From: Robert Yang <liezhi.yang@windriver.com>
To: Richard Purdie <richard.purdie@linuxfoundation.org>
Cc: Armin Kuster <akuster@mvista.com>,
openembedded-core@lists.openembedded.org
Subject: Re: [PATCH 0/8] Pull request - for jethro-next: security fixes
Date: Thu, 12 May 2016 13:42:23 +0800 [thread overview]
Message-ID: <573417BF.7030504@windriver.com> (raw)
In-Reply-To: <cover.1463017812.git.akuster@mvista.com>
Hi RP,
I've done some building testing on these patches, they are OK.
Would you please help to merge to jethro, please ?
// Robert
On 05/12/2016 09:54 AM, Armin Kuster wrote:
> This is to honor Yocto Compatibility requirements
>
> Take what you find as usefull
>
> The following changes since commit bca156013af0a98cb18d8156626b9acc8f9883e3:
>
> openssl: 1.0.2d -> 1.0.2h (mainly for CVEs) (2016-05-11 12:36:54 +0100)
>
> are available in the git repository at:
>
> git://git.yoctoproject.org/poky-contrib akuster/jethro-next
> http://git.yoctoproject.org/cgit.cgi//log/?h=akuster/jethro-next
>
> Armin Kuster (8):
> libtiff: Security fix CVE-2015-8664 and 8683
> busybox: Security Fix CVE-2016-2148
> busybox: Security fix CVE-2016-2147
> openssh: Security Fix CVE-2016-3115
> gcc: Security fix CVE-2016-4488
> gcc: Security fix CVE-2016-4489
> gcc: Security fix CVE-2016-2226
> gcc: Security Fix CVE-2016-4490
>
> .../openssh/openssh/CVE-2016-3115.patch | 84 +++++++
> meta/recipes-connectivity/openssh/openssh_7.1p2.bb | 4 +-
> .../busybox/busybox/CVE-2016-2147.patch | 57 +++++
> .../busybox/busybox/CVE-2016-2147_2.patch | 32 +++
> .../busybox/busybox/CVE-2016-2148.patch | 74 ++++++
> meta/recipes-core/busybox/busybox_1.23.2.bb | 3 +
> meta/recipes-devtools/gcc/gcc-5.2.inc | 4 +
> .../gcc/gcc-5.2/CVE-2016-2226.patch | 103 ++++++++
> .../gcc/gcc-5.2/CVE-2016-4488.patch | 70 ++++++
> .../gcc/gcc-5.2/CVE-2016-4489.patch | 56 +++++
> .../gcc/gcc-5.2/CVE-2016-4490.patch | 267 +++++++++++++++++++++
> .../libtiff/files/CVE-2015-8665_8683.patch | 137 +++++++++++
> meta/recipes-multimedia/libtiff/tiff_4.0.4.bb | 1 +
> 13 files changed, 891 insertions(+), 1 deletion(-)
> create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2016-3115.patch
> create mode 100644 meta/recipes-core/busybox/busybox/CVE-2016-2147.patch
> create mode 100644 meta/recipes-core/busybox/busybox/CVE-2016-2147_2.patch
> create mode 100644 meta/recipes-core/busybox/busybox/CVE-2016-2148.patch
> create mode 100644 meta/recipes-devtools/gcc/gcc-5.2/CVE-2016-2226.patch
> create mode 100644 meta/recipes-devtools/gcc/gcc-5.2/CVE-2016-4488.patch
> create mode 100644 meta/recipes-devtools/gcc/gcc-5.2/CVE-2016-4489.patch
> create mode 100644 meta/recipes-devtools/gcc/gcc-5.2/CVE-2016-4490.patch
> create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2015-8665_8683.patch
>
parent reply other threads:[~2016-05-12 5:42 UTC|newest]
Thread overview: expand[flat|nested] mbox.gz Atom feed
[parent not found: <cover.1463017812.git.akuster@mvista.com>]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=573417BF.7030504@windriver.com \
--to=liezhi.yang@windriver.com \
--cc=akuster@mvista.com \
--cc=openembedded-core@lists.openembedded.org \
--cc=richard.purdie@linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.