* [OE-core][dunfell 00/18] Pull request (cover letter only)
@ 2021-07-08 0:23 Steve Sakoman
0 siblings, 0 replies; 6+ messages in thread
From: Steve Sakoman @ 2021-07-08 0:23 UTC (permalink / raw)
To: openembedded-core
The following changes since commit 9423ad8f0f42d249c2fcb1b86ec9abb75854f011:
python3-ptest: add newly discovered missing rdeps (2021-06-28 05:01:39 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
Alexander Kanavin (2):
python3: apply test skipping patch unconditionally
selftest: do not hardcode /tmp/sdk
Bruce Ashfield (4):
linux-yocto/5.4: update to v5.4.124
linux-yocto/5.4: update to v5.4.125
linux-yocto/5.4: update to v5.4.128
linux-yocto/5.4: update to v5.4.129
Florian Amstutz (1):
devtool: deploy-target: Fix preserving attributes when using --strip
Michael Ho (1):
sstate.bbclass: fix errors about read-only sstate mirrors
Minjae Kim (2):
rpm: fix CVE-2021-3421
gstreamer-plugins-base: fix CVE-2021-3522
Richard Purdie (7):
kernel: Fix interaction when packaging disabled
kernel-devicetree: Fix interaction when packaging disabled
perf: Use python3targetconfig to ensure we use target libraries
package_pkgdata: Avoid task hash mismatches for generic task changes
oeqa/selftest/runcmd: Tweal test timeouts
sstate/staging: Handle directory creation race issue
oeqa/selftest/archiver: Allow tests to ignore empty directories
Tim Orling (1):
python3: skip tests requiring tools-sdk
meta/classes/kernel-devicetree.bbclass | 11 +-
meta/classes/kernel.bbclass | 2 +
meta/classes/package_pkgdata.bbclass | 2 +-
meta/classes/sstate.bbclass | 16 +-
meta/classes/staging.bbclass | 6 +-
meta/lib/oeqa/selftest/cases/archiver.py | 16 +-
meta/lib/oeqa/selftest/cases/runcmd.py | 4 +-
meta/lib/oeqa/selftest/cases/runtime_test.py | 28 ++-
...pes.test_find-skip-without-tools-sdk.patch | 33 +++
.../recipes-devtools/python/python3_3.8.10.bb | 1 +
.../rpm/files/CVE-2021-3421.patch | 197 ++++++++++++++++++
meta/recipes-devtools/rpm/rpm_4.14.2.1.bb | 1 +
.../linux/linux-yocto-rt_5.4.bb | 6 +-
.../linux/linux-yocto-tiny_5.4.bb | 8 +-
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +-
meta/recipes-kernel/perf/perf.bb | 2 +-
.../CVE-2021-3522.patch | 36 ++++
.../gstreamer1.0-plugins-base_1.16.3.bb | 1 +
scripts/lib/devtool/deploy.py | 2 +-
19 files changed, 337 insertions(+), 57 deletions(-)
create mode 100644 meta/recipes-devtools/python/python3/0001-test_ctypes.test_find-skip-without-tools-sdk.patch
create mode 100644 meta/recipes-devtools/rpm/files/CVE-2021-3421.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/CVE-2021-3522.patch
--
2.25.1
^ permalink raw reply [flat|nested] 6+ messages in thread
* [OE-core][dunfell 00/18] Pull request (cover letter only)
@ 2023-01-04 14:34 Steve Sakoman
0 siblings, 0 replies; 6+ messages in thread
From: Steve Sakoman @ 2023-01-04 14:34 UTC (permalink / raw)
To: openembedded-core
The following changes since commit cc8ec63310f9a936371ea1070cb257c926808755:
oeqa/selftest/tinfoil: Add test for separate config_data with recipe_parse_file() (2022-12-14 16:34:29 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
Alexander Kanavin (1):
tzdata: update 2022d -> 2022g
Bruce Ashfield (4):
