meta-openembedded

mirror of git://git.openembedded.org/meta-openembedded synced 2026-04-02 02:49:12 +00:00

History

Meenali Gupta cfcc9f9945 openvpn: fix multiple CVEs

CVE-2024-24974:
Previously, the VPN tool’s Windows implementation allowed remote access to
its service pipe, posing a security risk. Using compromised credentials, a
threat actor could communicate with OpenVPN to orchestrate attacks.

CVE-2024-27903:
OpenVPN has mitigated the risk by restricting plugin load. Plugins can
now only be loaded from the software’s install directory, the Windows
system directory, and the plugin_dir directory under the software’s installation.

CVE-2024-27459:
This vulnerability affects the interactive service component, potentially leading
to local privilege escalation when triggered by an oversized message.To mitigate
this risk, the VPN solution now terminates connections upon detecting excessively
large messages, preventing stack overflow exploits.

References:
https://openvpn.net/security-advisory/ovpnx-vulnerability-cve-2024-27903-cve-2024-27459-cve-2024-24974/
https://socradar.io/openvpn-fixed-multiple-vulnerabilities-on-windows/
https://community.openvpn.net/openvpn/wiki/CVE-2024-27903
https://community.openvpn.net/openvpn/wiki/CVE-2024-27459
https://community.openvpn.net/openvpn/wiki/CVE-2024-24974

Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>

2024-06-27 11:21:22 -04:00

classes

kernel_add_regdb: Change the task order

2023-01-19 08:28:48 -05:00

conf

layers: Bump to use kirkstone

2022-02-21 18:12:04 -08:00

files/waf-cross-answers

samba: upgrade 4.14.12 -> 4.14.13

2022-04-13 19:21:41 -07:00

licenses

meta-networking/licenses/netperf: remove unused license

2023-05-08 08:04:20 -04:00

recipes-connectivity

mbedtls: upgrade 2.28.7->2.28.8

2024-05-26 15:22:08 -04:00

recipes-core

All layers: Follow oe-core's variable name changes

2022-02-24 08:35:24 -08:00

recipes-daemons

squid: Backport fix for CVE-2023-49286 and CVE-2023-50269

2024-02-28 08:18:18 -05:00

recipes-devtools/python

meta-*: remove obsolete PYPA_WHEEL and PIP_INSTALL_PACKAGE assignments

2022-03-11 11:20:55 -08:00

recipes-extended

tgt: move from meta-openstack

2022-04-18 10:13:16 -07:00

recipes-filter

nftables: Fix missing leading whitespace with ':append'

2023-01-29 11:22:13 -05:00

recipes-irc

weechat: Define LIBDIR

2022-03-21 08:25:11 -07:00

recipes-kernel/wireguard

wireguard-tools: Add a new package for wg-quick

2022-09-15 08:23:14 -04:00

recipes-netkit

recipes: Use renamed SKIP_RECIPE varFlag

2022-02-21 18:12:04 -08:00

recipes-protocols

frr: Fix for multiple CVE's

2023-12-13 13:35:51 -05:00

recipes-support

openvpn: fix multiple CVEs

2024-06-27 11:21:22 -04:00

COPYING.MIT

meta-networking: add layer

2012-08-27 14:16:45 +02:00

MAINTAINERS

meta-openemnedded: Add myself as kirkstone maintainer

2022-04-23 17:14:31 -07:00

README

meta-openemnedded: Add myself as kirkstone maintainer

2022-04-23 17:14:31 -07:00

README

meta-networking
===============

This layer is intended to be a central point for networking-related
packages and configuration.  It should be useful directly on top of
oe-core and compliments meta-openembedded.  It should be primarily useful
to the following groups:

      - Anyone building a small networking device (eg. a home router /
        bridge / switch).

      - Anyone wanting to add network services to their device (eg.
        anything that might benefit from a small ftp/tftp server)

Dependencies
------------

This layer depends on:

URI: git://git.openembedded.org/openembedded-core
branch: kirkstone

For some recipes, the meta-oe layer is required:

URI: git://git.openembedded.org/meta-openembedded
subdirectory: meta-oe
branch: kirkstone

URI: git://git.openembedded.org/meta-openembedded
subdirectory: meta-python
branch: kirkstone

Maintenance
-----------
Layer maintainers: Armin Kuster <akuster808@gmail.com>


Please see the MAINTAINERS file for information on contacting the
maintainers of this layer, as well as instructions for submitting patches.