{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":105670819,"defaultBranch":"master","name":"meta-security","ownerLogin":"MontaVista-OpenSourceTechnology","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2017-10-03T15:48:46.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/25186007?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1727121451.0","currentOid":""},"activityList":{"items":[{"before":null,"after":"1c1f9c90d259714531c62c4e4cc5c16d61d03f16","ref":"refs/heads/scarthgap-cgx-240913124258","pushedAt":"2024-09-23T19:57:31.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"mv-jenkins","name":null,"path":"/mv-jenkins","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/39705943?s=80&v=4"},"commit":{"message":"tpm2-tss: upgrade 4.0.1 -> 4.0.2\n\nSource: meta-security\nMR: 161603, 150029\nType: Integration\nDisposition: Merged from meta-security-mailing-list\nChangeID: 57e3fda2bae0dd50b882664cd38d68eb98dabec4\nDescription:\n\nChangelog:\nhttps://github.com/tpm2-software/tpm2-tss/releases/tag/4.0.2\n\nIncludes Security fix:\nCVE-2024-29040\n\nSigned-off-by: Vijay Anusuri <vanusuri@mvista.com>\nSigned-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>","shortMessageHtmlLink":"tpm2-tss: upgrade 4.0.1 -&gt; 4.0.2"}},{"before":"f9946faf520ac304fa5c6f2acdfbe459e122c0eb","after":"84d9cd56991a646453c8817eeeb2f8556e36854e","ref":"refs/heads/master","pushedAt":"2024-09-22T17:00:41.000Z","pushType":"push","commitsCount":8,"pusher":{"login":"jpuhlman","name":"Jeremy Puhlman","path":"/jpuhlman","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/786636?s=80&v=4"},"commit":{"message":"Add styhead LAYERSERIES_COMPAT\n\noe-core has switched to styhead only.\nAdd layer compatibility to meta-parsec\nfor styhead.\n\nSigned-off-by: Anusmita Dutta Mazumder <anusmita.duttamazumder@linaro.org>\nSigned-off-by: Armin Kuster <akuster808@gmail.com>","shortMessageHtmlLink":"Add styhead LAYERSERIES_COMPAT"}},{"before":"d7f442ec9c485aa5900d8e1e9d2059d47aa09c7b","after":"491393f632945419d1b5759977385863c5f73069","ref":"refs/heads/dunfell","pushedAt":"2024-09-18T12:59:54.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"jpuhlman","name":"Jeremy Puhlman","path":"/jpuhlman","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/786636?s=80&v=4"},"commit":{"message":"clamav: Security fix for CVE-2024-20505 & CVE-2024-20506\n\nSource: https://github.com/Cisco-Talos/clamav\nMR: 162020, 162015\nType: Security Fix\nDisposition: Backport from https://github.com/Cisco-Talos/clamav/commit/c130a4dcf40754df22b9d6847bd0c47570ef99e7 & https://github.com/Cisco-Talos/clamav/commit/6d0496c1459c857c889659ef37d12aea30349478\nChangeID: 7d3a42a9c298b33fcc77a91624f8a537e4609622\nDescription:\n\nCVE-2024-20505\nFix possible out of bounds read in PDF parser\n\nCVE-2024-20506\nDisable following symlinks when opening log files\n\nSigned-off-by: Vijay Anusuri <vanusuri@mvista.com>\nSigned-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>","shortMessageHtmlLink":"clamav: Security fix for <a title=\"CVE-2024-20505\" data-hovercard-type=\"advisory\" data-hovercard-url=\"/advisories/GHSA-6qcx-p3rr-pfwf/hovercard\" href=\"https://github.com/advisories/GHSA-6qcx-p3rr-pfwf\">CVE-2024-20505</a> &amp; <a title=\"CVE-2024-20506\" data-hovercard-type=\"advisory\" data-hovercard-url=\"/advisories/GHSA-h5fr-q576-q7rv/hovercard\" href=\"https://github.com/advisories/GHSA-h5fr-q576-q7rv\">CVE-2024-20506</a>"}},{"before":"c21c8aba3c5bd0a025947ebbd96d8e0ebe9c04d0","after":"62bc1f978a13fe035aadfe99fb0eb6542b2d0372","ref":"refs/heads/rocko","pushedAt":"2024-09-18T10:33:32.