From: Armin Kuster <akuster808@gmail.com>
To: openembedded-core@lists.openembedded.org
Subject: [zeus 00/28] Patch review
Date: Fri, 25 Oct 2019 23:49:32 -0700 [thread overview]
Message-ID: <cover.1572072421.git.akuster808@gmail.com> (raw)
This is what has been backported from master or patches.
Comments by Monday.
The following changes since commit 59938780e7e776d87146002ea939b185f8704408:
build-appliance-image: Update to master head revision (2019-10-09 22:28:44 +0100)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/zeus-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/zeus-next
Alexander Kanavin (1):
runqemu: unset another environment variable for 'egl-headless'
André Draszik (1):
connman: mark connman-wait-online as SYSTEMD_PACKAGE
Changqing Li (3):
qemu: Fix CVE-2019-12068
python: Fix CVE-2019-10160
sudo: fix CVE-2019-14287
Chee Yang Lee (1):
wic/engine: use 'linux-swap' for swap file system
Chen Qi (3):
python: CVE-2019-16056
python3: CVE-2019-16056
go: fix CVE-2019-16276
Douglas Royds via Openembedded-core (1):
icecc: Export ICECC_CC and friends via wrapper-script
Eugene Smirnov (1):
wic/rawcopy: Support files in sub-directories
George McCollister (1):
openssl: make OPENSSL_ENGINES match install path
Hongxu Jia (1):
openssh: fix CVE-2019-16905
Joerg Vehlow (1):
runqemu: Remove disabling of high resolution timer
Liwei Song (1):
util-linux: fix PKNAME name is NULL when use lsblk [LIN1019-2963]
Michael Ho (1):
cmake.bbclass: add HOSTTOOLS_DIR to CMAKE_FIND_ROOT_PATH
Qi.Chen@windriver.com (1):
sqlite3: fix CVE-2019-16168
Ricardo Ribalda Delgado (1):
i2c-tools: Add missing RDEPEND
Ross Burton (3):
sanity: check the format of SDK_VENDOR
file: explicitly disable seccomp
python3: -dev should depend on distutils
Stefan Agner (1):
uninative: check .done file instead of tarball
Tom Benn (1):
dbus: update dbus-1.init to reflect new PID file
Trevor Gamblin (2):
aspell: fix CVE-2019-17544
ncurses: fix CVE-2019-17594, CVE-2019-17595
Wenlin Kang (1):
sysstat: fix CVE-2019-16167
Yi Zhao (2):
libsdl2: fix CVE-2019-13616
libgcrypt: fix CVE-2019-12904
meta/classes/cmake.bbclass | 3 +-
meta/classes/icecc.bbclass | 32 +-
meta/classes/sanity.bbclass | 5 +
meta/classes/uninative.bbclass | 2 +-
meta/recipes-connectivity/connman/connman.inc | 2 +-
...x-integer-overflow-in-XMSS-private-key-pa.patch | 40 +++
meta/recipes-connectivity/openssh/openssh_8.0p1.bb | 1 +
.../recipes-connectivity/openssl/openssl_1.1.1d.bb | 2 +-
meta/recipes-core/dbus/dbus/dbus-1.init | 4 +-
...rses-selective-backport-of-20191012-patch.patch | 169 +++++++++++
meta/recipes-core/ncurses/ncurses_6.1+20190803.bb | 1 +
...lsblk-force-to-print-PKNAME-for-partition.patch | 36 +++
meta/recipes-core/util-linux/util-linux_2.34.bb | 1 +
meta/recipes-devtools/file/file_5.37.bb | 2 +
meta/recipes-devtools/go/go-1.12.inc | 1 +
...nch.go1.12-security-net-textproto-don-t-n.patch | 163 ++++++++++
meta/recipes-devtools/i2c-tools/i2c-tools_4.1.bb | 1 +
...55-Dont-parse-domains-containing-GH-13079.patch | 90 ++++++
.../python/python/bpo-36742-cve-2019-10160.patch | 81 +++++
...55-Dont-parse-domains-containing-GH-13079.patch | 132 ++++++++
.../python/python3/python3-manifest.json | 3 +-
meta/recipes-devtools/python/python3_3.7.4.bb | 1 +
meta/recipes-devtools/python/python_2.7.16.bb | 2 +
meta/recipes-devtools/qemu/qemu.inc | 1 +
.../qemu/qemu/CVE-2019-12068.patch | 108 +++++++
.../sudo/sudo/CVE-2019-14287-1.patch | 178 +++++++++++
.../sudo/sudo/CVE-2019-14287-2.patch | 112 +++++++
meta/recipes-extended/sudo/sudo_1.8.27.bb | 2 +
...ory-corruption-bug-due-to-Integer-Overflo.patch | 46 +++
meta/recipes-extended/sysstat/sysstat_12.1.6.bb | 4 +-
...538-validate-image-size-when-loading-BMP-.patch | 34 +++
meta/recipes-graphics/libsdl2/libsdl2_2.0.10.bb | 1 +
.../0001-Fix-various-bugs-found-by-OSS-Fuze.patch | 56 ++++
meta/recipes-support/aspell/aspell_0.60.7.bb | 4 +-
.../files/0001-Prefetch-GCM-look-up-tables.patch | 90 ++++++
...ok-up-tables-to-.data-section-and-unshare.patch | 332 +++++++++++++++++++++
...ok-up-table-to-.data-section-and-unshare-.patch | 178 +++++++++++
meta/recipes-support/libgcrypt/libgcrypt_1.8.4.bb | 3 +
.../sqlite/files/0001-Fix-CVE-2019-16168.patch | 40 +++
meta/recipes-support/sqlite/sqlite3_3.29.0.bb | 3 +-
scripts/lib/wic/engine.py | 2 +-
scripts/lib/wic/plugins/source/rawcopy.py | 3 +
scripts/runqemu | 5 +-
43 files changed, 1951 insertions(+), 25 deletions(-)
create mode 100644 meta/recipes-connectivity/openssh/openssh/0001-upstream-fix-integer-overflow-in-XMSS-private-key-pa.patch
create mode 100644 meta/recipes-core/ncurses/files/0001-ncurses-selective-backport-of-20191012-patch.patch
create mode 100644 meta/recipes-core/util-linux/util-linux/0001-lsblk-force-to-print-PKNAME-for-partition.patch
create mode 100644 meta/recipes-devtools/go/go-1.12/0001-release-branch.go1.12-security-net-textproto-don-t-n.patch
create mode 100644 meta/recipes-devtools/python/python/0001-2.7-bpo-34155-Dont-parse-domains-containing-GH-13079.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-36742-cve-2019-10160.patch
create mode 100644 meta/recipes-devtools/python/python3/0001-bpo-34155-Dont-parse-domains-containing-GH-13079.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2019-12068.patch
create mode 100644 meta/recipes-extended/sudo/sudo/CVE-2019-14287-1.patch
create mode 100644 meta/recipes-extended/sudo/sudo/CVE-2019-14287-2.patch
create mode 100644 meta/recipes-extended/sysstat/sysstat/0001-Fix-232-Memory-corruption-bug-due-to-Integer-Overflo.patch
create mode 100644 meta/recipes-graphics/libsdl2/libsdl2/0001-Fixed-bug-4538-validate-image-size-when-loading-BMP-.patch
create mode 100644 meta/recipes-support/aspell/aspell/0001-Fix-various-bugs-found-by-OSS-Fuze.patch
create mode 100644 meta/recipes-support/libgcrypt/files/0001-Prefetch-GCM-look-up-tables.patch
create mode 100644 meta/recipes-support/libgcrypt/files/0002-AES-move-look-up-tables-to-.data-section-and-unshare.patch
