An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c. Signed-off-by: Archana Polampalli <a

From: Jermain Horsman <jermain.horsman@...> Autoconf no longer generates libtool with a host alias prefix, this causes do_compile to fail as it is unable to find libtool without the prefix. Since the

From: Jermain Horsman <jermain.horsman@...> Autoconf no longer generates libtool with a host alias prefix, this causes do_configure to fail as it is unable to copy the prefixed libtool since it no lon

From: Jermain Horsman <jermain.horsman@...> Building javasqlite fails with a QA error due to LIC_FILES_CHKSUM being incorrect. This checksum was changed when the LICENSE value was updated. However, ne

c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns the

c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns the

From: Narpat Mali <narpat.mali@...> Werkzeug is a comprehensive WSGI web application library. Browsers may allow "nameless" cookies that look like `=value` instead of `key=value`. A vulnerable browser

From: Vijay Anusuri <vanusuri@...> Upstream-Status: Backport [https://github.com/pyca/cryptography/commit/9fbf84efc861668755ab645530ec7be9cf3c6696] Signed-off-by: Vijay Anusuri <vanusuri@...> --- .../

mpich 4.1+ has its own official way to allow cross-compiling, use it. Remove the old PACKAGECONFIG[x11], the configuration option does not exist anymore. Add PACKAGECONFIG knobs to allow building the

From: Vijay Anusuri <vanusuri@...> Upstream-Status: Backport [https://git.openembedded.org/meta-openembedded-contrib/commit/?h=stable/kirkstone-nut&id=092e125f44f65427d42db95db3779daf4893d10f & https:

Latest version of grpc fails to build nativesdk variant since it finds and tries to execute protoc binary from nativesdk-protobuf instead of protobuf-native. Shortcut the detection logic by pointing t

From: Xiangyu Chen <xiangyu.chen@...> pahole need to line up with kernel's architectures bitsize, so add it to NON_MULTILIB_RECIPES. Signed-off-by: Xiangyu Chen <xiangyu.chen@...> --- meta-oe/conf/lay

This is a new PEP517 compatible build class for python modules that use pyproject.toml and this: [build-system] build-backend = 'mesonpy' The new class uses python3-meson-python-native. Signed-off-by:

This python module adds support for a new PEP517 build backend used by recent versions of scikit-image, scipy and others. Signed-off-by: Zoltán Böszörményi <zboszor@...> --- .../python/python3-meson-p

This is a new PEP517 compatible build class for python modules that use pyproject.toml and this: [build-system] build-backend = 'mesonpy' The new class uses python3-meson-python-native. Signed-off-by:

Signed-off-by: Beniamin Sandu <beniaminsandu@...> --- meta-oe/recipes-bsp/lm_sensors/lmsensors_3.6.0.bb | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/meta-oe/recipes-bsp/lm_se

Fix below CVE: 1)CVE-2023-32067 c-ares: 0-byte UDP payload Denial of Service. 2)CVE-2023-31130 c-ares: Buffer Underwrite in ares_inet_net_pton(). Signed-off-by: Vivek Kumbhar <vkumbhar@...> --- .../c-

As per gnulib_2018-03-07 recipe information, SRCREV = "0d6e3307bbdb8df4d56043d5f373eeeffe4cbef3" This revision was committed on "2018-12-18". There is a discrepancy between SRCREV and the recipe versi

As per gnulib_2018-03-07 recipe information, SRCREV = "0d6e3307bbdb8df4d56043d5f373eeeffe4cbef3" This revision was committed on "2018-12-18". There is a discrepancy between SRCREV and the recipe versi

Backport fixes for: * CVE-2023-2858 - Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/cb190d6839ddcd4596b0205844f45553f1e77105 * CVE-2023-2879 - Upstream-Status: Backpor