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"jpuhlman","name":"Jeremy Puhlman","path":"/jpuhlman","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/786636?s=80&v=4"},"commit":{"message":"clamav: Security fix for CVE-2024-20506\n\nSource: https://github.com/Cisco-Talos/clamav\nMR: 162016\nType: Security Fix\nDisposition: Backport from https://github.com/Cisco-Talos/clamav/commit/6d0496c1459c857c889659ef37d12aea30349478\nChangeID: 00e8542c31e6c86c74ab543f27837d2059fbf3d1\nDescription:\n\nCVE-2024-20506\nDisable following symlinks when opening log files\n\nSigned-off-by: Vijay Anusuri <vanusuri@mvista.com>\nSigned-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>","shortMessageHtmlLink":"clamav: Security fix for <a title=\"CVE-2024-20506\" data-hovercard-type=\"advisory\" data-hovercard-url=\"/advisories/GHSA-h5fr-q576-q7rv/hovercard\" href=\"https://github.com/advisories/GHSA-h5fr-q576-q7rv\">CVE-2024-20506</a>"}},{"before":"594018f8a516a4c235087bc2ed3a487a45dd4f14","after":"84d9cd56991a646453c8817eeeb2f8556e36854e","ref":"refs/heads/master-next","pushedAt":"2024-09-15T17:01:26.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"jpuhlman","name":"Jeremy Puhlman","path":"/jpuhlman","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/786636?s=80&v=4"},"commit":{"message":"Add styhead LAYERSERIES_COMPAT\n\noe-core has switched to styhead only.\nAdd layer compatibility to meta-parsec\nfor styhead.\n\nSigned-off-by: Anusmita Dutta Mazumder <anusmita.duttamazumder@linaro.org>\nSigned-off-by: Armin Kuster <akuster808@gmail.com>","shortMessageHtmlLink":"Add styhead LAYERSERIES_COMPAT"}},{"before":"2d5aaeb70501953ce29641cdcb01857827510fe9","after":"459d837338ca230254baa2994f870bf6eb9d0139","ref":"refs/heads/scarthgap","pushedAt":"2024-09-11T17:01:56.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"jpuhlman","name":"Jeremy Puhlman","path":"/jpuhlman","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/786636?s=80&v=4"},"commit":{"message":"tpm2-tss: upgrade 4.0.1 -> 4.0.2\n\nChangelog:\nhttps://github.com/tpm2-software/tpm2-tss/releases/tag/4.0.2\n\nIncludes Security fix:\nCVE-2024-29040\n\nSigned-off-by: Vijay Anusuri <vanusuri@mvista.com>\nSigned-off-by: Armin Kuster <akuster808@gmail.com>","shortMessageHtmlLink":"tpm2-tss: upgrade 4.0.1 -&gt; 4.0.2"}},{"before":"9d43b4059bef17f14259fd3dd493c081fede17c9","after":"d7f442ec9c485aa5900d8e1e9d2059d47aa09c7b","ref":"refs/heads/dunfell","pushedAt":"2024-09-11T12:59:41.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"jpuhlman","name":"Jeremy Puhlman","path":"/jpuhlman","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/786636?s=80&v=4"},"commit":{"message":"clamav: Backport fix CVE-2024-20328\n\nSource: https://github.com/Cisco-Talos/clamav/commit/fe7638287bb11419474ea314652404e7e9b314b2\nMR: 132111\nType: Security Fix\nDisposition: Backport from https://github.com/Cisco-Talos/clamav/commit/fe7638287bb11419474ea314652404e7e9b314b2\nChangeID: 7bb7e3ad7bf2088261d4c933b1cb29b451a159f8\nDescription:\n\nClamD: Disable VirusEvent '%f' feature, use environment var\n instead\n\nThe '%f' filename format character has been disabled and will no longer\nbe replaced with the file name, due to command injection security concerns.\nUse the 'CLAM_VIRUSEVENT_FILENAME' environment variable instead.\n\nFor the same reason, you should NOT use the environment variables in the\ncommand directly, but should use it carefully from your executed script.