CaROS/meta-openembedded
3
1
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-01-01 13:58:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
16,835 Commits 63 Branches 0 Tags 91 MiB
BitBake 71.9%
C++ 6.9%
Shell 6.5%
C 3.2%
Roff 2.3%
Other 9%
d7b41ced4b
Go to file
Ovidiu Panait d7b41ced4b net-snmp: Fix CVE-2020-15861 and CVE-2020-15862 
Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic
link (symlink) following.

Net-SNMP through 5.7.3 has Improper Privilege Management because SNMP WRITE
access to the EXTEND MIB provides the ability to run arbitrary commands as
root.

References:
https://nvd.nist.gov/vuln/detail/CVE-2020-15861
https://nvd.nist.gov/vuln/detail/CVE-2020-15862

Upstream patches:
2b3e300ade
9cfb38b0aa
114e4c2cec
2968b455e6
4fd9a45044
77f6c60f57

CVE-2020-15861-0005.patch is the actual fix for CVE-2020-15861 and
CVE-2020-15861-0001.patch through CVE-2020-15861-0004.patch are context
patches needed by the fix to apply cleanly.

Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-09-03 08:28:37 -07:00
contrib tesseract: upgrade to 3.04 2016-10-21 18:20:43 +02:00
meta-filesystems fuse3: upgrade 3.9.1 -> 3.9.2 2020-07-01 08:01:41 -07:00
meta-gnome gnome-settings-daemon: Remove duplicate outdated SRC_URI hashes 2020-09-02 21:22:21 -07:00
meta-initramfs README: updated Maintainers list for Dunfell 2020-05-05 16:47:34 -07:00
meta-multimedia vlc: fix loop initial declarations are only allowed in C99 mode 2020-08-31 07:38:56 -07:00
meta-networking net-snmp: Fix CVE-2020-15861 and CVE-2020-15862 2020-09-03 08:28:37 -07:00
meta-oe lcov: fix lcov-native build 2020-08-23 11:14:56 -07:00
meta-perl libnet-dns-perl: upgrade 1.23 -> 1.24 2020-06-12 09:32:24 -07:00
meta-python python3-pandas: Upgrade 1.0.3 -> 1.0.5 2020-08-27 15:40:21 -07:00
meta-webserver apache2: create log/run directory via pkg_postinst 2020-05-28 21:39:22 -07:00
meta-xfce thunar: upgrade 1.8.14 -> 1.8.15 2020-05-28 21:50:13 -07:00
.gitignore .gitignore: add *.pyc and *.pyo 2019-06-15 16:45:33 -07:00
COPYING.MIT add README and license for this layer 2011-02-13 16:47:32 +01:00
README README: updated Maintainers list for Dunfell 2020-05-05 16:47:34 -07:00

README 

Collection of layers for the OE-core universe

dunfell maintainer: Armin Kuster  <akuster808@gmail.com>

This repository is a collection of layers to suppliment OE-Core
with additional packages, Each layer have designated maintainer
Please see the respective READMEs in the layer subdirectories