openembedded-core@lists.openembedded.org | [kirkstone][dunfell] CVE-2023-25193 fix request

Home Messages Hashtags Subgroups

Date Date 1 - 4 of 4

[kirkstone][dunfell] CVE-2023-25193 fix request

DC #178308 Hi Team, We are working on CVE-2023-25193 for kirkstone and dunfell branch as it is causing errors in our applications. There have been previous threads pointing to the issues that backporting is difficult due to code changes and new files being added and there are no second thoughts for the same. Could you please suggest how can we proceed to fix it ? Version updates is out of scope due to various internal reasons. If anyone can help, it would be great help. Thanks, DC
More All Messages By This Member
Polampalli, Archana #178309 Hi, One of my team member has worked on it and she will submit patch to upstream kirkstone in one or two days. Regards, Archana toggle quoted message Show quoted text From: openembedded-core@... <openembedded-core@...> on behalf of DC via lists.openembedded.org <davidcorbe=outlook.com@...> Sent: Friday, March 10, 2023 12:59 PM To: openembedded-core@... <openembedded-core@...> Subject: [OE-core] [kirkstone][dunfell] CVE-2023-25193 fix request CAUTION: This email comes from a non Wind River email account! Do not click links or open attachments unless you recognize the sender and know the content is safe. Hi Team, We are working on CVE-2023-25193 for kirkstone and dunfell branch as it is causing errors in our applications. There have been previous threads pointing to the issues that backporting is difficult due to code changes and new files being added and there are no second thoughts for the same. Could you please suggest how can we proceed to fix it ? Version updates is out of scope due to various internal reasons. If anyone can help, it would be great help. Thanks, DC
More All Messages By This Member
Siddharth #178312 The Backport was a bit tricky but i feel its done. I have submitted for kirkstone branch and the all the tests passed on my end. Will be submitting it for dunfell soon too. Let me know incase if the problem still persists. If it passes, i am happy to help :) Regards, Siddharth
More All Messages By This Member
DC #178965 Siddharth and Steve , a little late but thank-you for the patch. we were in the process of rigorous testing and it has passed with submitted patches on all 3 branches and our applications are running smoothly even on corner cases which were vulnerable due to the CVE. Regards, DC
More All Messages By This Member

1 - 4 of 4

1

Previous Topic Next Topic

Home Hashtags Subgroups Terms