From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 00/38] Patch review
Date: Wed, 4 Dec 2024 09:53:27 -0800 [thread overview]
Message-ID: <cover.1733334655.git.steve@sakoman.com> (raw)
Please review this set of changes for kirkstone and have comments back by
end of day Friday, December 6
Passed a-full on autobuilder:
https://valkyrie.yoctoproject.org/#/builders/29/builds/581
The following changes since commit 13b13b81b91f618c13cf972067c47bd810de852f:
gstreamer1.0: improve test reliability (2024-11-27 06:57:56 -0800)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Changqing Li (2):
libsoup: fix CVE-2024-52531
rxvt-unicode.inc: disable the terminfo installation by setting TIC to
:
Divya Chellam (1):
qemu: fix CVE-2024-3446
Hongxu Jia (3):
ovmf: fix CVE-2024-38796
ovmf: fix CVE-2024-1298
python3-zipp: fix CVE-2024-5569
Jiaying Song (1):
diffoscope: fix CVE-2024-25711
Peter Marko (6):
cpio: ignore CVE-2023-7216
gnupg: ignore CVE-2022-3515
qemu: ignore CVE-2022-36648
grub: ignore CVE-2024-1048 and CVE-2023-4001
pixman: ignore CVE-2023-37769
qemu: patch CVE-2024-6505
Richard Purdie (12):
do_package/sstate/sstatesig: Change timestamp clamping to hash output
only
selftest/reproducible: Drop rawlogs
selftest/reproducible: Clean up pathnames
resulttool: Allow store to filter to specific revisions
resulttool: Use single space indentation in json output
oeqa/utils/gitarchive: Return tag name and improve exclude handling
resulttool: Fix passthrough of --all files in store mode
resulttool: Add --logfile-archive option to store mode
resulttool: Handle ltp rawlogs as well as ptest
resulttool: Clean up repoducible build logs
resulttool: Trim the precision of duration information
resulttool: Improve repo layout for oeselftest results
Soumya Sambu (11):
ovmf: Fix CVE-2022-36763
ovmf: Fix CVE-2022-36764
ovmf: Fix CVE-2023-45230
ovmf: Fix CVE-2023-45231
ovmf: Fix CVE-2023-45232, CVE-2023-45233
ovmf: Fix CVE-2023-45234
ovmf: Fix CVE-2023-45235
ovmf: Fix CVE-2023-45229
ovmf: Fix CVE-2023-45237
ovmf: Fix CVE-2023-45236
ovmf: Fix CVE-2022-36765
Vijay Anusuri (1):
libsoup-2.4: Backport fix for CVE-2024-52531
Yogita Urade (1):
qemu: fix CVE-2024-3447
meta/classes/sstate.bbclass | 16 -
meta/lib/oe/sstatesig.py | 7 +-
meta/lib/oeqa/core/runner.py | 2 +-
meta/lib/oeqa/selftest/cases/reproducible.py | 8 +-
meta/lib/oeqa/utils/gitarchive.py | 4 +-
meta/recipes-bsp/grub/grub2.inc | 2 +
...ential-UINT32-overflow-in-S3-ResumeC.patch | 51 +
...-Fix-overflow-issue-in-BasePeCoffLib.patch | 37 +
.../ovmf/ovmf/CVE-2022-36763-0001.patch | 985 ++++++++++
.../ovmf/ovmf/CVE-2022-36763-0002.patch | 889 +++++++++
.../ovmf/ovmf/CVE-2022-36763-0003.patch | 55 +
.../ovmf/ovmf/CVE-2022-36764-0001.patch | 271 +++
.../ovmf/ovmf/CVE-2022-36764-0002.patch | 281 +++
.../ovmf/ovmf/CVE-2022-36764-0003.patch | 48 +
.../ovmf/ovmf/CVE-2022-36765-0001.patch | 179 ++
.../ovmf/ovmf/CVE-2022-36765-0002.patch | 157 ++
.../ovmf/ovmf/CVE-2022-36765-0003.patch | 135 ++
.../ovmf/ovmf/CVE-2023-45229-0001.patch | 604 ++++++
.../ovmf/ovmf/CVE-2023-45229-0002.patch | 539 ++++++
.../ovmf/ovmf/CVE-2023-45229-0003.patch | 244 +++
.../ovmf/ovmf/CVE-2023-45229-0004.patch | 157 ++
.../ovmf/ovmf/CVE-2023-45230-0001.patch | 1617 +++++++++++++++++
.../ovmf/ovmf/CVE-2023-45230-0002.patch | 604 ++++++
.../ovmf/ovmf/CVE-2023-45231-0001.patch | 65 +
.../ovmf/ovmf/CVE-2023-45231-0002.patch | 250 +++
.../CVE-2023-45232-CVE-2023-45233-0001.patch | 360 ++++
.../CVE-2023-45232-CVE-2023-45233-0002.patch | 417 +++++
.../ovmf/ovmf/CVE-2023-45234-0001.patch | 154 ++
.../ovmf/ovmf/CVE-2023-45234-0002.patch | 485 +++++
.../ovmf/ovmf/CVE-2023-45235-0001.patch | 243 +++
.../ovmf/ovmf/CVE-2023-45235-0002.patch | 379 ++++
.../ovmf/ovmf/CVE-2023-45236.patch | 829 +++++++++
.../ovmf/ovmf/CVE-2023-45237-0001.patch | 78 +
.../ovmf/ovmf/CVE-2023-45237-0002.patch | 1288 +++++++++++++
meta/recipes-core/ovmf/ovmf_git.bb | 28 +
.../0001-Add-SanitizedNames-mixin.patch | 89 +
...Names-in-CompleteDirs.-Fixes-broken-.patch | 30 +
.../0003-Removed-SanitizedNames.patch | 95 +
...-loop-when-zipfile-begins-with-more-.patch | 48 +
...ath.rstrip-to-consolidate-checks-for.patch | 30 +
.../python/python3-zipp_3.7.0.bb | 8 +
meta/recipes-devtools/qemu/qemu.inc | 13 +
.../qemu/qemu/CVE-2024-3446-0001.patch | 218 +++
.../qemu/qemu/CVE-2024-3446-0002.patch | 427 +++++
