CaROS/poky
3
1
Fork 0
mirror of https://git.yoctoproject.org/git/poky synced 2026-01-04 16:10:04 +00:00
Code Issues Packages Projects Releases Wiki Activity
744e331d5b
poky/meta
History
Zhang Peng 744e331d5b avahi: fix CVE-2024-52616 
CVE-2024-52616:
A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs
randomly only once at startup, incrementing them sequentially after that. This
predictable behavior facilitates DNS spoofing attacks, allowing attackers to
guess transaction IDs.

Reference:
[https://nvd.nist.gov/vuln/detail/CVE-2024-52616]
[https://github.com/avahi/avahi/security/advisories/GHSA-r9j3-vjjh-p8vm]

Upstream patches:
[f8710bdc8b]

(From OE-Core rev: 7708d0c346b23ab3e687e2a2ca464d77d55cebd7)

Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-01-24 07:49:28 -08:00
..
classes package.bbclass: Use shlex instead of deprecated pipes 2024-12-20 06:01:45 -08:00
conf gcc: upgrade to v11.5 2024-10-07 05:43:22 -07:00
files toolchain-shar-extract.sh: exit when post-relocate-setup.sh fails 2024-11-27 06:27:26 -08:00
lib oeqa/utils/gitarchive: Return tag name and improve exclude handling 2024-12-09 07:54:03 -08:00
recipes-bsp grub: ignore CVE-2024-1048 and CVE-2023-4001 2024-12-09 07:54:03 -08:00
recipes-connectivity avahi: fix CVE-2024-52616 2025-01-24 07:49:28 -08:00
recipes-core build-appliance-image: Update to kirkstone head revision 2025-01-09 08:51:11 -08:00
recipes-devtools ruby: fix CVE-2024-49761 2025-01-18 06:21:02 -08:00
recipes-example/rust-hello-world
recipes-extended libarchive: Fix CVE-2024-20696 2025-01-09 08:41:03 -08:00
recipes-gnome gcr: Fix LICENSE 2024-09-16 06:09:56 -07:00
recipes-graphics xwayland: patch CVE-2023-5380 CVE-2024-0229 2025-01-09 08:41:03 -08:00
recipes-kernel linux-yocto/5.15: update to v5.15.175 2025-01-09 08:41:04 -08:00
recipes-multimedia gstreamer1.0: ignore CVEs fixed in plugins recipes 2025-01-18 06:21:02 -08:00
recipes-rt meta/recipes: python 3.12 regex 2024-03-01 05:19:54 -10:00
recipes-sato webkitgtk: Security fix for CVE-2024-40776 and CVE-2024-40780 2025-01-09 08:41:03 -08:00
recipes-support diffoscope: fix CVE-2024-25711 2024-12-09 07:54:03 -08:00
site ppc/siteinfo: Fix differences between musl and glibc 2022-03-15 08:40:09 +00:00
COPYING.MIT
recipes.txt