From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][langdale 00/20] Patch review
Date: Tue, 1 Nov 2022 16:41:50 -1000 [thread overview]
Message-ID: <cover.1667356805.git.steve@sakoman.com> (raw)
Please review this set of patches for langdale and have comments back by
end of day Friday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4401
The following changes since commit d40f7ddcfbdd5cb1d9f96271fefddf67e9044bb9:
openssl: Fix SSL_CERT_FILE to match ca-certs location (2022-10-26 23:01:13 +0100)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/langdale-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/langdale-nut
Hitendra Prajapati (1):
openssl: CVE-2022-3358 Using a Custom Cipher with NID_undef may lead
to NULL encryption
Jan-Simon Moeller (1):
buildtools-tarball: export certificates to python and curl
Jeremy Puhlman (1):
qemu-native: Add PACKAGECONFIG option for jack
Joshua Watt (2):
runqemu: Do not perturb script environment
runqemu: Fix gl-es argument from causing other arguments to be ignored
Kai Kang (1):
mesa: only apply patch to fix ALWAYS_INLINE for native
Liam Beguin (1):
meson: make wrapper options sub-command specific
Qiu, Zheng (1):
tiff: fix a typo for CVE-2022-2953.patch
Ross Burton (6):
libx11: apply the fix for CVE-2022-3554
xserver-xorg: ignore CVE-2022-3553 as it is XQuartz-specific
xserver-xorg: backport fixes for CVE-2022-3550 and CVE-2022-3551
tiff: fix a number of CVEs
qemu: backport the fix for CVE-2022-3165
pango: upgrade 1.50.9 -> 1.50.10
Teoh Jay Shen (1):
vim: Upgrade 9.0.0598 -> 9.0.0614
Vyacheslav Yurkov (1):
overlayfs: Allow not used mount points
wangmy (4):
meson: upgrade 0.63.2 -> 0.63.3
mtools: upgrade 4.0.40 -> 4.0.41
ifupdown: upgrade 0.8.37 -> 0.8.39
gnutls: upgrade 3.7.7 -> 3.7.8
meta/classes-recipe/overlayfs.bbclass | 6 +-
meta/lib/oe/overlayfs.py | 6 +-
.../openssl/openssl/CVE-2022-3358.patch | 55 ++
.../openssl/openssl_3.0.5.bb | 1 +
...{ifupdown_0.8.37.bb => ifupdown_0.8.39.bb} | 2 +-
meta/recipes-core/meta/buildtools-tarball.bb | 2 +
.../meson/meson/meson-wrapper | 21 +-
.../{meson_0.63.2.bb => meson_0.63.3.bb} | 2 +-
.../mtools/disable-hardcoded-configs.patch | 6 +-
.../{mtools_4.0.40.bb => mtools_4.0.41.bb} | 2 +-
meta/recipes-devtools/qemu/qemu.inc | 2 +
.../qemu/qemu/CVE-2022-3165.patch | 59 ++
meta/recipes-graphics/mesa/mesa.inc | 4 +-
.../{pango_1.50.9.bb => pango_1.50.10.bb} | 2 +-
...ak-in-XRegisterIMInstantiateCallback.patch | 57 ++
.../recipes-graphics/xorg-lib/libx11_1.8.1.bb | 1 +
.../xorg-xserver/xserver-xorg.inc | 2 +
...possible-memleaks-in-XkbGetKbdByName.patch | 63 ++
...ntedString-against-request-length-at.patch | 38 +
.../xorg-xserver/xserver-xorg_21.1.4.bb | 2 +
...-of-TIFFTAG_INKNAMES-and-related-TIF.patch | 266 +++++++
...fcrop-S-option-Make-decision-simpler.patch | 36 +
...-incompatibility-of-Z-X-Y-z-options-.patch | 59 ++
...ines-require-a-larger-buffer-fixes-2.patch | 653 ++++++++++++++++++
.../libtiff/files/CVE-2022-2953.patch | 2 +-
meta/recipes-multimedia/libtiff/tiff_4.4.0.bb | 5 +-
.../{gnutls_3.7.7.bb => gnutls_3.7.8.bb} | 2 +-
meta/recipes-support/vim/vim.inc | 4 +-
scripts/runqemu | 28 +-
29 files changed, 1356 insertions(+), 32 deletions(-)
create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2022-3358.patch
rename meta/recipes-core/ifupdown/{ifupdown_0.8.37.bb => ifupdown_0.8.39.bb} (97%)
rename meta/recipes-devtools/meson/{meson_0.63.2.bb => meson_0.63.3.bb} (98%)
rename meta/recipes-devtools/mtools/{mtools_4.0.40.bb => mtools_4.0.41.bb} (93%)
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2022-3165.patch
rename meta/recipes-graphics/pango/{pango_1.50.9.bb => pango_1.50.10.bb} (94%)
create mode 100644 meta/recipes-graphics/xorg-lib/libx11/0001-fix-a-memory-leak-in-XRegisterIMInstantiateCallback.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-xkb-fix-some-possible-memleaks-in-XkbGetKbdByName.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-xkb-proof-GetCountedString-against-request-length-at.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/0001-Revised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/0001-tiffcrop-S-option-Make-decision-simpler.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/0001-tiffcrop-disable-incompatibility-of-Z-X-Y-z-options-.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/0001-tiffcrop-subroutines-require-a-larger-buffer-fixes-2.patch
rename meta/recipes-support/gnutls/{gnutls_3.7.7.bb => gnutls_3.7.8.bb} (97%)
--
2.25.1
next reply other threads:[~2022-11-02 2:42 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-02 2:41 Steve Sakoman [this message]
2022-11-02 2:41 ` [OE-core][langdale 01/20] openssl: CVE-2022-3358 Using a Custom Cipher with NID_undef may lead to NULL encryption Steve Sakoman
2022-11-03 15:54 ` Patrick Williams
2022-11-03 16:28 ` Steve Sakoman
2022-11-03 16:48 ` Patrick Williams
2022-11-02 2:41 ` [OE-core][langdale 02/20] libx11: apply the fix for CVE-2022-3554 Steve Sakoman
2022-11-02 2:41 ` [OE-core][langdale 03/20] xserver-xorg: ignore CVE-2022-3553 as it is XQuartz-specific Steve Sakoman
2022-11-02 2:41 ` [OE-core][langdale 04/20] xserver-xorg: backport fixes for CVE-2022-3550 and CVE-2022-3551 Steve Sakoman
2022-11-02 2:41 ` [OE-core][langdale 05/20] tiff: fix a number of CVEs Steve Sakoman
2022-11-02 2:41 ` [OE-core][langdale 06/20] tiff: fix a typo for CVE-2022-2953.patch Steve Sakoman
2022-11-02 2:41 ` [OE-core][langdale 07/20] qemu: backport the fix for CVE-2022-3165 Steve Sakoman
2022-11-02 2:41 ` [OE-core][langdale 08/20] meson: make wrapper options sub-command specific Steve Sakoman
2022-11-02 2:41 ` [OE-core][langdale 09/20] meson: upgrade 0.63.2 -> 0.63.3 Steve Sakoman
2022-11-02 2:42 ` [OE-core][langdale 10/20] vim: Upgrade 9.0.0598 -> 9.0.0614 Steve Sakoman
2022-11-02 2:42 ` [OE-core][langdale 11/20] pango: upgrade 1.50.9 -> 1.50.10 Steve Sakoman
2022-11-02 2:42 ` [OE-core][langdale 12/20] mtools: upgrade 4.0.40 -> 4.0.41 Steve Sakoman
2022-11-02 2:42 ` [OE-core][langdale 13/20] ifupdown: upgrade 0.8.37 -> 0.8.39 Steve Sakoman
2022-11-02 2:42 ` [OE-core][langdale 14/20] mesa: only apply patch to fix ALWAYS_INLINE for native Steve Sakoman
2022-11-02 2:42 ` [OE-core][langdale 15/20] buildtools-tarball: export certificates to python and curl Steve Sakoman
2022-11-02 2:42 ` [OE-core][langdale 16/20] qemu-native: Add PACKAGECONFIG option for jack Steve Sakoman
2022-11-02 2:42 ` [OE-core][langdale 17/20] runqemu: Do not perturb script environment Steve Sakoman
2022-11-02 2:42 ` [OE-core][langdale 18/20] runqemu: Fix gl-es argument from causing other arguments to be ignored Steve Sakoman
2022-11-02 2:42 ` [OE-core][langdale 19/20] overlayfs: Allow not used mount points Steve Sakoman
2022-11-02 2:42 ` [OE-core][langdale 20/20] gnutls: upgrade 3.7.7 -> 3.7.8 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1667356805.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.