From: Armin Kuster <akuster808@gmail.com>
To: openembedded-core@lists.openembedded.org
Subject: [warrior 00/19] Pull request
Date: Tue, 29 Oct 2019 10:47:13 +0100 [thread overview]
Message-ID: <cover.1572341125.git.akuster808@gmail.com> (raw)
This set passed A-full AB.
Most fo these have already been on the mailing list.
This is last set needed for the next dot release.
The following changes since commit b6e17afc06d7a44dc9774ee98de7f186580ddf0d:
uninative: Update to 2.7 release (2019-10-08 07:54:37 -0700)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/warrior-next
http://cgit.openembedded.org//log/?h=stable/warrior-next
Alexander Kanavin (1):
linux-yocto: add drm-bochs support
Anuj Mittal (1):
python: include CVE patches for python-native as well
Armin Kuster (1):
qemu: update to 3.1.1.1
Bruce Ashfield (6):
linux-yocto/5.0: bsp: add basic xilinx zynqmp support
linux-yocto/5.0: make scsi-debug include scsi core configs
linux-yocto: bsp/beaglebone: support qemu -machine virt
linux-yocto: arch/x86/boot: use prefix map to avoid embedded paths
kernel-yocto: import security fragments from meta-security
linux-yocto/4.19: make drm-bochs feature available
Changqing Li (2):
python: Fix CVE-2019-10160
sudo: fix CVE-2019-14287
Chen Qi (2):
python: CVE-2019-16056
go: fix CVE-2019-16276
Dmitry Eremin-Solenikov (1):
kernel.bbclass: fix installation of modules signing certificates
George McCollister (1):
openssl: make OPENSSL_ENGINES match install path
Muminul Islam (1):
libcroco: Fix two CVEs
Yi Zhao (2):
python: add tk-lib as runtime dependency for python-tkinter
libgcrypt: fix CVE-2019-12904
Zang Ruochen (1):
gnutls:upgrade 3.6.7 -> 3.6.8
meta/classes/kernel.bbclass | 2 +-
.../recipes-connectivity/openssl/openssl_1.1.1b.bb | 2 +-
meta/recipes-devtools/go/go-1.12.inc | 1 +
...nch.go1.12-security-net-textproto-don-t-n.patch | 163 ++++++++++
meta/recipes-devtools/python/python.inc | 5 +
...55-Dont-parse-domains-containing-GH-13079.patch | 90 ++++++
.../python/python/bpo-36742-cve-2019-10160.patch | 81 +++++
meta/recipes-devtools/python/python3_3.7.4.bb | 2 +-
meta/recipes-devtools/python/python_2.7.16.bb | 9 +-
...qemu-native_3.1.0.bb => qemu-native_3.1.1.1.bb} | 0
...tive_3.1.0.bb => qemu-system-native_3.1.1.1.bb} | 0
meta/recipes-devtools/qemu/qemu.inc | 14 +-
.../0001-egl-headless-add-egl_create_context.patch | 50 ----
.../qemu/qemu/0014-fix-CVE-2018-16872.patch | 85 ------
.../qemu/qemu/0015-fix-CVE-2018-20124.patch | 60 ----
.../qemu/qemu/0016-fix-CVE-2018-20125.patch | 54 ----
.../qemu/qemu/0017-fix-CVE-2018-20126.patch | 113 -------
.../qemu/qemu/0018-fix-CVE-2018-20191.patch | 47 ---
.../qemu/qemu/0019-fix-CVE-2018-20216.patch | 85 ------
.../qemu/qemu/CVE-2018-20815.patch | 38 ---
.../recipes-devtools/qemu/qemu/CVE-2019-3812.patch | 39 ---
.../recipes-devtools/qemu/qemu/CVE-2019-8934.patch | 215 -------------
.../qemu/{qemu_3.1.0.bb => qemu_3.1.1.1.bb} | 0
.../sudo/sudo/CVE-2019-14287-1.patch | 178 +++++++++++
.../sudo/sudo/CVE-2019-14287-2.patch | 112 +++++++
meta/recipes-extended/sudo/sudo_1.8.27.bb | 2 +
meta/recipes-kernel/linux/linux-yocto-dev.bb | 2 +-
meta/recipes-kernel/linux/linux-yocto-rt_4.19.bb | 4 +-
meta/recipes-kernel/linux/linux-yocto-rt_5.0.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto-tiny_4.19.bb | 2 +-
meta/recipes-kernel/linux/linux-yocto-tiny_5.0.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_4.19.bb | 4 +-
meta/recipes-kernel/linux/linux-yocto_5.0.bb | 21 +-
.../gnutls/{gnutls_3.6.7.bb => gnutls_3.6.8.bb} | 4 +-
.../libcroco/libcroco/CVE-2017-8834_71.patch | 38 +++
meta/recipes-support/libcroco/libcroco_0.6.12.bb | 1 +
.../files/0001-Prefetch-GCM-look-up-tables.patch | 90 ++++++
...ok-up-tables-to-.data-section-and-unshare.patch | 332 +++++++++++++++++++++
...ok-up-table-to-.data-section-and-unshare-.patch | 178 +++++++++++
meta/recipes-support/libgcrypt/libgcrypt_1.8.4.bb | 3 +
40 files changed, 1307 insertions(+), 831 deletions(-)
create mode 100644 meta/recipes-devtools/go/go-1.12/0001-release-branch.go1.12-security-net-textproto-don-t-n.patch
