[OE-core][dunfell 00/18] Patch review

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 00/18] Patch review
Date: Fri,  4 Mar 2022 05:04:08 -1000	[thread overview]
Message-ID: <cover.1646406001.git.steve@sakoman.com> (raw)

Please review this set of patches for dunfell and have comments back by end
of day Tuesday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3314

with the exception of a known autobuilder intermittent issue on qemumips64:

https://bugzilla.yoctoproject.org/show_bug.cgi?id=14029

which passed on subsequent retest:

https://autobuilder.yoctoproject.org/typhoon/#/builders/74/builds/4787

The following changes since commit 79ce9059f716546a7d6f4562ba194aedd90c22cd:

  grub: add a fix for a crash in scripts (2022-02-23 05:00:42 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Jose Quaresma (1):
  buildhistory.bbclass: create the buildhistory directory when needed

Marek Vasut (1):
  bootchart2: Add missing python3-math dependency

Michael Halstead (1):
  uninative: Upgrade to 3.5

Minjae Kim (2):
  go: fix CVE-2022-23806
  go: fix CVE-2022-23772

Nathan Rossi (1):
  cml1.bbclass: Handle ncurses-native being available via pkg-config

Richard Purdie (2):
  libxml-parser-perl: Add missing RDEPENDS
  uninative: Add version to uninative tarball name

Ross Burton (3):
  coreutils: remove obsolete ignored CVE list
  cve-check: get_cve_info should open the database read-only
  Revert "cve-check: add lockfile to task"

Steve Sakoman (5):
  expat: fix CVE-2022-25235
  expat: fix CVE-2022-25236
  expat: fix CVE-2022-25313
  expat: fix CVE-2022-25314
  expat: fix CVE-2022-25315

Virendra Thakur (1):
  libarchive: Fix for CVE-2021-36976

wangmy (1):
  wireless-regdb: upgrade 2021.08.28 -> 2022.02.18

 meta/classes/buildhistory.bbclass             |   1 +
 meta/classes/cml1.bbclass                     |   8 +
 meta/classes/cve-check.bbclass                |   4 +-
 meta/classes/uninative.bbclass                |   2 +-
 meta/conf/distro/include/yocto-uninative.inc  |  11 +-
 meta/recipes-core/coreutils/coreutils_8.31.bb |   3 -
 .../expat/expat/CVE-2022-25235.patch          | 283 +++++++++++++++
 .../expat/expat/CVE-2022-25236.patch          | 129 +++++++
 .../expat/CVE-2022-25313-regression.patch     | 131 +++++++
 .../expat/expat/CVE-2022-25313.patch          | 230 +++++++++++++
 .../expat/expat/CVE-2022-25314.patch          |  32 ++
 .../expat/expat/CVE-2022-25315.patch          | 145 ++++++++
 meta/recipes-core/expat/expat_2.2.9.bb        |   6 +
 .../bootchart2/bootchart2_0.14.9.bb           |   2 +-
 meta/recipes-devtools/go/go-1.14.inc          |   2 +
 .../go/go-1.14/CVE-2022-23772.patch           |  50 +++
 .../go/go-1.14/CVE-2022-23806.patch           | 142 ++++++++
 .../perl/libxml-parser-perl_2.46.bb           |   1 +
 .../libarchive/CVE-2021-36976-1.patch         | 321 ++++++++++++++++++
 .../libarchive/CVE-2021-36976-2.patch         | 121 +++++++
 .../libarchive/CVE-2021-36976-3.patch         |  93 +++++
 .../libarchive/libarchive_3.4.2.bb            |   6 +-
 ....08.28.bb => wireless-regdb_2022.02.18.bb} |   2 +-
 23 files changed, 1711 insertions(+), 14 deletions(-)
 create mode 100644 meta/recipes-core/expat/expat/CVE-2022-25235.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2022-25236.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2022-25313-regression.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2022-25313.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2022-25314.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2022-25315.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-23772.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-23806.patch
 create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2021-36976-1.patch
 create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2021-36976-2.patch
 create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2021-36976-3.patch
 rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2021.08.28.bb => wireless-regdb_2022.02.18.bb} (94%)

-- 
2.25.1

next             reply	other threads:[~2022-03-04 15:04 UTC|newest]

Thread overview: 24+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-03-04 15:04 Steve Sakoman [this message]
2022-03-04 15:04 ` [OE-core][dunfell 01/18] libarchive: Fix for CVE-2021-36976 Steve Sakoman
2022-03-04 15:04 ` [OE-core][dunfell 02/18] go: fix CVE-2022-23806 Steve Sakoman
2022-03-04 15:04 ` [OE-core][dunfell 03/18] go: fix CVE-2022-23772 Steve Sakoman
2022-03-04 15:04 ` [OE-core][dunfell 04/18] expat: fix CVE-2022-25235 Steve Sakoman
2022-03-04 15:04 ` [OE-core][dunfell 05/18] expat: fix CVE-2022-25236 Steve Sakoman
2022-03-04 15:04 ` [OE-core][dunfell 06/18] expat: fix CVE-2022-25313 Steve Sakoman
2022-03-04 15:04 ` [OE-core][dunfell 07/18] expat: fix CVE-2022-25314 Steve Sakoman
2022-03-04 15:04 ` [OE-core][dunfell 08/18] expat: fix CVE-2022-25315 Steve Sakoman
2022-03-04 15:04 ` [OE-core][dunfell 09/18] coreutils: remove obsolete ignored CVE list Steve Sakoman
2022-03-04 15:04 ` [OE-core][dunfell 10/18] cve-check: get_cve_info should open the database read-only Steve Sakoman
2022-03-04 15:04 ` [OE-core][dunfell 11/18] Revert "cve-check: add lockfile to task" Steve Sakoman
2022-03-04 15:04 ` [OE-core][dunfell 12/18] wireless-regdb: upgrade 2021.08.28 -> 2022.02.18 Steve Sakoman
2022-03-04 15:04 ` [OE-core][dunfell 13/18] bootchart2: Add missing python3-math dependency Steve Sakoman
2022-03-04 15:04 ` [OE-core][dunfell 14/18] cml1.bbclass: Handle ncurses-native being available via pkg-config Steve Sakoman
2022-03-04 15:04 ` [OE-core][dunfell 15/18] libxml-parser-perl: Add missing RDEPENDS Steve Sakoman
2022-03-04 15:04 ` [OE-core][dunfell 16/18] buildhistory.bbclass: create the buildhistory directory when needed Steve Sakoman
2022-03-04 15:04 ` [OE-core][dunfell 17/18] uninative: Add version to uninative tarball name Steve Sakoman
2022-03-04 15:04 ` [OE-core][dunfell 18/18] uninative: Upgrade to 3.5 Steve Sakoman
  -- strict thread matches above, loose matches on Subject: below --
2023-01-01 17:42 [OE-core][dunfell 00/18] Patch review Steve Sakoman
2021-12-03 18:18 Steve Sakoman
2020-11-13 14:52 Steve Sakoman
2020-09-07 17:01 Steve Sakoman
2020-07-27 15:09 Steve Sakoman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=cover.1646406001.git.steve@sakoman.com \
    --to=steve@sakoman.com \
    --cc=openembedded-core@lists.openembedded.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.