[OE-core][kirkstone 00/27] Pull request (cover letter only)

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 00/27] Pull request (cover letter only)
Date: Fri,  7 Apr 2023 04:08:40 -1000	[thread overview]
Message-ID: <cover.1680876441.git.steve@sakoman.com> (raw)

This is the final pull request for the 4.0.9 release build.

The following changes since commit 08ab1f02da65ee9815115e6a1cdb51ffed10a2dc:

  systemd: fix wrong nobody-group assignment (2023-03-23 06:42:22 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-next
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-next

Alexander Kanavin (1):
  patchelf: replace a rejected patch with an equivalent
    uninative.bbclass tweak

Bruce Ashfield (10):
  linux-yocto/5.10: update to v5.10.162
  linux-yocto/5.10: update to v5.10.164
  linux-yocto/5.10: update to v5.10.166
  linux-yocto/5.10: update to v5.10.168
  linux-yocto/5.10: update to v5.10.170
  linux-yocto/5.10: update to v5.10.172
  linux-yocto/5.10: update to v5.10.175
  lttng-modules: update to v2.13.9
  linux-yocto/5.15: update to v5.15.98
  linux-yocto/5.15: update to v5.15.103

Geoffrey GIRY (1):
  cve-check: Fix false negative version issue

Khem Raj (2):
  rsync: Add missing prototypes to function declarations
  rsync: Turn on -pedantic-errors at the end of 'configure'

Martin Jansa (2):
  selftest: devtool: set BB_HASHSERVE_UPSTREAM when setting
    SSTATE_MIRROR
  bmap-tools: switch to main branch

Michael Halstead (2):
  uninative: Upgrade to 3.8.1 to include libgcc
  uninative: Upgrade to 3.9 to include glibc 2.37

Peter Marko (1):
  gcc-shared-source: do not use ${S}/.. in deploy_source_date_epoch

Randy MacLeod (1):
  vim: upgrade 9.0.1403 -> 9.0.1429

Ross Burton (1):
  scripts/lib/buildstats: handle top-level build_stats not being
    complete

Sakib Sajal (1):
  go: fix CVE-2022-2879 and CVE-2022-41720

Shubham Kulkarni (1):
  go-runtime: Security fix for CVE-2022-41723

Siddharth Doshi (1):
  openssl: Security fix for CVE-2023-0464, CVE-2023-0465, CVE-2023-0466

Simone Weiss (1):
  json-c: Add ptest for json-c

pawan (2):
  Revert "qemu: fix CVE-2021-3507"
  curl: Add fix for CVE-2023-23916

 meta/classes/cve-check.bbclass                |   5 +-
 meta/classes/uninative.bbclass                |   2 +
 .../distro/include/ptest-packagelists.inc     |   1 +
 meta/conf/distro/include/yocto-uninative.inc  |  10 +-
 meta/lib/oe/cve_check.py                      |  39 ++
 meta/lib/oeqa/selftest/cases/cve_check.py     |  19 +
 meta/lib/oeqa/selftest/cases/devtool.py       |   1 +
 .../openssl/openssl/CVE-2023-0464.patch       | 225 ++++++++
 .../openssl/openssl/CVE-2023-0465.patch       |  56 ++
 .../openssl/openssl/CVE-2023-0466.patch       |  50 ++
 .../openssl/openssl_3.0.8.bb                  |   3 +
 .../gcc/gcc-shared-source.inc                 |   4 +-
 meta/recipes-devtools/go/go-1.17.13.inc       |   3 +
 .../go/go-1.18/CVE-2022-2879.patch            | 177 ++++++
 .../go/go-1.18/CVE-2022-41720.patch           | 514 ++++++++++++++++++
 .../go/go-1.18/CVE-2022-41723.patch           | 156 ++++++
 meta/recipes-devtools/json-c/json-c/run-ptest |  20 +
 meta/recipes-devtools/json-c/json-c_0.15.bb   |  16 +-
 .../patchelf/handle-read-only-files.patch     |  65 ---
 .../patchelf/patchelf_0.14.5.bb               |   1 -
 meta/recipes-devtools/qemu/qemu.inc           |   2 -
 .../qemu/qemu/CVE-2021-3507_1.patch           |  92 ----
 .../qemu/qemu/CVE-2021-3507_2.patch           | 115 ----
 ...-prototypes-to-function-declarations.patch | 173 ++++++
 ...antic-errors-at-the-end-of-configure.patch |  68 +++
 meta/recipes-devtools/rsync/rsync_3.2.5.bb    |   2 +
 .../linux/linux-yocto-rt_5.10.bb              |   6 +-
 .../linux/linux-yocto-rt_5.15.bb              |   6 +-
 .../linux/linux-yocto-tiny_5.10.bb            |   8 +-
 .../linux/linux-yocto-tiny_5.15.bb            |   6 +-
 meta/recipes-kernel/linux/linux-yocto_5.10.bb |  24 +-
 meta/recipes-kernel/linux/linux-yocto_5.15.bb |  26 +-
 ...ccessor-helpers-into-accessors.h-v6..patch |  45 --
 .../fix-jbd2-upper-bound-for-v5.10.163.patch  |  52 --
 ...e-the-correct-print-format-v5.10.163.patch |  61 ---
 ...ules_2.13.8.bb => lttng-modules_2.13.9.bb} |   5 +-
 .../bmap-tools/bmap-tools_git.bb              |   2 +-
 .../curl/curl/CVE-2023-23916.patch            | 219 ++++++++
 meta/recipes-support/curl/curl_7.82.0.bb      |   1 +
 meta/recipes-support/vim/vim.inc              |   4 +-
 scripts/lib/buildstats.py                     |   1 +
 41 files changed, 1797 insertions(+), 488 deletions(-)
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2023-0464.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2023-0465.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2023-0466.patch
 create mode 100644 meta/recipes-devtools/go/go-1.18/CVE-2022-2879.patch
 create mode 100644 meta/recipes-devtools/go/go-1.18/CVE-2022-41720.patch
 create mode 100644 meta/recipes-devtools/go/go-1.18/CVE-2022-41723.patch
 create mode 100644 meta/recipes-devtools/json-c/json-c/run-ptest
 delete mode 100644 meta/recipes-devtools/patchelf/patchelf/handle-read-only-files.patch
 delete mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3507_1.patch
 delete mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3507_2.patch
 create mode 100644 meta/recipes-devtools/rsync/files/0001-Add-missing-prototypes-to-function-declarations.patch
 create mode 100644 meta/recipes-devtools/rsync/files/0001-Turn-on-pedantic-errors-at-the-end-of-configure.patch
 delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/0001-fix-btrfs-move-accessor-helpers-into-accessors.h-v6..patch
 delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/fix-jbd2-upper-bound-for-v5.10.163.patch
 delete mode 100644 meta/recipes-kernel/lttng/lttng-modules/fix-jbd2-use-the-correct-print-format-v5.10.163.patch
 rename meta/recipes-kernel/lttng/{lttng-modules_2.13.8.bb => lttng-modules_2.13.9.bb} (83%)
 create mode 100644 meta/recipes-support/curl/curl/CVE-2023-23916.patch

-- 
2.34.1

next             reply	other threads:[~2023-04-07 14:08 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-04-07 14:08 Steve Sakoman [this message]
  -- strict thread matches above, loose matches on Subject: below --
2023-02-15 14:01 [OE-core][kirkstone 00/27] Pull request (cover letter only) Steve Sakoman
2022-07-15 21:48 Steve Sakoman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=cover.1680876441.git.steve@sakoman.com \
    --to=steve@sakoman.com \
    --cc=openembedded-core@lists.openembedded.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.