From: Armin Kuster <akuster808@gmail.com>
To: openembedded-core@lists.openembedded.org
Subject: [Thud][ 00/24] Thud patch review
Date: Mon, 23 Sep 2019 20:12:56 -0700 [thread overview]
Message-ID: <cover.1569294712.git.akuster808@gmail.com> (raw)
Here is the lastes backports for thud-next.
Please review by Thursday.
The following changes since commit d3d3f443039b03f1200a14bfe99f985592632018:
build-appliance-image: Update to thud head revision (2019-08-01 11:58:11 +0100)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/thud-nmut
http://cgit.openembedded.org//log/?h=stable/thud-nmut
Adrian Bunk (1):
bind: upgrade 9.11.5 -> 9.11.5-P4
Alexander Kanavin (1):
buildhistory: call a dependency parser only on actual dependency lists
Andrii Bordunov via Openembedded-core (4):
curl: fix CVE-2018-16890 CVE-2019-3822 CVE-2019-3823
dbus: fix CVE-2019-12749
glib-2.0: fix CVE-2019-13012
libcomps: fix CVE-2019-3817
Anuj Mittal (5):
patch: fix CVE-2019-13636
python3: fix CVE-2019-9740
libxslt: fix CVE-2019-13117 CVE-2019-13118
patch: backport fixes
pango: fix CVE-2019-1010238
Armin Kuster (6):
gcc: Security fix for CVE-2019-14250
binutils: Security fix for CVE-2019-14444
binutils: Security fix for CVE-2019-12972
bind: update to latest LTS 9.11.5
go: update to 1.11.13, minor updates
dhcp: fix issue with new bind changes
Bartosz Golaszewski (1):
qemu: add a patch fixing the native build on newer kernels
Bruce Ashfield (1):
linux-yocto/4.14: update to v4.14.143
Dan Tran (3):
binutils: Fix 4 CVEs
python: Fix 3 CVEs
python3: Fix CVEs
Muminul Islam (1):
libxslt: Cve fix CVE-2019-11068
Trevor Gamblin (1):
patch: fix CVE-2019-13638
meta/lib/oe/buildhistory_analysis.py | 2 +-
.../bind/bind/CVE-2018-5740.patch | 72 -
.../bind/{bind_9.11.4.bb => bind_9.11.5-P4.bb} | 8 +-
...eplace-custom-isc_boolean_t-with-C-standa.patch | 2882 ++++++++++++++++++++
meta/recipes-connectivity/dhcp/dhcp_4.4.1.bb | 1 +
meta/recipes-core/dbus/dbus/CVE-2019-12749.patch | 127 +
meta/recipes-core/dbus/dbus_1.12.10.bb | 1 +
.../glib-2.0/glib-2.0/CVE-2019-13012.patch | 47 +
meta/recipes-core/glib-2.0/glib-2.0_2.58.0.bb | 1 +
meta/recipes-devtools/binutils/binutils-2.31.inc | 6 +
.../binutils/binutils/CVE-2018-1000876.patch | 180 ++
.../binutils/binutils/CVE-2018-20623.patch | 74 +
.../binutils/binutils/CVE-2018-20651.patch | 35 +
.../binutils/binutils/CVE-2018-20671.patch | 49 +
.../binutils/binutils/CVE-2019-12972.patch | 39 +
.../binutils/binutils/CVE-2019-14444.patch | 33 +
meta/recipes-devtools/gcc/gcc-8.2.inc | 1 +
.../gcc/gcc-8.2/CVE-2019-14250.patch | 44 +
meta/recipes-devtools/go/go-1.11.inc | 6 +-
.../libcomps/libcomps/CVE-2019-3817.patch | 97 +
meta/recipes-devtools/libcomps/libcomps_git.bb | 1 +
...k-temporary-file-on-failed-ed-style-patch.patch | 93 +
...ak-temporary-file-on-failed-multi-file-ed.patch | 80 +
...ke-ed-directly-instead-of-using-the-shell.patch | 44 +
.../patch/patch/CVE-2019-13636.patch | 113 +
meta/recipes-devtools/patch/patch_2.7.6.bb | 4 +
.../python/python/bpo-30458-cve-2019-9740.patch | 219 ++
.../python/python/bpo-35121-cve-2018-20852.patch | 127 +
.../python/python3/CVE-2018-14647.patch | 95 +
.../python/python3/CVE-2018-20406.patch | 217 ++
.../python/python3/CVE-2018-20852.patch | 129 +
.../python/python3/CVE-2019-9636.patch | 154 ++
.../python/python3/CVE-2019-9740.patch | 155 ++
meta/recipes-devtools/python/python3_3.5.6.bb | 5 +
meta/recipes-devtools/python/python_2.7.16.bb | 2 +
...error-messages-when-qemi_cpu_kick_thread-.patch | 19 +-
...fix-to-handle-variably-sized-SIOCGSTAMP-w.patch | 336 +++
meta/recipes-devtools/qemu/qemu_3.0.0.bb | 1 +
.../pango/pango/CVE-2019-1010238.patch | 38 +
meta/recipes-graphics/pango/pango_1.42.4.bb | 4 +-
meta/recipes-kernel/linux/linux-yocto-rt_4.14.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto-tiny_4.14.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_4.14.bb | 20 +-
.../recipes-support/curl/curl/CVE-2018-16890.patch | 50 +
meta/recipes-support/curl/curl/CVE-2019-3822.patch | 47 +
meta/recipes-support/curl/curl/CVE-2019-3823.patch | 55 +
meta/recipes-support/curl/curl_7.61.0.bb | 3 +
.../libxslt/files/CVE-2019-13117.patch | 33 +
.../libxslt/files/CVE-2019-13118.patch | 76 +
.../libxslt/libxslt/CVE-2019-11068.patch | 128 +
meta/recipes-support/libxslt/libxslt_1.1.32.bb | 5 +-
51 files changed, 5862 insertions(+), 108 deletions(-)
delete mode 100644 meta/recipes-connectivity/bind/bind/CVE-2018-5740.patch
rename meta/recipes-connectivity/bind/{bind_9.11.4.bb => bind_9.11.5-P4.bb} (95%)