linux-yocto/5.4: update to v5.4.221
linux-yocto/5.4: update to v5.4.224
linux-yocto/5.4: update to v5.4.225
linux-yocto/5.4: update to v5.4.228
Chen Qi (1):
bc: extend to nativesdk
Hitendra Prajapati (1):
grub2: CVE-2022-28735 shim_lock verifier allows non-kernel files to be
loaded
Jagadeesh Krishnanjanappa (1):
qemuboot.bbclass: make sure runqemu boots bundled initramfs kernel
image
Joshua Watt (1):
sudo: Use specific BSD license variant
Minjae Kim (1):
ppp: fix CVE-2022-4603
Peter Marko (1):
externalsrc: fix lookup for .gitmodules
Quentin Schulz (1):
cairo: update patch for CVE-2019-6461 with upstream solution
Robert Andersson (1):
go-crosssdk: avoid host contamination by GOCACHE
Ross Burton (1):
lib/buildstats: fix parsing of trees with reduced_proc_pressure
directories
Vivek Kumbhar (4):
go: fix CVE-2022-41717 Excessive memory use in got server
rsync: fix CVE-2022-29154 remote arbitrary files write inside the
directories of connecting peers
libx11: fix CVE-2022-3555 memory leak in _XFreeX11XCBStructure() of
xcb_disp.c
qemu: fix CVE-2021-3507 fdc heap buffer overflow in DMA read data
transfers
meta/classes/externalsrc.bbclass | 2 +-
meta/classes/qemuboot.bbclass | 3 +-
.../grub/files/CVE-2022-28735.patch | 271 ++++++++++++++
meta/recipes-bsp/grub/grub2.inc | 1 +
.../ppp/ppp/CVE-2022-4603.patch | 50 +++
meta/recipes-connectivity/ppp/ppp_2.4.7.bb | 1 +
meta/recipes-devtools/go/go-1.14.inc | 1 +
.../go/go-1.14/CVE-2022-41717.patch | 75 ++++
meta/recipes-devtools/go/go-crosssdk.inc | 2 +
meta/recipes-devtools/qemu/qemu.inc | 1 +
.../qemu/qemu/CVE-2021-3507.patch | 87 +++++
.../rsync/files/CVE-2022-29154.patch | 334 ++++++++++++++++++
meta/recipes-devtools/rsync/rsync_3.1.3.bb | 1 +
meta/recipes-extended/bc/bc_1.07.1.bb | 2 +-
meta/recipes-extended/sudo/sudo.inc | 2 +-
meta/recipes-extended/timezone/timezone.inc | 7 +-
.../cairo/cairo/CVE-2019-6461.patch | 35 +-
.../xorg-lib/libx11/CVE-2022-3555.patch | 38 ++
.../recipes-graphics/xorg-lib/libx11_1.6.9.bb | 1 +
.../linux/linux-yocto-rt_5.4.bb | 6 +-
.../linux/linux-yocto-tiny_5.4.bb | 8 +-
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +-
scripts/lib/buildstats.py | 4 +-
23 files changed, 919 insertions(+), 35 deletions(-)
create mode 100644 meta/recipes-bsp/grub/files/CVE-2022-28735.patch
create mode 100644 meta/recipes-connectivity/ppp/ppp/CVE-2022-4603.patch
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-41717.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3507.patch
create mode 100644 meta/recipes-devtools/rsync/files/CVE-2022-29154.patch
create mode 100644 meta/recipes-graphics/xorg-lib/libx11/CVE-2022-3555.patch
--
2.25.1
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [OE-core] [dunfell 00/18] Pull request (cover letter only)
2022-08-29 6:19 ` [dunfell " virendra thakur
@ 2022-08-29 14:03 ` Steve Sakoman
0 siblings, 0 replies; 6+ messages in thread
From: Steve Sakoman @ 2022-08-29 14:03 UTC (permalink / raw)
To: virendra thakur; +Cc: openembedded-core
On Sun, Aug 28, 2022 at 8:19 PM virendra thakur
<thakur.virendra1810@gmail.com> wrote:
>
> When we are planning to integrate this change
This pull request was completed back in March!
Steve
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#170007): https://lists.openembedded.org/g/openembedded-core/message/170007
> Mute This Topic: https://lists.openembedded.org/mt/89650554/3620601
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [steve@sakoman.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* [OE-core][dunfell 00/18] Pull request (cover letter only)
@ 2022-03-08 23:10 Steve Sakoman
2022-08-29 6:19 ` [dunfell " virendra thakur
0 siblings, 1 reply; 6+ messages in thread
From: Steve Sakoman @ 2022-03-08 23:10 UTC (permalink / raw)
To: openembedded-core
The following changes since commit 79ce9059f716546a7d6f4562ba194aedd90c22cd:
grub: add a fix for a crash in scripts (2022-02-23 05:00:42 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
Jose Quaresma (1):
buildhistory.bbclass: create the buildhistory directory when needed
Marek Vasut (1):
bootchart2: Add missing python3-math dependency
Michael Halstead (1):
uninative: Upgrade to 3.5
Minjae Kim (2):
go: fix CVE-2022-23806
go: fix CVE-2022-23772
Nathan Rossi (1):
cml1.bbclass: Handle ncurses-native being available via pkg-config
Richard Purdie (2):
libxml-parser-perl: Add missing RDEPENDS
uninative: Add version to uninative tarball name
Ross Burton (3):
coreutils: remove obsolete ignored CVE list
cve-check: get_cve_info should open the database read-only
Revert "cve-check: add lockfile to task"
Steve Sakoman (5):
expat: fix CVE-2022-25235
expat: fix CVE-2022-25236
expat: fix CVE-2022-25313
expat: fix CVE-2022-25314
expat: fix CVE-2022-25315
Virendra Thakur (1):
libarchive: Fix for CVE-2021-36976
wangmy (1):
wireless-regdb: upgrade 2021.08.28 -> 2022.02.18
meta/classes/buildhistory.bbclass | 1 +
meta/classes/cml1.bbclass | 8 +
meta/classes/cve-check.bbclass | 4 +-
meta/classes/uninative.bbclass | 2 +-
meta/conf/distro/include/yocto-uninative.inc | 11 +-
meta/recipes-core/coreutils/coreutils_8.31.bb | 3 -
.../expat/expat/CVE-2022-25235.patch | 283 +++++++++++++++
.../expat/expat/CVE-2022-25236.patch | 129 +++++++
.../expat/CVE-2022-25313-regression.patch | 131 +++++++
.../expat/expat/CVE-2022-25313.patch | 230 +++++++++++++
.../expat/expat/CVE-2022-25314.patch | 32 ++
.../expat/expat/CVE-2022-25315.patch | 145 ++++++++
meta/recipes-core/expat/expat_2.2.9.bb | 6 +
.../bootchart2/bootchart2_0.14.9.bb | 2 +-
meta/recipes-devtools/go/go-1.14.inc | 2 +
.../go/go-1.14/CVE-2022-23772.patch | 50 +++
.../go/go-1.14/CVE-2022-23806.patch | 142 ++++++++
.../perl/libxml-parser-perl_2.46.bb | 1 +
.../libarchive/CVE-2021-36976-1.patch | 321 ++++++++++++++++++
.../libarchive/CVE-2021-36976-2.patch | 121 +++++++
.../libarchive/CVE-2021-36976-3.patch | 93 +++++
.../libarchive/libarchive_3.4.2.bb | 6 +-
....08.28.bb => wireless-regdb_2022.02.18.bb} | 2 +-
23 files changed, 1711 insertions(+), 14 deletions(-)
create mode 100644 meta/recipes-core/expat/expat/CVE-2022-25235.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2022-25236.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2022-25313-regression.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2022-25313.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2022-25314.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2022-25315.patch
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-23772.patch
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-23806.patch
create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2021-36976-1.patch
create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2021-36976-2.patch
create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2021-36976-3.patch
rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2021.08.28.bb => wireless-regdb_2022.02.18.bb} (94%)
--
2.25.1
^ permalink raw reply [flat|nested] 6+ messages in thread
* [OE-core][dunfell 00/18] Pull request (cover letter only)
@ 2021-01-21 18:42 Steve Sakoman
0 siblings, 0 replies; 6+ messages in thread
From: Steve Sakoman @ 2021-01-21 18:42 UTC (permalink / raw)
To: openembedded-core
The following changes since commit 72431ee8de5e3a53d259cebf420a7713ac9e1f14:
mobile-broadband-provider-info: upgrade 20190618 ->20201225 (2021-01-08 03:57:37 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
Adrian Herrera (1):
scripts: oe-run-native, fix *-native directories
Andrey Mozzhuhin (1):
toolchain-shar-extract.sh: Handle special characters in script path
Armin Kuster (2):
xorg: Security fix for CVE-2020-14345
glibc: Security fix for CVE-2020-29573
Bruce Ashfield (1):
linux-yocto/5.4: update to v5.4.87
Chris Laplante (1):
systemd.bbclass: improve error message when a service unit specified
in SYSTEMD_SERVICE is not found
Joshua Watt (1):
classes/waf: Add build and install arguments
Lee Chee Yang (1):
curl: fix CVE-2020-8231/8284/8285/8286
Mans Rullgard (1):
boost: drop arm-intrinsics.patch
Marek Vasut (2):
meta: toolchain-shar-relocate.sh: Do not use $target_sdk_dir as regex
meta: toolchain-shar-relocate.sh: Filter out post-relocate-setup
script
Michael Ho (1):
license_image.bbclass: fix missing recipeinfo on self
Mikko Rapeli (1):
zip: whitelist CVE-2018-13410 and CVE-2018-13684
Robert Joslyn (1):
ppp: Whitelist CVE-2020-15704
Ross Burton (1):
waf: don't assume the waf intepretter is good
Scott Murray (1):
glibc: CVE-2019-25013
Thomas Perrot (1):
go.bbclass: don't stage test data with sources of dependencies
Tomasz Dziendzielski (1):
lib/oe/utils: Return empty string in parallel_make
meta/classes/go.bbclass | 3 +-
meta/classes/license_image.bbclass | 3 +-
meta/classes/systemd.bbclass | 3 +-
meta/classes/waf.bbclass | 18 +-
meta/files/toolchain-shar-extract.sh | 12 +-
meta/files/toolchain-shar-relocate.sh | 5 +-
meta/lib/oe/utils.py | 2 +-
meta/recipes-connectivity/ppp/ppp_2.4.7.bb | 4 +
.../glibc/glibc/CVE-2019-25013.patch | 135 ++
.../glibc/glibc/CVE-2020-29573.patch | 128 ++
meta/recipes-core/glibc/glibc_2.31.bb | 2 +
meta/recipes-extended/zip/zip_3.0.bb | 6 +
.../xserver-xorg/CVE-2020-14345.patch | 182 +++
.../xorg-xserver/xserver-xorg_1.20.8.bb | 1 +
.../linux/linux-yocto-rt_5.4.bb | 6 +-
.../linux/linux-yocto-tiny_5.4.bb | 8 +-
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +-
.../boost/boost/arm-intrinsics.patch | 55 -
meta/recipes-support/boost/boost_1.72.0.bb | 2 +-
.../curl/curl/CVE-2020-8231.patch | 1092 +++++++++++++++++
.../curl/curl/CVE-2020-8284.patch | 209 ++++
.../curl/curl/CVE-2020-8285.patch | 260 ++++
.../curl/curl/CVE-2020-8286.patch | 133 ++
meta/recipes-support/curl/curl_7.69.1.bb | 4 +
scripts/oe-run-native | 2 +-
25 files changed, 2207 insertions(+), 90 deletions(-)
create mode 100644 meta/recipes-core/glibc/glibc/CVE-2019-25013.patch
create mode 100644 meta/recipes-core/glibc/glibc/CVE-2020-29573.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14345.patch
delete mode 100644 meta/recipes-support/boost/boost/arm-intrinsics.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2020-8231.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2020-8284.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2020-8285.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2020-8286.patch
--
2.25.1
^ permalink raw reply [flat|nested] 6+ messages in thread
* [OE-core][dunfell 00/18] Pull request (cover letter only)
@ 2020-09-10 14:17 Steve Sakoman
0 siblings, 0 replies; 6+ messages in thread
From: Steve Sakoman @ 2020-09-10 14:17 UTC (permalink / raw)
To: openembedded-core
The following changes since commit 0d4d0df6084cce3c3d9051db88f3199a030d3352:
linux-firmware: update 20200721 -> 20200817 (2020-09-01 05:45:54 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
Anibal Limon (1):
recipes-kernel: linux-firmware add qcom-venus-{5.2,5.4} packages
Bruce Ashfield (1):
kernel-yocto: checksum all modifications to available kernel fragments
directories
Joshua Watt (1):
oeqa: sdk: Capture stderr output
Khem Raj (3):
json-c: Fix CVE-2020-12762
util-linux: Allow update alternatives for additional apps
json-glib: Backport a build fix with clang
Martin Jansa (1):
devtool: expand SRC_URI when guessing recipe update mode
Michael Tretter (1):
devtool: deploy-target: Fix size calculation for hard links
Nicolas Dechesne (1):
linux-libc-headers: kernel headers are installed in
STAGING_KERNEL_BUILDDIR
Rasmus Villemoes (1):
cml1: Move find_cfgs() helper to cml1.bbclass
Richard Purdie (1):
selftest/prservice: Improve test failure message
Ross Burton (2):
package.bbclass: explode the RPROVIDES so we don't think the versions
are provides
insane: improve gnu-hash-style warning
Steve Sakoman (1):
sanity.conf: update BB_MIN_VERSION to 1.46.0
Sumit Garg (1):
insane: fix gnu-hash-style check
Vijai Kumar K (1):
wic: misc: Add /bin to the list of searchpaths
Yann Dirson (1):
package: get_package_mapping: avoid dependency mapping if renamed
package provides original name
hongxu (1):
sysstat: fix installed-vs-shipped QA Issue in systemd
meta/classes/cml1.bbclass | 10 +
meta/classes/insane.bbclass | 5 +-
meta/classes/kernel-yocto.bbclass | 16 ++
meta/classes/package.bbclass | 18 +-
meta/conf/sanity.conf | 2 +-
meta/lib/oeqa/sdk/case.py | 2 +-
meta/lib/oeqa/sdk/cases/assimp.py | 2 +-
meta/lib/oeqa/sdk/cases/buildcpio.py | 2 +-
meta/lib/oeqa/sdk/cases/buildepoxy.py | 2 +-
meta/lib/oeqa/sdk/cases/buildgalculator.py | 2 +-
meta/lib/oeqa/sdk/cases/buildlzip.py | 2 +-
meta/lib/oeqa/selftest/cases/prservice.py | 4 +-
meta/recipes-bsp/u-boot/u-boot.inc | 10 -
meta/recipes-core/busybox/busybox.inc | 10 -
meta/recipes-core/util-linux/util-linux.inc | 3 +
.../json-c/json-c/CVE-2020-12762.patch | 231 ++++++++++++++++++
meta/recipes-devtools/json-c/json-c_0.13.1.bb | 1 +
meta/recipes-extended/sysstat/sysstat.inc | 2 +-
...o-instead-of-cast-to-convert-pointer.patch | 33 +++
.../json-glib/json-glib_1.4.4.bb | 4 +-
.../linux-firmware/linux-firmware_20200817.bb | 6 +-
.../linux-libc-headers/linux-libc-headers.inc | 2 +-
scripts/lib/devtool/deploy.py | 8 +-
scripts/lib/devtool/standard.py | 2 +-
scripts/lib/wic/misc.py | 5 +-
25 files changed, 341 insertions(+), 43 deletions(-)
create mode 100644 meta/recipes-devtools/json-c/json-c/CVE-2020-12762.patch
create mode 100644 meta/recipes-gnome/json-glib/json-glib/0001-scanner-use-macro-instead-of-cast-to-convert-pointer.patch
--
2.17.1
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2023-01-04 14:34 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-07-08 0:23 [OE-core][dunfell 00/18] Pull request (cover letter only) Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2023-01-04 14:34 Steve Sakoman
2022-03-08 23:10 Steve Sakoman
2022-08-29 6:19 ` [dunfell " virendra thakur
2022-08-29 14:03 ` [OE-core] " Steve Sakoman
2021-01-21 18:42 [OE-core][dunfell " Steve Sakoman
2020-09-10 14:17 Steve Sakoman
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.