* [PATCH 00/26] thud patch review @ 2019-03-19 2:36 Armin Kuster 2019-03-19 8:55 ` Martin Jansa 2019-03-19 9:05 ` Vincent Prince 0 siblings, 2 replies; 11+ messages in thread From: Armin Kuster @ 2019-03-19 2:36 UTC (permalink / raw) To: openembedded-core Responses should be made by Wed March 20th 22:00:00 UTC 2019 The following changes since commit f5a57e939e626a5b7c6de5b51799ca602ed355ed: mesa: ship /etc/drirc in mesa-megadriver (2019-03-05 22:24:13 +0000) are available in the git repository at: git://git.yoctoproject.org/poky-contrib stable/thud-next http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=stable/thud-next Alexander Kanavin (1): ca-certificates: upgrade 20180409 -> 20190110 André Draszik (1): systemd: RDEPENDS on util-linux-umount Changqing Li (1): libsndfile1: Security fix CVE-2018-19432 Chen Qi (1): target-sdk-provides-dummy: add more perl modules to avoid populate_sdk failure Douglas Royds (1): libpam: libpamc is licensed under its own BSD-style licence George McCollister (1): systemd: fix CVE-2019-6454 Jonathan Rajotte-Julien (3): lttng-ust: update to 2.10.3 lttng-modules: update to 2.10.9 lttng-tools: update to 2.9.11 Mark Hatle (10): gitsm.py: Fix when a submodule is defined, but not initialized gitsm.py: Add support for alternative URL formats from submodule files tests/fetch.py: Add alternative gitsm test case gitsm.py: Optimize code and attempt to resolve locking issue gitsm.py: revise unpack gitsm.py: Rework the shallow fetcher and test case gitsm.py: Refactor the functions and simplify the class gitsm.py: Fix relative URLs gitsmy.py: Fix unpack of submodules of submodules gitsm: The fetcher did not process some recursive submodules properly. Ming Liu (1): rm_work: sort the value of do_build dependencies Oleksandr Kravchuk (1): target-sdk-provides-dummy: add perl-module-overload Richard Purdie (3): target-sdk-provides-dummy: Extend to -dev and -src packages systemd: Update recent CVE patches kernel: Ensure an initramfs is added if configured Robert Yang (1): send-error-report: Add --no-ssl to use http protocol Ross Burton (1): libpng: fix CVE-2019-7317 bitbake/lib/bb/fetch2/gitsm.py | 253 +++++++++------------ bitbake/lib/bb/tests/fetch.py | 70 +++++- meta/classes/kernel.bbclass | 4 +- meta/classes/rm_work.bbclass | 3 +- .../recipes-core/meta/target-sdk-provides-dummy.bb | 14 ++ ...-not-store-the-iovec-entry-for-process-co.patch | 6 +- ...ld-set-a-limit-on-the-number-of-fields-1k.patch | 56 ----- ...nald-set-a-limit-on-the-number-of-fields.patch} | 93 ++++++-- ...nal-fix-out-of-bounds-read-CVE-2018-16866.patch | 49 ++++ .../0027-journal-fix-syslog_parse_identifier.patch | 77 ------- ...not-remove-multiple-spaces-after-identifi.patch | 84 ------- .../systemd/systemd/CVE-2019-6454.patch | 210 +++++++++++++++++ ...e-receive-an-invalid-dbus-message-ignore-.patch | 61 +++++ meta/recipes-core/systemd/systemd_239.bb | 10 +- meta/recipes-extended/pam/libpam_1.3.0.bb | 4 +- ...ose-sk-wmem-in-sock_exceed_buf_limit-trac.patch | 67 ------ ...g-modules_2.10.7.bb => lttng-modules_2.10.9.bb} | 5 +- ...ow-multiple-attempts-to-connect-to-relayd.patch | 17 +- ...