* [OE-core][dunfell 00/14] Pull request (cover letter only)
@ 2020-10-27 1:10 Steve Sakoman
2020-10-27 9:24 ` Martin Jansa
0 siblings, 1 reply; 14+ messages in thread
From: Steve Sakoman @ 2020-10-27 1:10 UTC (permalink / raw)
To: openembedded-core
The following changes since commit 3ee9590f96cb50e93864db768b254773e2ff9465:
uninative: Fix typo in error message (2020-10-19 04:27:15 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
Alexander Kanavin (1):
selftest/virgl: drop the custom 30 sec timeout
Changqing Li (1):
toolchain-shar-extract.sh: don't print useless info
Khem Raj (1):
packagegroup-core-tools-debug: Disable for rv32/glibc as well
Lee Chee Yang (3):
libproxy: fix CVE-2020-25219
python3: fix CVE-2020-26116
grub2: fix CVE-2020-10713
Martin Jansa (7):
arch-armv7a.inc: fix typo
arch-mips.inc: remove duplicated mips64el-o32 from
PACKAGE_EXTRA_ARCHS_tune-mips64el-o32
tune-mips64r6.inc: fix typo in mipsisa64r6-nf
tune-ep9312.inc: add t suffix for thumb to
PACKAGE_EXTRA_ARCHS_tune-ep9312
tune-riscv.inc: use nf suffix also for TUNE_PKGARCH
siteinfo: Recognize 32bit PPC LE
siteinfo: Recognize bigendian sh3be and sh4be
Victor Kamensky (1):
qemu: change TLBs number to 64 in 34Kf mips cpu model
meta-selftest/lib/oeqa/runtime/cases/virgl.py | 2 +-
meta/classes/siteinfo.bbclass | 5 +
meta/conf/machine/include/arm/arch-armv7a.inc | 2 +-
meta/conf/machine/include/mips/arch-mips.inc | 2 +-
.../conf/machine/include/riscv/tune-riscv.inc | 4 +-
meta/conf/machine/include/tune-ep9312.inc | 3 +-
meta/conf/machine/include/tune-mips64r6.inc | 2 +-
meta/files/toolchain-shar-extract.sh | 2 +-
.../grub/files/CVE-2020-10713.patch | 73 ++++++++++++
meta/recipes-bsp/grub/grub2.inc | 1 +
.../packagegroup-core-tools-debug.bb | 2 +-
.../python/python3/CVE-2020-26116.patch | 104 ++++++++++++++++++
meta/recipes-devtools/python/python3_3.8.2.bb | 1 +
meta/recipes-devtools/qemu/qemu.inc | 1 +
...ease-number-of-TLB-entries-on-the-34.patch | 59 ++++++++++
.../libproxy/libproxy/CVE-2020-25219.patch | 61 ++++++++++
.../libproxy/libproxy_0.4.15.bb | 1 +
17 files changed, 315 insertions(+), 10 deletions(-)
create mode 100644 meta/recipes-bsp/grub/files/CVE-2020-10713.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2020-26116.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0001-target-mips-Increase-number-of-TLB-entries-on-the-34.patch
create mode 100644 meta/recipes-support/libproxy/libproxy/CVE-2020-25219.patch
--
2.17.1
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [OE-core][dunfell 00/14] Pull request (cover letter only)
2020-10-27 1:10 [OE-core][dunfell 00/14] Pull request (cover letter only) Steve Sakoman
@ 2020-10-27 9:24 ` Martin Jansa
[not found] ` <CAOSpxdYOG8USSc3s4gwMpAbPHff+pXbzLOR_qVf71inXg5A7=A@mail.gmail.com>
0 siblings, 1 reply; 14+ messages in thread
From: Martin Jansa @ 2020-10-27 9:24 UTC (permalink / raw)
To: Steve Sakoman; +Cc: openembedded-core
[-- Attachment #1: Type: text/plain, Size: 3005 bytes --]
On Mon, Oct 26, 2020 at 03:10:48PM -1000, Steve Sakoman wrote:
> The following changes since commit 3ee9590f96cb50e93864db768b254773e2ff9465:
>
> uninative: Fix typo in error message (2020-10-19 04:27:15 -1000)
>
> are available in the Git repository at:
>
> git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
> http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
>
> Alexander Kanavin (1):
> selftest/virgl: drop the custom 30 sec timeout
>
> Changqing Li (1):
> toolchain-shar-extract.sh: don't print useless info
>
> Khem Raj (1):
> packagegroup-core-tools-debug: Disable for rv32/glibc as well
>
> Lee Chee Yang (3):
> libproxy: fix CVE-2020-25219
> python3: fix CVE-2020-26116
> grub2: fix CVE-2020-10713
>
> Martin Jansa (7):
> arch-armv7a.inc: fix typo
> arch-mips.inc: remove duplicated mips64el-o32 from
> PACKAGE_EXTRA_ARCHS_tune-mips64el-o32
> tune-mips64r6.inc: fix typo in mipsisa64r6-nf
> tune-ep9312.inc: add t suffix for thumb to
> PACKAGE_EXTRA_ARCHS_tune-ep9312
> tune-riscv.inc: use nf suffix also for TUNE_PKGARCH
> siteinfo: Recognize 32bit PPC LE
> siteinfo: Recognize bigendian sh3be and sh4be
Did you run tune/test.sh script with these on dunfell or do you want me to?
It looks OK, but would be good to confirm that it fixes all issues
currently in dunfell.
> Victor Kamensky (1):
> qemu: change TLBs number to 64 in 34Kf mips cpu model
>
> meta-selftest/lib/oeqa/runtime/cases/virgl.py | 2 +-
> meta/classes/siteinfo.bbclass | 5 +
> meta/conf/machine/include/arm/arch-armv7a.inc | 2 +-
> meta/conf/machine/include/mips/arch-mips.inc | 2 +-
> .../conf/machine/include/riscv/tune-riscv.inc | 4 +-
> meta/conf/machine/include/tune-ep9312.inc | 3 +-
> meta/conf/machine/include/tune-mips64r6.inc | 2 +-
> meta/files/toolchain-shar-extract.sh | 2 +-
> .../grub/files/CVE-2020-10713.patch | 73 ++++++++++++
> meta/recipes-bsp/grub/grub2.inc | 1 +
> .../packagegroup-core-tools-debug.bb | 2 +-
> .../python/python3/CVE-2020-26116.patch | 104 ++++++++++++++++++
> meta/recipes-devtools/python/python3_3.8.2.bb | 1 +
> meta/recipes-devtools/qemu/qemu.inc | 1 +
> ...ease-number-of-TLB-entries-on-the-34.patch | 59 ++++++++++
> .../libproxy/libproxy/CVE-2020-25219.patch | 61 ++++++++++
> .../libproxy/libproxy_0.4.15.bb | 1 +
> 17 files changed, 315 insertions(+), 10 deletions(-)
> create mode 100644 meta/recipes-bsp/grub/files/CVE-2020-10713.patch
> create mode 100644 meta/recipes-devtools/python/python3/CVE-2020-26116.patch
> create mode 100644 meta/recipes-devtools/qemu/qemu/0001-target-mips-Increase-number-of-TLB-entries-on-the-34.patch
> create mode 100644 meta/recipes-support/libproxy/libproxy/CVE-2020-25219.patch
>
> --
> 2.17.1
>
>
>
>
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 201 bytes --]
^ permalink raw reply [flat|nested] 14+ messages in thread
* [OE-core][dunfell 00/14] Pull request (cover letter only)
@ 2023-03-24 14:30 Steve Sakoman
0 siblings, 0 replies; 14+ messages in thread
From: Steve Sakoman @ 2023-03-24 14:30 UTC (permalink / raw)
To: openembedded-core
The following changes since commit efb1a73a13907bed3acac8e06053aef3e2ef57f5:
build-appliance-image: Update to dunfell head revision (2023-03-15 23:09:39 +0000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
Alban Bedel (1):
systemd: Fix systemd when used with busybox less
Andrej Valek (1):
libarchive: fix CVE-2022-26280
Chee Yang Lee (2):
ghostscript: add CVE tag for
check-stack-limits-after-function-evalution.patch
libksba: fix CVE-2022-3515
Hitendra Prajapati (1):
QEMU: CVE-2022-4144 QXL: qxl_phys2virt unsafe address translation can
lead to out-of-bounds read
Kenfe-Mickael Laventure (3):
buildtools-tarball: Handle spaces within user $PATH
toolchain-scripts: Handle spaces within user $PATH
populate_sdk_ext: Handle spaces within user $PATH
Richard Purdie (4):
staging: Separate out different multiconfig manifests
staging/multilib: Fix manifest corruption
glibc: Add missing binutils dependency
base-files: Drop localhost.localdomain from hosts file
Ross Burton (2):
vim: upgrade to 9.0.1403
vim: set modified-by to the recipe MAINTAINER
meta/classes/multilib.bbclass | 1 +
meta/classes/populate_sdk_ext.bbclass | 2 +-
meta/classes/staging.bbclass | 4 +
meta/classes/toolchain-scripts.bbclass | 2 +-
meta/recipes-core/base-files/base-files/hosts | 2 +-
meta/recipes-core/glibc/glibc.inc | 4 +-
meta/recipes-core/meta/buildtools-tarball.bb | 2 +-
.../systemd/systemd/systemd-pager.sh | 7 ++
meta/recipes-core/systemd/systemd_244.5.bb | 5 +
meta/recipes-devtools/qemu/qemu.inc | 9 +-
.../qemu/qemu/CVE-2022-4144.patch | 103 ++++++++++++++++++
...tack-limits-after-function-evalution.patch | 2 +-
.../libarchive/CVE-2022-26280.patch | 29 +++++
.../libarchive/libarchive_3.4.2.bb | 1 +
.../libksba/libksba/CVE-2022-3515.patch | 47 ++++++++
meta/recipes-support/libksba/libksba_1.3.5.bb | 1 +
meta/recipes-support/vim/vim.inc | 8 +-
17 files changed, 215 insertions(+), 14 deletions(-)
create mode 100644 meta/recipes-core/systemd/systemd/systemd-pager.sh
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2022-4144.patch
create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2022-26280.patch
create mode 100644 meta/recipes-support/libksba/libksba/CVE-2022-3515.patch
--
2.34.1
^ permalink raw reply [flat|nested] 14+ messages in thread
* [OE-core][dunfell 00/14] Pull request (cover letter only)
