From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][mickledore 00/26] Patch review
Date: Fri, 14 Jul 2023 12:32:34 -1000 [thread overview]
Message-ID: <cover.1689373875.git.steve@sakoman.com> (raw)
Please review this set of changes for mickledore and have comments back by
end of day Tuesday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5600
The following changes since commit 64784e90c5ff559f4da6faadb970cc7aff549592:
cve-update-nvd2-native: actually use API keys (2023-07-13 06:35:20 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/mickledore-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/mickledore-nut
Alejandro Hernandez Samaniego (1):
baremetal-helloworld: Fix race condition
Alexander Kanavin (4):
diffutils: update 3.9 -> 3.10
libproxy: fetch from git
cargo.bbclass: set up cargo environment in common do_compile
rust-common.bbclass: move musl-specific linking fix from
rust-source.inc
Changqing Li (1):
erofs-utils: fix CVE-2023-33551/CVE-2023-33552
Chee Yang Lee (1):
python3-requests: fix CVE-2023-32681
Etienne Cordonnier (1):
libxcrypt: fix hard-coded ".so" extension
Joe Slater (1):
ghostscript: fix CVE-2023-36664
Jose Quaresma (4):
kernel: config modules directories are handled by kernel-module-split
kernel-module-split: install config modules directories only when they
are needed
kernel-module-split: use context manager to open files
kernel-module-split: make autoload and probeconf distribution specific
Martin Jansa (2):
selftest: multiconfig-image-packager: try to respect IMAGE_LINK_NAME
image-artifact-names: include ${IMAGE_NAME_SUFFIX} directly in both
${IMAGE_NAME} and ${IMAGE_LINK_NAME}
Thomas Roos (1):
testimage/oeqa: Drop testimage_dump_host functionality
Tom Hochstein (1):
weston: Cleanup and fix x11 and xwayland dependencies
Wang Mingyu (6):
freetype: upgrade 2.13.0 -> 2.13.1
gstreamer1.0: upgrade 1.22.3 -> 1.22.4
libassuan: upgrade 2.5.5 -> 2.5.6
libksba: upgrade 1.6.3 -> 1.6.4
libx11: upgrade 1.8.5 -> 1.8.6
lttng-ust: upgrade 2.13.5 -> 2.13.6
Yi Zhao (1):
ifupdown: install missing directories
Yoann Congal (1):
recipetool: Fix inherit in created -native* recipes
Yogita Urade (1):
dmidecode: fix CVE-2023-30630
.../multiconfig-image-packager_0.1.bb | 18 +-
meta/classes-recipe/cargo.bbclass | 1 -
meta/classes-recipe/cargo_common.bbclass | 4 +
.../image-artifact-names.bbclass | 3 +-
meta/classes-recipe/image-live.bbclass | 1 -
meta/classes-recipe/image.bbclass | 7 +-
meta/classes-recipe/image_types.bbclass | 108 ++++----
meta/classes-recipe/image_types_wic.bbclass | 2 +-
.../kernel-module-split.bbclass | 65 +++--
meta/classes-recipe/kernel.bbclass | 2 -
.../rootfs-postcommands.bbclass | 2 +-
meta/classes-recipe/rust-common.bbclass | 4 +
meta/classes-recipe/testexport.bbclass | 6 +-
meta/classes-recipe/testimage.bbclass | 20 +-
meta/classes/cve-check.bbclass | 4 +-
meta/lib/oeqa/core/target/qemu.py | 5 +-
meta/lib/oeqa/runtime/context.py | 11 +-
meta/lib/oeqa/selftest/cases/fitimage.py | 2 +
meta/lib/oeqa/targetcontrol.py | 2 -
meta/lib/oeqa/utils/dump.py | 20 +-
meta/lib/oeqa/utils/qemurunner.py | 18 +-
meta/recipes-core/ifupdown/ifupdown_0.8.41.bb | 5 +
.../images/build-appliance-image_15.0.0.bb | 6 +-
meta/recipes-core/libxcrypt/libxcrypt.inc | 6 -
.../dmidecode/CVE-2023-30630_1.patch | 237 ++++++++++++++++++
.../dmidecode/CVE-2023-30630_2.patch | 81 ++++++
.../dmidecode/CVE-2023-30630_3.patch | 69 +++++
.../dmidecode/CVE-2023-30630_4.patch | 137 ++++++++++
.../dmidecode/dmidecode_3.4.bb | 4 +
.../erofs-utils/CVE-2023-33551.patch | 80 ++++++
.../erofs-utils/CVE-2023-33552-1.patch | 221 ++++++++++++++++
.../erofs-utils/CVE-2023-33552-2.patch | 97 +++++++
.../erofs-utils/CVE-2023-33552-3.patch | 127 ++++++++++
.../erofs-utils/erofs-utils_1.5.bb | 4 +
.../python3-requests/CVE-2023-32681.patch | 61 +++++
.../python/python3-requests_2.28.2.bb | 2 +
meta/recipes-devtools/rust/rust-source.inc | 5 -
.../baremetal-helloworld_git.bb | 2 +-
...001-Skip-strip-trailing-cr-test-case.patch | 19 +-
.../{diffutils_3.9.bb => diffutils_3.10.bb} | 2 +-
.../ghostscript/cve-2023-36664.patch | 165 ++++++++++++
.../ghostscript/ghostscript_10.0.0.bb | 1 +
...{freetype_2.13.0.bb => freetype_2.13.1.bb} | 2 +-
.../recipes-graphics/wayland/weston_11.0.1.bb | 4 +-
.../{libx11_1.8.5.bb => libx11_1.8.6.bb} | 2 +-
...ttng-ust_2.13.5.bb => lttng-ust_2.13.6.bb} | 2 +-
...tools_1.22.3.bb => gst-devtools_1.22.4.bb} | 2 +-
...1.22.3.bb => gstreamer1.0-libav_1.22.4.bb} | 2 +-
...x_1.22.3.bb => gstreamer1.0-omx_1.22.4.bb} | 2 +-
....bb => gstreamer1.0-plugins-bad_1.22.4.bb} | 2 +-
...bb => gstreamer1.0-plugins-base_1.22.4.bb} | 2 +-
...bb => gstreamer1.0-plugins-good_1.22.4.bb} | 2 +-
...bb => gstreamer1.0-plugins-ugly_1.22.4.bb} | 2 +-
....22.3.bb => gstreamer1.0-python_1.22.4.bb} | 2 +-
....bb => gstreamer1.0-rtsp-server_1.22.4.bb} | 2 +-
...1.22.3.bb => gstreamer1.0-vaapi_1.22.4.bb} | 2 +-
...er1.0_1.22.3.bb => gstreamer1.0_1.22.4.bb} | 2 +-
...{libassuan_2.5.5.bb => libassuan_2.5.6.bb} | 2 +-
.../{libksba_1.6.3.bb => libksba_1.6.4.bb} | 2 +-
.../libproxy/libproxy_0.4.18.bb | 7 +-
scripts/lib/recipetool/create.py | 4 +
61 files changed, 1455 insertions(+), 228 deletions(-)
create mode 100644 meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630_1.patch
create mode 100644 meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630_2.patch
create mode 100644 meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630_3.patch
create mode 100644 meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630_4.patch
create mode 100644 meta/recipes-devtools/erofs-utils/erofs-utils/CVE-2023-33551.patch
create mode 100644 meta/recipes-devtools/erofs-utils/erofs-utils/CVE-2023-33552-1.patch
create mode 100644 meta/recipes-devtools/erofs-utils/erofs-utils/CVE-2023-33552-2.patch
create mode 100644 meta/recipes-devtools/erofs-utils/erofs-utils/CVE-2023-33552-3.patch
create mode 100644 meta/recipes-devtools/python/python3-requests/CVE-2023-32681.patch
rename meta/recipes-extended/diffutils/{diffutils_3.9.bb => diffutils_3.10.bb} (93%)
create mode 100644 meta/recipes-extended/ghostscript/ghostscript/cve-2023-36664.patch
rename meta/recipes-graphics/freetype/{freetype_2.13.0.bb => freetype_2.13.1.bb} (95%)
rename meta/recipes-graphics/xorg-lib/{libx11_1.8.5.bb => libx11_1.8.6.bb} (92%)
rename meta/recipes-kernel/lttng/{lttng-ust_2.13.5.bb => lttng-ust_2.13.6.bb} (95%)
rename meta/recipes-multimedia/gstreamer/{gst-devtools_1.22.3.bb => gst-devtools_1.22.4.bb} (95%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-libav_1.22.3.bb => gstreamer1.0-libav_1.22.4.bb} (91%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-omx_1.22.3.bb => gstreamer1.0-omx_1.22.4.bb} (95%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-bad_1.22.3.bb => gstreamer1.0-plugins-bad_1.22.4.bb} (98%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-base_1.22.3.bb => gstreamer1.0-plugins-base_1.22.4.bb} (97%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-good_1.22.3.bb => gstreamer1.0-plugins-good_1.22.4.bb} (97%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-ugly_1.22.3.bb => gstreamer1.0-plugins-ugly_1.22.4.bb} (94%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-python_1.22.3.bb => gstreamer1.0-python_1.22.4.bb} (91%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-rtsp-server_1.22.3.bb => gstreamer1.0-rtsp-server_1.22.4.bb} (90%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-vaapi_1.22.3.bb => gstreamer1.0-vaapi_1.22.4.bb} (95%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0_1.22.3.bb => gstreamer1.0_1.22.4.bb} (97%)
