* [PATCH 00/13] Jethro-next pull request
@ 2016-09-18 22:44 Armin Kuster
2016-09-23 17:23 ` akuster808
0 siblings, 1 reply; 3+ messages in thread
From: Armin Kuster @ 2016-09-18 22:44 UTC (permalink / raw)
To: openembedded-core, akuster
From: Armin Kuster <akuster@mvista.com>
please consider these security and bug fixes for Jethro.
My krogoth-next stagging branch has a complimentary set for the security fixes.
http://git.yoctoproject.org/cgit/cgit.cgi/poky-contrib/log/?h=akuster/krogoth-next: 7a24bd8a38a2819965b8c1926d33042bd61d1f0b
The following changes since commit 6b732a392289a7bb50b0e3716c066c62fa32a14d:
curl: security fix for CVE-2016-5420 (2016-09-02 08:48:20 +0100)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib akuster/jethro-next
http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=akuster/jethro-next
Armin Kuster (8):
openssl: Security fix CVE-2016-2177
openssl: Security fix CVE-2016-2178
bind: Security fix CVE-2016-2088
git: Security fix CVE-2016-2315 CVE-2016-2324
openssh: Security fix CVE-2016-6210
openssh: Security fix CVE-2016-5615
openssh: Security fix CVE-2015-8325
wget: Security fix CVE-2016-4971
Ismo Puustinen (1):
libpcre: Fix CVE-2016-3191
Ross Burton (1):
openssl: add a patch to fix parallel builds
Yi Zhao (3):
tiff: Security fix CVE-2016-3186
tiff: Security fix CVE-2016-5321
tiff: Security fix CVE-2016-5323
.../bind/bind/CVE-2016-2088.patch | 216 ++++++++++++++
meta/recipes-connectivity/bind/bind_9.10.2-P4.bb | 1 +
.../openssh/openssh/CVE-2015-8325.patch | 33 +++
.../openssh/openssh/CVE-2016-6210.patch | 114 +++++++
.../openssh/openssh/CVE-2016-6210_p2.patch | 110 +++++++
.../openssh/openssh/CVE-2016-6210_p3.patch | 62 ++++
.../openssh/openssh/CVE-2016-6515.patch | 54 ++++
meta/recipes-connectivity/openssh/openssh_7.1p2.bb | 5 +
.../openssl/openssl/CVE-2016-2177.patch | 286 ++++++++++++++++++
.../openssl/openssl/CVE-2016-2178.patch | 51 ++++
.../openssl/openssl/parallel.patch | 326 +++++++++++++++++++++
.../recipes-connectivity/openssl/openssl_1.0.2h.bb | 3 +
.../git/git-2.5.0/CVE-2016-2315_2324.patch | 307 +++++++++++++++++++
.../git/git-2.5.0/CVE-2016-2315_p1.patch | 115 ++++++++
.../git/git-2.5.0/CVE-2016-2315_p2.patch | 89 ++++++
.../git/git-2.5.0/CVE-2016-2315_p3.patch | 160 ++++++++++
.../git/git-2.5.0/CVE-2016-2315_p4.patch | 237 +++++++++++++++
meta/recipes-devtools/git/git_2.5.0.bb | 5 +
.../recipes-extended/wget/wget/CVE-2016-4971.patch | 294 +++++++++++++++++++
...mping-and-continue-behaviour-with-ftp-pro.patch | 108 +++++++
meta/recipes-extended/wget/wget_1.16.3.bb | 2 +
.../libtiff/files/CVE-2016-3186.patch | 24 ++
.../libtiff/files/CVE-2016-5321.patch | 45 +++
.../libtiff/files/CVE-2016-5323.patch | 103 +++++++
meta/recipes-multimedia/libtiff/tiff_4.0.4.bb | 3 +
.../libpcre/libpcre/CVE-2016-3191.patch | 174 +++++++++++
meta/recipes-support/libpcre/libpcre_8.38.bb | 1 +
27 files changed, 2928 insertions(+)
create mode 100644 meta/recipes-connectivity/bind/bind/CVE-2016-2088.patch
create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2015-8325.patch
create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2016-6210.patch
create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2016-6210_p2.patch
create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2016-6210_p3.patch
create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2016-6515.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2016-2177.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2016-2178.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/parallel.patch
create mode 100644 meta/recipes-devtools/git/git-2.5.0/CVE-2016-2315_2324.patch
create mode 100644 meta/recipes-devtools/git/git-2.5.0/CVE-2016-2315_p1.patch
create mode 100644 meta/recipes-devtools/git/git-2.5.0/CVE-2016-2315_p2.patch
create mode 100644 meta/recipes-devtools/git/git-2.5.0/CVE-2016-2315_p3.patch
create mode 100644 meta/recipes-devtools/git/git-2.5.0/CVE-2016-2315_p4.patch
create mode 100644 meta/recipes-extended/wget/wget/CVE-2016-4971.patch
create mode 100644 meta/recipes-extended/wget/wget/Fix-timestamping-and-continue-behaviour-with-ftp-pro.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-3186.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-5321.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-5323.patch
create mode 100644 meta/recipes-support/libpcre/libpcre/CVE-2016-3191.patch
--
2.7.4
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH 00/13] Jethro-next pull request
2016-09-18 22:44 [PATCH 00/13] Jethro-next pull request Armin Kuster
@ 2016-09-23 17:23 ` akuster808
2016-09-23 22:24 ` Richard Purdie
0 siblings, 1 reply; 3+ messages in thread
From: akuster808 @ 2016-09-23 17:23 UTC (permalink / raw)
To: openembedded-core
Ping
On 09/18/2016 03:44 PM, Armin Kuster wrote:
> From: Armin Kuster <akuster@mvista.com>
>
> please consider these security and bug fixes for Jethro.
>
> My krogoth-next stagging branch has a complimentary set for the security fixes.
>
> http://git.yoctoproject.org/cgit/cgit.cgi/poky-contrib/log/?h=akuster/krogoth-next: 7a24bd8a38a2819965b8c1926d33042bd61d1f0b
>
> The following changes since commit 6b732a392289a7bb50b0e3716c066c62fa32a14d:
>
> curl: security fix for CVE-2016-5420 (2016-09-02 08:48:20 +0100)
>
> are available in the git repository at:
>
> git://git.openembedded.org/openembedded-core-contrib akuster/jethro-next
> http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=akuster/jethro-next
>
> Armin Kuster (8):
> openssl: Security fix CVE-2016-2177
> openssl: Security fix CVE-2016-2178
> bind: Security fix CVE-2016-2088
> git: Security fix CVE-2016-2315 CVE-2016-2324
> openssh: Security fix CVE-2016-6210
> openssh: Security fix CVE-2016-5615
> openssh: Security fix CVE-2015-8325
> wget: Security fix CVE-2016-4971
>
> Ismo Puustinen (1):
> libpcre: Fix CVE-2016-3191
>
> Ross Burton (1):
> openssl: add a patch to fix parallel builds
>
> Yi Zhao (3):
> tiff: Security fix CVE-2016-3186
> tiff: Security fix CVE-2016-5321
> tiff: Security fix CVE-2016-5323
>
> .../bind/bind/CVE-2016-2088.patch | 216 ++++++++++++++
> meta/recipes-connectivity/bind/bind_9.10.2-P4.bb | 1 +
> .../openssh/openssh/CVE-2015-8325.patch | 33 +++
> .../openssh/openssh/CVE-2016-6210.patch | 114 +++++++
> .../openssh/openssh/CVE-2016-6210_p2.patch | 110 +++++++
> .../openssh/openssh/CVE-2016-6210_p3.patch | 62 ++++
> .../openssh/openssh/CVE-2016-6515.patch | 54 ++++
> meta/recipes-connectivity/openssh/openssh_7.1p2.bb | 5 +
> .../openssl/openssl/CVE-2016-2177.patch | 286 ++++++++++++++++++
> .../openssl/openssl/CVE-2016-2178.patch | 51 ++++
> .../openssl/openssl/parallel.patch | 326 +++++++++++++++++++++
> .../recipes-connectivity/openssl/openssl_1.0.2h.bb | 3 +
> .../git/git-2.5.0/CVE-2016-2315_2324.patch | 307 +++++++++++++++++++
> .../git/git-2.5.0/CVE-2016-2315_p1.patch | 115 ++++++++
> .../git/git-2.5.0/CVE-2016-2315_p2.patch | 89 ++++++
> .../git/git-2.5.0/CVE-2016-2315_p3.patch | 160 ++++++++++
> .../git/git-2.5.0/CVE-2016-2315_p4.patch | 237 +++++++++++++++
> meta/recipes-devtools/git/git_2.5.0.bb | 5 +
> .../recipes-extended/wget/wget/CVE-2016-4971.patch | 294 +++++++++++++++++++
