From: "Steve Sakoman" <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 00/35] Patch review
Date: Mon, 17 May 2021 04:13:06 -1000 [thread overview]
Message-ID: <cover.1621260695.git.steve@sakoman.com> (raw)
Please review this next set of patches for dunfell and have comments back by
end of day Wednesday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/2158
The following changes since commit 55dc503f4ab33e2aa51a3a6e4003131e0b9355ff:
reproducible.py: add quilt-ptest and valgrind-ptest (2021-05-13 22:10:01 +0100)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
Alexander Kanavin (1):
linux-firmware: upgrade 20210208 -> 20210315
Anuj Mittal (1):
lsb-release: fix reproducibility failure
Bruce Ashfield (1):
linux-yocto/5.4: qemuppc32: reduce serial shutdown issues
Chen Qi (1):
db: update CVE_PRODUCT
Lee Chee Yang (4):
subversion: fix CVE-2020-17525
qemu: fix CVE-2021-3392
tiff: fix CVE-2020-35523 CVE-2020-35524
python3-jinja2: 2.11.2 -> 2.11.3
Richard Purdie (19):
glibc: Document and whitelist CVE-2019-1010022-25
qemu: Exclude CVE-2017-5957 from cve-check
qemu: Exclude CVE-2007-0998 from cve-check
qemu: Exclude CVE-2018-18438 from cve-check
jquery: Exclude CVE-2007-2379 from cve-check
logrotate: Exclude CVE-2011-1548,1549,1550 from cve-check
openssh: Exclude CVE-2007-2768 from cve-check
openssh: Exclude CVE-2008-3844 from cve-check
unzip: Exclude CVE-2008-0888 from cve-check
cpio: Exclude CVE-2010-4226 from cve-check
ghostscript: Exclude CVE-2013-6629 from cve-check
bluez: Exclude CVE-2020-12352 CVE-2020-24490 from cve-check
tiff: Exclude CVE-2015-7313 from cve-check
coreutils: Exclude CVE-2016-2781 from cve-check
librsvg: Exclude CVE-2018-1000041 from cve-check
avahi: Exclude CVE-2021-26720 from cve-check
oeqa/qemurunner: Improve logging thread exit handling for qemu
shutdown test
oeqa/qemurunner: Fix binary vs str issue
oeqa/qemurunner: Improve handling of run_serial for shutdown commands
Robert P. J. Day (2):
image.bbclass: fix comment "pacackages" -> "packages"
meta/lib/oe/rootfs.py: Fix typo "Restoreing" -> "Restoring"
Romain Naour (1):
dejagnu: needs expect at runtime
Ross Burton (3):
cairo: backport patch for CVE-2020-35492
libnotify: whitelist CVE-2013-7381 (specific to the NodeJS bindings)
builder: whitelist CVE-2008-4178 (a different builder)
Ulrich Ölmann (1):
local.conf.sample: fix typo
Yann Dirson (1):
linux-firmware: include all relevant files in -bcm4356
meta/classes/image.bbclass | 2 +-
meta/conf/local.conf.sample | 2 +-
meta/lib/oe/rootfs.py | 2 +-
meta/lib/oeqa/selftest/cases/runqemu.py | 9 +-
meta/lib/oeqa/utils/qemurunner.py | 21 +++-
meta/recipes-connectivity/avahi/avahi_0.7.bb | 3 +
.../bluez5/bluez5_5.55.bb | 3 +
.../openssh/openssh_8.2p1.bb | 6 +
meta/recipes-core/coreutils/coreutils_8.31.bb | 4 +
meta/recipes-core/glibc/glibc_2.31.bb | 13 ++
.../recipes-devtools/dejagnu/dejagnu_1.6.2.bb | 1 +
meta/recipes-devtools/jquery/jquery_3.5.0.bb | 5 +
...ja2_2.11.2.bb => python3-jinja2_2.11.3.bb} | 2 +-
meta/recipes-devtools/qemu/qemu.inc | 12 ++
.../qemu/qemu/CVE-2021-3392.patch | 92 ++++++++++++++
.../subversion/CVE-2020-17525.patch | 117 ++++++++++++++++++
.../subversion/subversion_1.13.0.bb | 1 +
meta/recipes-extended/cpio/cpio_2.13.bb | 3 +
.../ghostscript/ghostscript_9.52.bb | 4 +
.../logrotate/logrotate_3.15.1.bb | 3 +
.../help2man-reproducibility.patch | 27 ++++
meta/recipes-extended/lsb/lsb-release_1.4.bb | 1 +
meta/recipes-extended/unzip/unzip_6.0.bb | 3 +
.../libnotify/libnotify_0.7.8.bb | 3 +
meta/recipes-gnome/librsvg/librsvg_2.40.21.bb | 3 +
meta/recipes-graphics/builder/builder_0.1.bb | 2 +
.../cairo/cairo/CVE-2020-35492.patch | 60 +++++++++
meta/recipes-graphics/cairo/cairo_1.16.0.bb | 1 +
...20210208.bb => linux-firmware_20210315.bb} | 8 +-
.../linux/linux-yocto-rt_5.4.bb | 2 +-
.../linux/linux-yocto-tiny_5.4.bb | 2 +-
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 2 +-
.../libtiff/files/CVE-2020-35523.patch | 55 ++++++++
.../libtiff/files/CVE-2020-35524-1.patch | 42 +++++++
.../libtiff/files/CVE-2020-35524-2.patch | 36 ++++++
meta/recipes-multimedia/libtiff/tiff_4.1.0.bb | 7 ++
meta/recipes-support/db/db_5.3.28.bb | 2 +-
37 files changed, 541 insertions(+), 20 deletions(-)
rename meta/recipes-devtools/python/{python3-jinja2_2.11.2.bb => python3-jinja2_2.11.3.bb} (92%)
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3392.patch
create mode 100644 meta/recipes-devtools/subversion/subversion/CVE-2020-17525.patch
create mode 100644 meta/recipes-extended/lsb/lsb-release/help2man-reproducibility.patch
create mode 100644 meta/recipes-graphics/cairo/cairo/CVE-2020-35492.patch
rename meta/recipes-kernel/linux-firmware/{linux-firmware_20210208.bb => linux-firmware_20210315.bb} (99%)
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2020-35523.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2020-35524-1.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2020-35524-2.patch
--
2.25.1
next reply other threads:[~2021-05-17 14:13 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-17 14:13 Steve Sakoman [this message]
2021-05-17 14:13 ` [OE-core][dunfell 01/35] subversion: fix CVE-2020-17525 Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 02/35] qemu: fix CVE-2021-3392 Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 03/35] tiff: fix CVE-2020-35523 CVE-2020-35524 Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 04/35] python3-jinja2: 2.11.2 -> 2.11.3 Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 05/35] glibc: Document and whitelist CVE-2019-1010022-25 Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 06/35] cairo: backport patch for CVE-2020-35492 Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 07/35] libnotify: whitelist CVE-2013-7381 (specific to the NodeJS bindings) Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 08/35] builder: whitelist CVE-2008-4178 (a different builder) Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 09/35] qemu: Exclude CVE-2017-5957 from cve-check Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 10/35] qemu: Exclude CVE-2007-0998 " Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 11/35] qemu: Exclude CVE-2018-18438 " Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 12/35] jquery: Exclude CVE-2007-2379 " Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 13/35] logrotate: Exclude CVE-2011-1548,1549,1550 " Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 14/35] openssh: Exclude CVE-2007-2768 " Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 15/35] openssh: Exclude CVE-2008-3844 " Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 16/35] unzip: Exclude CVE-2008-0888 " Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 17/35] cpio: Exclude CVE-2010-4226 " Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 18/35] ghostscript: Exclude CVE-2013-6629 " Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 19/35] bluez: Exclude CVE-2020-12352 CVE-2020-24490 " Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 20/35] tiff: Exclude CVE-2015-7313 " Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 21/35] coreutils: Exclude CVE-2016-2781 " Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 22/35] librsvg: Exclude CVE-2018-1000041 " Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 23/35] avahi: Exclude CVE-2021-26720 " Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 24/35] oeqa/qemurunner: Improve logging thread exit handling for qemu shutdown test Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 25/35] oeqa/qemurunner: Fix binary vs str issue Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 26/35] oeqa/qemurunner: Improve handling of run_serial for shutdown commands Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 27/35] lsb-release: fix reproducibility failure Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 28/35] db: update CVE_PRODUCT Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 29/35] linux-firmware: upgrade 20210208 -> 20210315 Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 30/35] linux-firmware: include all relevant files in -bcm4356 Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 31/35] linux-yocto/5.4: qemuppc32: reduce serial shutdown issues Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 32/35] dejagnu: needs expect at runtime Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 33/35] local.conf.sample: fix typo Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 34/35] image.bbclass: fix comment "pacackages" -> "packages" Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 35/35] meta/lib/oe/rootfs.py: Fix typo "Restoreing" -> "Restoring" Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1621260695.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.