[poky] [PATCH 0/4] security fixes

Mon Apr 18 14:56:31 PDT 2011

On 04/15/2011 03:16 AM, Qing He wrote:
> From: Qing He<qing.he at intel.com>
>
> This patch set upgrades several recipes to address the following CVEs:
>
>     libexif: CVE-2007-6351, CVE-2007-6352, CVE-2009-3895
>     libxml2: CVE-2010-4008
>     openssl: CVE-2010-4180, CVE-2010-4252, CVE-2010-0014
>     rsync: CVE-2011-1097
>
> they are targeting for 1.0 point release
>
>
> Pull URL: git://git.pokylinux.org/poky-contrib.git
>    Branch: qhe/cve
>    Browse: http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=qhe/cve
>
> Thanks,
>      Qing He<qing.he at intel.com>
> ---
>
>
> Qing He (4):
>    libexif: upgrade to 0.6.20
>    libxml2: upgrade to version 2.7.8
>    openssl: upgrade to version 0.9.8r
>    rsync: upgrade to version 3.0.8
>
>   .../configure-targets.patch                        |    1 +
>   .../debian/ca.patch                                |    0
>   .../debian/config-hurd.patch                       |    0
>   .../debian/debian-targets.patch                    |    0
>   .../debian/engines-path.patch                      |    0
>   .../debian/kfreebsd-pipe.patch                     |    0
>   .../debian/make-targets.patch                      |    0
>   .../debian/man-dir.patch                           |    0
>   .../debian/man-section.patch                       |    0
>   .../debian/no-rpath.patch                          |    0
>   .../debian/no-symbolic.patch                       |    0
>   .../debian/perl-path.diff                          |    0
>   .../debian/pic.patch                               |    0
>   .../debian/pkg-config.patch                        |    0
>   .../debian/rc4-amd64.patch                         |    0
>   .../debian/rehash-crt.patch                        |    0
>   .../debian/rehash_pod.patch                        |    0
>   .../debian/series                                  |    0
>   .../debian/shared-lib-ext.patch                    |    0
>   .../debian/stddef.patch                            |    0
>   .../debian/version-script.patch                    |    0
>   .../parallel-make-fix.patch                        |    2 ++
>   .../shared-libs.patch                              |    2 ++
>   meta/recipes-connectivity/openssl/openssl.inc      |    2 +-
>   .../{openssl_0.9.8p.bb =>  openssl_0.9.8r.bb}       |    6 +++---
>   .../recipes-core/libxml/libxml2/libxml-64bit.patch |    2 ++
>   meta/recipes-core/libxml/libxml2_2.7.7.bb          |    6 ------
>   meta/recipes-core/libxml/libxml2_2.7.8.bb          |    6 ++++++
>   .../rsync/{rsync_3.0.7.bb =>  rsync_3.0.8.bb}       |    6 +++---
>   .../{libexif_0.6.16.bb =>  libexif_0.6.20.bb}       |    6 +++---
>   30 files changed, 23 insertions(+), 16 deletions(-)
>   rename meta/recipes-connectivity/openssl/{openssl-0.9.8p =>  openssl-0.9.8r}/configure-targets.patch (97%)
>   rename meta/recipes-connectivity/openssl/{openssl-0.9.8p =>  openssl-0.9.8r}/debian/ca.patch (100%)
>   rename meta/recipes-connectivity/openssl/{openssl-0.9.8p =>  openssl-0.9.8r}/debian/config-hurd.patch (100%)
>   rename meta/recipes-connectivity/openssl/{openssl-0.9.8p =>  openssl-0.9.8r}/debian/debian-targets.patch (100%)
>   rename meta/recipes-connectivity/openssl/{openssl-0.9.8p =>  openssl-0.9.8r}/debian/engines-path.patch (100%)
>   rename meta/recipes-connectivity/openssl/{openssl-0.9.8p =>  openssl-0.9.8r}/debian/kfreebsd-pipe.patch (100%)
>   rename meta/recipes-connectivity/openssl/{openssl-0.9.8p =>  openssl-0.9.8r}/debian/make-targets.patch (100%)
>   rename meta/recipes-connectivity/openssl/{openssl-0.9.8p =>  openssl-0.9.8r}/debian/man-dir.patch (100%)
>   rename meta/recipes-connectivity/openssl/{openssl-0.9.8p =>  openssl-0.9.8r}/debian/man-section.patch (100%)
>   rename meta/recipes-connectivity/openssl/{openssl-0.9.8p =>  openssl-0.9.8r}/debian/no-rpath.patch (100%)
>   rename meta/recipes-connectivity/openssl/{openssl-0.9.8p =>  openssl-0.9.8r}/debian/no-symbolic.patch (100%)
>   rename meta/recipes-connectivity/openssl/{openssl-0.9.8p =>  openssl-0.9.8r}/debian/perl-path.diff (100%)
>   rename meta/recipes-connectivity/openssl/{openssl-0.9.8p =>  openssl-0.9.8r}/debian/pic.patch (100%)
>   rename meta/recipes-connectivity/openssl/{openssl-0.9.8p =>  openssl-0.9.8r}/debian/pkg-config.patch (100%)
>   rename meta/recipes-connectivity/openssl/{openssl-0.9.8p =>  openssl-0.9.8r}/debian/rc4-amd64.patch (100%)
>   rename meta/recipes-connectivity/openssl/{openssl-0.9.8p =>  openssl-0.9.8r}/debian/rehash-crt.patch (100%)
>   rename meta/recipes-connectivity/openssl/{openssl-0.9.8p =>  openssl-0.9.8r}/debian/rehash_pod.patch (100%)
>   rename meta/recipes-connectivity/openssl/{openssl-0.9.8p =>  openssl-0.9.8r}/debian/series (100%)
>   rename meta/recipes-connectivity/openssl/{openssl-0.9.8p =>  openssl-0.9.8r}/debian/shared-lib-ext.patch (100%)
>   rename meta/recipes-connectivity/openssl/{openssl-0.9.8p =>  openssl-0.9.8r}/debian/stddef.patch (100%)
>   rename meta/recipes-connectivity/openssl/{openssl-0.9.8p =>  openssl-0.9.8r}/debian/version-script.patch (100%)
>   rename meta/recipes-connectivity/openssl/{openssl-0.9.8p =>  openssl-0.9.8r}/parallel-make-fix.patch (95%)
>   rename meta/recipes-connectivity/openssl/{openssl-0.9.8p =>  openssl-0.9.8r}/shared-libs.patch (97%)
>   rename meta/recipes-connectivity/openssl/{openssl_0.9.8p.bb =>  openssl_0.9.8r.bb} (86%)
>   delete mode 100644 meta/recipes-core/libxml/libxml2_2.7.7.bb
>   create mode 100644 meta/recipes-core/libxml/libxml2_2.7.8.bb
>   rename meta/recipes-devtools/rsync/{rsync_3.0.7.bb =>  rsync_3.0.8.bb} (71%)
>   rename meta/recipes-support/libexif/{libexif_0.6.16.bb =>  libexif_0.6.20.bb} (61%)
>
> _______________________________________________
> poky mailing list
> poky at yoctoproject.org
> https://lists.yoctoproject.org/listinfo/poky
>

Merged into Master

Thanks
	Sau!