\n\nUpstream-Status: Backport [https://github.com/Cisco-Talos/clamav/commit/fe7638287bb11419474ea314652404e7e9b314b2]\nCVE: CVE-2024-20328\nSigned-off-by: Vivek Kumbhar <vkumbhar@mvista.com>\nSigned-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>","shortMessageHtmlLink":"clamav: Backport fix <a title=\"CVE-2024-20328\" data-hovercard-type=\"advisory\" data-hovercard-url=\"/advisories/GHSA-vhq6-cjc8-x8v9/hovercard\" href=\"https://github.com/advisories/GHSA-vhq6-cjc8-x8v9\">CVE-2024-20328</a>"}},{"before":null,"after":"c21c8aba3c5bd0a025947ebbd96d8e0ebe9c04d0","ref":"refs/heads/rocko-240828103010","pushedAt":"2024-09-10T17:01:22.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"mv-jenkins","name":null,"path":"/mv-jenkins","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/39705943?s=80&v=4"},"commit":{"message":"sssd: CVE-2022-4254 libsss_certmap fails to sanitise certificate data used in LDAP filters\n\nSource: https://github.com/SSSD/sssd/\nMR: 124923\nType: Security Fix\nDisposition: Backport from https://github.com/SSSD/sssd/commit/1c40208aa1e0f9a17cc4f336c99bcaa6977592d3 & https://github.com/SSSD/sssd/commit/a2b9a84460429181f2a4fa7e2bb5ab49fd561274\nChangeID: 81bf959d422fe1f8f1b9e64847441c7f0397c7bc\nDescription:\n\n        Security fix for CVE-2022-4254\n\nSigned-off-by: Vijay Anusuri <vanusuri@mvista.com>\nSigned-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>","shortMessageHtmlLink":"sssd: <a title=\"CVE-2022-4254\" data-hovercard-type=\"advisory\" data-hovercard-url=\"/advisories/GHSA-x75f-4m4h-6374/hovercard\" href=\"https://github.com/advisories/GHSA-x75f-4m4h-6374\">CVE-2022-4254</a> libsss_certmap fails to sanitise certificate data…"}},{"before":null,"after":"c21c8aba3c5bd0a025947ebbd96d8e0ebe9c04d0","ref":"refs/heads/rocko-240829152050","pushedAt":"2024-09-10T16:47:20.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"mv-jenkins","name":null,"path":"/mv-jenkins","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/39705943?s=80&v=4"},"commit":{"message":"sssd: CVE-2022-4254 libsss_certmap fails to sanitise certificate data used in LDAP filters\n\nSource: https://github.com/SSSD/sssd/\nMR: 124923\nType: Security Fix\nDisposition: Backport from https://github.com/SSSD/sssd/commit/1c40208aa1e0f9a17cc4f336c99bcaa6977592d3 & https://github.com/SSSD/sssd/commit/a2b9a84460429181f2a4fa7e2bb5ab49fd561274\nChangeID: 81bf959d422fe1f8f1b9e64847441c7f0397c7bc\nDescription:\n\n        Security fix for CVE-2022-4254\n\nSigned-off-by: Vijay Anusuri <vanusuri@mvista.com>\nSigned-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>","shortMessageHtmlLink":"sssd: <a title=\"CVE-2022-4254\" data-hovercard-type=\"advisory\" data-hovercard-url=\"/advisories/GHSA-x75f-4m4h-6374/hovercard\" href=\"https://github.com/advisories/GHSA-x75f-4m4h-6374\">CVE-2022-4254</a> libsss_certmap fails to sanitise certificate data…"}},{"before":null,"after":"c21c8aba3c5bd0a025947ebbd96d8e0ebe9c04d0","ref":"refs/heads/rocko-240828162801","pushedAt":"2024-09-10T16:33:47.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"mv-jenkins","name":null,"path":"/mv-jenkins","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/39705943?s=80&v=4"},"commit":{"message":"sssd: CVE-2022-4254 libsss_certmap fails to sanitise certificate data used in LDAP filters\n\nSource: https://github.com/SSSD/sssd/\nMR: 124923\nType: Security Fix\nDisposition: Backport from https://github.com/SSSD/sssd/commit/1c40208aa1e0f9a17cc4f336c99bcaa6977592d3 & https://github.com/SSSD/sssd/commit/a2b9a84460429181f2a4fa7e2bb5ab49fd561274\nChangeID: 81bf959d422fe1f8f1b9e64847441c7f0397c7bc\nDescription:\n\n        Security fix for CVE-2022-4254\n\nSigned-off-by: Vijay Anusuri <vanusuri@mvista.com>\nSigned-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>","shortMessageHtmlLink":"sssd: <a title=\"CVE-2022-4254\" data-hovercard-type=\"advisory\" data-hovercard-url=\"/advisories/GHSA-x75f-4m4h-6374/hovercard\" href=\"https://github.com/advisories/GHSA-x75f-4m4h-6374\">CVE-2022-4254</a> libsss_certmap fails to sanitise certificate data…"}},{"before":null,"after":"c21c8aba3c5bd0a025947ebbd96d8e0ebe9c04d0","ref":"refs/heads/rocko-240829151526","pushedAt":"2024-09-10T16:21:13.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"mv-jenkins","name":null,"path":"/mv-jenkins","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/39705943?s=80&v=4"},"commit":{"message":"sssd: CVE-2022-4254 libsss_certmap fails to sanitise certificate data used in LDAP filters\n\nSource: https://github.com/SSSD/sssd/\nMR: 124923\nType: Security Fix\nDisposition: Backport from https://github.com/SSSD/sssd/commit/1c40208aa1e0f9a17cc4f336c99bcaa6977592d3 & https://github.com/SSSD/sssd/commit/a2b9a84460429181f2a4fa7e2bb5ab49fd561274\nChangeID: 81bf959d422fe1f8f1b9e64847441c7f0397c7bc\nDescription:\n\n        Security fix for CVE-2022-4254\n\nSigned-off-by: Vijay Anusuri <vanusuri@mvista.com>\nSigned-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>","shortMessageHtmlLink":"sssd: <a title=\"CVE-2022-4254\" data-hovercard-type=\"advisory\" data-hovercard-url=\"/advisories/GHSA-x75f-4m4h-6374/hovercard\" href=\"https://github.com/advisories/GHSA-x75f-4m4h-6374\">CVE-2022-4254</a> libsss_certmap fails to sanitise certificate data…"}},{"before":"83788ca34df7fb8956d807b8b91caa3d2c7596b5","after":"594018f8a516a4c235087bc2ed3a487a45dd4f14","ref":"refs/heads/master-next","pushedAt":"2024-09-10T05:01:12.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"jpuhlman","name":"Jeremy Puhlman","path":"/jpuhlman","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/786636?s=80&v=4"},"commit":{"message":"layer.conf: Update to styhead release name series\n\noe-core switched to styhead only in:\nhttps://git.openembedded.org/openembedded-core/commit/?h=styhead&id=b4cf6d5236a3eacaf56ca2f805b006efac65b26c\n\nSigned-off-by: Martin Jansa <martin.jansa@gmail.com>\nSigned-off-by: Armin Kuster <akuster808@gmail.com>","shortMessageHtmlLink":"layer.conf: Update to styhead release name series"}},{"before":"7e09f7b48db4b2e9971294a7f87cec7166ec2af4","after":"1c1f9c90d259714531c62c4e4cc5c16d61d03f16","ref":"refs/heads/scarthgap-cgx","pushedAt":"2024-08-30T16:53:54.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"jpuhlman","name":"Jeremy Puhlman","path":"/jpuhlman","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/786636?s=80&v=4"},"commit":{"message":"tpm2-tss: upgrade 4.0.1 -> 4.0.2\n\nSource: meta-security\nMR: 161603, 150029\nType: Integration\nDisposition: Merged from meta-security-mailing-list\nChangeID: 57e3fda2bae0dd50b882664cd38d68eb98dabec4\nDescription:\n\nChangelog:\nhttps://github.com/tpm2-software/tpm2-tss/releases/tag/4.0.2\n\nIncludes Security fix:\nCVE-2024-29040\n\nSigned-off-by: Vijay Anusuri <vanusuri@mvista.com>\nSigned-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>","shortMessageHtmlLink":"tpm2-tss: upgrade 4.0.1 -&gt; 4.0.2"}},{"before":"de1cc2ea7070977125f39dcd9ed1d34dd1ee8f51","after":"7e09f7b48db4b2e9971294a7f87cec7166ec2af4","ref":"refs/heads/scarthgap-cgx","pushedAt":"2024-08-28T22:43:52.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"jpuhlman","name":"Jeremy Puhlman","path":"/jpuhlman","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/786636?s=80&v=4"},"commit":{"message":"sssd: Fix CVE-2023-3758\n\nSource: meta-security\nMR: 161603, 139393\nType: Integration\nDisposition: Merged from meta-security-nut\nChangeID: 699c881347183dc3e8d532011eeadb91c84ff01f\nDescription:\n\nA race condition flaw was found in sssd where the GPO policy is\nnot consistently applied for authenticated users. This may lead\nto improper authorization issues, granting or denying access to\nresources inappropriately.