[OE-core][dunfell 0/5] Patch review

[OE-core][dunfell 0/5] Patch review

[Steve Sakoman]

Please review this next set of patches for dunfell and have comments back by
end of day Monday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/1611

The following changes since commit 84e1a32096db9deb98d282a652beec95dbfe80f1:

  python3: add ldconfig rdepends for python3-ctypes (2020-11-17 07:34:27 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Lee Chee Yang (5):
  libproxy: fix CVE-2020-26154
  bison: update to 3.5.4 for CVE-2020-14150
  python3: whitelist CVE-2020-15523
  python3: fix CVE-2020-27619
  qemu: fix CVE-2020-24352

 .../bison/{bison_3.5.3.bb => bison_3.5.4.bb}  |  2 +-
 .../python/python3/CVE-2020-27619.patch       | 70 +++++++++++++
 meta/recipes-devtools/python/python3_3.8.2.bb |  4 +
 meta/recipes-devtools/qemu/qemu.inc           |  1 +
 .../qemu/qemu/CVE-2020-24352.patch            | 52 ++++++++++
 .../libproxy/libproxy/CVE-2020-26154.patch    | 98 +++++++++++++++++++
 .../libproxy/libproxy_0.4.15.bb               |  1 +
 7 files changed, 227 insertions(+), 1 deletion(-)
 rename meta/recipes-devtools/bison/{bison_3.5.3.bb => bison_3.5.4.bb} (94%)
 create mode 100644 meta/recipes-devtools/python/python3/CVE-2020-27619.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-24352.patch
 create mode 100644 meta/recipes-support/libproxy/libproxy/CVE-2020-26154.patch

-- 
2.17.1

[OE-core][dunfell 1/5] libproxy: fix CVE-2020-26154

[Steve Sakoman]

From: Lee Chee Yang <chee.yang.lee@intel.com>

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libproxy/libproxy/CVE-2020-26154.patch    | 98 +++++++++++++++++++
 .../libproxy/libproxy_0.4.15.bb               |  1 +
 2 files changed, 99 insertions(+)
 create mode 100644 meta/recipes-support/libproxy/libproxy/CVE-2020-26154.patch

diff --git a/meta/recipes-support/libproxy/libproxy/CVE-2020-26154.patch b/meta/recipes-support/libproxy/libproxy/CVE-2020-26154.patch
new file mode 100644
index 0000000000..0ccb99da81
--- /dev/null
+++ b/meta/recipes-support/libproxy/libproxy/CVE-2020-26154.patch
@@ -0,0 +1,98 @@
+From 4411b523545b22022b4be7d0cac25aa170ae1d3e Mon Sep 17 00:00:00 2001
+From: Fei Li <lifeibiren@gmail.com>
+Date: Fri, 17 Jul 2020 02:18:37 +0800
+Subject: [PATCH] Fix buffer overflow when PAC is enabled
+
+The bug was found on Windows 10 (MINGW64) when PAC is enabled. It turned
+out to be the large PAC file (more than 102400 bytes) returned by a
+local proxy program with no content-length present.
+
+Upstream-Status: Backport [https://github.com/libproxy/libproxy/commit/6d342b50366a048d3d543952e2be271b5742c5f8]
+CVE: CVE-2020-26154
+Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
+
+---
+ libproxy/url.cpp | 44 +++++++++++++++++++++++++++++++-------------
+ 1 file changed, 31 insertions(+), 13 deletions(-)
+
+diff --git a/libproxy/url.cpp b/libproxy/url.cpp
+index ee776b2..8684086 100644
+--- a/libproxy/url.cpp
++++ b/libproxy/url.cpp
+@@ -54,7 +54,7 @@ using namespace std;
+ #define PAC_MIME_TYPE_FB "text/plain"
+ 
+ // This is the maximum pac size (to avoid memory attacks)
+-#define PAC_MAX_SIZE 102400
++#define PAC_MAX_SIZE 0x800000
+ // This is the default block size to use when receiving via HTTP
+ #define PAC_HTTP_BLOCK_SIZE 512
+ 
+@@ -478,15 +478,13 @@ char* url::get_pac() {
+ 		}
+ 
+ 		// Get content
+-		unsigned int recvd = 0;
+-		buffer = new char[PAC_MAX_SIZE];
+-		memset(buffer, 0, PAC_MAX_SIZE);
++		std::vector<char> dynamic_buffer;
+ 		do {
+ 			unsigned int chunk_length;
+ 
+ 			if (chunked) {
+ 				// Discard the empty line if we received a previous chunk
+-				if (recvd > 0) recvline(sock);
++				if (!dynamic_buffer.empty()) recvline(sock);
+ 
+ 				// Get the chunk-length line as an integer
+ 				if (sscanf(recvline(sock).c_str(), "%x", &chunk_length) != 1 || chunk_length == 0) break;
+@@ -498,21 +496,41 @@ char* url::get_pac() {
+ 
+ 			if (content_length >= PAC_MAX_SIZE) break;
+ 
+-			while (content_length == 0 || recvd != content_length) {
+-				int r = recv(sock, buffer + recvd,
+-				             content_length == 0 ? PAC_HTTP_BLOCK_SIZE
+-				                                 : content_length - recvd, 0);
++			while (content_length == 0 || dynamic_buffer.size() != content_length) {
++				// Calculate length to recv
++				unsigned int length_to_read = PAC_HTTP_BLOCK_SIZE;
++				if (content_length > 0)
++					length_to_read = content_length - dynamic_buffer.size();
++
++				// Prepare buffer
++				dynamic_buffer.resize(dynamic_buffer.size() + length_to_read);
++
++				int r = recv(sock, dynamic_buffer.data() + dynamic_buffer.size() - length_to_read, length_to_read, 0);
++
++				// Shrink buffer to fit
++				if (r >= 0)
++					dynamic_buffer.resize(dynamic_buffer.size() - length_to_read + r);
++
++				// PAC size too large, discard
++				if (dynamic_buffer.size() >= PAC_MAX_SIZE) {
++					chunked = false;
++					dynamic_buffer.clear();
++					break;
++				}
++
+ 				if (r <= 0) {
+ 					chunked = false;
+ 					break;
+ 				}
+-				recvd += r;
+ 			}
+ 		} while (chunked);
+ 
+-		if (content_length != 0 && string(buffer).size() != content_length) {
+-			delete[] buffer;
+-			buffer = NULL;
++		if (content_length == 0 || content_length == dynamic_buffer.size()) {
++			buffer = new char[dynamic_buffer.size() + 1];
++			if (!dynamic_buffer.empty()) {
++				memcpy(buffer, dynamic_buffer.data(), dynamic_buffer.size());
++			}
++			buffer[dynamic_buffer.size()] = '\0';
+ 		}
+ 	}
+ 
diff --git a/meta/recipes-support/libproxy/libproxy_0.4.15.bb b/meta/recipes-support/libproxy/libproxy_0.4.15.bb
index a14c358cc2..6f704d7a91 100644
--- a/meta/recipes-support/libproxy/libproxy_0.4.15.bb
+++ b/meta/recipes-support/libproxy/libproxy_0.4.15.bb
@@ -11,6 +11,7 @@ DEPENDS = "glib-2.0"
 SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${PV}/${BP}.tar.xz \
            file://0001-get-pac-test-Fix-build-with-clang-libc.patch \
            file://CVE-2020-25219.patch \
+           file://CVE-2020-26154.patch \
           "
 SRC_URI[md5sum] = "f6b1d2a1e17a99cd3debaae6d04ab152"
 SRC_URI[sha256sum] = "654db464120c9534654590b6683c7fa3887b3dad0ca1c4cd412af24fbfca6d4f"
-- 
2.17.1

[OE-core][dunfell 2/5] bison: update to 3.5.4 for CVE-2020-14150

[Steve Sakoman]

From: Lee Chee Yang <chee.yang.lee@intel.com>

Release notes:
https://lists.gnu.org/archive/html/info-gnu/2020-04/msg00000.html

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/bison/{bison_3.5.3.bb => bison_3.5.4.bb} | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-devtools/bison/{bison_3.5.3.bb => bison_3.5.4.bb} (94%)

diff --git a/meta/recipes-devtools/bison/bison_3.5.3.bb b/meta/recipes-devtools/bison/bison_3.5.4.bb
similarity index 94%
rename from meta/recipes-devtools/bison/bison_3.5.3.bb
rename to meta/recipes-devtools/bison/bison_3.5.4.bb
index e6c169e9db..9830721038 100644
--- a/meta/recipes-devtools/bison/bison_3.5.3.bb
+++ b/meta/recipes-devtools/bison/bison_3.5.4.bb
@@ -14,7 +14,7 @@ SRC_URI = "${GNU_MIRROR}/bison/bison-${PV}.tar.xz \
            file://add-with-bisonlocaledir.patch \
            file://0001-bison-fix-the-parallel-build.patch \
 "
-SRC_URI[sha256sum] = "2bf85b5f88a5f2fa8069aed2a2dfc3a9f8d15a97e59c713e3906e5fdd982a7c4"
+SRC_URI[sha256sum] = "4c17e99881978fa32c05933c5262457fa5b2b611668454f8dc2a695cd6b3720c"
 
 # No point in hardcoding path to m4, just use PATH
 EXTRA_OECONF += "M4=m4"
-- 
2.17.1

[OE-core][dunfell 3/5] python3: whitelist CVE-2020-15523

[Steve Sakoman]

From: Lee Chee Yang <chee.yang.lee@intel.com>

This CVE is issue on _Py_CheckPython3 uses uninitialized dllpath when embedder sets module path with Py_SetPath.
Since it is .dll issue (on windows only), hence whitelist it.

https://bugs.python.org/issue29778

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/python/python3_3.8.2.bb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta/recipes-devtools/python/python3_3.8.2.bb b/meta/recipes-devtools/python/python3_3.8.2.bb
index 758ed87546..5f7901dbf2 100644
--- a/meta/recipes-devtools/python/python3_3.8.2.bb
+++ b/meta/recipes-devtools/python/python3_3.8.2.bb
@@ -54,6 +54,9 @@ CVE_PRODUCT = "python"
 # This is not exploitable when glibc has CVE-2016-10739 fixed.
 CVE_CHECK_WHITELIST += "CVE-2019-18348"
 
+# This is windows only issue.
+CVE_CHECK_WHITELIST += "CVE-2020-15523"
+
 PYTHON_MAJMIN = "3.8"
 
 S = "${WORKDIR}/Python-${PV}"
-- 
2.17.1

[OE-core][dunfell 4/5] python3: fix CVE-2020-27619

[Steve Sakoman]

From: Lee Chee Yang <chee.yang.lee@intel.com>

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../python/python3/CVE-2020-27619.patch       | 70 +++++++++++++++++++
 meta/recipes-devtools/python/python3_3.8.2.bb |  1 +
 2 files changed, 71 insertions(+)
 create mode 100644 meta/recipes-devtools/python/python3/CVE-2020-27619.patch

diff --git a/meta/recipes-devtools/python/python3/CVE-2020-27619.patch b/meta/recipes-devtools/python/python3/CVE-2020-27619.patch
new file mode 100644
index 0000000000..bafa1cb999
--- /dev/null
+++ b/meta/recipes-devtools/python/python3/CVE-2020-27619.patch
@@ -0,0 +1,70 @@
+From 6c6c256df3636ff6f6136820afaefa5a10a3ac33 Mon Sep 17 00:00:00 2001
+From: "Miss Skeleton (bot)" <31488909+miss-islington@users.noreply.github.com>
+Date: Tue, 6 Oct 2020 05:38:54 -0700
+Subject: [PATCH] bpo-41944: No longer call eval() on content received via HTTP
+ in the CJK codec tests (GH-22566) (GH-22577)
+
+(cherry picked from commit 2ef5caa58febc8968e670e39e3d37cf8eef3cab8)
+
+Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
+
+Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
+
+Upstream-Status: Backport [https://github.com/python/cpython/commit/6c6c256df3636ff6f6136820afaefa5a10a3ac33]
+CVE: CVE-2020-27619
+Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
+---
+ Lib/test/multibytecodec_support.py            | 22 +++++++------------
+ .../2020-10-05-17-43-46.bpo-41944.rf1dYb.rst  |  1 +
+ 2 files changed, 9 insertions(+), 14 deletions(-)
+ create mode 100644 Misc/NEWS.d/next/Tests/2020-10-05-17-43-46.bpo-41944.rf1dYb.rst
+
+diff --git a/Lib/test/multibytecodec_support.py b/Lib/test/multibytecodec_support.py
+index cca8af67d6d1d..f76c0153f5ecf 100644
+--- a/Lib/test/multibytecodec_support.py
++++ b/Lib/test/multibytecodec_support.py
+@@ -305,29 +305,23 @@ def test_mapping_file(self):
+             self._test_mapping_file_plain()
+ 
+     def _test_mapping_file_plain(self):
+-        unichrs = lambda s: ''.join(map(chr, map(eval, s.split('+'))))
++        def unichrs(s):
++            return ''.join(chr(int(x, 16)) for x in s.split('+'))
++
+         urt_wa = {}
+ 
+         with self.open_mapping_file() as f:
+             for line in f:
+                 if not line:
+                     break
+-                data = line.split('#')[0].strip().split()
++                data = line.split('#')[0].split()
+                 if len(data) != 2:
+                     continue
+ 
+-                csetval = eval(data[0])
+-                if csetval <= 0x7F:
+-                    csetch = bytes([csetval & 0xff])
+-                elif csetval >= 0x1000000:
+-                    csetch = bytes([(csetval >> 24), ((csetval >> 16) & 0xff),
+-                                    ((csetval >> 8) & 0xff), (csetval & 0xff)])
+-                elif csetval >= 0x10000:
+-                    csetch = bytes([(csetval >> 16), ((csetval >> 8) & 0xff),
+-                                    (csetval & 0xff)])
+-                elif csetval >= 0x100:
+-                    csetch = bytes([(csetval >> 8), (csetval & 0xff)])
+-                else:
++                if data[0][:2] != '0x':
++                    self.fail(f"Invalid line: {line!r}")
++                csetch = bytes.fromhex(data[0][2:])
++                if len(csetch) == 1 and 0x80 <= csetch[0]:
+                     continue
+ 
+                 unich = unichrs(data[1])
+diff --git a/Misc/NEWS.d/next/Tests/2020-10-05-17-43-46.bpo-41944.rf1dYb.rst b/Misc/NEWS.d/next/Tests/2020-10-05-17-43-46.bpo-41944.rf1dYb.rst
+new file mode 100644
+index 0000000000000..4f9782f1c85af
+--- /dev/null
++++ b/Misc/NEWS.d/next/Tests/2020-10-05-17-43-46.bpo-41944.rf1dYb.rst
+@@ -0,0 +1 @@
++Tests for CJK codecs no longer call ``eval()`` on content received via HTTP.
diff --git a/meta/recipes-devtools/python/python3_3.8.2.bb b/meta/recipes-devtools/python/python3_3.8.2.bb
index 5f7901dbf2..1d0b4cdb77 100644
--- a/meta/recipes-devtools/python/python3_3.8.2.bb
+++ b/meta/recipes-devtools/python/python3_3.8.2.bb
@@ -35,6 +35,7 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \
            file://0001-bpo-39503-CVE-2020-8492-Fix-AbstractBasicAuthHandler.patch \
            file://CVE-2020-14422.patch \
            file://CVE-2020-26116.patch \
+           file://CVE-2020-27619.patch \
            "
 
 SRC_URI_append_class-native = " \
-- 
2.17.1

[OE-core][dunfell 5/5] qemu: fix CVE-2020-24352

[Steve Sakoman]

From: Lee Chee Yang <chee.yang.lee@intel.com>

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/qemu/qemu.inc           |  1 +
 .../qemu/qemu/CVE-2020-24352.patch            | 52 +++++++++++++++++++
 2 files changed, 53 insertions(+)
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-24352.patch

diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index b6941403ea..067179fdeb 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -50,6 +50,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \
 	   file://CVE-2020-16092.patch \
 	   file://0001-target-mips-Increase-number-of-TLB-entries-on-the-34.patch \
 	   file://CVE-2019-20175.patch \
+	   file://CVE-2020-24352.patch \
 	   "
 UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar"
 
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-24352.patch b/meta/recipes-devtools/qemu/qemu/CVE-2020-24352.patch
new file mode 100644
index 0000000000..861ff6c3b0
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-24352.patch
@@ -0,0 +1,52 @@
+From ca1f9cbfdce4d63b10d57de80fef89a89d92a540 Mon Sep 17 00:00:00 2001
+From: Prasad J Pandit <pjp@fedoraproject.org>
+Date: Wed, 21 Oct 2020 16:08:18 +0530
+Subject: [PATCH 1/1] ati: check x y display parameter values
+
+The source and destination x,y display parameters in ati_2d_blt()
+may run off the vga limits if either of s->regs.[src|dst]_[xy] is
+zero. Check the parameter values to avoid potential crash.
+
+Reported-by: Gaoning Pan <pgn@zju.edu.cn>
+Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
+Message-id: 20201021103818.1704030-1-ppandit@redhat.com
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+
+Upstream-Status: Backport [ https://git.qemu.org/?p=qemu.git;a=commitdiff;h=ca1f9cbfdce4d63b10d57de80fef89a89d92a540;hp=2ddafce7f797082ad216657c830afd4546f16e37 ]
+CVE: CVE-2020-24352
+Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
+---
+ hw/display/ati_2d.c | 10 ++++++----
+ 1 file changed, 6 insertions(+), 4 deletions(-)
+
+diff --git a/hw/display/ati_2d.c b/hw/display/ati_2d.c
+index 23a8ae0..4dc10ea 100644
+--- a/hw/display/ati_2d.c
++++ b/hw/display/ati_2d.c
+@@ -75,8 +75,9 @@ void ati_2d_blt(ATIVGAState *s)
+         dst_stride *= bpp;
+     }
+     uint8_t *end = s->vga.vram_ptr + s->vga.vram_size;
+-    if (dst_bits >= end || dst_bits + dst_x + (dst_y + s->regs.dst_height) *
+-        dst_stride >= end) {
++    if (dst_x > 0x3fff || dst_y > 0x3fff || dst_bits >= end
++        || dst_bits + dst_x
++         + (dst_y + s->regs.dst_height) * dst_stride >= end) {
+         qemu_log_mask(LOG_UNIMP, "blt outside vram not implemented\n");
+         return;
+     }
+@@ -107,8 +108,9 @@ void ati_2d_blt(ATIVGAState *s)
+             src_bits += s->regs.crtc_offset & 0x07ffffff;
+             src_stride *= bpp;
+         }
+-        if (src_bits >= end || src_bits + src_x +
+-            (src_y + s->regs.dst_height) * src_stride >= end) {
++        if (src_x > 0x3fff || src_y > 0x3fff || src_bits >= end
++            || src_bits + src_x
++             + (src_y + s->regs.dst_height) * src_stride >= end) {
+             qemu_log_mask(LOG_UNIMP, "blt outside vram not implemented\n");
+             return;
+         }
+-- 
+1.8.3.1
+
-- 
2.17.1

[OE-core][dunfell 0/5] Patch review

[Steve Sakoman]

Please review this set of changes for dunfell and have comments back by
end of day Friday, April 12

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6774

The following changes since commit 47ce772102b45db14dc21112367534ea1c37e33c:

  perf: bump PR to deal with sstate corruption on autobuilder (2024-04-02 05:46:56 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Ashish Sharma (3):
  go: Backport fix for CVE-2024-24784
  xserver-xorg: Backport fix for CVE-2024-31081
  xserver-xorg: Backport fix for CVE-2024-31080

Colin McAllister (1):
  licenses.conf: Add missing LGPLv2.0+ license

Vijay Anusuri (1):
  ncurses: Backport fix for CVE-2023-50495

 meta/conf/licenses.conf                       |   1 +
 .../ncurses/files/CVE-2023-50495.patch        |  79 +++++++
 meta/recipes-core/ncurses/ncurses_6.2.bb      |   1 +
 meta/recipes-devtools/go/go-1.14.inc          |   1 +
 .../go/go-1.14/CVE-2024-24784.patch           | 205 ++++++++++++++++++
 .../xserver-xorg/CVE-2024-31080.patch         |  49 +++++
 .../xserver-xorg/CVE-2024-31081.patch         |  47 ++++
 .../xorg-xserver/xserver-xorg_1.20.14.bb      |   2 +
 8 files changed, 385 insertions(+)
 create mode 100644 meta/recipes-core/ncurses/files/CVE-2023-50495.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2024-24784.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31080.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31081.patch

-- 
2.34.1

[OE-core][dunfell 0/5] Patch review

[Steve Sakoman]

Please review this set of changes for dunfell and have comments back by
end of day Tuesday, January 9

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6418

The following changes since commit 3ea36d92800b139eaaf75995cdd59912b63db9ee:

  tzdata: Upgrade to 2023d (2024-01-02 03:43:26 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Dhairya Nagodra (2):
  cve-update-nvd2-native: faster requests with API keys
  cve-update-nvd2-native: increase the delay between subsequent request
    failures

Dmitry Baryshkov (1):
  linux-firmware: upgrade 20230804 -> 20231030

Peter Marko (2):
  cve-update-nvd2-native: remove unused variable CVE_SOCKET_TIMEOUT
  cve-update-nvd2-native: make number of fetch attemtps configurable

 .../meta/cve-update-nvd2-native.bb            | 27 +++++++++++++------
 ...20230804.bb => linux-firmware_20231030.bb} |  4 +--
 2 files changed, 21 insertions(+), 10 deletions(-)
 rename meta/recipes-kernel/linux-firmware/{linux-firmware_20230804.bb => linux-firmware_20231030.bb} (99%)

-- 
2.34.1

[OE-core][dunfell 0/5] Patch review

[Steve Sakoman]

Please review this set of changes for dunfell and have comments back by
end of day Thursday, December 21

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6348

The following changes since commit 55157aa2f8b157b1cc63e1134d9eba6db0cf16da:

  build-appliance-image: Update to dunfell head revision (2023-12-11 05:13:51 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Bhabu Bindu (1):
  glibc: Fix CVE-2023-4813

Lee Chee Yang (2):
  perl: fix CVE-2023-31484/47038/47100
  binutils: Fix CVE-2023-25584

Vijay Anusuri (1):
  libxml2: Backport fix for CVE-2021-3516

Vivek Kumbhar (1):
  libsndfile: fix CVE-2021-4156 heap out-of-bounds read in src/flac.c in
    flac_buffer_copy

 .../glibc/glibc/CVE-2023-4813.patch           | 986 ++++++++++++++++++
 meta/recipes-core/glibc/glibc_2.31.bb         |   1 +
 .../libxml/libxml2/CVE-2021-3516.patch        |  35 +
 meta/recipes-core/libxml/libxml2_2.9.10.bb    |   1 +
 .../binutils/binutils-2.34.inc                |   1 +
 .../binutils/binutils/CVE-2023-25584.patch    | 530 ++++++++++
 .../perl/files/CVE-2023-31484.patch           |  27 +
 .../perl/files/CVE-2023-47038.patch           | 121 +++
 meta/recipes-devtools/perl/perl_5.30.1.bb     |   2 +
 .../libsndfile1/CVE-2021-4156.patch           |  30 +
 .../libsndfile/libsndfile1_1.0.28.bb          |   1 +
 11 files changed, 1735 insertions(+)
 create mode 100644 meta/recipes-core/glibc/glibc/CVE-2023-4813.patch
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2021-3516.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2023-25584.patch
 create mode 100644 meta/recipes-devtools/perl/files/CVE-2023-31484.patch
 create mode 100644 meta/recipes-devtools/perl/files/CVE-2023-47038.patch
 create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch

-- 
2.34.1

[OE-core][dunfell 0/5] Patch review

[Steve Sakoman]

Please review this set of changes for dunfell and have comments back by
end of day Wednesday, September 6.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5815

The following changes since commit 3575290c4cc937ae2f2c5604a5619ac6de9aa071:

  grub2.inc: remove '-O2' from CFLAGS (2023-08-27 06:30:22 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Ross Burton (3):
  linux-yocto: add script to generate kernel CVE_CHECK_WHITELIST entries
  linux/cve-exclusion: add generated CVE_CHECK_WHITELISTs
  linux/cve-exclusion: remove obsolete manual entries

Vijay Anusuri (2):
  inetutils: Backport fix for CVE-2023-40303
  go: Backport fix for CVE-2023-29409

 ...tpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch |  283 +
 ...03-Indent-changes-in-previous-commit.patch |  254 +
 .../inetutils/inetutils_1.9.4.bb              |    2 +
 meta/recipes-devtools/go/go-1.14.inc          |    1 +
 .../go/go-1.14/CVE-2023-29409.patch           |  175 +
 meta/recipes-kernel/linux/cve-exclusion.inc   | 1827 -----
 .../linux/cve-exclusion_5.4.inc               | 7164 +++++++++++++++++
 .../linux/generate-cve-exclusions.py          |  101 +
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  |    1 +
 9 files changed, 7981 insertions(+), 1827 deletions(-)
 create mode 100644 meta/recipes-connectivity/inetutils/inetutils/0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch
 create mode 100644 meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-29409.patch
 create mode 100644 meta/recipes-kernel/linux/cve-exclusion_5.4.inc
 create mode 100755 meta/recipes-kernel/linux/generate-cve-exclusions.py

-- 
2.34.1

[OE-core][dunfell 0/5] Patch review

[Steve Sakoman]

Please review this set of changes for dunfell and have comments back by 
end of day Friday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5460

The following changes since commit 96798603273bbab40a7e19bbb67a9a5398648c21:

  openssh: Move sshdgenkeys.service to sshd.socket (2023-06-07 05:49:27 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Martin Siegumfeldt (1):
  systemd-systemctl: fix instance template WantedBy symlink construction

Nikhil R (1):
  libwebp: Fix CVE-2023-1999

Qiu Tingting (1):
  e2fsprogs: fix ptest bug for second running

Randy MacLeod (1):
  vim: upgrade 9.0.1429 -> 9.0.1527

Richard Purdie (1):
  selftest/reproducible: Allow native/cross reuse in test

 meta/lib/oeqa/selftest/cases/reproducible.py  |  4 +-
 .../systemd/systemd-systemctl/systemctl       | 13 ++++-
 .../e2fsprogs/e2fsprogs/run-ptest             |  1 +
 .../e2fsprogs/e2fsprogs_1.45.7.bb             |  3 +
 .../webp/files/CVE-2023-1999.patch            | 55 +++++++++++++++++++
 meta/recipes-multimedia/webp/libwebp_1.1.0.bb |  4 ++
 meta/recipes-support/vim/vim.inc              |  4 +-
 7 files changed, 77 insertions(+), 7 deletions(-)
 create mode 100644 meta/recipes-multimedia/webp/files/CVE-2023-1999.patch

-- 
2.34.1

[OE-core][dunfell 0/5] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by
end of day Friday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4259

The following changes since commit f547c9610f8c17c3da9ca3f7a79902d2ffbfca49:

  qemu: Add PACKAGECONFIG for brlapi (2022-09-20 11:09:59 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Bruce Ashfield (2):
  linux-yocto/5.4: update to v5.4.212
  linux-yocto/5.4: update to v5.4.213

Lee Chee Yang (1):
  subversion: fix CVE-2021-28544

Sana Kazi (1):
  sqlite3: Fix CVE-2021-20223

Virendra Thakur (1):
  expat: Fix CVE-2022-40674

 .../expat/expat/CVE-2022-40674.patch          |  53 +++++++
 meta/recipes-core/expat/expat_2.2.9.bb        |   1 +
 .../subversion/CVE-2021-28544.patch           | 146 ++++++++++++++++++
 .../subversion/subversion_1.13.0.bb           |   1 +
 .../linux/linux-yocto-rt_5.4.bb               |   6 +-
 .../linux/linux-yocto-tiny_5.4.bb             |   8 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  |  22 +--
 .../sqlite/files/CVE-2021-20223.patch         |  23 +++
 meta/recipes-support/sqlite/sqlite3_3.31.1.bb |   1 +
 9 files changed, 243 insertions(+), 18 deletions(-)
 create mode 100644 meta/recipes-core/expat/expat/CVE-2022-40674.patch
 create mode 100644 meta/recipes-devtools/subversion/subversion/CVE-2021-28544.patch
 create mode 100644 meta/recipes-support/sqlite/files/CVE-2021-20223.patch

-- 
2.25.1

[OE-core][dunfell 0/5] Patch review

[Steve Sakoman]

Please review this next set of changes for dunfell and have comments back by
end of day Thursday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/2554

The following changes since commit b46b059a306b2823624e64adecded9f76430471a:

  layer.conf: fix syntax error in PATH setting (2021-09-03 04:05:12 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Changqing Li (1):
  gdk-pixbuf: fix CVE-2021-20240

Martin Jansa (1):
  default-distrovars.inc: Set BBINCLUDELOGS to empty to disable printing
    failed task output multiple times

Purushottam Choudhary (1):
  lighttpd: Add patch for reuse large memory chunks

Richard Purdie (2):
  xdg-utils: Add fix for CVE-2020-27748
  oeqa/runtime/parselogs: Make DVD ata error apply to all qemux86
    machines

