From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pl1-f178.google.com (mail-pl1-f178.google.com [209.85.214.178]) by mail.openembedded.org (Postfix) with ESMTP id DB8446C0C0 for ; Wed, 26 Jun 2019 16:53:30 +0000 (UTC) Received: by mail-pl1-f178.google.com with SMTP id ay6so1743257plb.9 for ; Wed, 26 Jun 2019 09:53:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:subject:date:message-id; bh=pEwoNyghjZYcDGicKF9K33AXyLNRXikmoWEvDjKH7qI=; b=dQqkoBh0hncU6+RjDKJotXxtanGdqrC8zm3eLi+gTlXvtEagfTEghB2Gw2kpINB+MS XUuJ/vj/1WsH43thzfgS+p7/vyiMZH1MAIzkIxYhyfcFTGYZUCpQsVajfidioO32juTE VOGi4TJuK7g7ULTbNqT7SITG9ZZw1drqWvU9t/cvz4/0LxYhW5t0qSQwXjY/r0EwKiFJ EtbSIAD1XvXyh0/mdfWbFZRmuCbP/lP/Qq0cT9FK39Wz/hCV6Cc5RamKvYAsDxAf5cc5 C1nop9c0Z3iev/81xHgASGvGn3ZmOQhqesQE9t3qsfikyBWm7fKpF2+1nQ6HBo3Z8ozR kKjQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id; bh=pEwoNyghjZYcDGicKF9K33AXyLNRXikmoWEvDjKH7qI=; b=InTdF8ZFVZ531yCHqDHySSl1x8xo6L1lkVWK9zGKU3DTcuxULiz3YSvu0XJVpcpFYE hObwE6wqjXDF3Fgslz0vmABoRG7ZfD4kUGVw6IN975/LnytXanRtYzPGfN2ZON+fMj1L Rb5f45pekSvuXYpFbGQc7s+9Fh98jV1KX1RnT10YsvCCwl+wU0e8LC11H5h/+BhOuI9r SmxZqNiDKTjOhvetU1pDBXt32NXH1GWeydMeoj9CZSUujPsbvFs+hlAcZZhf40HqeUNR X/Vmco6/HtX8p8iXxH+BVcnOKRa1MSOSWzr5g5+VhsI+RVCYN+26LWVXTrPa1fFMOwO6 0dRA== X-Gm-Message-State: APjAAAXK/WL+F6WbybHlr9pao5ET3IwLOi+WtMhhYVRNkbadIi9xWq6+ QO84SdajwlW+wcBANYhq+4Rfe+hR99U= X-Google-Smtp-Source: APXvYqyqTN9nyE4/KytHKFKeYrvMlQ3vxl6U2N/DT5UZOLD5klKx51m9EgN7l7GvVGBT/c2Nsg/IqQ== X-Received: by 2002:a17:902:ac1:: with SMTP id 59mr6713918plp.168.1561568011651; Wed, 26 Jun 2019 09:53:31 -0700 (PDT) Received: from localhost.localdomain ([45.19.219.178]) by smtp.gmail.com with ESMTPSA id t11sm15339687pgp.1.2019.06.26.09.53.30 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 26 Jun 2019 09:53:31 -0700 (PDT) From: Armin Kuster To: openembedded-core@lists.openembedded.org Date: Wed, 26 Jun 2019 09:53:01 -0700 Message-Id: X-Mailer: git-send-email 2.7.4 Subject: [thud][ 00/25] Patch review X-BeenThere: openembedded-core@lists.openembedded.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Patches and discussions about the oe-core layer List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Jun 2019 16:53:31 -0000 Here is the next set for patches for Thud. Please have comments by Friday. The following changes since commit f162d5bfe6eaeca24f441c83c87252c8d05744fc: core-image-sato-sdk-ptest: Tweak size to stay within 4GB limit (2019-05-17 22:05:59 -0700) are available in the git repository at: git://git.openembedded.org/openembedded-core-contrib stable/thud-nmut http://cgit.openembedded.org//log/?h=stable/thud-nmut Armin Kuster (14): glibc: Security fix CVE-2019-9169 elfutils: Security fixes CVE-2019-7146,7149,7150 qemu: Several CVE fixes python: Update to 2.7.16 busybox: Security fixes for CVE-2018-20679 CVE-2019-5747 sqlite3: Security fixes for CVE-2018-20505 & 20506 file: Multiple Secruity fixes go: update to minor update 1.11.10 qemu: Security fix for CVE-2018-19489 Tar: Security fix CVE-2019-0023 glib-2.0: Security fix for CVE-2019-12450 wget: Security fix for CVE-2019-5953 Curl: Securiyt fix CVE-2019-5435 CVE-2019-5436 qemu: Security fix for CVE-2019-12155 Chen Qi (2): cups: upgrade to 2.2.9 cups: upgrade to 2.2.10 Hongxu Jia (1): go-target.inc: fix go not found while multilib enabled Joshua DeWeese (1): wpa_supplicant: Changed systemd template units Khem Raj (1): go: Upgrade 1.11.1 -> 1.11.4 minor release Martin Jansa (1): python: add a fix for CVE-2019-9948 and CVE-2019-9636 Richard Purdie (4): go-crosssdk: PN should use SDK_SYS, not TARGET_ARCH yocto-uninative: Update to 2.5 release uninative: Switch from bz2 to xz uninative: Update to 2.6 release Ross Burton (1): cairo: fix CVE-2018-19876 CVE-2019-6461 CVE-2019-6462 meta/classes/uninative.bbclass | 4 +- meta/conf/distro/include/yocto-uninative.inc | 8 +- ...place-systemd-install-Alias-with-WantedBy.patch | 52 ++++++ .../wpa-supplicant/wpa-supplicant_2.6.bb | 1 + .../busybox/busybox/CVE-2018-20679.patch | 142 +++++++++++++++ .../busybox/busybox/CVE-2019-5747.patch | 60 +++++++ meta/recipes-core/busybox/busybox_1.29.3.bb | 2 + .../glib-2.0/glib-2.0/CVE-2019-12450.patch | 59 ++++++ meta/recipes-core/glib-2.0/glib-2.0_2.58.0.bb | 1 + meta/recipes-core/glibc/glibc/CVE-2019-9169.patch | 63 +++++++ meta/recipes-core/glibc/glibc_2.28.bb | 1 + meta/recipes-devtools/elfutils/elfutils_0.175.bb | 4 + .../elfutils/files/CVE-2019-7146_p1.patch | 52 ++++++ .../elfutils/files/CVE-2019-7146_p2.patch | 65 +++++++ .../elfutils/files/CVE-2019-7149.patch | 148 +++++++++++++++ .../elfutils/files/CVE-2019-7150.patch | 51 ++++++ .../recipes-devtools/file/file/CVE-2019-8904.patch | 30 ++++ .../file/file/CVE-2019-8905_CVE-2019-8907.patch | 120 +++++++++++++ .../recipes-devtools/file/file/CVE-2019-8906.patch | 27 +++ meta/recipes-devtools/file/file_5.34.bb | 3 + meta/recipes-devtools/go/go-1.11.inc | 7 +- ...07-cmd-go-make-GOROOT-precious-by-default.patch | 6 +- .../0008-use-GOBUILDMODE-to-set-buildmode.patch | 13 +- meta/recipes-devtools/go/go-crosssdk.inc | 2 +- meta/recipes-devtools/go/go-target.inc | 2 +- ...on-native_2.7.15.bb => python-native_2.7.16.bb} | 2 - meta/recipes-devtools/python/python.inc | 18 +- ...23-Use-XML_SetHashSalt-in-_elementtree-GH.patch | 96 ---------- ...ix-test_ssl-when-a-filename-cannot-be-enc.patch | 55 ------ ...LS-1.3-ciphers-for-OpenSSL-1.1.1-GH-6976-.patch | 120 ------------- ...34540-Convert-shutil._call_external_zip-t.patch | 67 ------- ...dd-missing-closing-wrapper-in-test_tls1_3.patch | 37 ---- ...ix-test_ssl.test_options-to-account-for-O.patch | 37 ---- ...ix-test_default_ecdh_curve-needs-no-tlsv1.patch | 34 ---- .../python/bpo-35907-cve-2019-9948-fix.patch | 55 ++++++ .../python/python/bpo-35907-cve-2019-9948.patch | 55 ++++++ .../python/bpo-36216-cve-2019-9636-fix.patch | 28 +++ .../python/python/bpo-36216-cve-2019-9636.patch | 111 ++++++++++++ .../python/{python_2.7.15.bb => python_2.7.16.bb} | 6 +- .../qemu/qemu/CVE-2018-16867.patch | 49 +++++ .../qemu/qemu/CVE-2018-16872.patch | 89 +++++++++ .../qemu/qemu/CVE-2018-18849.patch | 86 +++++++++ .../qemu/qemu/CVE-2018-19364_p1.patch | 51 ++++++ .../qemu/qemu/CVE-2018-19364_p2.patch | 115 ++++++++++++ .../qemu/qemu/CVE-2018-19489.patch | 83 +++++++++ .../qemu/qemu/CVE-2019-12155.patch | 38 ++++ meta/recipes-devtools/qemu/qemu_3.0.0.bb | 7 + .../0001-don-t-try-to-run-generated-binaries.patch | 29 +-- .../cups/{cups_2.2.8.bb => cups_2.2.10.bb} | 4 +- meta/recipes-extended/tar/tar/CVE-2019-9923.patch | 38 ++++ meta/recipes-extended/tar/tar_1.30.bb | 1 + .../recipes-extended/wget/wget/CVE-2019-5953.patch | 51 ++++++ meta/recipes-extended/wget/wget_1.19.5.bb | 1 + .../cairo/cairo/CVE-2019-6461.patch | 19 ++ .../cairo/cairo/CVE-2019-6462.patch | 20 +++ meta/recipes-graphics/cairo/cairo_1.14.12.bb | 2 + meta/recipes-support/curl/curl/CVE-2019-5435.patch | 200 +++++++++++++++++++++ meta/recipes-support/curl/curl/CVE-2019-5436.patch | 32 ++++ meta/recipes-support/curl/curl_7.61.0.bb | 2 + .../sqlite/files/CVE-2018-20505.patch | 31 ++++ .../sqlite/files/CVE-2018-20506.patch | 103 +++++++++++ meta/recipes-support/sqlite/sqlite3_3.23.1.bb | 2 + 62 files changed, 2196 insertions(+), 501 deletions(-) create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-replace-systemd-install-Alias-with-WantedBy.patch create mode 100644 meta/recipes-core/busybox/busybox/CVE-2018-20679.patch create mode 100644 meta/recipes-core/busybox/busybox/CVE-2019-5747.patch create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2019-12450.patch create mode 100644 meta/recipes-core/glibc/glibc/CVE-2019-9169.patch create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2019-7146_p1.patch create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2019-7146_p2.patch create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2019-7149.patch create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2019-7150.patch create mode 100644 meta/recipes-devtools/file/file/CVE-2019-8904.patch create mode 100644 meta/recipes-devtools/file/file/CVE-2019-8905_CVE-2019-8907.patch create mode 100644 meta/recipes-devtools/file/file/CVE-2019-8906.patch rename meta/recipes-devtools/python/{python-native_2.7.15.bb => python-native_2.7.16.bb} (96%) delete mode 100644 meta/recipes-devtools/python/python/0001-2.7-bpo-34623-Use-XML_SetHashSalt-in-_elementtree-GH.patch delete mode 100644 meta/recipes-devtools/python/python/0001-bpo-33354-Fix-test_ssl-when-a-filename-cannot-be-enc.patch delete mode 100644 meta/recipes-devtools/python/python/0001-bpo-33570-TLS-1.3-ciphers-for-OpenSSL-1.1.1-GH-6976-.patch delete mode 100644 meta/recipes-devtools/python/python/0001-closes-bpo-34540-Convert-shutil._call_external_zip-t.patch delete mode 100644 meta/recipes-devtools/python/python/0002-bpo-34818-Add-missing-closing-wrapper-in-test_tls1_3.patch delete mode 100644 meta/recipes-devtools/python/python/0003-bpo-34834-Fix-test_ssl.test_options-to-account-for-O.patch delete mode 100644 meta/recipes-devtools/python/python/0004-bpo-34836-fix-test_default_ecdh_curve-needs-no-tlsv1.patch create mode 100644 meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948-fix.patch create mode 100644 meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948.patch create mode 100644 meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636-fix.patch create mode 100644 meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636.patch rename meta/recipes-devtools/python/{python_2.7.15.bb => python_2.7.16.bb} (98%) create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-16867.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-16872.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-18849.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-19364_p1.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-19364_p2.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-19489.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2019-12155.patch rename meta/recipes-extended/cups/{cups_2.2.8.bb => cups_2.2.10.bb} (40%) create mode 100644 meta/recipes-extended/tar/tar/CVE-2019-9923.patch create mode 100644 meta/recipes-extended/wget/wget/CVE-2019-5953.patch create mode 100644 meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch create mode 100644 meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch create mode 100644 meta/recipes-support/curl/curl/CVE-2019-5435.patch create mode 100644 meta/recipes-support/curl/curl/CVE-2019-5436.patch create mode 100644 meta/recipes-support/sqlite/files/CVE-2018-20505.patch create mode 100644 meta/recipes-support/sqlite/files/CVE-2018-20506.patch -- 2.7.4