create mode 100644 meta/recipes-connectivity/dhcp/dhcp/0001-dhcpd-fix-Replace-custom-isc_boolean_t-with-C-standa.patch
create mode 100644 meta/recipes-core/dbus/dbus/CVE-2019-12749.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2019-13012.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2018-1000876.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2018-20623.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2018-20651.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2018-20671.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2019-12972.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2019-14444.patch
create mode 100644 meta/recipes-devtools/gcc/gcc-8.2/CVE-2019-14250.patch
create mode 100644 meta/recipes-devtools/libcomps/libcomps/CVE-2019-3817.patch
create mode 100644 meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-ed-style-patch.patch
create mode 100644 meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-multi-file-ed.patch
create mode 100644 meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch
create mode 100644 meta/recipes-devtools/patch/patch/CVE-2019-13636.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-30458-cve-2019-9740.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-35121-cve-2018-20852.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2018-14647.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2018-20406.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2018-20852.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2019-9636.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2019-9740.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0014-linux-user-fix-to-handle-variably-sized-SIOCGSTAMP-w.patch
create mode 100644 meta/recipes-graphics/pango/pango/CVE-2019-1010238.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2018-16890.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2019-3822.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2019-3823.patch
create mode 100644 meta/recipes-support/libxslt/files/CVE-2019-13117.patch
create mode 100644 meta/recipes-support/libxslt/files/CVE-2019-13118.patch
create mode 100644 meta/recipes-support/libxslt/libxslt/CVE-2019-11068.patch
--
2.7.4
next reply other threads:[~2019-09-24 3:13 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-09-24 3:12 Armin Kuster [this message]
2019-09-24 3:12 ` [Thud][ 01/24] buildhistory: call a dependency parser only on actual dependency lists Armin Kuster
2019-09-24 3:12 ` [Thud][ 02/24] patch: fix CVE-2019-13636 Armin Kuster
2019-09-24 3:12 ` [Thud][ 03/24] python3: fix CVE-2019-9740 Armin Kuster
2019-09-24 3:13 ` [Thud][ 04/24] curl: fix CVE-2018-16890 CVE-2019-3822 CVE-2019-3823 Armin Kuster
2019-09-24 3:13 ` [Thud][ 05/24] dbus: fix CVE-2019-12749 Armin Kuster
2019-09-24 3:13 ` [Thud][ 06/24] glib-2.0: fix CVE-2019-13012 Armin Kuster
2019-09-24 3:13 ` [Thud][ 07/24] libcomps: fix CVE-2019-3817 Armin Kuster
2019-09-24 3:13 ` [Thud][ 08/24] qemu: add a patch fixing the native build on newer kernels Armin Kuster
2019-09-24 3:13 ` [Thud][ 09/24] gcc: Security fix for CVE-2019-14250 Armin Kuster
2019-09-24 3:13 ` [Thud][ 10/24] binutils: Security fix for CVE-2019-14444 Armin Kuster
2019-09-24 3:13 ` [Thud][ 11/24] binutils: Security fix for CVE-2019-12972 Armin Kuster
2019-09-24 3:13 ` [Thud][ 12/24] bind: update to latest LTS 9.11.5 Armin Kuster
2019-09-24 3:13 ` [Thud][ 13/24] bind: upgrade 9.11.5 -> 9.11.5-P4 Armin Kuster
2019-09-24 3:13 ` [Thud][ 14/24] go: update to 1.11.13, minor updates Armin Kuster
2019-09-24 3:13 ` [Thud][ 15/24] dhcp: fix issue with new bind changes Armin Kuster
2019-09-24 7:02 ` Adrian Bunk
2019-09-24 3:13 ` [Thud][ 16/24] binutils: Fix 4 CVEs Armin Kuster
2019-09-24 3:13 ` [Thud][ 17/24] python: Fix 3 CVEs Armin Kuster
2019-09-24 3:13 ` [Thud][ 18/24] python3: Fix CVEs Armin Kuster
2019-09-24 3:13 ` [Thud][ 19/24] libxslt: Cve fix CVE-2019-11068 Armin Kuster
2019-09-24 3:13 ` [Thud][ 20/24] libxslt: fix CVE-2019-13117 CVE-2019-13118 Armin Kuster
2019-09-24 3:13 ` [Thud][ 21/24] patch: fix CVE-2019-13638 Armin Kuster
2019-09-24 3:13 ` [Thud][ 22/24] patch: backport fixes Armin Kuster
2019-09-24 3:13 ` [Thud][ 23/24] pango: fix CVE-2019-1010238 Armin Kuster
2019-09-24 3:13 ` [Thud][ 24/24] linux-yocto/4.14: update to v4.14.143 Armin Kuster
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1569294712.git.akuster808@gmail.com \
--to=akuster808@gmail.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.