From: Armin Kuster <akuster808@gmail.com>
To: openembedded-core@lists.openembedded.org
Subject: [zeus 00/28] Patch review
Date: Fri, 25 Oct 2019 23:49:32 -0700 [thread overview]
Message-ID: <cover.1572072421.git.akuster808@gmail.com> (raw)
This is what has been backported from master or patches.
Comments by Monday.
The following changes since commit 59938780e7e776d87146002ea939b185f8704408:
build-appliance-image: Update to master head revision (2019-10-09 22:28:44 +0100)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/zeus-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/zeus-next
Alexander Kanavin (1):
runqemu: unset another environment variable for 'egl-headless'
André Draszik (1):
connman: mark connman-wait-online as SYSTEMD_PACKAGE
Changqing Li (3):
qemu: Fix CVE-2019-12068
python: Fix CVE-2019-10160
sudo: fix CVE-2019-14287
Chee Yang Lee (1):
wic/engine: use 'linux-swap' for swap file system
Chen Qi (3):
python: CVE-2019-16056
python3: CVE-2019-16056
go: fix CVE-2019-16276
Douglas Royds via Openembedded-core (1):
icecc: Export ICECC_CC and friends via wrapper-script
Eugene Smirnov (1):
wic/rawcopy: Support files in sub-directories
George McCollister (1):
openssl: make OPENSSL_ENGINES match install path
Hongxu Jia (1):
openssh: fix CVE-2019-16905
Joerg Vehlow (1):
runqemu: Remove disabling of high resolution timer
Liwei Song (1):
util-linux: fix PKNAME name is NULL when use lsblk [LIN1019-2963]
Michael Ho (1):
cmake.bbclass: add HOSTTOOLS_DIR to CMAKE_FIND_ROOT_PATH
Qi.Chen@windriver.com (1):
sqlite3: fix CVE-2019-16168
Ricardo Ribalda Delgado (1):
i2c-tools: Add missing RDEPEND
Ross Burton (3):
sanity: check the format of SDK_VENDOR
file: explicitly disable seccomp
python3: -dev should depend on distutils
Stefan Agner (1):
uninative: check .done file instead of tarball
Tom Benn (1):
dbus: update dbus-1.init to reflect new PID file
Trevor Gamblin (2):
aspell: fix CVE-2019-17544
ncurses: fix CVE-2019-17594, CVE-2019-17595
Wenlin Kang (1):
sysstat: fix CVE-2019-16167
Yi Zhao (2):
libsdl2: fix CVE-2019-13616
libgcrypt: fix CVE-2019-12904
meta/classes/cmake.bbclass | 3 +-
meta/classes/icecc.bbclass | 32 +-
meta/classes/sanity.bbclass | 5 +
meta/classes/uninative.bbclass | 2 +-
meta/recipes-connectivity/connman/connman.inc | 2 +-
...x-integer-overflow-in-XMSS-private-key-pa.patch | 40 +++
meta/recipes-connectivity/openssh/openssh_8.0p1.bb | 1 +
.../recipes-connectivity/openssl/openssl_1.1.1d.bb | 2 +-
meta/recipes-core/dbus/dbus/dbus-1.init | 4 +-
...rses-selective-backport-of-20191012-patch.patch | 169 +++++++++++
meta/recipes-core/ncurses/ncurses_6.1+20190803.bb | 1 +
...lsblk-force-to-print-PKNAME-for-partition.patch | 36 +++
meta/recipes-core/util-linux/util-linux_2.34.bb | 1 +
meta/recipes-devtools/file/file_5.37.bb | 2 +
meta/recipes-devtools/go/go-1.12.inc | 1 +
...nch.go1.12-security-net-textproto-don-t-n.patch | 163 ++++++++++
meta/recipes-devtools/i2c-tools/i2c-tools_4.1.bb | 1 +
...55-Dont-parse-domains-containing-GH-13079.patch | 90 ++++++
