[warrior 00/29] Merge request

Openembedded Core Discussions
 help / color / mirror / Atom feed

From: Armin Kuster <akuster808@gmail.com>
To: openembedded-core@openembedded.org
Subject: [warrior 00/29] Merge request
Date: Sun, 26 Jan 2020 08:24:25 -0800	[thread overview]
Message-ID: <cover.1580055797.git.akuster808@gmail.com> (raw)

Please consider this for warrior.
All changes have already been posted on list

The following changes since commit 279c4da2e5f46dccfeff0c898c2205940be9e174:

  stress: update SRC_URI (2020-01-11 19:39:37 -0800)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/warrior-next
  http://cgit.openembedded.org//log/?h=stable/warrior-next

Adrian Bunk (13):
  python: Whitelist CVE-2017-17522 CVE-2017-18207 CVE-2015-5652
  python/python3: Whitelist CVE-2019-18348
  python3: Upgrade 3.7.5 -> 3.7.6
  bind: Whitelist CVE-2019-6470
  lighttpd: Backport the CVE-2019-11072 fix
  glib-2.0: Backport the CVE-2019-12450 fix
  lz4: Whitelist CVE-2014-4715
  iputils: Whitelist CVE-2000-1213 CVE-2000-1214
  systemd: Whitelist CVE-2018-21029 CVE-2019-3843 CVE-2019-3844
  systemd: Upgrade to a more recent snapshot from the 241 branch
  openssl: Upgrade 1.1.1b -> 1.1.1c
  openssl: Upgrade 1.1.1c -> 1.1.1d
  openssl: Whitelist CVE-2019-0190

Anuj Mittal (6):
  libarchive: fix CVE-2019-19221
  glibc: fix CVE-2019-19126
  nasm: fix CVE-2018-19755
  nasm: fix CVE-2019-14248
  sysstat: fix CVE-2019-19725
  openssl: fix CVE-2019-1551

Hongxu Jia (1):
  go: fix CVE-2019-17596

Joshua Watt (1):
  python3: RDEPEND on libgcc

Khem Raj (1):
  openssl: Enable os option for with-rand-seed as well

Mattias Hansson (1):
  base.bbclass: add dependency on pseudo from do_prepare_recipe_sysroot

Peter Kjellerstedt (2):
  populate_sdk_ext.bbclass: No longer needed to clean away
    conf/sanity_info
  sanity.bbclass: Move sanity_info from conf to cache

Ross Burton (1):
  wpa-supplicant: fix CVE-2019-16275

Trevor Gamblin (2):
  binutils: fix CVE-2019-17450
  binutils: fix CVE-2019-17451

Vinay Kumar (1):
  gdb: Fix CVE-2019-1010180

 meta/classes/base.bbclass                     |   1 +
 meta/classes/populate_sdk_ext.bbclass         |   2 +-
 meta/classes/sanity.bbclass                   |   2 +-
 meta/lib/oeqa/buildperf/base.py               |   2 +-
 .../bind/bind_9.11.5-P4.bb                    |   4 +
 .../openssl/openssl/CVE-2019-1543.patch       |  69 --
 .../openssl/openssl/CVE-2019-1551.patch       | 758 ++++++++++++++++++
 .../openssl/openssl/afalg.patch               |   6 +-
 .../{openssl_1.1.1b.bb => openssl_1.1.1d.bb}  |  16 +-
 ...re-management-frame-from-unexpected-.patch |  82 ++
 .../wpa-supplicant/wpa-supplicant_2.7.bb      |   1 +
 ...e-Limit-access-to-files-when-copying.patch |  57 ++
 meta/recipes-core/glib-2.0/glib-2.0_2.58.3.bb |   1 +
 .../glibc/glibc/CVE-2019-19126.patch          |  32 +
 meta/recipes-core/glibc/glibc_2.29.bb         |   1 +
 meta/recipes-core/systemd/systemd.inc         |   9 +-
 .../binutils/binutils-2.32.inc                |   2 +
 .../binutils/binutils/CVE-2019-17450.patch    |  99 +++
 .../binutils/binutils/CVE-2019-17451.patch    |  51 ++
 meta/recipes-devtools/gdb/gdb-8.2.1.inc       |   1 +
 .../gdb/gdb/CVE-2019-1010180.patch            | 132 +++
 meta/recipes-devtools/go/go-1.12.inc          |   1 +
 .../go/go-1.12/0010-fix-CVE-2019-17596.patch  |  42 +
 .../nasm/nasm/CVE-2018-19755.patch            | 116 +++
 .../nasm/nasm/CVE-2019-14248.patch            |  43 +
 meta/recipes-devtools/nasm/nasm_2.14.02.bb    |   5 +-
 meta/recipes-devtools/python/python.inc       |  13 +
 .../{python3_3.7.5.bb => python3_3.7.6.bb}    |   9 +-
 .../iputils/iputils_s20180629.bb              |   4 +
 .../libarchive/CVE-2019-19221.patch           | 101 +++
 .../libarchive/libarchive_3.3.3.bb            |   1 +
 ...x-abort-in-http-parseopts-fixes-2945.patch |  54 ++
 .../lighttpd/lighttpd_1.4.53.bb               |   1 +
 .../sysstat/sysstat/CVE-2019-19725.patch      |  28 +
 .../sysstat/sysstat_12.1.3.bb                 |   4 +-
 meta/recipes-support/lz4/lz4_1.8.3.bb         |   3 +
 36 files changed, 1667 insertions(+), 86 deletions(-)
 delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2019-1543.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2019-1551.patch
 rename meta/recipes-connectivity/openssl/{openssl_1.1.1b.bb => openssl_1.1.1d.bb} (92%)
 create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch
 create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/0001-gfile-Limit-access-to-files-when-copying.patch
 create mode 100644 meta/recipes-core/glibc/glibc/CVE-2019-19126.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2019-17450.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2019-17451.patch
 create mode 100644 meta/recipes-devtools/gdb/gdb/CVE-2019-1010180.patch
 create mode 100644 meta/recipes-devtools/go/go-1.12/0010-fix-CVE-2019-17596.patch
 create mode 100644 meta/recipes-devtools/nasm/nasm/CVE-2018-19755.patch
 create mode 100644 meta/recipes-devtools/nasm/nasm/CVE-2019-14248.patch
 rename meta/recipes-devtools/python/{python3_3.7.5.bb => python3_3.7.6.bb} (97%)
 create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2019-19221.patch
 create mode 100644 meta/recipes-extended/lighttpd/lighttpd/0001-core-fix-abort-in-http-parseopts-fixes-2945.patch
 create mode 100644 meta/recipes-extended/sysstat/sysstat/CVE-2019-19725.patch

