mbox series

mickledore merge request: July 2nd

Message ID 58ea60fc-5580-0bb6-edb5-6d403c5900a9@gmail.com
State New
Headers show
Series mickledore merge request: July 2nd | expand

Pull-request

https://git.openembedded.org/meta-openembedded mickledore-next

Message

akuster808 July 2, 2023, 3:10 p.m. UTC 
The following changes since commit 5a01ab461c9bcabcbb2298236602373948f8f073:

   wireshark: CVE-2023-2952 XRA dissector infinite loop (2023-06-17 
13:15:57 -0400)

are available in the Git repository at:

   https://git.openembedded.org/meta-openembedded mickledore-next

for you to fetch changes up to d71a08b3d8fc69d3213c10885af9cc693056a8bd:

   mbedtls: upgrade 2.28.2 -> 2.28.3 (2023-06-28 16:28:35 -0400)

----------------------------------------------------------------
Hitendra Prajapati (1):
       wireshark: Fix Multiple CVEs

Joe Slater (1):
       python3-sqlparse: fix CVE-2023-30608

Polampalli, Archana (1):
       tcpreplay: upgrade 4.4.3 -> 4.4.4

Sandeep Gundlupet Raju 837 (1):
       opencv: Revert fix runtime dependencies

Soumya via (1):
       opencv: Fix for CVE-2023-2617

Wang Mingyu (1):
       python3-django: upgrade 4.1.7 -> 4.2.1

Yi Zhao (2):
       frr: upgrade 8.4.2 -> 8.4.4
       mbedtls: upgrade 2.28.2 -> 2.28.3

  .../mbedtls/{mbedtls_2.28.2.bb => mbedtls_2.28.3.bb} |   8 +-
  .../recipes-protocols/frr/{frr_8.4.2.bb => frr_8.4.4.bb} |   2 +-
  .../tcpreplay/{tcpreplay_4.4.3.bb => tcpreplay_4.4.4.bb} |   2 +-
  .../recipes-support/wireshark/files/CVE-2023-0666.patch         | 122 
++++++++++++++++++++++++++++
  .../recipes-support/wireshark/files/CVE-2023-0667.patch         | 66 
+++++++++++++++
  .../recipes-support/wireshark/files/CVE-2023-0668.patch         | 33 
++++++++
  meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb   | 3 +
  meta-oe/recipes-support/opencv/opencv/CVE-2023-2617.patch       | 88 
++++++++++++++++++++
  meta-oe/recipes-support/opencv/opencv_4.7.0.bb                  | 3 +-
  .../python/{python3-django_4.1.7.bb => python3-django_4.2.1.bb} |   2 +-
  .../python/python3-sqlparse/CVE-2023-30608.patch                | 51 
++++++++++++
  meta-python/recipes-devtools/python/python3-sqlparse_0.4.3.bb   | 1 +
  12 files changed, 376 insertions(+), 5 deletions(-)
  rename meta-networking/recipes-connectivity/mbedtls/{mbedtls_2.28.2.bb 
=> mbedtls_2.28.3.bb} (93%)
  rename meta-networking/recipes-protocols/frr/{frr_8.4.2.bb => 
frr_8.4.4.bb} (98%)
  rename meta-networking/recipes-support/tcpreplay/{tcpreplay_4.4.3.bb 
=> tcpreplay_4.4.4.bb} (88%)
  create mode 100644 
meta-networking/recipes-support/wireshark/files/CVE-2023-0666.patch
  create mode 100644 
meta-networking/recipes-support/wireshark/files/CVE-2023-0667.patch
  create mode 100644 
meta-networking/recipes-support/wireshark/files/CVE-2023-0668.patch
  create mode 100644 
meta-oe/recipes-support/opencv/opencv/CVE-2023-2617.patch
  rename meta-python/recipes-devtools/python/{python3-django_4.1.7.bb => 
python3-django_4.2.1.bb} (58%)
  create mode 100644 
meta-python/recipes-devtools/python/python3-sqlparse/CVE-2023-30608.patch

Comments

Khem Raj July 2, 2023, 3:54 p.m. UTC | #1 
merged now thanks Armin.

On Sun, Jul 2, 2023 at 8:10 AM akuster808 <akuster808@gmail.com> wrote:
>
> The following changes since commit 5a01ab461c9bcabcbb2298236602373948f8f073:
>
>    wireshark: CVE-2023-2952 XRA dissector infinite loop (2023-06-17
> 13:15:57 -0400)
>
> are available in the Git repository at:
>
>    https://git.openembedded.org/meta-openembedded mickledore-next
>
> for you to fetch changes up to d71a08b3d8fc69d3213c10885af9cc693056a8bd:
>
>    mbedtls: upgrade 2.28.2 -> 2.28.3 (2023-06-28 16:28:35 -0400)
>
> ----------------------------------------------------------------
> Hitendra Prajapati (1):
>        wireshark: Fix Multiple CVEs
>
> Joe Slater (1):
>        python3-sqlparse: fix CVE-2023-30608
>
> Polampalli, Archana (1):
>        tcpreplay: upgrade 4.4.3 -> 4.4.4
>
> Sandeep Gundlupet Raju 837 (1):
>        opencv: Revert fix runtime dependencies
>
> Soumya via (1):
>        opencv: Fix for CVE-2023-2617
>
> Wang Mingyu (1):
>        python3-django: upgrade 4.1.7 -> 4.2.1
>
> Yi Zhao (2):
>        frr: upgrade 8.4.2 -> 8.4.4
>        mbedtls: upgrade 2.28.2 -> 2.28.3
>
>   .../mbedtls/{mbedtls_2.28.2.bb => mbedtls_2.28.3.bb} |   8 +-
>   .../recipes-protocols/frr/{frr_8.4.2.bb => frr_8.4.4.bb} |   2 +-
>   .../tcpreplay/{tcpreplay_4.4.3.bb => tcpreplay_4.4.4.bb} |   2 +-
>   .../recipes-support/wireshark/files/CVE-2023-0666.patch         | 122
> ++++++++++++++++++++++++++++
>   .../recipes-support/wireshark/files/CVE-2023-0667.patch         | 66
> +++++++++++++++
>   .../recipes-support/wireshark/files/CVE-2023-0668.patch         | 33
> ++++++++
>   meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb   | 3 +
>   meta-oe/recipes-support/opencv/opencv/CVE-2023-2617.patch       | 88
> ++++++++++++++++++++
>   meta-oe/recipes-support/opencv/opencv_4.7.0.bb                  | 3 +-
>   .../python/{python3-django_4.1.7.bb => python3-django_4.2.1.bb} |   2 +-
>   .../python/python3-sqlparse/CVE-2023-30608.patch                | 51
> ++++++++++++
>   meta-python/recipes-devtools/python/python3-sqlparse_0.4.3.bb   | 1 +
>   12 files changed, 376 insertions(+), 5 deletions(-)
>   rename meta-networking/recipes-connectivity/mbedtls/{mbedtls_2.28.2.bb
> => mbedtls_2.28.3.bb} (93%)
>   rename meta-networking/recipes-protocols/frr/{frr_8.4.2.bb =>
> frr_8.4.4.bb} (98%)
>   rename meta-networking/recipes-support/tcpreplay/{tcpreplay_4.4.3.bb
> => tcpreplay_4.4.4.bb} (88%)
>   create mode 100644
> meta-networking/recipes-support/wireshark/files/CVE-2023-0666.patch
>   create mode 100644
> meta-networking/recipes-support/wireshark/files/CVE-2023-0667.patch
>   create mode 100644
> meta-networking/recipes-support/wireshark/files/CVE-2023-0668.patch
>   create mode 100644
> meta-oe/recipes-support/opencv/opencv/CVE-2023-2617.patch
>   rename meta-python/recipes-devtools/python/{python3-django_4.1.7.bb =>
> python3-django_4.2.1.bb} (58%)
>   create mode 100644
> meta-python/recipes-devtools/python/python3-sqlparse/CVE-2023-30608.patch
>