-
Notifications
You must be signed in to change notification settings - Fork 80
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Security Survey 20221017 #4290
Security Survey 20221017 #4290
Commits on Nov 27, 2022
-
openssl: update to 1.1.1q (Security, #3958, #4249)
* Fixes CVE-2022-2068 and CVE-2022-1292 * Replace CROSS:-BUILD with ab_match_arch * Change build configuration for riscv64 to `linux64-riscv64` Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for ca01ac5 - Browse repository at this point
Copy the full SHA ca01ac5View commit details -
openssl+32: update to 1.1.1q (Security, #3958, #4249)
* Fixes CVE-2022-{1292,2068,2097}; * Disable tests for optenv32 building Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for 639268a - Browse repository at this point
Copy the full SHA 639268aView commit details -
cups: update to 2.4.2 (Security, #4015)
* Fixes CVE-2022-26691 Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for a62cc54 - Browse repository at this point
Copy the full SHA a62cc54View commit details -
bind: update to 9.16.33 (Security, #4250)
* Fix multiple security issues regarding to the bind utility. Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for 01e4889 - Browse repository at this point
Copy the full SHA 01e4889View commit details -
dhcp: update to 4.4.3.P1 (Security, #4240)
* From this version ISC's dhcp will become EOL, which means unless severe security issue is founded the upstream may not release any further updates. Due to such reasons the package may be dropped in future. Users are suggested to switch another implementation like kea or dhcpcd. * Dropped unneeded/outdated patch 0002-iproute2.patch * Increase verbosity. Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for 663f3f9 - Browse repository at this point
Copy the full SHA 663f3f9View commit details -
zlib: (upstream patch) fix CVE-2022-37434; #4097
Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for 10ee2e3 - Browse repository at this point
Copy the full SHA 10ee2e3View commit details -
aosc-aaa: bump core to 9.1.5 for zlib security fix
Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for d5e885e - Browse repository at this point
Copy the full SHA d5e885eView commit details -
git: update to 2.38.1 (Security, #4265)
* Fixes CVE-2022-{39253,39260} * Updated systemd unit file from Archlinux Ref: https://github.com/archlinux/svntogit-packages/blob/29f368bdeabc4dd6ae05a8f90ddfcab044c8c5b7/trunk/git-daemon@.service Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for 754cded - Browse repository at this point
Copy the full SHA 754cdedView commit details -
python-2: fix mailcap vulnerabilty (Security, #4306)
* Add a patch 0002-Ubuntu-CVE-2015-20107.patch to fix the security issue. Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for a914b1b - Browse repository at this point
Copy the full SHA a914b1bView commit details -
python-3: Update to 3.10.8 (Security, #4305)
* Fixes multiple security vulnerablities. See release note for more details. Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for 622fd0d - Browse repository at this point
Copy the full SHA 622fd0dView commit details -
squid: update to 5.7 (Security, #4259)
* Fixes CVE-2021-46784, CVE-2022-41317, CVE-2022-41318 Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for 697ad1e - Browse repository at this point
Copy the full SHA 697ad1eView commit details -
libxml2: update to 2.10.3 (Security, #4267)
* Fixes CVE-2022-29824, CVE-2022-23308, CVE-2022-40303, CVE-2022-40304 * Dropped merged patches.
Configuration menu - View commit details
-
Copy full SHA for 4da4dcc - Browse repository at this point
Copy the full SHA 4da4dccView commit details -
libxml2+32: update to 2.10.3 (Security, #4267)
* Fixes CVE-2022-29824, CVE-2022-23308, CVE-2022-40303, CVE-2022-40304 * Dropped merged patches. Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for c2816db - Browse repository at this point
Copy the full SHA c2816dbView commit details -
kitty: update to 0.26.4 (Security, #4239)
* Fixes CVE-2022-41322 Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for b26d33f - Browse repository at this point
Copy the full SHA b26d33fView commit details -
openjpeg: update to 2.5.0 (Security, #4270)
* Fix some vulnerabilities. See issue for more details. * Add jbigkit as builddep, which only includes static library. Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for f1c3b85 - Browse repository at this point
Copy the full SHA f1c3b85View commit details -
chromium: update to 106.0.5249.119
* Including security fixes. Issue number not assigned * Modify patchset from gentoo. Imported new & dropped old patches. Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for 5c8576c - Browse repository at this point
Copy the full SHA 5c8576cView commit details -
google-chrome: update to 106.0.5249.119
* Including security fixes. Issue number not assigned. Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for dd86153 - Browse repository at this point
Copy the full SHA dd86153View commit details -
poppler: fix CVE-2021-30860 (#4246)
* Patch ported from Debian Sid, which is backported from upstream Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for 4f849d5 - Browse repository at this point
Copy the full SHA 4f849d5View commit details -
chromium: fix FTBFS via adapting a patch from an issue in upstream
* The BUILD.gn file of angle lacks including dirs of wayland protocol, which leads to a FTBFS. The patch will fix it. Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for 3a96ccf - Browse repository at this point
Copy the full SHA 3a96ccfView commit details -
* Drop merged CVE-2022-1271 patch. Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for 1b9708d - Browse repository at this point
Copy the full SHA 1b9708dView commit details -
expat: Update to 2.4.9 (Security, #4244)
* Fixes CVE-2022-25236 CVE-2022-40674 Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for 25fba79 - Browse repository at this point
Copy the full SHA 25fba79View commit details -
vim: update to 9.0.0814 (Security, not assigned)
* Include several fixes for security vulnerabilities. Detailed list is omitted * Increase verbosity of building process Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for e051fe1 - Browse repository at this point
Copy the full SHA e051fe1View commit details -
unzip: downgrade to 6.0 (Chrrey-picked from retro)
Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for c88dcbd - Browse repository at this point
Copy the full SHA c88dcbdView commit details -
unzip: fix CVE-2022-0529 and 0530
* Patch 0033 is adapted from debian's patchset Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for 4c687b7 - Browse repository at this point
Copy the full SHA 4c687b7View commit details -
xterm: update to 375 (Security, #4307)
* Fixed CVE-2021-27135 and CVE-2022-24130 * Increase output verbosity of beyond file Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for c68aa8d - Browse repository at this point
Copy the full SHA c68aa8dView commit details -
curl: Update to 7.86.0 (Security, #4274)
* Fixed multiple security vulnerabilities. See issue for details. Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for 1a5d3c2 - Browse repository at this point
Copy the full SHA 1a5d3c2View commit details -
Configuration menu - View commit details
-
Copy full SHA for 8bf01f7 - Browse repository at this point
Copy the full SHA 8bf01f7View commit details -
Configuration menu - View commit details
-
Copy full SHA for 02372e5 - Browse repository at this point
Copy the full SHA 02372e5View commit details -
wireshark: update to 4.0.0 (Security, #4272)
* Fix CVE-2022-3190 * Increase build output verbosity Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for c77ca72 - Browse repository at this point
Copy the full SHA c77ca72View commit details -
ntfs-3g: update to 2022.10.3 (Security, #4281)
* Fixes CVE-2022-40284, which may lead to an arbitary code execution; * Sover stays at 89, so no rebuild of reverse dependent is required. Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for e257a06 - Browse repository at this point
Copy the full SHA e257a06View commit details -
rpm: update to 4.18.0 (Security, #4283)
* Fix CVE-2021-3521, CVE-2021-35937, CVE-2021-35938, CVE-2021-35939 * Removes buggy autogen.sh to use autoreconf Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for b68997c - Browse repository at this point
Copy the full SHA b68997cView commit details -
expat: Update to 2.5.0 (Security, #4244)
* Fix CVE-2022-43680 * Add a beyond file to install manpage * Sover stays at 1, therefore no rebuild is required Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for cc53633 - Browse repository at this point
Copy the full SHA cc53633View commit details -
libksba: update to 1.6.2 (Security, #4308)
* Fix CVE-2022-3515 Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for 5bb2a43 - Browse repository at this point
Copy the full SHA 5bb2a43View commit details -
open-vm-tools: update to 12.1.0 (Security, #4284)
* Fix CVE-2022-31676 * Add some TO-DOs at defines file, including some features related to recent pakreqs. Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for 5cc8361 - Browse repository at this point
Copy the full SHA 5cc8361View commit details -
libtiff: Update to 4.4.0 (Security, #4309)
* Fix multiple vulnerablilites between 4.0.10 and 4.4.0; * Add "--disable-static" to manually suppress building of static library; * Include a security patchset from upstream devlopment branch. Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for b2511d8 - Browse repository at this point
Copy the full SHA b2511d8View commit details -
freerdp: update to 2.8.1 (Security, #4313)
* Fix CVE-2022-39282, CVE-2022-39283 Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for 107f4c5 - Browse repository at this point
Copy the full SHA 107f4c5View commit details -
lighttpd: backport patch to fix CVE-2022-22707
Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for b6e4851 - Browse repository at this point
Copy the full SHA b6e4851View commit details -
nokogiri: update to 1.13.9 (Security, #4310)
* Fix CVE-2022-24836, CVE-2022-29181 Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for 51389c5 - Browse repository at this point
Copy the full SHA 51389c5View commit details -
opensc: update to 0.22.0 (Security, #4289)
* Fixes CVEs. See issue for details. Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for 2228e22 - Browse repository at this point
Copy the full SHA 2228e22View commit details -
libgcrypt: update to 1.9.4 (Security, #4311)
* Fix CVE-2021-33560 and CVE-2021-40528 Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for b62f420 - Browse repository at this point
Copy the full SHA b62f420View commit details -
* Include security fix. Issue number not assigned and acutal list is omitted; * Use array on CMAKE_AFTER to include comments; * May need further attention.
Configuration menu - View commit details
-
Copy full SHA for fc6a2a9 - Browse repository at this point
Copy the full SHA fc6a2a9View commit details -
Configuration menu - View commit details
-
Copy full SHA for 3f0fecd - Browse repository at this point
Copy the full SHA 3f0fecdView commit details -
Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for 203f271 - Browse repository at this point
Copy the full SHA 203f271View commit details -
bind: Update CHKSUM of root.hint
Root.hint version: 20221109 Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for 60e407e - Browse repository at this point
Copy the full SHA 60e407eView commit details -
Configuration menu - View commit details
-
Copy full SHA for 9d44aab - Browse repository at this point
Copy the full SHA 9d44aabView commit details -
google-chrome: update to 107.0.5304.110
Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for 7e71c5e - Browse repository at this point
Copy the full SHA 7e71c5eView commit details -
* Follow upstream's latest tag Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for 0d4c993 - Browse repository at this point
Copy the full SHA 0d4c993View commit details -
* This update/rebuild will fix a linker error when building open-vm-tools, as previous update of libxml2. Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for 43490b5 - Browse repository at this point
Copy the full SHA 43490b5View commit details -
* Dropped patch: 0001-buildfix-fix-improper-cmake-file.patch Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for d0ff35f - Browse repository at this point
Copy the full SHA d0ff35fView commit details -
sqlite: update CHKSUM of version 3.39.4
Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for 3817cf9 - Browse repository at this point
Copy the full SHA 3817cf9View commit details -
chromium: update patchset for version 107.x
* Drop merged patch and update patch from gentoo Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for ce0736b - Browse repository at this point
Copy the full SHA ce0736bView commit details -
chromium: use system-shipped wayland and libffi
* Add wayland and libffi as chromium's runtime dependencies Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for bbc6f22 - Browse repository at this point
Copy the full SHA bbc6f22View commit details -
bind: Update CHKSUM of root.hint
Root.hint version: 20221115 Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for a263dbd - Browse repository at this point
Copy the full SHA a263dbdView commit details -
chromium: add qt-5 as runtime dependency
Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for abd5364 - Browse repository at this point
Copy the full SHA abd5364View commit details -
Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for c8e4935 - Browse repository at this point
Copy the full SHA c8e4935View commit details -
Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for d39966b - Browse repository at this point
Copy the full SHA d39966bView commit details -
wireshark: make asciidoctor as builddep
asciidoctor is used to generate documents. Making it as a building dependency.
Configuration menu - View commit details
-
Copy full SHA for b4b5950 - Browse repository at this point
Copy the full SHA b4b5950View commit details -
* Trailing blank line in beyond Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for 0ac3222 - Browse repository at this point
Copy the full SHA 0ac3222View commit details -
google-chrome: update to 107.0.5304.121
Fix CVE-2022-4135, a heap-based buffer overflow in GPU
Configuration menu - View commit details
-
Copy full SHA for f4073a0 - Browse repository at this point
Copy the full SHA f4073a0View commit details -
chromium: update to 107.0.5304.121
Fix CVE-2022-4135, a heap-based buffer overflow in GPU Signed-off-by: Camber Huang <camber@poi.science>
Configuration menu - View commit details
-
Copy full SHA for e411bdd - Browse repository at this point
Copy the full SHA e411bddView commit details