From: "Steve Sakoman" <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 00/24] Patch review
Date: Mon, 14 Sep 2020 04:11:18 -1000 [thread overview]
Message-ID: <cover.1600092418.git.steve@sakoman.com> (raw)
Please review this next set of patches for dunfell and have comments back
by end of day Wednesday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/1381
The following changes since commit 210ebed1e9c2285d6e457bf03d1f1a1f3ddc7fda:
package: get_package_mapping: avoid dependency mapping if renamed package provides original name (2020-09-04 04:31:45 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
Adrian Freihofer (1):
oe-publish-sdk: fix layers init via ssh
Chris Laplante (4):
cve-update-db-native: add progress handler
cve-check/cve-update-db-native: use lockfile to fix usage under
multiconfig
cve-update-db-native: use context manager for cve_f
cve-check: avoid FileNotFoundError if no do_cve_check task has run
Khem Raj (2):
uninative: Upgrade to 2.9
rpcbind: Use update-alternatives for rpcinfo
Lee Chee Yang (3):
xserver-xorg: fix CVE-2020-14347
qemu: fix CVE-2020-14364 CVE-2020-14415
libx11 : fix CVE-2020-14344
Matt Madison (1):
image.bbclass: fix REPRODUCIBLE_TIMESTAMP_ROOTFS reference
Oleksandr Kravchuk (1):
ell: update to 0.33
Ovidiu Panait (1):
libxml2: Fix CVE-2020-24977
Rahul Kumar (1):
systemd-serialgetty: Fix sed expression quoting
Richard Purdie (3):
runqemu: Add a hook to allow it to renice
selftest/signing: Ensure build path relocation is safe
oeqa/concurrencytest: Improve builddir path manipulations
Ross Burton (5):
gdk-pixbuf: add tests PACKAGECONFIG
insane: only load real files as ELF
autoconf: consolidate DEPENDS
curl: add vendors to CVE_PRODUCT to exclude false positives
cmake: whitelist CVE-2016-10642
Zhixiong Chi (1):
gnutls: CVE-2020-24659
akuster (1):
cve-check.bbclass: always save cve report
meta/classes/cve-check.bbclass | 34 ++
meta/classes/image.bbclass | 2 +-
meta/classes/insane.bbclass | 13 +-
meta/conf/distro/include/yocto-uninative.inc | 10 +-
meta/lib/oeqa/selftest/cases/signing.py | 4 +-
meta/lib/oeqa/selftest/context.py | 4 +-
.../ell/{ell_0.32.bb => ell_0.33.bb} | 2 +-
.../libxml/libxml2/CVE-2020-24977.patch | 41 +++
meta/recipes-core/libxml/libxml2_2.9.10.bb | 1 +
.../recipes-core/meta/cve-update-db-native.bb | 96 +++---
.../systemd/systemd-serialgetty.bb | 2 +-
meta/recipes-devtools/autoconf/autoconf.inc | 5 +-
meta/recipes-devtools/cmake/cmake.inc | 4 +
meta/recipes-devtools/qemu/qemu.inc | 2 +
.../qemu/qemu/CVE-2020-14364.patch | 93 +++++
.../qemu/qemu/CVE-2020-14415.patch | 37 ++
.../recipes-extended/rpcbind/rpcbind_1.2.5.bb | 5 +-
.../gdk-pixbuf/gdk-pixbuf_2.40.0.bb | 8 +-
.../xorg-lib/libx11/CVE-2020-14344.patch | 321 ++++++++++++++++++
.../recipes-graphics/xorg-lib/libx11_1.6.9.bb | 4 +-
.../xserver-xorg/CVE-2020-14347.patch | 38 +++
.../xorg-xserver/xserver-xorg_1.20.8.bb | 1 +
meta/recipes-support/curl/curl_7.69.1.bb | 4 +-
.../gnutls/gnutls/CVE-2020-24659.patch | 117 +++++++
meta/recipes-support/gnutls/gnutls_3.6.14.bb | 1 +
scripts/oe-publish-sdk | 2 +-
scripts/runqemu | 5 +
27 files changed, 782 insertions(+), 74 deletions(-)
rename meta/recipes-core/ell/{ell_0.32.bb => ell_0.33.bb} (89%)
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2020-24977.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-14364.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-14415.patch
create mode 100644 meta/recipes-graphics/xorg-lib/libx11/CVE-2020-14344.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14347.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2020-24659.patch
--
2.17.1
next reply other threads:[~2020-09-14 14:12 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-14 14:11 Steve Sakoman [this message]
2020-09-14 14:11 ` [OE-core][dunfell 01/24] uninative: Upgrade to 2.9 Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 02/24] xserver-xorg: fix CVE-2020-14347 Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 03/24] qemu: fix CVE-2020-14364 CVE-2020-14415 Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 04/24] libx11 : fix CVE-2020-14344 Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 05/24] rpcbind: Use update-alternatives for rpcinfo Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 06/24] gdk-pixbuf: add tests PACKAGECONFIG Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 07/24] insane: only load real files as ELF Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 08/24] autoconf: consolidate DEPENDS Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 09/24] runqemu: Add a hook to allow it to renice Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 10/24] image.bbclass: fix REPRODUCIBLE_TIMESTAMP_ROOTFS reference Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 11/24] oe-publish-sdk: fix layers init via ssh Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 12/24] systemd-serialgetty: Fix sed expression quoting Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 13/24] selftest/signing: Ensure build path relocation is safe Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 14/24] oeqa/concurrencytest: Improve builddir path manipulations Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 15/24] gnutls: CVE-2020-24659 Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 16/24] ell: update to 0.33 Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 17/24] curl: add vendors to CVE_PRODUCT to exclude false positives Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 18/24] cmake: whitelist CVE-2016-10642 Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 19/24] libxml2: Fix CVE-2020-24977 Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 20/24] cve-check.bbclass: always save cve report Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 21/24] cve-update-db-native: add progress handler Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 22/24] cve-check/cve-update-db-native: use lockfile to fix usage under multiconfig Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 23/24] cve-update-db-native: use context manager for cve_f Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 24/24] cve-check: avoid FileNotFoundError if no do_cve_check task has run Steve Sakoman
[not found] ` <1634ABE18B3346A2.7642@lists.openembedded.org>
2020-09-14 14:24 ` [OE-core][dunfell 12/24] systemd-serialgetty: Fix sed expression quoting Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1600092418.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.