@ 2022-09-01 14:14 Steve Sakoman
0 siblings, 0 replies; 14+ messages in thread
From: Steve Sakoman @ 2022-09-01 14:14 UTC (permalink / raw)
To: openembedded-core
The following changes since commit a3cba15142e98177119ef36c09f553d09acf35ef:
build-appliance-image: Update to dunfell head revision (2022-08-22 16:07:02 +0100)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
Alexander Kanavin (3):
mobile-broadband-provider-info: upgrade 20220511 -> 20220725
tzdata: upgrade 2022a -> 2022b
wireless-regdb: upgrade 2022.06.06 -> 2022.08.12
Anuj Mittal (1):
cryptodev-module: fix build with 5.11+ kernels
Bruce Ashfield (1):
linux-yocto/5.4: update to v5.4.210
Ernst Sjöstrand (1):
cve-check: Don't use f-strings
Hitendra Prajapati (5):
libtiff: CVE-2022-34526 A stack overflow was discovered
golang: fix CVE-2022-30629 and CVE-2022-30631
golang: fix CVE-2022-30632 and CVE-2022-30633
golang: fix CVE-2022-30635 and CVE-2022-32148
golang: CVE-2022-32189 a denial of service
Paul Eggleton (1):
relocate_sdk.py: ensure interpreter size error causes relocation to
fail
Pawan Badganchi (1):
libxml2: Add fix for CVE-2016-3709
Richard Purdie (1):
vim: Upgrade 9.0.0115 -> 9.0.0242
meta/lib/oe/cve_check.py | 2 +-
.../mobile-broadband-provider-info_git.bb | 4 +-
.../libxml/libxml2/CVE-2016-3709.patch | 89 ++++++++++++
meta/recipes-core/libxml/libxml2_2.9.10.bb | 1 +
meta/recipes-devtools/go/go-1.14.inc | 7 +
.../go/go-1.14/CVE-2022-30629.patch | 47 +++++++
.../go/go-1.14/CVE-2022-30631.patch | 116 ++++++++++++++++
.../go/go-1.14/CVE-2022-30632.patch | 71 ++++++++++
.../go/go-1.14/CVE-2022-30633.patch | 131 ++++++++++++++++++
.../go/go-1.14/CVE-2022-30635.patch | 120 ++++++++++++++++
.../go/go-1.14/CVE-2022-32148.patch | 49 +++++++
.../go/go-1.14/CVE-2022-32189.patch | 113 +++++++++++++++
meta/recipes-extended/timezone/timezone.inc | 6 +-
.../cryptodev/cryptodev-module_1.10.bb | 1 +
.../files/fix-build-for-Linux-5.11-rc1.patch | 32 +++++
.../linux/linux-yocto-rt_5.4.bb | 6 +-
.../linux/linux-yocto-tiny_5.4.bb | 8 +-
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +--
....06.06.bb => wireless-regdb_2022.08.12.bb} | 2 +-
.../libtiff/files/CVE-2022-34526.patch | 29 ++++
meta/recipes-multimedia/libtiff/tiff_4.1.0.bb | 1 +
meta/recipes-support/vim/vim.inc | 4 +-
scripts/relocate_sdk.py | 10 +-
23 files changed, 842 insertions(+), 29 deletions(-)
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2016-3709.patch
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-30629.patch
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-30631.patch
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-30632.patch
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-30633.patch
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-30635.patch
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-32148.patch
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-32189.patch
create mode 100644 meta/recipes-kernel/cryptodev/files/fix-build-for-Linux-5.11-rc1.patch
rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2022.06.06.bb => wireless-regdb_2022.08.12.bb} (94%)
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2022-34526.patch
--
2.25.1
^ permalink raw reply [flat|nested] 14+ messages in thread
* [OE-core][dunfell 00/14] Pull request (cover letter only)
@ 2022-07-12 14:12 Steve Sakoman
0 siblings, 0 replies; 14+ messages in thread
From: Steve Sakoman @ 2022-07-12 14:12 UTC (permalink / raw)
To: openembedded-core
The following changes since commit b75caf4a985e3c20996531785125eaffdc832104:
insane.bbclass: host-user-contaminated: Correct per package home path (2022-06-29 05:15:49 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
Anuj Mittal (1):
efivar: change branch name to main
Bruce Ashfield (2):
linux-yocto/5.4: update to v5.4.199
linux-yocto/5.4: update to v5.4.203
Jate Sujjavanich (1):
IMAGE_LOCALES_ARCHIVE: add option to prevent locale archive creation
Ranjitsinh Rathod (1):
openssl: Minor security upgrade 1.1.1o to 1.1.1p
Richard Purdie (5):
cve-extra-exclusions: Clean up and ignore three CVEs (2xqemu and nasm)
vim: 8.2.5083 -> 9.0.0005
oeqa/runtime/scp: Disable scp test for dropbear
packagegroup-core-ssh-dropbear: Add openssh-sftp-server recommendation
oe-selftest-image: Ensure the image has sftp as well as dropbear
Ross Burton (1):
cve-check: hook cleanup to the BuildCompleted event, not CookerExit
Steve Sakoman (3):
openssh: break dependency on base package for -dev package
dropbear: break dependency on base package for -dev package
qemu: add PACKAGECONFIG for capstone
.../recipes-test/images/oe-selftest-image.bb | 2 +-
meta/classes/cve-check.bbclass | 2 +-
meta/classes/image.bbclass | 5 +-
.../distro/include/cve-extra-exclusions.inc | 31 ++-
meta/lib/oe/package_manager.py | 13 +-
meta/lib/oeqa/runtime/cases/scp.py | 2 +-
meta/recipes-bsp/efivar/efivar_37.bb | 2 +-
.../openssh/openssh_8.2p1.bb | 5 +
...5d82489b3ec09ccc772dfcee14fef0e8e908.patch | 192 ------------------
...611887cfac633aacc052b2e71a7f195418b8.patch | 29 ---
.../{openssl_1.1.1o.bb => openssl_1.1.1p.bb} | 4 +-
meta/recipes-core/dropbear/dropbear.inc | 5 +
.../packagegroup-core-ssh-dropbear.bb | 1 +
meta/recipes-devtools/qemu/qemu.inc | 1 +
.../linux/linux-yocto-rt_5.4.bb | 6 +-
.../linux/linux-yocto-tiny_5.4.bb | 8 +-
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +-
.../vim/{vim-tiny_8.2.bb => vim-tiny_9.0.bb} | 0
meta/recipes-support/vim/vim.inc | 6 +-
.../vim/{vim_8.2.bb => vim_9.0.bb} | 0
20 files changed, 64 insertions(+), 272 deletions(-)
delete mode 100644 meta/recipes-connectivity/openssl/openssl/73db5d82489b3ec09ccc772dfcee14fef0e8e908.patch
delete mode 100644 meta/recipes-connectivity/openssl/openssl/b7ce611887cfac633aacc052b2e71a7f195418b8.patch
rename meta/recipes-connectivity/openssl/{openssl_1.1.1o.bb => openssl_1.1.1p.bb} (97%)
rename meta/recipes-support/vim/{vim-tiny_8.2.bb => vim-tiny_9.0.bb} (100%)
rename meta/recipes-support/vim/{vim_8.2.bb => vim_9.0.bb} (100%)
--
2.25.1
^ permalink raw reply [flat|nested] 14+ messages in thread
* [OE-core][dunfell 00/14] Pull request (cover letter only)
@ 2022-06-11 2:39 Steve Sakoman
0 siblings, 0 replies; 14+ messages in thread
From: Steve Sakoman @ 2022-06-11 2:39 UTC (permalink / raw)
To: openembedded-core
The following changes since commit 4051d1a3aa5f70da96c381f9dea5f52cd9306939:
openssl: Backport fix for ptest cert expiry (2022-06-07 11:33:46 +0100)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
Bruce Ashfield (1):
linux-yocto/5.4: update to v5.4.196
Hitendra Prajapati (2):
e2fsprogs: CVE-2022-1304 out-of-bounds read/write via crafted
filesystem
pcre2: CVE-2022-1587 Out-of-bounds read
Marta Rybczynska (4):
cve-check: move update_symlinks to a library
cve-check: write empty fragment files in the text mode
cve-check: add coverage statistics on recipes with/without CVEs
cve-update-db-native: make it possible to disable database updates
Richard Purdie (1):
libxslt: Mark CVE-2022-29824 as not applying
Robert Joslyn (2):
curl: Backport CVE fixes
curl: Fix CVE_CHECK_WHITELIST typo
Steve Sakoman (3):
Revert "openssl: Backport fix for ptest cert expiry"
openssl: backport fix for ptest certificate expiration
openssl: update the epoch time for ct_test ptest
omkar patil (1):
libxslt: Fix CVE-2021-30560
meta/classes/cve-check.bbclass | 86 ++-
meta/lib/oe/cve_check.py | 10 +
...5d82489b3ec09ccc772dfcee14fef0e8e908.patch | 192 +++++
...ea88c3888cc5cb3ebc94ffcef706c68bc1d2.patch | 55 --
...611887cfac633aacc052b2e71a7f195418b8.patch | 29 +
.../openssl/openssl_1.1.1o.bb | 3 +-
.../recipes-core/meta/cve-update-db-native.bb | 6 +-
.../e2fsprogs/e2fsprogs/CVE-2022-1304.patch | 42 ++
.../e2fsprogs/e2fsprogs_1.45.7.bb | 1 +
.../linux/linux-yocto-rt_5.4.bb | 6 +-
.../linux/linux-yocto-tiny_5.4.bb | 8 +-
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +-
.../curl/curl/CVE-2022-27774-1.patch | 45 ++
.../curl/curl/CVE-2022-27774-2.patch | 80 +++
.../curl/curl/CVE-2022-27774-3.patch | 83 +++
.../curl/curl/CVE-2022-27774-4.patch | 35 +
.../curl/curl/CVE-2022-27781.patch | 46 ++
.../curl/curl/CVE-2022-27782-1.patch | 363 ++++++++++
.../curl/curl/CVE-2022-27782-2.patch | 71 ++
meta/recipes-support/curl/curl_7.69.1.bb | 9 +-
.../libpcre/libpcre2/CVE-2022-1587.patch | 660 ++++++++++++++++++
.../recipes-support/libpcre/libpcre2_10.34.bb | 1 +
.../libxslt/libxslt/CVE-2021-30560.patch | 201 ++++++
.../recipes-support/libxslt/libxslt_1.1.34.bb | 5 +
24 files changed, 1949 insertions(+), 110 deletions(-)
create mode 100644 meta/recipes-connectivity/openssl/openssl/73db5d82489b3ec09ccc772dfcee14fef0e8e908.patch
delete mode 100644 meta/recipes-connectivity/openssl/openssl/770aea88c3888cc5cb3ebc94ffcef706c68bc1d2.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/b7ce611887cfac633aacc052b2e71a7f195418b8.patch
create mode 100644 meta/recipes-devtools/e2fsprogs/e2fsprogs/CVE-2022-1304.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27774-1.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27774-2.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27774-3.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27774-4.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27781.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27782-1.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27782-2.patch
create mode 100644 meta/recipes-support/libpcre/libpcre2/CVE-2022-1587.patch
create mode 100644 meta/recipes-support/libxslt/libxslt/CVE-2021-30560.patch
--
2.25.1
^ permalink raw reply [flat|nested] 14+ messages in thread
* [OE-core][dunfell 00/14] Pull request (cover letter only)
@ 2022-05-14 14:22 Steve Sakoman
0 siblings, 0 replies; 14+ messages in thread
From: Steve Sakoman @ 2022-05-14 14:22 UTC (permalink / raw)
To: openembedded-core
The following changes since commit 7c0345ab1058a7e29d37f110923ecd368e102ed7:
uninative: Upgrade to 3.6 with gcc 12 support (2022-05-09 11:51:55 +0100)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
Bruce Ashfield (1):
linux-yocto/5.4: update to v5.4.192
Davide Gardenal (3):
cve-check: add JSON format to summary output
cve-check: fix symlinks where link and output path are equal
rootfs-postcommands: fix symlinks where link and output path are equal
Marta Rybczynska (2):
cve-update-db-native: update the CVE database once a day only
cve-update-db-native: let the user to drive the update interval
Pawan Badganchi (2):
fribidi: Add fix for CVE-2022-25308, CVE-2022-25309 and CVE-2022-25310
libinput: Add fix for CVE-2022-1215
Portia (1):
volatile-binds: Change DefaultDependencies from false to no
Richard Purdie (3):
base: Avoid circular references to our own scripts
scripts: Make git intercept global
scripts/git: Ensure we don't have circular references
Ross Burton (1):
cve-check: no need to depend on the fetch task
Steve Sakoman (1):
busybox: fix CVE-2022-28391
meta/classes/base.bbclass | 4 +
meta/classes/cve-check.bbclass | 72 ++--
meta/classes/rootfs-postcommands.bbclass | 14 +-
...tr-ensure-only-printable-characters-.patch | 38 ++
...e-all-printed-strings-with-printable.patch | 64 ++++
meta/recipes-core/busybox/busybox_1.31.1.bb | 2 +
.../recipes-core/meta/cve-update-db-native.bb | 13 +-
.../files/volatile-binds.service.in | 2 +-
.../wayland/libinput/CVE-2022-1215.patch | 360 ++++++++++++++++++
.../wayland/libinput_1.15.2.bb | 1 +
.../linux/linux-yocto-rt_5.4.bb | 6 +-
.../linux/linux-yocto-tiny_5.4.bb | 8 +-
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +-
.../fribidi/fribidi/CVE-2022-25308.patch | 50 +++
.../fribidi/fribidi/CVE-2022-25309.patch | 31 ++
.../fribidi/fribidi/CVE-2022-25310.patch | 30 ++
meta/recipes-support/fribidi/fribidi_1.0.9.bb | 3 +
scripts/{git-intercept => }/git | 9 +-
18 files changed, 674 insertions(+), 55 deletions(-)
create mode 100644 meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
create mode 100644 meta/recipes-core/busybox/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
create mode 100644 meta/recipes-graphics/wayland/libinput/CVE-2022-1215.patch
create mode 100644 meta/recipes-support/fribidi/fribidi/CVE-2022-25308.patch
create mode 100644 meta/recipes-support/fribidi/fribidi/CVE-2022-25309.patch
create mode 100644 meta/recipes-support/fribidi/fribidi/CVE-2022-25310.patch
rename scripts/{git-intercept => }/git (52%)
--
2.25.1
^ permalink raw reply [flat|nested] 14+ messages in thread
* [OE-core][dunfell 00/14] Pull request (cover letter only)
