From: Armin Kuster <akuster808@gmail.com>
To: openembedded-core@lists.openembedded.org
Subject: [thud 00/26] Pull request
Date: Mon, 7 Oct 2019 08:10:37 -0700 [thread overview]
Message-ID: <cover.1570460789.git.akuster808@gmail.com> (raw)
This has backports waiting for warrior to merge thus the delay for this request.
The following changes since commit d3d3f443039b03f1200a14bfe99f985592632018:
build-appliance-image: Update to thud head revision (2019-08-01 11:58:11 +0100)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/thud-next
http://cgit.openembedded.org//log/?h=stable/thud-next
Adrian Bunk (2):
bind: upgrade 9.11.5 -> 9.11.5-P4
dhcp: Replace OE specific patch for compatibility with latest bind
with upstream patch
Alexander Kanavin (1):
buildhistory: call a dependency parser only on actual dependency lists
Andrii Bordunov via Openembedded-core (4):
curl: fix CVE-2018-16890 CVE-2019-3822 CVE-2019-3823
dbus: fix CVE-2019-12749
glib-2.0: fix CVE-2019-13012
libcomps: fix CVE-2019-3817
Anuj Mittal (5):
patch: fix CVE-2019-13636
python3: fix CVE-2019-9740
libxslt: fix CVE-2019-13117 CVE-2019-13118
patch: backport fixes
pango: fix CVE-2019-1010238
Armin Kuster (6):
gcc: Security fix for CVE-2019-14250
binutils: Security fix for CVE-2019-14444
binutils: Security fix for CVE-2019-12972
bind: update to latest LTS 9.11.5
go: update to 1.11.13, minor updates
dhcp: fix issue with new bind changes
Bartosz Golaszewski (1):
qemu: add a patch fixing the native build on newer kernels
Bruce Ashfield (1):
linux-yocto/4.14: update to v4.14.143
Dan Tran (3):
binutils: Fix 4 CVEs
python: Fix 3 CVEs
python3: Fix CVEs
Muminul Islam (1):
libxslt: Cve fix CVE-2019-11068
Ruslan Bilovol (1):
dhcp: drop lost patch
Trevor Gamblin (1):
patch: fix CVE-2019-13638
meta/lib/oe/buildhistory_analysis.py | 2 +-
.../bind/bind/CVE-2018-5740.patch | 72 -----
.../bind/{bind_9.11.4.bb => bind_9.11.5-P4.bb} | 8 +-
...d-includes-of-new-BIND9-compatibility-hea.patch | 79 +++++
.../dhcp/0008-tweak-to-support-external-bind.patch | 117 -------
meta/recipes-connectivity/dhcp/dhcp_4.4.1.bb | 1 +
meta/recipes-core/dbus/dbus/CVE-2019-12749.patch | 127 ++++++++
meta/recipes-core/dbus/dbus_1.12.10.bb | 1 +
.../glib-2.0/glib-2.0/CVE-2019-13012.patch | 47 +++
meta/recipes-core/glib-2.0/glib-2.0_2.58.0.bb | 1 +
meta/recipes-devtools/binutils/binutils-2.31.inc | 6 +
.../binutils/binutils/CVE-2018-1000876.patch | 180 +++++++++++
.../binutils/binutils/CVE-2018-20623.patch | 74 +++++
.../binutils/binutils/CVE-2018-20651.patch | 35 +++
.../binutils/binutils/CVE-2018-20671.patch | 49 +++
.../binutils/binutils/CVE-2019-12972.patch | 39 +++
.../binutils/binutils/CVE-2019-14444.patch | 33 ++
meta/recipes-devtools/gcc/gcc-8.2.inc | 1 +
.../gcc/gcc-8.2/CVE-2019-14250.patch | 44 +++
meta/recipes-devtools/go/go-1.11.inc | 6 +-
.../libcomps/libcomps/CVE-2019-3817.patch | 97 ++++++
meta/recipes-devtools/libcomps/libcomps_git.bb | 1 +
...k-temporary-file-on-failed-ed-style-patch.patch | 93 ++++++
...ak-temporary-file-on-failed-multi-file-ed.patch | 80 +++++
...ke-ed-directly-instead-of-using-the-shell.patch | 44 +++
.../patch/patch/CVE-2019-13636.patch | 113 +++++++
meta/recipes-devtools/patch/patch_2.7.6.bb | 4 +
.../python/python/bpo-30458-cve-2019-9740.patch | 219 ++++++++++++++
.../python/python/bpo-35121-cve-2018-20852.patch | 127 ++++++++
.../python/python3/CVE-2018-14647.patch | 95 ++++++
.../python/python3/CVE-2018-20406.patch | 217 +++++++++++++
.../python/python3/CVE-2018-20852.patch | 129 ++++++++
.../python/python3/CVE-2019-9636.patch | 154 ++++++++++
.../python/python3/CVE-2019-9740.patch | 155 ++++++++++
meta/recipes-devtools/python/python3_3.5.6.bb | 5 +
meta/recipes-devtools/python/python_2.7.16.bb | 2 +
...error-messages-when-qemi_cpu_kick_thread-.patch | 19 +-
...fix-to-handle-variably-sized-SIOCGSTAMP-w.patch | 336 +++++++++++++++++++++
meta/recipes-devtools/qemu/qemu_3.0.0.bb | 1 +
.../pango/pango/CVE-2019-1010238.patch | 38 +++
meta/recipes-graphics/pango/pango_1.42.4.bb | 4 +-
meta/recipes-kernel/linux/linux-yocto-rt_4.14.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto-tiny_4.14.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_4.14.bb | 20 +-
.../recipes-support/curl/curl/CVE-2018-16890.patch | 50 +++
meta/recipes-support/curl/curl/CVE-2019-3822.patch | 47 +++
meta/recipes-support/curl/curl/CVE-2019-3823.patch | 55 ++++
meta/recipes-support/curl/curl_7.61.0.bb | 3 +
.../libxslt/files/CVE-2019-13117.patch | 33 ++
.../libxslt/files/CVE-2019-13118.patch | 76 +++++
.../libxslt/libxslt/CVE-2019-11068.patch | 128 ++++++++
meta/recipes-support/libxslt/libxslt_1.1.32.bb | 5 +-
52 files changed, 3059 insertions(+), 225 deletions(-)
delete mode 100644 meta/recipes-connectivity/bind/bind/CVE-2018-5740.patch