\n\nReferences:\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-3758\n\nUpstream-patch:\nhttps://github.com/SSSD/sssd/commit/f4ebe1408e0bc67abfbfb5f0ca2ea13803b36726\n\nSigned-off-by: Hitendra Prajapati <hprajapati@mvista.com>\nSigned-off-by: Armin Kuster <akuster808@gmail.com>\nSigned-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>","shortMessageHtmlLink":"sssd: Fix <a title=\"CVE-2023-3758\" data-hovercard-type=\"advisory\" data-hovercard-url=\"/advisories/GHSA-7pwr-cfrc-px4f/hovercard\" href=\"https://github.com/advisories/GHSA-7pwr-cfrc-px4f\">CVE-2023-3758</a>"}},{"before":"11ea91192d43d7c2b0b95a93aa63ca7e73e38034","after":"de1cc2ea7070977125f39dcd9ed1d34dd1ee8f51","ref":"refs/heads/scarthgap-cgx","pushedAt":"2024-08-27T20:33:04.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"jpuhlman","name":"Jeremy Puhlman","path":"/jpuhlman","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/786636?s=80&v=4"},"commit":{"message":"tpm2-tools: Upgrade 5.5 -> 5.7\n\nSource: meta-security\nMR: 150044, 161603, 150047\nType: Security Fix\nDisposition: Merged from meta-security\nChangeID: 2d5aaeb70501953ce29641cdcb01857827510fe9\nDescription:\n\nInclude Security fixes:\nFixed CVE-2024-29038\nFixed CVE-2024-29039\n\nChangelog:\nhttps://github.com/tpm2-software/tpm2-tools/releases/tag/5.7\nhttps://github.com/tpm2-software/tpm2-tools/releases/tag/5.6\n\nSigned-off-by: Vijay Anusuri <vanusuri@mvista.com>\nSigned-off-by: Armin Kuster <akuster808@gmail.com>\nSigned-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>","shortMessageHtmlLink":"tpm2-tools: Upgrade 5.5 -&gt; 5.7"}},{"before":null,"after":"75d9b5c5af90fd55042af5da5a602070201b1dbe","ref":"refs/heads/kirkstone-cgx-240808125322","pushedAt":"2024-08-22T16:41:42.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"mv-jenkins","name":null,"path":"/mv-jenkins","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/39705943?s=80&v=4"},"commit":{"message":"sssd: Fix CVE-2023-3758\n\nSource: meta-security\nMR: 144255, 139393\nType: Security Fix\nDisposition: Merged from meta-security\nChangeID: 353078bc06c8b471736daab6ed193e30d533d1f1\nDescription:\n\nA race condition flaw was found in sssd where the GPO policy is\nnot consistently applied for authenticated users. This may lead\nto improper authorization issues, granting or denying access to\nresources inappropriately.\n\nReferences:\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-3758\n\nSigned-off-by: Soumya Sambu <soumya.sambu@windriver.com>\nSigned-off-by: Armin Kuster <akuster808@gmail.com>\nSigned-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>","shortMessageHtmlLink":"sssd: Fix <a title=\"CVE-2023-3758\" data-hovercard-type=\"advisory\" data-hovercard-url=\"/advisories/GHSA-7pwr-cfrc-px4f/hovercard\" href=\"https://github.com/advisories/GHSA-7pwr-cfrc-px4f\">CVE-2023-3758</a>"}},{"before":null,"after":"75d9b5c5af90fd55042af5da5a602070201b1dbe","ref":"refs/heads/kirkstone-cgx-240806142844","pushedAt":"2024-08-22T16:10:54.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"mv-jenkins","name":null,"path":"/mv-jenkins","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/39705943?s=80&v=4"},"commit":{"message":"sssd: Fix CVE-2023-3758\n\nSource: meta-security\nMR: 144255, 139393\nType: Security Fix\nDisposition: Merged from meta-security\nChangeID: 353078bc06c8b471736daab6ed193e30d533d1f1\nDescription:\n\nA race condition flaw was found in sssd where the GPO policy is\nnot consistently applied for authenticated users. This may lead\nto improper authorization issues, granting or denying access to\nresources inappropriately.\n\nReferences:\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-3758\n\nSigned-off-by: Soumya Sambu <soumya.sambu@windriver.com>\nSigned-off-by: Armin Kuster <akuster808@gmail.com>\nSigned-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>","shortMessageHtmlLink":"sssd: Fix <a title=\"CVE-2023-3758\" data-hovercard-type=\"advisory\" data-hovercard-url=\"/advisories/GHSA-7pwr-cfrc-px4f/hovercard\" href=\"https://github.com/advisories/GHSA-7pwr-cfrc-px4f\">CVE-2023-3758</a>"}},{"before":"fbcaf87ba55641a2389def34b0be6e6d5294cc51","after":"83788ca34df7fb8956d807b8b91caa3d2c7596b5","ref":"refs/heads/master-next","pushedAt":"2024-08-21T05:00:56.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"jpuhlman","name":"Jeremy Puhlman","path":"/jpuhlman","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/786636?s=80&v=4"},"commit":{"message":"scap-security-guide: upgrade 0.1.73 -> 0.1.74\n\nChangeLog:\nhttps://github.com/ComplianceAsCode/content/releases/tag/v0.1.74\n\nSigned-off-by: Yi Zhao <yi.zhao@windriver.com>\nSigned-off-by: Armin Kuster <akuster808@gmail.com>","shortMessageHtmlLink":"scap-security-guide: upgrade 0.1.73 -&gt; 0.1.74"}},{"before":"11ea91192d43d7c2b0b95a93aa63ca7e73e38034","after":"2d5aaeb70501953ce29641cdcb01857827510fe9","ref":"refs/heads/scarthgap","pushedAt":"2024-08-20T17:02:20.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"jpuhlman","name":"Jeremy Puhlman","path":"/jpuhlman","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/786636?s=80&v=4"},"commit":{"message":"tpm2-tools: Upgrade 5.5 -> 5.7\n\nInclude Security fixes:\nFixed CVE-2024-29038\nFixed CVE-2024-29039\n\nChangelog:\nhttps://github.com/tpm2-software/tpm2-tools/releases/tag/5.7\nhttps://github.com/tpm2-software/tpm2-tools/releases/tag/5.6\n\nSigned-off-by: Vijay Anusuri <vanusuri@mvista.com>\nSigned-off-by: Armin Kuster <akuster808@gmail.com>","shortMessageHtmlLink":"tpm2-tools: Upgrade 5.5 -&gt; 5.7"}},{"before":"bc1227d9b925add7472a290b5e8245f60957458f","after":"f9946faf520ac304fa5c6f2acdfbe459e122c0eb","ref":"refs/heads/master","pushedAt":"2024-08-19T17:00:35.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"jpuhlman","name":"Jeremy Puhlman","path":"/jpuhlman","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/786636?s=80&v=4"},"commit":{"message":"python3-tpm2-pyts: switch to PEP-517 build backend\n\nSigned-off-by: Armin Kuster <akuster808@gmail.com>","shortMessageHtmlLink":"python3-tpm2-pyts: switch to PEP-517 build backend"}},{"before":"2880814419b2e21c8dc7bb23d97b208d07e331ab","after":"fbcaf87ba55641a2389def34b0be6e6d5294cc51","ref":"refs/heads/master-next","pushedAt":"2024-08-11T05:01:13.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"jpuhlman","name":"Jeremy Puhlman","path":"/jpuhlman","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/786636?s=80&v=4"},"commit":{"message":"gitlab-ci: minor tweaks to try\n\nSigned-off-by: Armin Kuster <akuster808@gmail.com>","shortMessageHtmlLink":"gitlab-ci: minor tweaks to try"}},{"before":"c08a91e5e607806460854936ef622f6f78bb0f03","after":"bc1227d9b925add7472a290b5e8245f60957458f","ref":"refs/heads/master","pushedAt":"2024-08-08T05:00:27.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"jpuhlman","name":"Jeremy Puhlman","path":"/jpuhlman","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/786636?s=80&v=4"},"commit":{"message":"tpm2-tools: Upgrade 5.5 -> 5.7\n\nInclude Security fixes:\nFixed CVE-2024-29038\nFixed CVE-2024-29039\n\nChangelog:\nhttps://github.com/tpm2-software/tpm2-tools/releases/tag/5.7\nhttps://github.com/tpm2-software/tpm2-tools/releases/tag/5.6\n\nSigned-off-by: Vijay Anusuri <vanusuri@mvista.com>\nSigned-off-by: Armin Kuster <akuster808@gmail.com>","shortMessageHtmlLink":"tpm2-tools: Upgrade 5.5 -&gt; 5.7"}},{"before":"ee7f25ce4e0ec084c19dd4dc30a151d199c84d7d","after":"2880814419b2e21c8dc7bb23d97b208d07e331ab","ref":"refs/heads/master-next","pushedAt":"2024-08-06T17:01:09.