From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 00/13] Patch review
Date: Sat, 29 Apr 2023 07:20:20 -1000 [thread overview]
Message-ID: <cover.1682788726.git.steve@sakoman.com> (raw)
Please review this set of patches for kirkstone and have comments back by
end of day Tuesday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5234
The following changes since commit 15c07dff384ce4fb0e90f4f32c182a82101a1c82:
go: fix CVE-2023-24537 Infinite loop in parsing (2023-04-21 03:57:50 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Archana Polampalli (1):
nasm: fix CVE-2022-44370
Bruce Ashfield (3):
linux-yocto/5.15: update to v5.15.106
linux-yocto/5.15: update to v5.15.107
linux-yocto/5.15: update to v5.15.108
Christoph Lauer (1):
populate_sdk_base: add zip options
Deepthi Hemraj (1):
glibc: stable 2.35 branch updates.
Joe Slater (1):
ghostscript: fix CVE-2023-29979
Mingli Yu (1):
ruby: Fix CVE-2023-28755
Pascal Bach (1):
cmake: add CMAKE_SYSROOT to generated toolchain file
Ross Burton (1):
xserver-xorg: backport fix for CVE-2023-1393
Virendra Thakur (1):
qemu: Whitelist CVE-2023-0664
Yogita Urade (2):
xorg-lib-common: Add variable to set tarball type
libxpm: upgrade 3.5.13 -> 3.5.15
meta/classes/cmake.bbclass | 5 +
meta/classes/populate_sdk_base.bbclass | 4 +-
meta/recipes-core/glibc/glibc-version.inc | 2 +-
.../nasm/nasm/CVE-2022-44370.patch | 104 ++++++++++++++++++
meta/recipes-devtools/nasm/nasm_2.15.05.bb | 1 +
meta/recipes-devtools/qemu/qemu.inc | 5 +
.../ruby/ruby/CVE-2023-28755.patch | 68 ++++++++++++
meta/recipes-devtools/ruby/ruby_3.1.3.bb | 1 +
.../ghostscript/cve-2023-28879.patch | 60 ++++++++++
.../ghostscript/ghostscript_9.55.0.bb | 1 +
.../{libxpm_3.5.13.bb => libxpm_3.5.15.bb} | 8 +-
.../xorg-lib/xorg-lib-common.inc | 3 +-
...posite-Fix-use-after-free-of-the-COW.patch | 46 ++++++++
.../xorg-xserver/xserver-xorg_21.1.7.bb | 3 +-
.../linux/linux-yocto-rt_5.15.bb | 6 +-
.../linux/linux-yocto-tiny_5.15.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 ++---
17 files changed, 323 insertions(+), 26 deletions(-)
create mode 100644 meta/recipes-devtools/nasm/nasm/CVE-2022-44370.patch
create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2023-28755.patch
create mode 100644 meta/recipes-extended/ghostscript/ghostscript/cve-2023-28879.patch
rename meta/recipes-graphics/xorg-lib/{libxpm_3.5.13.bb => libxpm_3.5.15.bb} (67%)
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-composite-Fix-use-after-free-of-the-COW.patch
--
2.34.1
next reply other threads:[~2023-04-29 17:20 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-04-29 17:20 Steve Sakoman [this message]
2023-04-29 17:20 ` [OE-core][kirkstone 01/13] ruby: Fix CVE-2023-28755 Steve Sakoman
2023-04-29 17:20 ` [OE-core][kirkstone 02/13] ghostscript: fix CVE-2023-29979 Steve Sakoman
2023-04-29 17:20 ` [OE-core][kirkstone 03/13] xserver-xorg: backport fix for CVE-2023-1393 Steve Sakoman
2023-04-29 17:20 ` [OE-core][kirkstone 04/13] nasm: fix CVE-2022-44370 Steve Sakoman
2023-04-29 17:20 ` [OE-core][kirkstone 05/13] qemu: Whitelist CVE-2023-0664 Steve Sakoman
2023-04-29 17:20 ` [OE-core][kirkstone 06/13] linux-yocto/5.15: update to v5.15.106 Steve Sakoman
2023-04-29 17:20 ` [OE-core][kirkstone 07/13] linux-yocto/5.15: update to v5.15.107 Steve Sakoman
2023-04-29 17:20 ` [OE-core][kirkstone 08/13] linux-yocto/5.15: update to v5.15.108 Steve Sakoman
2023-04-29 17:20 ` [OE-core][kirkstone 09/13] xorg-lib-common: Add variable to set tarball type Steve Sakoman
2023-04-29 17:20 ` [OE-core][kirkstone 10/13] libxpm: upgrade 3.5.13 -> 3.5.15 Steve Sakoman
2023-04-29 17:20 ` [OE-core][kirkstone 11/13] cmake: add CMAKE_SYSROOT to generated toolchain file Steve Sakoman
2023-04-29 17:20 ` [OE-core][kirkstone 12/13] populate_sdk_base: add zip options Steve Sakoman
2023-04-29 17:20 ` [OE-core][kirkstone 13/13] glibc: stable 2.35 branch updates Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2025-01-07 13:31 [OE-core][kirkstone 00/13] Patch review Steve Sakoman
2023-10-14 21:44 Steve Sakoman
2023-05-31 2:34 Steve Sakoman
2023-02-01 22:15 Steve Sakoman
2022-10-17 23:08 Steve Sakoman
2022-06-21 23:27 Steve Sakoman
2022-06-06 14:38 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1682788726.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.