From: "Steve Sakoman" <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 00/26] Patch review
Date: Tue, 1 Jun 2021 04:17:48 -1000 [thread overview]
Message-ID: <cover.1622556919.git.steve@sakoman.com> (raw)
Please review this next set of patches for dunfell and have comments back by
end of day Thursday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/2205
The following changes since commit ecd636154e7cfc1349a7cfd8026a85eafa219535:
build-appliance-image: Update to dunfell head revision (2021-05-24 15:19:42 +0100)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
Bruce Ashfield (4):
kernel-yocto: provide debug / summary information for metadata
linux-yocto/5.4: update to v5.4.117
linux-yocto/5.4: update to v5.4.118
linux-yocto/5.4: update to v5.4.119
Changqing Li (2):
unfs3: correct configure option
pkgconfig: update SRC_URI
Daniel McGregor (2):
sstate: Ignore sstate signing key
lib/oe/gpg_sign.py: Fix gpg verification
Guillaume Champagne (1):
image-live.bbclass: order do_bootimg after do_rootfs
Ming Liu (2):
kernel-fitimage.bbclass: fix a wrong conditional check
initramfs-framework:rootfs: fix wrong indentions
Richard Purdie (7):
cve-extra-exclusions.inc: add exclusion list for intractable CVE's
cve-extra-exclusions: Fix typos
cve-extra-exclusions.inc: Clean up merged CPE updates
glibc: Add 8GB VM usage cap for usermode test suite
grub: Exclude CVE-2019-14865 from cve-check
oeqa/runtime/rpm: Drop log message counting test component
linux-firmware: upgrade 20210315 -> 20210511
Ross Burton (2):
cups: whitelist CVE-2021-25317
package_rpm: pass XZ_THREADS to rpm
Sana Kazi (1):
openssh: Add fixes for CVEs reported for openssh
Steve Sakoman (1):
expat: set CVE_PRODUCT
Tony Tascioglu (2):
libxml2: Reformat runtest.patch
libxml2: Add bash dependency for ptests.
Volker Vogelhuber (1):
busybox: make busybox's syslog.cfg depend on
VIRTUAL-RUNTIME_base-utils-syslog
akash hadke (1):
tiff: Add fix for CVE-2020-35521 and CVE-2020-35522
meta/classes/image-live.bbclass | 2 +-
meta/classes/kernel-fitimage.bbclass | 2 +-
meta/classes/kernel-yocto.bbclass | 17 ++
meta/classes/package_rpm.bbclass | 4 +-
meta/classes/sstate.bbclass | 2 +
.../distro/include/cve-extra-exclusions.inc | 73 +++++++++
meta/lib/oe/gpg_sign.py | 2 +-
meta/lib/oeqa/runtime/cases/rpm.py | 9 --
meta/recipes-bsp/grub/grub2.inc | 3 +
.../openssh/openssh/CVE-2020-14145.patch | 97 ++++++++++++
.../openssh/openssh_8.2p1.bb | 13 +-
meta/recipes-core/busybox/busybox_1.31.1.bb | 2 +-
meta/recipes-core/expat/expat_2.2.9.bb | 2 +
.../glibc/glibc/check-test-wrapper | 9 ++
.../initrdscripts/initramfs-framework/rootfs | 2 +-
.../recipes-core/libxml/libxml2/runtest.patch | 45 +++---
meta/recipes-core/libxml/libxml2_2.9.10.bb | 2 +-
.../pkgconfig/pkgconfig_git.bb | 2 +-
meta/recipes-devtools/unfs3/unfs3_git.bb | 2 +-
meta/recipes-extended/cups/cups.inc | 4 +
...20210315.bb => linux-firmware_20210511.bb} | 4 +-
.../linux/linux-yocto-rt_5.4.bb | 6 +-
.../linux/linux-yocto-tiny_5.4.bb | 8 +-
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +--
...or_CVE-2020-35521_and_CVE-2020-35522.patch | 148 ++++++++++++++++++
...or_CVE-2020-35521_and_CVE-2020-35522.patch | 27 ++++
.../CVE-2020-35521_and_CVE-2020-35522.patch | 119 ++++++++++++++
meta/recipes-multimedia/libtiff/tiff_4.1.0.bb | 3 +
28 files changed, 571 insertions(+), 60 deletions(-)
create mode 100644 meta/conf/distro/include/cve-extra-exclusions.inc
create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2020-14145.patch
rename meta/recipes-kernel/linux-firmware/{linux-firmware_20210315.bb => linux-firmware_20210511.bb} (99%)
create mode 100644 meta/recipes-multimedia/libtiff/files/001_support_patch_for_CVE-2020-35521_and_CVE-2020-35522.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/002_support_patch_for_CVE-2020-35521_and_CVE-2020-35522.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2020-35521_and_CVE-2020-35522.patch
--
2.25.1
next reply other threads:[~2021-06-01 14:18 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-01 14:17 Steve Sakoman [this message]
2021-06-01 14:17 ` [OE-core][dunfell 01/26] cups: whitelist CVE-2021-25317 Steve Sakoman
2021-06-01 14:17 ` [OE-core][dunfell 02/26] tiff: Add fix for CVE-2020-35521 and CVE-2020-35522 Steve Sakoman
2021-06-01 14:17 ` [OE-core][dunfell 03/26] openssh: Add fixes for CVEs reported for openssh Steve Sakoman
2021-06-01 14:17 ` [OE-core][dunfell 04/26] expat: set CVE_PRODUCT Steve Sakoman
2021-06-01 14:17 ` [OE-core][dunfell 05/26] cve-extra-exclusions.inc: add exclusion list for intractable CVE's Steve Sakoman
2021-06-01 14:17 ` [OE-core][dunfell 06/26] cve-extra-exclusions: Fix typos Steve Sakoman
2021-06-01 14:17 ` [OE-core][dunfell 07/26] cve-extra-exclusions.inc: Clean up merged CPE updates Steve Sakoman
2021-06-01 14:17 ` [OE-core][dunfell 08/26] busybox: make busybox's syslog.cfg depend on VIRTUAL-RUNTIME_base-utils-syslog Steve Sakoman
2021-06-01 14:17 ` [OE-core][dunfell 09/26] kernel-yocto: provide debug / summary information for metadata Steve Sakoman
2021-06-01 14:17 ` [OE-core][dunfell 10/26] linux-yocto/5.4: update to v5.4.117 Steve Sakoman
2021-06-01 14:17 ` [OE-core][dunfell 11/26] linux-yocto/5.4: update to v5.4.118 Steve Sakoman
2021-06-01 14:18 ` [OE-core][dunfell 12/26] linux-yocto/5.4: update to v5.4.119 Steve Sakoman
2021-06-01 14:18 ` [OE-core][dunfell 13/26] libxml2: Reformat runtest.patch Steve Sakoman
2021-06-01 14:18 ` [OE-core][dunfell 14/26] libxml2: Add bash dependency for ptests Steve Sakoman
2021-06-01 14:18 ` [OE-core][dunfell 15/26] glibc: Add 8GB VM usage cap for usermode test suite Steve Sakoman
2021-06-01 14:18 ` [OE-core][dunfell 16/26] grub: Exclude CVE-2019-14865 from cve-check Steve Sakoman
2021-06-01 14:18 ` [OE-core][dunfell 17/26] sstate: Ignore sstate signing key Steve Sakoman
2021-06-01 14:18 ` [OE-core][dunfell 18/26] lib/oe/gpg_sign.py: Fix gpg verification Steve Sakoman
2021-06-01 14:18 ` [OE-core][dunfell 19/26] kernel-fitimage.bbclass: fix a wrong conditional check Steve Sakoman
2021-06-01 14:18 ` [OE-core][dunfell 20/26] initramfs-framework:rootfs: fix wrong indentions Steve Sakoman
2021-06-01 14:18 ` [OE-core][dunfell 21/26] unfs3: correct configure option Steve Sakoman
2021-06-01 14:18 ` [OE-core][dunfell 22/26] package_rpm: pass XZ_THREADS to rpm Steve Sakoman
2021-06-01 14:18 ` [OE-core][dunfell 23/26] image-live.bbclass: order do_bootimg after do_rootfs Steve Sakoman
2021-06-01 14:18 ` [OE-core][dunfell 24/26] oeqa/runtime/rpm: Drop log message counting test component Steve Sakoman
2021-06-01 14:18 ` [OE-core][dunfell 25/26] pkgconfig: update SRC_URI Steve Sakoman
2021-06-01 14:18 ` [OE-core][dunfell 26/26] linux-firmware: upgrade 20210315 -> 20210511 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1622556919.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox