From: "Steve Sakoman" <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 00/24] Patch review
Date: Mon, 14 Sep 2020 04:11:18 -1000 [thread overview]
Message-ID: <cover.1600092418.git.steve@sakoman.com> (raw)
Please review this next set of patches for dunfell and have comments back
by end of day Wednesday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/1381
The following changes since commit 210ebed1e9c2285d6e457bf03d1f1a1f3ddc7fda:
package: get_package_mapping: avoid dependency mapping if renamed package provides original name (2020-09-04 04:31:45 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
Adrian Freihofer (1):
oe-publish-sdk: fix layers init via ssh
Chris Laplante (4):
cve-update-db-native: add progress handler
cve-check/cve-update-db-native: use lockfile to fix usage under
multiconfig
cve-update-db-native: use context manager for cve_f
cve-check: avoid FileNotFoundError if no do_cve_check task has run
Khem Raj (2):
uninative: Upgrade to 2.9
rpcbind: Use update-alternatives for rpcinfo
Lee Chee Yang (3):
xserver-xorg: fix CVE-2020-14347
qemu: fix CVE-2020-14364 CVE-2020-14415
libx11 : fix CVE-2020-14344
Matt Madison (1):
image.bbclass: fix REPRODUCIBLE_TIMESTAMP_ROOTFS reference
Oleksandr Kravchuk (1):
ell: update to 0.33
Ovidiu Panait (1):
libxml2: Fix CVE-2020-24977
Rahul Kumar (1):
systemd-serialgetty: Fix sed expression quoting
Richard Purdie (3):
runqemu: Add a hook to allow it to renice
selftest/signing: Ensure build path relocation is safe
oeqa/concurrencytest: Improve builddir path manipulations
Ross Burton (5):
gdk-pixbuf: add tests PACKAGECONFIG
insane: only load real files as ELF
autoconf: consolidate DEPENDS
curl: add vendors to CVE_PRODUCT to exclude false positives
cmake: whitelist CVE-2016-10642
Zhixiong Chi (1):
gnutls: CVE-2020-24659
akuster (1):
cve-check.bbclass: always save cve report
meta/classes/cve-check.bbclass | 34 ++
meta/classes/image.bbclass | 2 +-
meta/classes/insane.bbclass | 13 +-
meta/conf/distro/include/yocto-uninative.inc | 10 +-
meta/lib/oeqa/selftest/cases/signing.py | 4 +-
meta/lib/oeqa/selftest/context.py | 4 +-
.../ell/{ell_0.32.bb => ell_0.33.bb} | 2 +-
.../libxml/libxml2/CVE-2020-24977.patch | 41 +++
meta/recipes-core/libxml/libxml2_2.9.10.bb | 1 +
.../recipes-core/meta/cve-update-db-native.bb | 96 +++---
.../systemd/systemd-serialgetty.bb | 2 +-
meta/recipes-devtools/autoconf/autoconf.inc | 5 +-
meta/recipes-devtools/cmake/cmake.inc | 4 +
meta/recipes-devtools/qemu/qemu.inc | 2 +
.../qemu/qemu/CVE-2020-14364.patch | 93 +++++
.../qemu/qemu/CVE-2020-14415.patch | 37 ++
.../recipes-extended/rpcbind/rpcbind_1.2.5.bb | 5 +-
.../gdk-pixbuf/gdk-pixbuf_2.40.0.bb | 8 +-
.../xorg-lib/libx11/CVE-2020-14344.patch | 321 ++++++++++++++++++
.../recipes-graphics/xorg-lib/libx11_1.6.9.bb | 4 +-
.../xserver-xorg/CVE-2020-14347.patch | 38 +++
.../xorg-xserver/xserver-xorg_1.20.8.bb | 1 +
meta/recipes-support/curl/curl_7.69.1.bb | 4 +-
.../gnutls/gnutls/CVE-2020-24659.patch | 117 +++++++
meta/recipes-support/gnutls/gnutls_3.6.14.bb | 1 +
scripts/oe-publish-sdk | 2 +-
scripts/runqemu | 5 +
27 files changed, 782 insertions(+), 74 deletions(-)
rename meta/recipes-core/ell/{ell_0.32.bb => ell_0.33.bb} (89%)
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2020-24977.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-14364.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-14415.patch
create mode 100644 meta/recipes-graphics/xorg-lib/libx11/CVE-2020-14344.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14347.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2020-24659.patch
--
2.17.1
next reply other threads:[~2020-09-14 14:12 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-14 14:11 Steve Sakoman [this message]
2020-09-14 14:11 ` [OE-core][dunfell 01/24] uninative: Upgrade to 2.9 Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 02/24] xserver-xorg: fix CVE-2020-14347 Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 03/24] qemu: fix CVE-2020-14364 CVE-2020-14415 Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 04/24] libx11 : fix CVE-2020-14344 Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 05/24] rpcbind: Use update-alternatives for rpcinfo Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 06/24] gdk-pixbuf: add tests PACKAGECONFIG Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 07/24] insane: only load real files as ELF Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 08/24] autoconf: consolidate DEPENDS Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 09/24] runqemu: Add a hook to allow it to renice Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 10/24] image.bbclass: fix REPRODUCIBLE_TIMESTAMP_ROOTFS reference Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 11/24] oe-publish-sdk: fix layers init via ssh Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 12/24] systemd-serialgetty: Fix sed expression quoting Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 13/24] selftest/signing: Ensure build path relocation is safe Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 14/24] oeqa/concurrencytest: Improve builddir path manipulations Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 15/24] gnutls: CVE-2020-24659 Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 16/24] ell: update to 0.33 Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 17/24] curl: add vendors to CVE_PRODUCT to exclude false positives Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 18/24] cmake: whitelist CVE-2016-10642 Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 19/24] libxml2: Fix CVE-2020-24977 Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 20/24] cve-check.bbclass: always save cve report Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 21/24] cve-update-db-native: add progress handler Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 22/24] cve-check/cve-update-db-native: use lockfile to fix usage under multiconfig Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 23/24] cve-update-db-native: use context manager for cve_f Steve Sakoman
2020-09-14 14:11 ` [OE-core][dunfell 24/24] cve-check: avoid FileNotFoundError if no do_cve_check task has run Steve Sakoman
[not found] ` <1634ABE18B3346A2.7642@lists.openembedded.org>
2020-09-14 14:24 ` [OE-core][dunfell 12/24] systemd-serialgetty: Fix sed expression quoting Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1600092418.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox