* [OE-core][kirkstone 0/9] Pull request (cover letter only)
@ 2022-05-25 20:01 Steve Sakoman
0 siblings, 0 replies; 4+ messages in thread
From: Steve Sakoman @ 2022-05-25 20:01 UTC (permalink / raw)
To: openembedded-core
The following changes since commit ec9e9497730f0a9c8ad3d696c8cdcec06267aacf:
base-passwd: Disable shell for default users (2022-05-16 13:59:44 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/kirkstone-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-next
Alexander Kanavin (1):
mmc-utils: upgrade to latest revision
Claudius Heine (1):
classes: rootfs-postcommands: add skip option to overlayfs_qa_check
Marta Rybczynska (1):
cve-check: Fix report generation
Richard Purdie (2):
staging: Fix rare sysroot corruption issue
selftest/imagefeatures/overlayfs: Always append to DISTRO_FEATURES
Robert Joslyn (1):
curl: Backport CVE fixes
Samuli Piippo (1):
binutils: Bump to latest 2.38 release branch
Steve Sakoman (1):
python3: fix reproducibility issue with python3-core
wangmy (1):
librepo: upgrade 1.14.2 -> 1.14.3
meta/classes/cve-check.bbclass | 18 +-
meta/classes/rootfs-postcommands.bbclass | 10 +-
meta/classes/staging.bbclass | 24 +
meta/lib/oeqa/selftest/cases/imagefeatures.py | 2 +-
meta/lib/oeqa/selftest/cases/overlayfs.py | 36 +-
.../binutils/binutils-2.38.inc | 2 +-
.../{librepo_1.14.2.bb => librepo_1.14.3.bb} | 2 +-
meta/recipes-devtools/mmc/mmc-utils_git.bb | 2 +-
.../recipes-devtools/python/python3_3.10.4.bb | 5 +
.../curl/curl/CVE-2022-22576.patch | 145 ++++++
.../curl/curl/CVE-2022-27774-1.patch | 45 ++
.../curl/curl/CVE-2022-27774-2.patch | 80 +++
.../curl/curl/CVE-2022-27774-3.patch | 83 ++++
.../curl/curl/CVE-2022-27774-4.patch | 35 ++
.../curl/curl/CVE-2022-27775.patch | 37 ++
.../curl/curl/CVE-2022-27776.patch | 115 +++++
.../curl/curl/CVE-2022-27779.patch | 42 ++
.../curl/curl/CVE-2022-27780.patch | 33 ++
.../curl/curl/CVE-2022-27781.patch | 43 ++
.../curl/curl/CVE-2022-27782-1.patch | 458 ++++++++++++++++++
.../curl/curl/CVE-2022-27782-2.patch | 71 +++
.../curl/curl/CVE-2022-30115.patch | 82 ++++
meta/recipes-support/curl/curl_7.82.0.bb | 16 +-
23 files changed, 1362 insertions(+), 24 deletions(-)
rename meta/recipes-devtools/librepo/{librepo_1.14.2.bb => librepo_1.14.3.bb} (94%)
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-22576.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27774-1.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27774-2.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27774-3.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27774-4.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27775.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27776.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27779.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27780.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27781.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27782-1.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27782-2.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-30115.patch
--
2.25.1
^ permalink raw reply [flat|nested] 4+ messages in thread
* [OE-core][kirkstone 0/9] Pull request (cover letter only)
@ 2022-08-10 13:53 Steve Sakoman
0 siblings, 0 replies; 4+ messages in thread
From: Steve Sakoman @ 2022-08-10 13:53 UTC (permalink / raw)
To: openembedded-core
Final pull request for 4.0.3 release.
The following changes since commit c33eb7fb1d1e91a005b22b65d221d4b899ec69dc:
openssh: Add openssh-sftp-server to openssh RDEPENDS (2022-08-02 12:32:44 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/kirkstone-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-next
Alexander Kanavin (1):
lttng-modules: update 2.13.3 -> 2.13.4
Bruce Ashfield (5):
linux-yocto/5.10: update to v5.10.135
linux-yocto/5.15: update to v5.15.58
linux-yocto-rt/5.15: update to -rt48 (and fix -stable merge)
linux-yocto/5.15: update to v5.15.59
linux-yocto/5.15: fix reproducibility issues
He Zhe (1):
lttng-modules: Fix build failure for kernel v5.15.58
Martin Jansa (1):
glibc: revert one upstream change to work around broken DEBUG_BUILD
build
Sundeep KOKKONDA (1):
glibc : stable 2.35 branch updates
meta/recipes-core/glibc/glibc-version.inc | 2 +-
...lement-a-useful-version-of-_startup_.patch | 128 ++++++++++++
meta/recipes-core/glibc/glibc_2.35.bb | 2 +
.../linux/linux-yocto-rt_5.10.bb | 6 +-
.../linux/linux-yocto-rt_5.15.bb | 6 +-
.../linux/linux-yocto-tiny_5.10.bb | 8 +-
.../linux/linux-yocto-tiny_5.15.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_5.10.bb | 24 +--
meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 +--
...x-compaction-migratepages-event-name.patch | 37 ----
...oduce-kfree_skb_reason-v5.15.58.v5.1.patch | 53 +++++
...emove-unused-tracepoints-v5.10-v5.15.patch | 44 -----
...g-Append-prev_state-to-tp-args-inste.patch | 59 ------
...vent-allow-same-provider-and-event-n.patch | 48 -----
...g-Don-t-re-read-p-state-when-emittin.patch | 183 ------------------
.../0004-fix-block-remove-genhd.h-v5.18.patch | 45 -----
...emove-REQ_OP_WRITE_SAME-support-v5.1.patch | 79 --------
...ndom-remove-unused-tracepoints-v5.18.patch | 47 -----
...rethook-for-kretprobe-if-possible-v5.patch | 72 -------
...ore-Remove-scsi-scsi_request.h-v5.18.patch | 44 -----
...n-cleanup-the-compaction-trace-event.patch | 106 ----------
...ules_2.13.3.bb => lttng-modules_2.13.4.bb} | 16 +-
22 files changed, 225 insertions(+), 816 deletions(-)
create mode 100644 meta/recipes-core/glibc/glibc/0001-Revert-Linux-Implement-a-useful-version-of-_startup_.patch
delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0001-Fix-compaction-migratepages-event-name.patch
create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0001-fix-net-skb-introduce-kfree_skb_reason-v5.15.58.v5.1.patch
delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0001-fix-random-remove-unused-tracepoints-v5.10-v5.15.patch
delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0001-fix-sched-tracing-Append-prev_state-to-tp-args-inste.patch
delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0002-Fix-tracepoint-event-allow-same-provider-and-event-n.patch
delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0003-fix-sched-tracing-Don-t-re-read-p-state-when-emittin.patch
delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0004-fix-block-remove-genhd.h-v5.18.patch
delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0005-fix-scsi-block-Remove-REQ_OP_WRITE_SAME-support-v5.1.patch
delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0006-fix-random-remove-unused-tracepoints-v5.18.patch
delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0007-fix-kprobes-Use-rethook-for-kretprobe-if-possible-v5.patch
delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0008-fix-scsi-core-Remove-scsi-scsi_request.h-v5.18.patch
delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0010-fix-mm-compaction-cleanup-the-compaction-trace-event.patch
rename meta/recipes-kernel/lttng/{lttng-modules_2.13.3.bb => lttng-modules_2.13.4.bb} (60%)
--
2.25.1
^ permalink raw reply [flat|nested] 4+ messages in thread
* [OE-core][kirkstone 0/9] Pull request (cover letter only)
@ 2022-11-16 14:08 Steve Sakoman
0 siblings, 0 replies; 4+ messages in thread
From: Steve Sakoman @ 2022-11-16 14:08 UTC (permalink / raw)
To: openembedded-core
The following changes since commit 0c0723757fbba9a4b88c0f98477a18d1e220da2e:
mirrors.bbclass: use shallow tarball for binutils-native (2022-11-06 06:00:05 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-next
Alexander Kanavin (2):
lttng-modules: upgrade 2.13.4 -> 2.13.5
quilt: backport a patch to address grep 3.8 failures
Hitendra Prajapati (1):
QEMU: CVE-2022-3165 VNC: integer underflow in vnc_client_cut_text_ext
leads to CPU exhaustion
Michael Opdenacker (1):
create-spdx.bbclass: remove unused SPDX_INCLUDE_PACKAGED
Narpat Mali (1):
python3-mako: backport fix for CVE-2022-40023
Ross Burton (3):
pixman: backport fix for CVE-2022-44638
sanity: check for GNU tar specifically
qemu: add io_uring PACKAGECONFIG
ciarancourtney (1):
wic: swap partitions are not added to fstab
meta/classes/create-spdx.bbclass | 2 -
meta/classes/sanity.bbclass | 8 +
.../python/python3-mako/CVE-2022-40023.patch | 119 +++++++++++++++
.../python/python3-mako_1.1.6.bb | 2 +
meta/recipes-devtools/qemu/qemu.inc | 3 +-
.../qemu/qemu/CVE-2022-3165.patch | 61 ++++++++
meta/recipes-devtools/quilt/quilt.inc | 1 +
.../quilt/quilt/fix-grep-3.8.patch | 144 ++++++++++++++++++
.../xorg-lib/pixman/CVE-2022-44638.patch | 33 ++++
.../xorg-lib/pixman_0.40.0.bb | 1 +
.../lttng-modules/0001-fix-compaction.patch | 68 ---------
...c-fix-tracepoint-mm_page_alloc_zone_.patch | 106 -------------
...oduce-kfree_skb_reason-v5.15.58.v5.1.patch | 53 -------
...ags-parameter-from-aops-write_begin-.patch | 76 ---------
...Fix-type-of-cpu-in-trace-event-v5.19.patch | 124 ---------------
...ules_2.13.4.bb => lttng-modules_2.13.5.bb} | 7 +-
scripts/lib/wic/plugins/imager/direct.py | 2 +-
17 files changed, 373 insertions(+), 437 deletions(-)
create mode 100644 meta/recipes-devtools/python/python3-mako/CVE-2022-40023.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2022-3165.patch
create mode 100644 meta/recipes-devtools/quilt/quilt/fix-grep-3.8.patch
create mode 100644 meta/recipes-graphics/xorg-lib/pixman/CVE-2022-44638.patch
delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0001-fix-compaction.patch
delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0001-fix-mm-page_alloc-fix-tracepoint-mm_page_alloc_zone_.patch
delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0001-fix-net-skb-introduce-kfree_skb_reason-v5.15.58.v5.1.patch
delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0002-fix-fs-Remove-flags-parameter-from-aops-write_begin-.patch
delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0003-fix-workqueue-Fix-type-of-cpu-in-trace-event-v5.19.patch
rename meta/recipes-kernel/lttng/{lttng-modules_2.13.4.bb => lttng-modules_2.13.5.bb} (78%)
--
2.25.1
^ permalink raw reply [flat|nested] 4+ messages in thread
* [OE-core][kirkstone 0/9] Pull request (cover letter only)
@ 2023-01-20 2:36 Steve Sakoman
0 siblings, 0 replies; 4+ messages in thread
From: Steve Sakoman @ 2023-01-20 2:36 UTC (permalink / raw)
To: openembedded-core
The following changes since commit 4760fac939a6204e3cb7dcd3699cd9a2508f9dee:
devtool: process local files only for the main branch (2023-01-12 04:56:26 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-next
Bhabu Bindu (1):
qemu: Fix CVE-2022-4144
Daniel Gomez (1):
gtk-icon-cache: Fix GTKIC_CMD if-else condition
KARN JYE LAU (1):
freetype:update mirror site.
Martin Jansa (1):
ffmpeg: refresh patches to apply cleanly
Narpat Mali (3):
python3-setuptools: fix for CVE-2022-40897
python3-wheel: fix for CVE-2022-40898
python3-git: fix for CVE-2022-24439
Yash Shinde (1):
glibc: stable 2.35 branch updates.
Yogita Urade (1):
libksba: fix CVE-2022-47629
meta/classes/gtk-icon-cache.bbclass | 2 +-
meta/recipes-core/glibc/glibc-version.inc | 2 +-
...-git-CVE-2022-24439-fix-from-PR-1518.patch | 97 ++++
...-git-CVE-2022-24439-fix-from-PR-1521.patch | 488 ++++++++++++++++++
.../python/python3-git_3.1.27.bb | 4 +
...-of-whitespace-to-search-backtrack.-.patch | 31 ++
.../python/python3-setuptools_59.5.0.bb | 1 +
...tential-DoS-attack-via-WHEEL_INFO_RE.patch | 32 ++
.../python/python3-wheel_0.37.1.bb | 4 +-
meta/recipes-devtools/qemu/qemu.inc | 1 +
.../qemu/qemu/CVE-2022-4144.patch | 99 ++++
.../freetype/freetype_2.11.1.bb | 2 +-
...c-stop-accessing-out-of-bounds-frame.patch | 19 +-
...c-stop-accessing-out-of-bounds-frame.patch | 7 +-
...-vp3-Add-missing-check-for-av_malloc.patch | 12 +-
...overflow-in-the-CRL-signature-parser.patch | 72 +++
meta/recipes-support/libksba/libksba_1.6.2.bb | 3 +-
17 files changed, 848 insertions(+), 28 deletions(-)
create mode 100644 meta/recipes-devtools/python/python3-git/0001-python3-git-CVE-2022-24439-fix-from-PR-1518.patch
create mode 100644 meta/recipes-devtools/python/python3-git/0001-python3-git-CVE-2022-24439-fix-from-PR-1521.patch
create mode 100644 meta/recipes-devtools/python/python3-setuptools/0001-Limit-the-amount-of-whitespace-to-search-backtrack.-.patch
create mode 100644 meta/recipes-devtools/python/python3-wheel/0001-Fixed-potential-DoS-attack-via-WHEEL_INFO_RE.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2022-4144.patch
create mode 100644 meta/recipes-support/libksba/libksba/0001-Fix-an-integer-overflow-in-the-CRL-signature-parser.patch
--
2.25.1
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2023-01-20 2:36 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-05-25 20:01 [OE-core][kirkstone 0/9] Pull request (cover letter only) Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2022-08-10 13:53 Steve Sakoman
2022-11-16 14:08 Steve Sakoman
2023-01-20 2:36 Steve Sakoman
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.