From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][nanbield 00/21] Patch review
Date: Thu, 15 Feb 2024 06:17:43 -1000 [thread overview]
Message-ID: <cover.1708012696.git.steve@sakoman.com> (raw)
Please review this set of changes for nanbield and have comments back by
end of day Monday, February 19
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6568
The following changes since commit 0584d01f623e1f9b0fef4dfa95dd66de6cbfb7b3:
build-appliance-image: Update to nanbield head revision (2024-02-08 03:49:03 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/nanbield-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/nanbield-nut
Alexander Sverdlin (1):
linux-firmware: upgrade 20231030 -> 20231211
Benjamin Bara (1):
glibc: stable 2.38 branch updates
Chen Qi (1):
multilib_global.bbclass: fix parsing error with no kernel module split
Jonathan GUILLOT (1):
udev-extraconf: fix unmount directories containing octal-escaped chars
Julien Stephan (1):
externalsrc: fix task dependency for do_populate_lic
Kai Kang (1):
xserver-xorg: 21.1.9 -> 21.1.11
Peter Marko (1):
zlib: ignore CVE-2023-6992
Richard Purdie (3):
allarch: Fix allarch corner case
reproducible: Fix race with externalsrc/devtool over lockfile
pseudo: Update to pull in gcc14 fix and missing statvfs64 intercept
Robert Joslyn (1):
gtk: Set CVE_PRODUCT
Ross Burton (3):
libssh2: backport fix for CVE-2023-48795
cve_check: handle CVE_STATUS being set to the empty string
cve_check: cleanup logging
Simone Weiß (1):
gcc: Update status of CVE-2023-4039
Wang Mingyu (3):
at-spi2-core: upgrade 2.50.0 -> 2.50.1
cpio: upgrade 2.14 -> 2.15
gstreamer: upgrade 1.22.8 -> 1.22.9
Yogita Urade (2):
tiff: fix CVE-2023-6228
tiff: fix CVE-2023-52355 and CVE-2023-52356
baruch@tkos.co.il (1):
overlayfs: add missing closing parenthesis in selftest
.../overlayfs-user/overlayfs-user.bb | 2 +-
meta/classes-recipe/allarch.bbclass | 4 +-
meta/classes/externalsrc.bbclass | 1 +
meta/classes/multilib_global.bbclass | 1 +
meta/lib/oe/cve_check.py | 17 +-
meta/lib/oe/reproducible.py | 3 +
meta/recipes-core/glibc/glibc-version.inc | 5 +-
.../recipes-core/udev/udev-extraconf/mount.sh | 2 +-
meta/recipes-core/zlib/zlib_1.3.bb | 1 +
meta/recipes-devtools/gcc/gcc-13.2.inc | 1 +
.../pseudo/files/glibc238.patch | 13 -
meta/recipes-devtools/pseudo/pseudo_git.bb | 2 +-
.../cpio/{cpio_2.14.bb => cpio_2.15.bb} | 3 +-
...e-needed-header-for-major-minor-macr.patch | 48 --
meta/recipes-gnome/gtk+/gtk+3_3.24.38.bb | 2 +
meta/recipes-gnome/gtk+/gtk4_4.12.3.bb | 2 +
...xorg_21.1.9.bb => xserver-xorg_21.1.11.bb} | 2 +-
...20231030.bb => linux-firmware_20231211.bb} | 7 +-
...tools_1.22.8.bb => gst-devtools_1.22.9.bb} | 2 +-
...1.22.8.bb => gstreamer1.0-libav_1.22.9.bb} | 2 +-
...x_1.22.8.bb => gstreamer1.0-omx_1.22.9.bb} | 2 +-
....bb => gstreamer1.0-plugins-bad_1.22.9.bb} | 2 +-
...bb => gstreamer1.0-plugins-base_1.22.9.bb} | 2 +-
...bb => gstreamer1.0-plugins-good_1.22.9.bb} | 2 +-
...bb => gstreamer1.0-plugins-ugly_1.22.9.bb} | 3 +-
....22.8.bb => gstreamer1.0-python_1.22.9.bb} | 2 +-
....bb => gstreamer1.0-rtsp-server_1.22.9.bb} | 2 +-
...1.22.8.bb => gstreamer1.0-vaapi_1.22.9.bb} | 2 +-
...er1.0_1.22.8.bb => gstreamer1.0_1.22.9.bb} | 2 +-
.../libtiff/tiff/CVE-2023-52355-0001.patch | 238 +++++++++
.../libtiff/tiff/CVE-2023-52355-0002.patch | 28 ++
.../libtiff/tiff/CVE-2023-52356.patch | 49 ++
.../libtiff/tiff/CVE-2023-6228.patch | 31 ++
meta/recipes-multimedia/libtiff/tiff_4.6.0.bb | 4 +
...-core_2.50.0.bb => at-spi2-core_2.50.1.bb} | 2 +-
.../libssh2/libssh2/CVE-2023-48795.patch | 466 ++++++++++++++++++
.../recipes-support/libssh2/libssh2_1.11.0.bb | 1 +
37 files changed, 864 insertions(+), 94 deletions(-)
rename meta/recipes-extended/cpio/{cpio_2.14.bb => cpio_2.15.bb} (94%)
delete mode 100644 meta/recipes-extended/cpio/files/0001-configure-Include-needed-header-for-major-minor-macr.patch
rename meta/recipes-graphics/xorg-xserver/{xserver-xorg_21.1.9.bb => xserver-xorg_21.1.11.bb} (92%)
rename meta/recipes-kernel/linux-firmware/{linux-firmware_20231030.bb => linux-firmware_20231211.bb} (99%)
rename meta/recipes-multimedia/gstreamer/{gst-devtools_1.22.8.bb => gst-devtools_1.22.9.bb} (95%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-libav_1.22.8.bb => gstreamer1.0-libav_1.22.9.bb} (91%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-omx_1.22.8.bb => gstreamer1.0-omx_1.22.9.bb} (95%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-bad_1.22.8.bb => gstreamer1.0-plugins-bad_1.22.9.bb} (98%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-base_1.22.8.bb => gstreamer1.0-plugins-base_1.22.9.bb} (98%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-good_1.22.8.bb => gstreamer1.0-plugins-good_1.22.9.bb} (97%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-ugly_1.22.8.bb => gstreamer1.0-plugins-ugly_1.22.9.bb} (94%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-python_1.22.8.bb => gstreamer1.0-python_1.22.9.bb} (91%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-rtsp-server_1.22.8.bb => gstreamer1.0-rtsp-server_1.22.9.bb} (90%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-vaapi_1.22.8.bb => gstreamer1.0-vaapi_1.22.9.bb} (95%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0_1.22.8.bb => gstreamer1.0_1.22.9.bb} (97%)
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-52355-0001.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-52355-0002.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-52356.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-6228.patch
rename meta/recipes-support/atk/{at-spi2-core_2.50.0.bb => at-spi2-core_2.50.1.bb} (95%)
create mode 100644 meta/recipes-support/libssh2/libssh2/CVE-2023-48795.patch
--
2.34.1
next reply other threads:[~2024-02-15 16:18 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-15 16:17 Steve Sakoman [this message]
2024-02-15 16:17 ` [OE-core][nanbield 01/21] tiff: fix CVE-2023-6228 Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 02/21] tiff: fix CVE-2023-52355 and CVE-2023-52356 Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 03/21] zlib: ignore CVE-2023-6992 Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 04/21] libssh2: backport fix for CVE-2023-48795 Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 05/21] gcc: Update status of CVE-2023-4039 Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 06/21] cve_check: handle CVE_STATUS being set to the empty string Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 07/21] cve_check: cleanup logging Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 08/21] gtk: Set CVE_PRODUCT Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 09/21] glibc: stable 2.38 branch updates Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 10/21] linux-firmware: upgrade 20231030 -> 20231211 Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 11/21] xserver-xorg: 21.1.9 -> 21.1.11 Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 12/21] at-spi2-core: upgrade 2.50.0 -> 2.50.1 Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 13/21] cpio: upgrade 2.14 -> 2.15 Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 14/21] gstreamer: upgrade 1.22.8 -> 1.22.9 Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 15/21] allarch: Fix allarch corner case Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 16/21] reproducible: Fix race with externalsrc/devtool over lockfile Steve Sakoman
2024-02-15 16:18 ` [OE-core][nanbield 17/21] externalsrc: fix task dependency for do_populate_lic Steve Sakoman
2024-02-15 16:18 ` [OE-core][nanbield 18/21] udev-extraconf: fix unmount directories containing octal-escaped chars Steve Sakoman
2024-02-15 16:18 ` [OE-core][nanbield 19/21] pseudo: Update to pull in gcc14 fix and missing statvfs64 intercept Steve Sakoman
2024-02-15 16:18 ` [OE-core][nanbield 20/21] overlayfs: add missing closing parenthesis in selftest Steve Sakoman
2024-02-15 16:18 ` [OE-core][nanbield 21/21] multilib_global.bbclass: fix parsing error with no kernel module split Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1708012696.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.