From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 00/11] Patch review
Date: Sat, 12 Nov 2022 04:09:48 -1000 [thread overview]
Message-ID: <cover.1668262073.git.steve@sakoman.com> (raw)
Please review this set of patches for dunfell and have comments back by
end of day Tuesday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4469
The following changes since commit babcb7cd3bbefe9c0ea28e960e4fd6cefbc03cae:
bluez5: add dbus to RDEPENDS (2022-11-04 07:52:01 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
Alex Kiernan (1):
openssl: upgrade 1.1.1q to 1.1.1s
Hitendra Prajapati (1):
bluez: CVE-2022-3637 A DoS exists in monitor/jlink.c
Martin Jansa (1):
externalsrc.bbclass: fix git repo detection
Peter Kjellerstedt (1):
externalsrc.bbclass: Remove a trailing slash from ${B}
Ross Burton (1):
sanity: check for GNU tar specifically
Sundeep KOKKONDA (2):
binutils: stable 2.34 branch updates
glibc : stable 2.31 branch updates.
Sunil Kumar (1):
go: Security Fix for CVE-2022-2879
Vivek Kumbhar (2):
curl: fix CVE-2022-32221 POST following PUT
qemu: fix CVE-2021-3638 ati-vga: inconsistent check in ati_2d_blt()
may lead to out-of-bounds write
ciarancourtney (1):
wic: swap partitions are not added to fstab
meta/classes/externalsrc.bbclass | 6 +-
meta/classes/sanity.bbclass | 8 ++
meta/recipes-connectivity/bluez5/bluez5.inc | 1 +
.../bluez5/bluez5/CVE-2022-3637.patch | 39 ++++++
.../{openssl_1.1.1q.bb => openssl_1.1.1s.bb} | 2 +-
meta/recipes-core/glibc/glibc-version.inc | 2 +-
.../glibc/glibc/CVE-2021-33574_1.patch | 26 ++--
.../binutils/binutils-2.34.inc | 2 +-
.../binutils/binutils/CVE-2020-16593.patch | 4 +-
.../binutils/binutils/CVE-2021-3549.patch | 80 ++++++-------
meta/recipes-devtools/go/go-1.14.inc | 1 +
.../go/go-1.14/CVE-2022-2879.patch | 111 ++++++++++++++++++
meta/recipes-devtools/qemu/qemu.inc | 1 +
.../qemu/qemu/CVE-2021-3638.patch | 80 +++++++++++++
.../curl/curl/CVE-2022-32221.patch | 29 +++++
meta/recipes-support/curl/curl_7.69.1.bb | 1 +
scripts/lib/wic/plugins/imager/direct.py | 2 +-
17 files changed, 329 insertions(+), 66 deletions(-)
create mode 100644 meta/recipes-connectivity/bluez5/bluez5/CVE-2022-3637.patch
rename meta/recipes-connectivity/openssl/{openssl_1.1.1q.bb => openssl_1.1.1s.bb} (98%)
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-2879.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3638.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-32221.patch
--
2.25.1
next reply other threads:[~2022-11-12 14:10 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-12 14:09 Steve Sakoman [this message]
2022-11-12 14:09 ` [OE-core][dunfell 01/11] bluez: CVE-2022-3637 A DoS exists in monitor/jlink.c Steve Sakoman
2022-11-12 14:09 ` [OE-core][dunfell 02/11] go: Security Fix for CVE-2022-2879 Steve Sakoman
2022-11-12 14:09 ` [OE-core][dunfell 03/11] curl: fix CVE-2022-32221 POST following PUT Steve Sakoman
2022-11-12 14:09 ` [OE-core][dunfell 04/11] qemu: fix CVE-2021-3638 ati-vga: inconsistent check in ati_2d_blt() may lead to out-of-bounds write Steve Sakoman
2022-11-12 14:09 ` [OE-core][dunfell 05/11] binutils: stable 2.34 branch updates Steve Sakoman
2022-11-12 14:09 ` [OE-core][dunfell 06/11] glibc : stable 2.31 " Steve Sakoman
2022-11-12 14:09 ` [OE-core][dunfell 07/11] openssl: upgrade 1.1.1q to 1.1.1s Steve Sakoman
2022-11-12 14:09 ` [OE-core][dunfell 08/11] externalsrc.bbclass: fix git repo detection Steve Sakoman
2022-11-12 14:09 ` [OE-core][dunfell 09/11] externalsrc.bbclass: Remove a trailing slash from ${B} Steve Sakoman
2022-11-12 14:09 ` [OE-core][dunfell 10/11] sanity: check for GNU tar specifically Steve Sakoman
2022-11-12 14:09 ` [OE-core][dunfell 11/11] wic: swap partitions are not added to fstab Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2023-12-06 13:55 [OE-core][dunfell 00/11] Patch review Steve Sakoman
2023-10-10 14:14 Steve Sakoman
2023-06-08 2:35 Steve Sakoman
2023-05-20 16:04 Steve Sakoman
2022-08-18 16:56 Steve Sakoman
2022-08-10 22:31 Steve Sakoman
2022-06-02 2:30 Steve Sakoman
2022-04-16 19:14 Steve Sakoman
2022-01-20 21:23 Steve Sakoman
2022-01-13 14:37 Steve Sakoman
2021-04-08 16:31 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1668262073.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.