[OE-core][dunfell 00/11] Patch review

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 00/11] Patch review
Date: Sat, 16 Apr 2022 09:14:18 -1000	[thread overview]
Message-ID: <cover.1650131192.git.steve@sakoman.com> (raw)

Please review this set of patches for dunfell and have comments back by end
of day Tuesday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3537

with the exception of a known issue with meta-intel due to the zlib CVE fix, see:

https://lists.openembedded.org/g/openembedded-core/message/163793

The intent is to fix meta-intel after this patch set is merged to dunfell.

The following changes since commit aa762b7ca2417b80dd114a4ab263d69074912f82:

  tzdata: update to 2022a (2022-04-04 04:22:32 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Alexandre Belloni (1):
  pseudo: Fix handling of absolute links

Martin Jansa (1):
  license_image.bbclass: close package.manifest file

Peter Kjellerstedt (1):
  metadata_scm.bbclass: Use immediate expansion for the METADATA_*
    variables

Ralph Siemsen (3):
  gzip: fix CVE-2022-1271
  xz: fix CVE-2022-1271
  apt: add -fno-strict-aliasing to CXXFLAGS to fix SHA256 bug

Richard Purdie (4):
  vim: Upgrade 8.2.4524 -> 8.2.4681
  git: Ignore CVE-2022-24975
  pseudo: Add patch to workaround paths with crazy lengths
  libxshmfence: Correct LICENSE to HPND

Ross Burton (1):
  zlib: backport the fix for CVE-2018-25032

 .../recipeutils/recipeutils-test_1.2.bb       |   2 +-
 meta/classes/license_image.bbclass            |   4 +-
 meta/classes/metadata_scm.bbclass             |  10 +-
 .../zlib/zlib/CVE-2018-25032.patch            | 347 ++++++++++++++++++
 meta/recipes-core/zlib/zlib_1.2.11.bb         |   1 +
 meta/recipes-devtools/apt/apt.inc             |   4 +
 meta/recipes-devtools/git/git.inc             |   5 +
 meta/recipes-devtools/pseudo/pseudo_git.bb    |   2 +-
 .../gzip/gzip-1.10/CVE-2022-1271.patch        |  45 +++
 meta/recipes-extended/gzip/gzip_1.10.bb       |   1 +
 .../xz/xz/CVE-2022-1271.patch                 |  96 +++++
 meta/recipes-extended/xz/xz_5.2.4.bb          |   4 +-
 .../xorg-lib/libxshmfence_1.3.bb              |   2 +-
 meta/recipes-support/vim/vim.inc              |   6 +-
 14 files changed, 515 insertions(+), 14 deletions(-)
 create mode 100644 meta/recipes-core/zlib/zlib/CVE-2018-25032.patch
 create mode 100644 meta/recipes-extended/gzip/gzip-1.10/CVE-2022-1271.patch
 create mode 100644 meta/recipes-extended/xz/xz/CVE-2022-1271.patch

-- 
2.25.1

next             reply	other threads:[~2022-04-18 14:25 UTC|newest]

Thread overview: 25+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-04-16 19:14 Steve Sakoman [this message]
2022-04-16 19:14 ` [OE-core][dunfell 01/11] vim: Upgrade 8.2.4524 -> 8.2.4681 Steve Sakoman
2022-04-16 19:14 ` [OE-core][dunfell 02/11] gzip: fix CVE-2022-1271 Steve Sakoman
2022-04-16 19:14 ` [OE-core][dunfell 03/11] zlib: backport the fix for CVE-2018-25032 Steve Sakoman
2022-04-16 19:14 ` [OE-core][dunfell 04/11] xz: fix CVE-2022-1271 Steve Sakoman
2022-04-16 19:14 ` [OE-core][dunfell 05/11] git: Ignore CVE-2022-24975 Steve Sakoman
2022-05-17 11:09   ` [dunfell " Ranjitsinh Rathod
2022-05-17 14:11     ` [OE-core] " Steve Sakoman
2022-04-16 19:14 ` [OE-core][dunfell 06/11] pseudo: Add patch to workaround paths with crazy lengths Steve Sakoman
2022-04-16 19:14 ` [OE-core][dunfell 07/11] pseudo: Fix handling of absolute links Steve Sakoman
2022-04-16 19:14 ` [OE-core][dunfell 08/11] license_image.bbclass: close package.manifest file Steve Sakoman
2022-04-16 19:14 ` [OE-core][dunfell 09/11] apt: add -fno-strict-aliasing to CXXFLAGS to fix SHA256 bug Steve Sakoman
2022-04-16 19:14 ` [OE-core][dunfell 10/11] metadata_scm.bbclass: Use immediate expansion for the METADATA_* variables Steve Sakoman
2022-04-16 19:14 ` [OE-core][dunfell 11/11] libxshmfence: Correct LICENSE to HPND Steve Sakoman
  -- strict thread matches above, loose matches on Subject: below --
2023-12-06 13:55 [OE-core][dunfell 00/11] Patch review Steve Sakoman
2023-10-10 14:14 Steve Sakoman
2023-06-08  2:35 Steve Sakoman
2023-05-20 16:04 Steve Sakoman
2022-11-12 14:09 Steve Sakoman
2022-08-18 16:56 Steve Sakoman
2022-08-10 22:31 Steve Sakoman
2022-06-02  2:30 Steve Sakoman
2022-01-20 21:23 Steve Sakoman
2022-01-13 14:37 Steve Sakoman
2021-04-08 16:31 Steve Sakoman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=cover.1650131192.git.steve@sakoman.com \
    --to=steve@sakoman.com \
    --cc=openembedded-core@lists.openembedded.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.