From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 00/31] Patch review
Date: Sun, 27 Nov 2022 03:54:46 -1000 [thread overview]
Message-ID: <cover.1669557026.git.steve@sakoman.com> (raw)
Please review this set of patches for kirkstone and have comments back by
end of day Tuesday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4543
The following changes since commit da2c64b3158c58eb0a484d3acbdf0419df2d34e8:
wic: make ext2/3/4 images reproducible (2022-11-17 07:23:06 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Alexander Kanavin (11):
linux-firmware: upgrade 20220913 -> 20221012
xwayland: upgrade 22.1.3 -> 22.1.4
libffi: upgrade 3.4.2 -> 3.4.4
libical: upgrade 3.0.15 -> 3.0.16
mtd-utils: upgrade 2.1.4 -> 2.1.5
gdk-pixbuf: upgrade 2.42.9 -> 2.42.10
gstreamer1.0: upgrade 1.20.3 -> 1.20.4
libepoxy: convert to git
libepoxy: update 1.5.9 -> 1.5.10
vala: install vapigen-wrapper into /usr/bin/crosscripts and stage only
that
gnomebase.bbclass: return the whole version for tarball directory if
it is a number
Jose Quaresma (3):
sstatesig: skip the rm_work task signature
rm_work: exclude the SSTATETASKS from the rm_work tasks sinature
sstate: Allow optimisation of do_deploy_archives task dependencies
Joshua Watt (2):
qemu-helper-native: Re-write bridge helper as C program
qemu-helper-native: Correctly pass program name as argv[0]
Konrad Weihmann (1):
create-spdx: default share_src for shared sources
Martin Jansa (1):
libsndfile1: Backport fix for CVE-2021-4156
Narpat Mali (2):
ffmpeg: fix for CVE-2022-3964
ffmpeg: fix for CVE-2022-3965
Peter Marko (2):
systemd: add group render to udev package
meta-selftest/staticids: add render group for systemd
Richard Purdie (1):
sanity: Drop data finalize call
Ross Burton (1):
linux-firmware: don't put the firmware into the sysroot
Sakib Sajal (1):
go: fix CVE-2022-2880
Vivek Kumbhar (1):
python3: fix CVE-2022-42919 local privilege escalation via the
multiprocessing forkserver start method
Wang Mingyu (4):
xwayland: upgrade 22.1.4 -> 22.1.5
mobile-broadband-provider-info: upgrade 20220725 -> 20221107
babeltrace: upgrade 1.5.8 -> 1.5.11
iso-codes: upgrade 4.11.0 -> 4.12.0
Xiangyu Chen (1):
bash: backport patch to fix CVE-2022-3715
meta-selftest/files/static-group | 1 +
meta/classes/create-spdx.bbclass | 5 +-
meta/classes/gnomebase.bbclass | 2 +-
meta/classes/rm_work.bbclass | 2 +
meta/classes/sanity.bbclass | 11 +-
meta/classes/sstate.bbclass | 2 +-
meta/lib/oe/sstatesig.py | 6 +
.../mobile-broadband-provider-info_git.bb | 4 +-
meta/recipes-core/systemd/systemd_250.5.bb | 2 +
meta/recipes-devtools/go/go-1.17.13.inc | 1 +
...util-avoid-query-parameter-smuggling.patch | 178 ++++++++++++++++++
meta/recipes-devtools/mtd/mtd-utils_git.bb | 4 +-
.../python/python3/CVE-2022-42919.patch | 70 +++++++
.../recipes-devtools/python/python3_3.10.7.bb | 1 +
.../qemu/qemu-helper-native_1.0.bb | 6 +-
.../qemu/qemu-helper/qemu-oe-bridge-helper | 25 ---
.../qemu/qemu-helper/qemu-oe-bridge-helper.c | 34 ++++
meta/recipes-devtools/vala/vala.inc | 10 +-
.../bash/bash/CVE-2022-3715.patch | 33 ++++
meta/recipes-extended/bash/bash_5.1.16.bb | 1 +
...pixbuf_2.42.9.bb => gdk-pixbuf_2.42.10.bb} | 2 +-
.../{libepoxy_1.5.9.bb => libepoxy_1.5.10.bb} | 5 +-
...{xwayland_22.1.3.bb => xwayland_22.1.5.bb} | 2 +-
...20220913.bb => linux-firmware_20221012.bb} | 9 +-
...beltrace_1.5.8.bb => babeltrace_1.5.11.bb} | 2 +-
...c-stop-accessing-out-of-bounds-frame.patch | 89 +++++++++
...c-stop-accessing-out-of-bounds-frame.patch | 108 +++++++++++
.../recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb | 3 +
...tools_1.20.3.bb => gst-devtools_1.20.4.bb} | 2 +-
...r-APNG-encoder-property-registration.patch | 86 ---------
...1.20.3.bb => gstreamer1.0-libav_1.20.4.bb} | 6 +-
...x_1.20.3.bb => gstreamer1.0-omx_1.20.4.bb} | 2 +-
....bb => gstreamer1.0-plugins-bad_1.20.4.bb} | 2 +-
...bb => gstreamer1.0-plugins-base_1.20.4.bb} | 2 +-
...bb => gstreamer1.0-plugins-good_1.20.4.bb} | 2 +-
...bb => gstreamer1.0-plugins-ugly_1.20.4.bb} | 2 +-
....20.3.bb => gstreamer1.0-python_1.20.4.bb} | 2 +-
....bb => gstreamer1.0-rtsp-server_1.20.4.bb} | 2 +-
...1.20.3.bb => gstreamer1.0-vaapi_1.20.4.bb} | 2 +-
...er1.0_1.20.3.bb => gstreamer1.0_1.20.4.bb} | 2 +-
...flac-Fix-improper-buffer-reusing-732.patch | 29 +++
.../libsndfile/libsndfile1_1.0.31.bb | 1 +
...so-codes_4.11.0.bb => iso-codes_4.12.0.bb} | 2 +-
...m-sysv-reverted-clang-VFP-mitigation.patch | 6 +-
.../libffi/libffi/not-win32.patch | 8 +-
.../{libffi_3.4.2.bb => libffi_3.4.4.bb} | 4 +-
.../{libical_3.0.15.bb => libical_3.0.16.bb} | 2 +-
47 files changed, 612 insertions(+), 170 deletions(-)
create mode 100644 meta/recipes-devtools/go/go-1.18/0001-net-http-httputil-avoid-query-parameter-smuggling.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2022-42919.patch
delete mode 100755 meta/recipes-devtools/qemu/qemu-helper/qemu-oe-bridge-helper
create mode 100644 meta/recipes-devtools/qemu/qemu-helper/qemu-oe-bridge-helper.c
create mode 100644 meta/recipes-extended/bash/bash/CVE-2022-3715.patch
rename meta/recipes-gnome/gdk-pixbuf/{gdk-pixbuf_2.42.9.bb => gdk-pixbuf_2.42.10.bb} (98%)
rename meta/recipes-graphics/libepoxy/{libepoxy_1.5.9.bb => libepoxy_1.5.10.bb} (86%)
rename meta/recipes-graphics/xwayland/{xwayland_22.1.3.bb => xwayland_22.1.5.bb} (95%)
rename meta/recipes-kernel/linux-firmware/{linux-firmware_20220913.bb => linux-firmware_20221012.bb} (99%)
rename meta/recipes-kernel/lttng/{babeltrace_1.5.8.bb => babeltrace_1.5.11.bb} (98%)
create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/0001-avcodec-rpzaenc-stop-accessing-out-of-bounds-frame.patch
create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/0001-avcodec-smcenc-stop-accessing-out-of-bounds-frame.patch
rename meta/recipes-multimedia/gstreamer/{gst-devtools_1.20.3.bb => gst-devtools_1.20.4.bb} (95%)
delete mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-libav/0001-libav-Fix-for-APNG-encoder-property-registration.patch
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-libav_1.20.3.bb => gstreamer1.0-libav_1.20.4.bb} (82%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-omx_1.20.3.bb => gstreamer1.0-omx_1.20.4.bb} (95%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-bad_1.20.3.bb => gstreamer1.0-plugins-bad_1.20.4.bb} (98%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-base_1.20.3.bb => gstreamer1.0-plugins-base_1.20.4.bb} (97%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-good_1.20.3.bb => gstreamer1.0-plugins-good_1.20.4.bb} (97%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-ugly_1.20.3.bb => gstreamer1.0-plugins-ugly_1.20.4.bb} (94%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-python_1.20.3.bb => gstreamer1.0-python_1.20.4.bb} (91%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-rtsp-server_1.20.3.bb => gstreamer1.0-rtsp-server_1.20.4.bb} (90%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-vaapi_1.20.3.bb => gstreamer1.0-vaapi_1.20.4.bb} (95%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0_1.20.3.bb => gstreamer1.0_1.20.4.bb} (97%)
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/0001-flac-Fix-improper-buffer-reusing-732.patch
rename meta/recipes-support/iso-codes/{iso-codes_4.11.0.bb => iso-codes_4.12.0.bb} (94%)
rename meta/recipes-support/libffi/{libffi_3.4.2.bb => libffi_3.4.4.bb} (90%)
rename meta/recipes-support/libical/{libical_3.0.15.bb => libical_3.0.16.bb} (96%)