> ...mping-and-continue-behaviour-with-ftp-pro.patch | 108 +++++++
> meta/recipes-extended/wget/wget_1.16.3.bb | 2 +
> .../libtiff/files/CVE-2016-3186.patch | 24 ++
> .../libtiff/files/CVE-2016-5321.patch | 45 +++
> .../libtiff/files/CVE-2016-5323.patch | 103 +++++++
> meta/recipes-multimedia/libtiff/tiff_4.0.4.bb | 3 +
> .../libpcre/libpcre/CVE-2016-3191.patch | 174 +++++++++++
> meta/recipes-support/libpcre/libpcre_8.38.bb | 1 +
> 27 files changed, 2928 insertions(+)
> create mode 100644 meta/recipes-connectivity/bind/bind/CVE-2016-2088.patch
> create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2015-8325.patch
> create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2016-6210.patch
> create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2016-6210_p2.patch
> create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2016-6210_p3.patch
> create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2016-6515.patch
> create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2016-2177.patch
> create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2016-2178.patch
> create mode 100644 meta/recipes-connectivity/openssl/openssl/parallel.patch
> create mode 100644 meta/recipes-devtools/git/git-2.5.0/CVE-2016-2315_2324.patch
> create mode 100644 meta/recipes-devtools/git/git-2.5.0/CVE-2016-2315_p1.patch
> create mode 100644 meta/recipes-devtools/git/git-2.5.0/CVE-2016-2315_p2.patch
> create mode 100644 meta/recipes-devtools/git/git-2.5.0/CVE-2016-2315_p3.patch
> create mode 100644 meta/recipes-devtools/git/git-2.5.0/CVE-2016-2315_p4.patch
> create mode 100644 meta/recipes-extended/wget/wget/CVE-2016-4971.patch
> create mode 100644 meta/recipes-extended/wget/wget/Fix-timestamping-and-continue-behaviour-with-ftp-pro.patch
> create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-3186.patch
> create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-5321.patch
> create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-5323.patch
> create mode 100644 meta/recipes-support/libpcre/libpcre/CVE-2016-3191.patch
>
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH 00/13] Jethro-next pull request
2016-09-23 17:23 ` akuster808
@ 2016-09-23 22:24 ` Richard Purdie
0 siblings, 0 replies; 3+ messages in thread
From: Richard Purdie @ 2016-09-23 22:24 UTC (permalink / raw)
To: akuster808, openembedded-core
On Fri, 2016-09-23 at 10:23 -0700, akuster808 wrote:
> On 09/18/2016 03:44 PM, Armin Kuster wrote:
> >
> > From: Armin Kuster <akuster@mvista.com>
> >
> > please consider these security and bug fixes for Jethro.
> >
> > My krogoth-next stagging branch has a complimentary set for the
> > security fixes.
> >
> > http://git.yoctoproject.org/cgit/cgit.cgi/poky-contrib/log/?h=akust
> > er/krogoth-next: 7a24bd8a38a2819965b8c1926d33042bd61d1f0b
> >
> > The following changes since commit
> > 6b732a392289a7bb50b0e3716c066c62fa32a14d:
> >
> > curl: security fix for CVE-2016-5420 (2016-09-02 08:48:20 +0100)
> >
> > are available in the git repository at:
> >
> > git://git.openembedded.org/openembedded-core-contrib
> > akuster/jethro-next
> > http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/
> > log/?h=akuster/jethro-next
I've merged in the various jethro bitbake/core fixes, thanks. Sorry
about the delay, I think we're up to date now?
Cheers,
Richard
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2016-09-23 22:24 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-09-18 22:44 [PATCH 00/13] Jethro-next pull request Armin Kuster
2016-09-23 17:23 ` akuster808
2016-09-23 22:24 ` Richard Purdie
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.