[OE-core][dunfell 0/2] Pull request (cover letter only)

[OE-core][dunfell 0/2] Pull request (cover letter only)

[Steve Sakoman]

The following changes since commit b9296bdeaacc1dce97aac9c9bf0d70555bb36646:

  wic: Add 512 Byte alignment to --offset (2020-09-30 05:54:58 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next

Chee Yang Lee (1):
  perl: fix ptest test count

Tim Orling (1):
  oeqa/selftest/cases/devtool.py: avoid .pyc race

 meta/lib/oeqa/selftest/cases/devtool.py               | 3 ++-
 meta/recipes-devtools/perl/files/CVE-2020-12723.patch | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

-- 
2.17.1

[OE-core][dunfell 0/2] Pull request (cover letter only)

[Steve Sakoman]

The following changes since commit 8a367cbbf092339a8c82c680a2565567b594b6c6:

  glib-2.0: fix parsing of slim encoded tzdata (2020-10-26 15:06:51 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next

Alexander Kanavin (1):
  nasm: update 2.14.02 -> 2.15.03 for CVE fixes

Steve Sakoman (1):
  qemu: fix CVE-2019-20175

 .../nasm/nasm/0001-stdlib-Add-strlcat.patch   |  28 ++--
 .../0002-Add-debug-prefix-map-option.patch    | 129 +++++++-----------
 .../nasm/nasm/CVE-2018-19755.patch            | 116 ----------------
 .../nasm/nasm/CVE-2019-14248.patch            |  43 ------
 .../nasm/{nasm_2.14.02.bb => nasm_2.15.03.bb} |  10 +-
 meta/recipes-devtools/qemu/qemu.inc           |   1 +
 .../qemu/qemu/CVE-2019-20175.patch            |  94 +++++++++++++
 7 files changed, 161 insertions(+), 260 deletions(-)
 delete mode 100644 meta/recipes-devtools/nasm/nasm/CVE-2018-19755.patch
 delete mode 100644 meta/recipes-devtools/nasm/nasm/CVE-2019-14248.patch
 rename meta/recipes-devtools/nasm/{nasm_2.14.02.bb => nasm_2.15.03.bb} (56%)
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2019-20175.patch

-- 
2.17.1

[OE-core][dunfell 0/2] Pull request (cover letter only)

[Steve Sakoman]

The following changes since commit cf22f3831488b346195e049ace92e153d18660db:

  meta/recipes-core: Add HOMEPAGE / DESCRIPTION (2021-03-05 04:40:01 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next

Michael Halstead (2):
  yocto-uninative.inc: version 2.11 updates glibc to 2.33
  yocto-uninative.inc: version 3.0 incorporate seccomp filter workaround

 meta/conf/distro/include/yocto-uninative.inc | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

-- 
2.25.1

[OE-core][dunfell 0/2] Pull request (cover letter only)

[Steve Sakoman]

This should be the final pull request for the upcoming 3.1.20 build.

The following changes since commit 7a08f2ae1c12e3511b409c4535d2eab83a27b64a:

  create-pull-request: don't switch the git remote protocol to git:// (2022-09-29 06:45:30 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next

Mathieu Dubois-Briand (1):
  bind: Fix CVEs 2022-2795, 2022-38177, 2022-38178

Paul Barker (1):
  licenses: Handle newer SPDX license names

 meta/conf/licenses.conf                       |  7 ++
 .../bind/bind/CVE-2022-2795.patch             | 67 +++++++++++++++++++
 .../bind/bind/CVE-2022-38177.patch            | 31 +++++++++
 .../bind/bind/CVE-2022-38178.patch            | 33 +++++++++
 .../recipes-connectivity/bind/bind_9.11.37.bb |  3 +
 5 files changed, 141 insertions(+)
 create mode 100644 meta/recipes-connectivity/bind/bind/CVE-2022-2795.patch
 create mode 100644 meta/recipes-connectivity/bind/bind/CVE-2022-38177.patch
 create mode 100644 meta/recipes-connectivity/bind/bind/CVE-2022-38178.patch

-- 
2.25.1

Re: [OE-core][dunfell 0/2] Pull request (cover letter only)

[Tim Orling]

[-- Attachment #1: Type: text/plain, Size: 1796 bytes --]

On Tue, Oct 4, 2022 at 12:31 PM Steve Sakoman <steve@sakoman.com> wrote:

> This should be the final pull request for the upcoming 3.1.20 build.
>
> The following changes since commit
> 7a08f2ae1c12e3511b409c4535d2eab83a27b64a:
>
>   create-pull-request: don't switch the git remote protocol to git://
> (2022-09-29 06:45:30 -1000)
>
> are available in the Git repository at:
>
>   https://git.openembedded.org/openembedded-core-contrib
> stable/dunfell-next
>
> http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
>
> Mathieu Dubois-Briand (1):
>   bind: Fix CVEs 2022-2795, 2022-38177, 2022-38178
>
> Paul Barker (1):
>   licenses: Handle newer SPDX license names
>

Thank you. Carrying these in a couple layers.


>  meta/conf/licenses.conf                       |  7 ++
>  .../bind/bind/CVE-2022-2795.patch             | 67 +++++++++++++++++++
>  .../bind/bind/CVE-2022-38177.patch            | 31 +++++++++
>  .../bind/bind/CVE-2022-38178.patch            | 33 +++++++++
>  .../recipes-connectivity/bind/bind_9.11.37.bb |  3 +
>  5 files changed, 141 insertions(+)
>  create mode 100644 meta/recipes-connectivity/bind/bind/CVE-2022-2795.patch
>  create mode 100644
> meta/recipes-connectivity/bind/bind/CVE-2022-38177.patch
>  create mode 100644
> meta/recipes-connectivity/bind/bind/CVE-2022-38178.patch
>
> --
> 2.25.1
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#171432):
> https://lists.openembedded.org/g/openembedded-core/message/171432
> Mute This Topic: https://lists.openembedded.org/mt/94121478/924729
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [
> ticotimo@gmail.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
>

[-- Attachment #2: Type: text/html, Size: 3166 bytes --]