* [OE-core][kirkstone 00/28] Pull request (cover letter only)
@ 2022-08-26 2:33 Steve Sakoman
0 siblings, 0 replies; 3+ messages in thread
From: Steve Sakoman @ 2022-08-26 2:33 UTC (permalink / raw)
To: openembedded-core
The following changes since commit 10891d4d955f347c328cf8c099031f05f5c855a2:
lttng-modules: replace mips compaction fix with upstream change (2022-08-17 04:55:49 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/kirkstone-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-next
Alexander Kanavin (9):
bluez5: update 5.64 -> 5.65
libwpe: upgrade 1.12.0 -> 1.12.2
ell: upgrade 0.49 -> 0.50
iso-codes: upgrade 4.10.0 -> 4.11.0
libcap: upgrade 2.64 -> 2.65
libwebp: upgrade 1.2.2 -> 1.2.3
mobile-broadband-provider-info: upgrade 20220511 -> 20220725
webkitgtk: upgrade 2.36.4 -> 2.36.5
weston: upgrade 10.0.1 -> 10.0.2
Beniamin Sandu (1):
libpam: use /run instead of /var/run in systemd tmpfiles
Changqing Li (1):
apt: fix nativesdk-apt build failure during the second time build
Daiane Angolini (1):
python3-pip: Fix RDEPENDS after the update
Ernst Sjöstrand (1):
cve-check: Don't use f-strings
Hitendra Prajapati (1):
libtiff: CVE-2022-34526 A stack overflow was discovered
Jose Quaresma (2):
archiver.bbclass: some recipes that uses the kernelsrc bbclass uses
the shared source
linux-yocto: prepend the the value with a space when append to
KERNEL_EXTRA_ARGS
Kai Kang (1):
packagegroup-self-hosted: update for strace
Khem Raj (4):
libxml2: Ignore CVE-2016-3709
connman: Backports for security fixes
cracklib: Drop using register keyword
tcp-wrappers: Fix implicit-function-declaration warnings
Peter Marko (1):
create-spdx: handle links to inaccessible locations
Richard Purdie (1):
perf: Fix reproducibility issues with 5.19 onwards
Sakib Sajal (3):
u-boot: fix CVE-2022-30552
u-boot: fix CVE-2022-33967
go: update v1.17.12 -> v1.17.13
Yongxin Liu (1):
grub2: fix several CVEs
wangmy (1):
libcap: upgrade 2.63 -> 2.64
meta/classes/archiver.bbclass | 4 +-
meta/classes/create-spdx.bbclass | 2 +-
meta/lib/oe/cve_check.py | 2 +-
...g-Drop-greyscale-support-to-fix-heap.patch | 179 +++++
...ng-Avoid-heap-OOB-R-W-inserting-huff.patch | 50 ++
...peg-Block-int-underflow-wild-pointer.patch | 84 +++
...3-net-ip-Do-IP-fragment-maths-safely.patch | 63 ++
...or-out-on-headers-with-LF-without-CR.patch | 58 ++
...Fix-OOB-write-for-split-http-headers.patch | 56 ++
...ct-non-kernel-files-in-the-shim_lock.patch | 111 +++
.../video-Remove-trailing-whitespaces.patch | 693 ++++++++++++++++++
...eg-Abort-sooner-if-a-read-operation-.patch | 264 +++++++
...eg-Refuse-to-handle-multiple-start-o.patch | 53 ++
meta/recipes-bsp/grub/grub2.inc | 10 +
...s-squashfs-Use-kcalloc-when-relevant.patch | 64 ++
...e-minimum-IP-fragmented-datagram-siz.patch | 207 ++++++
meta/recipes-bsp/u-boot/u-boot_2022.01.bb | 2 +
meta/recipes-connectivity/bluez5/bluez5.inc | 1 -
.../bluez5/bluez5/fix_service.patch | 30 -
.../bluez5/{bluez5_5.64.bb => bluez5_5.65.bb} | 2 +-
.../connman/connman/CVE-2022-32292.patch | 37 +
.../connman/connman/CVE-2022-32293_p1.patch | 141 ++++
