All of lore.kernel.org
 help / color / mirror / Atom feed
From: Martin Jansa <martin.jansa@gmail.com>
To: Armin Kuster <akuster808@gmail.com>
Cc: openembedded-core@lists.openembedded.org
Subject: Re: [PATCH 00/20] Dizzy-next pull request 2016-1
Date: Thu, 21 Jan 2016 12:57:52 +0100	[thread overview]
Message-ID: <20160121115752.GA2603@jama> (raw)
In-Reply-To: <cover.1452385571.git.akuster808@gmail.com>

[-- Attachment #1: Type: text/plain, Size: 6155 bytes --]

On Sat, Jan 09, 2016 at 04:30:26PM -0800, Armin Kuster wrote:
> Please consider these changes for dizzy-next community support.
> 
> The following changes since commit 6d34267e0a13e10ab91b60590b27a2b5ba3b7da6:
> 
>   documentation: Changed some 'intro' tags to resolve multiple mega-manual warnings. (2015-11-18 16:44:05 +0000)
> 
> are available in the git repository at:
> 
>   git://git.yoctoproject.org/poky-contrib akuster/dizzy-next
>   http://git.yoctoproject.org/cgit.cgi//log/?h=akuster/dizzy-next

This is for oe-core, right? So it shouldn't be in poky-contrib and the
http link doesn't work, it should be:
http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=akuster/dizzy-next

> 
> Armin Kuster (2):
>   openssh: CVE-2015-6563 CVE-2015-6564 CVE-2015-6565
>   Fixes a heap buffer overflow in glibc wscanf.

What is this 2nd patch? It doesn't follow commit summary convention and
I don't see it in master (at least not with this subject)
http://git.yoctoproject.org/cgit.cgi/poky-contrib/commit/?h=akuster/dizzy-next&id=4807ff0ca0abf085e6b81257534a4a62fde88d16

Other changes look good to me.

> Belal, Awais (1):
>   grub2: Fix CVE-2015-8370
> 
> Chen Qi (1):
>   image.bbclass: don't let do_rootfs depend on BUILDNAME
> 
> Martin Jansa (3):
>   fontcache: allow to pass extra parameters and environment to fc-cache
>   texinfo: don't create dependency on INHERIT variable
>   linux-dtb.inc: drop unused DTB_NAME variable from do_install
> 
> Mike Crowe (1):
>   allarch: Force TARGET_*FLAGS variable values
> 
> Richard Purdie (2):
>   layer.conf: Add several allarch dependency exclusions
>   layer.conf: Add missing dependency for allarch package
>     initramfs-framework
> 
> Sergiy Kibrik (1):
>   rsync: backport libattr checking patch
> 
> Sona Sarmadi (7):
>   libtasn1: CVE-2015-3622
>   grep2.19: CVE-2015-1345
>   libxml2: CVE-2015-7942
>   libxml2: CVE-2015-8035
>   openssl: CVE-2015-3194, CVE-2015-3195
>   libxml2: CVE-2015-8241
>   bind: CVE-2015-8000
> 
> Tudor Florea (2):
>   glibc: use patch for CVE-2015-1781
>   unzip: CVE-2015-7696, CVE-2015-7697
> 
>  meta/classes/allarch.bbclass                       |   4 +
>  meta/classes/fontcache.bbclass                     |  19 +-
>  meta/classes/image.bbclass                         |   2 +-
>  meta/conf/layer.conf                               |  11 ++
>  ...E-2015-8370-Grub2-user-pass-vulnerability.patch |  50 ++++++
>  meta/recipes-bsp/grub/grub-efi_2.00.bb             |   1 +
>  meta/recipes-bsp/grub/grub_2.00.bb                 |   1 +
>  .../bind/bind/CVE-2015-8000.patch                  | 194 +++++++++++++++++++++
>  meta/recipes-connectivity/bind/bind_9.9.5.bb       |   1 +
>  .../openssh/openssh/CVE-2015-6563.patch            |  36 ++++
>  .../openssh/openssh/CVE-2015-6564.patch            |  34 ++++
>  .../openssh/openssh/CVE-2015-6565.patch            |  35 ++++
>  meta/recipes-connectivity/openssh/openssh_6.6p1.bb |   5 +-
>  .../CVE-2015-3194-Add-PSS-parameter-check.patch    |  37 ++++
>  ...CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch |  61 +++++++
>  .../recipes-connectivity/openssl/openssl_1.0.1p.bb |   2 +
>  ...5-1472-wscanf-allocates-too-little-memory.patch | 108 ++++++++++++
>  meta/recipes-core/glibc/glibc_2.20.bb              |   5 +-
>  meta/recipes-core/libxml/libxml2.inc               |   3 +
>  .../libxml/libxml2/CVE-2015-7942.patch             |  58 ++++++
>  .../libxml/libxml2/CVE-2015-8035.patch             |  35 ++++
>  .../libxml/libxml2/CVE-2015-8241.patch             |  41 +++++
>  .../rsync/files/check_libattr.patch                |  33 ++++
>  meta/recipes-devtools/rsync/rsync_3.1.0.bb         |   3 +-
>  .../grep/grep-2.19/grep2.19-CVE-2015-1345.patch    | 129 ++++++++++++++
>  meta/recipes-extended/grep/grep_2.19.bb            |   4 +-
>  meta/recipes-extended/texinfo/texinfo_5.2.bb       |   2 +-
>  .../unzip/unzip/CVE-2015-7696.patch                |  38 ++++
>  .../unzip/unzip/CVE-2015-7697.patch                |  31 ++++
>  meta/recipes-extended/unzip/unzip_6.0.bb           |   2 +
>  meta/recipes-kernel/linux/linux-dtb.inc            |   1 -
>  .../gnutls/libtasn1/libtasn1-CVE-2015-3622.patch   |  44 +++++
>  meta/recipes-support/gnutls/libtasn1_4.0.bb        |   1 +
>  scripts/postinst-intercepts/update_font_cache      |   4 +-
>  34 files changed, 1020 insertions(+), 15 deletions(-)
>  create mode 100644 meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch
>  create mode 100644 meta/recipes-connectivity/bind/bind/CVE-2015-8000.patch
>  create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2015-6563.patch
>  create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2015-6564.patch
>  create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2015-6565.patch
>  create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2015-3194-Add-PSS-parameter-check.patch
>  create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch
>  create mode 100644 meta/recipes-core/glibc/glibc/CVE-2015-1472-wscanf-allocates-too-little-memory.patch
>  create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2015-7942.patch
>  create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2015-8035.patch
>  create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2015-8241.patch
>  create mode 100644 meta/recipes-devtools/rsync/files/check_libattr.patch
>  create mode 100644 meta/recipes-extended/grep/grep-2.19/grep2.19-CVE-2015-1345.patch
>  create mode 100644 meta/recipes-extended/unzip/unzip/CVE-2015-7696.patch
>  create mode 100644 meta/recipes-extended/unzip/unzip/CVE-2015-7697.patch
>  create mode 100644 meta/recipes-support/gnutls/libtasn1/libtasn1-CVE-2015-3622.patch
> 
> -- 
> 1.9.1
> 
> -- 
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core

