[OE-core][kirkstone 00/10] Patch review

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 00/10] Patch review
Date: Thu,  3 Aug 2023 04:04:04 -1000	[thread overview]
Message-ID: <cover.1691071255.git.steve@sakoman.com> (raw)

Please review this set of changes for kirkstone and have comments back by
end of day Saturday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5680

The following changes since commit dc2e760591c5ed3c999222f235484829426c71a7:

  util-linux: add alternative links for ipcs,ipcrm (2023-07-31 08:12:27 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Archana Polampalli (3):
  qemu: fix CVE-2023-3301
  qemu: fix CVE-2023-3255
  qemu: fix CVE-2023-2861

Peter Marko (3):
  libpcre2: patch CVE-2022-41409
  libarchive: ignore CVE-2023-30571
  openssl: Upgrade 3.0.9 -> 3.0.10

Sakib Sajal (2):
  go: fix CVE-2023-24536
  go: fix CVE-2023-24531

Sundeep KOKKONDA (1):
  gcc : upgrade to v11.4

Yuta Hayama (1):
  cve-update-nvd2-native: always pass str for json.loads()

 meta/conf/distro/include/maintainers.inc      |   2 +-
 .../{openssl_3.0.9.bb => openssl_3.0.10.bb}   |   2 +-
 .../meta/cve-update-nvd2-native.bb            |   2 +-
 .../gcc/{gcc-11.3.inc => gcc-11.4.inc}        |   6 +-
 ...ian_11.3.bb => gcc-cross-canadian_11.4.bb} |   0
 .../{gcc-cross_11.3.bb => gcc-cross_11.4.bb}  |   0
 ...-crosssdk_11.3.bb => gcc-crosssdk_11.4.bb} |   0
 ...cc-runtime_11.3.bb => gcc-runtime_11.4.bb} |   0
 ...itizers_11.3.bb => gcc-sanitizers_11.4.bb} |   0
 ...{gcc-source_11.3.bb => gcc-source_11.4.bb} |   0
 ...rch64-Update-Neoverse-N2-core-defini.patch |  20 +-
 ...rm-add-armv9-a-architecture-to-march.patch |  54 +--
 ...AMIC_LINKER-and-UCLIBC_DYNAMIC_LINKE.patch | 102 ++---
 ...s-fix-v4bx-to-linker-to-support-EABI.patch |   6 +-
 .../gcc/{gcc_11.3.bb => gcc_11.4.bb}          |   0
 ...initial_11.3.bb => libgcc-initial_11.4.bb} |   0
 .../gcc/{libgcc_11.3.bb => libgcc_11.4.bb}    |   0
 ...ibgfortran_11.3.bb => libgfortran_11.4.bb} |   0
 meta/recipes-devtools/go/go-1.17.13.inc       |   7 +-
 .../go/go-1.19/CVE-2023-24536_1.patch         | 137 +++++++
 .../go/go-1.19/CVE-2023-24536_2.patch         | 187 ++++++++++
 .../go/go-1.19/CVE-2023-24536_3.patch         | 349 ++++++++++++++++++
 .../go/go-1.21/CVE-2023-24531_1.patch         | 252 +++++++++++++
 .../go/go-1.21/CVE-2023-24531_2.patch         |  47 +++
 meta/recipes-devtools/qemu/qemu.inc           |   3 +
 .../qemu/qemu/CVE-2023-2861.patch             | 172 +++++++++
 .../qemu/qemu/CVE-2023-3255.patch             |  64 ++++
 .../qemu/qemu/CVE-2023-3301.patch             |  60 +++
 .../libarchive/libarchive_3.6.2.bb            |   3 +
 .../libpcre/libpcre2/CVE-2022-41409.patch     |  75 ++++
 .../recipes-support/libpcre/libpcre2_10.40.bb |   1 +
 31 files changed, 1451 insertions(+), 100 deletions(-)
 rename meta/recipes-connectivity/openssl/{openssl_3.0.9.bb => openssl_3.0.10.bb} (99%)
 rename meta/recipes-devtools/gcc/{gcc-11.3.inc => gcc-11.4.inc} (97%)
 rename meta/recipes-devtools/gcc/{gcc-cross-canadian_11.3.bb => gcc-cross-canadian_11.4.bb} (100%)
 rename meta/recipes-devtools/gcc/{gcc-cross_11.3.bb => gcc-cross_11.4.bb} (100%)
 rename meta/recipes-devtools/gcc/{gcc-crosssdk_11.3.bb => gcc-crosssdk_11.4.bb} (100%)
 rename meta/recipes-devtools/gcc/{gcc-runtime_11.3.bb => gcc-runtime_11.4.bb} (100%)
 rename meta/recipes-devtools/gcc/{gcc-sanitizers_11.3.bb => gcc-sanitizers_11.4.bb} (100%)
 rename meta/recipes-devtools/gcc/{gcc-source_11.3.bb => gcc-source_11.4.bb} (100%)
 rename meta/recipes-devtools/gcc/{gcc_11.3.bb => gcc_11.4.bb} (100%)
 rename meta/recipes-devtools/gcc/{libgcc-initial_11.3.bb => libgcc-initial_11.4.bb} (100%)
 rename meta/recipes-devtools/gcc/{libgcc_11.3.bb => libgcc_11.4.bb} (100%)
 rename meta/recipes-devtools/gcc/{libgfortran_11.3.bb => libgfortran_11.4.bb} (100%)
 create mode 100644 meta/recipes-devtools/go/go-1.19/CVE-2023-24536_1.patch
 create mode 100644 meta/recipes-devtools/go/go-1.19/CVE-2023-24536_2.patch
 create mode 100644 meta/recipes-devtools/go/go-1.19/CVE-2023-24536_3.patch
 create mode 100644 meta/recipes-devtools/go/go-1.21/CVE-2023-24531_1.patch
 create mode 100644 meta/recipes-devtools/go/go-1.21/CVE-2023-24531_2.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-2861.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-3255.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-3301.patch
 create mode 100644 meta/recipes-support/libpcre/libpcre2/CVE-2022-41409.patch