-- 
2.17.1

next             reply	other threads:[~2020-01-26 16:24 UTC|newest]

Thread overview: 30+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-01-26 16:24 Armin Kuster [this message]
2020-01-26 16:24 ` [warrior 01/29] python: Whitelist CVE-2017-17522 CVE-2017-18207 CVE-2015-5652 Armin Kuster
2020-01-26 16:24 ` [warrior 02/29] python/python3: Whitelist CVE-2019-18348 Armin Kuster
2020-01-26 16:24 ` [warrior 03/29] python3: Upgrade 3.7.5 -> 3.7.6 Armin Kuster
2020-01-26 16:24 ` [warrior 04/29] python3: RDEPEND on libgcc Armin Kuster
2020-01-26 16:24 ` [warrior 05/29] wpa-supplicant: fix CVE-2019-16275 Armin Kuster
2020-01-26 16:24 ` [warrior 06/29] binutils: fix CVE-2019-17450 Armin Kuster
2020-01-26 16:24 ` [warrior 07/29] binutils: fix CVE-2019-17451 Armin Kuster
2020-01-26 16:24 ` [warrior 08/29] bind: Whitelist CVE-2019-6470 Armin Kuster
2020-01-26 16:24 ` [warrior 09/29] gdb: Fix CVE-2019-1010180 Armin Kuster
2020-01-26 16:24 ` [warrior 10/29] libarchive: fix CVE-2019-19221 Armin Kuster
2020-01-26 16:24 ` [warrior 11/29] glibc: fix CVE-2019-19126 Armin Kuster
2020-01-26 16:24 ` [warrior 12/29] lighttpd: Backport the CVE-2019-11072 fix Armin Kuster
2020-01-26 16:24 ` [warrior 13/29] glib-2.0: Backport the CVE-2019-12450 fix Armin Kuster
2020-01-26 16:24 ` [warrior 14/29] nasm: fix CVE-2018-19755 Armin Kuster
2020-01-26 16:24 ` [warrior 15/29] nasm: fix CVE-2019-14248 Armin Kuster
2020-01-26 16:24 ` [warrior 16/29] go: fix CVE-2019-17596 Armin Kuster
2020-01-26 16:24 ` [warrior 17/29] base.bbclass: add dependency on pseudo from do_prepare_recipe_sysroot Armin Kuster
2020-01-26 16:24 ` [warrior 18/29] sysstat: fix CVE-2019-19725 Armin Kuster
2020-01-26 16:24 ` [warrior 19/29] lz4: Whitelist CVE-2014-4715 Armin Kuster
2020-01-26 16:24 ` [warrior 20/29] iputils: Whitelist CVE-2000-1213 CVE-2000-1214 Armin Kuster
2020-01-26 16:24 ` [warrior 21/29] systemd: Whitelist CVE-2018-21029 CVE-2019-3843 CVE-2019-3844 Armin Kuster
2020-01-26 16:24 ` [warrior 22/29] systemd: Upgrade to a more recent snapshot from the 241 branch Armin Kuster
2020-01-26 16:24 ` [warrior 23/29] openssl: Upgrade 1.1.1b -> 1.1.1c Armin Kuster
2020-01-26 16:24 ` [warrior 24/29] openssl: Upgrade 1.1.1c -> 1.1.1d Armin Kuster
2020-01-26 16:24 ` [warrior 25/29] openssl: Enable os option for with-rand-seed as well Armin Kuster
2020-01-26 16:24 ` [warrior 26/29] openssl: Whitelist CVE-2019-0190 Armin Kuster
2020-01-26 16:24 ` [warrior 27/29] openssl: fix CVE-2019-1551 Armin Kuster
2020-01-26 16:24 ` [warrior 28/29] populate_sdk_ext.bbclass: No longer needed to clean away conf/sanity_info Armin Kuster
2020-01-26 16:24 ` [warrior 29/29] sanity.bbclass: Move sanity_info from conf to cache Armin Kuster

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=cover.1580055797.git.akuster808@gmail.com \
    --to=akuster808@gmail.com \
    --cc=openembedded-core@openembedded.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox