From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 00/14] Patch review
Date: Wed, 8 Jun 2022 04:46:24 -1000 [thread overview]
Message-ID: <cover.1654699348.git.steve@sakoman.com> (raw)
Please review this set of patches for dunfell and have comments back by
end of day Friday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3760
The following changes since commit 4051d1a3aa5f70da96c381f9dea5f52cd9306939:
openssl: Backport fix for ptest cert expiry (2022-06-07 11:33:46 +0100)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
Bruce Ashfield (1):
linux-yocto/5.4: update to v5.4.196
Hitendra Prajapati (2):
e2fsprogs: CVE-2022-1304 out-of-bounds read/write via crafted
filesystem
pcre2: CVE-2022-1587 Out-of-bounds read
Marta Rybczynska (4):
cve-check: move update_symlinks to a library
cve-check: write empty fragment files in the text mode
cve-check: add coverage statistics on recipes with/without CVEs
cve-update-db-native: make it possible to disable database updates
Richard Purdie (1):
libxslt: Mark CVE-2022-29824 as not applying
Robert Joslyn (2):
curl: Backport CVE fixes
curl: Fix CVE_CHECK_WHITELIST typo
Steve Sakoman (3):
Revert "openssl: Backport fix for ptest cert expiry"
openssl: backport fix for ptest certificate expiration
openssl: update the epoch time for ct_test ptest
omkar patil (1):
libxslt: Fix CVE-2021-30560
meta/classes/cve-check.bbclass | 86 ++-
meta/lib/oe/cve_check.py | 10 +
...5d82489b3ec09ccc772dfcee14fef0e8e908.patch | 192 +++++
...ea88c3888cc5cb3ebc94ffcef706c68bc1d2.patch | 55 --
...611887cfac633aacc052b2e71a7f195418b8.patch | 29 +
.../openssl/openssl_1.1.1o.bb | 3 +-
.../recipes-core/meta/cve-update-db-native.bb | 6 +-
.../e2fsprogs/e2fsprogs/CVE-2022-1304.patch | 42 ++
.../e2fsprogs/e2fsprogs_1.45.7.bb | 1 +
.../linux/linux-yocto-rt_5.4.bb | 6 +-
.../linux/linux-yocto-tiny_5.4.bb | 8 +-
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +-
.../curl/curl/CVE-2022-27774-1.patch | 45 ++
.../curl/curl/CVE-2022-27774-2.patch | 80 +++
.../curl/curl/CVE-2022-27774-3.patch | 83 +++
.../curl/curl/CVE-2022-27774-4.patch | 35 +
.../curl/curl/CVE-2022-27781.patch | 46 ++
.../curl/curl/CVE-2022-27782-1.patch | 363 ++++++++++
.../curl/curl/CVE-2022-27782-2.patch | 71 ++
meta/recipes-support/curl/curl_7.69.1.bb | 9 +-
.../libpcre/libpcre2/CVE-2022-1587.patch | 660 ++++++++++++++++++
.../recipes-support/libpcre/libpcre2_10.34.bb | 1 +
.../libxslt/libxslt/CVE-2021-30560.patch | 201 ++++++
.../recipes-support/libxslt/libxslt_1.1.34.bb | 5 +
24 files changed, 1949 insertions(+), 110 deletions(-)
create mode 100644 meta/recipes-connectivity/openssl/openssl/73db5d82489b3ec09ccc772dfcee14fef0e8e908.patch
delete mode 100644 meta/recipes-connectivity/openssl/openssl/770aea88c3888cc5cb3ebc94ffcef706c68bc1d2.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/b7ce611887cfac633aacc052b2e71a7f195418b8.patch
create mode 100644 meta/recipes-devtools/e2fsprogs/e2fsprogs/CVE-2022-1304.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27774-1.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27774-2.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27774-3.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27774-4.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27781.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27782-1.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27782-2.patch
create mode 100644 meta/recipes-support/libpcre/libpcre2/CVE-2022-1587.patch
create mode 100644 meta/recipes-support/libxslt/libxslt/CVE-2021-30560.patch
--
2.25.1
next reply other threads:[~2022-06-08 14:46 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-08 14:46 Steve Sakoman [this message]
2022-06-08 14:46 ` [OE-core][dunfell 01/14] Revert "openssl: Backport fix for ptest cert expiry" Steve Sakoman
2022-06-08 14:46 ` [OE-core][dunfell 02/14] openssl: backport fix for ptest certificate expiration Steve Sakoman
2022-06-08 14:46 ` [OE-core][dunfell 03/14] openssl: update the epoch time for ct_test ptest Steve Sakoman
2022-06-08 14:46 ` [OE-core][dunfell 04/14] e2fsprogs: CVE-2022-1304 out-of-bounds read/write via crafted filesystem Steve Sakoman
2022-06-08 14:46 ` [OE-core][dunfell 05/14] pcre2: CVE-2022-1587 Out-of-bounds read Steve Sakoman
2022-06-08 14:46 ` [OE-core][dunfell 06/14] libxslt: Fix CVE-2021-30560 Steve Sakoman
2022-06-08 14:46 ` [OE-core][dunfell 07/14] libxslt: Mark CVE-2022-29824 as not applying Steve Sakoman
2022-06-08 14:46 ` [OE-core][dunfell 08/14] curl: Backport CVE fixes Steve Sakoman
2022-06-08 14:46 ` [OE-core][dunfell 09/14] curl: Fix CVE_CHECK_WHITELIST typo Steve Sakoman
2022-06-08 14:46 ` [OE-core][dunfell 10/14] cve-check: move update_symlinks to a library Steve Sakoman
2022-06-08 14:46 ` [OE-core][dunfell 11/14] cve-check: write empty fragment files in the text mode Steve Sakoman
2022-06-08 14:46 ` [OE-core][dunfell 12/14] cve-check: add coverage statistics on recipes with/without CVEs Steve Sakoman
2022-06-08 14:46 ` [OE-core][dunfell 13/14] cve-update-db-native: make it possible to disable database updates Steve Sakoman
2022-06-08 14:46 ` [OE-core][dunfell 14/14] linux-yocto/5.4: update to v5.4.196 Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2023-09-12 13:53 [OE-core][dunfell 00/14] Patch review Steve Sakoman
2023-08-25 2:47 Steve Sakoman
2023-06-22 15:31 Steve Sakoman
2023-08-02 12:05 ` Marta Rybczynska
2023-03-21 14:20 Steve Sakoman
2022-08-29 21:02 Steve Sakoman
2022-07-07 21:59 Steve Sakoman
2022-05-11 18:19 Steve Sakoman
2021-12-22 14:12 Steve Sakoman
[not found] <16B6626DB9B02798.14836@lists.openembedded.org>
2021-11-11 14:16 ` Steve Sakoman
2021-11-11 4:08 Steve Sakoman
2021-06-28 15:05 Steve Sakoman
2021-06-29 0:13 ` [dunfell " Minjae Kim
2021-06-29 14:09 ` [OE-core] " Steve Sakoman
2020-10-22 15:51 [OE-core][dunfell " Steve Sakoman
2020-10-09 14:18 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1654699348.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.