{lttng-tools_2.9.5.bb => lttng-tools_2.9.11.bb} | 4 +- .../{lttng-ust_2.10.1.bb => lttng-ust_2.10.3.bb} | 4 +- .../libpng/libpng/CVE-2019-7317.patch | 20 ++ meta/recipes-multimedia/libpng/libpng_1.6.36.bb | 3 +- .../libsndfile/libsndfile1/CVE-2018-19432.patch | 115 ++++++++++ .../libsndfile/libsndfile1_1.0.28.bb | 1 + ...tes_20180409.bb => ca-certificates_20190110.bb} | 2 +- scripts/send-error-report | 11 +- 26 files changed, 758 insertions(+), 485 deletions(-) delete mode 100644 meta/recipes-core/systemd/systemd/0025-journald-set-a-limit-on-the-number-of-fields-1k.patch rename meta/recipes-core/systemd/systemd/{0026-journal-remote-set-a-limit-on-the-number-of-fields-i.patch => 0025-journald-set-a-limit-on-the-number-of-fields.patch} (47%) create mode 100644 meta/recipes-core/systemd/systemd/0026-journal-fix-out-of-bounds-read-CVE-2018-16866.patch delete mode 100644 meta/recipes-core/systemd/systemd/0027-journal-fix-syslog_parse_identifier.patch delete mode 100644 meta/recipes-core/systemd/systemd/0028-journal-do-not-remove-multiple-spaces-after-identifi.patch create mode 100644 meta/recipes-core/systemd/systemd/CVE-2019-6454.patch create mode 100644 meta/recipes-core/systemd/systemd/sd-bus-if-we-receive-an-invalid-dbus-message-ignore-.patch delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0001-Fix-net-expose-sk-wmem-in-sock_exceed_buf_limit-trac.patch rename meta/recipes-kernel/lttng/{lttng-modules_2.10.7.bb => lttng-modules_2.10.9.bb} (85%) rename meta/recipes-kernel/lttng/{lttng-tools_2.9.5.bb => lttng-tools_2.9.11.bb} (97%) rename meta/recipes-kernel/lttng/{lttng-ust_2.10.1.bb => lttng-ust_2.10.3.bb} (90%) create mode 100644 meta/recipes-multimedia/libpng/libpng/CVE-2019-7317.patch create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-19432.patch rename meta/recipes-support/ca-certificates/{ca-certificates_20180409.bb => ca-certificates_20190110.bb} (98%) -- 2.7.4 ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH 00/26] thud patch review 2019-03-19 2:36 [PATCH 00/26] thud patch review Armin Kuster @ 2019-03-19 8:55 ` Martin Jansa 2019-03-19 10:22 ` Alexander Kanavin 2019-03-19 14:52 ` akuster808 2019-03-19 9:05 ` Vincent Prince 1 sibling, 2 replies; 11+ messages in thread From: Martin Jansa @ 2019-03-19 8:55 UTC (permalink / raw) To: Armin Kuster; +Cc: openembedded-core [-- Attachment #1: Type: text/plain, Size: 864 bytes --] On Mon, Mar 18, 2019 at 07:36:29PM -0700, Armin Kuster wrote: > Responses should be made by Wed March 20th 22:00:00 UTC 2019 > > The following changes since commit f5a57e939e626a5b7c6de5b51799ca602ed355ed: > > mesa: ship /etc/drirc in mesa-megadriver (2019-03-05 22:24:13 +0000) > > are available in the git repository at: > > git://git.yoctoproject.org/poky-contrib stable/thud-next > http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=stable/thud-next > > Alexander Kanavin (1): > ca-certificates: upgrade 20180409 -> 20190110 This depends on openssl >= 1.1.1 since: https://salsa.debian.org/debian/ca-certificates/commit/d5e425c8405448e5034d1e16ca52be6a10cb3334 some people might not use new openssl with thud. More detail in: http://lists.openembedded.org/pipermail/openembedded-core/2019-March/280234.html Cheers, [-- Attachment #2: Digital signature --] [-- Type: application/pgp-signature, Size: 201 bytes --] ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH 00/26] thud patch review 2019-03-19 8:55 ` Martin Jansa @ 2019-03-19 10:22 ` Alexander Kanavin 2019-03-19 10:40 ` Martin Jansa 2019-03-19 14:52 ` akuster808 1 sibling, 1 reply; 11+ messages in thread From: Alexander Kanavin @ 2019-03-19 10:22 UTC (permalink / raw) To: Martin Jansa; +Cc: openembedded-core The commit you refer to changes the dependency from 1.1.0 to 1.1.1, so ca-certificates currently in thud already needs 1.1. Alex > On 19 Mar 2019, at 9.55, Martin Jansa <martin.jansa@gmail.com> wrote: > >> On Mon, Mar 18, 2019 at 07:36:29PM -0700, Armin Kuster wrote: >> Responses should be made by Wed March 20th 22:00:00 UTC 2019 >> >> The following changes since