From 2eaa3fd064097eb221b56d5df0e7136ba705a0cd Mon Sep 17 00:00:00 2001
From: Andrii Davydenko <andrii.davydenko@globallogic.com>
Date: Wed, 14 Dec 2022 12:08:42 +0200
Subject: CVE Packages Update

Move libfastjson to the rsyslog directory

rsyslog 8.2002.0 -> 8.2206.0

add ntp4.2.8 recipe with fixed CVEs

update cryptsetup to 2.4.3

fix libxml2 CVE-2016-3709

curl 7.75.0 -> 7.86.0

strongswan 5.8.4 -> 5.9.8

libmodbus 3.1.6 -> 3.1.7

libesmtp 1.0.6 -> 1.1.0

cifs-utils 6.1 -> 7.0

update libtirpc to version 1.3.3

update rsync to version 3.2.5

Add zlib 1.2.13

upgrade gnutls to 3.7.8

upgrade openssh to 8.9p1

Add cmake 3.24.2 and cmake-native 3.24.2 to avoid loop dependecies building expat

Add expat 2.5.0 to fix CVE-2022-40674 and CVE-2022-43680

openvpn 2.4.9 -> 2.4.12

hostapd 2.9 -> 2.10

[GP-1837] mPower R.6.3.X (Fall'22): CVE Upgrade (after 2022-12-28)
Openssh 8.9p1 no longer needed, because all necessary CVE fixes, backports and whitelists are present for current Openssh 8.4p1. There are no new CVE's in report.

[GP-1837] mPower R.6.3.X (Fall'22): CVE Upgrade (after 2022-12-28)
Backported CVE patches for python3 component. Need to remove after upgrading Yocto to version more than 3.1.21.

[GP-1837] mPower R.6.3.X (Fall'22): CVE Upgrade (after 2022-12-28)
Backported CVE patch for sudo component.
Added 2 CVE's to whitelist for OpenVPN component.
---
 recipes-extended/libtirpc/libtirpc_1.3.3.bb | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 recipes-extended/libtirpc/libtirpc_1.3.3.bb

(limited to 'recipes-extended/libtirpc')

diff --git a/recipes-extended/libtirpc/libtirpc_1.3.3.bb b/recipes-extended/libtirpc/libtirpc_1.3.3.bb
new file mode 100644
index 0000000..8c6c207
--- /dev/null
+++ b/recipes-extended/libtirpc/libtirpc_1.3.3.bb
@@ -0,0 +1,28 @@
+SUMMARY = "Transport-Independent RPC library"
+DESCRIPTION = "Libtirpc is a port of Suns Transport-Independent RPC library to Linux"
+SECTION = "libs/network"
+HOMEPAGE = "http://sourceforge.net/projects/libtirpc/"
+BUGTRACKER = "http://sourceforge.net/tracker/?group_id=183075&atid=903784"
+LICENSE = "BSD-3-Clause"
+LIC_FILES_CHKSUM = "file://COPYING;md5=f835cce8852481e4b2bbbdd23b5e47f3 \
+                    file://src/netname.c;beginline=1;endline=27;md5=f8a8cd2cb25ac5aa16767364fb0e3c24"
+
+PROVIDES = "virtual/librpc"
+
+SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BP}.tar.bz2"
+UPSTREAM_CHECK_URI = "https://sourceforge.net/projects/libtirpc/files/libtirpc/"
+UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)/"
+SRC_URI[sha256sum] = "6474e98851d9f6f33871957ddee9714fdcd9d8a5ee9abb5a98d63ea2e60e12f3"
+
+# Was fixed in 1.3.3rc1 so not present in 1.3.3
+CVE_CHECK_IGNORE += "CVE-2021-46828"
+
+inherit autotools pkgconfig
+
+EXTRA_OECONF = "--disable-gssapi"
+
+do_install:append() {
+	chown root:root ${D}${sysconfdir}/netconfig
+}
+
+BBCLASSEXTEND = "native nativesdk"
-- 
cgit v1.2.3