.../qemu/qemu/CVE-2024-3446-0003.patch | 68 +
.../qemu/qemu/CVE-2024-3446-0004.patch | 144 ++
.../qemu/qemu/CVE-2024-3446-0005.patch | 42 +
.../qemu/qemu/CVE-2024-3446-0006.patch | 43 +
.../qemu/qemu/CVE-2024-3447.patch | 137 ++
.../qemu/qemu/CVE-2024-6505.patch | 40 +
meta/recipes-extended/cpio/cpio_2.14.bb | 2 +
.../xorg-lib/pixman_0.40.0.bb | 3 +
.../rxvt-unicode/rxvt-unicode.inc | 3 +-
.../diffoscope/CVE-2024-25711.patch | 116 ++
.../diffoscope/diffoscope_208.bb | 1 +
meta/recipes-support/gnupg/gnupg_2.3.7.bb | 2 +
.../libsoup-2.4/CVE-2024-52531-1.patch | 131 ++
.../libsoup-2.4/CVE-2024-52531-2.patch | 36 +
.../libsoup/libsoup-2.4_2.74.2.bb | 2 +
.../libsoup/libsoup/CVE-2024-52531-1.patch | 116 ++
.../libsoup/libsoup/CVE-2024-52531-2.patch | 40 +
.../libsoup/libsoup/CVE-2024-52531-3.patch | 136 ++
meta/recipes-support/libsoup/libsoup_3.0.7.bb | 3 +
scripts/lib/resulttool/manualexecution.py | 2 +-
scripts/lib/resulttool/report.py | 2 +-
scripts/lib/resulttool/resultutils.py | 76 +-
scripts/lib/resulttool/store.py | 26 +-
67 files changed, 13550 insertions(+), 47 deletions(-)
create mode 100644 meta/recipes-core/ovmf/ovmf/0001-MdeModulePkg-Potential-UINT32-overflow-in-S3-ResumeC.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/0001-MdePkg-Fix-overflow-issue-in-BasePeCoffLib.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2022-36763-0001.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2022-36763-0002.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2022-36763-0003.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2022-36764-0001.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2022-36764-0002.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2022-36764-0003.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2022-36765-0001.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2022-36765-0002.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2022-36765-0003.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45229-0001.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45229-0002.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45229-0003.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45229-0004.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45230-0001.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45230-0002.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45231-0001.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45231-0002.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45232-CVE-2023-45233-0001.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45232-CVE-2023-45233-0002.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45234-0001.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45234-0002.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45235-0001.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45235-0002.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45236.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45237-0001.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45237-0002.patch
create mode 100644 meta/recipes-devtools/python/python3-zipp/0001-Add-SanitizedNames-mixin.patch
create mode 100644 meta/recipes-devtools/python/python3-zipp/0002-Employ-SanitizedNames-in-CompleteDirs.-Fixes-broken-.patch
create mode 100644 meta/recipes-devtools/python/python3-zipp/0003-Removed-SanitizedNames.patch
create mode 100644 meta/recipes-devtools/python/python3-zipp/0004-Address-infinite-loop-when-zipfile-begins-with-more-.patch
create mode 100644 meta/recipes-devtools/python/python3-zipp/0005-Prefer-simpler-path.rstrip-to-consolidate-checks-for.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3446-0001.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3446-0002.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3446-0003.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3446-0004.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3446-0005.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3446-0006.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3447.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-6505.patch
create mode 100644 meta/recipes-support/diffoscope/diffoscope/CVE-2024-25711.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2024-52531-1.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2024-52531-2.patch