commit f5a57e939e626a5b7c6de5b51799ca602ed355ed: >> >> mesa: ship /etc/drirc in mesa-megadriver (2019-03-05 22:24:13 +0000) >> >> are available in the git repository at: >> >> git://git.yoctoproject.org/poky-contrib stable/thud-next >> http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=stable/thud-next >> >> Alexander Kanavin (1): >> ca-certificates: upgrade 20180409 -> 20190110 > > This depends on openssl >= 1.1.1 since: > https://salsa.debian.org/debian/ca-certificates/commit/d5e425c8405448e5034d1e16ca52be6a10cb3334 > some people might not use new openssl with thud. > > More detail in: > http://lists.openembedded.org/pipermail/openembedded-core/2019-March/280234.html > > Cheers, > -- > _______________________________________________ > Openembedded-core mailing list > Openembedded-core@lists.openembedded.org > http://lists.openembedded.org/mailman/listinfo/openembedded-core ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH 00/26] thud patch review 2019-03-19 10:22 ` Alexander Kanavin @ 2019-03-19 10:40 ` Martin Jansa 2019-03-19 11:35 ` Alexander Kanavin 0 siblings, 1 reply; 11+ messages in thread From: Martin Jansa @ 2019-03-19 10:40 UTC (permalink / raw) To: Alexander Kanavin; +Cc: openembedded-core [-- Attachment #1: Type: text/plain, Size: 1486 bytes --] On Tue, Mar 19, 2019 at 11:22:11AM +0100, Alexander Kanavin wrote: > The commit you refer to changes the dependency from 1.1.0 to 1.1.1, so ca-certificates currently in thud already needs 1.1. > > Alex > > > On 19 Mar 2019, at 9.55, Martin Jansa <martin.jansa@gmail.com> wrote: > > > >> On Mon, Mar 18, 2019 at 07:36:29PM -0700, Armin Kuster wrote: > >> Responses should be made by Wed March 20th 22:00:00 UTC 2019 > >> > >> The following changes since commit f5a57e939e626a5b7c6de5b51799ca602ed355ed: > >> > >> mesa: ship /etc/drirc in mesa-megadriver (2019-03-05 22:24:13 +0000) > >> > >> are available in the git repository at: > >> > >> git://git.yoctoproject.org/poky-contrib stable/thud-next > >> http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=stable/thud-next > >> > >> Alexander Kanavin (1): > >> ca-certificates: upgrade 20180409 -> 20190110 > > > > This depends on openssl >= 1.1.1 since: > > https://salsa.debian.org/debian/ca-certificates/commit/d5e425c8405448e5034d1e16ca52be6a10cb3334 > > some people might not use new openssl with thud. > > > > More detail in: > > http://lists.openembedded.org/pipermail/openembedded-core/2019-March/280234.html hmm right https://salsa.debian.org/debian/ca-certificates/commit/1bc87e0b41a04551a93d4e784e158b044c18792a was already included in 20180409, another thing to work around when upgrading to thud. Cheers, -- Martin 'JaMa' Jansa jabber: Martin.Jansa@gmail.com [-- Attachment #2: Digital signature --] [-- Type: application/pgp-signature, Size: 201 bytes --] ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH 00/26] thud patch review 2019-03-19 10:40 ` Martin Jansa @ 2019-03-19 11:35 ` Alexander Kanavin 2019-03-19 13:55 ` Martin Jansa 0 siblings, 1 reply; 11+ messages in thread From: Alexander Kanavin @ 2019-03-19 11:35 UTC (permalink / raw) To: Martin Jansa; +Cc: openembedded-core Just to remind once more, all upstream support for OpenSSL 1.0.2 ceases in 9 months, so shipping products with it may not be the best idea. Alex > On 19 Mar 2019, at 11.40, Martin Jansa <martin.jansa@gmail.com> wrote: > >> On Tue, Mar 19, 2019 at 11:22:11AM +0100, Alexander Kanavin wrote: >> The commit you refer to changes the dependency from 1.1.0 to 1.1.1, so ca-certificates currently in thud already needs 1.1. >> >> Alex >> >>>> On 19 Mar 2019, at 9.55, Martin Jansa <martin.jansa@gmail.com> wrote: >>>> >>>> On Mon, Mar 18, 2019 at 07:36:29PM -0700, Armin Kuster wrote: >>>> Responses should be made by Wed March 20th 22:00:00 UTC 2019 >>>> >>>> The following changes since commit f5a57e939e626a5b7c6de5b51799ca602ed355ed: >>>> >>>> mesa: ship /etc/drirc in mesa-megadriver (2019-03-05 22:24:13 +0000) >>>> >>>> are available in the git repository at: >>>> >>>> git://git.yoctoproject.org/poky-contrib stable/thud-next >>>> http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=stable/thud-next >>>> >>>> Alexander Kanavin (1): >>>> ca-certificates: upgrade 20180409 -> 20190110 >>> >>> This depends on openssl >= 1.1.1 since: >>> https://salsa.debian.org/debian/ca-certificates/commit/d5e425c8405448e5034d1e16ca52be6a10cb3334 >>> some people might not use new openssl with thud. >>> >>> More detail in: >>> http://lists.openembedded.org/pipermail/openembedded-core/2019-March/280234.html > > hmm right > https://salsa.debian.org/debian/ca-certificates/commit/1bc87e0b41a04551a93d4e784e158b044c18792a > was already included in 20180409, another thing to work around when > upgrading to thud. > > Cheers, > > -- > Martin 'JaMa' Jansa jabber: Martin.Jansa@gmail.com ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH 00/26] thud patch review 2019-03-19 11:35 ` Alexander Kanavin @ 2019-03-19 13:55 ` Martin Jansa 2019-03-19 16:31 ` Alexander Kanavin 0 siblings, 1 reply; 11+ messages in thread From: Martin Jansa @ 2019-03-19 13:55 UTC (permalink / raw) To: Alexander Kanavin; +Cc: openembedded-core [-- Attachment #1: Type: text/plain, Size: 998 bytes --] On Tue, Mar 19, 2019 at 12:35:59PM +0100, Alexander Kanavin wrote: > Just to remind once more, all upstream support for OpenSSL 1.0.2 ceases in 9 months, so shipping products with it may not be the best idea. Just to remind once more, shipping products isn't as easy as building the few recipes included in oe-core. For example: Believe it or not, some projects need to use old Qt 5.6 due to license change in newer version and 5.6 doesn't support openssl 1.1, backporting the necessary changes would violate the license as well. Providing clean room re-implementation is also difficult, because there aren't many other options how to implement this than how it was done in newer qt already, see: https://bugreports.qt.io/browse/QTBUG-71623 https://development.qt-project.narkive.com/RW4wxYXY/openssl-1-1-x-support-on-qt-5-6-5-9 Yes, it's not the best idea, but even backporting security fixes to old openssl might be cheaper than buying commercial qt license... Cheeers, [-- Attachment #2: Digital signature --] [-- Type: application/pgp-signature, Size: 201 bytes --] ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH 00/26] thud patch review 2019-03-19 13:55 ` Martin Jansa @ 2019-03-19 16:31 ` Alexander Kanavin 2019-03-19 17:07 ` Martin Jansa 0 siblings, 1 reply; 11+ messages in thread From: Alexander Kanavin @ 2019-03-19 16:31 UTC (permalink / raw) To: Martin Jansa; +Cc: openembedded-core [-- Attachment #1: Type: text/plain, Size: 1438 bytes --] For what it’s worth, OpenSSL is also being relicensed to Apache 2.0, so backporting their fixes may not be an option either. https://license.openssl.org/ Please be careful with your language: I’m sure you know that recipe maintenance is a tedious, thankless task. Having it belittled doesn’t help. Alex > On 19 Mar 2019, at 14.55, Martin Jansa <martin.jansa@gmail.com> wrote: > >> On Tue, Mar 19, 2019 at 12:35:59PM +0100, Alexander Kanavin wrote: >> Just to remind once more, all upstream support