.../connman/connman/CVE-2022-32293_p2.patch | 174 +++++
.../connman/connman_1.41.bb | 3 +
.../mobile-broadband-provider-info_git.bb | 4 +-
.../ell/{ell_0.49.bb => ell_0.50.bb} | 2 +-
meta/recipes-core/libxml/libxml2_2.9.14.bb | 4 +
.../packagegroups/packagegroup-self-hosted.bb | 5 +-
meta/recipes-devtools/apt/apt_2.4.5.bb | 2 +-
.../go/{go-1.17.12.inc => go-1.17.13.inc} | 2 +-
...1.17.12.bb => go-binary-native_1.17.13.bb} | 4 +-
....17.12.bb => go-cross-canadian_1.17.13.bb} | 0
...o-cross_1.17.12.bb => go-cross_1.17.13.bb} | 0
...ssdk_1.17.12.bb => go-crosssdk_1.17.13.bb} | 0
...native_1.17.12.bb => go-native_1.17.13.bb} | 0
...ntime_1.17.12.bb => go-runtime_1.17.13.bb} | 0
.../go/{go_1.17.12.bb => go_1.17.13.bb} | 0
.../python/python3-pip_22.0.3.bb | 2 +
...01-rules-Drop-using-register-keyword.patch | 278 +++++++
...rrect-parameter-types-to-Debug-calls.patch | 40 +
.../cracklib/cracklib_2.9.7.bb | 5 +-
meta/recipes-extended/pam/libpam/99_pam | 2 +-
...plicit-function-declaration-warnings.patch | 109 +++
.../tcp-wrappers/tcp-wrappers_7.6.bb | 1 +
.../weston/dont-use-plane-add-prop.patch | 32 -
.../{weston_10.0.1.bb => weston_10.0.2.bb} | 4 +-
meta/recipes-kernel/linux/linux-yocto.inc | 2 +-
meta/recipes-kernel/perf/perf.bb | 2 +-
.../libtiff/tiff/CVE-2022-34526.patch | 29 +
meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 1 +
.../{libwebp_1.2.2.bb => libwebp_1.2.3.bb} | 2 +-
...ure-due-to-libc-using-libc-functions.patch | 42 ++
.../{libwpe_1.12.0.bb => libwpe_1.12.2.bb} | 6 +-
...ebkitgtk_2.36.4.bb => webkitgtk_2.36.5.bb} | 2 +-
...so-codes_4.10.0.bb => iso-codes_4.11.0.bb} | 2 +-
...-Raise-the-size-of-arrays-containing.patch | 2 +-
.../libcap/{libcap_2.63.bb => libcap_2.65.bb} | 2 +-
57 files changed, 2789 insertions(+), 89 deletions(-)
create mode 100644 meta/recipes-bsp/grub/files/CVE-2021-3695-video-readers-png-Drop-greyscale-support-to-fix-heap.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2021-3696-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2021-3697-video-readers-jpeg-Block-int-underflow-wild-pointer.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2022-28733-net-ip-Do-IP-fragment-maths-safely.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2022-28734-net-http-Error-out-on-headers-with-LF-without-CR.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2022-28734-net-http-Fix-OOB-write-for-split-http-headers.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2022-28735-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch
create mode 100644 meta/recipes-bsp/grub/files/video-Remove-trailing-whitespaces.patch
create mode 100644 meta/recipes-bsp/grub/files/video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch
create mode 100644 meta/recipes-bsp/grub/files/video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch
create mode 100644 meta/recipes-bsp/u-boot/files/0001-fs-squashfs-Use-kcalloc-when-relevant.patch
create mode 100644 meta/recipes-bsp/u-boot/files/0001-net-Check-for-the-minimum-IP-fragmented-datagram-siz.patch
delete mode 100644 meta/recipes-connectivity/bluez5/bluez5/fix_service.patch
rename meta/recipes-connectivity/bluez5/{bluez5_5.64.bb => bluez5_5.65.bb} (95%)
create mode 100644 meta/recipes-connectivity/connman/connman/CVE-2022-32292.patch
create mode 100644 meta/recipes-connectivity/connman/connman/CVE-2022-32293_p1.patch
create mode 100644 meta/recipes-connectivity/connman/connman/CVE-2022-32293_p2.patch
rename meta/recipes-core/ell/{ell_0.49.bb => ell_0.50.bb} (89%)
rename meta/recipes-devtools/go/{go-1.17.12.inc => go-1.17.13.inc} (92%)
rename meta/recipes-devtools/go/{go-binary-native_1.17.12.bb => go-binary-native_1.17.13.bb} (83%)
rename meta/recipes-devtools/go/{go-cross-canadian_1.17.12.bb => go-cross-canadian_1.17.13.bb} (100%)
rename meta/recipes-devtools/go/{go-cross_1.17.12.bb => go-cross_1.17.13.bb} (100%)
rename meta/recipes-devtools/go/{go-crosssdk_1.17.12.bb => go-crosssdk_1.17.13.bb} (100%)
rename meta/recipes-devtools/go/{go-native_1.17.12.bb => go-native_1.17.13.bb} (100%)
rename meta/recipes-devtools/go/{go-runtime_1.17.12.bb => go-runtime_1.17.13.bb} (100%)
rename meta/recipes-devtools/go/{go_1.17.12.bb => go_1.17.13.bb} (100%)
create mode 100644 meta/recipes-extended/cracklib/cracklib/0001-rules-Drop-using-register-keyword.patch
create mode 100644 meta/recipes-extended/cracklib/cracklib/0002-rules-Correct-parameter-types-to-Debug-calls.patch
create mode 100644 meta/recipes-extended/tcp-wrappers/tcp-wrappers-7.6/0001-Fix-implicit-function-declaration-warnings.patch
delete mode 100644 meta/recipes-graphics/wayland/weston/dont-use-plane-add-prop.patch
rename meta/recipes-graphics/wayland/{weston_10.0.1.bb => weston_10.0.2.bb} (97%)
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2022-34526.patch
rename meta/recipes-multimedia/webp/{libwebp_1.2.2.bb => libwebp_1.2.3.bb} (95%)
create mode 100644 meta/recipes-sato/webkit/libwpe/0001-Fix-build-failure-due-to-libc-using-libc-functions.patch
rename meta/recipes-sato/webkit/{libwpe_1.12.0.bb => libwpe_1.12.2.bb} (72%)
rename meta/recipes-sato/webkit/{webkitgtk_2.36.4.bb => webkitgtk_2.36.5.bb} (98%)
rename meta/recipes-support/iso-codes/{iso-codes_4.10.0.bb => iso-codes_4.11.0.bb} (94%)
rename meta/recipes-support/libcap/{libcap_2.63.bb => libcap_2.65.bb} (96%)
--
2.25.1
^ permalink raw reply [flat|nested] 3+ messages in thread
* [OE-core][kirkstone 00/28] Pull request (cover letter only)
@ 2023-03-08 2:26 Steve Sakoman
2023-03-09 9:25 ` Martin Jansa
0 siblings, 1 reply; 3+ messages in thread
From: Steve Sakoman @ 2023-03-08 2:26 UTC (permalink / raw)
To: openembedded-core
The following changes since commit b20e2134daec33fbb8ce358d984751d887752bd5:
build-appliance-image: Update to kirkstone head revision (2023-02-27 23:39:05 +0000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-next
Alexander Kanavin (4):
vim: update 9.0.1211 -> 9.0.1293 to resolve open CVEs
dbus: upgrade 1.14.4 -> 1.14.6
linux-firmware: upgrade 20230117 -> 20230210
wireless-regdb: upgrade 2022.08.12 -> 2023.02.13
Alexis Lothoré (1):
oeqa/selftest/resulttooltests: fix minor typo
Bruce Ashfield (1):
lttng-modules: fix for kernel 6.2+
Changqing Li (1):
libsdl2: fix CVE-2022-4743
Dmitry Baryshkov (2):
linux-firmware: properly set license for all Qualcomm firmware
linux-firmware: add yamato fw files to qcom-adreno-a2xx package
Federico Pellegrin (1):
curl: fix dependencies when building with ldap/ldaps
Hitendra Prajapati (1):
less: backport the fix for CVE-2022-46663
Joe Slater (1):
nghttp2: never build python bindings
Kai Kang (1):
xserver-xorg: 21.1.6 -> 21.1.7
Mateusz Marciniec (1):
sstatesig: Improve output hash calculation
Mikko Rapeli (2):
oeqa ssh.py: fix hangs in run()
runqemu: kill qemu if it hangs
Narpat Mali (1):
libseccomp: fix for the ptest result format
Pavel Zhukov (1):
wic: Fix usage of fstype=none in wic
Richard Purdie (1):
libssh2: Clean up ptest patch/coverage
Ross Burton (1):
lib/buildstats: handle tasks that never finished
Saul Wold (2):
package.bbclase: Add check for /build in copydebugsources()
busybox: Fix depmod patch
Siddharth Doshi (1):
openssl: Upgrade 3.0.7 -> 3.0.8
Ulrich Ölmann (1):
kernel-yocto: fix kernel-meta data detection
Wang Mingyu (2):
libjpeg-turbo: upgrade 2.1.5 -> 2.1.5.1
xwayland: upgrade 22.1.7 -> 22.1.8
Xiangyu Chen (1):
dhcpcd: fix dhcpcd start failure on qemuppc64
Yash Shinde (1):
binutils : Fix CVE-2023-22608
meta/classes/kernel-yocto.bbclass | 2 +-
meta/classes/package.bbclass | 7 +
meta/lib/oe/sstatesig.py | 4 +
meta/lib/oeqa/core/target/ssh.py | 39 +-
.../oeqa/selftest/cases/resulttooltests.py | 2 +-
.../dhcpcd/dhcpcd_9.4.1.bb | 1 +
...x-SECCOMP_AUDIT_ARCH-missing-ppc64le.patch | 34 ++
.../openssl/openssl/CVE-2022-3996.patch | 43 --
.../{openssl_3.0.7.bb => openssl_3.0.8.bb} | 3 +-
...001-depmod-Ignore-.debug-directories.patch | 2 +-
.../dbus/{dbus_1.14.4.bb => dbus_1.14.6.bb} | 4 +-
.../binutils/binutils-2.38.inc | 3 +
.../binutils/0020-CVE-2023-22608-1.patch | 506 ++++++++++++++++++
.../binutils/0020-CVE-2023-22608-2.patch | 210 ++++++++
.../binutils/0020-CVE-2023-22608-3.patch | 32 ++
.../less/less/CVE-2022-46663.patch | 31 ++
meta/recipes-extended/less/less_600.bb | 1 +
...urbo_2.1.5.bb => libjpeg-turbo_2.1.5.1.bb} | 2 +-
...ial-memory-leak-in-GLES_CreateTextur.patch | 40 ++
.../libsdl2/libsdl2_2.0.20.bb | 1 +
...-xorg_21.1.6.bb => xserver-xorg_21.1.7.bb} | 2 +-
...{xwayland_22.1.7.bb => xwayland_22.1.8.bb} | 2 +-
...20230117.bb => linux-firmware_20230210.bb} | 41 +-
...ccessor-helpers-into-accessors.h-v6..patch | 45 ++
.../lttng/lttng-modules_2.13.8.bb | 1 +
....08.12.bb => wireless-regdb_2023.02.13.bb} | 2 +-
meta/recipes-support/curl/curl_7.82.0.bb | 4 +-
.../libseccomp/files/run-ptest | 3 +
...nviroment-to-decide-if-a-test-is-bui.patch | 44 --
.../libssh2/libssh2/fix-ssh2-test.patch | 23 +
.../libssh2/{files => libssh2}/run-ptest | 3 +-
.../recipes-support/libssh2/libssh2_1.10.0.bb | 3 +-
.../recipes-support/nghttp2/nghttp2_1.47.0.bb | 4 +
meta/recipes-support/vim/vim.inc | 4 +-
scripts/lib/buildstats.py | 33 +-
scripts/lib/wic/partition.py | 5 +
scripts/runqemu | 24 +-
37 files changed, 1075 insertions(+), 135 deletions(-)
create mode 100644 meta/recipes-connectivity/dhcpcd/files/0001-privsep-linux-fix-SECCOMP_AUDIT_ARCH-missing-ppc64le.patch
delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2022-3996.patch
rename meta/recipes-connectivity/openssl/{openssl_3.0.7.bb => openssl_3.0.8.bb} (98%)
rename meta/recipes-core/dbus/{dbus_1.14.4.bb => dbus_1.14.6.bb} (98%)
create mode 100644 meta/recipes-devtools/binutils/binutils/0020-CVE-2023-22608-1.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0020-CVE-2023-22608-2.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0020-CVE-2023-22608-3.patch
create mode 100644 meta/recipes-extended/less/less/CVE-2022-46663.patch
rename meta/recipes-graphics/jpeg/{libjpeg-turbo_2.1.5.bb => libjpeg-turbo_2.1.5.1.bb} (97%)
create mode 100644 meta/recipes-graphics/libsdl2/libsdl2/0001-Fix-potential-memory-leak-in-GLES_CreateTextur.patch
rename meta/recipes-graphics/xorg-xserver/{xserver-xorg_21.1.6.bb => xserver-xorg_21.1.7.bb} (92%)
rename meta/recipes-graphics/xwayland/{xwayland_22.1.7.bb => xwayland_22.1.8.bb} (95%)
rename meta/recipes-kernel/linux-firmware/{linux-firmware_20230117.bb => linux-firmware_20230210.bb} (96%)
create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0001-fix-btrfs-move-accessor-helpers-into-accessors.h-v6..patch
rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2022.08.12.bb => wireless-regdb_2023.02.13.bb} (94%)
delete mode 100644 meta/recipes-support/libssh2/files/0001-Don-t-let-host-enviroment-to-decide-if-a-test-is-bui.patch
create mode 100644 meta/recipes-support/libssh2/libssh2/fix-ssh2-test.patch
rename meta/recipes-support/libssh2/{files => libssh2}/run-ptest (67%)
--
2.34.1
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [OE-core][kirkstone 00/28] Pull request (cover letter only)
2023-03-08 2:26 [OE-core][kirkstone 00/28] Pull request (cover letter only) Steve Sakoman
@ 2023-03-09 9:25 ` Martin Jansa
0 siblings, 0 replies; 3+ messages in thread
From: Martin Jansa @ 2023-03-09 9:25 UTC (permalink / raw)
To: Steve Sakoman; +Cc: openembedded-core
[-- Attachment #1: Type: text/plain, Size: 533 bytes --]
On Wed, Mar 8, 2023 at 3:27 AM Steve Sakoman <steve@sakoman.com> wrote:
> The following changes since commit
> b20e2134daec33fbb8ce358d984751d887752bd5:
>
> build-appliance-image: Update to kirkstone head revision (2023-02-27
> 23:39:05 +0000)
>
> are available in the Git repository at:
>
> https://git.openembedded.org/openembedded-core-contrib
> stable/kirkstone-next
>
> http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-next
Acked-by: Martin Jansa <Martin.Jansa@gmail.com>
[-- Attachment #2: Type: text/html, Size: 1087 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-03-09 9:26 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-03-08 2:26 [OE-core][kirkstone 00/28] Pull request (cover letter only) Steve Sakoman
2023-03-09 9:25 ` Martin Jansa
-- strict thread matches above, loose matches on Subject: below --
2022-08-26 2:33 Steve Sakoman
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.