mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-14 05:49:57 +00:00
Code Issues Projects Releases Wiki Activity
30,548 Commits 64 Branches 0 Tags
3b752bfb183522b351f9681011ffb5cc3f5cc86b
Commit Graph

3712 Commits

Author SHA1 Message Date
Gyorgy Sarvari 37bfef7bf6 http-parser: fix SRC_URI branch 
master branch was renamed to main

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-11-12 11:32:41 +05:30
Gyorgy Sarvari b915e3d3f6 netsniff-ng: fix SRC_URI branch 
Source branch was renamed from master to main.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-11-12 11:32:41 +05:30
Ankur Tyagi f029d98026 squid: upgrade 6.12 -> 6.14 
License-Update: copyright years updated

Changelog:
https://github.com/squid-cache/squid/releases/tag/SQUID_6_13
https://github.com/squid-cache/squid/releases/tag/SQUID_6_14

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-11-12 11:28:45 +05:30
Peter Marko 64eecac264 squid: download from github 
Devtool could not find latest versions before.

Download page [1] shows message
"Squid sources are released through GitHub. Please refer to the Releases
Page to find all released versions."

Note that also squid security advisories were moved to Github.

[1] https://www.squid-cache.org/Versions/

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f088e1e1f9)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-11-12 11:28:45 +05:30
Peter Marko 817253bd45 squid: upgrade 6.10 -> 6.12 
License-Update: copyright year updated

Add patch to fix new build failure from release tarball.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 928ef34ead)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-11-12 11:28:45 +05:30
Peter Marko 42e51b1e59 squid: Upgrade to 6.10 
Solves CVE-2024-37894

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c393973c85)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-11-12 11:28:45 +05:30
Ankur Tyagi 102c073c35 freeradius: upgrade 3.2.5 -> 3.2.6 
Release Notes:
https://github.com/FreeRADIUS/freeradius-server/releases/tag/release_3_2_6

Refresh patch 0008-libtool-do-not-use-jlibtool.patch due to upstream commit:
https://github.com/FreeRADIUS/freeradius-server/commit/315f09e4ebde14f171f107020f05473dbc9ac8f6

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-11-12 11:14:57 +05:30
Ankur Tyagi 1d9c04fea8 frr: upgrade 9.1 -> 9.1.3 
Dropped patches which are part of this release.

Release Notes:
https://github.com/FRRouting/frr/releases/tag/frr-9.1.1
https://github.com/FRRouting/frr/releases/tag/frr-9.1.2
https://github.com/FRRouting/frr/releases/tag/frr-9.1.3

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-11-12 11:14:57 +05:30
Ankur Tyagi b1caeb9438 arno-iptables-firewall: upgrade 2.1.1 -> 2.1.1a 
Release Notes:
https://github.com/arno-iptables-firewall/aif/releases/tag/2.1.1a

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-11-12 11:14:57 +05:30
Ankur Tyagi 2020ebf1f9 iscsi-initiator-utils: upgrade 2.1.8 -> 2.1.9 
This release sees more bug fixes, and no major functional changes.
Several memory issues were addressed in iscsiuio, making it more reliable.

Changelog:
https://github.com/open-iscsi/open-iscsi/blob/2.1.9/Changelog

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-11-12 11:14:57 +05:30
Ankur Tyagi 90fa6fc6e8 proftpd: upgrade 1.3.7c -> 1.3.7f 
https://github.com/proftpd/proftpd/blob/1.3.7/NEWS

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-11-12 11:14:57 +05:30
Ross Burton 1598b0778f pureftp: fix autoreconf 
autoreconf needs to be told where to find macros as the Makefile.am does
not do this.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 76a756989a)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-11-12 11:14:57 +05:30
Wang Mingyu 5366dd804c pure-ftpd: upgrade 1.0.51 -> 1.0.52 
nostrip.patch
refreshed for 1.0.52

License-Update: Copyright year updated to 2024

Changelog:
==========
 - The QUIT command is now accepted during a transfer.
 - The server can be built with --with-minimal again.
 - Fixed an out of bounds read in the MLSD command.
 - Larger mmap()ed pages are used on aarch64.
 - Improved compatibility with HPUX
 - Improved OpenSSL API compatibility
 - Improved compatibility with OpenWall Linux
 - Improved compatibility with Netfilter

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit fac6357f60)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-11-12 11:14:57 +05:30
Chaitanya Vadrevu ffafc7575f samba: Run populate-volatile.sh update in postinst 
samba-common installs a volatiles configuration file but had not been
calling populate-volatile.sh to apply the configuration. This causes
samba installation to fail on a running target due to missing
directories.

Call "populate-volatile.sh update" in samba-common's postinst which
creates the required directories and enables samba to work.

Signed-off-by: Chaitanya Vadrevu <chaitanya.vadrevu@emerson.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9fd087d298)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-11-12 11:14:57 +05:30
Ankur Tyagi 7632025d8a postfix: upgrade 3.8.9 -> 3.8.12 
Release Notes:
http://ftp.porcupine.org/mirrors/postfix-release/official/postfix-3.8.12.RELEASE_NOTES

Dropped 0006-postfix-add-preliminary-setting.patch as changes are now part
of current version 3.8.12 (20250919)
http://ftp.porcupine.org/mirrors/postfix-release/official/postfix-3.8.12.HISTORY

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-11-12 11:14:57 +05:30
Yi Zhao cab0df9423 postfix: upgrade 3.8.6 -> 3.8.9 
ChangeLog:
http://ftp.porcupine.org/mirrors/postfix-release/official/postfix-3.8.9.HISTORY

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9e656e3ac2)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-11-12 11:14:57 +05:30
Yi Zhao 0c61ce55ca samba: upgrade 4.19.8 -> 4.19.9 
ChangeLog:
https://www.samba.org/samba/history/samba-4.19.9.html

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f7305be2c8)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-11-12 11:14:57 +05:30
Yi Zhao 7053ee82cb libldb: upgrade 2.8.1 -> 2.8.2 
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e48e7e48a2)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-11-12 11:14:57 +05:30
Martin Schwan 45a60884b8 kronosnet: Fetch version tag with BB_GIT_SHALLOW_EXTRA_REFS 
Fetch the needed Git tag by using BB_GIT_SHALLOW_EXTRA_REFS. This fixes
the following autotools configuration error:

| build-aux/git-version-gen: WARNING: .gitarchivever doesn't contain valid version tag
| build-aux/git-version-gen: ERROR: Can't find valid version. Please use valid git repository, released tarball or version tagged archive
| configure.ac:22: error: AC_INIT should be called with package and version arguments

Signed-off-by: Martin Schwan <m.schwan@phytec.de>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-11-12 11:14:57 +05:30
Vijay Anusuri f5deba31bf wireshark: Fix CVE-2025-9817 
Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/39daba5e247ea495f88b0be82f0b7ebbdbf50fba

Link: https://gitlab.com/wireshark/wireshark/-/issues/20642
      https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-9817
      https://ftp.lysator.liu.se/pub/opensuse/update/leap/15.6/sle/src/wireshark-4.2.13-150600.18.26.1.src.rpm

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-11-12 11:14:57 +05:30
Vijay Anusuri 763886c7d1 wireshark: Upgrade 4.2.12 -> 4.2.14 
releasenote:
https://www.wireshark.org/docs/relnotes/wireshark-4.2.13.html
https://www.wireshark.org/docs/relnotes/wireshark-4.2.14.html

Includes security fix CVE-2025-11626

Link: https://gitlab.com/wireshark/wireshark/-/issues/20724

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-11-12 11:14:56 +05:30
Patrick Vogelaar d9c8972cb7 unbound: patch CVE-2024-33655 and CVE-2025-11411 
For CVE-2024-33655 applied patch [1] mentioned in [2].
For CVE-2025-11411 applied minimal patch [3] mentioned in [4]. (Slightly
adjustments were required to apply properly)

[1] https://nlnetlabs.nl/downloads/unbound/patch_CVE-2024-33655.diff
[2] https://www.nlnetlabs.nl/downloads/unbound/CVE-2024-33655.txt
[3] https://nlnetlabs.nl/downloads/unbound/patch_CVE-2025-11411.diff
[4] https://www.nlnetlabs.nl/downloads/unbound/CVE-2025-11411.txt

Signed-off-by: Patrick Vogelaar <patrick.vogelaar@belden.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-11-12 11:14:56 +05:30
Gianfranco Costamagna 4084b10111 mosquitto: bump to 2.0.22 
Refresh patches, drop patch 3238, now part of upstream codebase

Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org>
Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-11-12 10:44:37 +05:30
Louis Rannou d6c4331e25 mosquitto: bump to 2.0.21 
Upgrade to mosquitto 2.0.21. Update the patch status for issue 2895 and create a
new patch for an issue introduced in 2.0.19 which causes connections to get down
when the clock is changed.

Signed-off-by: Louis Rannou <louis.rannou@non.se.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2025-11-12 10:44:37 +05:30
Peter Marko 08ee2e37ba squid: patch CVE-2025-59362 
Pick commit from PR mentioned in NVD report.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
 2025-10-30 15:13:15 +08:00
Ankur Tyagi 5657774a70 mbedtls: upgrade 3.6.4 -> 3.6.5 
Fixes security vulnerabilities CVE-2025-59438, CVE-2025-54764

Changelog:
https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.6.5

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
 2025-10-30 15:08:13 +08:00
Ankur Tyagi ea3f4567b5 libiec61850: patch CVE-2024-45971 
Details https://nvd.nist.gov/vuln/detail/CVE-2024-45971

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
 2025-10-30 15:02:20 +08:00
Ankur Tyagi 53b229b25b libiec61850: patch CVE-2024-45970 
Details https://nvd.nist.gov/vuln/detail/CVE-2024-45970

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
 2025-10-30 15:02:08 +08:00
Ankur Tyagi 1c8594a797 libiec61850: patch CVE-2024-26529 
Details https://nvd.nist.gov/vuln/detail/CVE-2024-26529

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
 2025-10-30 15:01:56 +08:00
Wang Mingyu ab31e7fd40 libiec61850: upgrade 1.5.1 -> 1.5.3 
Changelog:
=============
- config file parser dynamically allocates linebuffer to allow multithreaded applications
- parse time values in model configuration file
- config file generator: added missing code for GSEControl
- Config file generator: support multiple access points for GOOSE and SMV control blocks
- config file generator: added code to add SMVCBs to config files
- IED server: added code to create SMVCBs with the dynamic model API
- MMS server: added support for write access with component alternate access
- MMS client: added function MmsConnection_writeVariableComponent to write to variables with alternate component access
- make write access to RCB elements configurable according to ReportSettings
- Added function IedConnection_setLocalAddress to define local IP address and optionally local port of a client connection
- IED server: added ControlAction_getSynchroCheck and ControlAction_getInterlockCheck functions
- fixed - IEC 61580 server: dataset is not released when RCB.Datset is set to empty string by client
- PAL: fixed wrong order of function arguments for fread and fwrite functions
- MMS client: parsing of servicecsSupported in MMS init response is off by one
- fixed - potential memory leaks in goose publisher code
- fixed - server sends dchg report when only dupd is enabled in RCB
- GOOSE subscriber: fixed - possible heap corruption in parseAllData due to missing validity check in bit-string handling
- IED server: fixed problem with implicit ResvTms setting when reserved with RptEna
- IED server: fixed - segmentation fault when compiled with CONFIG_MMS_THREADLESS_STACK
- fixed - MMS server: messages can be corrupted when TCP buffer is full
- fixed - .NET: IedConenction.WriteDataSetValues throws a NullReferenceException
- fixed - server send invalid response- when client uses wrong ctlModel
- fixed - IedConnection_setRCBValuesAsync crashes when RCB is already reserved by other client
- fixed - outstanding call not released in IedConnection_getDataSetDirectoryAsync

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 1b0f933f5b)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
 2025-10-30 15:01:36 +08:00
Ankur Tyagi 1c65291a77 ndpi: ignore CVE-2025-25066 
Details https://nvd.nist.gov/vuln/detail/CVE-2025-25066

CVE was fixed by [1] but the change [2] which introduced CVE was not present this version (4.2).

$ git tag --no-contains b9348e9 | grep 4.2
4.2

[1] https://github.com/ntop/nDPI/commit/678697b5eb6c3caa5dd5f8cccfe9eed8d13b94bb
[2] https://github.com/ntop/nDPI/commit/b9348e9d6e0e754c4b17661c643ca258f1540ca1

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
 2025-10-30 14:43:36 +08:00
Ankur Tyagi b067a34198 memcached: patch CVE-2023-46853 
Details https://nvd.nist.gov/vuln/detail/CVE-2023-46853

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
 2025-10-30 14:43:35 +08:00
Ankur Tyagi 9795c85f02 memcached: patch CVE-2023-46852 
Details https://nvd.nist.gov/vuln/detail/CVE-2023-46852

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
 2025-10-30 14:43:35 +08:00
Peter Marko bf656aa325 memcached: ignore disputed CVE-2022-26635 
Per [1] this is a problem of applications using memcached inproperly.

This should not be a CVE against php-memcached, but for whatever
software the issue was actually found in. php-memcached and
libmemcached provide a VERIFY_KEY flag if they're too lazy to
filter untrusted user input.

[1] https://github.com/php-memcached-dev/php-memcached/issues/519

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 889ccce684)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
 2025-10-30 14:43:35 +08:00
Ankur Tyagi 3e72a5f33c libconfuse: patch CVE-2022-40320 
Pick patch per [1] poiting to [2] pointing to [3].

[1] https://nvd.nist.gov/vuln/detail/CVE-2022-40320
[2] https://github.com/libconfuse/libconfuse/issues/163
[3] https://github.com/libconfuse/libconfuse/commit/d73777c2c3566fb2647727bb56d9a2295b81669b

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c048c04101)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
 2025-10-30 14:43:33 +08:00
Ankur Tyagi 4bb1da31d5 frr: patch CVE-2024-44070 
Details https://nvd.nist.gov/vuln/detail/CVE-2024-44070

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
 2025-10-30 14:43:33 +08:00
Ankur Tyagi 393bb3e0a5 tinyproxy: patch CVE-2023-49606 
Details https://nvd.nist.gov/vuln/detail/CVE-2023-49606

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
(cherry picked from commit 7f8516d8db)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
 2025-10-30 14:43:33 +08:00
Peter Marko 24b0040b4c corosync: patch CVE-2025-30472 
Pick commit from [1] mentioned in [2] from [3]

[1] https://github.com/corosync/corosync/issues/778
[2] https://github.com/corosync/corosync/pull/779
[3] https://nvd.nist.gov/vuln/detail/CVE-2025-30472

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
(cherry picked from commit eab04e4620)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
 2025-10-30 14:43:33 +08:00
Peter Marko a1b17511ca corosync: upgrade 3.1.6 -> 3.1.9 
dbus dir was changed from sysconfdir to datadir

drop unused configure code

License-Update: copyright years refreshed

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
(cherry picked from commit 950c603f21)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
 2025-10-30 14:43:33 +08:00
Peter Marko 64f9120014 corosync: fix upstream version check 
github-releases is needed that it work at all:
ERROR: Automatic discovery of latest version/revision failed - you must provide a version using the --version/-V option, or for recipes that fetch from an SCM such as git, the --srcrev/-S option.

