From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 00/13] Patch review
Date: Tue, 28 Nov 2023 12:52:27 -1000 [thread overview]
Message-ID: <cover.1701210903.git.steve@sakoman.com> (raw)
Please review this set of changes for dunfell and have comments back by
end of day Thursday, November 30
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6252
The following changes since commit ff7dbcc0206203e2ece68ca91a37050a4bc822a2:
selftest: skip virgl test on all fedora (2023-11-14 06:35:38 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
Archana Polampalli (1):
vim: Upgrade 9.0.2048 -> 9.0.2068
Etienne Cordonnier (1):
vim: update obsolete comment
Hitendra Prajapati (1):
grub: fix CVE-2023-4692 & CVE-2023-4693
Lee Chee Yang (3):
wayland: fix CVE-2021-3782
python3-setuptools: fix CVE-2022-40897
curl: fix CVE-2023-28321 CVE-2023-28322
Richard Purdie (1):
vim: Improve locale handling
Steve Sakoman (1):
vim: use upstream generated .po files
Vijay Anusuri (5):
libx11: Fix for CVE-2023-43785 CVE-2023-43786 and CVE-2023-43787
shadow: backport patch to fix CVE-2023-29383
bind: Backport fix for CVE-2023-3341
avahi: backport Debian patches to fix multiple CVE's
tiff: backport Debian patch to fix CVE-2022-40090
.../grub/files/CVE-2023-4692.patch | 97 ++++
.../grub/files/CVE-2023-4693.patch | 62 ++
meta/recipes-bsp/grub/grub2.inc | 2 +
meta/recipes-connectivity/avahi/avahi.inc | 9 +
.../avahi/files/CVE-2023-1981.patch | 60 ++
.../avahi/files/CVE-2023-38469-1.patch | 48 ++
.../avahi/files/CVE-2023-38469-2.patch | 65 +++
.../avahi/files/CVE-2023-38470-1.patch | 57 ++
.../avahi/files/CVE-2023-38470-2.patch | 53 ++
.../avahi/files/CVE-2023-38471-1.patch | 73 +++
.../avahi/files/CVE-2023-38471-2.patch | 52 ++
.../avahi/files/CVE-2023-38472.patch | 45 ++
.../avahi/files/CVE-2023-38473.patch | 109 ++++
.../bind/bind/CVE-2023-3341.patch | 175 ++++++
.../recipes-connectivity/bind/bind_9.11.37.bb | 1 +
.../python/python-setuptools.inc | 2 +
.../python3-setuptools/CVE-2022-40897.patch | 29 +
.../files/0001-Overhaul-valid_field.patch | 66 +++
.../shadow/files/CVE-2023-29383.patch | 54 ++
meta/recipes-extended/shadow/shadow.inc | 2 +
.../wayland/wayland/CVE-2021-3782.patch | 111 ++++
.../wayland/wayland_1.18.0.bb | 1 +
.../xorg-lib/libx11/CVE-2023-43785.patch | 63 ++
.../xorg-lib/libx11/CVE-2023-43786-1.patch | 42 ++
.../xorg-lib/libx11/CVE-2023-43786-2.patch | 46 ++
.../xorg-lib/libx11/CVE-2023-43787-1.patch | 52 ++
.../xorg-lib/libx11/CVE-2023-43787-2.patch | 64 ++
.../recipes-graphics/xorg-lib/libx11_1.6.9.bb | 5 +
.../libtiff/files/CVE-2022-40090.patch | 548 ++++++++++++++++++
meta/recipes-multimedia/libtiff/tiff_4.1.0.bb | 1 +
.../curl/curl/CVE-2023-28321.patch | 272 +++++++++
.../curl/curl/CVE-2023-28322.patch | 380 ++++++++++++
meta/recipes-support/curl/curl_7.69.1.bb | 2 +
meta/recipes-support/vim/vim.inc | 25 +-
34 files changed, 2658 insertions(+), 15 deletions(-)
create mode 100644 meta/recipes-bsp/grub/files/CVE-2023-4692.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2023-4693.patch
create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2023-1981.patch
create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2023-38469-1.patch
create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2023-38469-2.patch
create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2023-38470-1.patch
create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2023-38470-2.patch
create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2023-38471-1.patch
create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2023-38471-2.patch
create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2023-38472.patch
create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2023-38473.patch
create mode 100644 meta/recipes-connectivity/bind/bind/CVE-2023-3341.patch
create mode 100644 meta/recipes-devtools/python/python3-setuptools/CVE-2022-40897.patch
create mode 100644 meta/recipes-extended/shadow/files/0001-Overhaul-valid_field.patch
create mode 100644 meta/recipes-extended/shadow/files/CVE-2023-29383.patch
create mode 100644 meta/recipes-graphics/wayland/wayland/CVE-2021-3782.patch
create mode 100644 meta/recipes-graphics/xorg-lib/libx11/CVE-2023-43785.patch
create mode 100644 meta/recipes-graphics/xorg-lib/libx11/CVE-2023-43786-1.patch
create mode 100644 meta/recipes-graphics/xorg-lib/libx11/CVE-2023-43786-2.patch
create mode 100644 meta/recipes-graphics/xorg-lib/libx11/CVE-2023-43787-1.patch
create mode 100644 meta/recipes-graphics/xorg-lib/libx11/CVE-2023-43787-2.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2022-40090.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2023-28321.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2023-28322.patch
--
2.34.1
next reply other threads:[~2023-11-28 22:52 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-28 22:52 Steve Sakoman [this message]
2023-11-28 22:52 ` [OE-core][dunfell 01/13] libx11: Fix for CVE-2023-43785 CVE-2023-43786 and CVE-2023-43787 Steve Sakoman
2023-11-28 22:52 ` [OE-core][dunfell 02/13] wayland: fix CVE-2021-3782 Steve Sakoman
2023-11-28 22:52 ` [OE-core][dunfell 03/13] python3-setuptools: fix CVE-2022-40897 Steve Sakoman
2023-11-28 22:52 ` [OE-core][dunfell 04/13] shadow: backport patch to fix CVE-2023-29383 Steve Sakoman
2023-11-28 22:52 ` [OE-core][dunfell 05/13] curl: fix CVE-2023-28321 CVE-2023-28322 Steve Sakoman
2023-11-28 22:52 ` [OE-core][dunfell 06/13] bind: Backport fix for CVE-2023-3341 Steve Sakoman
2023-11-28 22:52 ` [OE-core][dunfell 07/13] avahi: backport Debian patches to fix multiple CVE's Steve Sakoman
2023-11-28 22:52 ` [OE-core][dunfell 08/13] grub: fix CVE-2023-4692 & CVE-2023-4693 Steve Sakoman
2023-11-28 22:52 ` [OE-core][dunfell 09/13] tiff: backport Debian patch to fix CVE-2022-40090 Steve Sakoman
2023-11-28 22:52 ` [OE-core][dunfell 10/13] vim: Improve locale handling Steve Sakoman
2023-11-28 22:52 ` [OE-core][dunfell 11/13] vim: update obsolete comment Steve Sakoman
2023-11-28 22:52 ` [OE-core][dunfell 12/13] vim: Upgrade 9.0.2048 -> 9.0.2068 Steve Sakoman
2023-11-28 22:52 ` [OE-core][dunfell 13/13] vim: use upstream generated .po files Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2023-09-30 19:39 [OE-core][dunfell 00/13] Patch review Steve Sakoman
2023-07-18 16:00 Steve Sakoman
2022-12-16 14:57 Steve Sakoman
2022-03-21 22:29 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1701210903.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.