[OE-core] [fido][PATCH 00/11] Fido Security fixes #2
Joshua G Lock
joshua.g.lock at linux.intel.com
Mon Feb 29 15:17:06 UTC 2016
On Tue, 2016-02-23 at 17:48 -0800, Armin Kuster wrote:
> From: Armin Kuster <akuster at mvista.com>
>
> please consider these changes for the next fido update.
>
> This is to meet our obligation for Yocto compatibility
>
> The following changes since commit
> 9037f2c7c797367c2d09b87f344ecf749d28cb41:
>
> gdk-pixbuf: Security fix CVE-2015-7674 (2016-02-22 19:08:53 -0800)
>
> are available in the git repository at:
>
> git://git.yoctoproject.org/poky-contrib akuster/fido_cve_fixes
> http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=akuster/fi
> do_cve_fixes
>
> Armin Kuster (10):
> busybox: Security fix CVE-2011-5325
This doesn't appear to actually fix anything, it just adds this patch
which notes a potential security issue:
https://git.busybox.net/busybox/commit/?id=a116552869db5e7793ae10968eb3
c962c69b3d8c
> libpng: Security fix CVE-2015-8126
> libpng: Security fix CVE-2015-8472
> libgcrypt: Security fix CVE-2015-7511
> curl: Security fix CVE-2016-0754
> curl: Secuirty fix CVE-2016-0755
> bind: Security fix CVE-2015-8461
> nettle: Security fix CVE-2015-8803 and CVE-2015-8805
> nettle: Security fix CVE-2015-8804
> git: Security fixes CVE-2015-7545
>
> Li Zhou (1):
> rpcbind: Security Advisory - rpcbind - CVE-2015-7236
Queued in joshuagl/fido-next
Regards,
Joshua
More information about the Openembedded-core
mailing list