helium-3rd-party/meta-openembedded
1
0
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-05-21 12:35:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
30,151 Commits 64 Branches 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Peter Marko 98e1f972bd squid: conditionally set status of CVE-2024-45802 
According to [1] the ESI feature implementation in squid is vulnerable
without any fix available.
NVD says it's fixed in 6.10, however the change in this release only
disables ESI by default (which we always did via PACKAGECONFIG).

Commit in master branch related to this CVE is [2].
Title is "Remove Edge Side Include (ESI) protocol" and it's also what it
does. So there will never be a fix for these ESI vulnerabilities.

We should not break features in LTS branch and cannot fix this problem.
So ignrore this CVE based on set PACKAGECONFIG which should remove it
from reports for most users. Thos who need ESI need to assess the risk
themselves.

[1] https://github.com/squid-cache/squid/security/advisories/GHSA-f975-v7qw-q7hj
[2] 5eb89ef3d8

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2024-11-09 14:44:28 -05:00
contrib
contrib: oe-stylize: Use Python3 explicitly
2023-06-04 22:29:46 -07:00
meta-filesystems
fuse3: remove sysv init script and install fuse kernel module explictly
2024-06-02 14:57:06 -04:00
meta-gnome
gnome-remote-desktop: update 46.1 -> 46.2
2024-09-15 12:10:56 -04:00
meta-initramfs
reproducibility: move repro excludes from AB config.json to meta-oe
2024-04-30 11:00:33 -07:00
meta-multimedia
mpd: Update status for CVE-2020-7465 and CVE-2020-7466
2024-04-30 11:00:34 -07:00
meta-networking
squid: conditionally set status of CVE-2024-45802
2024-11-09 14:44:28 -05:00
meta-oe
nss: patch CVE-2024-6609
2024-11-09 14:37:54 -05:00
meta-perl
reproducibility: move repro excludes from AB config.json to meta-oe
2024-04-30 11:00:33 -07:00
meta-python
python3-xmodem: replace hardcoded /usr with ${prefix}
2024-11-09 14:40:58 -05:00
meta-webserver
apache2: use update-alternatives for httpd
2024-10-06 07:26:19 -04:00
meta-xfce
reproducibility: move repro excludes from AB config.json to meta-oe
2024-04-30 11:00:33 -07:00
.gitignore
.gitignore: add *.pyc and *.pyo
2019-06-15 16:45:33 -07:00
COPYING.MIT
README.md
meta-openemnedded: Add myself as scarthgap maintainer
2024-03-27 20:07:53 -07:00

README.md

Collection of layers for the OE-core universe

Main layer maintainer: Armin Kuster akuster808@gmail.com

This repository is a collection of layers to suppliment OE-Core with additional packages, Each layer have designated maintainer Please see the respective READMEs in the layer subdirectories

Description
Collection of OpenEmbedded layers
https://openembedded.org/
Readme 92 MiB
Languages
BitBake 85%
Shell 6.2%
C 3%
Roff 2.1%
NASL 1.9%
Other 1.6%