From: Saul Wold <sgw@linux.intel.com>
To: openembedded-core@lists.openembedded.org,
richard.purdie@linuxfoundation.org
Subject: [PATCH 00/24][Jethro V2] Jethro Consolidated Patchset
Date: Wed, 3 Feb 2016 09:51:36 -0800 [thread overview]
Message-ID: <cover.1454521792.git.sgw@linux.intel.com> (raw)
Richard,
This is the the udpated patch set for 2.0.1 after reviewing
the open CVEs and Medium+ bugs with available backports.
V2 added 2 patches I had in my Poky branch, but got left out here.
This has patches that address the AB failures from the other day
There will be a set of patches going to poky for the meta-yocto-bsp
fixes when they are available and tested.
Thanks
Sau!
The following changes since commit 3e403cc1bdeefd4f39e54bae2269ca56307e8468:
libpcre: bug fixes include security (2016-01-30 12:10:16 +0000)
are available in the git repository at:
ssh://git@git.openembedded.org/openembedded-core-contrib sgw/jethro
for you to fetch changes up to 226a26e51eb0789686509d3e22a3766e2e3e8666:
piglit: don't use /tmp to write generated sources to (2016-02-03 09:48:20 -0800)
----------------------------------------------------------------
Alejandro Hernandez (3):
linux-yocto: Update SRCREV for qemux86* for 3.14, fixes CVE-2016-0728
linux-yocto: Update SRCREV for qemux86* for 3.19, fixes CVE-2016-0728
linux-yocto: Update SRCREV for qemux86* for 4.1, fixes CVE-2016-0728
Armin Kuster (12):
tzcode: update to 2016a
tzdata: update to 2016a
dpkg: Security fix CVE-2015-0860
libxml2: Security fix CVE-2015-8241
libxml2: Security fix CVE-2015-8710
bind: Security fix CVE-2015-8000
bind: Security fix CVE-2015-8461
librsvg: Security fix CVE-2015-7558
gdk-pixbuf: Security fix CVE-2015-7674
grub: Security fix CVE-2015-8370
glibc-locale: fix QA warning
git: Security fix CVE-2015-7545
Bogdan-Alexandru Voiculescu (1):
uClibc: enable utmp for shadow compatibility
Jianxun Zhang (1):
kernel-yocto: fix checkout bare-cloned kernel repositories
Joe Slater (1):
ghostscript: add dependency for pnglibconf.h
Jussi Kukkonen (1):
gcr: Require x11 DISTRO_FEATURE
Maxin B. John (2):
libpng: update URL that no longer exists
libpng12: update URL that no longer exists
Paul Eggleton (1):
gen-lockedsig-cache: fix bad destination path joining
Ross Burton (2):
busybox: fix build of last applet
piglit: don't use /tmp to write generated sources to
meta/classes/kernel-yocto.bbclass | 13 +-
meta/recipes-bsp/grub/files/CVE-2015-8370.patch | 59 +++
meta/recipes-bsp/grub/grub2.inc | 1 +
.../bind/bind/CVE-2015-8000.patch | 278 +++++++++++++
.../bind/bind/CVE-2015-8461.patch | 44 ++
meta/recipes-connectivity/bind/bind_9.10.2-P4.bb | 2 +
.../busybox/busybox/0001-randconfig-fix.patch | 33 ++
meta/recipes-core/busybox/busybox_1.23.2.bb | 1 +
meta/recipes-core/glibc/glibc-locale.inc | 2 +-
meta/recipes-core/libxml/libxml2.inc | 2 +
.../libxml/libxml2/CVE-2015-8241.patch | 40 ++
.../libxml/libxml2/CVE-2015-8710.patch | 71 ++++
meta/recipes-core/uclibc/uclibc-git/uClibc.distro | 2 +
.../recipes-devtools/dpkg/dpkg/CVE-2015-0860.patch | 52 +++
meta/recipes-devtools/dpkg/dpkg_1.18.2.bb | 1 +
.../git/git-2.5.0/0008-CVE-2015-7545-1.patch | 446 +++++++++++++++++++++
.../git/git-2.5.0/0009-CVE-2015-7545-2.patch | 112 ++++++
.../git/git-2.5.0/0010-CVE-2015-7545-3.patch | 112 ++++++
.../git/git-2.5.0/0011-CVE-2015-7545-4.patch | 150 +++++++
.../git/git-2.5.0/0012-CVE-2015-7545-5.patch | 69 ++++
meta/recipes-devtools/git/git_2.5.0.bb | 8 +
.../ghostscript/ghostscript/png_mak.patch | 21 +
.../ghostscript/ghostscript_9.16.bb | 1 +
.../recipes-extended/tzcode/tzcode-native_2015g.bb | 25 --
.../recipes-extended/tzcode/tzcode-native_2016a.bb | 25 ++
.../tzdata/{tzdata_2015g.bb => tzdata_2016a.bb} | 10 +-
meta/recipes-gnome/gcr/gcr_3.16.0.bb | 4 +-
.../gdk-pixbuf/gdk-pixbuf/CVE-2015-7674.patch | 39 ++
meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.30.8.bb | 1 +
.../librsvg/librsvg/CVE-2015-7558_1.patch | 139 +++++++
.../librsvg/librsvg/CVE-2015-7558_2.patch | 230 +++++++++++
.../librsvg/librsvg/CVE-2015-7558_3.patch | 223 +++++++++++
meta/recipes-gnome/librsvg/librsvg_2.40.10.bb | 6 +-
meta/recipes-graphics/piglit/piglit_git.bb | 6 +
meta/recipes-kernel/linux/linux-yocto_3.14.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_3.19.bb | 4 +-
meta/recipes-kernel/linux/linux-yocto_4.1.bb | 6 +-
meta/recipes-lsb4/libpng/libpng12_1.2.53.bb | 2 +-
meta/recipes-multimedia/libpng/libpng_1.6.17.bb | 2 +-
scripts/gen-lockedsig-cache | 2 +-
40 files changed, 2205 insertions(+), 45 deletions(-)
create mode 100644 meta/recipes-bsp/grub/files/CVE-2015-8370.patch
create mode 100644 meta/recipes-connectivity/bind/bind/CVE-2015-8000.patch
create mode 100644 meta/recipes-connectivity/bind/bind/CVE-2015-8461.patch
create mode 100644 meta/recipes-core/busybox/busybox/0001-randconfig-fix.patch
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2015-8241.patch
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2015-8710.patch
create mode 100644 meta/recipes-devtools/dpkg/dpkg/CVE-2015-0860.patch
create mode 100644 meta/recipes-devtools/git/git-2.5.0/0008-CVE-2015-7545-1.patch
create mode 100644 meta/recipes-devtools/git/git-2.5.0/0009-CVE-2015-7545-2.patch
create mode 100644 meta/recipes-devtools/git/git-2.5.0/0010-CVE-2015-7545-3.patch
create mode 100644 meta/recipes-devtools/git/git-2.5.0/0011-CVE-2015-7545-4.patch
create mode 100644 meta/recipes-devtools/git/git-2.5.0/0012-CVE-2015-7545-5.patch
create mode 100644 meta/recipes-extended/ghostscript/ghostscript/png_mak.patch
delete mode 100644 meta/recipes-extended/tzcode/tzcode-native_2015g.bb
create mode 100644 meta/recipes-extended/tzcode/tzcode-native_2016a.bb
rename meta/recipes-extended/tzdata/{tzdata_2015g.bb => tzdata_2016a.bb} (96%)
create mode 100644 meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2015-7674.patch
create mode 100644 meta/recipes-gnome/librsvg/librsvg/CVE-2015-7558_1.patch
create mode 100644 meta/recipes-gnome/librsvg/librsvg/CVE-2015-7558_2.patch
create mode 100644 meta/recipes-gnome/librsvg/librsvg/CVE-2015-7558_3.patch
Alejandro Hernandez (3):
linux-yocto: Update SRCREV for qemux86* for 3.14, fixes CVE-2016-0728
linux-yocto: Update SRCREV for qemux86* for 3.19, fixes CVE-2016-0728
linux-yocto: Update SRCREV for qemux86* for 4.1, fixes CVE-2016-0728
Armin Kuster (12):
tzcode: update to 2016a
tzdata: update to 2016a
dpkg: Security fix CVE-2015-0860
libxml2: Security fix CVE-2015-8241
libxml2: Security fix CVE-2015-8710
bind: Security fix CVE-2015-8000
bind: Security fix CVE-2015-8461
librsvg: Security fix CVE-2015-7558
gdk-pixbuf: Security fix CVE-2015-7674
grub: Security fix CVE-2015-8370
glibc-locale: fix QA warning
git: Security fix CVE-2015-7545
Bogdan-Alexandru Voiculescu (1):
uClibc: enable utmp for shadow compatibility
Jianxun Zhang (1):
kernel-yocto: fix checkout bare-cloned kernel repositories
Joe Slater (1):
ghostscript: add dependency for pnglibconf.h
Jussi Kukkonen (1):
gcr: Require x11 DISTRO_FEATURE
Maxin B. John (2):
libpng: update URL that no longer exists
libpng12: update URL that no longer exists
Paul Eggleton (1):
gen-lockedsig-cache: fix bad destination path joining
Ross Burton (2):
busybox: fix build of last applet
piglit: don't use /tmp to write generated sources to
meta/classes/kernel-yocto.bbclass | 13 +-
meta/recipes-bsp/grub/files/CVE-2015-8370.patch | 59 +++
meta/recipes-bsp/grub/grub2.inc | 1 +
.../bind/bind/CVE-2015-8000.patch | 278 +++++++++++++