--
2.25.1
next reply other threads:[~2022-11-27 13:55 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-27 13:54 Steve Sakoman [this message]
2022-11-27 13:54 ` [OE-core][kirkstone 01/31] libsndfile1: Backport fix for CVE-2021-4156 Steve Sakoman
2022-11-27 13:54 ` [OE-core][kirkstone 02/31] bash: backport patch to fix CVE-2022-3715 Steve Sakoman
2022-11-27 13:54 ` [OE-core][kirkstone 03/31] ffmpeg: fix for CVE-2022-3964 Steve Sakoman
2022-11-27 13:54 ` [OE-core][kirkstone 04/31] ffmpeg: fix for CVE-2022-3965 Steve Sakoman
2022-11-27 13:54 ` [OE-core][kirkstone 05/31] python3: fix CVE-2022-42919 local privilege escalation via the multiprocessing forkserver start method Steve Sakoman
2022-11-27 13:54 ` [OE-core][kirkstone 06/31] go: fix CVE-2022-2880 Steve Sakoman
2022-11-27 13:54 ` [OE-core][kirkstone 07/31] linux-firmware: upgrade 20220913 -> 20221012 Steve Sakoman
2022-11-27 13:54 ` [OE-core][kirkstone 08/31] xwayland: upgrade 22.1.3 -> 22.1.4 Steve Sakoman
2022-11-27 13:54 ` [OE-core][kirkstone 09/31] xwayland: upgrade 22.1.4 -> 22.1.5 Steve Sakoman
2022-11-27 13:54 ` [OE-core][kirkstone 10/31] libffi: upgrade 3.4.2 -> 3.4.4 Steve Sakoman
2022-11-27 13:54 ` [OE-core][kirkstone 11/31] libical: upgrade 3.0.15 -> 3.0.16 Steve Sakoman
2022-11-27 13:54 ` [OE-core][kirkstone 12/31] mtd-utils: upgrade 2.1.4 -> 2.1.5 Steve Sakoman
2022-11-27 13:54 ` [OE-core][kirkstone 13/31] gdk-pixbuf: upgrade 2.42.9 -> 2.42.10 Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 14/31] gstreamer1.0: upgrade 1.20.3 -> 1.20.4 Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 15/31] libepoxy: convert to git Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 16/31] libepoxy: update 1.5.9 -> 1.5.10 Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 17/31] mobile-broadband-provider-info: upgrade 20220725 -> 20221107 Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 18/31] babeltrace: upgrade 1.5.8 -> 1.5.11 Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 19/31] iso-codes: upgrade 4.11.0 -> 4.12.0 Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 20/31] qemu-helper-native: Re-write bridge helper as C program Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 21/31] qemu-helper-native: Correctly pass program name as argv[0] Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 22/31] linux-firmware: don't put the firmware into the sysroot Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 23/31] vala: install vapigen-wrapper into /usr/bin/crosscripts and stage only that Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 24/31] gnomebase.bbclass: return the whole version for tarball directory if it is a number Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 25/31] sstatesig: skip the rm_work task signature Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 26/31] rm_work: exclude the SSTATETASKS from the rm_work tasks sinature Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 27/31] sstate: Allow optimisation of do_deploy_archives task dependencies Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 28/31] sanity: Drop data finalize call Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 29/31] systemd: add group render to udev package Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 30/31] meta-selftest/staticids: add render group for systemd Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 31/31] create-spdx: default share_src for shared sources Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2022-11-04 3:00 [OE-core][kirkstone 00/31] Patch review Steve Sakoman
2022-05-17 18:23 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1669557026.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.