mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-06-01 13:09:50 +00:00
Code Issues Projects Releases Wiki Activity
Files
yocto-4.0.20
poky/meta/recipes-connectivity
T
History
Jose Quaresma 979f68bad0 openssh: fix CVE-2024-6387 
sshd(8) in Portable OpenSSH versions 8.5p1 to 9.7p1 (inclusive).
Race condition resulting in potential remote code execution.
A race condition in sshd(8) could allow remote code execution as root on non-OpenBSD systems.
This attack could be prevented by disabling the login grace timeout (LoginGraceTime=0 in sshd_config)
though this makes denial-of service against sshd(8) considerably easier.
For more information, please refer to the release notes [1] and the
report from the Qualys Security Advisory Team [2] who discovered the bug.

[1] https://www.openssh.com/txt/release-9.8
[2] https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt

References:
https://www.openssh.com/security.html

(From OE-Core rev: ddb998d16fd869acb00a1cd8038ada20fd32aa8b)

Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>

v2: include the missing cve tag: CVE: CVE-2024-6387
v3: add the Signed-off-by on the CVE-2024-6387.patch
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2024-07-09 06:06:09 -07:00
..
avahi
avahi: backport CVE-2023-1981 & CVE's follow-up patches
2023-12-15 04:00:33 -10:00
bind
bind: Upgrade 9.18.19 -> 9.18.24
2024-03-07 08:32:54 -10:00
bluez5
bluez5: Fix CVE-2023-27349 CVE-2023-50229 & CVE-2023-50230
2024-05-16 05:22:09 -07:00
connman
connman: fix warning by specifying runstatedir at configure time
2023-07-01 08:37:25 -10:00
dhcpcd
dhcpcd: use git instead of tarballs
2023-05-30 04:11:15 -10:00
inetutils
inetutils: Backport fix for CVE-2023-40303
2023-09-08 16:09:41 -10:00
iproute2
iproute2: upgrade 5.16.0 -> 5.17.0
2022-03-29 15:59:29 +01:00
iw
iw: upgrade 5.9 -> 5.16
2021-11-10 19:27:28 +00:00
kea
kea: submit patch upstream
2022-11-24 15:30:01 +00:00
libnss-mdns
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
libpcap
libpcap: Disable DPDK explicitly
2022-02-12 17:05:35 +00:00
libuv
libuv: fix CVE-2024-24806
2024-02-28 03:32:09 -10:00
mobile-broadband-provider-info
mobile-broadband-provider-info: upgrade 20221107 -> 20230416
2023-07-01 08:37:24 -10:00
neard
neard: Switch SRC_URI to git repo
2022-05-04 13:07:34 +01:00
nfs-utils
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
ofono
ofono: fix CVE-2023-4233
2024-05-15 09:44:14 -07:00
openssh
openssh: fix CVE-2024-6387
2024-07-09 06:06:09 -07:00
openssl
OpenSSL: Security fix for CVE-2024-5535
2024-07-09 06:06:09 -07:00
ppp
ppp: Add RSA-MD in LICENSE
2024-05-15 09:44:16 -07:00
ppp-dialin
Convert to new override syntax
2021-08-02 15:44:10 +01:00
resolvconf
resolvconf: make it work
2022-12-07 15:02:45 +00:00
socat
socat: upgrade 1.7.4.3 -> 1.7.4.4
2022-11-24 15:30:00 +00:00
ssh-pregen-hostkeys
wpa-supplicant
wpa-supplicant: update 2.9 -> 2.10
2022-02-01 07:31:18 +00:00