for OpenSSL 1.0.2 ceases in 9 months, so shipping products with it may not be the best idea. > > Just to remind once more, shipping products isn't as easy as building > the few recipes included in oe-core. > > For example: > Believe it or not, some projects need to use old Qt 5.6 due to license > change in newer version and 5.6 doesn't support openssl 1.1, > backporting the necessary changes would violate the license as well. > Providing clean room re-implementation is also difficult, because there > aren't many other options how to implement this than how it was done in > newer qt already, see: > > https://bugreports.qt.io/browse/QTBUG-71623 > https://development.qt-project.narkive.com/RW4wxYXY/openssl-1-1-x-support-on-qt-5-6-5-9 > > Yes, it's not the best idea, but even backporting security fixes to old > openssl might be cheaper than buying commercial qt license... > > Cheeers, [-- Attachment #2: Type: text/html, Size: 2280 bytes --] ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH 00/26] thud patch review 2019-03-19 16:31 ` Alexander Kanavin @ 2019-03-19 17:07 ` Martin Jansa 0 siblings, 0 replies; 11+ messages in thread From: Martin Jansa @ 2019-03-19 17:07 UTC (permalink / raw) To: Alexander Kanavin; +Cc: openembedded-core [-- Attachment #1: Type: text/plain, Size: 3106 bytes --] On Tue, Mar 19, 2019 at 05:31:52PM +0100, Alexander Kanavin wrote: > For what it’s worth, OpenSSL is also being relicensed to Apache 2.0, so backporting their fixes may not be an option either. > https://license.openssl.org/ > > Please be careful with your language: I’m sure you know that recipe maintenance is a tedious, thankless task. Having it belittled doesn’t help. I'm sorry, I don't want to belittle the recipe maintenance task. I'm just saying that using OE to build commercial products is another level of complexity and if we as a project ignore the issues companies might have while upgrading to newer OE releases, then we shouldn't be surprised that there are too many products built with really ancient and unsupported OE releases. I'm not recommending to anyone to use openssl10 forever, I've replied to this thread mostly to warn other people (who might be in the same hole with openssl10) that this is another pain point and suggested possible way how to work around it. More commercial users closer to master might also help with lack of resources, upstreaming something from danny based build to master is much less likely to happen than from e.g. thud. Having a bit easier upgrade paths or at least a bit sympathy for people having troubles persuading management that spending a lot of time and money to rebuild all native apps, just to get newer build system (which no customer will ever notice in the end product) might help as well. With app store filled by native apps from 3rd party companies and required backward compatibility with older products, the stable ABI might be more important for some people than latest, greatest versions and we shouldn't ignore such use-cases for OE (or at least not assume that nobody needs openssl10 just because oe-core recipes can already build without it). Cheers, > > On 19 Mar 2019, at 14.55, Martin Jansa <martin.jansa@gmail.com> wrote: > > > >> On Tue, Mar 19, 2019 at 12:35:59PM +0100, Alexander Kanavin wrote: > >> Just to remind once more, all upstream support for OpenSSL 1.0.2 ceases in 9 months, so shipping products with it may not be the best idea. > > > > Just to remind once more, shipping products isn't as easy as building > > the few recipes included in oe-core. > > > > For example: > > Believe