From: "Anuj Mittal" <anuj.mittal@intel.com>
To: openembedded-core@lists.openembedded.org
Subject: [zeus][PATCH 00/11] zeus review request
Date: Wed, 9 Sep 2020 16:11:02 +0800 [thread overview]
Message-ID: <cover.1599638315.git.anuj.mittal@intel.com> (raw)
A set of CVE fixes for zeus. Please review.
I have rebased these on top of current zeus-next and have run the entire
set through autobuilder using the contrib/rpurdie/zeus helper branch.
There's one failure while compiling acl (for reproducibility
test) which probably happened because of memory availability and is
unrelated:
| make: *** read jobs pipe: Resource temporarily unavailable. Stop.
https://autobuilder.yoctoproject.org/typhoon/#/builders/79/builds/1358/steps/8/logs/step2d
Thanks,
Anuj
The following changes since commit 1c367349b733e931369944c362b357f92621f07b:
oeqa/runtime_test: Disable test_testimage_virgl_gtk (2020-09-08 14:34:18 +0100)
are available in the Git repository at:
git://push.openembedded.org/openembedded-core-contrib anujm/zeus
Li Wang (3):
qemu: CVE-2020-16092
qemu : fix CVE-2020-15863
qemu: CVE-2020-14364
Li Zhou (5):
xserver-xorg: Security Advisory - xserver-xorg - CVE-2020-14347
bind: Security Advisory - bind - CVE-2020-8622
bind: Security Advisory - bind - CVE-2020-8623
bind: Security Advisory - bind - CVE-2020-8624
go: Security Advisory - go - CVE-2020-24553
Stefan Ghinea (1):
qemu: CVE-2020-10756
Zhixiong Chi (2):
go: CVE-2020-16845
gnutls: CVE-2020-24659
.../bind/bind/CVE-2020-8622.patch | 60 +++
.../bind/bind/CVE-2020-8623.patch | 402 ++++++++++++++++
.../bind/bind/CVE-2020-8624.patch | 33 ++
.../recipes-connectivity/bind/bind_9.11.19.bb | 3 +
meta/recipes-devtools/go/go-1.12.inc | 3 +
...i-rename-a-test-file-to-be-less-cute.patch | 28 ++
.../go/go-1.12/CVE-2020-16845.patch | 110 +++++
.../go/go-1.12/CVE-2020-24553.patch | 429 ++++++++++++++++++
meta/recipes-devtools/qemu/qemu.inc | 4 +
.../qemu/qemu/CVE-2020-10756.patch | 40 ++
.../qemu/qemu/CVE-2020-14364.patch | 93 ++++
.../qemu/qemu/CVE-2020-15863.patch | 64 +++
.../qemu/qemu/CVE-2020-16092.patch | 49 ++
.../xserver-xorg/CVE-2020-14347.patch | 37 ++
.../xorg-xserver/xserver-xorg_1.20.5.bb | 1 +
.../gnutls/gnutls/CVE-2020-24659.patch | 117 +++++
meta/recipes-support/gnutls/gnutls_3.6.13.bb | 1 +
17 files changed, 1474 insertions(+)
create mode 100644 meta/recipes-connectivity/bind/bind/CVE-2020-8622.patch
create mode 100644 meta/recipes-connectivity/bind/bind/CVE-2020-8623.patch
create mode 100644 meta/recipes-connectivity/bind/bind/CVE-2020-8624.patch
create mode 100644 meta/recipes-devtools/go/go-1.12/0001-net-http-cgi-rename-a-test-file-to-be-less-cute.patch
create mode 100644 meta/recipes-devtools/go/go-1.12/CVE-2020-16845.patch
create mode 100644 meta/recipes-devtools/go/go-1.12/CVE-2020-24553.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-10756.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-14364.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-15863.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-16092.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14347.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2020-24659.patch
--
2.26.2
next reply other threads:[~2020-09-09 8:11 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-09 8:11 Anuj Mittal [this message]
2020-09-09 8:11 ` [zeus][PATCH 01/11] xserver-xorg: Security Advisory - xserver-xorg - CVE-2020-14347 Anuj Mittal
2020-09-09 8:11 ` [zeus][PATCH 02/11] qemu: CVE-2020-16092 Anuj Mittal
2020-09-09 8:11 ` [zeus][PATCH 03/11] go: CVE-2020-16845 Anuj Mittal
2020-09-09 8:11 ` [zeus][PATCH 04/11] qemu: CVE-2020-10756 Anuj Mittal
2020-09-09 8:11 ` [zeus][PATCH 05/11] qemu : fix CVE-2020-15863 Anuj Mittal
2020-09-09 8:11 ` [zeus][PATCH 06/11] bind: Security Advisory - bind - CVE-2020-8622 Anuj Mittal
2020-09-09 8:11 ` [zeus][PATCH 07/11] bind: Security Advisory - bind - CVE-2020-8623 Anuj Mittal
2020-09-09 8:11 ` [zeus][PATCH 08/11] bind: Security Advisory - bind - CVE-2020-8624 Anuj Mittal
2020-09-09 8:11 ` [zeus][PATCH 09/11] qemu: CVE-2020-14364 Anuj Mittal
2020-09-09 8:11 ` [zeus][PATCH 10/11] go: Security Advisory - go - CVE-2020-24553 Anuj Mittal
2020-09-09 8:11 ` [zeus][PATCH 11/11] gnutls: CVE-2020-24659 Anuj Mittal
2020-09-09 8:47 ` [OE-core] [zeus][PATCH 00/11] zeus review request Richard Purdie
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1599638315.git.anuj.mittal@intel.com \
--to=anuj.mittal@intel.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox