mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-14 17:59:59 +00:00
Code Issues Projects Releases Wiki Activity
Files
06d80777f47891ec876b55212790deb5fef9116e
meta-openembedded/meta-oe
T
History
Yi Zhao 06d80777f4 krb5: fix CVE-2021-36222 
Source: https://git.openembedded.org/meta-openembedded
MR: 112165
Type: Security Fix
Disposition: Backport from  https://git.openembedded.org/meta-openembedded/commit/meta-oe/recipes-connectivity/krb5?id=69087d69d01a4530e2d588036fcbeaf8856b2ff1
ChangeID: e7cdfd1c4530312b4773103cf58d322451af1421
Description:

CVE-2021-36222:
ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC)
in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2
allows remote attackers to cause a NULL pointer dereference and daemon
crash. This occurs because a return value is not properly managed in a
certain situation.

References:
https://nvd.nist.gov/vuln/detail/CVE-2021-36222

Patches from:
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 620badcbf8a59fbd2cdda6ab01c4ffba1c3ee327)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit 523f6d834d)
[Fixup for Dunfell context]
Signed-off-by: Armin Kuster <akuster@mvista.com>
2021-09-10 13:23:06 -07:00
..
classes
conf
dynamic-layers
gperftools: Do not build on riscv
2020-04-25 08:32:41 -07:00
lib/oeqa/selftest/cases
licenses
recipes-benchmark
recipes-bsp
flashrom: Fix build failure with glibc 2.32
2020-07-30 21:25:51 -07:00
recipes-connectivity
krb5: fix CVE-2021-36222
2021-09-10 13:23:06 -07:00
recipes-core
packagegroup-meta-oe: add guider
2021-04-07 08:55:15 -07:00
recipes-crypto
libmcrypt: set CLEANBROKEN
2020-07-12 19:20:17 -07:00
recipes-dbs
mariadb: update to 10.4.20
2021-07-21 09:25:14 -07:00
recipes-devtools
php: move to version 7.4.21
2021-08-14 13:54:01 -07:00
recipes-extended
dlt-daemon: update from 2.18.6 to 2.18.7
2021-09-05 09:53:43 -07:00
recipes-gnome
recipes-graphics
xterm: Security fix for CVE-2021-27135
2021-08-24 21:25:43 -07:00
recipes-kernel
minicoredumper: update SRC_URI to use github instead
2020-07-12 19:20:37 -07:00
recipes-multimedia
mpv: fetch waf in do_fetch
2020-11-09 19:09:03 -08:00
recipes-navigation
gpsd: mark CLEANBROKEN
2021-01-31 09:42:35 -08:00
recipes-printing
qpdf: fix typo in RDEPENDS
2020-06-12 09:32:04 -07:00
recipes-security
passwdqc: remove double modify operation
2020-06-12 09:32:24 -07:00
recipes-shells
mksh: upgrade 57 -> 58
2020-04-14 21:26:57 -07:00
recipes-support
nss: Two Security fixes CVE-2020-6829 and 12400
2021-09-05 11:54:45 -07:00
recipes-test
cunit: fix upstream check URL
2020-04-05 10:38:14 -07:00
COPYING.MIT
README
meta-oe/README: add Ubuntu prerequisite information
2021-02-15 08:21:20 -08:00

README 

meta-oe
=======

This layer depends on:

URI: git://github.com/openembedded/openembedded-core.git
branch: dunfell
revision: HEAD

luajit recipe requires host compiler to be able to generate 32bit code when target is 32bit
e.g. arm, so ensure that $CC -m32 is functional on build host, if building this recipe, needed
packages to fullfit this might have different names on different host distributions
e.g. on archlinux based distributions install prerequisites like below

pacman -S lib32-gcc-libs lib32-glibc

Ubuntu
sudo apt-get install gcc-multilib

Send pull requests to openembedded-devel@lists.openembedded.org with '[meta-oe][dunfell]' in the subject'

When sending single patches, please use something like:
'git send-email -M -1 --to openembedded-devel@lists.openembedded.org --subject-prefix=meta-oe][dunfell][PATCH'

You are encouraged to fork the mirror on GitHub https://github.com/openembedded/meta-openembedded
to share your patches, this is preferred for patch sets consisting of more than one patch.

Other services like GitLab, repo.or.cz or self-hosted setups are of course accepted as well,
'git fetch <remote>' works the same on all of them. We recommend GitHub because it is free, easy
to use, has been proven to be reliable and has a really good web GUI.

dunfell maintainer: Armin Kuster <akuster808@gmail.com>
Reference in New Issue View Git Blame Copy Permalink