[OE-core] [fido][PATCH 0/7] fido Security fixes pull request

akuster808 akuster808 at gmail.com
Sun Feb 28 16:39:21 UTC 2016 

ping

On 02/23/2016 07:58 AM, Armin Kuster wrote:
> From: Armin Kuster <akuster at mvista.com>
> 
> Please consider these for the next fido 
> 
> This is to meet our obligation for Yocto compatibility
> 
> The following changes since commit 06d9c894636352a6c93711c7284d02b0c794a527:
> 
>   libbsd: Security fix CVE-2016-2090 (2016-02-18 11:03:10 +0000)
> 
> are available in the git repository at:
> 
>   git://git.yoctoproject.org/poky-contrib akuster/fido_cve_fixes
>   http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=akuster/fido_cve_fixes
> 
> Armin Kuster (7):
>   qemu: Security fix CVE-2016-2198
>   foomatic-filters: Security fix CVE-2015-8560
>   foomatic-filters: Security fixes CVE-2015-8327
>   tiff: Security fix CVE-2015-8781
>   tiff: Security fix CVE-2015-8784
>   librsvg: Security fix CVE-2015-7558
>   gdk-pixbuf: Security fix CVE-2015-7674
> 
>  .../recipes-devtools/qemu/qemu/CVE-2016-2198.patch |  45 ++++
>  meta/recipes-devtools/qemu/qemu_2.2.0.bb           |   1 +
>  .../foomatic-filters-4.0.17/CVE-2015-8327.patch    |  23 +++
>  .../foomatic-filters-4.0.17/CVE-2015-8560.patch    |  23 +++
>  .../foomatic/foomatic-filters_4.0.17.bb            |   4 +
>  .../gdk-pixbuf/gdk-pixbuf/CVE-2015-7674.patch      |  39 ++++
>  meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.30.8.bb |   1 +
>  .../librsvg/librsvg/CVE-2015-7558_1.patch          | 139 +++++++++++++
>  .../librsvg/librsvg/CVE-2015-7558_2.patch          | 230 +++++++++++++++++++++
>  .../librsvg/librsvg/CVE-2015-7558_3.patch          | 223 ++++++++++++++++++++
>  meta/recipes-gnome/librsvg/librsvg_2.40.6.bb       |   6 +-
>  .../libtiff/files/CVE-2015-8781.patch              | 196 ++++++++++++++++++
>  .../libtiff/files/CVE-2015-8784.patch              |  73 +++++++
>  meta/recipes-multimedia/libtiff/tiff_4.0.3.bb      |   5 +-
>  14 files changed, 1006 insertions(+), 2 deletions(-)
>  create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2016-2198.patch
>  create mode 100644 meta/recipes-extended/foomatic/foomatic-filters-4.0.17/CVE-2015-8327.patch
>  create mode 100644 meta/recipes-extended/foomatic/foomatic-filters-4.0.17/CVE-2015-8560.patch
>  create mode 100644 meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2015-7674.patch
>  create mode 100644 meta/recipes-gnome/librsvg/librsvg/CVE-2015-7558_1.patch
>  create mode 100644 meta/recipes-gnome/librsvg/librsvg/CVE-2015-7558_2.patch
>  create mode 100644 meta/recipes-gnome/librsvg/librsvg/CVE-2015-7558_3.patch
>  create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2015-8781.patch
>  create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2015-8784.patch
>

More information about the Openembedded-core mailing list