From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 00/30] Patch review
Date: Sun, 30 Jul 2023 08:00:23 -1000 [thread overview]
Message-ID: <cover.1690739937.git.steve@sakoman.com> (raw)
Please review this set of changes for kirkstone and have comments back by
end of day Tuesday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5667
The following changes since commit e7d3e02a624f7ce23d012bb11ad1df2049066b37:
package.bbclass: moving field data process before variable process in process_pkgconfig (2023-07-21 07:14:06 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Alexander Kanavin (1):
diffutils: update 3.9 -> 3.10
Andrej Valek (1):
kernel: add missing path to search for debug files
Archana Polampalli (1):
openssh: fix CVE-2023-38408
Benjamin Bouvier (1):
util-linux: add alternative links for ipcs,ipcrm
Hitendra Prajapati (3):
tiff: fix multiple CVEs
tiff: fix multiple CVEs
libtiff: fix CVE-2023-26965 heap-based use after free
Jose Quaresma (2):
openssl: add PERLEXTERNAL path to test its existence
openssl: use a glob on the PERLEXTERNAL to track updates on the path
Khem Raj (1):
meson.bbclass: Point to llvm-config from native sysroot
Martin Jansa (1):
libxcrypt: fix build with perl-5.38 and use master branch
Ovidiu Panait (4):
mdadm: fix util-linux ptest dependency
mdadm: fix 07revert-inplace ptest
mdadm: fix segfaults when running ptests
mdadm: skip running known broken ptests
Peter Marko (2):
libjpeg-turbo: patch CVE-2023-2804
python3: ignore CVE-2023-36632
Quentin Schulz (1):
uboot-extlinux-config.bbclass: fix old override syntax in comment
Ross Burton (2):
python3: fix missing comma in get_module_deps3.py
oeqa/runtime/cases/rpm: fix wait_for_no_process_for_user failure case
Sundeep KOKKONDA (1):
gcc : upgrade to v11.4
Tim Orling (1):
python3: upgrade 3.10.9 -> 3.10.12
Vivek Kumbhar (1):
go: fix CVE-2023-29406 net/http insufficient sanitization of Host
header
Wang Mingyu (3):
libassuan: upgrade 2.5.5 -> 2.5.6
libksba: upgrade 1.6.3 -> 1.6.4
lttng-ust: upgrade 2.13.5 -> 2.13.6
Yoann Congal (2):
recipetool: Fix inherit in created -native* recipes
oeqa/selftest/devtool: add unit test for "devtool add -b"
Yogita Urade (1):
dmidecode: fix CVE-2023-30630
Yuta Hayama (1):
systemd-systemctl: fix errors in instance name expansion
meta/classes/kernel.bbclass | 1 +
meta/classes/meson.bbclass | 1 +
meta/classes/uboot-extlinux-config.bbclass | 8 +-
meta/conf/distro/include/maintainers.inc | 2 +-
meta/lib/oeqa/runtime/cases/rpm.py | 4 +-
meta/lib/oeqa/selftest/cases/devtool.py | 32 +
.../openssh/openssh/CVE-2023-38408-0001.patch | 585 ++++++++++++++++++
.../openssh/openssh/CVE-2023-38408-0002.patch | 173 ++++++
.../openssh/openssh/CVE-2023-38408-0003.patch | 36 ++
.../openssh/openssh/CVE-2023-38408-0004.patch | 114 ++++
.../openssh/openssh_8.9p1.bb | 4 +
.../openssl/openssl_3.0.9.bb | 4 +-
...ommon.pm-compatible-with-latest-perl.patch | 50 ++
...ve-smartmatch-usage-from-gen-crypt-h.patch | 62 ++
meta/recipes-core/libxcrypt/libxcrypt.inc | 7 +-
.../systemd/systemd-systemctl/systemctl | 2 +-
.../util-linux/util-linux_2.37.4.bb | 2 +
.../dmidecode/CVE-2023-30630_1.patch | 237 +++++++
.../dmidecode/CVE-2023-30630_2.patch | 80 +++
.../dmidecode/CVE-2023-30630_3.patch | 69 +++
.../dmidecode/CVE-2023-30630_4.patch | 137 ++++
.../dmidecode/dmidecode_3.3.bb | 4 +
.../gcc/{gcc-11.3.inc => gcc-11.4.inc} | 6 +-
...ian_11.3.bb => gcc-cross-canadian_11.4.bb} | 0
.../{gcc-cross_11.3.bb => gcc-cross_11.4.bb} | 0
...-crosssdk_11.3.bb => gcc-crosssdk_11.4.bb} | 0
...cc-runtime_11.3.bb => gcc-runtime_11.4.bb} | 0
...itizers_11.3.bb => gcc-sanitizers_11.4.bb} | 0
...{gcc-source_11.3.bb => gcc-source_11.4.bb} | 0
...rch64-Update-Neoverse-N2-core-defini.patch | 20 +-
...rm-add-armv9-a-architecture-to-march.patch | 54 +-
...AMIC_LINKER-and-UCLIBC_DYNAMIC_LINKE.patch | 102 +--
...s-fix-v4bx-to-linker-to-support-EABI.patch | 6 +-
.../gcc/{gcc_11.3.bb => gcc_11.4.bb} | 0
...initial_11.3.bb => libgcc-initial_11.4.bb} | 0
.../gcc/{libgcc_11.3.bb => libgcc_11.4.bb} | 0
...ibgfortran_11.3.bb => libgfortran_11.4.bb} | 0
meta/recipes-devtools/go/go-1.17.13.inc | 1 +
.../go/go-1.18/CVE-2023-29406.patch | 210 +++++++
.../python/python3/cve-2023-24329.patch | 50 --
.../python/python3/get_module_deps3.py | 2 +-
.../{python3_3.10.9.bb => python3_3.10.12.bb} | 7 +-
...001-Skip-strip-trailing-cr-test-case.patch | 19 +-
.../{diffutils_3.9.bb => diffutils_3.10.bb} | 2 +-
...anup-validate_geometry_ddf_container.patch | 148 +++++
...nter-dereference-in-validate_geometr.patch | 56 ++
...se-after-close-bug-by-closing-after-.patch | 91 +++
...gfault-when-calling-NULL-get_bad_blo.patch | 42 ++
...Mark-and-ignore-broken-test-failures.patch | 128 ++++
...dd-broken-files-for-all-broken-tests.patch | 454 ++++++++++++++
meta/recipes-extended/mdadm/files/run-ptest | 2 +-
meta/recipes-extended/mdadm/mdadm_4.2.bb | 9 +-
.../jpeg/files/CVE-2023-2804-1.patch | 103 +++
.../jpeg/files/CVE-2023-2804-2.patch | 75 +++
.../jpeg/libjpeg-turbo_2.1.5.1.bb | 2 +
...ttng-ust_2.13.5.bb => lttng-ust_2.13.6.bb} | 2 +-
.../CVE-2023-0795_0796_0797_0798_0799.patch | 162 +++++
.../libtiff/tiff/CVE-2023-25433.patch | 195 ++++++
.../tiff/CVE-2023-25434-CVE-2023-25435.patch | 94 +++
.../libtiff/tiff/CVE-2023-26965.patch | 97 +++
meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 4 +
...{libassuan_2.5.5.bb => libassuan_2.5.6.bb} | 2 +-
.../{libksba_1.6.3.bb => libksba_1.6.4.bb} | 2 +-
scripts/lib/recipetool/create.py | 4 +
64 files changed, 3585 insertions(+), 180 deletions(-)
create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2023-38408-0001.patch
create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2023-38408-0002.patch
create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2023-38408-0003.patch
create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2023-38408-0004.patch
create mode 100644 meta/recipes-core/libxcrypt/files/0001-Make-BuildCommon.pm-compatible-with-latest-perl.patch
create mode 100644 meta/recipes-core/libxcrypt/files/0002-Remove-smartmatch-usage-from-gen-crypt-h.patch
create mode 100644 meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630_1.patch
create mode 100644 meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630_2.patch
create mode 100644 meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630_3.patch
create mode 100644 meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630_4.patch
rename meta/recipes-devtools/gcc/{gcc-11.3.inc => gcc-11.4.inc} (97%)
rename meta/recipes-devtools/gcc/{gcc-cross-canadian_11.3.bb => gcc-cross-canadian_11.4.bb} (100%)
rename meta/recipes-devtools/gcc/{gcc-cross_11.3.bb => gcc-cross_11.4.bb} (100%)
rename meta/recipes-devtools/gcc/{gcc-crosssdk_11.3.bb => gcc-crosssdk_11.4.bb} (100%)
rename meta/recipes-devtools/gcc/{gcc-runtime_11.3.bb => gcc-runtime_11.4.bb} (100%)
rename meta/recipes-devtools/gcc/{gcc-sanitizers_11.3.bb => gcc-sanitizers_11.4.bb} (100%)
rename meta/recipes-devtools/gcc/{gcc-source_11.3.bb => gcc-source_11.4.bb} (100%)
rename meta/recipes-devtools/gcc/{gcc_11.3.bb => gcc_11.4.bb} (100%)
rename meta/recipes-devtools/gcc/{libgcc-initial_11.3.bb => libgcc-initial_11.4.bb} (100%)
rename meta/recipes-devtools/gcc/{libgcc_11.3.bb => libgcc_11.4.bb} (100%)
rename meta/recipes-devtools/gcc/{libgfortran_11.3.bb => libgfortran_11.4.bb} (100%)
create mode 100644 meta/recipes-devtools/go/go-1.18/CVE-2023-29406.patch
delete mode 100644 meta/recipes-devtools/python/python3/cve-2023-24329.patch
rename meta/recipes-devtools/python/{python3_3.10.9.bb => python3_3.10.12.bb} (98%)
rename meta/recipes-extended/diffutils/{diffutils_3.9.bb => diffutils_3.10.bb} (93%)
create mode 100644 meta/recipes-extended/mdadm/files/0001-DDF-Cleanup-validate_geometry_ddf_container.patch
create mode 100644 meta/recipes-extended/mdadm/files/0002-DDF-Fix-NULL-pointer-dereference-in-validate_geometr.patch
create mode 100644 meta/recipes-extended/mdadm/files/0003-mdadm-Grow-Fix-use-after-close-bug-by-closing-after-.patch
create mode 100644 meta/recipes-extended/mdadm/files/0004-monitor-Avoid-segfault-when-calling-NULL-get_bad_blo.patch
create mode 100644 meta/recipes-extended/mdadm/files/0005-mdadm-test-Mark-and-ignore-broken-test-failures.patch
create mode 100644 meta/recipes-extended/mdadm/files/0006-tests-Add-broken-files-for-all-broken-tests.patch
create mode 100644 meta/recipes-graphics/jpeg/files/CVE-2023-2804-1.patch
create mode 100644 meta/recipes-graphics/jpeg/files/CVE-2023-2804-2.patch
