From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 00/13] Patch review
Date: Tue, 18 Jul 2023 06:00:51 -1000 [thread overview]
Message-ID: <cover.1689690585.git.steve@sakoman.com> (raw)
Please review this set of changes for dunfell and have comments back by
end of day Thursday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5614
The following changes since commit b3fc8ef9aba822b3d485242c8ebd0e0bff0ebfc8:
cve-update-nvd2-native: actually use API keys (2023-07-13 06:54:58 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
Alexander Kanavin (2):
linux-firmware: upgrade 20230404 -> 20230515
wireless-regdb: upgrade 2023.02.13 -> 2023.05.03
Anthony Bagwell (1):
kernel-fitimage: fix dtbo support for fit images
Ashish Sharma (1):
go: Fix CVE-2023-29400
Deepthi Hemraj (1):
glibc: stable 2.31 branch updates.
Nikhil R (1):
libpng: Add ptest for libpng
Poonam Jadhav (1):
libx11: Fix CVE-2023-3138 for dunfell branch
Priyal Doshi (1):
tzdata: upgrade to 2023c
Tom Hochstein (1):
cmake: Fix CMAKE_SYSTEM_PROCESSOR setting for SDK
Trevor Gamblin (1):
vim: upgrade 9.0.1527 -> 9.0.1592
Vijay Anusuri (1):
qemu: backport Debian patch to fix CVE-2023-0330
Vivek Kumbhar (2):
curl: fix CVE-2023-28320 siglongjmp race condition may lead to crash
python3: fix CVE-2023-24329 urllib.parse url blocklisting bypass
meta/classes/kernel-fitimage.bbclass | 2 +-
.../distro/include/ptest-packagelists.inc | 1 +
meta/recipes-core/glibc/glibc-version.inc | 2 +-
.../cmake/cmake/OEToolchainConfig.cmake | 5 +-
meta/recipes-devtools/go/go-1.14.inc | 1 +
.../go/go-1.14/CVE-2023-29400.patch | 94 +++++++++
.../python/python3/CVE-2023-24329.patch | 80 +++++++
.../recipes-devtools/python/python3_3.8.17.bb | 1 +
meta/recipes-devtools/qemu/qemu.inc | 1 +
.../qemu/qemu/CVE-2023-0330.patch | 77 +++++++
meta/recipes-extended/timezone/timezone.inc | 6 +-
.../xorg-lib/libx11/CVE-2023-3138.patch | 111 ++++++++++
.../recipes-graphics/xorg-lib/libx11_1.6.9.bb | 1 +
...20230404.bb => linux-firmware_20230515.bb} | 4 +-
....02.13.bb => wireless-regdb_2023.05.03.bb} | 2 +-
.../recipes-multimedia/libpng/files/run-ptest | 29 +++
.../libpng/libpng_1.6.37.bb | 15 +-
.../curl/curl/CVE-2023-28320-fol1.patch | 197 ++++++++++++++++++
.../curl/curl/CVE-2023-28320.patch | 86 ++++++++
meta/recipes-support/curl/curl_7.69.1.bb | 2 +
meta/recipes-support/vim/vim.inc | 4 +-
21 files changed, 705 insertions(+), 16 deletions(-)
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-29400.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2023-24329.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-0330.patch
create mode 100644 meta/recipes-graphics/xorg-lib/libx11/CVE-2023-3138.patch
rename meta/recipes-kernel/linux-firmware/{linux-firmware_20230404.bb => linux-firmware_20230515.bb} (99%)
rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2023.02.13.bb => wireless-regdb_2023.05.03.bb} (94%)
create mode 100644 meta/recipes-multimedia/libpng/files/run-ptest
create mode 100644 meta/recipes-support/curl/curl/CVE-2023-28320-fol1.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2023-28320.patch
--
2.34.1
next reply other threads:[~2023-07-18 16:01 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-18 16:00 Steve Sakoman [this message]
2023-07-18 16:00 ` [OE-core][dunfell 01/13] libx11: Fix CVE-2023-3138 for dunfell branch Steve Sakoman
2023-07-18 16:00 ` [OE-core][dunfell 02/13] go: Fix CVE-2023-29400 Steve Sakoman
2023-07-18 16:00 ` [OE-core][dunfell 03/13] curl: fix CVE-2023-28320 siglongjmp race condition may lead to crash Steve Sakoman
2023-07-18 16:00 ` [OE-core][dunfell 04/13] python3: fix CVE-2023-24329 urllib.parse url blocklisting bypass Steve Sakoman
2023-07-18 16:00 ` [OE-core][dunfell 05/13] qemu: backport Debian patch to fix CVE-2023-0330 Steve Sakoman
2023-07-18 16:00 ` [OE-core][dunfell 06/13] tzdata: upgrade to 2023c Steve Sakoman
2023-07-18 16:00 ` [OE-core][dunfell 07/13] glibc: stable 2.31 branch updates Steve Sakoman
2023-07-18 16:00 ` [OE-core][dunfell 08/13] linux-firmware: upgrade 20230404 -> 20230515 Steve Sakoman
2023-07-18 16:01 ` [OE-core][dunfell 09/13] wireless-regdb: upgrade 2023.02.13 -> 2023.05.03 Steve Sakoman
2023-07-18 16:01 ` [OE-core][dunfell 10/13] vim: upgrade 9.0.1527 -> 9.0.1592 Steve Sakoman
2023-07-18 16:01 ` [OE-core][dunfell 11/13] kernel-fitimage: fix dtbo support for fit images Steve Sakoman
2023-07-18 16:01 ` [OE-core][dunfell 12/13] libpng: Add ptest for libpng Steve Sakoman
2023-07-18 16:01 ` [OE-core][dunfell 13/13] cmake: Fix CMAKE_SYSTEM_PROCESSOR setting for SDK Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2023-11-28 22:52 [OE-core][dunfell 00/13] Patch review Steve Sakoman
2023-09-30 19:39 Steve Sakoman
2022-12-16 14:57 Steve Sakoman
2022-03-21 22:29 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1689690585.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.