-- 
2.34.1

next             reply	other threads:[~2023-08-03 14:04 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-08-03 14:04 Steve Sakoman [this message]
2023-08-03 14:04 ` [OE-core][kirkstone 01/10] libpcre2: patch CVE-2022-41409 Steve Sakoman
2023-08-03 14:04 ` [OE-core][kirkstone 02/10] libarchive: ignore CVE-2023-30571 Steve Sakoman
2023-08-03 14:04 ` [OE-core][kirkstone 03/10] qemu: fix CVE-2023-3301 Steve Sakoman
2023-08-03 14:04 ` [OE-core][kirkstone 04/10] qemu: fix CVE-2023-3255 Steve Sakoman
2023-08-03 14:04 ` [OE-core][kirkstone 05/10] qemu: fix CVE-2023-2861 Steve Sakoman
2023-08-03 14:04 ` [OE-core][kirkstone 06/10] go: fix CVE-2023-24536 Steve Sakoman
2023-08-03 14:04 ` [OE-core][kirkstone 07/10] go: fix CVE-2023-24531 Steve Sakoman
2023-08-03 14:04 ` [OE-core][kirkstone 08/10] cve-update-nvd2-native: always pass str for json.loads() Steve Sakoman
2023-08-03 14:04 ` [OE-core][kirkstone 09/10] gcc : upgrade to v11.4 Steve Sakoman
2023-08-03 14:04 ` [OE-core][kirkstone 10/10] openssl: Upgrade 3.0.9 -> 3.0.10 Steve Sakoman
  -- strict thread matches above, loose matches on Subject: below --
2023-10-03 19:36 [OE-core][kirkstone 00/10] Patch review Steve Sakoman
2023-10-18 15:48 Steve Sakoman
2024-04-16 12:06 Steve Sakoman
2025-04-08 20:50 Steve Sakoman
2025-05-30 15:39 Steve Sakoman
2025-07-27 20:04 Steve Sakoman
2025-07-30 19:05 Steve Sakoman
2025-11-13 21:47 Steve Sakoman
2025-12-02 15:09 Steve Sakoman
2025-12-23 21:25 Steve Sakoman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=cover.1691071255.git.steve@sakoman.com \
    --to=steve@sakoman.com \
    --cc=openembedded-core@lists.openembedded.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.