From: Anuj Mittal <anuj.mittal@intel.com>
To: openembedded-core@lists.openembedded.org
Subject: [honister][PATCH 00/21] Pull request
Date: Thu, 7 Apr 2022 14:43:19 +0800 [thread overview]
Message-ID: <cover.1649313725.git.anuj.mittal@intel.com> (raw)
The following changes since commit 47015d6bf767201708b7c7cd5dd06d541c284036:
toaster: Fix broken overrides usage (2022-04-05 16:41:27 +0100)
are available in the Git repository at:
git://push.openembedded.org/openembedded-core-contrib stable/honister-next
Bruce Ashfield (5):
linux-yocto: nohz_full boot arg fix
linux-yocto/5.10: split vtpm for more granular inclusion
linux-yocto/5.10: cfg/debug: add configs for kcsan
linux-yocto-rt/5.10: update to -rt61
linux-yocto/5.10: update to v5.10.107
Chee Yang Lee (1):
webkitgtk: update to 2.32.4
Joe Slater (1):
libxml2: fix CVE-2022-23308 regression
Michael Opdenacker (1):
conf/machine: fix QEMU x86 sound options
Minjae Kim (2):
gnu-config: update SRC_URI
virglrenderer: update SRC_URI
Peter Kjellerstedt (1):
oe-pkgdata-util: Adapt to the new variable override syntax
Ralph Siemsen (2):
libxml2: move to gitlab.gnome.org
libxml2: update to 2.9.13
Richard Purdie (2):
pseudo: Add patch to workaround paths with crazy lengths
sanity: Add warning for local hasheqiv server with remote sstate
mirrors
Ross Burton (5):
devupstream: fix handling of SRC_URI
tiff: backport CVE fixes:
grub: ignore CVE-2021-46705
oeqa/selftest/devtool: ensure Git username is set before upgrade tests
zlib: backport the fix for CVE-2018-25032
wangmy (1):
linux-firmware: upgrade 20220209 -> 20220310
meta/classes/devupstream.bbclass | 5 +-
meta/classes/qemuboot.bbclass | 2 +-
meta/classes/sanity.bbclass | 5 +
.../conf/machine/include/x86/qemuboot-x86.inc | 2 +-
meta/lib/oeqa/selftest/cases/devtool.py | 8 +
meta/recipes-bsp/grub/grub2.inc | 2 +
.../0002-Work-around-lxml-API-abuse.patch | 213 -----------
.../CVE-2022-23308-fix-regression.patch | 99 +++++
.../libxml2/libxml-m4-use-pkgconfig.patch | 16 +-
.../{libxml2_2.9.12.bb => libxml2_2.9.13.bb} | 15 +-
.../zlib/zlib/CVE-2018-25032.patch | 347 ++++++++++++++++++
meta/recipes-core/zlib/zlib_1.2.11.bb | 1 +
.../gnu-config/gnu-config_git.bb | 2 +-
meta/recipes-devtools/pseudo/pseudo_git.bb | 2 +-
.../virglrenderer/virglrenderer_0.9.1.bb | 2 +-
...20220209.bb => linux-firmware_20220310.bb} | 6 +-
.../linux/linux-yocto-rt_5.10.bb | 6 +-
.../linux/linux-yocto-tiny_5.10.bb | 8 +-
meta/recipes-kernel/linux/linux-yocto_5.10.bb | 24 +-
...rash-when-reading-a-file-with-multip.patch | 38 ++
...ue-380-and-382-heap-buffer-overflow-.patch | 218 +++++++++++
...-for-return-value-of-limitMalloc-392.patch | 93 +++++
...ag-avoid-calling-memcpy-with-a-null-.patch | 33 ++
.../0005-fix-the-FPE-in-tiffcrop-393.patch | 36 ++
...x-heap-buffer-overflow-in-tiffcp-278.patch | 57 +++
meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 9 +-
...1-Enable-THREADS_PREFER_PTHREAD_FLAG.patch | 2 +-
...ebkitgtk_2.32.3.bb => webkitgtk_2.32.4.bb} | 2 +-
scripts/oe-pkgdata-util | 2 +-
29 files changed, 993 insertions(+), 262 deletions(-)
delete mode 100644 meta/recipes-core/libxml/libxml2/0002-Work-around-lxml-API-abuse.patch
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2022-23308-fix-regression.patch
rename meta/recipes-core/libxml/{libxml2_2.9.12.bb => libxml2_2.9.13.bb} (92%)
create mode 100644 meta/recipes-core/zlib/zlib/CVE-2018-25032.patch
rename meta/recipes-kernel/linux-firmware/{linux-firmware_20220209.bb => linux-firmware_20220310.bb} (99%)
create mode 100644 meta/recipes-multimedia/libtiff/tiff/0001-tif_jbig.c-fix-crash-when-reading-a-file-with-multip.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/0002-tiffcrop-fix-issue-380-and-382-heap-buffer-overflow-.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/0003-add-checks-for-return-value-of-limitMalloc-392.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/0004-TIFFFetchNormalTag-avoid-calling-memcpy-with-a-null-.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/0005-fix-the-FPE-in-tiffcrop-393.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/0006-fix-heap-buffer-overflow-in-tiffcp-278.patch
rename meta/recipes-sato/webkit/{webkitgtk_2.32.3.bb => webkitgtk_2.32.4.bb} (98%)
--
2.35.1
reply other threads:[~2022-04-07 15:41 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1649313725.git.anuj.mittal@intel.com \
--to=anuj.mittal@intel.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.