UPSTREAM_CHECK_GITTAGREGEX is needed to get correct version, otherwise:
$ devtool latest-version corosync
...
INFO: Current version: 3.1.6
INFO: Latest version: 414.336.75.75.75

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
(cherry picked from commit 9aed476a90)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
 2025-10-30 14:43:33 +08:00
Christos Gavros 68f8ea24d0 corosync: reproducibility issue 
Corosync is not reproducible due to change of value
in NETSNMP_SYS_CONTACT which is set in net-snmp:
NETSNMP_SYS_CONTACT = "$ME@$LOC"
$ME = whoami
$LOC assigned domain name from /etc/resolv.conf

Use build in'--with-sys-contact' to overwrite it

https://autobuilder.yoctoproject.org/valkyrie/#/builders/87/builds/30/steps/28/logs/stdio

CC: Yoann Congal <yoann.congal@smile.fr>
CC: Randy MacLeod <randy.macleod@windriver.com>
Signed-off-by: Christos Gavros <gavrosc@yahoo.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit bb138b9f6b)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
 2025-10-30 14:43:33 +08:00
Rajeshkumar Ramasamy 46091f4925 open-vm-tools: fix CVE-2025-41244 
VMware Aria Operations and VMware Tools contain a local privilege
escalation vulnerability. A malicious local actor with non-administrative
privileges having access to a VM with VMware Tools installed and managed
by Aria Operations with SDMP enabled may exploit this vulnerability
to escalate privileges to root on the same VM.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-41244

Upstream-patch:
https://github.com/vmware/open-vm-tools/commit/7ed196cf01f8acd09011815a605b6733894b8aab

Signed-off-by: Rajeshkumar Ramasamy <rajeshkumar.ramasamy@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
 2025-10-30 14:43:30 +08:00
Gyorgy Sarvari 065ff23049 dovecot: patch CVE-2022-30550 
Details: https://nvd.nist.gov/vuln/detail/CVE-2022-30550

Pick the commit referenced in https://www.openwall.com/lists/oss-security/2022/07/08/1

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
 2025-10-06 16:10:53 +08:00
Gyorgy Sarvari 64981bc057 civetweb: patch CVE-2025-55763 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55763

Pick the relevant commit from https://github.com/civetweb/civetweb/pull/1347/

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
 2025-10-06 16:10:34 +08:00
Khem Raj adcb6e9841 ssmping: Use debian mirror for SRC_URI 
Original URI is not accessible anymore
Drop md5sum

Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit ceb9160341)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
 2025-09-23 16:30:15 +08:00
Wang Mingyu 9a3078e6fe rp-pppoe: update SRC_URI 
Upstream repository url changed.

Fixes unsuccessful fetch warning.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c400aca52a)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
 2025-09-23 16:30:15 +08:00
Jeroen Knoops 429e7401a2 nng: Rename default branch of github.com:nanomsg/nng.git 
Default branch is renamed from `master` to `main`. Commitshas are the
same.

Signed-off-by: Jeroen Knoops <jeroen.knoops@philips.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 58679b6a51)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
 2025-09-23 16:30:14 +08:00
Wang Mingyu 371879bee7 geoip: fix do_fetch error 
Change the SRC_URI to the correct value due to the following error:
ERROR: geoip-1.6.12-r0 do_fetch: Bitbake Fetcher Error: FetchError('Unable to fetch URL from any source.', 'http://sources.openembedded.org/GeoIP.dat.20181205.gz;apply=no;name=GeoIP-dat;')

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit aadc2ac9dc)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
 2025-09-23 16:30:14 +08:00
kjlau0112 c29a18fa39 mbedtls: drop tag parameter from SRC_URI. 
Signed-off-by: kjlau0112 <karn.jye.lau@intel.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-08-18 08:35:05 -07:00
Peter Marko ba84c52d55 libcoap: patch CVE-2024-31031 
Pick commit [1] from [2] which fixes [3] as listed in [4].

[1] https://github.com/obgm/libcoap/commit/214665ac4b44b1b6a7e38d4d6907ee835a174928
[2] https://github.com/obgm/libcoap/pull/1352
[3] https://github.com/obgm/libcoap/issues/1351
[4] https://nvd.nist.gov/vuln/detail/CVE-2024-31031

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2025-08-02 13:37:04 -04:00