create mode 100644 meta/recipes-devtools/python/python/0001-2.7-bpo-34155-Dont-parse-domains-containing-GH-13079.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-36742-cve-2019-10160.patch
rename meta/recipes-devtools/qemu/{qemu-native_3.1.0.bb => qemu-native_3.1.1.1.bb} (100%)
rename meta/recipes-devtools/qemu/{qemu-system-native_3.1.0.bb => qemu-system-native_3.1.1.1.bb} (100%)
delete mode 100644 meta/recipes-devtools/qemu/qemu/0001-egl-headless-add-egl_create_context.patch
delete mode 100644 meta/recipes-devtools/qemu/qemu/0014-fix-CVE-2018-16872.patch
delete mode 100644 meta/recipes-devtools/qemu/qemu/0015-fix-CVE-2018-20124.patch
delete mode 100644 meta/recipes-devtools/qemu/qemu/0016-fix-CVE-2018-20125.patch
delete mode 100644 meta/recipes-devtools/qemu/qemu/0017-fix-CVE-2018-20126.patch
delete mode 100644 meta/recipes-devtools/qemu/qemu/0018-fix-CVE-2018-20191.patch
delete mode 100644 meta/recipes-devtools/qemu/qemu/0019-fix-CVE-2018-20216.patch
delete mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-20815.patch
delete mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2019-3812.patch
delete mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2019-8934.patch
rename meta/recipes-devtools/qemu/{qemu_3.1.0.bb => qemu_3.1.1.1.bb} (100%)
create mode 100644 meta/recipes-extended/sudo/sudo/CVE-2019-14287-1.patch
create mode 100644 meta/recipes-extended/sudo/sudo/CVE-2019-14287-2.patch
rename meta/recipes-support/gnutls/{gnutls_3.6.7.bb => gnutls_3.6.8.bb} (93%)
create mode 100644 meta/recipes-support/libcroco/libcroco/CVE-2017-8834_71.patch
create mode 100644 meta/recipes-support/libgcrypt/files/0001-Prefetch-GCM-look-up-tables.patch
create mode 100644 meta/recipes-support/libgcrypt/files/0002-AES-move-look-up-tables-to-.data-section-and-unshare.patch
create mode 100644 meta/recipes-support/libgcrypt/files/0003-GCM-move-look-up-table-to-.data-section-and-unshare-.patch
--
2.7.4
next reply other threads:[~2019-10-29 9:47 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-29 9:47 Armin Kuster [this message]
2019-10-29 9:47 ` [warrior 01/19] kernel.bbclass: fix installation of modules signing certificates Armin Kuster
2019-10-29 9:47 ` [warrior 02/19] gnutls:upgrade 3.6.7 -> 3.6.8 Armin Kuster
2019-10-29 9:47 ` [warrior 03/19] linux-yocto/5.0: bsp: add basic xilinx zynqmp support Armin Kuster
2019-10-29 9:47 ` [warrior 04/19] linux-yocto/5.0: make scsi-debug include scsi core configs Armin Kuster
2019-10-29 9:47 ` [warrior 05/19] linux-yocto: bsp/beaglebone: support qemu -machine virt Armin Kuster
2019-10-29 9:47 ` [warrior 06/19] linux-yocto: arch/x86/boot: use prefix map to avoid embedded paths Armin Kuster
2019-10-29 9:47 ` [warrior 07/19] kernel-yocto: import security fragments from meta-security Armin Kuster
2019-10-29 9:47 ` [warrior 08/19] linux-yocto/4.19: make drm-bochs feature available Armin Kuster
2019-10-29 9:47 ` [warrior 09/19] linux-yocto: add drm-bochs support Armin Kuster
2019-10-29 9:47 ` [warrior 10/19] libcroco: Fix two CVEs Armin Kuster
2019-10-29 9:47 ` [warrior 11/19] python: include CVE patches for python-native as well Armin Kuster
2019-10-29 9:47 ` [warrior 12/19] python: add tk-lib as runtime dependency for python-tkinter Armin Kuster
2019-10-29 9:47 ` [warrior 13/19] python: CVE-2019-16056 Armin Kuster
2019-10-29 9:47 ` [warrior 14/19] python: Fix CVE-2019-10160 Armin Kuster
2019-10-29 9:47 ` [warrior 15/19] openssl: make OPENSSL_ENGINES match install path Armin Kuster
2019-10-29 9:47 ` [warrior 16/19] libgcrypt: fix CVE-2019-12904 Armin Kuster
2019-10-29 9:47 ` [warrior 17/19] sudo: fix CVE-2019-14287 Armin Kuster
2019-10-29 9:47 ` [warrior 18/19] go: fix CVE-2019-16276 Armin Kuster
2019-11-01 17:33 ` Andrey Zhizhikin
2019-11-01 17:39 ` Khem Raj
2019-11-01 17:12 ` Martin Jansa
2019-11-01 18:31 ` Andrey Zhizhikin
2019-10-29 9:47 ` [warrior 19/19] qemu: update to 3.1.1.1 Armin Kuster
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1572341125.git.akuster808@gmail.com \
--to=akuster808@gmail.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox