mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-14 05:49:57 +00:00
Code Issues Projects Releases Wiki Activity
23,501 Commits 64 Branches 0 Tags
82a9ac867d2f661b77435e13842ab42a63a352ac
T
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Peter Marko 82a9ac867d squid: conditionally set status of CVE-2024-45802 
According to [1] the ESI feature implementation in squid is vulnerable
without any fix available.
NVD says it's fixed in 6.10, however the change in this release only
disables ESI by default (which we always did via PACKAGECONFIG).

Commit in master branch related to this CVE is [2].
Title is "Remove Edge Side Include (ESI) protocol" and it's also what it
does. So there will never be a fix for these ESI vulnerabilities.

We should not break features in LTS branch and cannot fix this problem.
So ignrore this CVE based on set PACKAGECONFIG which should remove it
from reports for most users. Thos who need ESI need to assess the risk
themselves.

[1] https://github.com/squid-cache/squid/security/advisories/GHSA-f975-v7qw-q7hj
[2] https://github.com/squid-cache/squid/commit/5eb89ef3d828caa5fc43cd8064f958010dbc8158

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2024-12-08 14:38:16 -05:00
contrib
pw-am.sh: update to new patcwork system
2022-02-28 08:39:26 -08:00
meta-filesystems
ntfs-3g-ntfsprogs: Upgrade 2022.5.17 to 2022.10.3
2023-11-03 10:48:35 -04:00
meta-gnome
gnome-shell: correct regression with glib-2.0 fix for CVE-2024-34397
2024-06-27 11:24:46 -04:00
meta-initramfs
grubby: Update branchname to match upstream
2023-11-03 10:49:37 -04:00
meta-multimedia
packagegroup-meta-multimedia: restore x11 restriction for projucer
2023-11-03 10:51:09 -04:00
meta-networking
squid: conditionally set status of CVE-2024-45802
2024-12-08 14:38:16 -05:00
meta-oe
poco: use main instead of master branch
2024-12-08 14:38:16 -05:00
meta-perl
meta-perl: Drop broken BBCLASSEXTEND variants
2023-11-17 10:48:51 -05:00
meta-python
python3-geomet: fix branch parameter
2024-12-08 14:38:16 -05:00
meta-webserver
nginx: Backport fix for CVE-2024-7347
2024-08-25 18:12:00 -04:00
meta-xfce
xfce4-panel-profiles:fix tar error
2024-07-17 20:10:27 -04:00
.gitignore
.gitignore: add *.pyc and *.pyo
2019-06-15 16:45:33 -07:00
COPYING.MIT
add README and license for this layer
2011-02-13 16:47:32 +01:00
README
meta-openemnedded: Add myself as kirkstone maintainer
2022-04-23 17:14:31 -07:00

README 

Collection of layers for the OE-core universe

Main layer maintainer: Armin Kuster <akuster808@gmail.com>

This repository is a collection of layers to suppliment OE-Core
with additional packages, Each layer have designated maintainer
Please see the respective READMEs in the layer subdirectories
Reference in New Issue View Git Blame Copy Permalink
S
Description
No description provided
Readme 113 MiB
Languages
BitBake 85.5%
Shell 6.1%
C 3%
Roff 2.1%
NASL 1.9%
Other 1.1%