rename meta/recipes-connectivity/bind/{bind_9.11.4.bb => bind_9.11.5-P4.bb} (95%)
create mode 100644 meta/recipes-connectivity/dhcp/dhcp/0001-master-Added-includes-of-new-BIND9-compatibility-hea.patch
delete mode 100644 meta/recipes-connectivity/dhcp/dhcp/0008-tweak-to-support-external-bind.patch
create mode 100644 meta/recipes-core/dbus/dbus/CVE-2019-12749.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2019-13012.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2018-1000876.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2018-20623.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2018-20651.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2018-20671.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2019-12972.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2019-14444.patch
create mode 100644 meta/recipes-devtools/gcc/gcc-8.2/CVE-2019-14250.patch
create mode 100644 meta/recipes-devtools/libcomps/libcomps/CVE-2019-3817.patch
create mode 100644 meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-ed-style-patch.patch
create mode 100644 meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-multi-file-ed.patch
create mode 100644 meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch
create mode 100644 meta/recipes-devtools/patch/patch/CVE-2019-13636.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-30458-cve-2019-9740.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-35121-cve-2018-20852.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2018-14647.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2018-20406.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2018-20852.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2019-9636.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2019-9740.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0014-linux-user-fix-to-handle-variably-sized-SIOCGSTAMP-w.patch
create mode 100644 meta/recipes-graphics/pango/pango/CVE-2019-1010238.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2018-16890.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2019-3822.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2019-3823.patch
create mode 100644 meta/recipes-support/libxslt/files/CVE-2019-13117.patch
create mode 100644 meta/recipes-support/libxslt/files/CVE-2019-13118.patch
create mode 100644 meta/recipes-support/libxslt/libxslt/CVE-2019-11068.patch
--
2.7.4
next reply other threads:[~2019-10-07 15:11 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-07 15:10 Armin Kuster [this message]
2019-10-07 15:10 ` [thud 01/26] buildhistory: call a dependency parser only on actual dependency lists Armin Kuster
2019-10-07 15:10 ` [thud 02/26] patch: fix CVE-2019-13636 Armin Kuster
2019-10-07 15:10 ` [thud 03/26] python3: fix CVE-2019-9740 Armin Kuster
2019-10-07 15:10 ` [thud 04/26] curl: fix CVE-2018-16890 CVE-2019-3822 CVE-2019-3823 Armin Kuster
2019-10-07 15:10 ` [thud 05/26] dbus: fix CVE-2019-12749 Armin Kuster
2019-10-07 15:10 ` [thud 06/26] glib-2.0: fix CVE-2019-13012 Armin Kuster
2019-10-07 15:10 ` [thud 07/26] libcomps: fix CVE-2019-3817 Armin Kuster
2019-10-07 15:10 ` [thud 08/26] qemu: add a patch fixing the native build on newer kernels Armin Kuster
2019-10-07 15:10 ` [thud 09/26] gcc: Security fix for CVE-2019-14250 Armin Kuster
2019-10-07 15:10 ` [thud 10/26] binutils: Security fix for CVE-2019-14444 Armin Kuster
2019-10-07 15:10 ` [thud 11/26] binutils: Security fix for CVE-2019-12972 Armin Kuster
2019-10-07 15:10 ` [thud 12/26] bind: update to latest LTS 9.11.5 Armin Kuster
2019-10-07 15:10 ` [thud 13/26] bind: upgrade 9.11.5 -> 9.11.5-P4 Armin Kuster
2019-10-07 15:10 ` [thud 14/26] go: update to 1.11.13, minor updates Armin Kuster
2019-10-07 15:10 ` [thud 15/26] dhcp: fix issue with new bind changes Armin Kuster
2019-10-07 15:10 ` [thud 16/26] dhcp: drop lost patch Armin Kuster
2019-10-07 15:10 ` [thud 17/26] dhcp: Replace OE specific patch for compatibility with latest bind with upstream patch Armin Kuster
2019-10-07 15:10 ` [thud 18/26] binutils: Fix 4 CVEs Armin Kuster
2019-10-07 15:10 ` [thud 19/26] python: Fix 3 CVEs Armin Kuster
2019-10-07 15:10 ` [thud 20/26] python3: Fix CVEs Armin Kuster
2019-10-07 15:10 ` [thud 21/26] libxslt: Cve fix CVE-2019-11068 Armin Kuster
2019-10-07 15:10 ` [thud 22/26] libxslt: fix CVE-2019-13117 CVE-2019-13118 Armin Kuster
2019-10-07 15:11 ` [thud 23/26] patch: fix CVE-2019-13638 Armin Kuster
2019-10-07 15:11 ` [thud 24/26] patch: backport fixes Armin Kuster
2019-10-07 15:11 ` [thud 25/26] pango: fix CVE-2019-1010238 Armin Kuster
2019-10-07 15:11 ` [thud 26/26] linux-yocto/4.14: update to v4.14.143 Armin Kuster
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1570460789.git.akuster808@gmail.com \
--to=akuster808@gmail.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox