From: Armin Kuster <akuster808@gmail.com>
To: openembedded-core@lists.openembedded.org
Subject: [thud 00/26] Pull request
Date: Mon, 7 Oct 2019 08:10:37 -0700 [thread overview]
Message-ID: <cover.1570460789.git.akuster808@gmail.com> (raw)
This has backports waiting for warrior to merge thus the delay for this request.
The following changes since commit d3d3f443039b03f1200a14bfe99f985592632018:
build-appliance-image: Update to thud head revision (2019-08-01 11:58:11 +0100)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/thud-next
http://cgit.openembedded.org//log/?h=stable/thud-next
Adrian Bunk (2):
bind: upgrade 9.11.5 -> 9.11.5-P4
dhcp: Replace OE specific patch for compatibility with latest bind
with upstream patch
Alexander Kanavin (1):
buildhistory: call a dependency parser only on actual dependency lists
Andrii Bordunov via Openembedded-core (4):
curl: fix CVE-2018-16890 CVE-2019-3822 CVE-2019-3823
dbus: fix CVE-2019-12749
glib-2.0: fix CVE-2019-13012
libcomps: fix CVE-2019-3817
Anuj Mittal (5):
patch: fix CVE-2019-13636
python3: fix CVE-2019-9740
libxslt: fix CVE-2019-13117 CVE-2019-13118
patch: backport fixes
pango: fix CVE-2019-1010238
Armin Kuster (6):
gcc: Security fix for CVE-2019-14250
binutils: Security fix for CVE-2019-14444
binutils: Security fix for CVE-2019-12972
bind: update to latest LTS 9.11.5
go: update to 1.11.13, minor updates
dhcp: fix issue with new bind changes
Bartosz Golaszewski (1):
qemu: add a patch fixing the native build on newer kernels
Bruce Ashfield (1):
linux-yocto/4.14: update to v4.14.143
Dan Tran (3):
binutils: Fix 4 CVEs
python: Fix 3 CVEs
python3: Fix CVEs
Muminul Islam (1):
libxslt: Cve fix CVE-2019-11068
Ruslan Bilovol (1):
dhcp: drop lost patch
Trevor Gamblin (1):
patch: fix CVE-2019-13638
meta/lib/oe/buildhistory_analysis.py | 2 +-
.../bind/bind/CVE-2018-5740.patch | 72 -----
.../bind/{bind_9.11.4.bb => bind_9.11.5-P4.bb} | 8 +-
...d-includes-of-new-BIND9-compatibility-hea.patch | 79 +++++
.../dhcp/0008-tweak-to-support-external-bind.patch | 117 -------
meta/recipes-connectivity/dhcp/dhcp_4.4.1.bb | 1 +
meta/recipes-core/dbus/dbus/CVE-2019-12749.patch | 127 ++++++++
meta/recipes-core/dbus/dbus_1.12.10.bb | 1 +
.../glib-2.0/glib-2.0/CVE-2019-13012.patch | 47 +++
meta/recipes-core/glib-2.0/glib-2.0_2.58.0.bb | 1 +
meta/recipes-devtools/binutils/binutils-2.31.inc | 6 +
.../binutils/binutils/CVE-2018-1000876.patch | 180 +++++++++++
.../binutils/binutils/CVE-2018-20623.patch | 74 +++++
.../binutils/binutils/CVE-2018-20651.patch | 35 +++
.../binutils/binutils/CVE-2018-20671.patch | 49 +++
.../binutils/binutils/CVE-2019-12972.patch | 39 +++
.../binutils/binutils/CVE-2019-14444.patch | 33 ++
meta/recipes-devtools/gcc/gcc-8.2.inc | 1 +
.../gcc/gcc-8.2/CVE-2019-14250.patch | 44 +++
meta/recipes-devtools/go/go-1.11.inc | 6 +-
.../libcomps/libcomps/CVE-2019-3817.patch | 97 ++++++
meta/recipes-devtools/libcomps/libcomps_git.bb | 1 +
...k-temporary-file-on-failed-ed-style-patch.patch | 93 ++++++
...ak-temporary-file-on-failed-multi-file-ed.patch | 80 +++++
...ke-ed-directly-instead-of-using-the-shell.patch | 44 +++
.../patch/patch/CVE-2019-13636.patch | 113 +++++++
meta/recipes-devtools/patch/patch_2.7.6.bb | 4 +
.../python/python/bpo-30458-cve-2019-9740.patch | 219 ++++++++++++++
.../python/python/bpo-35121-cve-2018-20852.patch | 127 ++++++++
.../python/python3/CVE-2018-14647.patch | 95 ++++++
.../python/python3/CVE-2018-20406.patch | 217 +++++++++++++
.../python/python3/CVE-2018-20852.patch | 129 ++++++++
.../python/python3/CVE-2019-9636.patch | 154 ++++++++++
.../python/python3/CVE-2019-9740.patch | 155 ++++++++++
meta/recipes-devtools/python/python3_3.5.6.bb | 5 +
meta/recipes-devtools/python/python_2.7.16.bb | 2 +
...error-messages-when-qemi_cpu_kick_thread-.patch | 19 +-
...fix-to-handle-variably-sized-SIOCGSTAMP-w.patch | 336 +++++++++++++++++++++
meta/recipes-devtools/qemu/qemu_3.0.0.bb | 1 +
.../pango/pango/CVE-2019-1010238.patch | 38 +++
meta/recipes-graphics/pango/pango_1.42.4.bb | 4 +-
meta/recipes-kernel/linux/linux-yocto-rt_4.14.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto-tiny_4.14.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_4.14.bb | 20 +-
.../recipes-support/curl/curl/CVE-2018-16890.patch | 50 +++
meta/recipes-support/curl/curl/CVE-2019-3822.patch | 47 +++
meta/recipes-support/curl/curl/CVE-2019-3823.patch | 55 ++++
meta/recipes-support/curl/curl_7.61.0.bb | 3 +
.../libxslt/files/CVE-2019-13117.patch | 33 ++
.../libxslt/files/CVE-2019-13118.patch | 76 +++++
.../libxslt/libxslt/CVE-2019-11068.patch | 128 ++++++++
meta/recipes-support/libxslt/libxslt_1.1.32.bb | 5 +-
52 files changed, 3059 insertions(+), 225 deletions(-)
delete mode 100644 meta/recipes-connectivity/bind/bind/CVE-2018-5740.patch
