mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-14 05:49:57 +00:00
Code Issues Projects Releases Wiki Activity
23,442 Commits 64 Branches 0 Tags
cfcc9f99456a4c51594eebb859621752ea0bd906
T
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Meenali Gupta cfcc9f9945 openvpn: fix multiple CVEs 
CVE-2024-24974:
Previously, the VPN tool’s Windows implementation allowed remote access to
its service pipe, posing a security risk. Using compromised credentials, a
threat actor could communicate with OpenVPN to orchestrate attacks.

CVE-2024-27903:
OpenVPN has mitigated the risk by restricting plugin load. Plugins can
now only be loaded from the software’s install directory, the Windows
system directory, and the plugin_dir directory under the software’s installation.

CVE-2024-27459:
This vulnerability affects the interactive service component, potentially leading
to local privilege escalation when triggered by an oversized message.To mitigate
this risk, the VPN solution now terminates connections upon detecting excessively
large messages, preventing stack overflow exploits.

References:
https://openvpn.net/security-advisory/ovpnx-vulnerability-cve-2024-27903-cve-2024-27459-cve-2024-24974/
https://socradar.io/openvpn-fixed-multiple-vulnerabilities-on-windows/
https://community.openvpn.net/openvpn/wiki/CVE-2024-27903
https://community.openvpn.net/openvpn/wiki/CVE-2024-27459
https://community.openvpn.net/openvpn/wiki/CVE-2024-24974

Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2024-06-27 11:21:22 -04:00
contrib
pw-am.sh: update to new patcwork system
2022-02-28 08:39:26 -08:00
meta-filesystems
ntfs-3g-ntfsprogs: Upgrade 2022.5.17 to 2022.10.3
2023-11-03 10:48:35 -04:00
meta-gnome
meta-oe-components: Avoid usage of nobranch=1
2023-09-04 12:01:53 -04:00
meta-initramfs
grubby: Update branchname to match upstream
2023-11-03 10:49:37 -04:00
meta-multimedia
packagegroup-meta-multimedia: restore x11 restriction for projucer
2023-11-03 10:51:09 -04:00
meta-networking
openvpn: fix multiple CVEs
2024-06-27 11:21:22 -04:00
meta-oe
nodejs: fix CVE-2023-46809
2024-06-02 15:10:59 -04:00
meta-perl
meta-perl: Drop broken BBCLASSEXTEND variants
2023-11-17 10:48:51 -05:00
meta-python
python3-pyyaml-include: support native and nativesdk build
2024-06-27 11:20:34 -04:00
meta-webserver
nginx-1.21.1: Drop reference to removed patch
2024-06-27 11:20:56 -04:00
meta-xfce
xfce4-settings: 4.16.2 -> 4.16.5
2022-12-26 14:57:03 -05:00
.gitignore
.gitignore: add *.pyc and *.pyo
2019-06-15 16:45:33 -07:00
COPYING.MIT
add README and license for this layer
2011-02-13 16:47:32 +01:00
README
meta-openemnedded: Add myself as kirkstone maintainer
2022-04-23 17:14:31 -07:00

README 

Collection of layers for the OE-core universe

Main layer maintainer: Armin Kuster <akuster808@gmail.com>

This repository is a collection of layers to suppliment OE-Core
with additional packages, Each layer have designated maintainer
Please see the respective READMEs in the layer subdirectories
Reference in New Issue View Git Blame Copy Permalink
S
Description
No description provided
Readme 113 MiB
Languages
BitBake 85.5%
Shell 6.1%
C 3%
Roff 2.1%
NASL 1.9%
Other 1.1%