From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 00/10] Patch review
Date: Thu, 29 Jun 2023 16:33:13 -1000 [thread overview]
Message-ID: <cover.1688092252.git.steve@sakoman.com> (raw)
Please review this set of changes for dunfell and have comments back by
end of day Monday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5542
The following changes since commit 2aa82324d43467e7c8bfbbb59570ee3306264b75:
systemd-systemctl: support instance expansion in WantedBy (2023-06-19 06:23:31 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
Ashish Sharma (1):
go: Backport fix CVE-2023-29405
Bruce Ashfield (5):
linux-yocto/5.4: update to v5.4.246
linux-yocto/5.4: update to v5.4.247
linux-yocto/5.4: update to v5.4.248
linux-yocto-rt/54: fix 5.4-rt build breakage
linux-yocto/5.4: cfg: fix DECNET configuration warning
Hitendra Prajapati (1):
go: fix CVE-2023-29402 & CVE-2023-29404
Ross Burton (1):
ninja: Whitelist CVE-2021-4336, wrong ninja
Vijay Anusuri (2):
libjpeg-turbo: CVE-2020-35538 Null pointer dereference in
jcopy_sample_rows() function
libcap: backport Debian patches to fix CVE-2023-2602 and CVE-2023-2603
meta/recipes-devtools/go/go-1.14.inc | 4 +
.../go/go-1.14/CVE-2023-29402.patch | 201 ++++++++
.../go/go-1.14/CVE-2023-29404.patch | 84 ++++
.../go/go-1.14/CVE-2023-29405-1.patch | 112 +++++
.../go/go-1.14/CVE-2023-29405-2.patch | 38 ++
meta/recipes-devtools/ninja/ninja_1.10.0.bb | 3 +
.../jpeg/files/CVE-2020-35538-1.patch | 457 ++++++++++++++++++
.../jpeg/files/CVE-2020-35538-2.patch | 400 +++++++++++++++
.../jpeg/libjpeg-turbo_2.0.4.bb | 2 +
.../linux/linux-yocto-rt_5.4.bb | 6 +-
.../linux/linux-yocto-tiny_5.4.bb | 8 +-
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +-
.../libcap/files/CVE-2023-2602.patch | 52 ++
.../libcap/files/CVE-2023-2603.patch | 58 +++
meta/recipes-support/libcap/libcap_2.32.bb | 2 +
15 files changed, 1431 insertions(+), 18 deletions(-)
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-29402.patch
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-29404.patch
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-29405-1.patch
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-29405-2.patch
create mode 100644 meta/recipes-graphics/jpeg/files/CVE-2020-35538-1.patch
create mode 100644 meta/recipes-graphics/jpeg/files/CVE-2020-35538-2.patch
create mode 100644 meta/recipes-support/libcap/files/CVE-2023-2602.patch
create mode 100644 meta/recipes-support/libcap/files/CVE-2023-2603.patch
--
2.34.1
next reply other threads:[~2023-06-30 2:33 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-30 2:33 Steve Sakoman [this message]
2023-06-30 2:33 ` [OE-core][dunfell 01/10] libjpeg-turbo: CVE-2020-35538 Null pointer dereference in jcopy_sample_rows() function Steve Sakoman
2023-06-30 2:33 ` [OE-core][dunfell 02/10] ninja: Whitelist CVE-2021-4336, wrong ninja Steve Sakoman
2023-06-30 2:33 ` [OE-core][dunfell 03/10] go: Backport fix CVE-2023-29405 Steve Sakoman
2023-06-30 2:33 ` [OE-core][dunfell 04/10] go: fix CVE-2023-29402 & CVE-2023-29404 Steve Sakoman
2023-06-30 2:33 ` [OE-core][dunfell 05/10] libcap: backport Debian patches to fix CVE-2023-2602 and CVE-2023-2603 Steve Sakoman
2023-06-30 2:33 ` [OE-core][dunfell 06/10] linux-yocto/5.4: update to v5.4.246 Steve Sakoman
2023-06-30 2:33 ` [OE-core][dunfell 07/10] linux-yocto/5.4: update to v5.4.247 Steve Sakoman
2023-06-30 2:33 ` [OE-core][dunfell 08/10] linux-yocto/5.4: update to v5.4.248 Steve Sakoman
2023-06-30 2:33 ` [OE-core][dunfell 09/10] linux-yocto-rt/54: fix 5.4-rt build breakage Steve Sakoman
2023-06-30 2:33 ` [OE-core][dunfell 10/10] linux-yocto/5.4: cfg: fix DECNET configuration warning Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2023-10-17 18:42 [OE-core][dunfell 00/10] Patch review Steve Sakoman
2022-03-27 16:40 Steve Sakoman
2021-12-13 15:36 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1688092252.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.