From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 00/23] Patch review
Date: Thu, 1 Dec 2022 04:26:54 -1000 [thread overview]
Message-ID: <cover.1669904703.git.steve@sakoman.com> (raw)
Please review this set of patches for kirkstone and have comments back by
end of day Monday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4562
The following changes since commit 5b2ee67e3a5587b4c7d97d2a9bc00022d1eedae3:
create-spdx: default share_src for shared sources (2022-11-25 08:08:10 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Bhabu Bindu (3):
curl: Fix CVE-2022-32221
curl: Fix CVE-2022-42916
curl: Fix CVE-2022-42915
Bruce Ashfield (5):
linux-yocto/5.15: update to v5.15.74
linux-yocto/5.15: update to v5.15.76
linux-yocto/5.15: update to v5.15.78
linux-yocto/5.15: fix CONFIG_CRYPTO_CCM mismatch warnings
kern-tools: integrate ZFS speedup patch
Chee Yang Lee (1):
dropbear: fix CVE-2021-36369
Chen Qi (3):
kernel.bbclass: make KERNEL_DEBUG_TIMESTAMPS work at rebuild
resolvconf: make it work
dhcpcd: fix to work with systemd
Dmitry Baryshkov (2):
linux-firmware: upgrade 20221012 -> 20221109
linux-firmware: add new fw file to ${PN}-qcom-adreno-a530
Enrico Jörns (1):
sstatesig: emit more helpful error message when not finding sstate
manifest
Martin Jansa (2):
tiff: refresh with devtool
tiff: add CVE tag to b258ed69a485a9cfb299d9f060eb2a46c54e5903.patch
Polampalli, Archana (1):
libpam: fix CVE-2022-28321
Qiu, Zheng (1):
tiff: Security fix for CVE-2022-3970
Ross Burton (1):
tiff: fix a number of CVEs
Tim Orling (1):
mirrors.bbclass: update CPAN_MIRROR
Xiangyu Chen (2):
grub2: backport patch to fix CVE-2022-2601 CVE-2022-3775
dbus: upgrade 1.14.0 -> 1.14.4
meta/classes/kernel.bbclass | 8 +
meta/classes/mirrors.bbclass | 3 +-
meta/lib/oe/sstatesig.py | 6 +-
...erflow-in-grub_font_get_glyph_intern.patch | 115 ++++
.../grub/files/CVE-2022-2601.patch | 85 +++
.../grub/files/CVE-2022-3775.patch | 95 +++
meta/recipes-bsp/grub/grub2.inc | 3 +
.../dhcpcd/dhcpcd_9.4.1.bb | 1 +
...mprove-the-sitation-of-working-with-.patch | 82 +++
...01-avoid-using-m-option-for-readlink.patch | 37 +
.../resolvconf/resolvconf_1.91.bb | 9 +-
...eswap-Byte-swap-Unix-fd-indexes-if-n.patch | 76 ---
...idate-Check-brackets-in-signature-ne.patch | 119 ----
...idate-Validate-length-of-arrays-of-f.patch | 61 --
.../dbus/{dbus_1.14.0.bb => dbus_1.14.4.bb} | 10 +-
meta/recipes-core/dropbear/dropbear.inc | 4 +-
.../dropbear/dropbear/CVE-2021-36369.patch | 145 ++++
.../pam/libpam/CVE-2022-28321-0002.patch | 205 ++++++
meta/recipes-extended/pam/libpam_1.5.2.bb | 1 +
.../kern-tools/kern-tools-native_git.bb | 2 +-
...20221012.bb => linux-firmware_20221109.bb} | 6 +-
.../linux/linux-yocto-rt_5.15.bb | 6 +-
.../linux/linux-yocto-tiny_5.15.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 +-
...-of-TIFFTAG_INKNAMES-and-related-TIF.patch | 266 ++++++++
...-the-FPE-in-tiffcrop-415-427-and-428.patch | 2 +-
...rash-when-reading-a-file-with-multip.patch | 14 +-
...ue-330-and-some-more-from-320-to-349.patch | 86 ++-
...fcrop-S-option-Make-decision-simpler.patch | 36 +
...-incompatibility-of-Z-X-Y-z-options-.patch | 59 ++
...ines-require-a-larger-buffer-fixes-2.patch | 640 ++++++++++++++++++
...al-buffer-overflow-for-ASCII-tags-wh.patch | 13 +-
...ue-380-and-382-heap-buffer-overflow-.patch | 14 +-
...-for-return-value-of-limitMalloc-392.patch | 15 +-
...ag-avoid-calling-memcpy-with-a-null-.patch | 16 +-
.../0005-fix-the-FPE-in-tiffcrop-393.patch | 15 +-
...x-heap-buffer-overflow-in-tiffcp-278.patch | 15 +-
...99c99f987dc32ae110370cfdd7df7975586b.patch | 9 +-
.../libtiff/tiff/CVE-2022-1354.patch | 8 +-
.../libtiff/tiff/CVE-2022-1355.patch | 8 +-
.../libtiff/tiff/CVE-2022-2867.patch | 2 +-
.../libtiff/tiff/CVE-2022-2869.patch | 2 +-
.../libtiff/tiff/CVE-2022-2953.patch | 30 +-
.../libtiff/tiff/CVE-2022-34526.patch | 6 +-
.../libtiff/tiff/CVE-2022-3970.patch | 38 ++
...ed69a485a9cfb299d9f060eb2a46c54e5903.patch | 7 +-
...0712f4c3a5b449f70c57988260a667ddbdef.patch | 9 +-
meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 6 +-
.../curl/curl/CVE-2022-32221.patch | 28 +
.../curl/curl/CVE-2022-42915.patch | 53 ++
.../curl/curl/CVE-2022-42916.patch | 136 ++++
meta/recipes-support/curl/curl_7.82.0.bb | 3 +
52 files changed, 2203 insertions(+), 444 deletions(-)
create mode 100644 meta/recipes-bsp/grub/files/0001-font-Fix-size-overflow-in-grub_font_get_glyph_intern.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2022-2601.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2022-3775.patch
create mode 100644 meta/recipes-connectivity/dhcpcd/files/0001-20-resolv.conf-improve-the-sitation-of-working-with-.patch
create mode 100644 meta/recipes-connectivity/resolvconf/resolvconf/0001-avoid-using-m-option-for-readlink.patch
delete mode 100644 meta/recipes-core/dbus/dbus/0001-dbus-marshal-byteswap-Byte-swap-Unix-fd-indexes-if-n.patch
delete mode 100644 meta/recipes-core/dbus/dbus/0001-dbus-marshal-validate-Check-brackets-in-signature-ne.patch
delete mode 100644 meta/recipes-core/dbus/dbus/0001-dbus-marshal-validate-Validate-length-of-arrays-of-f.patch
rename meta/recipes-core/dbus/{dbus_1.14.0.bb => dbus_1.14.4.bb} (93%)
create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2021-36369.patch
create mode 100644 meta/recipes-extended/pam/libpam/CVE-2022-28321-0002.patch
rename meta/recipes-kernel/linux-firmware/{linux-firmware_20221012.bb => linux-firmware_20221109.bb} (99%)
create mode 100644 meta/recipes-multimedia/libtiff/tiff/0001-Revised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/0001-tiffcrop-S-option-Make-decision-simpler.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/0001-tiffcrop-disable-incompatibility-of-Z-X-Y-z-options-.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/0001-tiffcrop-subroutines-require-a-larger-buffer-fixes-2.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2022-3970.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-32221.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-42915.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-42916.patch
--
2.25.1
next reply other threads:[~2022-12-01 14:27 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-01 14:26 Steve Sakoman [this message]
2022-12-01 14:26 ` [OE-core][kirkstone 01/23] grub2: backport patch to fix CVE-2022-2601 CVE-2022-3775 Steve Sakoman
2022-12-01 14:26 ` [OE-core][kirkstone 02/23] tiff: refresh with devtool Steve Sakoman
2022-12-01 14:26 ` [OE-core][kirkstone 03/23] tiff: fix a number of CVEs Steve Sakoman
2022-12-01 14:26 ` [OE-core][kirkstone 04/23] tiff: Security fix for CVE-2022-3970 Steve Sakoman
2022-12-01 14:26 ` [OE-core][kirkstone 05/23] tiff: add CVE tag to b258ed69a485a9cfb299d9f060eb2a46c54e5903.patch Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 06/23] curl: Fix CVE-2022-32221 Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 07/23] curl: Fix CVE-2022-42916 Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 08/23] curl: Fix CVE-2022-42915 Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 09/23] dropbear: fix CVE-2021-36369 Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 10/23] libpam: fix CVE-2022-28321 Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 11/23] dbus: upgrade 1.14.0 -> 1.14.4 Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 12/23] linux-yocto/5.15: update to v5.15.74 Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 13/23] linux-yocto/5.15: update to v5.15.76 Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 14/23] linux-yocto/5.15: update to v5.15.78 Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 15/23] linux-yocto/5.15: fix CONFIG_CRYPTO_CCM mismatch warnings Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 16/23] kern-tools: integrate ZFS speedup patch Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 17/23] kernel.bbclass: make KERNEL_DEBUG_TIMESTAMPS work at rebuild Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 18/23] linux-firmware: upgrade 20221012 -> 20221109 Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 19/23] linux-firmware: add new fw file to ${PN}-qcom-adreno-a530 Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 20/23] sstatesig: emit more helpful error message when not finding sstate manifest Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 21/23] resolvconf: make it work Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 22/23] dhcpcd: fix to work with systemd Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 23/23] mirrors.bbclass: update CPAN_MIRROR Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2024-05-09 12:04 [OE-core][kirkstone 00/23] Patch review Steve Sakoman
2023-02-21 14:40 Steve Sakoman
2022-07-18 0:30 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1669904703.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.