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"jpuhlman","name":"Jeremy Puhlman","path":"/jpuhlman","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/786636?s=80&v=4"},"commit":{"message":"gitlab-ci: minor tweaks to try\n\nSigned-off-by: Armin Kuster <akuster808@gmail.com>","shortMessageHtmlLink":"gitlab-ci: minor tweaks to try"}},{"before":"2d80591ccddc0bd202716f1c549fb457df35dcf0","after":"9d43b4059bef17f14259fd3dd493c081fede17c9","ref":"refs/heads/dunfell","pushedAt":"2024-08-01T12:58:47.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"jpuhlman","name":"Jeremy Puhlman","path":"/jpuhlman","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/786636?s=80&v=4"},"commit":{"message":"suricata: Backport fix CVE-2024-37151\n\nSource: https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b\nMR: 152236\nType: Security Fix\nDisposition: Backport from https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b\nChangeID: b690809a07666ebff09db21b05c4a1fe54736917\nDescription:\n\ndefrag: don't use completed tracker\n\nWhen a Tracker is set up for a IPID, frags come in for it and it's\nreassembled and complete, the `DefragTracker::remove` flag is set. This\nis mean to tell the hash cleanup code to recyle the tracker and to let\nthe lookup code skip the tracker during lookup.\n\nA logic error lead to the following scenario:\n\n1. there are sufficient frag trackers to make sure the hash table is\n   filled with trackers\n2. frags for a Packet with IPID X are processed correctly (X1)\n3. frags for a new Packet that also has IPID X come in quickly after the\n   first (X2).\n4. during the lookup, the frag for X2 hashes to a hash row that holds\n   more than one tracker\n5. as the trackers in hash row are evaluated, it finds the tracker for\n   X1, but since the `remove` bit is not checked, it is returned as the\n   tracker for X2.\n6. reassembly fails, as the tracker is already complete\n\nThe logic error is that only for the first tracker in a row the `remove`\nbit was checked, leading to reuse to a closed tracker if there were more\ntrackers in the hash row.\n\nTicket: #7042.\n\nUpstream-Status: Backport [https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b]\nCVE: CVE-2024-37151\nSigned-off-by: Vivek Kumbhar <vkumbhar@mvista.com>\nSigned-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>","shortMessageHtmlLink":"suricata: Backport fix CVE-2024-37151"}},{"before":"db91051c6a01c105846594e935494f16ab651f45","after":"c08a91e5e607806460854936ef622f6f78bb0f03","ref":"refs/heads/master","pushedAt":"2024-08-01T05:00:31.000Z","pushType":"push","commitsCount":11,"pusher":{"login":"jpuhlman","name":"Jeremy Puhlman","path":"/jpuhlman","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/786636?s=80&v=4"},"commit":{"message":"harden-image-minima: Fix usermod\n\nSigned-off-by: Armin Kuster <akuster808@gmail.com>","shortMessageHtmlLink":"harden-image-minima: Fix usermod"}},{"before":"d879e00f8fbebe2a84ccb3007c65166a1c4d5a9d","after":"ee7f25ce4e0ec084c19dd4dc30a151d199c84d7d","ref":"refs/heads/master-next","pushedAt":"2024-07-30T05:01:33.