helium-3rd-party/meta-openembedded
1
0
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-04-02 02:49:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
32,063 Commits 63 Branches 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Peter Marko 508a2e6b94
squid: handle CVE-2024-45802 
According to [1] the ESI implementation in squid feature is vulnerable
without any fix available.

NVD says it's fixed in 6.10, however the change in this release only
disables ESI by default (which we always did via PACKAGECONFIG).
This means CVE report would say Patched even if the vulnerability is
still present if someone adapts squid PACKAGECONFIG.

Commit in master branch related to this CVE is [2].
Title is "Remove Edge Side Include (ESI) protocol" and it's also what it
does. So there will never be a fix for these ESI vulnerabilities.
Based on this, remove vulnerable ESI PACKAGECONFIG already now.

[1] https://github.com/squid-cache/squid/security/advisories/GHSA-f975-v7qw-q7hj
[2] 5eb89ef3d8

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-11-19 13:50:56 -08:00
contrib
contrib: oe-stylize: Use Python3 explicitly
2023-06-04 22:29:46 -07:00
meta-filesystems
zfs: fix host-related reproducibility
2024-10-31 12:04:02 -07:00
meta-gnome
zenity: upgrade 4.0.2 -> 4.0.3
2024-11-05 22:45:23 -08:00
meta-initramfs
non-repro-meta-initramfs: update known non-reproducible list
2024-10-01 17:56:44 -07:00
meta-multimedia
pipewire: update 1.2.5 -> 1.2.6
2024-10-26 09:09:04 -07:00
meta-networking
squid: handle CVE-2024-45802
2024-11-19 13:50:56 -08:00
meta-oe
autoconf-2.13-native: fix interpreter on shebang line for autoscan
2024-11-19 13:50:55 -08:00
meta-perl
libdbd-sqlite-perl: upgrade 1.74 -> 1.76
2024-11-05 22:45:17 -08:00
meta-python
python3-pyproj: inherit cython class
2024-11-19 13:50:56 -08:00
meta-webserver
netdata: WebUI choice between all (default), v0, v1 or v2
2024-11-05 09:42:49 -08:00
meta-xfce
xfce4-vala: Drop unnecessary SRC_URI[md5sum]
2024-10-04 07:30:34 -07:00
.gitignore
.gitignore: add *.pyc and *.pyo
2019-06-15 16:45:33 -07:00
COPYING.MIT
add README and license for this layer
2011-02-13 16:47:32 +01:00
README.md
layers: Move READMEs to markdown format
2023-06-17 08:30:01 -07:00

README.md

Collection of layers for the OE-core universe

Main layer maintainer: Khem Raj raj.khem@gmail.com

This repository is a collection of layers to suppliment OE-Core with additional packages, Each layer have designated maintainer Please see the respective READMEs in the layer subdirectories

Description
Collection of OpenEmbedded layers
https://openembedded.org/
Readme 94 MiB
Languages
BitBake 84.9%
Shell 6.3%
C 3%
Roff 2.2%
NASL 1.9%
Other 1.5%