From: "Anuj Mittal" <anuj.mittal@intel.com>
To: openembedded-core@lists.openembedded.org
Subject: [zeus][PATCH 00/11] zeus review request
Date: Wed, 9 Sep 2020 16:11:02 +0800 [thread overview]
Message-ID: <cover.1599638315.git.anuj.mittal@intel.com> (raw)
A set of CVE fixes for zeus. Please review.
I have rebased these on top of current zeus-next and have run the entire
set through autobuilder using the contrib/rpurdie/zeus helper branch.
There's one failure while compiling acl (for reproducibility
test) which probably happened because of memory availability and is
unrelated:
| make: *** read jobs pipe: Resource temporarily unavailable. Stop.
https://autobuilder.yoctoproject.org/typhoon/#/builders/79/builds/1358/steps/8/logs/step2d
Thanks,
Anuj
The following changes since commit 1c367349b733e931369944c362b357f92621f07b:
oeqa/runtime_test: Disable test_testimage_virgl_gtk (2020-09-08 14:34:18 +0100)
are available in the Git repository at:
git://push.openembedded.org/openembedded-core-contrib anujm/zeus
Li Wang (3):
qemu: CVE-2020-16092
qemu : fix CVE-2020-15863
qemu: CVE-2020-14364
Li Zhou (5):
xserver-xorg: Security Advisory - xserver-xorg - CVE-2020-14347
bind: Security Advisory - bind - CVE-2020-8622
bind: Security Advisory - bind - CVE-2020-8623
bind: Security Advisory - bind - CVE-2020-8624
go: Security Advisory - go - CVE-2020-24553
Stefan Ghinea (1):
qemu: CVE-2020-10756
Zhixiong Chi (2):
go: CVE-2020-16845
gnutls: CVE-2020-24659
.../bind/bind/CVE-2020-8622.patch | 60 +++
.../bind/bind/CVE-2020-8623.patch | 402 ++++++++++++++++
.../bind/bind/CVE-2020-8624.patch | 33 ++
.../recipes-connectivity/bind/bind_9.11.19.bb | 3 +
meta/recipes-devtools/go/go-1.12.inc | 3 +
...i-rename-a-test-file-to-be-less-cute.patch | 28 ++
.../go/go-1.12/CVE-2020-16845.patch | 110 +++++
.../go/go-1.12/CVE-2020-24553.patch | 429 ++++++++++++++++++
meta/recipes-devtools/qemu/qemu.inc | 4 +
.../qemu/qemu/CVE-2020-10756.patch | 40 ++
.../qemu/qemu/CVE-2020-14364.patch | 93 ++++
.../qemu/qemu/CVE-2020-15863.patch | 64 +++
.../qemu/qemu/CVE-2020-16092.patch | 49 ++
.../xserver-xorg/CVE-2020-14347.patch | 37 ++
.../xorg-xserver/xserver-xorg_1.20.5.bb | 1 +
.../gnutls/gnutls/CVE-2020-24659.patch | 117 +++++
meta/recipes-support/gnutls/gnutls_3.6.13.bb | 1 +
17 files changed, 1474 insertions(+)
create mode 100644 meta/recipes-connectivity/bind/bind/CVE-2020-8622.patch
create mode 100644 meta/recipes-connectivity/bind/bind/CVE-2020-8623.patch
create mode 100644 meta/recipes-connectivity/bind/bind/CVE-2020-8624.patch
create mode 100644 meta/recipes-devtools/go/go-1.12/0001-net-http-cgi-rename-a-test-file-to-be-less-cute.patch
create mode 100644 meta/recipes-devtools/go/go-1.12/CVE-2020-16845.patch
create mode 100644 meta/recipes-devtools/go/go-1.12/CVE-2020-24553.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-10756.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-14364.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-15863.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-16092.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14347.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2020-24659.patch
--
2.26.2
next reply other threads:[~2020-09-09 8:11 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-09 8:11 Anuj Mittal [this message]
2020-09-09 8:11 ` [zeus][PATCH 01/11] xserver-xorg: Security Advisory - xserver-xorg - CVE-2020-14347 Anuj Mittal
2020-09-09 8:11 ` [zeus][PATCH 02/11] qemu: CVE-2020-16092 Anuj Mittal
2020-09-09 8:11 ` [zeus][PATCH 03/11] go: CVE-2020-16845 Anuj Mittal
2020-09-09 8:11 ` [zeus][PATCH 04/11] qemu: CVE-2020-10756 Anuj Mittal
2020-09-09 8:11 ` [zeus][PATCH 05/11] qemu : fix CVE-2020-15863 Anuj Mittal
2020-09-09 8:11 ` [zeus][PATCH 06/11] bind: Security Advisory - bind - CVE-2020-8622 Anuj Mittal
2020-09-09 8:11 ` [zeus][PATCH 07/11] bind: Security Advisory - bind - CVE-2020-8623 Anuj Mittal
2020-09-09 8:11 ` [zeus][PATCH 08/11] bind: Security Advisory - bind - CVE-2020-8624 Anuj Mittal
2020-09-09 8:11 ` [zeus][PATCH 09/11] qemu: CVE-2020-14364 Anuj Mittal
2020-09-09 8:11 ` [zeus][PATCH 10/11] go: Security Advisory - go - CVE-2020-24553 Anuj Mittal
2020-09-09 8:11 ` [zeus][PATCH 11/11] gnutls: CVE-2020-24659 Anuj Mittal
2020-09-09 8:47 ` [OE-core] [zeus][PATCH 00/11] zeus review request Richard Purdie
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1599638315.git.anuj.mittal@intel.com \
--to=anuj.mittal@intel.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.