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"jpuhlman","name":"Jeremy Puhlman","path":"/jpuhlman","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/786636?s=80&v=4"},"commit":{"message":"harden-image-minima: Fix usermod\n\nSigned-off-by: Armin Kuster <akuster808@gmail.com>","shortMessageHtmlLink":"harden-image-minima: Fix usermod"}},{"before":"61f2428158c9900d611237fc1f3741f26e9665f8","after":"db91051c6a01c105846594e935494f16ab651f45","ref":"refs/heads/master","pushedAt":"2024-07-30T05:00:32.000Z","pushType":"push","commitsCount":14,"pusher":{"login":"jpuhlman","name":"Jeremy Puhlman","path":"/jpuhlman","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/786636?s=80&v=4"},"commit":{"message":"chipsec: Fix QA Warnings\n\nERROR: chipsec-1.9.1-r0 do_package_qa: QA Issue: File /usr/lib/python3.12/site-packages/chipsec/helper/linux/chipsec.ko in package chipsec contains reference to TMPDIR [buildpaths]\nERROR: chipsec-1.9.1-r0 do_package_qa: QA Issue: File /usr/lib/python3.12/site-packages/chipsec/helper/linux/.debug/chipsec.ko in package chipsec-dbg contains reference to TMPDIR [buildpaths]\n\nSigned-off-by: Armin Kuster <akuster808@gmail.com>","shortMessageHtmlLink":"chipsec: Fix QA Warnings"}},{"before":"778a1c7ae80ca161d615d54fc55374bdc7f1b63b","after":"d879e00f8fbebe2a84ccb3007c65166a1c4d5a9d","ref":"refs/heads/master-next","pushedAt":"2024-07-29T17:01:36.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"jpuhlman","name":"Jeremy Puhlman","path":"/jpuhlman","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/786636?s=80&v=4"},"commit":{"message":"chipsec: Fix QA Warnings\n\nERROR: chipsec-1.9.1-r0 do_package_qa: QA Issue: File /usr/lib/python3.12/site-packages/chipsec/helper/linux/chipsec.ko in package chipsec contains reference to TMPDIR [buildpaths]\nERROR: chipsec-1.9.1-r0 do_package_qa: QA Issue: File /usr/lib/python3.12/site-packages/chipsec/helper/linux/.debug/chipsec.ko in package chipsec-dbg contains reference to TMPDIR [buildpaths]\n\nSigned-off-by: Armin Kuster <akuster808@gmail.com>","shortMessageHtmlLink":"chipsec: Fix QA Warnings"}},{"before":"dd1446872f72932df2b6079bb768cf8b0e3273a0","after":"778a1c7ae80ca161d615d54fc55374bdc7f1b63b","ref":"refs/heads/master-next","pushedAt":"2024-07-29T05:01:27.000Z","pushType":"push","commitsCount":9,"pusher":{"login":"jpuhlman","name":"Jeremy Puhlman","path":"/jpuhlman","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/786636?s=80&v=4"},"commit":{"message":"arpwatch: Fix compile error\n\n| ./dns.c:118:24: error: implicit declaration of function '_getshort'; did you mean '__putshort'? [-Wimplicit-function-declaration]\n\nupon others\n\nSigned-off-by: Armin Kuster <akuster808@gmail.com>","shortMessageHtmlLink":"arpwatch: Fix compile error"}},{"before":"76eef1f4335d46622f51484a61f3acfca5dfc6dc","after":"2d80591ccddc0bd202716f1c549fb457df35dcf0","ref":"refs/heads/dunfell","pushedAt":"2024-07-26T12:56:40.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"jpuhlman","name":"Jeremy Puhlman","path":"/jpuhlman","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/786636?s=80&v=4"},"commit":{"message":"tpm2-tools: Security fix for CVE-2024-29038\n\nSource: github.com\nMR: 150049\nType: Security Fix\nDisposition: Backport from https://github.com/tpm2-software/tpm2-tools/commit/66d922d6547b7b4fe4f274fb2ec10b376e0e259c\nChangeID: 9c0e278704da452f0d6bfb20c40680d9d242bd2c\nDescription:\n\n\tSecurity fix for CVE-2024-29038\n\t- tpm2-tools: arbitrary quote data may go undetected by tpm2_checkquote\n\nSigned-off-by: Rohini Sangam <rsangam@mvista.com>\nReviewed-by: Siddharth Doshi <sdoshi@mvista.com>\nReviewed-by: Jeremy Puhlman <jpuhlman@mvista.com>\nSigned-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>","shortMessageHtmlLink":"tpm2-tools: Security fix for CVE-2024-29038"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"startCursor":"Y3Vyc29yOnYyOpK7MjAyNC0wOS0yM1QxOTo1NzozMS4wMDAwMDBazwAAAAS-YwHj","endCursor":"Y3Vyc29yOnYyOpK7MjAyNC0wNy0yNlQxMjo1Njo0MC4wMDAwMDBazwAAAASKCYKN"}},"title":"Activity · MontaVista-OpenSourceTechnology/meta-security"}