it or not, some projects need to use old Qt 5.6 due to license > > change in newer version and 5.6 doesn't support openssl 1.1, > > backporting the necessary changes would violate the license as well. > > Providing clean room re-implementation is also difficult, because there > > aren't many other options how to implement this than how it was done in > > newer qt already, see: > > > > https://bugreports.qt.io/browse/QTBUG-71623 > > https://development.qt-project.narkive.com/RW4wxYXY/openssl-1-1-x-support-on-qt-5-6-5-9 > > > > Yes, it's not the best idea, but even backporting security fixes to old > > openssl might be cheaper than buying commercial qt license... > > > > Cheeers, -- Martin 'JaMa' Jansa jabber: Martin.Jansa@gmail.com [-- Attachment #2: Digital signature --] [-- Type: application/pgp-signature, Size: 201 bytes --] ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH 00/26] thud patch review 2019-03-19 8:55 ` Martin Jansa 2019-03-19 10:22 ` Alexander Kanavin @ 2019-03-19 14:52 ` akuster808 2019-03-19 15:40 ` Alexander Kanavin 1 sibling, 1 reply; 11+ messages in thread From: akuster808 @ 2019-03-19 14:52 UTC (permalink / raw) To: Martin Jansa; +Cc: openembedded-core [-- Attachment #1.1: Type: text/plain, Size: 959 bytes --] On 3/19/19 1:55 AM, Martin Jansa wrote: > On Mon, Mar 18, 2019 at 07:36:29PM -0700, Armin Kuster wrote: >> Responses should be made by Wed March 20th 22:00:00 UTC 2019 >> >> The following changes since commit f5a57e939e626a5b7c6de5b51799ca602ed355ed: >> >> mesa: ship /etc/drirc in mesa-megadriver (2019-03-05 22:24:13 +0000) >> >> are available in the git repository at: >> >> git://git.yoctoproject.org/poky-contrib stable/thud-next >> http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=stable/thud-next >> >> Alexander Kanavin (1): >> ca-certificates: upgrade 20180409 -> 20190110 then this gets dropped > This depends on openssl >= 1.1.1 since: > https://salsa.debian.org/debian/ca-certificates/commit/d5e425c8405448e5034d1e16ca52be6a10cb3334 > some people might not use new openssl with thud. > > More detail in: > http://lists.openembedded.org/pipermail/openembedded-core/2019-March/280234.html > > Cheers, [-- Attachment #2: OpenPGP digital signature --] [-- Type: application/pgp-signature, Size: 836 bytes --] ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH 00/26] thud patch review 2019-03-19 14:52 ` akuster808 @ 2019-03-19 15:40 ` Alexander Kanavin 0 siblings, 0 replies; 11+ messages in thread From: Alexander Kanavin @ 2019-03-19 15:40 UTC (permalink / raw) To: akuster808; +Cc: openembedded-core Nope, we determined that it’s actually ok. Alex > On 19 Mar 2019, at 15.52, akuster808 <akuster808@gmail.com> wrote: > > > >> On 3/19/19 1:55 AM, Martin Jansa wrote: >>> On Mon, Mar 18, 2019 at 07:36:29PM -0700, Armin Kuster wrote: >>> Responses should be made by Wed March 20th 22:00:00 UTC 2019 >>> >>> The following changes since commit f5a57e939e626a5b7c6de5b51799ca602ed355ed: >>> >>> mesa: ship /etc/drirc in mesa-megadriver (2019-03-05 22:24:13 +0000) >>> >>> are available in the git repository at: >>> >>> git://git.yoctoproject.org/poky-contrib stable/thud-next >>> http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=stable/thud-next >>> >>> Alexander Kanavin (1): >>> ca-certificates: upgrade 20180409 -> 20190110 > then this gets dropped >> This depends on openssl >= 1.1.1 since: >> https://salsa.debian.org/debian/ca-certificates/commit/d5e425c8405448e5034d1e16ca52be6a10cb3334 >> some people might not use new openssl with thud. >> >> More detail in: >> http://lists.openembedded.org/pipermail/openembedded-core/2019-March/280234.html >> >> Cheers, > > > -- > _______________________________________________ > Openembedded-core mailing list > Openembedded-core@lists.openembedded.org > http://lists.openembedded.org/mailman/listinfo/openembedded-core ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH 00/26] thud patch review 2019-03-19 2:36 [PATCH 00/26] thud patch review Armin Kuster 2019-03-19 8:55 ` Martin Jansa @ 2019-03-19 9:05 ` Vincent Prince 1 sibling, 0 replies; 11+ messages in thread From: Vincent Prince @ 2019-03-19 9:05 UTC (permalink / raw) To: Armin Kuster; +Cc: OE-core [-- Attachment #1: Type: text/plain, Size: 6296 bytes --] Hi Armin, Regarding target-sdk-provides-dummy: add more perl modules to avoid populate_sdk failure patch, I had to complete it with following bbappend: DUMMYPROVIDES_append = "\ perl-module-warnings-register \ perl-module-config \ perl-module-overloading \ perl-module-warnings \ perl-module-file-temp \ " Don't know if we should rework Chen Qi patch or create a new one. By the way, can't we add every empty perl packages in dummy automatically? Best regards, Vincent Le mar. 19 mars 2019 à 03:37, Armin Kuster <akuster808@gmail.com> a écrit : > Responses should be made by Wed March 20th 22:00:00 UTC 2019 > > The following changes since commit > f5a57e939e626a5b7c6de5b51799ca602ed355ed: > > mesa: ship /etc/drirc in mesa-megadriver (2019-03-05 22:24:13 +0000) > > are available in the git repository at: > > git://git.yoctoproject.org/poky-contrib stable/thud-next > > http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=stable/thud-next > > Alexander Kanavin (1): > ca-certificates: upgrade 20180409 -> 20190110 > > André Draszik (1): > systemd: RDEPENDS on util-linux-umount > > Changqing Li (1): > libsndfile1: Security fix CVE-2018-19432 > > Chen Qi (1): > target-sdk-provides-dummy: add more perl modules to avoid populate_sdk > failure > > Douglas Royds (1): > libpam: libpamc is licensed under its own BSD-style licence > > George McCollister (1): > systemd: fix CVE-2019-6454 > > Jonathan Rajotte-Julien (3): > lttng-ust: update to 2.10.3 > lttng-modules: update to 2.10.9 > lttng-tools: update to 2.9.11 > > Mark Hatle (10): > gitsm.py: Fix when a submodule is defined, but not initialized > gitsm.py: Add support for alternative URL formats from submodule files > tests/fetch.py: Add alternative gitsm test case > gitsm.py: Optimize code and attempt to resolve locking issue > gitsm.py: revise unpack > gitsm.py: Rework the shallow fetcher and test case > gitsm.py: Refactor the functions and simplify the class > gitsm.py: Fix relative URLs > gitsmy.py: Fix unpack of submodules of submodules > gitsm: The fetcher did not process some recursive submodules properly. > > Ming Liu (1): > rm_work: sort the value of do_build dependencies > > Oleksandr Kravchuk (1): > target-sdk-provides-dummy: add perl-module-overload > > Richard Purdie (3): > target-sdk-provides-dummy: Extend to -dev and -src packages > systemd: Update recent CVE patches > kernel: Ensure an initramfs is added if configured > > Robert Yang (1): > send-error-report: Add --no-ssl to use http protocol > > Ross Burton (1): > libpng: fix CVE-2019-7317 > > bitbake/lib/bb/fetch2/gitsm.py | 253 > +++++++++------------ > bitbake/lib/bb/tests/fetch.py | 70 +++++- > meta/classes/kernel.bbclass | 4 +- > meta/classes/rm_work.bbclass | 3 +- > .../recipes-core/meta/target-sdk-provides-dummy.bb | 14 ++ > ...