git/git-2.3.0/CVE-2015-7545_2.patch | 113 ++++++
.../git/git-2.3.0/CVE-2015-7545_3.patch | 110 +++++
.../git/git-2.3.0/CVE-2015-7545_4.patch | 146 +++++++
.../git/git-2.3.0/CVE-2015-7545_5.patch | 67 ++++
meta/recipes-devtools/git/git_2.3.0.bb | 7 +
.../rpcbind/rpcbind/cve-2015-7236.patch | 83 ++++
meta/recipes-extended/rpcbind/rpcbind_0.2.2.bb | 1 +
.../libpng/libpng-1.6.16/CVE-2015-8126_1.patch | 91 +++++
.../libpng/libpng-1.6.16/CVE-2015-8126_2.patch | 134 +++++++
.../libpng/libpng-1.6.16/CVE-2015-8126_3.patch | 79 ++++
.../libpng/libpng-1.6.16/CVE-2015-8126_4.patch | 48 +++
.../libpng/libpng-1.6.16/CVE-2015-8472.patch | 29 ++
meta/recipes-multimedia/libpng/libpng_1.6.16.bb | 7 +
meta/recipes-support/curl/curl/CVE-2016-0754.patch | 384 ++++++++++++++++++
meta/recipes-support/curl/curl/CVE-2016-0755.patch | 133 ++++++
meta/recipes-support/curl/curl_7.40.0.bb | 4 +-
.../libgcrypt/files/CVE-2015-7511_1.patch | 245 ++++++++++++
.../libgcrypt/files/CVE-2015-7511_2.patch | 55 +++
meta/recipes-support/libgcrypt/libgcrypt_1.6.2.bb | 5 +
.../nettle/nettle-2.7.1/CVE-2015-8803_8805.patch | 71 ++++
.../nettle/nettle-2.7.1/CVE-2015-8804.patch | 272 +++++++++++++
meta/recipes-support/nettle/nettle_2.7.1.bb | 5 +
27 files changed, 2629 insertions(+), 2 deletions(-)
create mode 100644 meta/recipes-connectivity/bind/bind/CVE-2015-8461.patch
create mode 100644 meta/recipes-core/busybox/busybox/CVE-2011-5325.patch
create mode 100644 meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_1.patch
create mode 100644 meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_2.patch
create mode 100644 meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_3.patch
create mode 100644 meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_4.patch
create mode 100644 meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_5.patch
create mode 100644 meta/recipes-extended/rpcbind/rpcbind/cve-2015-7236.patch
create mode 100644 meta/recipes-multimedia/libpng/libpng-1.6.16/CVE-2015-8126_1.patch
create mode 100644 meta/recipes-multimedia/libpng/libpng-1.6.16/CVE-2015-8126_2.patch
create mode 100644 meta/recipes-multimedia/libpng/libpng-1.6.16/CVE-2015-8126_3.patch
create mode 100644 meta/recipes-multimedia/libpng/libpng-1.6.16/CVE-2015-8126_4.patch
create mode 100644 meta/recipes-multimedia/libpng/libpng-1.6.16/CVE-2015-8472.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2016-0754.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2016-0755.patch
create mode 100644 meta/recipes-support/libgcrypt/files/CVE-2015-7511_1.patch
create mode 100644 meta/recipes-support/libgcrypt/files/CVE-2015-7511_2.patch
create mode 100644 meta/recipes-support/nettle/nettle-2.7.1/CVE-2015-8803_8805.patch
create mode 100644 meta/recipes-support/nettle/nettle-2.7.1/CVE-2015-8804.patch
--
2.3.5
More information about the Openembedded-core
mailing list