[OE-core][kirkstone 00/16] Patch review

[Steve Sakoman <steve@sakoman.com>]

Please review this set of changes for kirkstone and have comments back by
end of day Friday, August 18.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5748

The following changes since commit e1a604db8d2cf8782038b4016cc2e2052467333b:

  build-appliance-image: Update to kirkstone head revision (2023-08-07 04:41:22 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Adrian Freihofer (1):
  dmidecode: fixup for CVE-2023-30630

Alberto Planas (1):
  rpm2cpio.sh: update to the last 4.x version

Alexander Kanavin (1):
  libxcrypt: update PV to match SRCREV

Archana Polampalli (2):
  ghostscript: fix CVE-2023-38559
  qemu: fix CVE-2023-3180

Ashish Sharma (1):
  curl: Backport fix CVE-2023-32001

Bruce Ashfield (3):
  linux-yocto/5.10: update to v5.10.186
  linux-yocto/5.10: update to v5.10.187
  linux-yocto/5.10: update to v5.10.188

Marek Vasut (1):
  linux-firmware: Fix mediatek mt7601u firmware path

Martin Jansa (1):
  npm.bbclass: avoid DeprecationWarning with new python

Narpat Mali (1):
  python3-certifi: fix CVE-2023-37920

Pavel Zhukov (1):
  scripts/rpm2cpio.sh: Use bzip2 instead of bunzip2

Peter Marko (1):
  procps: patch CVE-2023-4016

Vivek Kumbhar (1):
  qemu: fix CVE-2023-3354 VNC: improper I/O watch removal in TLS
    handshake can lead to remote unauthenticated denial of service

Yogita Urade (1):
  qemu: fix CVE-2020-14394

 meta/classes/npm.bbclass                      |   2 +-
 ...ibxcrypt_4.4.30.bb => libxcrypt_4.4.33.bb} |   0
 .../dmidecode/CVE-2023-30630_1a.patch         | 236 ++++++++++++++
 ...-30630_1.patch => CVE-2023-30630_1b.patch} | 126 +++-----
 .../dmidecode/CVE-2023-30630_2.patch          |  11 +-
 .../dmidecode/CVE-2023-30630_3.patch          |  60 ++--
 .../dmidecode/CVE-2023-30630_4.patch          | 149 ++++-----
 .../dmidecode/dmidecode_3.3.bb                |   3 +-
 .../python3-certifi/CVE-2023-37920.patch      | 301 ++++++++++++++++++
 .../python/python3-certifi_2021.10.8.bb       |   4 +-
 meta/recipes-devtools/qemu/qemu.inc           |   3 +
 .../qemu/qemu/CVE-2020-14394.patch            |  79 +++++
 .../qemu/qemu/CVE-2023-3180.patch             |  50 +++
 .../qemu/qemu/CVE-2023-3354.patch             |  87 +++++
 .../ghostscript/CVE-2023-38559.patch          |  32 ++
 .../ghostscript/ghostscript_9.55.0.bb         |   1 +
 .../procps/procps/CVE-2023-4016.patch         |  85 +++++
 meta/recipes-extended/procps/procps_3.3.17.bb |   1 +
 .../linux-firmware/linux-firmware_20230515.bb |   2 +-
 .../linux/linux-yocto-rt_5.10.bb              |   6 +-
 .../linux/linux-yocto-tiny_5.10.bb            |   8 +-
 meta/recipes-kernel/linux/linux-yocto_5.10.bb |  24 +-
 .../curl/curl/CVE-2023-32001.patch            |  39 +++
 meta/recipes-support/curl/curl_7.82.0.bb      |   1 +
 scripts/rpm2cpio.sh                           |  30 +-
 25 files changed, 1117 insertions(+), 223 deletions(-)
 rename meta/recipes-core/libxcrypt/{libxcrypt_4.4.30.bb => libxcrypt_4.4.33.bb} (100%)
 create mode 100644 meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630_1a.patch
 rename meta/recipes-devtools/dmidecode/dmidecode/{CVE-2023-30630_1.patch => CVE-2023-30630_1b.patch} (63%)
 create mode 100644 meta/recipes-devtools/python/python3-certifi/CVE-2023-37920.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-14394.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-3180.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-3354.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2023-38559.patch
 create mode 100644 meta/recipes-extended/procps/procps/CVE-2023-4016.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2023-32001.patch

-- 
2.34.1