* [OE-core][dunfell 00/11] Pull request (cover letter only)
@ 2021-04-22 16:04 Steve Sakoman
0 siblings, 0 replies; 10+ messages in thread
From: Steve Sakoman @ 2021-04-22 16:04 UTC (permalink / raw)
To: openembedded-core
The following changes since commit a3de6239e98efafe3668396e69133ffee3d9b27f:
build-appliance-image: Update to dunfell head revision (2021-04-13 14:12:06 +0100)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
Alexander Kanavin (3):
selftest/reproducible: enable world reproducibility test
selftest/reproducible: add an exclusion list for items that are not
yet reproducible
selftest/reproducible: track unusued entries in the exclusion list
Guillaume Champagne (1):
image-live.bbclass: optional depends when ROOTFS empty
Mike Crowe (1):
curl: Patch CVE-2021-22876 & CVE-2021-22890
Peter Morrow (2):
goarch: map target os to windows for mingw* TARGET_OS
go_1.14: don't set -buildmode=pie when building for windows targets
Richard Purdie (3):
selftest/reproducible: Sort the unused exclusion list
diffoscope: Upgrade 136 -> 168
diffoscope: Upgrade 168 -> 172
Steve Sakoman (1):
selftest/reproducible: adjust exclusion list for dunfell
meta/classes/go.bbclass | 8 +-
meta/classes/goarch.bbclass | 2 +
meta/classes/image-live.bbclass | 2 +-
meta/lib/oeqa/selftest/cases/reproducible.py | 80 ++-
meta/recipes-devtools/go/go_1.14.bb | 8 +-
.../curl/curl/CVE-2021-22876.patch | 59 +++
.../curl/curl/CVE-2021-22890.patch | 464 ++++++++++++++++++
meta/recipes-support/curl/curl_7.69.1.bb | 2 +
.../{diffoscope_136.bb => diffoscope_172.bb} | 15 +-
9 files changed, 620 insertions(+), 20 deletions(-)
create mode 100644 meta/recipes-support/curl/curl/CVE-2021-22876.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2021-22890.patch
rename meta/recipes-support/diffoscope/{diffoscope_136.bb => diffoscope_172.bb} (46%)
--
2.25.1
^ permalink raw reply [flat|nested] 10+ messages in thread
* [OE-core][dunfell 00/11] Pull request (cover letter only)
@ 2022-11-16 14:10 Steve Sakoman
0 siblings, 0 replies; 10+ messages in thread
From: Steve Sakoman @ 2022-11-16 14:10 UTC (permalink / raw)
To: openembedded-core
The following changes since commit babcb7cd3bbefe9c0ea28e960e4fd6cefbc03cae:
bluez5: add dbus to RDEPENDS (2022-11-04 07:52:01 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
Alex Kiernan (1):
openssl: upgrade 1.1.1q to 1.1.1s
Hitendra Prajapati (1):
bluez: CVE-2022-3637 A DoS exists in monitor/jlink.c
Martin Jansa (1):
externalsrc.bbclass: fix git repo detection
Peter Kjellerstedt (1):
externalsrc.bbclass: Remove a trailing slash from ${B}
Ross Burton (1):
sanity: check for GNU tar specifically
Sundeep KOKKONDA (2):
binutils: stable 2.34 branch updates
glibc : stable 2.31 branch updates.
Sunil Kumar (1):
go: Security Fix for CVE-2022-2879
Vivek Kumbhar (2):
curl: fix CVE-2022-32221 POST following PUT
qemu: fix CVE-2021-3638 ati-vga: inconsistent check in ati_2d_blt()
may lead to out-of-bounds write
ciarancourtney (1):
wic: swap partitions are not added to fstab
meta/classes/externalsrc.bbclass | 6 +-
meta/classes/sanity.bbclass | 8 ++
meta/recipes-connectivity/bluez5/bluez5.inc | 1 +
.../bluez5/bluez5/CVE-2022-3637.patch | 39 ++++++
.../{openssl_1.1.1q.bb => openssl_1.1.1s.bb} | 2 +-
meta/recipes-core/glibc/glibc-version.inc | 2 +-
.../glibc/glibc/CVE-2021-33574_1.patch | 26 ++--
.../binutils/binutils-2.34.inc | 2 +-
.../binutils/binutils/CVE-2020-16593.patch | 4 +-
.../binutils/binutils/CVE-2021-3549.patch | 80 ++++++-------
meta/recipes-devtools/go/go-1.14.inc | 1 +
.../go/go-1.14/CVE-2022-2879.patch | 111 ++++++++++++++++++
meta/recipes-devtools/qemu/qemu.inc | 1 +
.../qemu/qemu/CVE-2021-3638.patch | 80 +++++++++++++
.../curl/curl/CVE-2022-32221.patch | 29 +++++
meta/recipes-support/curl/curl_7.69.1.bb | 1 +
scripts/lib/wic/plugins/imager/direct.py | 2 +-
17 files changed, 329 insertions(+), 66 deletions(-)
create mode 100644 meta/recipes-connectivity/bluez5/bluez5/CVE-2022-3637.patch
rename meta/recipes-connectivity/openssl/{openssl_1.1.1q.bb => openssl_1.1.1s.bb} (98%)
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-2879.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3638.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-32221.patch
--
2.25.1
^ permalink raw reply [flat|nested] 10+ messages in thread
* [OE-core][dunfell 00/11] Pull request (cover letter only)
@ 2022-09-30 2:38 Steve Sakoman
0 siblings, 0 replies; 10+ messages in thread
From: Steve Sakoman @ 2022-09-30 2:38 UTC (permalink / raw)
To: openembedded-core
The following changes since commit ef38f7acee3f0ae400138fa60f4695a86dffc16e:
linux-yocto/5.4: update to v5.4.213 (2022-09-22 04:40:18 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
Dmitry Baryshkov (3):
linux-firmware: upgrade 20220708 -> 20220913
linux-firmware: package new Qualcomm firmware
linux-firmware: package new Qualcomm firmware
Hitendra Prajapati (2):
bluez: CVE-2022-39176 BlueZ allows physically proximate attackers
golang: CVE-2022-27664 net/http: handle server errors after sending
GOAWAY
Martin Jansa (1):
create-pull-request: don't switch the git remote protocol to git://
Minjae Kim (1):
inetutils: CVE-2022-39028 - fix remote DoS vulnerability in
inetutils-telnetd
Richard Purdie (2):
vim: Upgrade 9.0.453 -> 9.0.541
vim: Upgrade 9.0.0541 -> 9.0.0598
Robert Joslyn (1):
tzdata: Update from 2022b to 2022c
Shubham Kulkarni (1):
go: Add fix for CVE-2022-32190
meta/recipes-connectivity/bluez5/bluez5.inc | 1 +
.../bluez5/bluez5/CVE-2022-39176.patch | 126 ++++++++++++++++++
.../inetutils/inetutils/CVE-2022-39028.patch | 54 ++++++++
.../inetutils/inetutils_1.9.4.bb | 1 +
meta/recipes-devtools/go/go-1.14.inc | 5 +
.../go/go-1.14/0001-CVE-2022-32190.patch | 74 ++++++++++
.../go/go-1.14/0002-CVE-2022-32190.patch | 48 +++++++
.../go/go-1.14/0003-CVE-2022-32190.patch | 36 +++++
.../go/go-1.14/0004-CVE-2022-32190.patch | 82 ++++++++++++
.../go/go-1.14/CVE-2022-27664.patch | 68 ++++++++++
meta/recipes-extended/timezone/timezone.inc | 6 +-
...20220708.bb => linux-firmware_20220913.bb} | 39 +++++-
meta/recipes-support/vim/vim.inc | 4 +-