rename meta/recipes-connectivity/bind/{bind_9.11.4.bb => bind_9.11.5-P4.bb} (95%)
create mode 100644 meta/recipes-connectivity/dhcp/dhcp/0001-master-Added-includes-of-new-BIND9-compatibility-hea.patch
delete mode 100644 meta/recipes-connectivity/dhcp/dhcp/0008-tweak-to-support-external-bind.patch
create mode 100644 meta/recipes-core/dbus/dbus/CVE-2019-12749.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2019-13012.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2018-1000876.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2018-20623.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2018-20651.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2018-20671.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2019-12972.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2019-14444.patch
create mode 100644 meta/recipes-devtools/gcc/gcc-8.2/CVE-2019-14250.patch
create mode 100644 meta/recipes-devtools/libcomps/libcomps/CVE-2019-3817.patch
create mode 100644 meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-ed-style-patch.patch
create mode 100644 meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-multi-file-ed.patch
create mode 100644 meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch
create mode 100644 meta/recipes-devtools/patch/patch/CVE-2019-13636.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-30458-cve-2019-9740.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-35121-cve-2018-20852.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2018-14647.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2018-20406.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2018-20852.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2019-9636.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2019-9740.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0014-linux-user-fix-to-handle-variably-sized-SIOCGSTAMP-w.patch
create mode 100644 meta/recipes-graphics/pango/pango/CVE-2019-1010238.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2018-16890.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2019-3822.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2019-3823.patch
create mode 100644 meta/recipes-support/libxslt/files/CVE-2019-13117.patch
create mode 100644 meta/recipes-support/libxslt/files/CVE-2019-13118.patch
create mode 100644 meta/recipes-support/libxslt/libxslt/CVE-2019-11068.patch
--
2.7.4
next reply other threads:[~2019-10-07 15:11 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-07 15:10 Armin Kuster [this message]
2019-10-07 15:10 ` [thud 01/26] buildhistory: call a dependency parser only on actual dependency lists Armin Kuster
2019-10-07 15:10 ` [thud 02/26] patch: fix CVE-2019-13636 Armin Kuster
2019-10-07 15:10 ` [thud 03/26] python3: fix CVE-2019-9740 Armin Kuster
2019-10-07 15:10 ` [thud 04/26] curl: fix CVE-2018-16890 CVE-2019-3822 CVE-2019-3823 Armin Kuster
2019-10-07 15:10 ` [thud 05/26] dbus: fix CVE-2019-12749 Armin Kuster
2019-10-07 15:10 ` [thud 06/26] glib-2.0: fix CVE-2019-13012 Armin Kuster
2019-10-07 15:10 ` [thud 07/26] libcomps: fix CVE-2019-3817 Armin Kuster
2019-10-07 15:10 ` [thud 08/26] qemu: add a patch fixing the native build on newer kernels Armin Kuster
2019-10-07 15:10 ` [thud 09/26] gcc: Security fix for CVE-2019-14250 Armin Kuster
2019-10-07 15:10 ` [thud 10/26] binutils: Security fix for CVE-2019-14444 Armin Kuster
2019-10-07 15:10 ` [thud 11/26] binutils: Security fix for CVE-2019-12972 Armin Kuster
2019-10-07 15:10 ` [thud 12/26] bind: update to latest LTS 9.11.5 Armin Kuster
2019-10-07 15:10 ` [thud 13/26] bind: upgrade 9.11.5 -> 9.11.5-P4 Armin Kuster
2019-10-07 15:10 ` [thud 14/26] go: update to 1.11.13, minor updates Armin Kuster
2019-10-07 15:10 ` [thud 15/26] dhcp: fix issue with new bind changes Armin Kuster
2019-10-07 15:10 ` [thud 16/26] dhcp: drop lost patch Armin Kuster
2019-10-07 15:10 ` [thud 17/26] dhcp: Replace OE specific patch for compatibility with latest bind with upstream patch Armin Kuster
2019-10-07 15:10 ` [thud 18/26] binutils: Fix 4 CVEs Armin Kuster
2019-10-07 15:10 ` [thud 19/26] python: Fix 3 CVEs Armin Kuster
2019-10-07 15:10 ` [thud 20/26] python3: Fix CVEs Armin Kuster
2019-10-07 15:10 ` [thud 21/26] libxslt: Cve fix CVE-2019-11068 Armin Kuster
2019-10-07 15:10 ` [thud 22/26] libxslt: fix CVE-2019-13117 CVE-2019-13118 Armin Kuster
2019-10-07 15:11 ` [thud 23/26] patch: fix CVE-2019-13638 Armin Kuster
2019-10-07 15:11 ` [thud 24/26] patch: backport fixes Armin Kuster
2019-10-07 15:11 ` [thud 25/26] pango: fix CVE-2019-1010238 Armin Kuster
2019-10-07 15:11 ` [thud 26/26] linux-yocto/4.14: update to v4.14.143 Armin Kuster
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1570460789.git.akuster808@gmail.com \
--to=akuster808@gmail.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.