mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-01-29 21:08:42 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
208a66a96b36b1a9bcccd4e5ccfe7aad2d6957bd
poky/meta/recipes-connectivity
History
David Nyström 2142f17368 openssh: fix CVE-2025-61984 
ssh in OpenSSH before 10.1 allows control characters in usernames that
originate from certain possibly untrusted sources, potentially leading
to code execution when a ProxyCommand is used. The untrusted sources
are the command line and %-sequence expansion of a configuration file.

Note:
openssh does not support variable expansion until 10.0, so backport
adapts for this.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-61984

Upstream patch:
35d5917652

(From OE-Core rev: 717d4c7609cdce2cc3a65b7ba69c316fa86a9333)

Signed-off-by: David Nyström <david.nystrom@est.tech>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-10-24 06:23:40 -07:00
..
avahi
avahi: fix CVE-2024-52615
2025-08-20 07:37:19 -07:00
bind
bind: Upgrade 9.18.28 -> 9.18.33
2025-02-28 06:45:14 -08:00
bluez5
bluez5: backport a patch to fix btmgmt -i
2025-05-08 13:37:30 -07:00
connman
connman :fix CVE-2025-32366
2025-05-27 09:38:57 -07:00
dhcpcd
dhcpcd: upgrade 10.0.5 -> 10.0.6
2023-12-30 11:03:07 +00:00
inetutils
inetutils: Update to the 2.5 release
2024-01-03 23:36:34 +00:00
iproute2
iproute2: Fix build with GCC-14
2024-06-20 06:29:44 -07:00
iw
iw: Fix LICENSE
2024-09-19 05:11:35 -07:00
kea
kea: set correct permissions for /var/run/kea
2025-07-21 09:07:22 -07:00
libnss-mdns
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
libpcap
libpcap: Security fix for CVE-2023-7256 & CVE-2024-8006
2024-09-25 05:07:47 -07:00
libuv
libuv: Upgrade 1.47.0 -> 1.48.0
2024-02-19 11:34:33 +00:00
mobile-broadband-provider-info
mobile-broadband-provider-info: upgrade 20230416 -> 20240407
2024-07-26 07:43:46 -07:00
neard
neard: upgrade 0.18 -> 0.19
2023-09-02 18:23:05 +01:00
nfs-utils
nfs-utils: don't use signals to shut down nfs server.
2025-06-05 08:41:15 -07:00
ofono
ofono: patch CVE-2024-7537
2025-04-16 06:41:24 -07:00
openssh
openssh: fix CVE-2025-61984
2025-10-24 06:23:40 -07:00
openssl
openssl: upgrade 3.2.4 -> 3.2.6
2025-10-13 12:42:58 -07:00
ppp
ppp: patch CVE-2024-58250
2025-05-02 08:20:11 -07:00
ppp-dialin
recipes: Drop remaining PR values from recipes
2023-09-22 07:45:17 +01:00
resolvconf
resolvconf: upgrade 1.91 -> 1.92
2023-12-02 17:18:57 +00:00
slirp
libslirp: add recipe to continue slirp support in qemu
2022-12-26 18:49:07 +00:00
socat
socat: patch CVE-2024-54661
2025-01-24 07:59:38 -08:00
ssh-pregen-hostkeys
ssh-pregen-hostkeys: Add a recipe with pregenerated ssh host keys
2020-09-23 20:54:04 +01:00
wpa-supplicant
wpa-supplicant: fix CVE-2022-37660
2025-09-22 13:17:52 -07:00