From: "Steve Sakoman" <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 00/35] Patch review
Date: Mon, 17 May 2021 04:13:06 -1000 [thread overview]
Message-ID: <cover.1621260695.git.steve@sakoman.com> (raw)
Please review this next set of patches for dunfell and have comments back by
end of day Wednesday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/2158
The following changes since commit 55dc503f4ab33e2aa51a3a6e4003131e0b9355ff:
reproducible.py: add quilt-ptest and valgrind-ptest (2021-05-13 22:10:01 +0100)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
Alexander Kanavin (1):
linux-firmware: upgrade 20210208 -> 20210315
Anuj Mittal (1):
lsb-release: fix reproducibility failure
Bruce Ashfield (1):
linux-yocto/5.4: qemuppc32: reduce serial shutdown issues
Chen Qi (1):
db: update CVE_PRODUCT
Lee Chee Yang (4):
subversion: fix CVE-2020-17525
qemu: fix CVE-2021-3392
tiff: fix CVE-2020-35523 CVE-2020-35524
python3-jinja2: 2.11.2 -> 2.11.3
Richard Purdie (19):
glibc: Document and whitelist CVE-2019-1010022-25
qemu: Exclude CVE-2017-5957 from cve-check
qemu: Exclude CVE-2007-0998 from cve-check
qemu: Exclude CVE-2018-18438 from cve-check
jquery: Exclude CVE-2007-2379 from cve-check
logrotate: Exclude CVE-2011-1548,1549,1550 from cve-check
openssh: Exclude CVE-2007-2768 from cve-check
openssh: Exclude CVE-2008-3844 from cve-check
unzip: Exclude CVE-2008-0888 from cve-check
cpio: Exclude CVE-2010-4226 from cve-check
ghostscript: Exclude CVE-2013-6629 from cve-check
bluez: Exclude CVE-2020-12352 CVE-2020-24490 from cve-check
tiff: Exclude CVE-2015-7313 from cve-check
coreutils: Exclude CVE-2016-2781 from cve-check
librsvg: Exclude CVE-2018-1000041 from cve-check
avahi: Exclude CVE-2021-26720 from cve-check
oeqa/qemurunner: Improve logging thread exit handling for qemu
shutdown test
oeqa/qemurunner: Fix binary vs str issue
oeqa/qemurunner: Improve handling of run_serial for shutdown commands
Robert P. J. Day (2):
image.bbclass: fix comment "pacackages" -> "packages"
meta/lib/oe/rootfs.py: Fix typo "Restoreing" -> "Restoring"
Romain Naour (1):
dejagnu: needs expect at runtime
Ross Burton (3):
cairo: backport patch for CVE-2020-35492
libnotify: whitelist CVE-2013-7381 (specific to the NodeJS bindings)
builder: whitelist CVE-2008-4178 (a different builder)
Ulrich Ölmann (1):
local.conf.sample: fix typo
Yann Dirson (1):
linux-firmware: include all relevant files in -bcm4356
meta/classes/image.bbclass | 2 +-
meta/conf/local.conf.sample | 2 +-
meta/lib/oe/rootfs.py | 2 +-
meta/lib/oeqa/selftest/cases/runqemu.py | 9 +-
meta/lib/oeqa/utils/qemurunner.py | 21 +++-
meta/recipes-connectivity/avahi/avahi_0.7.bb | 3 +
.../bluez5/bluez5_5.55.bb | 3 +
.../openssh/openssh_8.2p1.bb | 6 +
meta/recipes-core/coreutils/coreutils_8.31.bb | 4 +
meta/recipes-core/glibc/glibc_2.31.bb | 13 ++
.../recipes-devtools/dejagnu/dejagnu_1.6.2.bb | 1 +
meta/recipes-devtools/jquery/jquery_3.5.0.bb | 5 +
...ja2_2.11.2.bb => python3-jinja2_2.11.3.bb} | 2 +-
meta/recipes-devtools/qemu/qemu.inc | 12 ++
.../qemu/qemu/CVE-2021-3392.patch | 92 ++++++++++++++
.../subversion/CVE-2020-17525.patch | 117 ++++++++++++++++++
.../subversion/subversion_1.13.0.bb | 1 +
meta/recipes-extended/cpio/cpio_2.13.bb | 3 +
.../ghostscript/ghostscript_9.52.bb | 4 +
.../logrotate/logrotate_3.15.1.bb | 3 +
.../help2man-reproducibility.patch | 27 ++++
meta/recipes-extended/lsb/lsb-release_1.4.bb | 1 +
meta/recipes-extended/unzip/unzip_6.0.bb | 3 +
.../libnotify/libnotify_0.7.8.bb | 3 +
meta/recipes-gnome/librsvg/librsvg_2.40.21.bb | 3 +
meta/recipes-graphics/builder/builder_0.1.bb | 2 +
.../cairo/cairo/CVE-2020-35492.patch | 60 +++++++++
meta/recipes-graphics/cairo/cairo_1.16.0.bb | 1 +
...20210208.bb => linux-firmware_20210315.bb} | 8 +-
.../linux/linux-yocto-rt_5.4.bb | 2 +-
.../linux/linux-yocto-tiny_5.4.bb | 2 +-
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 2 +-
.../libtiff/files/CVE-2020-35523.patch | 55 ++++++++
.../libtiff/files/CVE-2020-35524-1.patch | 42 +++++++
.../libtiff/files/CVE-2020-35524-2.patch | 36 ++++++
meta/recipes-multimedia/libtiff/tiff_4.1.0.bb | 7 ++
meta/recipes-support/db/db_5.3.28.bb | 2 +-
37 files changed, 541 insertions(+), 20 deletions(-)
rename meta/recipes-devtools/python/{python3-jinja2_2.11.2.bb => python3-jinja2_2.11.3.bb} (92%)
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3392.patch
create mode 100644 meta/recipes-devtools/subversion/subversion/CVE-2020-17525.patch
create mode 100644 meta/recipes-extended/lsb/lsb-release/help2man-reproducibility.patch
create mode 100644 meta/recipes-graphics/cairo/cairo/CVE-2020-35492.patch
rename meta/recipes-kernel/linux-firmware/{linux-firmware_20210208.bb => linux-firmware_20210315.bb} (99%)
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2020-35523.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2020-35524-1.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2020-35524-2.patch
--
2.25.1
next reply other threads:[~2021-05-17 14:13 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-17 14:13 Steve Sakoman [this message]
2021-05-17 14:13 ` [OE-core][dunfell 01/35] subversion: fix CVE-2020-17525 Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 02/35] qemu: fix CVE-2021-3392 Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 03/35] tiff: fix CVE-2020-35523 CVE-2020-35524 Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 04/35] python3-jinja2: 2.11.2 -> 2.11.3 Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 05/35] glibc: Document and whitelist CVE-2019-1010022-25 Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 06/35] cairo: backport patch for CVE-2020-35492 Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 07/35] libnotify: whitelist CVE-2013-7381 (specific to the NodeJS bindings) Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 08/35] builder: whitelist CVE-2008-4178 (a different builder) Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 09/35] qemu: Exclude CVE-2017-5957 from cve-check Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 10/35] qemu: Exclude CVE-2007-0998 " Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 11/35] qemu: Exclude CVE-2018-18438 " Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 12/35] jquery: Exclude CVE-2007-2379 " Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 13/35] logrotate: Exclude CVE-2011-1548,1549,1550 " Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 14/35] openssh: Exclude CVE-2007-2768 " Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 15/35] openssh: Exclude CVE-2008-3844 " Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 16/35] unzip: Exclude CVE-2008-0888 " Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 17/35] cpio: Exclude CVE-2010-4226 " Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 18/35] ghostscript: Exclude CVE-2013-6629 " Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 19/35] bluez: Exclude CVE-2020-12352 CVE-2020-24490 " Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 20/35] tiff: Exclude CVE-2015-7313 " Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 21/35] coreutils: Exclude CVE-2016-2781 " Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 22/35] librsvg: Exclude CVE-2018-1000041 " Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 23/35] avahi: Exclude CVE-2021-26720 " Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 24/35] oeqa/qemurunner: Improve logging thread exit handling for qemu shutdown test Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 25/35] oeqa/qemurunner: Fix binary vs str issue Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 26/35] oeqa/qemurunner: Improve handling of run_serial for shutdown commands Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 27/35] lsb-release: fix reproducibility failure Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 28/35] db: update CVE_PRODUCT Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 29/35] linux-firmware: upgrade 20210208 -> 20210315 Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 30/35] linux-firmware: include all relevant files in -bcm4356 Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 31/35] linux-yocto/5.4: qemuppc32: reduce serial shutdown issues Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 32/35] dejagnu: needs expect at runtime Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 33/35] local.conf.sample: fix typo Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 34/35] image.bbclass: fix comment "pacackages" -> "packages" Steve Sakoman
2021-05-17 14:13 ` [OE-core][dunfell 35/35] meta/lib/oe/rootfs.py: Fix typo "Restoreing" -> "Restoring" Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1621260695.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox