From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 00/10] Patch review
Date: Tue, 17 Oct 2023 08:42:20 -1000 [thread overview]
Message-ID: <cover.1697567211.git.steve@sakoman.com> (raw)
Please review this set of changes for dunfell and have comments back by
end of day Thursday, October 19
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6058
with the exception of a reproducibility issue for the vim-common package
where we have:
"Content-Type:·text/plain;·charset=CP1251\n"
in the A build and:
"Content-Type:·text/plain;·charset=cp1251\n"
in the B build.
Dunfell autobuilder builds are currently using an older buildtools tarball
which is missing:
https://git.yoctoproject.org/poky/commit/?id=a2f1791f8d0118f44cf752341c4793d656a54a94
I'm sending a patch to the list to update dunfell to the latest buildtools tarball
The following changes since commit 0e167ef0eb7ac62ddb991ce80c27882863d8ee7c:
cpio: Replace fix wrong CRC with ASCII CRC for large files with upstream backport (2023-10-09 07:30:51 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
Marek Vasut (2):
libtiff: Add fix for tiffcrop CVE-2023-1916
systemd: Backport systemd-resolved: use hostname for certificate
validation in DoT
Mike Crowe (2):
curl: Backport fix for CVE-2023-38545
curl: Backport fix for CVE-2023-38546
Pawan (1):
libwebp: Update CVE ID CVE-2023-4863
Ryan Eatmon (1):
kernel.bbclass: Add force flag to rm calls
Siddharth Doshi (4):
glib-2.0: Fix multiple vulnerabilities
vim: Upgrade 9.0.1894 -> 9.0.2009
xorg-lib-common: Add variable to set tarball type
libxpm: upgrade to 3.5.17
meta/classes/kernel.bbclass | 4 +-
.../glib-2.0/glib-2.0/CVE-2023-29499.patch | 290 ++++++++++++
.../glib-2.0/CVE-2023-32611-0001.patch | 89 ++++
.../glib-2.0/CVE-2023-32611-0002.patch | 255 +++++++++++
.../glib-2.0/glib-2.0/CVE-2023-32636.patch | 49 ++
.../glib-2.0/glib-2.0/CVE-2023-32643.patch | 154 +++++++
.../glib-2.0/CVE-2023-32665-0001.patch | 103 +++++
.../glib-2.0/CVE-2023-32665-0002.patch | 210 +++++++++
.../glib-2.0/CVE-2023-32665-0003.patch | 417 ++++++++++++++++++
.../glib-2.0/CVE-2023-32665-0004.patch | 113 +++++
.../glib-2.0/CVE-2023-32665-0005.patch | 80 ++++
.../glib-2.0/CVE-2023-32665-0006.patch | 396 +++++++++++++++++
.../glib-2.0/CVE-2023-32665-0007.patch | 49 ++
.../glib-2.0/CVE-2023-32665-0008.patch | 394 +++++++++++++++++
.../glib-2.0/CVE-2023-32665-0009.patch | 97 ++++
meta/recipes-core/glib-2.0/glib-2.0_2.62.6.bb | 14 +
.../systemd/systemd/CVE-2018-21029.patch | 120 +++++
meta/recipes-core/systemd/systemd_244.5.bb | 1 +
.../xorg-lib/libxpm/CVE-2022-46285.patch | 40 --
.../{libxpm_3.5.13.bb => libxpm_3.5.17.bb} | 9 +-
.../xorg-lib/xorg-lib-common.inc | 3 +-
.../libtiff/files/CVE-2023-1916.patch | 91 ++++
meta/recipes-multimedia/libtiff/tiff_4.1.0.bb | 1 +
.../webp/files/CVE-2023-5129.patch | 9 +-
.../curl/curl/CVE-2023-38545.patch | 148 +++++++
.../curl/curl/CVE-2023-38546.patch | 132 ++++++
meta/recipes-support/curl/curl_7.69.1.bb | 2 +
meta/recipes-support/vim/vim.inc | 4 +-
28 files changed, 3223 insertions(+), 51 deletions(-)
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-29499.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32611-0001.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32611-0002.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32636.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32643.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0001.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0002.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0003.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0004.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0005.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0006.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0007.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0008.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0009.patch
create mode 100644 meta/recipes-core/systemd/systemd/CVE-2018-21029.patch
delete mode 100644 meta/recipes-graphics/xorg-lib/libxpm/CVE-2022-46285.patch
rename meta/recipes-graphics/xorg-lib/{libxpm_3.5.13.bb => libxpm_3.5.17.bb} (68%)
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2023-1916.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2023-38545.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2023-38546.patch
--
2.34.1
next reply other threads:[~2023-10-17 18:42 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-17 18:42 Steve Sakoman [this message]
2023-10-17 18:42 ` [OE-core][dunfell 01/10] libtiff: Add fix for tiffcrop CVE-2023-1916 Steve Sakoman
2023-10-17 18:42 ` [OE-core][dunfell 02/10] curl: Backport fix for CVE-2023-38545 Steve Sakoman
2023-10-17 18:42 ` [OE-core][dunfell 03/10] curl: Backport fix for CVE-2023-38546 Steve Sakoman
2023-10-17 18:42 ` [OE-core][dunfell 04/10] glib-2.0: Fix multiple vulnerabilities Steve Sakoman
2023-10-17 18:42 ` [OE-core][dunfell 05/10] libwebp: Update CVE ID CVE-2023-4863 Steve Sakoman
2023-10-17 18:42 ` [OE-core][dunfell 06/10] vim: Upgrade 9.0.1894 -> 9.0.2009 Steve Sakoman
2023-10-17 18:42 ` [OE-core][dunfell 07/10] xorg-lib-common: Add variable to set tarball type Steve Sakoman
2023-10-17 18:42 ` [OE-core][dunfell 08/10] libxpm: upgrade to 3.5.17 Steve Sakoman
2023-10-17 18:42 ` [OE-core][dunfell 09/10] kernel.bbclass: Add force flag to rm calls Steve Sakoman
2023-10-17 18:42 ` [OE-core][dunfell 10/10] systemd: Backport systemd-resolved: use hostname for certificate validation in DoT Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2023-06-30 2:33 [OE-core][dunfell 00/10] Patch review Steve Sakoman
2022-03-27 16:40 Steve Sakoman
2021-12-13 15:36 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1697567211.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.