.../python/python/bpo-36742-cve-2019-10160.patch | 81 +++++
...55-Dont-parse-domains-containing-GH-13079.patch | 132 ++++++++
.../python/python3/python3-manifest.json | 3 +-
meta/recipes-devtools/python/python3_3.7.4.bb | 1 +
meta/recipes-devtools/python/python_2.7.16.bb | 2 +
meta/recipes-devtools/qemu/qemu.inc | 1 +
.../qemu/qemu/CVE-2019-12068.patch | 108 +++++++
.../sudo/sudo/CVE-2019-14287-1.patch | 178 +++++++++++
.../sudo/sudo/CVE-2019-14287-2.patch | 112 +++++++
meta/recipes-extended/sudo/sudo_1.8.27.bb | 2 +
...ory-corruption-bug-due-to-Integer-Overflo.patch | 46 +++
meta/recipes-extended/sysstat/sysstat_12.1.6.bb | 4 +-
...538-validate-image-size-when-loading-BMP-.patch | 34 +++
meta/recipes-graphics/libsdl2/libsdl2_2.0.10.bb | 1 +
.../0001-Fix-various-bugs-found-by-OSS-Fuze.patch | 56 ++++
meta/recipes-support/aspell/aspell_0.60.7.bb | 4 +-
.../files/0001-Prefetch-GCM-look-up-tables.patch | 90 ++++++
...ok-up-tables-to-.data-section-and-unshare.patch | 332 +++++++++++++++++++++
...ok-up-table-to-.data-section-and-unshare-.patch | 178 +++++++++++
meta/recipes-support/libgcrypt/libgcrypt_1.8.4.bb | 3 +
.../sqlite/files/0001-Fix-CVE-2019-16168.patch | 40 +++
meta/recipes-support/sqlite/sqlite3_3.29.0.bb | 3 +-
scripts/lib/wic/engine.py | 2 +-
scripts/lib/wic/plugins/source/rawcopy.py | 3 +
scripts/runqemu | 5 +-
43 files changed, 1951 insertions(+), 25 deletions(-)
create mode 100644 meta/recipes-connectivity/openssh/openssh/0001-upstream-fix-integer-overflow-in-XMSS-private-key-pa.patch
create mode 100644 meta/recipes-core/ncurses/files/0001-ncurses-selective-backport-of-20191012-patch.patch
create mode 100644 meta/recipes-core/util-linux/util-linux/0001-lsblk-force-to-print-PKNAME-for-partition.patch
create mode 100644 meta/recipes-devtools/go/go-1.12/0001-release-branch.go1.12-security-net-textproto-don-t-n.patch
create mode 100644 meta/recipes-devtools/python/python/0001-2.7-bpo-34155-Dont-parse-domains-containing-GH-13079.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-36742-cve-2019-10160.patch
create mode 100644 meta/recipes-devtools/python/python3/0001-bpo-34155-Dont-parse-domains-containing-GH-13079.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2019-12068.patch
create mode 100644 meta/recipes-extended/sudo/sudo/CVE-2019-14287-1.patch
create mode 100644 meta/recipes-extended/sudo/sudo/CVE-2019-14287-2.patch
create mode 100644 meta/recipes-extended/sysstat/sysstat/0001-Fix-232-Memory-corruption-bug-due-to-Integer-Overflo.patch
create mode 100644 meta/recipes-graphics/libsdl2/libsdl2/0001-Fixed-bug-4538-validate-image-size-when-loading-BMP-.patch
create mode 100644 meta/recipes-support/aspell/aspell/0001-Fix-various-bugs-found-by-OSS-Fuze.patch
create mode 100644 meta/recipes-support/libgcrypt/files/0001-Prefetch-GCM-look-up-tables.patch
create mode 100644 meta/recipes-support/libgcrypt/files/0002-AES-move-look-up-tables-to-.data-section-and-unshare.patch