scripts/create-pull-request | 2 +-
14 files changed, 536 insertions(+), 10 deletions(-)
create mode 100644 meta/recipes-connectivity/bluez5/bluez5/CVE-2022-39176.patch
create mode 100644 meta/recipes-connectivity/inetutils/inetutils/CVE-2022-39028.patch
create mode 100644 meta/recipes-devtools/go/go-1.14/0001-CVE-2022-32190.patch
create mode 100644 meta/recipes-devtools/go/go-1.14/0002-CVE-2022-32190.patch
create mode 100644 meta/recipes-devtools/go/go-1.14/0003-CVE-2022-32190.patch
create mode 100644 meta/recipes-devtools/go/go-1.14/0004-CVE-2022-32190.patch
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-27664.patch
rename meta/recipes-kernel/linux-firmware/{linux-firmware_20220708.bb => linux-firmware_20220913.bb} (94%)
--
2.25.1
^ permalink raw reply [flat|nested] 10+ messages in thread
* [OE-core][dunfell 00/11] Pull request (cover letter only)
@ 2022-08-21 23:03 Steve Sakoman
0 siblings, 0 replies; 10+ messages in thread
From: Steve Sakoman @ 2022-08-21 23:03 UTC (permalink / raw)
To: openembedded-core
The following changes since commit ac6ea1a96645d2a4dd54660256603f0b191bb4d3:
gstreamer1.0: use the correct meson option for the capabilities (2022-08-10 05:04:10 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
Alexander Kanavin (1):
linux-firmware: update 20220610 -> 20220708
Dmitry Baryshkov (1):
linux-firwmare: restore WHENCE_CHKSUM variable
Hitendra Prajapati (3):
qemu: CVE-2020-27821 heap buffer overflow in msix_table_mmio_write
gnutls: CVE-2022-2509 Double free during gnutls_pkcs7_verify
zlib: CVE-2022-37434 a heap-based buffer over-read
Ming Liu (1):
rootfs-postcommands.bbclass: move host-user-contaminated.txt to ${S}
Pascal Bach (1):
bin_package: install into base_prefix
Randy MacLeod (1):
vim: update from 9.0.0063 to 9.0.0115
Richard Purdie (2):
vim: Upgrade 9.0.0021 -> 9.0.0063
kernel-arch: Fix buildpaths leaking into external module compiles
Shruthi Ravichandran (1):
initscripts: run umountnfs as a KILL script
meta/classes/bin_package.bbclass | 3 +-
meta/classes/kernel-arch.bbclass | 2 +-
meta/classes/rootfs-postcommands.bbclass | 2 +-
.../initscripts/initscripts_1.0.bb | 2 +-
.../zlib/zlib/CVE-2022-37434.patch | 44 +++
meta/recipes-core/zlib/zlib_1.2.11.bb | 1 +
meta/recipes-devtools/qemu/qemu.inc | 1 +
.../qemu/qemu/CVE-2020-27821.patch | 73 +++++
...20220610.bb => linux-firmware_20220708.bb} | 14 +-
.../gnutls/gnutls/CVE-2022-2509.patch | 282 ++++++++++++++++++
meta/recipes-support/gnutls/gnutls_3.6.14.bb | 1 +
meta/recipes-support/vim/files/racefix.patch | 33 --
meta/recipes-support/vim/vim.inc | 10 +-
13 files changed, 418 insertions(+), 50 deletions(-)
create mode 100644 meta/recipes-core/zlib/zlib/CVE-2022-37434.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-27821.patch
rename meta/recipes-kernel/linux-firmware/{linux-firmware_20220610.bb => linux-firmware_20220708.bb} (98%)
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2022-2509.patch
delete mode 100644 meta/recipes-support/vim/files/racefix.patch
--
2.25.1
^ permalink raw reply [flat|nested] 10+ messages in thread
* [OE-core][dunfell 00/11] Pull request (cover letter only)
@ 2022-08-12 21:11 Steve Sakoman
0 siblings, 0 replies; 10+ messages in thread
From: Steve Sakoman @ 2022-08-12 21:11 UTC (permalink / raw)
To: openembedded-core
