From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 00/14] Patch review
Date: Wed, 6 Sep 2023 02:48:07 -1000 [thread overview]
Message-ID: <cover.1694004064.git.steve@sakoman.com> (raw)
Please review this set of changes for kirkstone and have comments back by
end of day Friday, September 8.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5835
The following changes since commit 8ceaeff90023e51c7e874464f026b30d24035bda:
python3-git: upgrade 3.1.27 -> 3.1.32 (2023-08-27 04:03:37 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Abe Kohandel (1):
libdnf: resolve cstdint inclusion for newer gcc versions
Adrian Freihofer (1):
json-c: fix CVE-2021-32292
Archana Polampalli (1):
nasm: fix CVE-2020-21528
Changqing Li (1):
sysklogd: fix integration with systemd-journald
Chee Yang Lee (3):
libssh2: fix CVE-2020-22218
file: fix CVE-2022-48554
python3: upgrade to 3.10.13
Hitendra Prajapati (2):
tiff: fix CVE-2023-2908,CVE-2023-3316,CVE-2023-3618
libtiff: fix CVE-2023-26966 Buffer Overflow
Kai Kang (1):
webkitgtk: fix CVE-2023-23529
Martin Jansa (1):
efivar: backport 5 patches to fix build with gold
Meenali Gupta (1):
busybox: fix CVE-2022-48174
Soumya Sambu (1):
ncurses: fix CVE-2023-29491
Vijay Anusuri (1):
inetutils: Backport fix for CVE-2023-40303
...ve-deprecated-add-needed-linker-flag.patch | 45 ++
...002-Add-T-workaround-for-GNU-ld-2.36.patch | 33 ++
...LL-C-to-force-English-output-from-ld.patch | 33 ++
...on-and-remove-not-needed-workarounds.patch | 45 ++
...mp-efi_well_known_-variable-handling.patch | 262 ++++++++++
meta/recipes-bsp/efivar/efivar_38.bb | 9 +-
...tpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch | 280 +++++++++++
...03-Indent-changes-in-previous-commit.patch | 254 ++++++++++
.../inetutils/inetutils_2.2.bb | 2 +
.../busybox/busybox/CVE-2022-48174.patch | 80 +++
meta/recipes-core/busybox/busybox_1.35.0.bb | 1 +
.../ncurses/files/CVE-2023-29491.patch | 464 ++++++++++++++++++
.../ncurses/ncurses_6.3+20220423.bb | 1 +
.../file/file/CVE-2022-48554.patch | 35 ++
meta/recipes-devtools/file/file_5.41.bb | 4 +-
.../json-c/json-c/CVE-2021-32292.patch | 30 ++
meta/recipes-devtools/json-c/json-c_0.15.bb | 1 +
...58-Don-t-assume-inclusion-of-cstdint.patch | 56 +++
...onNumber.hpp-add-missing-cstdint-inc.patch | 33 ++
...ite3-Sqlite3.hpp-add-missing-cstdint.patch | 36 ++
meta/recipes-devtools/libdnf/libdnf_0.66.0.bb | 3 +
.../nasm/nasm/CVE-2020-21528.patch | 47 ++
meta/recipes-devtools/nasm/nasm_2.15.05.bb | 1 +
...{python3_3.10.12.bb => python3_3.10.13.bb} | 2 +-
...KillMode-process-is-not-recommended-.patch | 33 ++
...-messages-lost-when-running-in-syste.patch | 75 +++
.../sysklogd/sysklogd_2.3.0.bb | 2 +
.../libtiff/tiff/CVE-2023-26966.patch | 35 ++
.../libtiff/tiff/CVE-2023-2908.patch | 33 ++
.../libtiff/tiff/CVE-2023-3316.patch | 59 +++
.../libtiff/tiff/CVE-2023-3618-1.patch | 34 ++
.../libtiff/tiff/CVE-2023-3618-2.patch | 47 ++
meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 5 +
.../webkit/webkitgtk/CVE-2023-23529.patch | 65 +++
meta/recipes-sato/webkit/webkitgtk_2.36.8.bb | 1 +
.../libssh2/libssh2/CVE-2020-22218.patch | 34 ++
.../recipes-support/libssh2/libssh2_1.10.0.bb | 1 +
37 files changed, 2175 insertions(+), 6 deletions(-)
create mode 100644 meta/recipes-bsp/efivar/efivar/0001-Remove-deprecated-add-needed-linker-flag.patch
create mode 100644 meta/recipes-bsp/efivar/efivar/0002-Add-T-workaround-for-GNU-ld-2.36.patch
create mode 100644 meta/recipes-bsp/efivar/efivar/0003-Set-LC_ALL-C-to-force-English-output-from-ld.patch
create mode 100644 meta/recipes-bsp/efivar/efivar/0004-LLD-fix-detection-and-remove-not-needed-workarounds.patch
create mode 100644 meta/recipes-bsp/efivar/efivar/0005-Revamp-efi_well_known_-variable-handling.patch
create mode 100644 meta/recipes-connectivity/inetutils/inetutils/0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch
create mode 100644 meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch
create mode 100644 meta/recipes-core/busybox/busybox/CVE-2022-48174.patch
create mode 100644 meta/recipes-core/ncurses/files/CVE-2023-29491.patch
create mode 100644 meta/recipes-devtools/file/file/CVE-2022-48554.patch
create mode 100644 meta/recipes-devtools/json-c/json-c/CVE-2021-32292.patch
create mode 100644 meta/recipes-devtools/libdnf/libdnf/0001-Fix-1558-Don-t-assume-inclusion-of-cstdint.patch
create mode 100644 meta/recipes-devtools/libdnf/libdnf/0001-libdnf-conf-OptionNumber.hpp-add-missing-cstdint-inc.patch
create mode 100644 meta/recipes-devtools/libdnf/libdnf/0001-libdnf-utils-sqlite3-Sqlite3.hpp-add-missing-cstdint.patch
create mode 100644 meta/recipes-devtools/nasm/nasm/CVE-2020-21528.patch
rename meta/recipes-devtools/python/{python3_3.10.12.bb => python3_3.10.13.bb} (99%)
create mode 100644 meta/recipes-extended/sysklogd/files/0001-syslogd.service-KillMode-process-is-not-recommended-.patch
create mode 100644 meta/recipes-extended/sysklogd/files/0002-Fix-62-early-log-messages-lost-when-running-in-syste.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-26966.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-2908.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-3316.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-3618-1.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-3618-2.patch
create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2023-23529.patch
create mode 100644 meta/recipes-support/libssh2/libssh2/CVE-2020-22218.patch
--
2.34.1
next reply other threads:[~2023-09-06 12:48 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-06 12:48 Steve Sakoman [this message]
2023-09-06 12:48 ` [OE-core][kirkstone 01/14] tiff: fix CVE-2023-2908,CVE-2023-3316,CVE-2023-3618 Steve Sakoman
2023-09-06 12:48 ` [OE-core][kirkstone 02/14] inetutils: Backport fix for CVE-2023-40303 Steve Sakoman
2023-09-06 12:48 ` [OE-core][kirkstone 03/14] libtiff: fix CVE-2023-26966 Buffer Overflow Steve Sakoman
2023-09-06 12:48 ` [OE-core][kirkstone 04/14] json-c: fix CVE-2021-32292 Steve Sakoman
2023-09-06 12:48 ` [OE-core][kirkstone 05/14] ncurses: fix CVE-2023-29491 Steve Sakoman
2023-09-06 12:48 ` [OE-core][kirkstone 06/14] busybox: fix CVE-2022-48174 Steve Sakoman
2023-09-06 12:48 ` [OE-core][kirkstone 07/14] webkitgtk: fix CVE-2023-23529 Steve Sakoman
2023-09-06 12:48 ` [OE-core][kirkstone 08/14] libssh2: fix CVE-2020-22218 Steve Sakoman
2023-09-06 12:48 ` [OE-core][kirkstone 09/14] file: fix CVE-2022-48554 Steve Sakoman
2023-09-06 12:48 ` [OE-core][kirkstone 10/14] nasm: fix CVE-2020-21528 Steve Sakoman
2023-09-06 12:48 ` [OE-core][kirkstone 11/14] python3: upgrade to 3.10.13 Steve Sakoman
2023-09-06 12:48 ` [OE-core][kirkstone 12/14] efivar: backport 5 patches to fix build with gold Steve Sakoman
2023-09-06 12:48 ` [OE-core][kirkstone 13/14] libdnf: resolve cstdint inclusion for newer gcc versions Steve Sakoman
2023-09-06 12:48 ` [OE-core][kirkstone 14/14] sysklogd: fix integration with systemd-journald Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2025-10-14 22:44 [OE-core][kirkstone 00/14] Patch review Steve Sakoman
2025-06-22 14:59 Steve Sakoman
2025-04-30 2:53 Steve Sakoman
2024-11-27 18:49 Steve Sakoman
2023-03-23 21:04 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1694004064.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.