CVE Packages Update

Move libfastjson to the rsyslog directory

rsyslog 8.2002.0 -> 8.2206.0

add ntp4.2.8 recipe with fixed CVEs

update cryptsetup to 2.4.3

fix libxml2 CVE-2016-3709

curl 7.75.0 -> 7.86.0

strongswan 5.8.4 -> 5.9.8

libmodbus 3.1.6 -> 3.1.7

libesmtp 1.0.6 -> 1.1.0

cifs-utils 6.1 -> 7.0

update libtirpc to version 1.3.3

update rsync to version 3.2.5

Add zlib 1.2.13

upgrade gnutls to 3.7.8

upgrade openssh to 8.9p1

Add cmake 3.24.2 and cmake-native 3.24.2 to avoid loop dependecies building expat

Add expat 2.5.0 to fix CVE-2022-40674 and CVE-2022-43680

openvpn 2.4.9 -> 2.4.12

hostapd 2.9 -> 2.10

[GP-1837] mPower R.6.3.X (Fall'22): CVE Upgrade (after 2022-12-28)
Openssh 8.9p1 no longer needed, because all necessary CVE fixes, backports and whitelists are present for current Openssh 8.4p1. There are no new CVE's in report.

[GP-1837] mPower R.6.3.X (Fall'22): CVE Upgrade (after 2022-12-28)
Backported CVE patches for python3 component. Need to remove after upgrading Yocto to version more than 3.1.21.

[GP-1837] mPower R.6.3.X (Fall'22): CVE Upgrade (after 2022-12-28)
Backported CVE patch for sudo component.
Added 2 CVE's to whitelist for OpenVPN component.

1 files changed, 73 insertions, 0 deletions

diff --git a/recipes-core/libxml/libxml2/CVE-2021-3541.patch b/recipes-core/libxml/libxml2/CVE-2021-3541.patch
new file mode 100644
index 0000000..1f392b4
--- /dev/null
+++ b/recipes-core/libxml/libxml2/CVE-2021-3541.patch
@@ -0,0 +1,73 @@
+From 8598060bacada41a0eb09d95c97744ff4e428f8e Mon Sep 17 00:00:00 2001
+From: Daniel Veillard <veillard@redhat.com>
+Date: Thu, 13 May 2021 14:55:12 +0200
+Subject: [PATCH] Patch for security issue CVE-2021-3541
+
+This is relapted to parameter entities expansion and following
+the line of the billion laugh attack. Somehow in that path the
+counting of parameters was missed and the normal algorithm based
+on entities "density" was useless.
+
+Upstream-Status: Backport
+[https://gitlab.gnome.org/GNOME/libxml2/-/commit/8598060bacada41a0eb09d95c97744ff4e428f8e]
+CVE: CVE-2021-3541
+Signed-off-by: Steve Sakoman <steve@sakoman.com>
+
+---
+ parser.c | 26 ++++++++++++++++++++++++++
+ 1 file changed, 26 insertions(+)
+
+diff --git a/parser.c b/parser.c
+index f5e5e169..c9312fa4 100644
+--- a/parser.c
++++ b/parser.c
+@@ -140,6 +140,7 @@ xmlParserEntityCheck(xmlParserCtxtPtr ctxt, size_t size,
+                      xmlEntityPtr ent, size_t replacement)
+ {
+     size_t consumed = 0;
++    int i;
+ 
+     if ((ctxt == NULL) || (ctxt->options & XML_PARSE_HUGE))
+         return (0);
+@@ -177,6 +178,28 @@ xmlParserEntityCheck(xmlParserCtxtPtr ctxt, size_t size,
+ 	    rep = NULL;
+ 	}
+     }
++
++    /*
++     * Prevent entity exponential check, not just replacement while
++     * parsing the DTD
++     * The check is potentially costly so do that only once in a thousand
++     */
++    if ((ctxt->instate == XML_PARSER_DTD) && (ctxt->nbentities > 10000) &&
++        (ctxt->nbentities % 1024 == 0)) {
++	for (i = 0;i < ctxt->inputNr;i++) {
++	    consumed += ctxt->inputTab[i]->consumed +
++	               (ctxt->inputTab[i]->cur - ctxt->inputTab[i]->base);
++	}
++	if (ctxt->nbentities > consumed * XML_PARSER_NON_LINEAR) {
++	    xmlFatalErr(ctxt, XML_ERR_ENTITY_LOOP, NULL);
++	    ctxt->instate = XML_PARSER_EOF;
++	    return (1);
++	}
++	consumed = 0;
++    }
++
++
++
+     if (replacement != 0) {
+ 	if (replacement < XML_MAX_TEXT_LENGTH)
+ 	    return(0);
+@@ -7963,6 +7986,9 @@ xmlParsePEReference(xmlParserCtxtPtr ctxt)
+             xmlChar start[4];
+             xmlCharEncoding enc;
+ 
++	    if (xmlParserEntityCheck(ctxt, 0, entity, 0))
++	        return;
++
+ 	    if ((entity->etype == XML_EXTERNAL_PARAMETER_ENTITY) &&
+ 	        ((ctxt->options & XML_PARSE_NOENT) == 0) &&
+ 		((ctxt->options & XML_PARSE_DTDVALID) == 0) &&
+-- 
+GitLab
+