.../bind/bind/CVE-2015-8461.patch | 44 ++
meta/recipes-connectivity/bind/bind_9.10.2-P4.bb | 2 +
.../busybox/busybox/0001-randconfig-fix.patch | 33 ++
meta/recipes-core/busybox/busybox_1.23.2.bb | 1 +
meta/recipes-core/glibc/glibc-locale.inc | 2 +-
meta/recipes-core/libxml/libxml2.inc | 2 +
.../libxml/libxml2/CVE-2015-8241.patch | 40 ++
.../libxml/libxml2/CVE-2015-8710.patch | 71 ++++
meta/recipes-core/uclibc/uclibc-git/uClibc.distro | 2 +
.../recipes-devtools/dpkg/dpkg/CVE-2015-0860.patch | 52 +++
meta/recipes-devtools/dpkg/dpkg_1.18.2.bb | 1 +
.../git/git-2.5.0/0008-CVE-2015-7545-1.patch | 446 +++++++++++++++++++++
.../git/git-2.5.0/0009-CVE-2015-7545-2.patch | 112 ++++++
.../git/git-2.5.0/0010-CVE-2015-7545-3.patch | 112 ++++++
.../git/git-2.5.0/0011-CVE-2015-7545-4.patch | 150 +++++++
.../git/git-2.5.0/0012-CVE-2015-7545-5.patch | 69 ++++
meta/recipes-devtools/git/git_2.5.0.bb | 8 +
.../ghostscript/ghostscript/png_mak.patch | 21 +
.../ghostscript/ghostscript_9.16.bb | 1 +
...code-native_2015g.bb => tzcode-native_2016a.bb} | 16 +-
.../tzdata/{tzdata_2015g.bb => tzdata_2016a.bb} | 10 +-
meta/recipes-gnome/gcr/gcr_3.16.0.bb | 4 +-
.../gdk-pixbuf/gdk-pixbuf/CVE-2015-7674.patch | 39 ++
meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.30.8.bb | 1 +
.../librsvg/librsvg/CVE-2015-7558_1.patch | 139 +++++++
.../librsvg/librsvg/CVE-2015-7558_2.patch | 230 +++++++++++
.../librsvg/librsvg/CVE-2015-7558_3.patch | 223 +++++++++++
meta/recipes-gnome/librsvg/librsvg_2.40.10.bb | 6 +-
meta/recipes-graphics/piglit/piglit_git.bb | 6 +
meta/recipes-kernel/linux/linux-yocto_3.14.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_3.19.bb | 4 +-
meta/recipes-kernel/linux/linux-yocto_4.1.bb | 6 +-
meta/recipes-lsb4/libpng/libpng12_1.2.53.bb | 2 +-
meta/recipes-multimedia/libpng/libpng_1.6.17.bb | 2 +-
scripts/gen-lockedsig-cache | 2 +-
39 files changed, 2188 insertions(+), 28 deletions(-)
create mode 100644 meta/recipes-bsp/grub/files/CVE-2015-8370.patch
create mode 100644 meta/recipes-connectivity/bind/bind/CVE-2015-8000.patch
create mode 100644 meta/recipes-connectivity/bind/bind/CVE-2015-8461.patch
create mode 100644 meta/recipes-core/busybox/busybox/0001-randconfig-fix.patch
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2015-8241.patch
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2015-8710.patch
create mode 100644 meta/recipes-devtools/dpkg/dpkg/CVE-2015-0860.patch
create mode 100644 meta/recipes-devtools/git/git-2.5.0/0008-CVE-2015-7545-1.patch
create mode 100644 meta/recipes-devtools/git/git-2.5.0/0009-CVE-2015-7545-2.patch
create mode 100644 meta/recipes-devtools/git/git-2.5.0/0010-CVE-2015-7545-3.patch
create mode 100644 meta/recipes-devtools/git/git-2.5.0/0011-CVE-2015-7545-4.patch
create mode 100644 meta/recipes-devtools/git/git-2.5.0/0012-CVE-2015-7545-5.patch
create mode 100644 meta/recipes-extended/ghostscript/ghostscript/png_mak.patch
rename meta/recipes-extended/tzcode/{tzcode-native_2015g.bb => tzcode-native_2016a.bb} (40%)
rename meta/recipes-extended/tzdata/{tzdata_2015g.bb => tzdata_2016a.bb} (96%)
create mode 100644 meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2015-7674.patch
create mode 100644 meta/recipes-gnome/librsvg/librsvg/CVE-2015-7558_1.patch
create mode 100644 meta/recipes-gnome/librsvg/librsvg/CVE-2015-7558_2.patch
create mode 100644 meta/recipes-gnome/librsvg/librsvg/CVE-2015-7558_3.patch
--
2.5.0
reply other threads:[~2016-02-03 17:51 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1454521792.git.sgw@linux.intel.com \
--to=sgw@linux.intel.com \
--cc=openembedded-core@lists.openembedded.org \
--cc=richard.purdie@linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.