The following changes since commit 73d2b640ad665f6ff3c4fbe8f5da4ef0dbb175f2:
libtirpc: CVE-2021-46828 DoS vulnerability with lots of connections (2022-07-28 06:26:48 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
Alex Kiernan (1):
openssh: Add openssh-sftp-server to openssh RDEPENDS
Bruce Ashfield (2):
linux-yocto/5.4: update to v5.4.208
linux-yocto/5.4: update to v5.4.209
Hitendra Prajapati (2):
grub2: Fix several security issue of integer underflow
gdk-pixbuf: CVE-2021-46829 a heap-based buffer overflow
Jose Quaresma (1):
gstreamer1.0: use the correct meson option for the capabilities
Khem Raj (1):
libmodule-build-perl: Use env utility to find perl interpreter
Martin Jansa (1):
libxml2: Port gentest.py to Python-3
Richard Purdie (1):
insane: Fix buildpaths test to work with special devices
Ross Burton (1):
cve_check: skip remote patches that haven't been fetched when
searching for CVE tags
Steve Sakoman (1):
selftest: skip virgl test on fedora 36
meta/classes/insane.bbclass | 6 +-
meta/lib/oe/cve_check.py | 5 +-
meta/lib/oeqa/selftest/cases/runtime_test.py | 2 +
.../grub/files/CVE-2022-28733.patch | 60 ++
.../grub/files/CVE-2022-28734.patch | 67 ++
.../grub/files/CVE-2022-28736.patch | 275 ++++++
meta/recipes-bsp/grub/grub2.inc | 3 +
.../openssh/openssh_8.2p1.bb | 2 +-
.../0001-Port-gentest.py-to-Python-3.patch | 813 ++++++++++++++++++
meta/recipes-core/libxml/libxml2_2.9.10.bb | 11 +
.../perl/libmodule-build-perl_0.4231.bb | 1 +
.../gdk-pixbuf/CVE-2021-46829.patch | 61 ++
.../gdk-pixbuf/gdk-pixbuf_2.40.0.bb | 1 +
.../linux/linux-yocto-rt_5.4.bb | 6 +-
.../linux/linux-yocto-tiny_5.4.bb | 8 +-
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +-
.../gstreamer/gstreamer1.0_1.16.3.bb | 2 +-
17 files changed, 1321 insertions(+), 24 deletions(-)
create mode 100644 meta/recipes-bsp/grub/files/CVE-2022-28733.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2022-28734.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2022-28736.patch
create mode 100644 meta/recipes-core/libxml/libxml2/0001-Port-gentest.py-to-Python-3.patch
create mode 100644 meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2021-46829.patch
--
2.25.1
^ permalink raw reply [flat|nested] 10+ messages in thread
* [OE-core][dunfell 00/11] Pull request (cover letter only)
@ 2022-06-03 23:30 Steve Sakoman
0 siblings, 0 replies; 10+ messages in thread
From: Steve Sakoman @ 2022-06-03 23:30 UTC (permalink / raw)
To: openembedded-core
This is the final oe-core pull request for the 3.1.17 release next week.
The following changes since commit add860e1a69f848097bbc511137a62d5746e5019:
oeqa/selftest/cve_check: add tests for recipe and image reports (2022-05-24 04:31:18 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
Dan Tran (1):
ncurses: Fix CVE-2022-29458
Ernst Sjöstrand (2):
cve-check: Add helper for symlink handling
cve-check: Only include installed packages for rootfs manifest
Ranjitsinh Rathod (3):
ruby: Upgrade ruby to 2.7.6 for security fix
ruby: Whitelist CVE-2021-28966 as this affects Windows OS only
libsdl2: Add fix for CVE-2021-33657
Richard Purdie (2):
vim: Upgrade 8.2.4912 -> 8.2.5034 to fix 9 CVEs
cve-check: Allow warnings to be disabled
Riyaz (1):
libxml2: Fix CVE-2022-29824 for libxml2
Virendra Thakur (1):
ffmpeg: Fix for CVE-2022-1475
leimaohui (1):
cve-check.bbclass: Added do_populate_sdk[recrdeptask].