-not-store-the-iovec-entry-for-process-co.patch | 6 +- > ...ld-set-a-limit-on-the-number-of-fields-1k.patch | 56 ----- > ...nald-set-a-limit-on-the-number-of-fields.patch} | 93 ++++++-- > ...nal-fix-out-of-bounds-read-CVE-2018-16866.patch | 49 ++++ > .../0027-journal-fix-syslog_parse_identifier.patch | 77 ------- > ...not-remove-multiple-spaces-after-identifi.patch | 84 ------- > .../systemd/systemd/CVE-2019-6454.patch | 210 +++++++++++++++++ > ...e-receive-an-invalid-dbus-message-ignore-.patch | 61 +++++ > meta/recipes-core/systemd/systemd_239.bb | 10 +- > meta/recipes-extended/pam/libpam_1.3.0.bb | 4 +- > ...ose-sk-wmem-in-sock_exceed_buf_limit-trac.patch | 67 ------ > ...g-modules_2.10.7.bb => lttng-modules_2.10.9.bb} | 5 +- > ...ow-multiple-attempts-to-connect-to-relayd.patch | 17 +- > ...{lttng-tools_2.9.5.bb => lttng-tools_2.9.11.bb} | 4 +- > .../{lttng-ust_2.10.1.bb => lttng-ust_2.10.3.bb} | 4 +- > .../libpng/libpng/CVE-2019-7317.patch | 20 ++ > meta/recipes-multimedia/libpng/libpng_1.6.36.bb | 3 +- > .../libsndfile/libsndfile1/CVE-2018-19432.patch | 115 ++++++++++ > .../libsndfile/libsndfile1_1.0.28.bb | 1 + > ...tes_20180409.bb => ca-certificates_20190110.bb} | 2 +- > scripts/send-error-report | 11 +- > 26 files changed, 758 insertions(+), 485 deletions(-) > delete mode 100644 > meta/recipes-core/systemd/systemd/0025-journald-set-a-limit-on-the-number-of-fields-1k.patch > rename > meta/recipes-core/systemd/systemd/{0026-journal-remote-set-a-limit-on-the-number-of-fields-i.patch > => 0025-journald-set-a-limit-on-the-number-of-fields.patch} (47%) > create mode 100644 > meta/recipes-core/systemd/systemd/0026-journal-fix-out-of-bounds-read-CVE-2018-16866.patch > delete mode 100644 > meta/recipes-core/systemd/systemd/0027-journal-fix-syslog_parse_identifier.patch > delete mode 100644 > meta/recipes-core/systemd/systemd/0028-journal-do-not-remove-multiple-spaces-after-identifi.patch > create mode 100644 meta/recipes-core/systemd/systemd/CVE-2019-6454.patch > create mode 100644 > meta/recipes-core/systemd/systemd/sd-bus-if-we-receive-an-invalid-dbus-message-ignore-.patch > delete mode 100644 > meta/recipes-kernel/lttng/lttng-modules/0001-Fix-net-expose-sk-wmem-in-sock_exceed_buf_limit-trac.patch > rename meta/recipes-kernel/lttng/{lttng-modules_2.10.7.bb => > lttng-modules_2.10.9.bb} (85%) > rename meta/recipes-kernel/lttng/{lttng-tools_2.9.5.bb => > lttng-tools_2.9.11.bb} (97%) > rename meta/recipes-kernel/lttng/{lttng-ust_2.10.1.bb => > lttng-ust_2.10.3.bb} (90%) > create mode 100644 > meta/recipes-multimedia/libpng/libpng/CVE-2019-7317.patch > create mode 100644 > meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-19432.patch > rename meta/recipes-support/ca-certificates/{ca-certificates_20180409.bb > => ca-certificates_20190110.bb} (98%) > > -- > 2.7.4 > > -- > _______________________________________________ > Openembedded-core mailing list > Openembedded-core@lists.openembedded.org > http://lists.openembedded.org/mailman/listinfo/openembedded-core > [-- Attachment #2: Type: text/html, Size: 9203 bytes --] ^ permalink raw reply [flat|nested] 11+ messages in thread
end of thread, other threads:[~2019-03-19 17:07 UTC | newest] Thread overview: 11+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2019-03-19 2:36 [PATCH 00/26] thud patch review Armin Kuster 2019-03-19 8:55 ` Martin Jansa 2019-03-19 10:22 ` Alexander Kanavin 2019-03-19 10:40 ` Martin Jansa 2019-03-19 11:35 ` Alexander Kanavin 2019-03-19 13:55 ` Martin Jansa 2019-03-19 16:31 ` Alexander Kanavin 2019-03-19 17:07 ` Martin Jansa 2019-03-19 14:52 ` akuster808 2019-03-19 15:40 ` Alexander Kanavin 2019-03-19 9:05 ` Vincent Prince
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.