* [PATCH 00/30] Thud-next pull request
@ 2019-07-27 14:20 Armin Kuster
0 siblings, 0 replies; only message in thread
From: Armin Kuster @ 2019-07-27 14:20 UTC (permalink / raw)
To: openembedded-core
The following changes since commit f162d5bfe6eaeca24f441c83c87252c8d05744fc:
core-image-sato-sdk-ptest: Tweak size to stay within 4GB limit (2019-05-17 22:05:59 -0700)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/thud-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/thud-next
Armin Kuster (16):
glibc: Security fix CVE-2019-9169
elfutils: Security fixes CVE-2019-7146,7149,7150
qemu: Several CVE fixes
python: Update to 2.7.16
busybox: Security fixes for CVE-2018-20679 CVE-2019-5747
sqlite3: Security fixes for CVE-2018-20505 & 20506
file: Multiple Secruity fixes
go: update to minor update 1.11.10
qemu: Security fix for CVE-2018-19489
Tar: Security fix CVE-2019-0023
glib-2.0: Security fix for CVE-2019-12450
wget: Security fix for CVE-2019-5953
Curl: Securiyt fix CVE-2019-5435 CVE-2019-5436
qemu: Security fix for CVE-2019-12155
qemu: Security fixes CVE-2018-20815 CVE-2019-9824
glib: Security fix for CVE-2019-9633
Chen Qi (2):
cups: upgrade to 2.2.9
cups: upgrade to 2.2.10
Hongxu Jia (1):
go-target.inc: fix go not found while multilib enabled
Joshua DeWeese (1):
wpa_supplicant: Changed systemd template units
Khem Raj (1):
go: Upgrade 1.11.1 -> 1.11.4 minor release
Martin Jansa (1):
python: add a fix for CVE-2019-9948 and CVE-2019-9636
Richard Purdie (4):
go-crosssdk: PN should use SDK_SYS, not TARGET_ARCH
yocto-uninative: Update to 2.5 release
uninative: Switch from bz2 to xz
uninative: Update to 2.6 release
Robert Yang (1):
uboot-sign.bbclass: Remove tab indentations in python code
Ross Burton (3):
cairo: fix CVE-2018-19876 CVE-2019-6461 CVE-2019-6462
lighttpd: fix CVE-2019-11072
glibc: backport CVE fixes
meta/classes/uboot-sign.bbclass | 20 +-
meta/classes/uninative.bbclass | 4 +-
meta/conf/distro/include/yocto-uninative.inc | 8 +-
...place-systemd-install-Alias-with-WantedBy.patch | 52 ++++
.../wpa-supplicant/wpa-supplicant_2.6.bb | 1 +
.../busybox/busybox/CVE-2018-20679.patch | 142 +++++++++
.../busybox/busybox/CVE-2019-5747.patch | 60 ++++
meta/recipes-core/busybox/busybox_1.29.3.bb | 2 +
.../glib-2.0/glib-2.0/CVE-2019-12450.patch | 59 ++++
.../glib-2.0/glib-2.0/CVE-2019-9633_p1.patch | 316 +++++++++++++++++++++
.../glib-2.0/glib-2.0/CVE-2019-9633_p2.patch | 231 +++++++++++++++
meta/recipes-core/glib-2.0/glib-2.0_2.58.0.bb | 3 +
meta/recipes-core/glibc/glibc/CVE-2016-10739.patch | 232 +++++++++++++++
meta/recipes-core/glibc/glibc/CVE-2018-19591.patch | 48 ++++
meta/recipes-core/glibc/glibc/CVE-2019-9169.patch | 63 ++++
meta/recipes-core/glibc/glibc_2.28.bb | 3 +
meta/recipes-devtools/elfutils/elfutils_0.175.bb | 4 +
.../elfutils/files/CVE-2019-7146_p1.patch | 52 ++++
.../elfutils/files/CVE-2019-7146_p2.patch | 65 +++++
.../elfutils/files/CVE-2019-7149.patch | 148 ++++++++++
.../elfutils/files/CVE-2019-7150.patch | 51 ++++
.../recipes-devtools/file/file/CVE-2019-8904.patch | 30 ++
.../file/file/CVE-2019-8905_CVE-2019-8907.patch | 120 ++++++++
.../recipes-devtools/file/file/CVE-2019-8906.patch | 27 ++
meta/recipes-devtools/file/file_5.34.bb | 3 +
meta/recipes-devtools/go/go-1.11.inc | 7 +-
...07-cmd-go-make-GOROOT-precious-by-default.patch | 6 +-
.../0008-use-GOBUILDMODE-to-set-buildmode.patch | 13 +-
meta/recipes-devtools/go/go-crosssdk.inc | 2 +-
meta/recipes-devtools/go/go-target.inc | 2 +-
...on-native_2.7.15.bb => python-native_2.7.16.bb} | 2 -
meta/recipes-devtools/python/python.inc | 18 +-
...23-Use-XML_SetHashSalt-in-_elementtree-GH.patch | 96 -------
...ix-test_ssl-when-a-filename-cannot-be-enc.patch | 55 ----
...LS-1.3-ciphers-for-OpenSSL-1.1.1-GH-6976-.patch | 120 --------
...34540-Convert-shutil._call_external_zip-t.patch | 67 -----
...dd-missing-closing-wrapper-in-test_tls1_3.patch | 37 ---
...ix-test_ssl.test_options-to-account-for-O.patch | 37 ---
...ix-test_default_ecdh_curve-needs-no-tlsv1.patch | 34 ---
.../python/bpo-35907-cve-2019-9948-fix.patch | 55 ++++
.../python/python/bpo-35907-cve-2019-9948.patch | 55 ++++
.../python/bpo-36216-cve-2019-9636-fix.patch | 28 ++
.../python/python/bpo-36216-cve-2019-9636.patch | 111 ++++++++
.../python/{python_2.7.15.bb => python_2.7.16.bb} | 6 +-
.../qemu/qemu/CVE-2018-16867.patch | 49 ++++
.../qemu/qemu/CVE-2018-16872.patch | 89 ++++++
.../qemu/qemu/CVE-2018-18849.patch | 86 ++++++
.../qemu/qemu/CVE-2018-19364_p1.patch | 51 ++++
.../qemu/qemu/CVE-2018-19364_p2.patch | 115 ++++++++
.../qemu/qemu/CVE-2018-19489.patch | 83 ++++++
.../qemu/qemu/CVE-2018-20815_p1.patch | 42 +++
.../qemu/qemu/CVE-2018-20815_p2.patch | 52 ++++
.../qemu/qemu/CVE-2019-12155.patch | 38 +++
.../recipes-devtools/qemu/qemu/CVE-2019-9824.patch | 47 +++
meta/recipes-devtools/qemu/qemu_3.0.0.bb | 10 +
.../0001-don-t-try-to-run-generated-binaries.patch | 29 +-
.../cups/{cups_2.2.8.bb => cups_2.2.10.bb} | 4 +-
.../lighttpd/lighttpd/fix-http-parseopts.patch | 51 ++++
meta/recipes-extended/lighttpd/lighttpd_1.4.51.bb | 1 +
meta/recipes-extended/tar/tar/CVE-2019-9923.patch | 38 +++
meta/recipes-extended/tar/tar_1.30.bb | 1 +
.../recipes-extended/wget/wget/CVE-2019-5953.patch | 51 ++++
meta/recipes-extended/wget/wget_1.19.5.bb | 1 +
.../cairo/cairo/CVE-2019-6461.patch | 19 ++
.../cairo/cairo/CVE-2019-6462.patch | 20 ++
meta/recipes-graphics/cairo/cairo_1.14.12.bb | 2 +
meta/recipes-support/curl/curl/CVE-2019-5435.patch | 200 +++++++++++++
meta/recipes-support/curl/curl/CVE-2019-5436.patch | 32 +++
meta/recipes-support/curl/curl_7.61.0.bb | 2 +
.../sqlite/files/CVE-2018-20505.patch | 31 ++
.../sqlite/files/CVE-2018-20506.patch | 103 +++++++
meta/recipes-support/sqlite/sqlite3_3.23.1.bb | 2 +
72 files changed, 3233 insertions(+), 511 deletions(-)
create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-replace-systemd-install-Alias-with-WantedBy.patch
create mode 100644 meta/recipes-core/busybox/busybox/CVE-2018-20679.patch
create mode 100644 meta/recipes-core/busybox/busybox/CVE-2019-5747.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2019-12450.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2019-9633_p1.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2019-9633_p2.patch
create mode 100644 meta/recipes-core/glibc/glibc/CVE-2016-10739.patch
create mode 100644 meta/recipes-core/glibc/glibc/CVE-2018-19591.patch
create mode 100644 meta/recipes-core/glibc/glibc/CVE-2019-9169.patch
create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2019-7146_p1.patch
create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2019-7146_p2.patch
create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2019-7149.patch
create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2019-7150.patch
create mode 100644 meta/recipes-devtools/file/file/CVE-2019-8904.patch
create mode 100644 meta/recipes-devtools/file/file/CVE-2019-8905_CVE-2019-8907.patch
create mode 100644 meta/recipes-devtools/file/file/CVE-2019-8906.patch
rename meta/recipes-devtools/python/{python-native_2.7.15.bb => python-native_2.7.16.bb} (96%)
delete mode 100644 meta/recipes-devtools/python/python/0001-2.7-bpo-34623-Use-XML_SetHashSalt-in-_elementtree-GH.patch
delete mode 100644 meta/recipes-devtools/python/python/0001-bpo-33354-Fix-test_ssl-when-a-filename-cannot-be-enc.patch
delete mode 100644 meta/recipes-devtools/python/python/0001-bpo-33570-TLS-1.3-ciphers-for-OpenSSL-1.1.1-GH-6976-.patch
delete mode 100644 meta/recipes-devtools/python/python/0001-closes-bpo-34540-Convert-shutil._call_external_zip-t.patch
delete mode 100644 meta/recipes-devtools/python/python/0002-bpo-34818-Add-missing-closing-wrapper-in-test_tls1_3.patch
delete mode 100644 meta/recipes-devtools/python/python/0003-bpo-34834-Fix-test_ssl.test_options-to-account-for-O.patch
delete mode 100644 meta/recipes-devtools/python/python/0004-bpo-34836-fix-test_default_ecdh_curve-needs-no-tlsv1.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948-fix.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636-fix.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636.patch
rename meta/recipes-devtools/python/{python_2.7.15.bb => python_2.7.16.bb} (98%)
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-16867.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-16872.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-18849.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-19364_p1.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-19364_p2.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-19489.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-20815_p1.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-20815_p2.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2019-12155.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2019-9824.patch
rename meta/recipes-extended/cups/{cups_2.2.8.bb => cups_2.2.10.bb} (40%)
create mode 100644 meta/recipes-extended/lighttpd/lighttpd/fix-http-parseopts.patch
create mode 100644 meta/recipes-extended/tar/tar/CVE-2019-9923.patch
create mode 100644 meta/recipes-extended/wget/wget/CVE-2019-5953.patch
create mode 100644 meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch
create mode 100644 meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2019-5435.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2019-5436.patch
create mode 100644 meta/recipes-support/sqlite/files/CVE-2018-20505.patch
create mode 100644 meta/recipes-support/sqlite/files/CVE-2018-20506.patch
--
2.7.4
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2019-07-27 14:21 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-07-27 14:20 [PATCH 00/30] Thud-next pull request Armin Kuster
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.