 .../distro/include/default-distrovars.inc     |   6 +-
 meta/conf/documentation.conf                  |   2 +-
 meta/lib/oeqa/runtime/cases/parselogs.py      |   2 +-
 ...or-pcre-dependency-instead-of-config.patch |  10 +-
 ...-mem-chunks-fix-mem-usage-fixes-3033.patch | 224 ++++++++++++++++++
 .../lighttpd/default-chunk-size-8k.patch      |  35 +++
 .../lighttpd/lighttpd_1.4.55.bb               |   2 +
 ...9813e0eb0246f63b54e9e154970e609575af.patch |  58 +++++
 .../xdg-utils/xdg-utils_1.1.3.bb              |   1 +
 .../gdk-pixbuf/CVE-2021-20240.patch           |  40 ++++
 .../gdk-pixbuf/gdk-pixbuf_2.40.0.bb           |   1 +
 11 files changed, 371 insertions(+), 10 deletions(-)
 create mode 100644 meta/recipes-extended/lighttpd/lighttpd/0001-core-reuse-large-mem-chunks-fix-mem-usage-fixes-3033.patch
 create mode 100644 meta/recipes-extended/lighttpd/lighttpd/default-chunk-size-8k.patch
 create mode 100644 meta/recipes-extended/xdg-utils/xdg-utils/1f199813e0eb0246f63b54e9e154970e609575af.patch
 create mode 100644 meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2021-20240.patch

-- 
2.25.1

[OE-core][dunfell 0/5] Patch review

[Steve Sakoman]

Please review this next set of patches for dunfell and have comments back by
end of day Monday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/2540

The following changes since commit 448e0271ed831582bb5833486fc17b131676fb53:

  selftest: disable virgl headless test (2021-08-27 04:58:08 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Andrej Valek (1):
  vim: add option to disable NLS support

Armin Kuster (1):
  lz4: Security Fix for CVE-2021-3520

Matt Madison (1):
  layer.conf: fix syntax error in PATH setting

Richard Purdie (1):
  sdk: Decouple default install path from built in path

Ross Burton (1):
  cpio: backport fix for CVE-2021-38185

 meta/classes/populate_sdk_base.bbclass        |   1 +
 meta/conf/bitbake.conf                        |   4 +-
 meta/conf/layer.conf                          |   2 +-
 meta/files/toolchain-shar-extract.sh          |   3 +-
 meta/files/toolchain-shar-relocate.sh         |   2 +-
 .../cpio/cpio-2.13/CVE-2021-38185.patch       | 581 ++++++++++++++++++
 meta/recipes-extended/cpio/cpio_2.13.bb       |   1 +
 .../lz4/files/CVE-2021-3520.patch             |  27 +
 meta/recipes-support/lz4/lz4_1.9.2.bb         |   1 +
 meta/recipes-support/vim/vim.inc              |   4 +-
 10 files changed, 621 insertions(+), 5 deletions(-)
 create mode 100644 meta/recipes-extended/cpio/cpio-2.13/CVE-2021-38185.patch
 create mode 100644 meta/recipes-support/lz4/files/CVE-2021-3520.patch

-- 
2.25.1

Re: [OE-core][dunfell 0/5] Patch review

[Martin Jansa]

[-- Attachment #1: Type: text/plain, Size: 3598 bytes --]

I've sent the patch for meta-python now, but I see that I've sent it only
for version 11 (not 12 from "layer.conf: Bump OE-Core layer version" which
is being backported here and was merged to master just few hours ago in
https://git.openembedded.org/openembedded-core/commit/?id=2d503b27e7c88cee9a37c79c4605c77b11f230b6).
Sending v2 now.

On Thu, Jun 4, 2020 at 2:11 AM Joshua Watt <jpewhacker@gmail.com> wrote:

>
>
> On Wed, Jun 3, 2020, 6:33 PM Martin Jansa <martin.jansa@gmail.com> wrote:
>
>> I think we still need corresponding LAYERDEPENDS_meta-python update which
>> isn't in master yet (and I haven't noticed it on the list).
>>
>> Joshua: did I overlook it somewhere or should I send it?
>>
>
> I didn't send it because the layer version bump wasn't added to oe-core
> until yesterday. If you can send the patch that would be great.
>
> Thanks
>
>
>> On Wed, Jun 3, 2020 at 7:45 PM akuster <akuster808@gmail.com> wrote:
>>
>>>
>>>
>>> On 6/3/20 10:36 AM, Denys Dmytriyenko wrote:
>>> > On Wed, Jun 03, 2020 at 10:33:55AM -0700, akuster wrote:
>>> >> Does someone have the complementary set of patches for meta-openbedded
>>> >> to remove these?
>>> >
>>> https://git.openembedded.org/meta-openembedded/commit/?id=a8f3c00d8d113b46a49584682e10435157d516ca
>>> >
>>> https://git.openembedded.org/meta-openembedded/commit/?id=7aee545a61c4f91d5e462d5b46b1b8f9a8bad1e3
>>> >
>>> > Do you want me to re-submit them with [dunfell] tag?
>>> nah, the commits work of me. Thanks
>>>
>>> - armin
>>> >
>>> >
>>> >> - armin
>>> >>
>>> >> On 6/3/20 8:33 AM, Steve Sakoman wrote:
>>> >>> Pending final approval for an exception to LTS policy in this case
>>> please
>>> >>> review this patch series and have comments back by end of day
>>> Thursday.
>>> >>>
>>> >>> For details on the motivation for this change see:
>>> >>>
>>> >>>
>>> https://lists.openembedded.org/g/openembedded-architecture/message/1085
>>> >>>
>>> >>> The following changes since commit
>>> ef5af31f406076107402694f5d6afb27b240eba6:
>>> >>>
>>> >>>   linux-yocto/5.4: update to v5.4.43 (2020-06-01 07:19:09 -1000)
>>> >>>
>>> >>> are available in the Git repository at:
>>> >>>
>>> >>>   git://git.openembedded.org/openembedded-core-contrib
>>> stable/dunfell-nut
>>> >>>
>>> http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
>>> >>>
>>> >>> Joshua Watt (5):
>>> >>>   pycryptodome: Import from meta-python
>>> >>>   pyelftools: Import from meta-python
>>> >>>   python3-pycryptodome(x): Upgrade 3.9.4 -> 3.9.7
>>> >>>   python3-pyelftools: Upgrade 0.25 -> 0.26
>>> >>>   layer.conf: Bump OE-Core layer version
>>> >>>
>>> >>>  meta/conf/distro/include/maintainers.inc      |  5 +++-
>>> >>>  meta/conf/layer.conf                          |  2 +-
>>> >>>  .../python/python-pycryptodome.inc            | 26
>>> +++++++++++++++++++
>>> >>>  .../python/python3-pycryptodome_3.9.7.bb      |  5 ++++
>>> >>>  .../python/python3-pycryptodomex_3.9.7.bb     |  9 +++++++
>>> >>>  .../python/python3-pyelftools_0.26.bb         | 14 ++++++++++
>>> >>>  6 files changed, 59 insertions(+), 2 deletions(-)
>>> >>>  create mode 100644
>>> meta/recipes-devtools/python/python-pycryptodome.inc
>>> >>>  create mode 100644 meta/recipes-devtools/python/
>>> python3-pycryptodome_3.9.7.bb
>>> >>>  create mode 100644 meta/recipes-devtools/python/
>>> python3-pycryptodomex_3.9.7.bb
>>> >>>  create mode 100644 meta/recipes-devtools/python/
>>> python3-pyelftools_0.26.bb
>>> >>>
>>> >>>
>>> >>>
>>> >>
>>>
>>> 
>>>
>>

[-- Attachment #2: Type: text/html, Size: 6585 bytes --]

Re: [OE-core][dunfell 0/5] Patch review

[Joshua Watt]

[-- Attachment #1: Type: text/plain, Size: 3078 bytes --]

On Wed, Jun 3, 2020, 6:33 PM Martin Jansa <martin.jansa@gmail.com> wrote:

> I think we still need corresponding LAYERDEPENDS_meta-python update which
> isn't in master yet (and I haven't noticed it on the list).
>
> Joshua: did I overlook it somewhere or should I send it?
>

I didn't send it because the layer version bump wasn't added to oe-core
until yesterday. If you can send the patch that would be great.

Thanks


> On Wed, Jun 3, 2020 at 7:45 PM akuster <akuster808@gmail.com> wrote:
>
>>
>>
>> On 6/3/20 10:36 AM, Denys Dmytriyenko wrote:
>> > On Wed, Jun 03, 2020 at 10:33:55AM -0700, akuster wrote:
>> >> Does someone have the complementary set of patches for meta-openbedded
>> >> to remove these?
>> >
>> https://git.openembedded.org/meta-openembedded/commit/?id=a8f3c00d8d113b46a49584682e10435157d516ca
>> >
>> https://git.openembedded.org/meta-openembedded/commit/?id=7aee545a61c4f91d5e462d5b46b1b8f9a8bad1e3
>> >
>> > Do you want me to re-submit them with [dunfell] tag?
>> nah, the commits work of me. Thanks
>>
>> - armin
>> >
>> >
>> >> - armin
>> >>
>> >> On 6/3/20 8:33 AM, Steve Sakoman wrote:
>> >>> Pending final approval for an exception to LTS policy in this case
>> please
>> >>> review this patch series and have comments back by end of day
>> Thursday.
>> >>>
>> >>> For details on the motivation for this change see:
>> >>>
>> >>>
>> https://lists.openembedded.org/g/openembedded-architecture/message/1085
>> >>>
>> >>> The following changes since commit
>> ef5af31f406076107402694f5d6afb27b240eba6:
>> >>>
>> >>>   linux-yocto/5.4: update to v5.4.43 (2020-06-01 07:19:09 -1000)
>> >>>
>> >>> are available in the Git repository at:
>> >>>
>> >>>   git://git.openembedded.org/openembedded-core-contrib
>> stable/dunfell-nut
>> >>>
>> http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
>> >>>
>> >>> Joshua Watt (5):
>> >>>   pycryptodome: Import from meta-python
>> >>>   pyelftools: Import from meta-python
>> >>>   python3-pycryptodome(x): Upgrade 3.9.4 -> 3.9.7
>> >>>   python3-pyelftools: Upgrade 0.25 -> 0.26
>> >>>   layer.conf: Bump OE-Core layer version
>> >>>
>> >>>  meta/conf/distro/include/maintainers.inc      |  5 +++-
>> >>>  meta/conf/layer.conf                          |  2 +-
>> >>>  .../python/python-pycryptodome.inc            | 26
>> +++++++++++++++++++
>> >>>  .../python/python3-pycryptodome_3.9.7.bb      |  5 ++++
>> >>>  .../python/python3-pycryptodomex_3.9.7.bb     |  9 +++++++
>> >>>  .../python/python3-pyelftools_0.26.bb         | 14 ++++++++++
>> >>>  6 files changed, 59 insertions(+), 2 deletions(-)
>> >>>  create mode 100644
>> meta/recipes-devtools/python/python-pycryptodome.inc
>> >>>  create mode 100644 meta/recipes-devtools/python/
>> python3-pycryptodome_3.9.7.bb
>> >>>  create mode 100644 meta/recipes-devtools/python/
>> python3-pycryptodomex_3.9.7.bb
>> >>>  create mode 100644 meta/recipes-devtools/python/
>> python3-pyelftools_0.26.bb
>> >>>
>> >>>
>> >>>
>> >>
>>
>> 
>>
>

[-- Attachment #2: Type: text/html, Size: 5695 bytes --]

Re: [OE-core][dunfell 0/5] Patch review

[Martin Jansa]

[-- Attachment #1: Type: text/plain, Size: 2755 bytes --]

I think we still need corresponding LAYERDEPENDS_meta-python update which
isn't in master yet (and I haven't noticed it on the list).

Joshua: did I overlook it somewhere or should I send it?

On Wed, Jun 3, 2020 at 7:45 PM akuster <akuster808@gmail.com> wrote:

>
>
> On 6/3/20 10:36 AM, Denys Dmytriyenko wrote:
> > On Wed, Jun 03, 2020 at 10:33:55AM -0700, akuster wrote:
> >> Does someone have the complementary set of patches for meta-openbedded
> >> to remove these?
> >
> https://git.openembedded.org/meta-openembedded/commit/?id=a8f3c00d8d113b46a49584682e10435157d516ca
> >
> https://git.openembedded.org/meta-openembedded/commit/?id=7aee545a61c4f91d5e462d5b46b1b8f9a8bad1e3
> >
> > Do you want me to re-submit them with [dunfell] tag?
> nah, the commits work of me. Thanks
>
> - armin
> >
> >
> >> - armin
> >>
> >> On 6/3/20 8:33 AM, Steve Sakoman wrote:
> >>> Pending final approval for an exception to LTS policy in this case
> please
> >>> review this patch series and have comments back by end of day Thursday.
> >>>
> >>> For details on the motivation for this change see:
> >>>
> >>>
> https://lists.openembedded.org/g/openembedded-architecture/message/1085
> >>>
> >>> The following changes since commit
> ef5af31f406076107402694f5d6afb27b240eba6:
> >>>
> >>>   linux-yocto/5.4: update to v5.4.43 (2020-06-01 07:19:09 -1000)
> >>>
> >>> are available in the Git repository at:
> >>>
> >>>   git://git.openembedded.org/openembedded-core-contrib
> stable/dunfell-nut
> >>>
> http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
> >>>
> >>> Joshua Watt (5):
> >>>   pycryptodome: Import from meta-python
> >>>   pyelftools: Import from meta-python
> >>>   python3-pycryptodome(x): Upgrade 3.9.4 -> 3.9.7
> >>>   python3-pyelftools: Upgrade 0.25 -> 0.26
> >>>   layer.conf: Bump OE-Core layer version
> >>>
> >>>  meta/conf/distro/include/maintainers.inc      |  5 +++-
> >>>  meta/conf/layer.conf                          |  2 +-
> >>>  .../python/python-pycryptodome.inc            | 26 +++++++++++++++++++
> >>>  .../python/python3-pycryptodome_3.9.7.bb      |  5 ++++
> >>>  .../python/python3-pycryptodomex_3.9.7.bb     |  9 +++++++
> >>>  .../python/python3-pyelftools_0.26.bb         | 14 ++++++++++
> >>>  6 files changed, 59 insertions(+), 2 deletions(-)
> >>>  create mode 100644
> meta/recipes-devtools/python/python-pycryptodome.inc
> >>>  create mode 100644 meta/recipes-devtools/python/
> python3-pycryptodome_3.9.7.bb
> >>>  create mode 100644 meta/recipes-devtools/python/
> python3-pycryptodomex_3.9.7.bb
> >>>  create mode 100644 meta/recipes-devtools/python/
> python3-pyelftools_0.26.bb
> >>>
> >>>
> >>>
> >>
>
> 
>

[-- Attachment #2: Type: text/html, Size: 4744 bytes --]

Re: [OE-core][dunfell 0/5] Patch review

[Denys Dmytriyenko]

On Wed, Jun 03, 2020 at 11:17:20AM -0700, akuster808 wrote:
> 
> 
> On 6/3/20 10:36 AM, Denys Dmytriyenko wrote:
> > On Wed, Jun 03, 2020 at 10:33:55AM -0700, akuster wrote:
> >> Does someone have the complementary set of patches for meta-openbedded
> >> to remove these?
> > https://git.openembedded.org/meta-openembedded/commit/?id=a8f3c00d8d113b46a49584682e10435157d516ca
> > https://git.openembedded.org/meta-openembedded/commit/?id=7aee545a61c4f91d5e462d5b46b1b8f9a8bad1e3
> >
> > Do you want me to re-submit them with [dunfell] tag?
> 
> changes in stable/dunfell-nut for testing with my other backports.

Thanks!

> -armin
> >
> >
> >> - armin
> >>
> >> On 6/3/20 8:33 AM, Steve Sakoman wrote:
> >>> Pending final approval for an exception to LTS policy in this case please
> >>> review this patch series and have comments back by end of day Thursday.
> >>>
> >>> For details on the motivation for this change see:
> >>>
> >>> https://lists.openembedded.org/g/openembedded-architecture/message/1085
> >>>
> >>> The following changes since commit ef5af31f406076107402694f5d6afb27b240eba6:
> >>>
> >>>   linux-yocto/5.4: update to v5.4.43 (2020-06-01 07:19:09 -1000)
> >>>
> >>> are available in the Git repository at:
> >>>
> >>>   git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
> >>>   http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
> >>>
> >>> Joshua Watt (5):
> >>>   pycryptodome: Import from meta-python
> >>>   pyelftools: Import from meta-python
> >>>   python3-pycryptodome(x): Upgrade 3.9.4 -> 3.9.7
> >>>   python3-pyelftools: Upgrade 0.25 -> 0.26
> >>>   layer.conf: Bump OE-Core layer version
> >>>
> >>>  meta/conf/distro/include/maintainers.inc      |  5 +++-
> >>>  meta/conf/layer.conf                          |  2 +-
> >>>  .../python/python-pycryptodome.inc            | 26 +++++++++++++++++++
> >>>  .../python/python3-pycryptodome_3.9.7.bb      |  5 ++++
> >>>  .../python/python3-pycryptodomex_3.9.7.bb     |  9 +++++++
> >>>  .../python/python3-pyelftools_0.26.bb         | 14 ++++++++++
> >>>  6 files changed, 59 insertions(+), 2 deletions(-)
> >>>  create mode 100644 meta/recipes-devtools/python/python-pycryptodome.inc
> >>>  create mode 100644 meta/recipes-devtools/python/python3-pycryptodome_3.9.7.bb
> >>>  create mode 100644 meta/recipes-devtools/python/python3-pycryptodomex_3.9.7.bb
> >>>  create mode 100644 meta/recipes-devtools/python/python3-pyelftools_0.26.bb
> >>>
> >>>
> >>>
> >> 
> 

Re: [OE-core][dunfell 0/5] Patch review

[akuster]

On 6/3/20 10:36 AM, Denys Dmytriyenko wrote:
> On Wed, Jun 03, 2020 at 10:33:55AM -0700, akuster wrote:
>> Does someone have the complementary set of patches for meta-openbedded
>> to remove these?
> https://git.openembedded.org/meta-openembedded/commit/?id=a8f3c00d8d113b46a49584682e10435157d516ca
> https://git.openembedded.org/meta-openembedded/commit/?id=7aee545a61c4f91d5e462d5b46b1b8f9a8bad1e3
>
> Do you want me to re-submit them with [dunfell] tag?

changes in stable/dunfell-nut for testing with my other backports.

-armin
>
>
>> - armin
>>
>> On 6/3/20 8:33 AM, Steve Sakoman wrote:
>>> Pending final approval for an exception to LTS policy in this case please
>>> review this patch series and have comments back by end of day Thursday.
>>>
>>> For details on the motivation for this change see:
>>>
>>> https://lists.openembedded.org/g/openembedded-architecture/message/1085
>>>
>>> The following changes since commit ef5af31f406076107402694f5d6afb27b240eba6:
>>>
>>>   linux-yocto/5.4: update to v5.4.43 (2020-06-01 07:19:09 -1000)
>>>
>>> are available in the Git repository at:
>>>
>>>   git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
>>>   http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
>>>
>>> Joshua Watt (5):
>>>   pycryptodome: Import from meta-python
>>>   pyelftools: Import from meta-python
>>>   python3-pycryptodome(x): Upgrade 3.9.4 -> 3.9.7
>>>   python3-pyelftools: Upgrade 0.25 -> 0.26
>>>   layer.conf: Bump OE-Core layer version
>>>
>>>  meta/conf/distro/include/maintainers.inc      |  5 +++-
>>>  meta/conf/layer.conf                          |  2 +-
>>>  .../python/python-pycryptodome.inc            | 26 +++++++++++++++++++
>>>  .../python/python3-pycryptodome_3.9.7.bb      |  5 ++++
>>>  .../python/python3-pycryptodomex_3.9.7.bb     |  9 +++++++
>>>  .../python/python3-pyelftools_0.26.bb         | 14 ++++++++++
>>>  6 files changed, 59 insertions(+), 2 deletions(-)
>>>  create mode 100644 meta/recipes-devtools/python/python-pycryptodome.inc
>>>  create mode 100644 meta/recipes-devtools/python/python3-pycryptodome_3.9.7.bb
>>>  create mode 100644 meta/recipes-devtools/python/python3-pycryptodomex_3.9.7.bb
>>>  create mode 100644 meta/recipes-devtools/python/python3-pyelftools_0.26.bb
>>>
>>>
>>>
>> 

Re: [OE-core][dunfell 0/5] Patch review

[akuster]

On 6/3/20 10:36 AM, Denys Dmytriyenko wrote:
> On Wed, Jun 03, 2020 at 10:33:55AM -0700, akuster wrote:
>> Does someone have the complementary set of patches for meta-openbedded
>> to remove these?
> https://git.openembedded.org/meta-openembedded/commit/?id=a8f3c00d8d113b46a49584682e10435157d516ca
> https://git.openembedded.org/meta-openembedded/commit/?id=7aee545a61c4f91d5e462d5b46b1b8f9a8bad1e3
>
> Do you want me to re-submit them with [dunfell] tag?
nah, the commits work of me. Thanks

- armin
>
>
>> - armin
>>
>> On 6/3/20 8:33 AM, Steve Sakoman wrote:
>>> Pending final approval for an exception to LTS policy in this case please
>>> review this patch series and have comments back by end of day Thursday.
>>>
>>> For details on the motivation for this change see:
>>>
>>> https://lists.openembedded.org/g/openembedded-architecture/message/1085
>>>
>>> The following changes since commit ef5af31f406076107402694f5d6afb27b240eba6:
>>>
>>>   linux-yocto/5.4: update to v5.4.43 (2020-06-01 07:19:09 -1000)
>>>
>>> are available in the Git repository at:
>>>
>>>   git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
>>>   http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
>>>
>>> Joshua Watt (5):
>>>   pycryptodome: Import from meta-python
>>>   pyelftools: Import from meta-python
>>>   python3-pycryptodome(x): Upgrade 3.9.4 -> 3.9.7
>>>   python3-pyelftools: Upgrade 0.25 -> 0.26
>>>   layer.conf: Bump OE-Core layer version
>>>
>>>  meta/conf/distro/include/maintainers.inc      |  5 +++-
>>>  meta/conf/layer.conf                          |  2 +-
>>>  .../python/python-pycryptodome.inc            | 26 +++++++++++++++++++
>>>  .../python/python3-pycryptodome_3.9.7.bb      |  5 ++++
>>>  .../python/python3-pycryptodomex_3.9.7.bb     |  9 +++++++
>>>  .../python/python3-pyelftools_0.26.bb         | 14 ++++++++++
>>>  6 files changed, 59 insertions(+), 2 deletions(-)
>>>  create mode 100644 meta/recipes-devtools/python/python-pycryptodome.inc
>>>  create mode 100644 meta/recipes-devtools/python/python3-pycryptodome_3.9.7.bb
>>>  create mode 100644 meta/recipes-devtools/python/python3-pycryptodomex_3.9.7.bb
>>>  create mode 100644 meta/recipes-devtools/python/python3-pyelftools_0.26.bb
>>>
>>>
>>>
>> 

Re: [OE-core][dunfell 0/5] Patch review

[Denys Dmytriyenko]

On Wed, Jun 03, 2020 at 10:33:55AM -0700, akuster wrote:
> Does someone have the complementary set of patches for meta-openbedded
> to remove these?

https://git.openembedded.org/meta-openembedded/commit/?id=a8f3c00d8d113b46a49584682e10435157d516ca
https://git.openembedded.org/meta-openembedded/commit/?id=7aee545a61c4f91d5e462d5b46b1b8f9a8bad1e3

Do you want me to re-submit them with [dunfell] tag?


> - armin
> 
> On 6/3/20 8:33 AM, Steve Sakoman wrote:
> > Pending final approval for an exception to LTS policy in this case please
> > review this patch series and have comments back by end of day Thursday.
> >
> > For details on the motivation for this change see:
> >
> > https://lists.openembedded.org/g/openembedded-architecture/message/1085
> >
> > The following changes since commit ef5af31f406076107402694f5d6afb27b240eba6:
> >
> >   linux-yocto/5.4: update to v5.4.43 (2020-06-01 07:19:09 -1000)
> >
> > are available in the Git repository at:
> >
> >   git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
> >   http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
> >
> > Joshua Watt (5):
> >   pycryptodome: Import from meta-python
> >   pyelftools: Import from meta-python
> >   python3-pycryptodome(x): Upgrade 3.9.4 -> 3.9.7
> >   python3-pyelftools: Upgrade 0.25 -> 0.26
> >   layer.conf: Bump OE-Core layer version
> >
> >  meta/conf/distro/include/maintainers.inc      |  5 +++-
> >  meta/conf/layer.conf                          |  2 +-
> >  .../python/python-pycryptodome.inc            | 26 +++++++++++++++++++
> >  .../python/python3-pycryptodome_3.9.7.bb      |  5 ++++
> >  .../python/python3-pycryptodomex_3.9.7.bb     |  9 +++++++
> >  .../python/python3-pyelftools_0.26.bb         | 14 ++++++++++
> >  6 files changed, 59 insertions(+), 2 deletions(-)
> >  create mode 100644 meta/recipes-devtools/python/python-pycryptodome.inc
> >  create mode 100644 meta/recipes-devtools/python/python3-pycryptodome_3.9.7.bb
> >  create mode 100644 meta/recipes-devtools/python/python3-pycryptodomex_3.9.7.bb
> >  create mode 100644 meta/recipes-devtools/python/python3-pyelftools_0.26.bb
> >
> >
> > 
> 

> 

Re: [OE-core][dunfell 0/5] Patch review

[akuster]

[-- Attachment #1: Type: text/plain, Size: 1818 bytes --]

Does someone have the complementary set of patches for meta-openbedded
to remove these?

- armin

On 6/3/20 8:33 AM, Steve Sakoman wrote:
> Pending final approval for an exception to LTS policy in this case please
> review this patch series and have comments back by end of day Thursday.
>
> For details on the motivation for this change see:
>
> https://lists.openembedded.org/g/openembedded-architecture/message/1085
>
> The following changes since commit ef5af31f406076107402694f5d6afb27b240eba6:
>
>   linux-yocto/5.4: update to v5.4.43 (2020-06-01 07:19:09 -1000)
>
> are available in the Git repository at:
>
>   git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
>   http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
>
> Joshua Watt (5):
>   pycryptodome: Import from meta-python
>   pyelftools: Import from meta-python
>   python3-pycryptodome(x): Upgrade 3.9.4 -> 3.9.7
>   python3-pyelftools: Upgrade 0.25 -> 0.26
>   layer.conf: Bump OE-Core layer version
>
>  meta/conf/distro/include/maintainers.inc      |  5 +++-
>  meta/conf/layer.conf                          |  2 +-
>  .../python/python-pycryptodome.inc            | 26 +++++++++++++++++++
>  .../python/python3-pycryptodome_3.9.7.bb      |  5 ++++
>  .../python/python3-pycryptodomex_3.9.7.bb     |  9 +++++++
>  .../python/python3-pyelftools_0.26.bb         | 14 ++++++++++
>  6 files changed, 59 insertions(+), 2 deletions(-)
>  create mode 100644 meta/recipes-devtools/python/python-pycryptodome.inc
>  create mode 100644 meta/recipes-devtools/python/python3-pycryptodome_3.9.7.bb
>  create mode 100644 meta/recipes-devtools/python/python3-pycryptodomex_3.9.7.bb
>  create mode 100644 meta/recipes-devtools/python/python3-pyelftools_0.26.bb
>
>
> 


[-- Attachment #2: Type: text/html, Size: 2498 bytes --]

[OE-core][dunfell 0/5] Patch review

[Steve Sakoman]

Pending final approval for an exception to LTS policy in this case please
review this patch series and have comments back by end of day Thursday.

For details on the motivation for this change see:

https://lists.openembedded.org/g/openembedded-architecture/message/1085

The following changes since commit ef5af31f406076107402694f5d6afb27b240eba6:

  linux-yocto/5.4: update to v5.4.43 (2020-06-01 07:19:09 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Joshua Watt (5):
  pycryptodome: Import from meta-python
  pyelftools: Import from meta-python
  python3-pycryptodome(x): Upgrade 3.9.4 -> 3.9.7
  python3-pyelftools: Upgrade 0.25 -> 0.26
  layer.conf: Bump OE-Core layer version

 meta/conf/distro/include/maintainers.inc      |  5 +++-
 meta/conf/layer.conf                          |  2 +-
 .../python/python-pycryptodome.inc            | 26 +++++++++++++++++++
 .../python/python3-pycryptodome_3.9.7.bb      |  5 ++++
 .../python/python3-pycryptodomex_3.9.7.bb     |  9 +++++++
 .../python/python3-pyelftools_0.26.bb         | 14 ++++++++++
 6 files changed, 59 insertions(+), 2 deletions(-)
 create mode 100644 meta/recipes-devtools/python/python-pycryptodome.inc
 create mode 100644 meta/recipes-devtools/python/python3-pycryptodome_3.9.7.bb
 create mode 100644 meta/recipes-devtools/python/python3-pycryptodomex_3.9.7.bb
 create mode 100644 meta/recipes-devtools/python/python3-pyelftools_0.26.bb

-- 
2.17.1