poky/recipes-support at eb95a68b98d1fe8958247ca25dadf1fc4c4b776f - poky

mirror of https://git.yoctoproject.org/poky synced 2026-04-30 12:32:12 +02:00

Files

Pawan Badganchi 64eba948a9 curl: Add fix for CVE-2023-23914, CVE-2023-23915

Add below patches to fix CVE-2023-23914 [1], CVE-2023-23915 [2]

CVE-2023-23914_5-1.patch
CVE-2023-23914_5-2.patch
CVE-2023-23914_5-3.patch
CVE-2023-23914_5-4.patch
CVE-2023-23914_5-5.patch

[1] https://curl.se/docs/CVE-2023-23914.html
[2] https://curl.se/docs/CVE-2023-23915.html

(From OE-Core rev: c80ede99b60cfbb0e7b339e1a7dc9f082f0da1f3)

Signed-off-by: Pawan Badganchi <Pawan.Badganchi@kpit.com>
Signed-off-by: pawan <badganchipv@gmail.com>
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2023-03-28 22:31:53 +01:00

apr

apr-util: update 1.6.1 -> 1.6.3

2023-02-24 16:41:46 +00:00

argp-standalone

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

aspell

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

atk

atk: upgrade 2.36.0 -> 2.38.0

2022-03-29 15:59:28 +01:00

attr

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

bash-completion

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

bmap-tools

meta: remove obsolete PIP_INSTALL_PACKAGE

2022-03-12 09:20:03 +00:00

boost

boost: fix install of fiber shared libraries

2022-08-23 15:22:52 +01:00

ca-certificates

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

consolekit

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

curl

curl: Add fix for CVE-2023-23914, CVE-2023-23915

2023-03-28 22:31:53 +01:00

db: remove obsolete support for renamed libtool

2021-12-12 18:10:22 +00:00

debianutils

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

diffoscope

diffoscope: upgrade 207 -> 208

2022-03-29 15:59:28 +01:00

dos2unix

meta: Add explict branch to git SRC_URIs

2021-10-30 18:56:47 +01:00

enchant

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

fribidi

fribidi: upgrade 1.0.11 -> 1.0.12

2022-05-20 10:08:06 +01:00

gdbm

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

gmp

gmp: add missing COPYINGv3

2022-04-14 09:47:00 +01:00

gnome-desktop-testing

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

gnupg

gnupg: upgrade to 2.3.7 to fix CVE-2022-34903

2022-08-01 16:27:29 +01:00

gnutls

gnutls: fix CVE-2023-0361 timing side-channel in the TLS RSA key exchange code

2023-03-20 17:20:44 +00:00

gpgme

gpgme: upgrade 1.17.0 -> 1.17.1

2022-03-10 13:07:37 +00:00

icu

icu: fix make_icudata dependencies

2022-01-26 06:27:00 +00:00

iso-codes

iso-codes: upgrade 4.12.0 -> 4.13.0

2023-03-20 17:20:44 +00:00

itstool

itstool: add missing COPYING.GPL3

2022-04-14 09:47:00 +01:00

libassuan

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

libatomic-ops

libatomic-ops: upgrade 7.6.12 -> 7.6.14

2022-09-12 08:41:47 +01:00

libbsd

libbsd: upgrade 0.11.3 -> 0.11.5

2022-02-01 07:31:17 +00:00

libcap

libcap: upgrade 2.65 -> 2.66

2022-11-10 14:39:23 +00:00

libcap-ng

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

libcheck

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

libcroco

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

libdaemon

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

libevdev

libevdev: upgrade 1.12.0 -> 1.12.1

2022-03-29 15:59:29 +01:00

libevent

libevent,btrfs-tools: fix Upstream-Status tag

2021-10-23 22:26:48 +01:00

libexif

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

libffi

libffi: upgrade 3.4.2 -> 3.4.4

2022-12-01 19:35:04 +00:00

libfm

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

libgcrypt

meta/scripts: Automated conversion of OE renamed variables

2022-02-21 23:37:27 +00:00

libgit2

libgit2: upgrade 1.4.4 -> 1.4.5

2023-02-24 16:41:46 +00:00

libgpg-error

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

libical

libical: upgrade 3.0.15 -> 3.0.16

2022-12-01 19:35:04 +00:00

libjitterentropy

libjitterentropy: upgrade 3.3.1 -> 3.4.0

2022-03-24 17:45:29 +00:00

libksba

libksba: update 1.6.2 -> 1.6.3

2023-01-26 23:37:05 +00:00

libmd

libmd: upgrade 1.0.3 -> 1.0.4

2021-10-23 17:42:26 +01:00

libmicrohttpd

libmicrohttpd: upgrade 0.9.75 -> 0.9.76

2023-03-20 17:20:44 +00:00

libmpc

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

libnl

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

libpcre

libpcre2: upgrade 10.39 -> 10.40

2022-06-07 11:53:26 +01:00

libproxy

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

libpsl

libpsl: Add config knobs for runtime/builtin conversion choices

2021-04-20 13:56:48 +01:00

libseccomp

libseccomp: fix for the ptest result format

2023-03-09 13:19:03 +00:00

libsoup

libsoup: upgrade 3.0.6 -> 3.0.7

2022-07-16 06:52:45 +01:00

libssh2

libssh2: Clean up ptest patch/coverage

2023-03-09 13:19:03 +00:00

libunistring

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

libunwind

libunwind: update 1.6.0 -> 1.6.2

2021-12-08 20:22:11 +00:00

liburcu

liburcu: upgrade 0.13.1 -> 0.13.2

2022-09-12 08:41:47 +01:00

libusb

libusb1: Strip trailing whitespaces

2023-02-04 23:32:20 +00:00

libxslt

libxslt: Mark CVE-2022-29824 as not applying

2022-06-07 11:53:26 +01:00

libyaml

Convert to new override syntax

2021-08-02 15:44:10 +01:00

lz4

lz4: upgrade 1.9.3 -> 1.9.4

2022-09-12 08:41:47 +01:00

lzo

lzo: Add further info to a patch and mark as Inactive-Upstream

2022-06-11 10:06:13 +01:00

lzop

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

mpfr

mpfr: upgrade 4.1.0 -> 4.1.1

2022-12-23 23:05:50 +00:00

nettle

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

nghttp2

nghttp2: never build python bindings

2023-03-09 13:19:03 +00:00

npth

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

nss-myhostname

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

numactl

numactl: skip test case when target platform doesn't have 2 CPU node

2023-02-04 23:32:20 +00:00

p11-kit

p11-kit: update 0.24.0 -> 0.24.1

2022-01-20 11:57:29 +00:00

pinentry

pinentry: enable _XOPEN_SOURCE on musl for wchar usage in curses

2022-09-03 13:09:49 +01:00

popt

popt: fix override syntax in RDEPENDS

2022-06-22 23:46:29 +01:00

ptest-runner

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

re2c

re2c: upgrade 2.2 -> 3.0

2022-02-05 17:46:05 +00:00

rng-tools

rng-tools: enable macro JENT_CONF_ENABLE_INTERNAL_TIMER

2022-03-24 17:45:29 +00:00

serf

serf: mark upstream as inactive

2021-12-17 09:56:14 +00:00

shared-mime-info

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

sqlite

sqlite: fix CVE-2022-46908 safe mode authorizer callback allows disallowed UDFs.

2023-01-06 17:33:23 +00:00

taglib

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

user-creation

Convert to new override syntax

2021-08-02 15:44:10 +01:00

vim

vim: set modified-by to the recipe MAINTAINER

2023-03-23 22:45:33 +00:00

vte

meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers

2022-02-20 16:45:25 +00:00

xxhash

xxhash: fix build with gcc 12

2022-06-22 23:46:29 +01:00