create mode 100644 meta/recipes-support/libgcrypt/files/0003-GCM-move-look-up-table-to-.data-section-and-unshare-.patch
create mode 100644 meta/recipes-support/sqlite/files/0001-Fix-CVE-2019-16168.patch
--
2.7.4
next reply other threads:[~2019-10-26 6:50 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-26 6:49 Armin Kuster [this message]
2019-10-26 6:49 ` [zeus 01/28] sqlite3: fix CVE-2019-16168 Armin Kuster
2019-10-26 6:49 ` [zeus 02/28] aspell: fix CVE-2019-17544 Armin Kuster
2019-10-26 6:49 ` [zeus 03/28] python: CVE-2019-16056 Armin Kuster
2019-10-26 6:49 ` [zeus 04/28] python3: CVE-2019-16056 Armin Kuster
2019-10-26 6:49 ` [zeus 05/28] runqemu: unset another environment variable for 'egl-headless' Armin Kuster
2019-10-26 6:49 ` [zeus 06/28] runqemu: Remove disabling of high resolution timer Armin Kuster
2019-10-26 6:49 ` [zeus 07/28] ncurses: fix CVE-2019-17594, CVE-2019-17595 Armin Kuster
2019-10-26 6:49 ` [zeus 08/28] sysstat: fix CVE-2019-16167 Armin Kuster
2019-10-26 6:49 ` [zeus 09/28] libsdl2: fix CVE-2019-13616 Armin Kuster
2019-10-26 6:49 ` [zeus 10/28] sanity: check the format of SDK_VENDOR Armin Kuster
2019-10-26 6:49 ` [zeus 11/28] uninative: check .done file instead of tarball Armin Kuster
2019-10-26 6:49 ` [zeus 12/28] openssh: fix CVE-2019-16905 Armin Kuster
2019-10-26 6:49 ` [zeus 13/28] wic/rawcopy: Support files in sub-directories Armin Kuster
2019-10-26 6:49 ` [zeus 14/28] file: explicitly disable seccomp Armin Kuster
2019-10-26 6:49 ` [zeus 15/28] i2c-tools: Add missing RDEPEND Armin Kuster
2019-10-26 6:49 ` [zeus 16/28] python3: -dev should depend on distutils Armin Kuster
2019-10-26 6:49 ` [zeus 17/28] qemu: Fix CVE-2019-12068 Armin Kuster
2019-10-26 6:49 ` [zeus 18/28] cmake.bbclass: add HOSTTOOLS_DIR to CMAKE_FIND_ROOT_PATH Armin Kuster
2019-10-29 8:18 ` Richard Purdie
2019-10-29 20:31 ` Khem Raj
2019-10-30 4:29 ` akuster808
2019-10-30 6:02 ` Richard Purdie
2019-10-26 6:49 ` [zeus 19/28] openssl: make OPENSSL_ENGINES match install path Armin Kuster
2019-10-26 6:49 ` [zeus 20/28] icecc: Export ICECC_CC and friends via wrapper-script Armin Kuster
2019-10-26 6:49 ` [zeus 21/28] python: Fix CVE-2019-10160 Armin Kuster
2019-10-26 6:49 ` [zeus 22/28] libgcrypt: fix CVE-2019-12904 Armin Kuster
2019-10-26 6:49 ` [zeus 23/28] dbus: update dbus-1.init to reflect new PID file Armin Kuster
2019-10-26 6:49 ` [zeus 24/28] sudo: fix CVE-2019-14287 Armin Kuster
2019-10-26 6:49 ` [zeus 25/28] go: fix CVE-2019-16276 Armin Kuster
2019-10-31 11:49 ` Martin Jansa
2019-10-31 11:57 ` Martin Jansa
2019-10-26 6:49 ` [zeus 26/28] util-linux: fix PKNAME name is NULL when use lsblk [LIN1019-2963] Armin Kuster
2019-10-26 6:49 ` [zeus 27/28] wic/engine: use 'linux-swap' for swap file system Armin Kuster
2019-10-26 6:50 ` [zeus 28/28] connman: mark connman-wait-online as SYSTEMD_PACKAGE Armin Kuster
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1572072421.git.akuster808@gmail.com \
--to=akuster808@gmail.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox