[warrior 00/28] Patch review

Openembedded Core Discussions
 help / color / mirror / Atom feed

From: Armin Kuster <akuster808@gmail.com>
To: openembedded-core@openembedded.org
Cc: akuster808@gnail.com
Subject: [warrior 00/28] Patch review
Date: Mon, 13 Jan 2020 07:29:59 -0800	[thread overview]
Message-ID: <cover.1578929268.git.akuster808@gmail.com> (raw)

Please have review comments back by Wednesday

The following changes since commit 7009d823a0799ce7132bd77329b273a476718c8c:

  python: update to 2.7.17 (2019-11-23 21:01:39 -0800)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/warrior-nut
  http://cgit.openembedded.org//log/?h=stable/warrior-nut

Alexander Kanavin (1):
  sudo: correct SRC_URI

Anuj Mittal (1):
  openssl: set CVE vendor to openssl

Armin Kuster (1):
  stress: update SRC_URI

Chen Qi (2):
  libxfont2: set CVE_PRODUCT
  webkitgtk: set CVE_PRODUCT

Ferry Toth (1):
  sudo: Fix fetching sources

Khem Raj (1):
  sdk: Install nativesdk locales for all TCLIBC variants

Niko Mauno (1):
  cve-check: Switch to NVD CVE JSON feed version 1.1

Oleksandr Kravchuk (1):
  popt: fix SRC_URI

Ross Burton (18):
  flex: set CVE_PRODUCT to include vendor
  git: set CVE vendor to git-scm
  subversion: set CVE vendor to Apache
  ed: set CVE vendor to avoid false positives
  boost: set CVE vendor to Boost
  libpam: set CVE_PRODUCT
  libsndfile1: whitelist CVE-2018-13419
  procps: whitelist CVE-2018-1121
  cve-check: ensure all known CVEs are in the report
  cve-check: failure to parse versions should be more visible
  cve-check: we don't actually need to unpack to check
  cve-update-db-native: don't refresh more than once an hour
  cve-update-db-native: don't hardcode the database name
  cve-update-db-native: add an index on the CVE ID column
  cve-update-db-native: clean up proxy handling
  cve-check: rewrite look to fix false negatives
  cve-check: neaten get_cve_info
  cve-check: fetch CVE data once at a time instead of in a single call

Zang Ruochen (1):
  libpcap: upgrade 1.9.0 -> 1.9.1

 meta/classes/cve-check.bbclass                | 105 +++++++++---------
 meta/lib/oe/sdk.py                            |   4 -
 ...-add-missing-limits.h-for-musl-syste.patch |  29 -----
 .../{libpcap_1.9.0.bb => libpcap_1.9.1.bb}    |   5 +-
 .../openssl/openssl_1.1.1b.bb                 |   2 +
 .../recipes-core/meta/cve-update-db-native.bb |  46 +++-----
 meta/recipes-devtools/flex/flex_2.6.0.bb      |   3 +
 meta/recipes-devtools/git/git.inc             |   2 +
 .../subversion/subversion_1.11.1.bb           |   2 +
 meta/recipes-extended/ed/ed_1.15.bb           |   2 +
 meta/recipes-extended/pam/libpam_1.3.0.bb     |   2 +
 meta/recipes-extended/procps/procps_3.3.15.bb |   3 +
 meta/recipes-extended/stress/stress_1.0.4.bb  |   2 +-
 meta/recipes-extended/sudo/sudo_1.8.27.bb     |   2 +-
 .../xorg-lib/libxfont2_2.0.3.bb               |   2 +
 .../libsndfile/libsndfile1_1.0.28.bb          |   3 +
 meta/recipes-sato/webkit/webkitgtk_2.22.7.bb  |   2 +
 meta/recipes-support/boost/boost.inc          |   2 +
 meta/recipes-support/popt/popt_1.16.bb        |   2 +-
 19 files changed, 101 insertions(+), 119 deletions(-)
 delete mode 100644 meta/recipes-connectivity/libpcap/libpcap/0001-pcap-usb-linux.c-add-missing-limits.h-for-musl-syste.patch
 rename meta/recipes-connectivity/libpcap/{libpcap_1.9.0.bb => libpcap_1.9.1.bb} (88%)

-- 
2.17.1

next             reply	other threads:[~2020-01-13 15:30 UTC|newest]

Thread overview: 29+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-01-13 15:29 Armin Kuster [this message]
2020-01-13 15:30 ` [warrior 01/28] openssl: set CVE vendor to openssl Armin Kuster
2020-01-13 15:30 ` [warrior 02/28] flex: set CVE_PRODUCT to include vendor Armin Kuster
2020-01-13 15:30 ` [warrior 03/28] git: set CVE vendor to git-scm Armin Kuster
2020-01-13 15:30 ` [warrior 04/28] subversion: set CVE vendor to Apache Armin Kuster
2020-01-13 15:30 ` [warrior 05/28] ed: set CVE vendor to avoid false positives Armin Kuster
2020-01-13 15:30 ` [warrior 06/28] boost: set CVE vendor to Boost Armin Kuster
2020-01-13 15:30 ` [warrior 07/28] libpam: set CVE_PRODUCT Armin Kuster
2020-01-13 15:30 ` [warrior 08/28] libxfont2: " Armin Kuster
2020-01-13 15:30 ` [warrior 09/28] libsndfile1: whitelist CVE-2018-13419 Armin Kuster
2020-01-13 15:30 ` [warrior 10/28] webkitgtk: set CVE_PRODUCT Armin Kuster
2020-01-13 15:30 ` [warrior 11/28] procps: whitelist CVE-2018-1121 Armin Kuster
2020-01-13 15:30 ` [warrior 12/28] libpcap: upgrade 1.9.0 -> 1.9.1 Armin Kuster
2020-01-13 15:30 ` [warrior 13/28] sdk: Install nativesdk locales for all TCLIBC variants Armin Kuster
2020-01-13 15:30 ` [warrior 14/28] cve-check: ensure all known CVEs are in the report Armin Kuster
2020-01-13 15:30 ` [warrior 15/28] cve-check: failure to parse versions should be more visible Armin Kuster
2020-01-13 15:30 ` [warrior 16/28] cve-check: we don't actually need to unpack to check Armin Kuster
2020-01-13 15:30 ` [warrior 17/28] cve-update-db-native: don't refresh more than once an hour Armin Kuster
2020-01-13 15:30 ` [warrior 18/28] cve-update-db-native: don't hardcode the database name Armin Kuster
2020-01-13 15:30 ` [warrior 19/28] cve-update-db-native: add an index on the CVE ID column Armin Kuster
2020-01-13 15:30 ` [warrior 20/28] cve-update-db-native: clean up proxy handling Armin Kuster
2020-01-13 15:30 ` [warrior 21/28] cve-check: rewrite look to fix false negatives Armin Kuster
2020-01-13 15:30 ` [warrior 22/28] cve-check: neaten get_cve_info Armin Kuster
2020-01-13 15:30 ` [warrior 23/28] cve-check: fetch CVE data once at a time instead of in a single call Armin Kuster
2020-01-13 15:30 ` [warrior 24/28] cve-check: Switch to NVD CVE JSON feed version 1.1 Armin Kuster
2020-01-13 15:30 ` [warrior 25/28] popt: fix SRC_URI Armin Kuster
2020-01-13 15:30 ` [warrior 26/28] sudo: correct SRC_URI Armin Kuster
2020-01-13 15:30 ` [warrior 27/28] sudo: Fix fetching sources Armin Kuster
2020-01-13 15:30 ` [warrior 28/28] stress: update SRC_URI Armin Kuster

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=cover.1578929268.git.akuster808@gmail.com \
    --to=akuster808@gmail.com \
    --cc=akuster808@gnail.com \
    --cc=openembedded-core@openembedded.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox