From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 00/10] Patch review
Date: Thu, 3 Aug 2023 04:04:04 -1000 [thread overview]
Message-ID: <cover.1691071255.git.steve@sakoman.com> (raw)
Please review this set of changes for kirkstone and have comments back by
end of day Saturday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5680
The following changes since commit dc2e760591c5ed3c999222f235484829426c71a7:
util-linux: add alternative links for ipcs,ipcrm (2023-07-31 08:12:27 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Archana Polampalli (3):
qemu: fix CVE-2023-3301
qemu: fix CVE-2023-3255
qemu: fix CVE-2023-2861
Peter Marko (3):
libpcre2: patch CVE-2022-41409
libarchive: ignore CVE-2023-30571
openssl: Upgrade 3.0.9 -> 3.0.10
Sakib Sajal (2):
go: fix CVE-2023-24536
go: fix CVE-2023-24531
Sundeep KOKKONDA (1):
gcc : upgrade to v11.4
Yuta Hayama (1):
cve-update-nvd2-native: always pass str for json.loads()
meta/conf/distro/include/maintainers.inc | 2 +-
.../{openssl_3.0.9.bb => openssl_3.0.10.bb} | 2 +-
.../meta/cve-update-nvd2-native.bb | 2 +-
.../gcc/{gcc-11.3.inc => gcc-11.4.inc} | 6 +-
...ian_11.3.bb => gcc-cross-canadian_11.4.bb} | 0
.../{gcc-cross_11.3.bb => gcc-cross_11.4.bb} | 0
...-crosssdk_11.3.bb => gcc-crosssdk_11.4.bb} | 0
...cc-runtime_11.3.bb => gcc-runtime_11.4.bb} | 0
...itizers_11.3.bb => gcc-sanitizers_11.4.bb} | 0
...{gcc-source_11.3.bb => gcc-source_11.4.bb} | 0
...rch64-Update-Neoverse-N2-core-defini.patch | 20 +-
...rm-add-armv9-a-architecture-to-march.patch | 54 +--
...AMIC_LINKER-and-UCLIBC_DYNAMIC_LINKE.patch | 102 ++---
...s-fix-v4bx-to-linker-to-support-EABI.patch | 6 +-
.../gcc/{gcc_11.3.bb => gcc_11.4.bb} | 0
...initial_11.3.bb => libgcc-initial_11.4.bb} | 0
.../gcc/{libgcc_11.3.bb => libgcc_11.4.bb} | 0
...ibgfortran_11.3.bb => libgfortran_11.4.bb} | 0
meta/recipes-devtools/go/go-1.17.13.inc | 7 +-
.../go/go-1.19/CVE-2023-24536_1.patch | 137 +++++++
.../go/go-1.19/CVE-2023-24536_2.patch | 187 ++++++++++
.../go/go-1.19/CVE-2023-24536_3.patch | 349 ++++++++++++++++++
.../go/go-1.21/CVE-2023-24531_1.patch | 252 +++++++++++++
.../go/go-1.21/CVE-2023-24531_2.patch | 47 +++
meta/recipes-devtools/qemu/qemu.inc | 3 +
.../qemu/qemu/CVE-2023-2861.patch | 172 +++++++++
.../qemu/qemu/CVE-2023-3255.patch | 64 ++++
.../qemu/qemu/CVE-2023-3301.patch | 60 +++
.../libarchive/libarchive_3.6.2.bb | 3 +
.../libpcre/libpcre2/CVE-2022-41409.patch | 75 ++++
.../recipes-support/libpcre/libpcre2_10.40.bb | 1 +
31 files changed, 1451 insertions(+), 100 deletions(-)
rename meta/recipes-connectivity/openssl/{openssl_3.0.9.bb => openssl_3.0.10.bb} (99%)
rename meta/recipes-devtools/gcc/{gcc-11.3.inc => gcc-11.4.inc} (97%)
rename meta/recipes-devtools/gcc/{gcc-cross-canadian_11.3.bb => gcc-cross-canadian_11.4.bb} (100%)
rename meta/recipes-devtools/gcc/{gcc-cross_11.3.bb => gcc-cross_11.4.bb} (100%)
rename meta/recipes-devtools/gcc/{gcc-crosssdk_11.3.bb => gcc-crosssdk_11.4.bb} (100%)
rename meta/recipes-devtools/gcc/{gcc-runtime_11.3.bb => gcc-runtime_11.4.bb} (100%)
rename meta/recipes-devtools/gcc/{gcc-sanitizers_11.3.bb => gcc-sanitizers_11.4.bb} (100%)
rename meta/recipes-devtools/gcc/{gcc-source_11.3.bb => gcc-source_11.4.bb} (100%)
rename meta/recipes-devtools/gcc/{gcc_11.3.bb => gcc_11.4.bb} (100%)
rename meta/recipes-devtools/gcc/{libgcc-initial_11.3.bb => libgcc-initial_11.4.bb} (100%)
rename meta/recipes-devtools/gcc/{libgcc_11.3.bb => libgcc_11.4.bb} (100%)
rename meta/recipes-devtools/gcc/{libgfortran_11.3.bb => libgfortran_11.4.bb} (100%)
create mode 100644 meta/recipes-devtools/go/go-1.19/CVE-2023-24536_1.patch
create mode 100644 meta/recipes-devtools/go/go-1.19/CVE-2023-24536_2.patch
create mode 100644 meta/recipes-devtools/go/go-1.19/CVE-2023-24536_3.patch
create mode 100644 meta/recipes-devtools/go/go-1.21/CVE-2023-24531_1.patch
create mode 100644 meta/recipes-devtools/go/go-1.21/CVE-2023-24531_2.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-2861.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-3255.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-3301.patch
create mode 100644 meta/recipes-support/libpcre/libpcre2/CVE-2022-41409.patch
--
2.34.1
next reply other threads:[~2023-08-03 14:04 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-03 14:04 Steve Sakoman [this message]
2023-08-03 14:04 ` [OE-core][kirkstone 01/10] libpcre2: patch CVE-2022-41409 Steve Sakoman
2023-08-03 14:04 ` [OE-core][kirkstone 02/10] libarchive: ignore CVE-2023-30571 Steve Sakoman
2023-08-03 14:04 ` [OE-core][kirkstone 03/10] qemu: fix CVE-2023-3301 Steve Sakoman
2023-08-03 14:04 ` [OE-core][kirkstone 04/10] qemu: fix CVE-2023-3255 Steve Sakoman
2023-08-03 14:04 ` [OE-core][kirkstone 05/10] qemu: fix CVE-2023-2861 Steve Sakoman
2023-08-03 14:04 ` [OE-core][kirkstone 06/10] go: fix CVE-2023-24536 Steve Sakoman
2023-08-03 14:04 ` [OE-core][kirkstone 07/10] go: fix CVE-2023-24531 Steve Sakoman
2023-08-03 14:04 ` [OE-core][kirkstone 08/10] cve-update-nvd2-native: always pass str for json.loads() Steve Sakoman
2023-08-03 14:04 ` [OE-core][kirkstone 09/10] gcc : upgrade to v11.4 Steve Sakoman
2023-08-03 14:04 ` [OE-core][kirkstone 10/10] openssl: Upgrade 3.0.9 -> 3.0.10 Steve Sakoman
2023-10-03 19:36 [OE-core][kirkstone 00/10] Patch review Steve Sakoman
2023-10-18 15:48 Steve Sakoman
2024-04-16 12:06 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1691071255.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).