rename meta/recipes-kernel/lttng/{lttng-ust_2.13.5.bb => lttng-ust_2.13.6.bb} (95%)
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-0795_0796_0797_0798_0799.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-25433.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-25434-CVE-2023-25435.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-26965.patch
rename meta/recipes-support/libassuan/{libassuan_2.5.5.bb => libassuan_2.5.6.bb} (93%)
rename meta/recipes-support/libksba/{libksba_1.6.3.bb => libksba_1.6.4.bb} (94%)
--
2.34.1
next reply other threads:[~2023-07-30 18:01 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-30 18:00 Steve Sakoman [this message]
2023-07-30 18:00 ` [OE-core][kirkstone 01/30] libjpeg-turbo: patch CVE-2023-2804 Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 02/30] python3: ignore CVE-2023-36632 Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 03/30] tiff: fix multiple CVEs Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 04/30] go: fix CVE-2023-29406 net/http insufficient sanitization of Host header Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 05/30] tiff: fix multiple CVEs Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 06/30] libtiff: fix CVE-2023-26965 heap-based use after free Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 07/30] openssh: fix CVE-2023-38408 Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 08/30] dmidecode: fix CVE-2023-30630 Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 09/30] python3: upgrade 3.10.9 -> 3.10.12 Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 10/30] diffutils: update 3.9 -> 3.10 Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 11/30] libassuan: upgrade 2.5.5 -> 2.5.6 Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 12/30] libksba: upgrade 1.6.3 -> 1.6.4 Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 13/30] lttng-ust: upgrade 2.13.5 -> 2.13.6 Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 14/30] gcc : upgrade to v11.4 Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 15/30] libxcrypt: fix build with perl-5.38 and use master branch Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 16/30] kernel: add missing path to search for debug files Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 17/30] recipetool: Fix inherit in created -native* recipes Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 18/30] systemd-systemctl: fix errors in instance name expansion Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 19/30] uboot-extlinux-config.bbclass: fix old override syntax in comment Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 20/30] mdadm: fix util-linux ptest dependency Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 21/30] mdadm: fix 07revert-inplace ptest Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 22/30] mdadm: fix segfaults when running ptests Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 23/30] mdadm: skip running known broken ptests Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 24/30] python3: fix missing comma in get_module_deps3.py Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 25/30] meson.bbclass: Point to llvm-config from native sysroot Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 26/30] oeqa/runtime/cases/rpm: fix wait_for_no_process_for_user failure case Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 27/30] oeqa/selftest/devtool: add unit test for "devtool add -b" Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 28/30] openssl: add PERLEXTERNAL path to test its existence Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 29/30] openssl: use a glob on the PERLEXTERNAL to track updates on the path Steve Sakoman
2023-07-30 18:00 ` [OE-core][kirkstone 30/30] util-linux: add alternative links for ipcs,ipcrm Steve Sakoman
[not found] ` <1776B726C0E12BA1.27447@lists.openembedded.org>
2023-07-31 18:11 ` [OE-core][kirkstone 14/30] gcc : upgrade to v11.4 Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2022-07-03 19:35 [OE-core][kirkstone 00/30] Patch review Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1690739937.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.