rename meta/recipes-support/libassuan/{libassuan_2.5.5.bb => libassuan_2.5.6.bb} (93%)
rename meta/recipes-support/libksba/{libksba_1.6.3.bb => libksba_1.6.4.bb} (94%)
--
2.34.1
next reply other threads:[~2023-07-14 22:33 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-14 22:32 Steve Sakoman [this message]
2023-07-14 22:32 ` [OE-core][mickledore 01/26] python3-requests: fix CVE-2023-32681 Steve Sakoman
2023-07-14 22:32 ` [OE-core][mickledore 02/26] dmidecode: fix CVE-2023-30630 Steve Sakoman
2023-07-18 21:48 ` Randy MacLeod
2023-07-18 22:18 ` Richard Purdie
2023-07-18 22:32 ` Steve Sakoman
2023-07-19 0:06 ` Randy MacLeod
2023-07-20 23:28 ` Randy MacLeod
2023-07-14 22:32 ` [OE-core][mickledore 03/26] ghostscript: fix CVE-2023-36664 Steve Sakoman
2023-07-14 22:32 ` [OE-core][mickledore 04/26] erofs-utils: fix CVE-2023-33551/CVE-2023-33552 Steve Sakoman
2023-07-14 22:32 ` [OE-core][mickledore 05/26] diffutils: update 3.9 -> 3.10 Steve Sakoman
2023-07-14 22:32 ` [OE-core][mickledore 06/26] freetype: upgrade 2.13.0 -> 2.13.1 Steve Sakoman
2023-07-14 22:32 ` [OE-core][mickledore 07/26] gstreamer1.0: upgrade 1.22.3 -> 1.22.4 Steve Sakoman
2023-07-14 22:32 ` [OE-core][mickledore 08/26] libassuan: upgrade 2.5.5 -> 2.5.6 Steve Sakoman
2023-07-14 22:32 ` [OE-core][mickledore 09/26] libksba: upgrade 1.6.3 -> 1.6.4 Steve Sakoman
2023-07-14 22:32 ` [OE-core][mickledore 10/26] libx11: upgrade 1.8.5 -> 1.8.6 Steve Sakoman
2023-07-14 22:32 ` [OE-core][mickledore 11/26] lttng-ust: upgrade 2.13.5 -> 2.13.6 Steve Sakoman
2023-07-14 22:32 ` [OE-core][mickledore 12/26] libproxy: fetch from git Steve Sakoman
2023-07-14 22:32 ` [OE-core][mickledore 13/26] weston: Cleanup and fix x11 and xwayland dependencies Steve Sakoman
2023-07-14 22:32 ` [OE-core][mickledore 14/26] baremetal-helloworld: Fix race condition Steve Sakoman
2023-07-14 22:32 ` [OE-core][mickledore 15/26] cargo.bbclass: set up cargo environment in common do_compile Steve Sakoman
2023-07-14 22:32 ` [OE-core][mickledore 16/26] rust-common.bbclass: move musl-specific linking fix from rust-source.inc Steve Sakoman
2023-07-14 22:32 ` [OE-core][mickledore 17/26] libxcrypt: fix hard-coded ".so" extension Steve Sakoman
2023-07-14 22:32 ` [OE-core][mickledore 18/26] ifupdown: install missing directories Steve Sakoman
2023-07-14 22:32 ` [OE-core][mickledore 19/26] recipetool: Fix inherit in created -native* recipes Steve Sakoman
2023-07-14 22:32 ` [OE-core][mickledore 20/26] kernel: config modules directories are handled by kernel-module-split Steve Sakoman
2023-07-14 22:32 ` [OE-core][mickledore 21/26] kernel-module-split: install config modules directories only when they are needed Steve Sakoman
2023-07-14 22:32 ` [OE-core][mickledore 22/26] kernel-module-split: use context manager to open files Steve Sakoman
2023-07-14 22:32 ` [OE-core][mickledore 23/26] kernel-module-split: make autoload and probeconf distribution specific Steve Sakoman
2023-07-14 22:32 ` [OE-core][mickledore 24/26] testimage/oeqa: Drop testimage_dump_host functionality Steve Sakoman
2023-07-14 22:32 ` [OE-core][mickledore 25/26] selftest: multiconfig-image-packager: try to respect IMAGE_LINK_NAME Steve Sakoman
2023-07-14 22:33 ` [OE-core][mickledore 26/26] image-artifact-names: include ${IMAGE_NAME_SUFFIX} directly in both ${IMAGE_NAME} and ${IMAGE_LINK_NAME} Steve Sakoman
2023-07-17 8:38 ` Martin Jansa
2023-07-17 9:23 ` Richard Purdie
2023-07-17 14:26 ` Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1689373875.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.