@ 2021-12-27 14:36 Steve Sakoman
0 siblings, 0 replies; 14+ messages in thread
From: Steve Sakoman @ 2021-12-27 14:36 UTC (permalink / raw)
To: openembedded-core
The following changes since commit 90a07178ea26be453d101c2e8b33d3a0f437635d:
build-appliance-image: Update to dunfell head revision (2021-12-14 22:49:32 +0000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
Anuj Mittal (1):
gstreamer1.0: fix failing ptest
Bruce Ashfield (5):
linux-yocto/5.4: update to v5.4.159
linux-yocto/5.4: update to v5.4.162
linux-yocto/5.4: update to v5.4.163
linux-yocto/5.4: update to v5.4.165
linux-yocto/5.4: update to v5.4.167
Ernst Sjöstrand (1):
dropbear: Fix CVE-2020-36254
Marta Rybczynska (1):
bluez: fix CVE-2021-0129
Mingli Yu (1):
bootchart2: remove wait_boot logic
Minjae Kim (2):
vim: fix CVE-2021-4069
inetutils: fix CVE-2021-40491
Steve Sakoman (1):
selftest: skip virgl test on fedora 34 entirely
sana kazi (2):
openssh: Fix CVE-2021-41617
openssh: Whitelist CVE-2016-20012
meta/lib/oeqa/selftest/cases/runtime_test.py | 2 +
meta/recipes-connectivity/bluez5/bluez5.inc | 1 +
.../bluez5/bluez5/CVE-2021-0129.patch | 109 ++++++++++++++++++
.../inetutils/inetutils/CVE-2021-40491.patch | 67 +++++++++++
.../inetutils/inetutils_1.9.4.bb | 1 +
.../openssh/openssh/CVE-2021-41617.patch | 52 +++++++++
.../openssh/openssh_8.2p1.bb | 10 ++
meta/recipes-core/dropbear/dropbear.inc | 4 +-
.../dropbear/dropbear/CVE-2020-36254.patch | 29 +++++
...ake-sure-only-one-bootchartd-process.patch | 68 +++++++++++
.../bootchart2/bootchart2_0.14.9.bb | 1 +
.../linux/linux-yocto-rt_5.4.bb | 6 +-
.../linux/linux-yocto-tiny_5.4.bb | 8 +-
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 ++--
...-use-too-strict-timeout-for-validati.patch | 33 ++++++
.../gstreamer/gstreamer1.0_1.16.3.bb | 1 +
.../vim/files/CVE-2021-4069.patch | 43 +++++++
meta/recipes-support/vim/vim.inc | 1 +
18 files changed, 439 insertions(+), 19 deletions(-)
create mode 100644 meta/recipes-connectivity/bluez5/bluez5/CVE-2021-0129.patch
create mode 100644 meta/recipes-connectivity/inetutils/inetutils/CVE-2021-40491.patch
create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2021-41617.patch
create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2020-36254.patch
create mode 100644 meta/recipes-devtools/bootchart2/bootchart2/0001-bootchartd.in-make-sure-only-one-bootchartd-process.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0/0006-tests-seek-Don-t-use-too-strict-timeout-for-validati.patch
create mode 100644 meta/recipes-support/vim/files/CVE-2021-4069.patch
--
2.25.1
^ permalink raw reply [flat|nested] 14+ messages in thread
* [OE-core][dunfell 00/14] Pull request (cover letter only)
@ 2021-07-01 14:00 Steve Sakoman
0 siblings, 0 replies; 14+ messages in thread
From: Steve Sakoman @ 2021-07-01 14:00 UTC (permalink / raw)
To: openembedded-core
The following changes since commit ac8181d9b9ad8360f7dba03aba8b00f008c6ebb4:
Revert "python3: fix CVE-2021-23336" (2021-06-19 13:11:58 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
Jasper Orschulko (3):
expat: fix CVE-2013-0340
libxml2: Fix CVE-2021-3518
libx11: Fix CVE-2021-31535
Michael Halstead (1):
uninative: Upgrade to 3.2 (gcc11 support)
Tim Orling (10):
python3: upgrade 3.8.2 -> 3.8.3
python3: upgrade 3.8.3 -> 3.8.4
python3: upgrade 3.8.4 -> 3.8.5
python3: upgrade 3.8.5 -> 3.8.6
python3: upgrade 3.8.6 -> 3.8.7
python3: upgrade 3.8.7 -> 3.8.8
powertop: fix aclocal error too many loops
python3: upgrade 3.8.8 -> 3.8.9
python3: upgrade 3.8.9 -> 3.8.10
python3-ptest: add newly discovered missing rdeps
meta/conf/distro/include/yocto-uninative.inc | 8 +-
.../expat/expat/CVE-2013-0340.patch | 1758 +++++++++++++++++
.../expat/expat/libtool-tag.patch | 41 +-
meta/recipes-core/expat/expat_2.2.9.bb | 12 +-
.../libxml/libxml2/CVE-2021-3518.patch | 112 ++
meta/recipes-core/libxml/libxml2_2.9.10.bb | 1 +
...20-8492-Fix-AbstractBasicAuthHandler.patch | 248 ---
...le.py-correct-the-test-output-format.patch | 24 +-
.../python/python3/CVE-2019-20907.patch | 44 -
.../python/python3/CVE-2020-14422.patch | 77 -
.../python/python3/CVE-2020-26116.patch | 104 -
.../python/python3/CVE-2020-27619.patch | 70 -
.../python/python3/CVE-2021-3177.patch | 191 --
.../{python3_3.8.2.bb => python3_3.8.10.bb} | 19 +-
.../xorg-lib/libx11/CVE-2021-31535.patch | 333 ++++
.../recipes-graphics/xorg-lib/libx11_1.6.9.bb | 1 +
...2-configure.ac-ax_add_fortify_source.patch | 70 +
...003-configure-Use-AX_REQUIRE_DEFINED.patch | 29 +
meta/recipes-kernel/powertop/powertop_2.10.bb | 8 +-
19 files changed, 2357 insertions(+), 793 deletions(-)
create mode 100644 meta/recipes-core/expat/expat/CVE-2013-0340.patch
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2021-3518.patch
delete mode 100644 meta/recipes-devtools/python/python3/0001-bpo-39503-CVE-2020-8492-Fix-AbstractBasicAuthHandler.patch
delete mode 100644 meta/recipes-devtools/python/python3/CVE-2019-20907.patch
delete mode 100644 meta/recipes-devtools/python/python3/CVE-2020-14422.patch
delete mode 100644 meta/recipes-devtools/python/python3/CVE-2020-26116.patch
delete mode 100644 meta/recipes-devtools/python/python3/CVE-2020-27619.patch
delete mode 100644 meta/recipes-devtools/python/python3/CVE-2021-3177.patch
rename meta/recipes-devtools/python/{python3_3.8.2.bb => python3_3.8.10.bb} (95%)
create mode 100644 meta/recipes-graphics/xorg-lib/libx11/CVE-2021-31535.patch
create mode 100644 meta/recipes-kernel/powertop/powertop/0002-configure.ac-ax_add_fortify_source.patch
create mode 100644 meta/recipes-kernel/powertop/powertop/0003-configure-Use-AX_REQUIRE_DEFINED.patch
--
2.25.1
^ permalink raw reply [flat|nested] 14+ messages in thread
* [OE-core][dunfell 00/14] Pull request (cover letter only)
@ 2021-04-06 14:26 Steve Sakoman
0 siblings, 0 replies; 14+ messages in thread
From: Steve Sakoman @ 2021-04-06 14:26 UTC (permalink / raw)
To: openembedded-core
The following changes since commit 707036d4ec12ef1a260adcef78627b26e32e6540:
linux-yocto/5.4: update to v5.4.105 (2021-03-24 04:30:32 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
Anton D. Kachalov (1):
run-postinsts: do not remove postinsts directory.
Bruce Ashfield (1):
linux-yocto/5.4: update to v5.4.107
Catalin Enache (1):
connman: fix CVE-2021-26675, CVE-2021-26676
Christopher Larson (2):
buildhistory: add missing vardepsexcludes
image,populate_sdk_base: move 'func' flag setting for sdk command vars
He Zhe (1):
cryptodev-module: Backport a patch to fix build failure with kernel
v5.8
Khem Raj (1):
documentation-audit.sh: Fix typo in specifying LICENSE_FLAGS_WHITELIST
Mark Hatle (1):
populate_sdk_ext: Avoid copying and producing .pyc files
Michael Trensch (1):
linux-firmware: Fix packaging
Mikko Rapeli (1):
openssl: update to 1.1.1k to fix CVE-2021-3450 and CVE-2021-3449
Mingli Yu (1):
libtool: make sure autoheader run before autoconf
Minjae Kim (1):
git: fix CVE-2021-21300
Naveen Saini (1):
cryptodev-module: fix build failure with kernel v5.10
Robert P. J. Day (1):
bitbake.conf: correct description of HOSTTOOLS_DIR
meta/classes/buildhistory.bbclass | 3 +
meta/classes/image.bbclass | 2 +-
meta/classes/populate_sdk_base.bbclass | 7 +
meta/classes/populate_sdk_ext.bbclass | 4 +-
meta/conf/bitbake.conf | 2 +-
meta/lib/oe/copy_buildsystem.py | 6 +-
.../connman/connman/CVE-2021-26675.patch | 62 ++++
.../connman/connman/CVE-2021-26676-0001.patch | 231 +++++++++++++
.../connman/connman/CVE-2021-26676-0002.patch | 33 ++
.../connman/connman_1.37.bb | 3 +
.../{openssl_1.1.1j.bb => openssl_1.1.1k.bb} | 2 +-
.../git/files/CVE-2021-21300.patch | 305 ++++++++++++++++++
meta/recipes-devtools/git/git.inc | 4 +-
.../libtool/libtool-2.4.6.inc | 1 +
...-sure-autoheader-run-before-autoconf.patch | 35 ++
.../run-postinsts/run-postinsts/run-postinsts | 10 +-
.../cryptodev/cryptodev-module_1.10.bb | 2 +
.../0001-Fix-build-for-Linux-5.8-rc1.patch | 49 +++
.../0001-Fix-build-for-Linux-5.9-rc1.patch | 42 +++
.../linux-firmware/linux-firmware_20210208.bb | 41 ++-
.../linux/linux-yocto-rt_5.4.bb | 6 +-
.../linux/linux-yocto-tiny_5.4.bb | 8 +-
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +-
scripts/contrib/documentation-audit.sh | 2 +-
24 files changed, 840 insertions(+), 42 deletions(-)
create mode 100644 meta/recipes-connectivity/connman/connman/CVE-2021-26675.patch
create mode 100644 meta/recipes-connectivity/connman/connman/CVE-2021-26676-0001.patch
create mode 100644 meta/recipes-connectivity/connman/connman/CVE-2021-26676-0002.patch
rename meta/recipes-connectivity/openssl/{openssl_1.1.1j.bb => openssl_1.1.1k.bb} (98%)
create mode 100644 meta/recipes-devtools/git/files/CVE-2021-21300.patch
create mode 100644 meta/recipes-devtools/libtool/libtool/0001-Makefile.am-make-sure-autoheader-run-before-autoconf.patch
create mode 100644 meta/recipes-kernel/cryptodev/files/0001-Fix-build-for-Linux-5.8-rc1.patch
create mode 100644 meta/recipes-kernel/cryptodev/files/0001-Fix-build-for-Linux-5.9-rc1.patch
--
2.25.1
^ permalink raw reply [flat|nested] 14+ messages in thread
* [OE-core][dunfell 00/14] Pull request (cover letter only)
@ 2020-07-16 0:01 Steve Sakoman
0 siblings, 0 replies; 14+ messages in thread
From: Steve Sakoman @ 2020-07-16 0:01 UTC (permalink / raw)
To: openembedded-core
The following changes since commit cabaf5654db5db12b6576ef0ebae9bc7b422a8ca:
iso-codes: switch upstream branch master -> main (2020-07-07 07:07:06 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
Alexander Kanavin (2):
gobject-introspection: add a patch to fix a build race
icu: make filtered data generation optional, serial and off by default
Andrey Zhizhikin (1):
kernel/yocto: fix search for defconfig from src_uri
Bjarne Michelsen (1):
devtool: default to empty string, if LIC_FILES_CHKSUM is not available
Bruce Ashfield (2):
kernel/yocto: ensure that defconfigs are processed first
linux-yocto/5.4: update to v5.4.50
Christian Eggers (1):
libnl: Extend for native/nativesdk
Hannu Lounento (1):
openssl: move ${libdir}/[...]/openssl.cnf to ${PN}-conf
Joshua Watt (2):
classes/archiver: run do_unpack_and_patch after do_preconfigure
classes/archive: do_configure should not depend on do_ar_patched
Konrad Weihmann (1):
systemd: remove kernel-install from base pkg
Rasmus Villemoes (1):
coreutils: don't split stdbuf to own package with single-binary
Timon Ulrich (1):
kernel.bbclass: add lz4 dependency and fix the call to lz4
Vacek, Patrick (1):
oeqa/core/loader: fix regex to include numbers
meta/classes/archiver.bbclass | 4 +--
meta/classes/kernel-yocto.bbclass | 34 ++++++++++++-------
meta/classes/kernel.bbclass | 3 +-
meta/lib/oeqa/core/loader.py | 2 +-
.../openssl/openssl_1.1.1g.bb | 4 ++-
meta/recipes-core/coreutils/coreutils_8.31.bb | 15 ++++++--
meta/recipes-core/systemd/systemd_244.3.bb | 1 -
...ency-for-g-ir-compiler-for-building-.patch | 33 ++++++++++++++++++
.../gobject-introspection_1.62.0.bb | 1 +
.../linux/linux-yocto-rt_5.4.bb | 6 ++--
.../linux/linux-yocto-tiny_5.4.bb | 8 ++---
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 ++++++------
meta/recipes-support/icu/icu.inc | 4 ++-
meta/recipes-support/icu/icu_66.1.bb | 6 +++-
meta/recipes-support/libnl/libnl_3.5.0.bb | 2 ++
scripts/lib/devtool/upgrade.py | 4 +--
16 files changed, 107 insertions(+), 42 deletions(-)
create mode 100644 meta/recipes-gnome/gobject-introspection/gobject-introspection/0001-gir-add-a-dependency-for-g-ir-compiler-for-building-.patch
--
2.17.1
^ permalink raw reply [flat|nested] 14+ messages in thread
end of thread, other threads:[~2023-03-24 14:30 UTC | newest]
Thread overview: 14+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-10-27 1:10 [OE-core][dunfell 00/14] Pull request (cover letter only) Steve Sakoman
2020-10-27 9:24 ` Martin Jansa
[not found] ` <CAOSpxdYOG8USSc3s4gwMpAbPHff+pXbzLOR_qVf71inXg5A7=A@mail.gmail.com>
[not found] ` <CA+chaQfvFbARW_qpspY7pLiV8Y6ZkU7_Q=OOvC+iJBp+Dbv+rg@mail.gmail.com>
2020-10-28 14:31 ` Martin Jansa
[not found] ` <16422E7547289A57.31237@lists.openembedded.org>
2020-10-30 14:41 ` Martin Jansa
2020-10-30 14:45 ` Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2023-03-24 14:30 Steve Sakoman
2022-09-01 14:14 Steve Sakoman
2022-07-12 14:12 Steve Sakoman
2022-06-11 2:39 Steve Sakoman
2022-05-14 14:22 Steve Sakoman
2021-12-27 14:36 Steve Sakoman
2021-07-01 14:00 Steve Sakoman
2021-04-06 14:26 Steve Sakoman
2020-07-16 0:01 Steve Sakoman
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.