meta/classes/cve-check.bbclass | 109 ++++--
.../libxml2/CVE-2022-29824-dependent.patch | 53 +++
.../libxml/libxml2/CVE-2022-29824.patch | 348 ++++++++++++++++++
meta/recipes-core/libxml/libxml2_2.9.10.bb | 2 +
.../ncurses/files/CVE-2022-29458.patch | 135 +++++++
meta/recipes-core/ncurses/ncurses_6.2.bb | 1 +
.../ruby/{ruby_2.7.5.bb => ruby_2.7.6.bb} | 8 +-
.../libsdl2/libsdl2/CVE-2021-33657.patch | 38 ++
.../libsdl2/libsdl2_2.0.12.bb | 1 +
.../ffmpeg/ffmpeg/CVE-2022-1475.patch | 36 ++
.../recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb | 1 +
meta/recipes-support/vim/vim.inc | 4 +-
12 files changed, 694 insertions(+), 42 deletions(-)
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2022-29824-dependent.patch
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2022-29824.patch
create mode 100644 meta/recipes-core/ncurses/files/CVE-2022-29458.patch
rename meta/recipes-devtools/ruby/{ruby_2.7.5.bb => ruby_2.7.6.bb} (90%)
create mode 100644 meta/recipes-graphics/libsdl2/libsdl2/CVE-2021-33657.patch
create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2022-1475.patch
--
2.25.1
^ permalink raw reply [flat|nested] 10+ messages in thread
* [OE-core][dunfell 00/11] Pull request (cover letter only)
@ 2022-04-20 2:42 Steve Sakoman
0 siblings, 0 replies; 10+ messages in thread
From: Steve Sakoman @ 2022-04-20 2:42 UTC (permalink / raw)
To: openembedded-core
The following changes since commit aa762b7ca2417b80dd114a4ab263d69074912f82:
tzdata: update to 2022a (2022-04-04 04:22:32 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
Alexandre Belloni (1):
pseudo: Fix handling of absolute links
Martin Jansa (1):
license_image.bbclass: close package.manifest file
Peter Kjellerstedt (1):
metadata_scm.bbclass: Use immediate expansion for the METADATA_*
variables
Ralph Siemsen (3):
gzip: fix CVE-2022-1271
xz: fix CVE-2022-1271
apt: add -fno-strict-aliasing to CXXFLAGS to fix SHA256 bug
Richard Purdie (4):
vim: Upgrade 8.2.4524 -> 8.2.4681
git: Ignore CVE-2022-24975
pseudo: Add patch to workaround paths with crazy lengths
libxshmfence: Correct LICENSE to HPND
Ross Burton (1):
zlib: backport the fix for CVE-2018-25032
.../recipeutils/recipeutils-test_1.2.bb | 2 +-
meta/classes/license_image.bbclass | 4 +-
meta/classes/metadata_scm.bbclass | 10 +-
.../zlib/zlib/CVE-2018-25032.patch | 347 ++++++++++++++++++
meta/recipes-core/zlib/zlib_1.2.11.bb | 1 +
meta/recipes-devtools/apt/apt.inc | 4 +
meta/recipes-devtools/git/git.inc | 5 +
meta/recipes-devtools/pseudo/pseudo_git.bb | 2 +-
.../gzip/gzip-1.10/CVE-2022-1271.patch | 45 +++
meta/recipes-extended/gzip/gzip_1.10.bb | 1 +
.../xz/xz/CVE-2022-1271.patch | 96 +++++
meta/recipes-extended/xz/xz_5.2.4.bb | 4 +-
.../xorg-lib/libxshmfence_1.3.bb | 2 +-
meta/recipes-support/vim/vim.inc | 6 +-
14 files changed, 515 insertions(+), 14 deletions(-)
create mode 100644 meta/recipes-core/zlib/zlib/CVE-2018-25032.patch
create mode 100644 meta/recipes-extended/gzip/gzip-1.10/CVE-2022-1271.patch
create mode 100644 meta/recipes-extended/xz/xz/CVE-2022-1271.patch
--
2.25.1
^ permalink raw reply [flat|nested] 10+ messages in thread
* [OE-core][dunfell 00/11] Pull request (cover letter only)
@ 2022-01-24 22:32 Steve Sakoman
0 siblings, 0 replies; 10+ messages in thread
From: Steve Sakoman @ 2022-01-24 22:32 UTC (permalink / raw)
To: openembedded-core
The following changes since commit 01f256bc72fb45c80b6a6c77506bc4c375965a3a:
glibc: Add fix for data races in pthread_create and TLS access (2022-01-12 04:37:31 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
Bruce Ashfield (5):
linux-yocto/5.4: update to v5.4.169
linux-yocto/5.4: update to v5.4.170
linux-yocto/5.4: update to v5.4.171
linux-yocto/5.4: update to v5.4.172
kernel: introduce python3-dtschema-wrapper
Kai Kang (1):
speex: fix CVE-2020-23903
Marek Vasut (1):
Revert "weston: Use systemd notify,"
Richard Purdie (1):
lttng-tools: Add missing DEPENDS on bison-native
Steve Sakoman (3):
expat fix CVE-2022-22822 through CVE-2022-22827
expat: fix CVE-2021-45960
expat: fix CVE-2021-46143
meta/conf/distro/include/maintainers.inc | 1 +
.../expat/expat/CVE-2021-45960.patch | 65 +++++
.../expat/expat/CVE-2021-46143.patch | 43 +++
.../expat/expat/CVE-2022-22822-27.patch | 257 ++++++++++++++++++
meta/recipes-core/expat/expat_2.2.9.bb | 3 +
.../wayland/weston-init/weston-start | 12 -
.../wayland/weston-init/weston@.service | 6 -
.../weston/systemd-notify.weston-start | 9 -
.../wayland/weston/xwayland.weston-start | 3 +-
meta/recipes-graphics/wayland/weston_8.0.0.bb | 6 -
.../python3-dtschema-wrapper/dt-doc-validate | 20 ++
.../dtc/python3-dtschema-wrapper/dt-mk-schema | 20 ++
.../dtc/python3-dtschema-wrapper/dt-validate | 20 ++
.../dtc/python3-dtschema-wrapper_2021.10.bb | 17 ++
.../linux/linux-yocto-rt_5.4.bb | 6 +-
.../linux/linux-yocto-tiny_5.4.bb | 8 +-
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +-
.../lttng/lttng-tools_2.11.5.bb | 2 +-
.../speex/speex/CVE-2020-23903.patch | 30 ++
meta/recipes-multimedia/speex/speex_1.2.0.bb | 4 +-
20 files changed, 500 insertions(+), 54 deletions(-)
create mode 100644 meta/recipes-core/expat/expat/CVE-2021-45960.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2021-46143.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2022-22822-27.patch
delete mode 100644 meta/recipes-graphics/wayland/weston/systemd-notify.weston-start
create mode 100644 meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-doc-validate
create mode 100644 meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-mk-schema
create mode 100644 meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-validate
create mode 100644 meta/recipes-kernel/dtc/python3-dtschema-wrapper_2021.10.bb
create mode 100644 meta/recipes-multimedia/speex/speex/CVE-2020-23903.patch
--
2.25.1
^ permalink raw reply [flat|nested] 10+ messages in thread
* [OE-core][dunfell 00/11] Pull request (cover letter only)