-- 
Martin 'JaMa' Jansa     jabber: Martin.Jansa@gmail.com

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 188 bytes --]

  parent reply	other threads:[~2016-01-21 11:56 UTC|newest]

Thread overview: 27+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-01-10  0:30 [PATCH 00/20] Dizzy-next pull request 2016-1 Armin Kuster
2016-01-10  0:30 ` [PATCH 01/20] libtasn1: CVE-2015-3622 Armin Kuster
2016-01-10  0:30 ` [PATCH 02/20] grep2.19: CVE-2015-1345 Armin Kuster
2016-01-10  0:30 ` [PATCH 03/20] rsync: backport libattr checking patch Armin Kuster
2016-01-10  0:30 ` [PATCH 04/20] openssh: CVE-2015-6563 CVE-2015-6564 CVE-2015-6565 Armin Kuster
2016-01-10  0:30 ` [PATCH 05/20] fontcache: allow to pass extra parameters and environment to fc-cache Armin Kuster
2016-01-10  0:30 ` [PATCH 06/20] image.bbclass: don't let do_rootfs depend on BUILDNAME Armin Kuster
2016-01-10  0:30 ` [PATCH 07/20] layer.conf: Add several allarch dependency exclusions Armin Kuster
2016-01-10  0:30 ` [PATCH 08/20] layer.conf: Add missing dependency for allarch package initramfs-framework Armin Kuster
2016-01-10  0:30 ` [PATCH 09/20] allarch: Force TARGET_*FLAGS variable values Armin Kuster
2016-01-10  0:30 ` [PATCH 10/20] texinfo: don't create dependency on INHERIT variable Armin Kuster
2016-01-10  0:30 ` [PATCH 11/20] linux-dtb.inc: drop unused DTB_NAME variable from do_install Armin Kuster
2016-01-10  0:30 ` [PATCH 12/20] glibc: use patch for CVE-2015-1781 Armin Kuster
2016-01-10  0:30 ` [PATCH 13/20] libxml2: CVE-2015-7942 Armin Kuster
2016-01-10  0:30 ` [PATCH 14/20] unzip: CVE-2015-7696, CVE-2015-7697 Armin Kuster
2016-01-10  0:30 ` [PATCH 15/20] libxml2: CVE-2015-8035 Armin Kuster
2016-01-10  0:30 ` [PATCH 16/20] openssl: CVE-2015-3194, CVE-2015-3195 Armin Kuster
2016-01-10  0:30 ` [PATCH 17/20] libxml2: CVE-2015-8241 Armin Kuster
2016-01-10  0:30 ` [PATCH 18/20] Fixes a heap buffer overflow in glibc wscanf Armin Kuster
2016-01-10  0:30 ` [PATCH 19/20] grub2: Fix CVE-2015-8370 Armin Kuster
2016-01-10  0:30 ` [PATCH 20/20] bind: CVE-2015-8000 Armin Kuster
2016-01-21 11:57 ` Martin Jansa [this message]
2016-01-27 11:33   ` [PATCH 00/20] Dizzy-next pull request 2016-1 Martin Jansa
2016-01-30  2:44     ` akuster808
2016-01-30  9:08       ` Martin Jansa
2016-01-30 12:06         ` Richard Purdie
2016-01-30 12:37           ` Martin Jansa

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20160121115752.GA2603@jama \
    --to=martin.jansa@gmail.com \
    --cc=akuster808@gmail.com \
    --cc=openembedded-core@lists.openembedded.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.