From: Armin Kuster <akuster808@gmail.com>
To: openembedded-core@lists.openembedded.org
Subject: [PATCH 00/25] Dizzy next for .3
Date: Sat, 18 Jul 2015 08:16:07 -0700 [thread overview]
Message-ID: <cover.1437232180.git.akuster808@gmail.com> (raw)
Please consider these for the 1.7.3 release
The following changes since commit 5f0d25152bac2d3798663a4ebfdd2df24060f153:
openssl: upgrade to 1.0.1p (2015-07-15 15:25:43 +0100)
are available in the git repository at:
git://git.yoctoproject.org/poky-contrib akuster/dizzy-next
http://git.yoctoproject.org/cgit.cgi//log/?h=akuster/dizzy-nex
Andre McCurdy (1):
mesa: update --with-llvm-shared-libs configure option
Armin Kuster (3):
tzcode: update to 2015d
tzdata: update to 2015d
curl: add a few missing security fixes
Cristian Iorga (1):
neard: fix the install path in init scripts
Haris Okanovic (1):
glibc: CVE-2015-1781: resolv/nss_dns/dns-host.c buffer overflow
Jonathan Liu (1):
qt4: add patch for BMP denial-of-service vulnerability
Jussi Kukkonen (1):
dbus: CVE-2015-0245: prevent forged ActivationFailure
Kai Kang (2):
qemu: fix CVE-2015-3456
gpgme: fix CVE-2014-3564
Leonardo Sandoval (2):
rpm: Fix CVE-2014-8118
rpm: Fix CVE-2013-6435
Martin Jansa (3):
squashfs-tools: build and install unsquashfs as well
e2fsprogs: install populate-extfs.sh
test-dependencies.sh: strip only .bb suffix
Maxin B. John (1):
curl: several security fixes
Ng Wei Tee (1):
linux-firmware: Package Marvell pci8897 and usb8897 firmware
Robert Yang (2):
perf: add LIBNUMA_DEFINES
license.bbclass: set dirs for do_populate_lic_setscene
Roy Li (4):
ppp: Security Advisory - CVE-2015-3310
unzip: Security Advisory -CVE-2014-9636 and CVE-2015-1315
unzip: fix four CVE defects
unzip: drop 12-cve-2014-9636-test-compr-eb.patch
Yue Tao (2):
libsndfile: Security Advisory - libsndfile - CVE-2014-9496
libxml2: Security Advisory - libxml2 - CVE-2015-1819
meta/classes/license.bbclass | 2 +
meta/recipes-connectivity/neard/neard.inc | 2 +-
.../ppp/ppp/fix-CVE-2015-3310.patch | 29 ++
meta/recipes-connectivity/ppp/ppp_2.4.6.bb | 1 +
meta/recipes-core/dbus/dbus.inc | 1 +
...015-0245-prevent-forged-ActivationFailure.patch | 48 +++
...81-resolv-nss_dns-dns-host.c-buffer-overf.patch | 43 +++
meta/recipes-core/glibc/glibc_2.20.bb | 3 +
meta/recipes-core/libxml/libxml2.inc | 1 +
...19-Enforce-the-reader-to-run-in-constant-.patch | 181 +++++++++
.../recipes-devtools/e2fsprogs/e2fsprogs_1.42.9.bb | 2 +
.../qemu/qemu/qemu-CVE-2015-3456.patch | 92 +++++
meta/recipes-devtools/qemu/qemu_2.1.0.bb | 1 +
.../rpm/rpm/rpm-CVE-2013-6435.patch | 109 ++++++
.../rpm/rpm/rpm-CVE-2014-8118.patch | 43 +++
meta/recipes-devtools/rpm/rpm_4.11.2.bb | 2 +
.../squashfs-tools/squashfs-tools_4.3.bb | 3 +-
.../recipes-extended/tzcode/tzcode-native_2015d.bb | 11 +
meta/recipes-extended/tzdata/tzdata_2015d.bb | 6 +
.../06-unzip60-alt-iconv-utf8_CVE-2015-1315.patch | 402 ++++++++++++++++++++
.../unzip/09-cve-2014-8139-crc-overflow.patch | 52 +++
.../unzip/10-cve-2014-8140-test-compr-eb.patch | 33 ++
.../unzip/11-cve-2014-8141-getzip64data.patch | 144 +++++++
.../unzip/unzip/unzip-6.0_overflow3.diff | 45 +++
meta/recipes-extended/unzip/unzip_6.0.bb | 8 +-
meta/recipes-graphics/mesa/mesa.inc | 2 +-
.../linux-firmware/linux-firmware_git.bb | 19 +-
meta/recipes-kernel/perf/perf.bb | 4 +-
...src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch | 211 +++++++++++
...c-Fix-two-potential-buffer-read-overflows.patch | 49 +++
.../libsndfile/libsndfile1_1.0.25.bb | 5 +-
meta/recipes-qt/qt4/qt4-4.8.6.inc | 1 +
...ion-by-zero-when-processing-malformed-BMP.patch | 44 +++
meta/recipes-support/curl/curl/CVE-2014-3707.patch | 416 +++++++++++++++++++++
meta/recipes-support/curl/curl/CVE-2014-8150.patch | 29 ++
meta/recipes-support/curl/curl/CVE-2015-3143.patch | 38 ++
meta/recipes-support/curl/curl/CVE-2015-3144.patch | 45 +++
meta/recipes-support/curl/curl/CVE-2015-3145.patch | 70 ++++
meta/recipes-support/curl/curl/CVE-2015-3153.patch | 90 +++++
meta/recipes-support/curl/curl_7.37.1.bb | 6 +
.../gpgme-1.4.3/gpgme-fix-CVE-2014-3564.patch | 56 +++
meta/recipes-support/gpgme/gpgme_1.4.3.bb | 4 +-
scripts/test-dependencies.sh | 4 +-
43 files changed, 2345 insertions(+), 12 deletions(-)
create mode 100644 meta/recipes-connectivity/ppp/ppp/fix-CVE-2015-3310.patch
create mode 100644 meta/recipes-core/dbus/dbus/CVE-2015-0245-prevent-forged-ActivationFailure.patch
create mode 100644 meta/recipes-core/glibc/glibc/CVE-2015-1781-resolv-nss_dns-dns-host.c-buffer-overf.patch
create mode 100644 meta/recipes-core/libxml/libxml2/0001-CVE-2015-1819-Enforce-the-reader-to-run-in-constant-.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/qemu-CVE-2015-3456.patch
create mode 100644 meta/recipes-devtools/rpm/rpm/rpm-CVE-2013-6435.patch
create mode 100644 meta/recipes-devtools/rpm/rpm/rpm-CVE-2014-8118.patch
create mode 100644 meta/recipes-extended/tzcode/tzcode-native_2015d.bb
create mode 100644 meta/recipes-extended/tzdata/tzdata_2015d.bb
create mode 100644 meta/recipes-extended/unzip/unzip/06-unzip60-alt-iconv-utf8_CVE-2015-1315.patch
create mode 100644 meta/recipes-extended/unzip/unzip/09-cve-2014-8139-crc-overflow.patch
create mode 100644 meta/recipes-extended/unzip/unzip/10-cve-2014-8140-test-compr-eb.patch
create mode 100644 meta/recipes-extended/unzip/unzip/11-cve-2014-8141-getzip64data.patch
create mode 100644 meta/recipes-extended/unzip/unzip/unzip-6.0_overflow3.diff
create mode 100644 meta/recipes-multimedia/libsndfile/files/0001-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch
create mode 100644 meta/recipes-multimedia/libsndfile/files/0001-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch
create mode 100644 meta/recipes-qt/qt4/qt4-4.8.6/0034-Fix-a-division-by-zero-when-processing-malformed-BMP.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2014-3707.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2014-8150.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2015-3143.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2015-3144.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2015-3145.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2015-3153.patch
create mode 100644 meta/recipes-support/gpgme/gpgme-1.4.3/gpgme-fix-CVE-2014-3564.patch
--
1.9.1
next reply other threads:[~2015-07-18 15:16 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-18 15:16 Armin Kuster [this message]
2015-07-18 15:16 ` [PATCH 01/25] neard: fix the install path in init scripts Armin Kuster
2015-07-18 15:16 ` [PATCH 02/25] tzcode: update to 2015d Armin Kuster
2015-07-18 15:16 ` [PATCH 03/25] tzdata: " Armin Kuster
2015-07-18 15:16 ` [PATCH 04/25] curl: several security fixes Armin Kuster
2015-07-18 15:16 ` [PATCH 05/25] curl: add a few missing " Armin Kuster
2015-07-18 15:16 ` [PATCH 06/25] squashfs-tools: build and install unsquashfs as well Armin Kuster
2015-07-18 15:16 ` [PATCH 07/25] perf: add LIBNUMA_DEFINES Armin Kuster
2015-07-18 15:16 ` [PATCH 08/25] license.bbclass: set dirs for do_populate_lic_setscene Armin Kuster
2015-07-18 15:16 ` [PATCH 09/25] libsndfile: Security Advisory - libsndfile - CVE-2014-9496 Armin Kuster
2015-07-18 15:16 ` [PATCH 10/25] qt4: add patch for BMP denial-of-service vulnerability Armin Kuster
2015-07-18 15:16 ` [PATCH 11/25] ppp: Security Advisory - CVE-2015-3310 Armin Kuster
2015-07-18 15:16 ` [PATCH 12/25] qemu: fix CVE-2015-3456 Armin Kuster
2015-07-18 15:16 ` [PATCH 13/25] glibc: CVE-2015-1781: resolv/nss_dns/dns-host.c buffer overflow Armin Kuster
2015-07-18 15:16 ` [PATCH 14/25] gpgme: fix CVE-2014-3564 Armin Kuster
2015-07-18 15:16 ` [PATCH 15/25] e2fsprogs: install populate-extfs.sh Armin Kuster
2015-07-18 15:16 ` [PATCH 16/25] mesa: update --with-llvm-shared-libs configure option Armin Kuster
2015-07-18 15:16 ` [PATCH 17/25] test-dependencies.sh: strip only .bb suffix Armin Kuster
2015-07-18 15:16 ` [PATCH 18/25] unzip: Security Advisory -CVE-2014-9636 and CVE-2015-1315 Armin Kuster
2015-07-18 15:16 ` [PATCH 19/25] unzip: fix four CVE defects Armin Kuster
2015-07-18 15:16 ` [PATCH 20/25] dbus: CVE-2015-0245: prevent forged ActivationFailure Armin Kuster
2015-07-18 15:16 ` [PATCH 21/25] linux-firmware: Package Marvell pci8897 and usb8897 firmware Armin Kuster
2015-07-18 15:16 ` [PATCH 22/25] unzip: drop 12-cve-2014-9636-test-compr-eb.patch Armin Kuster
2015-07-18 15:16 ` [PATCH 23/25] rpm: Fix CVE-2014-8118 Armin Kuster
2015-07-18 15:16 ` [PATCH 24/25] rpm: Fix CVE-2013-6435 Armin Kuster
2015-07-18 15:16 ` [PATCH 25/25] libxml2: Security Advisory - libxml2 - CVE-2015-1819 Armin Kuster
2015-07-24 7:34 ` [PATCH 00/25] Dizzy next for .3 Richard Purdie
2015-07-25 5:28 ` akuster808
2015-07-25 23:27 ` Richard Purdie
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1437232180.git.akuster808@gmail.com \
--to=akuster808@gmail.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.