@ 2022-01-18 22:23 Steve Sakoman
0 siblings, 0 replies; 10+ messages in thread
From: Steve Sakoman @ 2022-01-18 22:23 UTC (permalink / raw)
To: openembedded-core
The following changes since commit da3bd5e0934b6462ae53225a58305235849b32d5:
asciidoc: properly detect and compare Python versions >= 3.10 (2022-01-09 06:49:29 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
Akash Hadke (1):
glibc: Add fix for data races in pthread_create and TLS access
Alexander Kanavin (1):
parselogs: add a couple systemd false positives
Anuj Mittal (1):
xserver-xorg: update CVE_PRODUCT
Konrad Weihmann (1):
cve-check: add lockfile to task
Mingli Yu (1):
wic: use shutil.which
Ricardo Ribalda Delgado (1):
wic: misc: Do not find for executables in ASSUME_PROVIDED
Richard Purdie (1):
expat: Update HOMEPAGE to current url
Ross Burton (2):
cve-update-db-native: use fetch task
xserver-xorg: whitelist two CVEs
Steve Sakoman (2):
valgrind: skip flakey ptest (gdbserver_tests/hginfo)
oeqa/selftest/cases/tinfoil.py: increase timeout 60->120s
test_wait_event
meta/classes/cve-check.bbclass | 3 +-
meta/lib/oeqa/runtime/cases/parselogs.py | 2 +
meta/lib/oeqa/selftest/cases/tinfoil.py | 4 +-
meta/recipes-core/expat/expat_2.2.9.bb | 2 +-
...ate-slotinfo-to-avoid-use-after-free.patch | 66 +++++
...hread_create-and-TLS-access-BZ-19329.patch | 191 ++++++++++++
...d-atomics-for-racy-accesses-BZ-19329.patch | 206 +++++++++++++
.../0033-elf-Add-test-case-for-BZ-19329.patch | 144 +++++++++
...elf-Fix-DTV-gap-reuse-logic-BZ-27135.patch | 180 ++++++++++++
...-lazy-relocation-of-tlsdesc-BZ-27137.patch | 56 ++++
...-lazy-relocation-of-tlsdesc-BZ-27137.patch | 124 ++++++++
...ock-between-pthread_create-and-ctors.patch | 276 ++++++++++++++++++
meta/recipes-core/glibc/glibc_2.31.bb | 8 +
.../recipes-core/meta/cve-update-db-native.bb | 9 +-
.../valgrind/valgrind/remove-for-aarch64 | 1 +
.../valgrind/valgrind/remove-for-all | 1 +
.../xorg-xserver/xserver-xorg.inc | 10 +-
scripts/lib/wic/engine.py | 6 +-
scripts/lib/wic/misc.py | 16 +-
scripts/wic | 4 +-
20 files changed, 1292 insertions(+), 17 deletions(-)
create mode 100644 meta/recipes-core/glibc/glibc/0030-elf-Refactor_dl_update-slotinfo-to-avoid-use-after-free.patch
create mode 100644 meta/recipes-core/glibc/glibc/0031-elf-Fix-data-races-in-pthread_create-and-TLS-access-BZ-19329.patch
create mode 100644 meta/recipes-core/glibc/glibc/0032-elf-Use-relaxed-atomics-for-racy-accesses-BZ-19329.patch
create mode 100644 meta/recipes-core/glibc/glibc/0033-elf-Add-test-case-for-BZ-19329.patch
create mode 100644 meta/recipes-core/glibc/glibc/0034-elf-Fix-DTV-gap-reuse-logic-BZ-27135.patch
create mode 100644 meta/recipes-core/glibc/glibc/0035-x86_64-Avoid-lazy-relocation-of-tlsdesc-BZ-27137.patch
create mode 100644 meta/recipes-core/glibc/glibc/0036-i386-Avoid-lazy-relocation-of-tlsdesc-BZ-27137.patch
create mode 100644 meta/recipes-core/glibc/glibc/0037-Avoid-deadlock-between-pthread_create-and-ctors.patch
--
2.25.1
^ permalink raw reply [flat|nested] 10+ messages in thread
* [OE-core][dunfell 00/11] Pull request (cover letter only)
@ 2020-08-07 16:39 Steve Sakoman
0 siblings, 0 replies; 10+ messages in thread
From: Steve Sakoman @ 2020-08-07 16:39 UTC (permalink / raw)
To: openembedded-core
The following changes since commit 7ce425fa1295a9dca48f8474be58db3ac8aa540d:
glibc: Secruity fix for CVE-2020-6096 (2020-07-27 12:15:56 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
Alexander Kanavin (1):
gnutls: upgrade 3.6.13 -> 3.6.14
Andrei Gherzan (2):
initscripts: Fix various shellcheck warnings in populate-volatile.sh
initscripts: Fix populate-volatile.sh bug when file/dir exists
Konrad Weihmann (1):
cve-update: handle baseMetricV2 as optional
Lee Chee Yang (1):
checklayer: check layer in BBLAYERS before test
Matt Madison (1):
cogl-1.0: correct X11 dependencies
Steve Sakoman (2):
glib-networking: upgrade 2.62.3 to 2.62.4
Revert "gtk-icon-cache.bbclass: add runtime dependency"
Viktor Rosendahl (1):
boost: backport fix to make async_pipes work with asio
Yi Zhao (1):
bind: upgrade 9.11.19 -> 9.11.21
zhengruoqin (1):
gnutls: Fix krb5 code license to GPLv2.1+ to match the LICENSE file.
meta/classes/gtk-icon-cache.bbclass | 19 +---
.../bind/{bind_9.11.19.bb => bind_9.11.21.bb} | 2 +-
...ng_2.62.3.bb => glib-networking_2.62.4.bb} | 4 +-
.../initscripts-1.0/populate-volatile.sh | 80 ++++++++---------
.../recipes-core/meta/cve-update-db-native.bb | 13 ++-
meta/recipes-graphics/cogl/cogl-1.0.inc | 2 +-
.../0001-added-typedef-executor_type.patch | 54 +++++++++++
meta/recipes-support/boost/boost_1.72.0.bb | 1 +
...se-to-GPLv2.1-to-keep-with-LICENSE-f.patch | 90 +++++++++++++++++++
.../{gnutls_3.6.13.bb => gnutls_3.6.14.bb} | 4 +-
scripts/lib/checklayer/__init__.py | 14 +++
scripts/yocto-check-layer | 9 +-
12 files changed, 225 insertions(+), 67 deletions(-)
rename meta/recipes-connectivity/bind/{bind_9.11.19.bb => bind_9.11.21.bb} (98%)
rename meta/recipes-core/glib-networking/{glib-networking_2.62.3.bb => glib-networking_2.62.4.bb} (88%)
create mode 100644 meta/recipes-support/boost/boost/0001-added-typedef-executor_type.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/0001-Modied-the-license-to-GPLv2.1-to-keep-with-LICENSE-f.patch
rename meta/recipes-support/gnutls/{gnutls_3.6.13.bb => gnutls_3.6.14.bb} (92%)
--
2.17.1
^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2022-11-16 14:10 UTC | newest]
Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-04-22 16:04 [OE-core][dunfell 00/11] Pull request (cover letter only) Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2022-11-16 14:10 Steve Sakoman
2022-09-30 2:38 Steve Sakoman
2022-08-21 23:03 Steve Sakoman
2022-08-12 21:11 Steve Sakoman
2022-06-03 23:30 Steve Sakoman
2022-04-20 2:42 Steve Sakoman
2022-01-24 22:32 Steve Sakoman
2022-01-18 22:23 Steve Sakoman
2020-08-07 16:39 Steve Sakoman
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.