mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-01-12 03:24:08 +00:00
Code Issues Projects Releases Wiki Activity
23,577 Commits 63 Branches 0 Tags
fedd8cf51d6f6a2846bc266a9934e6d218bc2de6
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Changqing Li fedd8cf51d nginx: fix CVE-2025-23419 
CVE-2025-23419:
When multiple server blocks are configured to share the same IP address
and port, an attacker can use session resumption to bypass client
certificate authentication requirements on these servers. This
vulnerability arises when TLS Session Tickets
https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_ticket_key
are used and/or the SSL session cache
https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_cache
are used in the default server and the default server is performing
client certificate authentication.   Note: Software versions which have
reached End of Technical Support (EoTS) are not evaluated.

Refer:
https://nvd.nist.gov/vuln/detail/CVE-2025-23419

This partially cherry picked from commit
13935cf9fdc3c8d8278c70716417d3b71c36140e, the original patch had 2
parts. One fixed problem in `http/ngx_http_request` module and the
second fixed problem in `stream/ngx_stream_ssl_module` module.  The fix
for `stream/ngx_stream_ssl_module can't be aplied because, the 'stream
virtual servers' funcionality was added later in this commit:
d21675228a.
Therefore only `http/ngx_http_request` part was backported.

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2025-03-06 09:48:58 -05:00
contrib
pw-am.sh: update to new patcwork system
2022-02-28 08:39:26 -08:00
meta-filesystems
ntfs-3g-ntfsprogs: fix CVE-2023-52890
2024-12-08 15:02:11 -05:00
meta-gnome
libgsf: Upgrade 1.14.49 -> 1.14.53
2024-12-08 15:04:56 -05:00
meta-initramfs
grubby: Update branchname to match upstream
2023-11-03 10:49:37 -04:00
meta-multimedia
packagegroup-meta-multimedia: Remove library only packages from rdeps
2025-01-01 09:13:52 -05:00
meta-networking
freediameter: fix do_fetch warning
2025-03-06 09:40:20 -05:00
meta-oe
abseil-cpp: fix CVE-2025-0838
2025-03-06 09:48:36 -05:00
meta-perl
meta-perl: Drop broken BBCLASSEXTEND variants
2023-11-17 10:48:51 -05:00
meta-python
python3-future: upgrade 0.18.2 -> 0.18.3
2025-03-06 09:39:34 -05:00
meta-webserver
nginx: fix CVE-2025-23419
2025-03-06 09:48:58 -05:00
meta-xfce
xfce4-panel-profiles:fix tar error
2024-07-17 20:10:27 -04:00
.gitignore
.gitignore: add *.pyc and *.pyo
2019-06-15 16:45:33 -07:00
COPYING.MIT
add README and license for this layer
2011-02-13 16:47:32 +01:00
README
meta-openemnedded: Add myself as kirkstone maintainer
2022-04-23 17:14:31 -07:00

README 

Collection of layers for the OE-core universe

Main layer maintainer: Armin Kuster <akuster808@gmail.com>

This repository is a collection of layers to suppliment OE-Core
with additional packages, Each layer have designated maintainer
Please see the respective READMEs in the layer subdirectories
Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme 115 MiB
Languages
BitBake 84.3%
Shell 6.4%
C 3.1%
Roff 2.3%
NASL 2%
Other 1.8%