Home
last modified time | relevance | path

Searched refs:CVE (Results 1 – 25 of 564) sorted by relevance

12345678910>>...23

/OK3568_Linux_fs/yocto/poky/meta/conf/distro/include/
H A Dcve-extra-exclusions.inc1 # This file contains a list of CVE's where resolution has proven to be impractical
7 # Include this file in your local.conf or distro.conf to exclude these CVE's
14 # We may also include "in-flight" information about current/ongoing CVE work with
19 # strace https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0006
20 # CVE is more than 20 years old with no resolution evident
21 # broken links in CVE database references make resolution impractical
22 CVE_CHECK_IGNORE += "CVE-2000-0006"
24 # epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0238
29 # problem. Ignore this CVE as there isn't any mitigation or fix or way to progress this further
31 CVE_CHECK_IGNORE += "CVE-2005-0238"
[all …]
/OK3568_Linux_fs/yocto/poky/meta/recipes-support/curl/
H A Dcurl_7.82.0.bb13 file://CVE-2022-22576.patch \
14 file://CVE-2022-27775.patch \
15 file://CVE-2022-27776.patch \
16 file://CVE-2022-27774-1.patch \
17 file://CVE-2022-27774-2.patch \
18 file://CVE-2022-27774-3.patch \
19 file://CVE-2022-27774-4.patch \
20 file://CVE-2022-30115.patch \
21 file://CVE-2022-27780.patch \
22 file://CVE-2022-27781.patch \
[all …]
/OK3568_Linux_fs/buildroot/package/unzip/
H A Dunzip.mk17 CVE-2014-8139 \
18 CVE-2014-8140 \
19 CVE-2014-8141 \
20 CVE-2014-9636 \
21 CVE-2014-9913 \
22 CVE-2015-7696 \
23 CVE-2015-7697 \
24 CVE-2016-9844 \
25 CVE-2018-18384 \
26 CVE-2018-1000035 \
[all …]
/OK3568_Linux_fs/yocto/poky/meta/recipes-devtools/binutils/
H A Dbinutils-2.38.inc35 file://0014-CVE-2019-1010204.patch \
36 file://0015-CVE-2022-38533.patch \
37 file://0016-CVE-2022-38126.patch \
38 file://0017-CVE-2022-38127-1.patch \
39 file://0017-CVE-2022-38127-2.patch \
40 file://0017-CVE-2022-38127-3.patch \
41 file://0017-CVE-2022-38127-4.patch \
42 file://0018-CVE-2022-38128-1.patch \
43 file://0018-CVE-2022-38128-2.patch \
44 file://0018-CVE-2022-38128-3.patch \
[all …]
/OK3568_Linux_fs/buildroot/package/sox/
H A Dsox.mk20 SOX_IGNORE_CVES += CVE-2017-11332 CVE-2017-11358 CVE-2017-11359 \
21 CVE-2017-15370 CVE-2017-15371 CVE-2017-15372 CVE-2017-15642 \
22 CVE-2017-18189 CVE-2019-8354 CVE-2019-8355 CVE-2019-8356 \
23 CVE-2019-8357 CVE-2019-13590
/OK3568_Linux_fs/buildroot/boot/grub2/
H A Dgrub2.mk28 GRUB2_IGNORE_CVES += CVE-2020-10713
30 GRUB2_IGNORE_CVES += CVE-2020-14308
32 GRUB2_IGNORE_CVES += CVE-2020-14309 CVE-2020-14310 CVE-2020-14311
34 GRUB2_IGNORE_CVES += CVE-2020-15706
36 GRUB2_IGNORE_CVES += CVE-2020-15707
38 GRUB2_IGNORE_CVES += CVE-2020-25632 CVE-2020-25647 CVE-2020-27749 \
39 CVE-2020-27779 CVE-2021-3418 CVE-2021-20225 CVE-2021-20233
41 GRUB2_IGNORE_CVES += CVE-2020-14372
45 GRUB2_IGNORE_CVES += CVE-2019-14865
51 GRUB2_IGNORE_CVES += CVE-2020-15705
/OK3568_Linux_fs/yocto/meta-openembedded/meta-networking/recipes-netkit/netkit-rsh/netkit-rsh/
H A DCVE-2019-7282-and-CVE-2019-7283.patch4 Subject: [PATCH] Fix CVE-2019-7282 and CVE-2019-7283
6 Description: Fix CVE-2018-20685 and CVE-2019-6111
11 [https://sources.debian.org/src/netkit-rsh/0.17-20/debian/patches/fix-CVE-2018-20685-and-CVE-2019-6…
13 CVE: CVE-2019-7282 CVE-2019-7283
/OK3568_Linux_fs/yocto/meta-openembedded/meta-networking/recipes-support/ntp/
H A Dntp_4.2.8p15.bb31 # CVE-2016-9312 is only for windows.
32 # CVE-2019-11331 is inherent to RFC 5905 and cannot be fixed without breaking compatibility
36 CVE-2016-9312 \
37 CVE-2015-5146 \
38 CVE-2015-5300 \
39 CVE-2015-7975 \
40 CVE-2015-7976 \
41 CVE-2015-7977 \
42 CVE-2015-7978 \
43 CVE-2015-7979 \
[all …]
/OK3568_Linux_fs/yocto/poky/meta/recipes-extended/unzip/
H A Dunzip_6.0.bb18 file://CVE-2015-7696.patch \
19 file://CVE-2015-7697.patch \
24 file://0001-unzip-fix-CVE-2018-1000035.patch \
25 file://CVE-2018-18384.patch \
26 file://CVE-2019-13232_p1.patch \
27 file://CVE-2019-13232_p2.patch \
28 file://CVE-2019-13232_p3.patch \
31 file://CVE-2021-4217.patch \
32 file://CVE-2022-0529.patch \
33 file://CVE-2022-0530.patch \
[all …]
/OK3568_Linux_fs/yocto/poky/meta/recipes-multimedia/libtiff/
H A Dtiff_4.3.0.bb22 file://CVE-2022-1354.patch \
23 file://CVE-2022-1355.patch \
24 file://CVE-2022-34526.patch \
25 file://CVE-2022-2869.patch \
26 file://CVE-2022-2867.patch \
29 file://CVE-2022-2953.patch \
30 file://CVE-2022-3970.patch \
35 file://CVE-2022-48281.patch \
36 file://CVE-2023-0800_0801_0802_0803_0804.patch \
44 # Tested with check from https://security-tracker.debian.org/tracker/CVE-2015-7313
[all …]
/OK3568_Linux_fs/yocto/meta-openembedded/meta-oe/recipes-graphics/libsdl/
H A Dlibsdl_1.2.15.bb21 file://CVE-2019-7577.patch \
22 file://CVE-2019-7574.patch \
23 file://CVE-2019-7572.patch \
24 file://CVE-2019-7578.patch \
25 file://CVE-2019-7575.patch \
26 file://CVE-2019-7635.patch \
27 file://CVE-2019-7637.patch \
28 file://CVE-2019-7638.patch \
29 file://CVE-2019-7576.patch \
30 file://CVE-2019-13616.patch \
[all …]
/OK3568_Linux_fs/yocto/meta-openembedded/meta-oe/recipes-support/exiv2/
H A Dexiv2_0.27.3.bb13 file://CVE-2021-29457.patch \
14 file://CVE-2021-29458.patch \
15 file://CVE-2021-29463.patch \
16 file://CVE-2021-29464.patch \
17 file://CVE-2021-29470.patch \
18 file://CVE-2021-29473.patch \
19 file://CVE-2021-3482.patch"
/OK3568_Linux_fs/yocto/poky/meta/recipes-bsp/grub/
H A Dgrub2.inc23 file://CVE-2021-3981-grub-mkconfig-Restore-umask-for-the-grub.cfg.patch \
26 file://CVE-2021-3695-video-readers-png-Drop-greyscale-support-to-fix-heap.patch \
27 file://CVE-2021-3696-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff.patch \
30 file://CVE-2021-3697-video-readers-jpeg-Block-int-underflow-wild-pointer.patch \
31 file://CVE-2022-28733-net-ip-Do-IP-fragment-maths-safely.patch \
32 file://CVE-2022-28734-net-http-Fix-OOB-write-for-split-http-headers.patch \
33 file://CVE-2022-28734-net-http-Error-out-on-headers-with-LF-without-CR.patch \
34 file://CVE-2022-28735-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch \
36 file://CVE-2022-2601.patch \
37 file://CVE-2022-3775.patch \
[all …]
/OK3568_Linux_fs/buildroot/package/patch/
H A Dpatch.mk15 PATCH_IGNORE_CVES += CVE-2018-6951
18 PATCH_IGNORE_CVES += CVE-2018-1000156
21 PATCH_IGNORE_CVES += CVE-2018-20969 CVE-2019-13638
24 PATCH_IGNORE_CVES += CVE-2019-13636
/OK3568_Linux_fs/yocto/poky/meta/classes/
H A Dcve-check.bbclass8 # CVE found and generate a file in the recipe WORKDIR/cve
23 # The product name that the CVE database uses defaults to BPN, but may need to
64 # Skip CVE Check for packages (PN)
67 # Ingore the check for a given list of CVEs. If a CVE is found,
69 # space separated CVE values:
71 # CVE_CHECK_IGNORE = 'CVE-2014-2524 CVE-2018-1234'
90 bb.note("Generating JSON CVE summary")
124 bb.plain("Complete CVE report summary created at: %s" % cvefile_link)
130 bb.plain("Complete CVE JSON report summary created at: %s" % json_summary_link_name)
153 bb.note("No CVE database found, skipping CVE check")
[all …]
/OK3568_Linux_fs/yocto/poky/meta/recipes-devtools/go/
H A Dgo-1.17.13.inc19 file://CVE-2022-27664.patch \
21 file://CVE-2022-41715.patch \
22 file://CVE-2022-41717.patch \
23 file://CVE-2022-2879.patch \
24 file://CVE-2022-41720.patch \
25 file://CVE-2022-41723.patch \
32 CVE_CHECK_IGNORE += "CVE-2021-29923"
/OK3568_Linux_fs/yocto/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/
H A DCVE-2019-7576.patch8 CVE-2019-7573, CVE-2019-7576: Fix buffer overreads in InitMS_ADPCM
12 CVE-2019-7573
14 CVE-2019-7576
19 CVE: CVE-2019-7573
20 CVE: CVE-2019-7576
/OK3568_Linux_fs/yocto/meta-openembedded/meta-oe/recipes-shells/zsh/zsh/
H A DCVE-2021-45444_3.patch4 Subject: [PATCH 3/9] CVE-2021-45444: Update NEWS/README
6 https://salsa.debian.org/debian/zsh/-/blob/debian/5.8-6+deb11u1/debian/patches/cherry-pick-CVE-2021…
8 CVE: CVE-2021-45444
23 + * CVE-2021-45444: NEWS, README: Document preceding two changes
26 Etc/CVE-2021-45444-VCS_Info-workaround.patch: Add patch which
39 +CVE-2021-45444: Some prompt expansion sequences, such as %F, support
52 +'Etc/CVE-2021-45444 VCS_Info workaround.patch' included with the shell
H A DCVE-2021-45444_2.patch5 work around CVE-2021-45444 in VCS_Info
10 https://salsa.debian.org/debian/zsh/-/blob/debian/5.8-6+deb11u1/debian/patches/cherry-pick-CVE-2021…
12 CVE: CVE-2021-45444
16 Etc/CVE-2021-45444-VCS_Info-workaround.patch | 98 ++++++++++++++++++++
18 create mode 100644 Etc/CVE-2021-45444-VCS_Info-workaround.patch
28 + Etc/CVE-2021-45444-VCS_Info-workaround.patch: Add patch which
35 diff --git a/Etc/CVE-2021-45444-VCS_Info-workaround.patch b/Etc/CVE-2021-45444-VCS_Info-workaround.…
39 +++ b/Etc/CVE-2021-45444-VCS_Info-workaround.patch
44 +Subject: [PATCH] security/89: Partially work around CVE-2021-45444 in VCS_Info
49 +This patch is a partial, VCS_Info-specific work-around for CVE-2021-45444,
[all …]
/OK3568_Linux_fs/yocto/poky/meta/recipes-core/glibc/
H A Dglibc_2.35.bb4 CVE_CHECK_IGNORE += "CVE-2020-10029 CVE-2021-27645"
6 # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010022
7 # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010023
8 # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010024
11 CVE_CHECK_IGNORE += "CVE-2019-1010022 CVE-2019-1010023 CVE-2019-1010024"
13 # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010025
17 CVE_CHECK_IGNORE += "CVE-2019-1010025"
53 file://CVE-2023-0687.patch \
/OK3568_Linux_fs/yocto/meta-openembedded/meta-oe/recipes-multimedia/libid3tag/libid3tag/
H A D10_utf16.patch1 libid3tag: patch for CVE-2004-2779
8 CVE: CVE-2004-2779
9 CVE: CVE-2017-11551
/OK3568_Linux_fs/yocto/poky/meta/recipes-devtools/qemu/
H A Dqemu.inc35 file://CVE-2021-4206.patch \
36 file://CVE-2021-4207.patch \
37 file://CVE-2022-35414.patch \
38 file://CVE-2021-3929.patch \
39 file://CVE-2021-4158.patch \
40 file://CVE-2022-0358.patch \
41 file://CVE-2022-0216_1.patch \
42 file://CVE-2022-0216_2.patch \
43 file://CVE-2021-3750-1.patch \
44 file://CVE-2021-3750-2.patch \
[all …]
/OK3568_Linux_fs/yocto/poky/meta/recipes-support/sqlite/
H A Dsqlite3_3.38.5.bb8 file://CVE-2022-46908.patch \
13 CVE_CHECK_IGNORE += "CVE-2019-19242"
15 CVE_CHECK_IGNORE += "CVE-2015-3717"
17 CVE_CHECK_IGNORE += "CVE-2021-36690"
/OK3568_Linux_fs/yocto/meta-openembedded/meta-oe/recipes-core/emlog/
H A Demlog_git.bb33 CVE-2019-16868 \
34 CVE-2019-17073 \
35 CVE-2021-44584 \
36 CVE-2022-1526 \
/OK3568_Linux_fs/yocto/poky/meta/recipes-core/meta/
H A Dcve-update-db-native.bb1 SUMMARY = "Updates the NVD CVE database"
16 # CVE database update interval, in seconds. By default: once a day (24*60*60).
53 bb.note("CVE database update skipped")
71 bb.note("CVE database update failed")
132 cve_f.write('Warning: CVE db update error, Unable to fetch CVE data.\n\n')
133 bb.warn("Failed to fetch CVE data (%s)" % e)
146 bb.warn("Cannot parse CVE metadata, update failed")
157 conn.execute("delete from PRODUCTS where ID like ?", ('CVE-%d%%' % year,)).close()
166 cve_f.write('Warning: CVE db update error, CVE data is outdated.\n\n')
167 bb.warn("Cannot parse CVE data (%s), update failed" % e.reason)
[all …]

12345678910>>...23