create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2024-52531-1.patch
create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2024-52531-2.patch
create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2024-52531-3.patch
--
2.34.1
next reply other threads:[~2024-12-04 17:54 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-04 17:53 Steve Sakoman [this message]
2024-12-04 17:53 ` [OE-core][kirkstone 01/38] ovmf: Fix CVE-2022-36763 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 02/38] ovmf: Fix CVE-2022-36764 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 03/38] ovmf: Fix CVE-2023-45230 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 04/38] ovmf: Fix CVE-2023-45231 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 05/38] ovmf: Fix CVE-2023-45232, CVE-2023-45233 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 06/38] ovmf: Fix CVE-2023-45234 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 07/38] ovmf: Fix CVE-2023-45235 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 08/38] ovmf: Fix CVE-2023-45229 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 09/38] ovmf: Fix CVE-2023-45237 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 10/38] ovmf: Fix CVE-2023-45236 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 11/38] ovmf: Fix CVE-2022-36765 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 12/38] ovmf: fix CVE-2024-38796 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 13/38] ovmf: fix CVE-2024-1298 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 14/38] libsoup: fix CVE-2024-52531 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 15/38] python3-zipp: fix CVE-2024-5569 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 16/38] libsoup-2.4: Backport fix for CVE-2024-52531 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 17/38] cpio: ignore CVE-2023-7216 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 18/38] gnupg: ignore CVE-2022-3515 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 19/38] qemu: ignore CVE-2022-36648 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 20/38] grub: ignore CVE-2024-1048 and CVE-2023-4001 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 21/38] pixman: ignore CVE-2023-37769 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 22/38] qemu: patch CVE-2024-6505 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 23/38] qemu: fix CVE-2024-3446 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 24/38] qemu: fix CVE-2024-3447 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 25/38] diffoscope: fix CVE-2024-25711 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 26/38] do_package/sstate/sstatesig: Change timestamp clamping to hash output only Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 27/38] rxvt-unicode.inc: disable the terminfo installation by setting TIC to : Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 28/38] selftest/reproducible: Drop rawlogs Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 29/38] selftest/reproducible: Clean up pathnames Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 30/38] resulttool: Allow store to filter to specific revisions Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 31/38] resulttool: Use single space indentation in json output Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 32/38] oeqa/utils/gitarchive: Return tag name and improve exclude handling Steve Sakoman
2024-12-04 17:54 ` [OE-core][kirkstone 33/38] resulttool: Fix passthrough of --all files in store mode Steve Sakoman
2024-12-04 17:54 ` [OE-core][kirkstone 34/38] resulttool: Add --logfile-archive option to " Steve Sakoman
2024-12-04 17:54 ` [OE-core][kirkstone 35/38] resulttool: Handle ltp rawlogs as well as ptest Steve Sakoman
2024-12-04 17:54 ` [OE-core][kirkstone 36/38] resulttool: Clean up repoducible build logs Steve Sakoman
2024-12-04 17:54 ` [OE-core][kirkstone 37/38] resulttool: Trim the precision of duration information Steve Sakoman
2024-12-04 17:54 ` [OE-core][kirkstone 38/38] resulttool: Improve repo layout for oeselftest results Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2026-02-24 14:23 [OE-core][kirkstone 00/38] Patch review Yoann Congal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1733334655.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.