From: Armin Kuster <akuster808@gmail.com>
To: openembedded-core@openembedded.org
Subject: [zeus 00/29] Patch review
Date: Sun, 9 Feb 2020 08:09:28 -0800 [thread overview]
Message-ID: <cover.1581264380.git.akuster808@gmail.com> (raw)
These are the additional changes to help address reproducibility issues and additional fixes
we would like to be included in 3.0.2
Please have comments back by Tuesday
The following changes since commit 9b1bf083129be2b849db52d4f0eda9eb6077c97e:
python2: add ntpath (2020-02-02 18:19:50 -0800)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/zeus-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/zeus-nut
Alejandro del Castillo (1):
opkg-utils: upgrade to version 0.4.2
Alexander Kanavin (1):
perl: do not install files that contain build host specific data
Anuj Mittal (3):
Revert "bzip2: Fix CVE-2019-12900"
curl: fix CVE-2019-15601
cpio: fix CVE-2019-14866
Joshua Watt (2):
classes/reproducible_build: Read SDE file later
mc: Fix build reproducibility
Lee Chee Yang (1):
rsync: whitelist CVE-2017-16548
Richard Purdie (17):
opkg-utils: Fix reproducibility issues in opkg-build
oeqa/reproducible: Improve test output and ensure deb+ipk compared
sudo: Set vardir deterministically
libxshmfence: Set shm directory deterministically
mc: Set zipinfo presence determinstically
mc: Fix manpage date indeterminism
tar: Fix build determinism, disable rsh
patch: Extend to native/nativesdk and depend upon
libidn2: Fix reproducibility issue
perl: Fix various reproducibile build issues
openssl: Fix reproducibility issue
iputils: Fix build determinism
libinput: Fix determinism issue
libgcrypt: Fix determinism issue
sysvinit: Fix Reproducibility issue
libevdev: Fix determinism issue
ncurses: Fix reproducibility issue
Ross Burton (2):
gtk+3: sort resources for reproducible binaries
sudo: specify where target tools are
Taras Kondratiuk via Openembedded-core (1):
gcc-9.2: fix bug #91102 'aarch64 ICE on Linux kernel with -Os'
Tom Hochstein (1):
devtool/standard.py: Allow recipe to disable menuconfig logic
meta/classes/patch.bbclass | 7 +
meta/classes/reproducible_build.bbclass | 40 ++-
meta/lib/oeqa/selftest/cases/reproducible.py | 9 +-
.../openssl/openssl/reproducible.patch | 32 ++
.../openssl/openssl_1.1.1d.bb | 1 +
meta/recipes-core/meta/buildtools-tarball.bb | 1 +
meta/recipes-core/ncurses/ncurses.inc | 1 +
.../recipes-core/sysvinit/sysvinit_2.88dsf.bb | 1 +
meta/recipes-devtools/gcc/gcc-9.2.inc | 1 +
...02-aarch64-ICE-on-Linux-kernel-with-.patch | 95 ++++++
...Switch-all-scripts-to-use-Python-3.x.patch | 113 -------
...ld-clamp-mtimes-to-SOURCE_DATE_EPOCH.patch | 44 ---
.../opkg-utils/fix-reproducibility.patch | 32 ++
.../opkg-utils/opkg-utils/pipefail.patch | 31 --
...pkg-utils_0.4.1.bb => opkg-utils_0.4.2.bb} | 13 +-
meta/recipes-devtools/patch/patch_2.7.6.bb | 3 +
.../perl/files/determinism.patch | 81 +++++
meta/recipes-devtools/perl/perl-ptest.inc | 3 +
meta/recipes-devtools/perl/perl_5.30.0.bb | 4 +
meta/recipes-devtools/rsync/rsync_3.1.3.bb | 3 +
.../bzip2/bzip2-1.0.6/CVE-2019-12900.patch | 36 --
.../cpio/cpio-2.12/CVE-2019-14866.patch | 316 ++++++++++++++++++
meta/recipes-extended/cpio/cpio_2.12.bb | 1 +
.../iputils/iputils_s20190709.bb | 3 +-
meta/recipes-extended/libidn/libidn2_2.2.0.bb | 3 +-
...Add-option-to-control-configure-args.patch | 99 ++++++
.../recipes-extended/mc/files/nomandate.patch | 21 ++
meta/recipes-extended/mc/mc_4.8.23.bb | 7 +-
meta/recipes-extended/sudo/sudo.inc | 2 +-
meta/recipes-extended/sudo/sudo_1.8.27.bb | 10 +-
meta/recipes-extended/tar/tar_1.32.bb | 2 +
.../gtk+/gtk+3/sort-resources.patch | 19 ++
meta/recipes-gnome/gtk+/gtk+3_3.24.8.bb | 1 +
.../wayland/libinput/determinism.patch | 21 ++
.../wayland/libinput_1.14.1.bb | 4 +-
.../xorg-lib/libxshmfence_1.3.bb | 2 +
.../curl/curl/CVE-2019-15601.patch | 46 +++
meta/recipes-support/curl/curl_7.66.0.bb | 1 +
.../libevdev/libevdev/determinism.patch | 34 ++
.../libevdev/libevdev_1.8.0.bb | 3 +-
.../libgcrypt/files/determinism.patch | 32 ++
.../libgcrypt/libgcrypt_1.8.4.bb | 1 +
scripts/lib/devtool/standard.py | 6 +-
43 files changed, 933 insertions(+), 252 deletions(-)
create mode 100644 meta/recipes-connectivity/openssl/openssl/reproducible.patch
create mode 100644 meta/recipes-devtools/gcc/gcc-9.2/re-PR-target-91102-aarch64-ICE-on-Linux-kernel-with-.patch
delete mode 100644 meta/recipes-devtools/opkg-utils/opkg-utils/0001-Switch-all-scripts-to-use-Python-3.x.patch
delete mode 100644 meta/recipes-devtools/opkg-utils/opkg-utils/0001-opkg-build-clamp-mtimes-to-SOURCE_DATE_EPOCH.patch
create mode 100644 meta/recipes-devtools/opkg-utils/opkg-utils/fix-reproducibility.patch
delete mode 100644 meta/recipes-devtools/opkg-utils/opkg-utils/pipefail.patch
rename meta/recipes-devtools/opkg-utils/{opkg-utils_0.4.1.bb => opkg-utils_0.4.2.bb} (83%)
create mode 100644 meta/recipes-devtools/perl/files/determinism.patch
delete mode 100644 meta/recipes-extended/bzip2/bzip2-1.0.6/CVE-2019-12900.patch
create mode 100644 meta/recipes-extended/cpio/cpio-2.12/CVE-2019-14866.patch
create mode 100644 meta/recipes-extended/mc/files/0001-Add-option-to-control-configure-args.patch
create mode 100644 meta/recipes-extended/mc/files/nomandate.patch
create mode 100644 meta/recipes-gnome/gtk+/gtk+3/sort-resources.patch
create mode 100644 meta/recipes-graphics/wayland/libinput/determinism.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2019-15601.patch
create mode 100644 meta/recipes-support/libevdev/libevdev/determinism.patch
create mode 100644 meta/recipes-support/libgcrypt/files/determinism.patch
--
2.17.1
next reply other threads:[~2020-02-09 16:10 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-02-09 16:09 Armin Kuster [this message]
2020-02-09 16:09 ` [zeus 01/29] Revert "bzip2: Fix CVE-2019-12900" Armin Kuster
2020-02-09 16:09 ` [zeus 02/29] rsync: whitelist CVE-2017-16548 Armin Kuster
2020-02-09 16:09 ` [zeus 03/29] curl: fix CVE-2019-15601 Armin Kuster
2020-02-09 16:09 ` [zeus 04/29] cpio: fix CVE-2019-14866 Armin Kuster
2020-02-09 16:09 ` [zeus 05/29] devtool/standard.py: Allow recipe to disable menuconfig logic Armin Kuster
2020-02-09 16:09 ` [zeus 06/29] gcc-9.2: fix bug #91102 'aarch64 ICE on Linux kernel with -Os' Armin Kuster
2020-02-09 16:09 ` [zeus 07/29] opkg-utils: upgrade to version 0.4.2 Armin Kuster
2020-02-09 16:09 ` [zeus 08/29] opkg-utils: Fix reproducibility issues in opkg-build Armin Kuster
2020-02-09 16:09 ` [zeus 09/29] oeqa/reproducible: Improve test output and ensure deb+ipk compared Armin Kuster
2020-02-09 16:09 ` [zeus 10/29] classes/reproducible_build: Read SDE file later Armin Kuster
2020-02-09 16:09 ` [zeus 11/29] sudo: Set vardir deterministically Armin Kuster
2020-02-09 16:09 ` [zeus 12/29] libxshmfence: Set shm directory deterministically Armin Kuster
2020-02-09 16:09 ` [zeus 13/29] mc: Fix build reproducibility Armin Kuster
2020-02-09 16:09 ` [zeus 14/29] mc: Set zipinfo presence determinstically Armin Kuster
2020-02-09 16:09 ` [zeus 15/29] mc: Fix manpage date indeterminism Armin Kuster
2020-02-09 16:09 ` [zeus 16/29] tar: Fix build determinism, disable rsh Armin Kuster
2020-02-09 16:09 ` [zeus 17/29] patch: Extend to native/nativesdk and depend upon Armin Kuster
2020-02-09 16:09 ` [zeus 18/29] libidn2: Fix reproducibility issue Armin Kuster
2020-02-09 16:09 ` [zeus 19/29] gtk+3: sort resources for reproducible binaries Armin Kuster
2020-02-09 16:09 ` [zeus 20/29] perl: do not install files that contain build host specific data Armin Kuster
2020-02-09 16:09 ` [zeus 21/29] perl: Fix various reproducibile build issues Armin Kuster
2020-02-09 16:09 ` [zeus 22/29] openssl: Fix reproducibility issue Armin Kuster
2020-02-09 16:09 ` [zeus 23/29] iputils: Fix build determinism Armin Kuster
2020-02-09 16:09 ` [zeus 24/29] libinput: Fix determinism issue Armin Kuster
2020-02-09 16:09 ` [zeus 25/29] libgcrypt: " Armin Kuster
2020-02-09 16:09 ` [zeus 26/29] sudo: specify where target tools are Armin Kuster
2020-02-09 16:09 ` [zeus 27/29] sysvinit: Fix Reproducibility issue Armin Kuster
2020-02-09 16:09 ` [zeus 28/29] libevdev: Fix determinism issue Armin Kuster
2020-02-09 16:09 ` [zeus 29/29] ncurses: Fix reproducibility issue Armin Kuster
2020-02-10 8:07 ` [zeus 00/29] Patch review Schrempf Frieder
2020-02-10 9:55 ` Peter Kjellerstedt
2020-02-10 11:21 ` Richard Purdie
2020-02-10 16:01 ` akuster808
-- strict thread matches above, loose matches on Subject: below --
2020-01-04 16:25 Armin Kuster
2020-01-06 10:59 ` Manjukumar Harthikote Matha
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1581264380.git.akuster808@gmail.com \
--to=akuster808@gmail.com \
--cc=openembedded-core@openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.