From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 00/25] Pull request (cover letter only)
Date: Tue, 28 Sep 2021 13:24:05 -1000 [thread overview]
Message-ID: <cover.1632871368.git.steve@sakoman.com> (raw)
The following changes since commit c7d2281eb6cda9c1637c20b3540b142073bca235:
build-appliance-image: Update to dunfell head revision (2021-09-15 18:34:19 +0100)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
Alexander Kanavin (2):
wic: keep rootfs_size as integer
testimage: symlink the task log and qemu console log to tmp/log/oeqa
Armin Kuster (9):
libgcrypt: Security fix CVE-2021-33560
apr: Security fix for CVE-2021-35940
libsndfile: Security fix for CVE-2021-3246
qemu: Security fix CVE-2020-12829
qemu: Security fix for CVE-2020-27617
qemu: Security fix for CVE-2020-28916
nettle: Security fix for CVE-2021-3580
nettle: Security fix for CVE-2021-20305
tar: ignore node-tar CVEs
Bruce Ashfield (2):
linux-yocto/5.4: update to v5.4.143
linux-yocto/5.4: update to v5.4.144
Jon Mason (2):
Update mailing list address
core-image-sato: Fix runqemu error for qemuarmv5
Kai Kang (1):
squashfs-tools: fix CVE-2021-40153
Mike Crowe (1):
curl: Fix CVE-2021-22946 and CVE-2021-22947, whitelist CVE-2021-22945
Ranjitsinh Rathod (1):
rpm: Handle proper return value to avoid major issues
Richard Purdie (3):
vim: Backport fix for CVE-2021-3770
useradd: Ensure preinst data is expanded correctly in pkgdata
bash: Ensure deterministic build
Ross Burton (1):
libsoup-2.4: remove obsolete intltool dependency
Sakib Sajal (1):
qemu: fix CVE-2021-3682
Steve Sakoman (1):
connman: add CVE_PRODUCT
Visa Hankala (1):
iputils: Fix regression of arp table update
meta/classes/testimage.bbclass | 12 +-
meta/classes/useradd.bbclass | 4 +
meta/conf/distro/include/maintainers.inc | 2 +-
meta/recipes-connectivity/connman/connman.inc | 2 +
.../ldconfig-native-2.12.1/ldconfig.patch | 2 +-
meta/recipes-devtools/qemu/qemu.inc | 8 +
.../qemu/qemu/CVE-2020-12829_1.patch | 164 ++++++++
.../qemu/qemu/CVE-2020-12829_2.patch | 139 +++++++
.../qemu/qemu/CVE-2020-12829_3.patch | 47 +++
.../qemu/qemu/CVE-2020-12829_4.patch | 100 +++++
.../qemu/qemu/CVE-2020-12829_5.patch | 266 +++++++++++++
.../qemu/qemu/CVE-2020-27617.patch | 49 +++
.../qemu/qemu/CVE-2020-28916.patch | 48 +++
.../qemu/qemu/CVE-2021-3682.patch | 41 ++
...rict-virtual-memory-usage-if-limit-s.patch | 25 +-
.../squashfs-tools/files/CVE-2021-40153.patch | 253 +++++++++++++
.../squashfs-tools/squashfs-tools_git.bb | 1 +
meta/recipes-extended/bash/bash.inc | 5 +
...ng-make-update-neighbours-work-again.patch | 79 ++++
.../iputils/iputils_s20190709.bb | 1 +
meta/recipes-extended/tar/tar_1.32.bb | 1 +
.../linux/linux-yocto-rt_5.4.bb | 6 +-
.../linux/linux-yocto-tiny_5.4.bb | 8 +-
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +-
.../libsndfile1/CVE-2021-3246_1.patch | 36 ++
.../libsndfile1/CVE-2021-3246_2.patch | 44 +++
.../libsndfile/libsndfile1_1.0.28.bb | 2 +
meta/recipes-sato/images/core-image-sato.bb | 1 +
.../apr/apr/CVE-2021-35940.patch | 58 +++
meta/recipes-support/apr/apr_1.7.0.bb | 1 +
.../curl/curl/CVE-2021-22946-pre1.patch | 86 +++++
.../curl/curl/CVE-2021-22946.patch | 328 ++++++++++++++++
.../curl/curl/CVE-2021-22947.patch | 352 ++++++++++++++++++
meta/recipes-support/curl/curl_7.69.1.bb | 5 +-
.../libgcrypt/files/CVE-2021-33560.patch | 109 ++++++
.../libgcrypt/libgcrypt_1.8.5.bb | 1 +
.../libsoup/libsoup-2.4_2.68.4.bb | 2 +-
.../nettle-3.5.1/CVE-2021-20305-1.patch | 215 +++++++++++
.../nettle-3.5.1/CVE-2021-20305-2.patch | 53 +++
.../nettle-3.5.1/CVE-2021-20305-3.patch | 122 ++++++
.../nettle-3.5.1/CVE-2021-20305-4.patch | 48 +++
.../nettle-3.5.1/CVE-2021-20305-5.patch | 53 +++
.../nettle/nettle-3.5.1/CVE-2021-3580_1.patch | 277 ++++++++++++++
.../nettle/nettle-3.5.1/CVE-2021-3580_2.patch | 163 ++++++++
meta/recipes-support/nettle/nettle_3.5.1.bb | 7 +
...1e135a16091c93f6f5f7525a5c58fb7ca9f9.patch | 207 ++++++++++
meta/recipes-support/vim/vim.inc | 2 +
scripts/lib/wic/partition.py | 2 +-
48 files changed, 3423 insertions(+), 36 deletions(-)
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-12829_1.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-12829_2.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-12829_3.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-12829_4.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-12829_5.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-27617.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-28916.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3682.patch
create mode 100644 meta/recipes-devtools/squashfs-tools/files/CVE-2021-40153.patch
create mode 100644 meta/recipes-extended/iputils/iputils/0001-arping-make-update-neighbours-work-again.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-3246_1.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-3246_2.patch
create mode 100644 meta/recipes-support/apr/apr/CVE-2021-35940.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2021-22946-pre1.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2021-22946.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2021-22947.patch
create mode 100644 meta/recipes-support/libgcrypt/files/CVE-2021-33560.patch
create mode 100644 meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-1.patch
create mode 100644 meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-2.patch
create mode 100644 meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-3.patch
create mode 100644 meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-4.patch
create mode 100644 meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-5.patch
create mode 100644 meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-3580_1.patch
create mode 100644 meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-3580_2.patch
create mode 100644 meta/recipes-support/vim/files/b7081e135a16091c93f6f5f7525a5c58fb7ca9f9.patch
--
2.25.1
next reply other threads:[~2021-09-28 23:24 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-28 23:24 Steve Sakoman [this message]
-- strict thread matches above, loose matches on Subject: below --
2021-12-02 15:20 [OE-core][dunfell 00/25] Pull request (cover letter only) Steve Sakoman
2021-05-12 14:47 Steve Sakoman
2021-05-13 21:11 ` Richard Purdie
2021-05-14 17:20 ` Steve Sakoman
2020-12-31 14:20 Steve Sakoman
2021-01-01 11:57 ` Richard Purdie
2021-01-01 18:01 ` Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1632871368.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.