mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-03-19 05:39:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
d35837e3cd6da1bb1894544ebb7729d64e2d889d
poky/meta/recipes-connectivity
History
Hitendra Prajapati 9f461395a8 openssh: fix CVE-2025-61984 
ssh in OpenSSH before 10.1 allows control characters in usernames that
originate from certain possibly untrusted sources, potentially leading
to code execution when a ProxyCommand is used. The untrusted sources
are the command line and %-sequence expansion of a configuration file.

Note:
openssh does not support variable expansion until 10.0, so backport
adapts for this.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-61984

Upstream-Status: Backport from 35d5917652

(From OE-Core rev: 7ca0c7a4d17c707658669e255689ecd4183c7e9b)

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-12-12 08:49:37 -08:00
..
avahi
avahi: fix CVE-2024-52615
2025-08-08 06:30:55 -07:00
bind
bind: upgrade 9.18.33 -> 9.18.41
2025-11-06 07:14:05 -08:00
bluez5
bluez5: Fix CVE-2023-27349 CVE-2023-50229 & CVE-2023-50230
2024-05-16 05:22:09 -07:00
connman
connman :fix CVE-2025-32366
2025-05-28 08:46:32 -07:00
dhcpcd
dhcpcd: use git instead of tarballs
2023-05-30 04:11:15 -10:00
inetutils
inetutils: Backport fix for CVE-2023-40303
2023-09-08 16:09:41 -10:00
iproute2
iproute2: upgrade 5.16.0 -> 5.17.0
2022-03-29 15:59:29 +01:00
iw
iw: Fix LICENSE
2024-09-16 06:09:56 -07:00
kea
kea: submit patch upstream
2022-11-24 15:30:01 +00:00
libnss-mdns
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
libpcap
libpcap: Security fix for CVE-2023-7256 & CVE-2024-8006
2024-09-27 05:57:34 -07:00
libuv
libuv: fix CVE-2024-24806
2024-02-28 03:32:09 -10:00
mobile-broadband-provider-info
mobile-broadband-provider-info: upgrade 20221107 -> 20230416
2023-07-01 08:37:24 -10:00
neard
neard: Switch SRC_URI to git repo
2022-05-04 13:07:34 +01:00
nfs-utils
nfs-utils: don't use signals to shut down nfs server.
2025-06-04 09:06:31 -07:00
ofono
ofono: fix CVE-2023-4235
2025-07-18 08:32:26 -07:00
openssh
openssh: fix CVE-2025-61984
2025-12-12 08:49:37 -08:00
openssl
openssl: upgrade 3.0.17 -> 3.0.18
2025-10-14 07:20:36 -07:00
ppp
ppp: patch CVE-2024-58250
2025-05-02 08:12:41 -07:00
ppp-dialin
Convert to new override syntax
2021-08-02 15:44:10 +01:00
resolvconf
resolvconf: make it work
2022-12-07 15:02:45 +00:00
socat
socat: patch CVE-2024-54661
2025-01-24 07:49:28 -08:00
ssh-pregen-hostkeys
ssh-pregen-hostkeys: Add a recipe with pregenerated ssh host keys
2020-09-23 20:54:04 +01:00
wpa-supplicant
wpa-supplicant: patch CVE-2025-24912
2025-11-06 07:14:05 -08:00