create mode 100644 meta/recipes-support/libgcrypt/files/0003-GCM-move-look-up-table-to-.data-section-and-unshare-.patch
create mode 100644 meta/recipes-support/sqlite/files/0001-Fix-CVE-2019-16168.patch
--
2.7.4
next reply other threads:[~2019-10-26 6:50 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-26 6:49 Armin Kuster [this message]
2019-10-26 6:49 ` [zeus 01/28] sqlite3: fix CVE-2019-16168 Armin Kuster
2019-10-26 6:49 ` [zeus 02/28] aspell: fix CVE-2019-17544 Armin Kuster
2019-10-26 6:49 ` [zeus 03/28] python: CVE-2019-16056 Armin Kuster
2019-10-26 6:49 ` [zeus 04/28] python3: CVE-2019-16056 Armin Kuster
2019-10-26 6:49 ` [zeus 05/28] runqemu: unset another environment variable for 'egl-headless' Armin Kuster
2019-10-26 6:49 ` [zeus 06/28] runqemu: Remove disabling of high resolution timer Armin Kuster
2019-10-26 6:49 ` [zeus 07/28] ncurses: fix CVE-2019-17594, CVE-2019-17595 Armin Kuster
2019-10-26 6:49 ` [zeus 08/28] sysstat: fix CVE-2019-16167 Armin Kuster
2019-10-26 6:49 ` [zeus 09/28] libsdl2: fix CVE-2019-13616 Armin Kuster
2019-10-26 6:49 ` [zeus 10/28] sanity: check the format of SDK_VENDOR Armin Kuster
2019-10-26 6:49 ` [zeus 11/28] uninative: check .done file instead of tarball Armin Kuster
2019-10-26 6:49 ` [zeus 12/28] openssh: fix CVE-2019-16905 Armin Kuster
2019-10-26 6:49 ` [zeus 13/28] wic/rawcopy: Support files in sub-directories Armin Kuster
2019-10-26 6:49 ` [zeus 14/28] file: explicitly disable seccomp Armin Kuster
2019-10-26 6:49 ` [zeus 15/28] i2c-tools: Add missing RDEPEND Armin Kuster
2019-10-26 6:49 ` [zeus 16/28] python3: -dev should depend on distutils Armin Kuster
2019-10-26 6:49 ` [zeus 17/28] qemu: Fix CVE-2019-12068 Armin Kuster
2019-10-26 6:49 ` [zeus 18/28] cmake.bbclass: add HOSTTOOLS_DIR to CMAKE_FIND_ROOT_PATH Armin Kuster
2019-10-29 8:18 ` Richard Purdie
2019-10-29 20:31 ` Khem Raj
2019-10-30 4:29 ` akuster808
2019-10-30 6:02 ` Richard Purdie
2019-10-26 6:49 ` [zeus 19/28] openssl: make OPENSSL_ENGINES match install path Armin Kuster
2019-10-26 6:49 ` [zeus 20/28] icecc: Export ICECC_CC and friends via wrapper-script Armin Kuster
2019-10-26 6:49 ` [zeus 21/28] python: Fix CVE-2019-10160 Armin Kuster
2019-10-26 6:49 ` [zeus 22/28] libgcrypt: fix CVE-2019-12904 Armin Kuster
2019-10-26 6:49 ` [zeus 23/28] dbus: update dbus-1.init to reflect new PID file Armin Kuster
2019-10-26 6:49 ` [zeus 24/28] sudo: fix CVE-2019-14287 Armin Kuster
2019-10-26 6:49 ` [zeus 25/28] go: fix CVE-2019-16276 Armin Kuster
2019-10-31 11:49 ` Martin Jansa
2019-10-31 11:57 ` Martin Jansa
2019-10-26 6:49 ` [zeus 26/28] util-linux: fix PKNAME name is NULL when use lsblk [LIN1019-2963] Armin Kuster
2019-10-26 6:49 ` [zeus 27/28] wic/engine: use 'linux-swap' for swap file system Armin Kuster
2019-10-26 6:50 ` [zeus 28/28] connman: mark connman-wait-online as SYSTEMD_PACKAGE Armin Kuster
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1572072421.git.akuster808@gmail.com \
--to=akuster808@gmail.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.