meta-openembedded

mirror of git://git.openembedded.org/meta-openembedded synced 2026-01-04 16:10:10 +00:00

History

Yi Zhao 06d80777f4 krb5: fix CVE-2021-36222 Source: https://git.openembedded.org/meta-openembedded MR: 112165 Type: Security Fix Disposition: Backport from https://git.openembedded.org/meta-openembedded/commit/meta-oe/recipes-connectivity/krb5?id=69087d69d01a4530e2d588036fcbeaf8856b2ff1 ChangeID: e7cdfd1c4530312b4773103cf58d322451af1421 Description: CVE-2021-36222: ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation. References: https://nvd.nist.gov/vuln/detail/CVE-2021-36222 Patches from: `fc98f520ca` Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 620badcbf8a59fbd2cdda6ab01c4ffba1c3ee327) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit `523f6d834d`) [Fixup for Dunfell context] Signed-off-by: Armin Kuster <akuster@mvista.com>		2021-09-10 13:23:06 -07:00
..
gammu	meta-oe: Remove using python2	2020-01-22 09:56:34 -08:00
gattlib	gattlib: Update to latest tip	2019-12-20 16:07:50 -08:00
gensio	gensio: new package	2020-02-27 08:25:49 -08:00
hostapd	hostapd: fix building with CONFIG_TLS=internal	2021-05-22 16:18:11 -07:00
ifplugd	ifplugd: Include stdint.h for uintXX_t	2019-11-06 06:32:14 -08:00
irssi	irssi: package libirc_proxy.a in PN-staticdev	2020-06-12 09:32:04 -07:00
iwd	iwd: Upgrade to 1.9	2020-09-19 11:22:44 -07:00
krb5	krb5: fix CVE-2021-36222	2021-09-10 13:23:06 -07:00
libev	libev: upgrade 4.31 -> 4.33	2020-03-19 09:26:02 -07:00
libimobiledevice	libimobiledevice: Upgrade to latest	2018-09-08 13:32:12 -07:00
libmbim	libmbim: upgrade 1.20.4 -> 1.22.0	2020-02-27 08:25:49 -08:00
libmtp	libmtp: upgrade 1.1.16 -> 1.1.17	2020-02-27 17:55:23 -08:00
libndp	libndp: Upgrade to 1.7	2018-06-27 22:17:33 -07:00
libnet	libnet: Clarify BSD license variant	2019-10-25 10:29:50 -07:00
libqmi	libqmi: upgrade 1.24.8 -> 1.24.12	2020-05-28 21:39:56 -07:00
libtorrent	libtorrent: Disable instrumentation on ppc/mips	2019-11-18 16:49:57 -08:00
libuv	libuv: fix CVE-2020-8252	2021-02-04 22:39:02 -08:00
libwebsockets	libwebsockets: upgrade 3.2.2 -> 4.0.1	2020-04-25 08:32:41 -07:00
linuxptp	linuxptp: Fix cross build	2021-05-14 10:03:51 -07:00
loudmouth	gnome: add explicit bz2 compress type to older packages	2015-08-31 19:17:08 +02:00
modemmanager	modemmanager: upgrade 1.12.10 -> 1.12.12	2020-07-12 19:20:37 -07:00
mosh	mosh: Upgrade to 1.3.2	2019-01-30 13:34:49 -08:00
obex	recipes: rename distro_features_check to features_check	2019-11-21 17:51:37 -08:00
obexftp	obexftp: use makefile instead of ninja cmake generator	2018-04-08 17:00:06 -07:00
packagegroups	packagegroup-tools-bluetooth: correct RDEPENDS	2019-08-15 11:42:00 -07:00
paho-mqtt-c	paho-mqtt-c: Fix build error when enable multilib.	2020-07-12 19:20:37 -07:00
phonet-utils	phonet-utils: Fix build with musl	2017-07-24 18:58:50 +02:00
rabbitmq-c	rabbitmq-c: upgrade 0.9.0 -> 0.10.0	2020-01-09 14:05:37 -08:00
rfkill	rfkill: Clarify BSD license variant	2019-10-25 10:29:51 -07:00
rtorrent	rtorrent: upgrade 0.9.7 -> 0.9.8	2019-11-01 17:22:53 -07:00
ser2net	ser2net: upgrade 4.1.5 -> 4.1.8	2020-05-28 21:49:10 -07:00
smstools3	smstools3: refresh patches	2018-04-13 12:43:37 -07:00
telepathy	telepathy-glib: respect GI_DATA_ENABLED when enabling vala-bindings	2021-04-23 18:45:08 -07:00
thrift	thrift: Upgrade to 0.13	2019-12-20 16:07:50 -08:00
usbmuxd	libimobiledevice: Upgrade to latest	2018-09-08 13:32:12 -07:00
wifi-test-suite	wifi-test-suite: Fix build with LTO	2019-02-09 17:42:11 -08:00
wvdial	wvstreams: Fix build with gcc10	2019-12-26 19:52:55 -08:00
zabbix	zabbix: CVE-2020-15803 Security Advisory	2021-01-10 19:26:00 -08:00
zeromq	zeromq: Fix host-specific path issue with libsodium	2020-04-22 12:14:44 -07:00