meta-openembedded

mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-14 05:49:57 +00:00

T

Armin Kuster 6be10fe608 redis: update to 5.0.14

Bug fix only updates. see: https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES

Including these cves:

5.0.14
Security Fixes:
* (CVE-2021-41099) Integer to heap buffer overflow handling certain string
commands and network payloads, when proto-max-bulk-len is manually configured
to a non-default, very large value [reported by yiyuaner].
* (CVE-2021-32762) Integer to heap buffer overflow issue in redis-cli and
redis-sentinel parsing large multi-bulk replies on some older and less common
platforms [reported by Microsoft Vulnerability Research].
* (CVE-2021-32687) Integer to heap buffer overflow with intsets, when
set-max-intset-entries is manually configured to a non-default, very large
value [reported by Pawel Wieczorkiewicz, AWS].
* (CVE-2021-32675) Denial Of Service when processing RESP request payloads with
a large number of elements on many connections.
* (CVE-2021-32672) Random heap reading issue with Lua Debugger [reported by
Meir Shpilraien].
* (CVE-2021-32628) Integer to heap buffer overflow handling ziplist-encoded
data types, when configuring a large, non-default value for
hash-max-ziplist-entries, hash-max-ziplist-value, zset-max-ziplist-entries
or zset-max-ziplist-value [reported by sundb].
* (CVE-2021-32627) Integer to heap buffer overflow issue with streams, when
configuring a non-default, large value for proto-max-bulk-len and
client-query-buffer-limit [reported by sundb].
* (CVE-2021-32626) Specially crafted Lua scripts may result with Heap buffer
overflow [reported by Meir Shpilraien].

5.0.11
Integer overflow on 32-bit systems (CVE-2021-21309):
Redis 4.0 or newer uses a configurable limit for the maximum supported bulk
input size. By default, it is 512MB which is a safe value for all platforms.
If the limit is significantly increased, receiving a large request from a client
may trigger several integer overflow scenarios, which would result with buffer
overflow and heap corruption.

5.0.10
This release fixes a potential heap overflow when using a heap allocator other
than jemalloc or glibc's malloc. See:
https://github.com/redis/redis/pull/7963

Signed-off-by: Armin Kuster <akuster808@gmail.com>

2021-10-29 07:34:58 -07:00

contrib

tesseract: upgrade to 3.04

2016-10-21 18:20:43 +02:00

meta-filesystems

fuse: Whitelisted CVE-2019-14860

2021-05-14 10:03:51 -07:00

meta-gnome

sysprof: Enable sysprofd/libsysprof only when polkit in DISTRO_FEATURES

2021-07-12 06:49:51 -07:00

meta-initramfs

ubi-utils-klibc: Remove trailing slash from S

2020-11-09 18:56:22 -08:00

meta-multimedia

bigbuckbunny-1080p: fix sample video URL

2021-08-14 13:45:08 -07:00

meta-networking

tcpdump: Update CVE-2020-8037 tag

2021-10-01 14:49:10 -07:00

meta-oe

redis: update to 5.0.14

2021-10-29 07:34:58 -07:00

meta-perl

libnet-dns-perl: upgrade 1.23 -> 1.24

2020-06-12 09:32:24 -07:00

meta-python

python3-{pyyaml,cython,pyparsing}: move from meta-python to meta-oe

2021-07-25 13:36:16 -07:00

meta-webserver

Apache: Several CVE fixes

2021-10-28 21:13:40 -07:00

meta-xfce

thunar: upgrade 1.8.14 -> 1.8.15

2020-05-28 21:50:13 -07:00

.gitignore

.gitignore: add *.pyc and *.pyo

2019-06-15 16:45:33 -07:00

COPYING.MIT

add README and license for this layer

2011-02-13 16:47:32 +01:00

README

README: updated Maintainers list for Dunfell

2020-05-05 16:47:34 -07:00

README

Collection of layers for the OE-core universe

dunfell maintainer: Armin Kuster  <akuster808@gmail.com>

This repository is a collection of layers to suppliment OE-Core
with additional packages, Each layer have designated maintainer
Please see the respective READMEs in the layer subdirectories

Languages

BitBake 85.5%

Shell 6.1%

C 3%

Roff 2.1%

NASL 1.9%

Other 1.1%