[OE-core][dunfell 0/6] Patch review

[OE-core][dunfell 0/6] Patch review

[Steve Sakoman]

Please review this next set of patches for dunfell and have comments back by
end of day Thursday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/2220

The following changes since commit 090452c5284181f18c32dc33887f4dda20c48004:

  Revert "busybox: make busybox's syslog.cfg depend on VIRTUAL-RUNTIME_base-utils-syslog" (2021-06-08 04:32:17 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Bruce Ashfield (2):
  linux-yocto/5.4: update to v5.4.120
  linux-yocto/5.4: update to v5.4.123

Klaus Heinrich Kiwi (1):
  kernel-fitimage: Don't use unit addresses on FIT

Lee Chee Yang (2):
  libxml: fix CVE-2021-3517 CVE-2021-3537
  gnutls: fix CVE-2021-20231 CVE-2021-20232

Ovidiu Panait (1):
  kernel-devicetree: Introduce KERNEL_DTC_FLAGS to pass dtc flags

 meta/classes/kernel-devicetree.bbclass        |  7 ++
 meta/classes/kernel-fitimage.bbclass          | 32 ++++-----
 .../libxml/libxml2/CVE-2021-3517.patch        | 53 +++++++++++++++
 .../libxml/libxml2/CVE-2021-3537.patch        | 50 ++++++++++++++
 meta/recipes-core/libxml/libxml2_2.9.10.bb    |  2 +
 .../linux/linux-yocto-rt_5.4.bb               |  6 +-
 .../linux/linux-yocto-tiny_5.4.bb             |  8 +--
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 22 +++---
 .../gnutls/gnutls/CVE-2021-20231.patch        | 67 +++++++++++++++++++
 .../gnutls/gnutls/CVE-2021-20232.patch        | 65 ++++++++++++++++++
 meta/recipes-support/gnutls/gnutls_3.6.14.bb  |  2 +
 11 files changed, 280 insertions(+), 34 deletions(-)
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2021-3517.patch
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2021-3537.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2021-20231.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2021-20232.patch

-- 
2.25.1

[OE-core][dunfell 1/6] libxml: fix CVE-2021-3517 CVE-2021-3537

[Steve Sakoman]

From: Lee Chee Yang <chee.yang.lee@intel.com>

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libxml/libxml2/CVE-2021-3517.patch        | 53 +++++++++++++++++++
 .../libxml/libxml2/CVE-2021-3537.patch        | 50 +++++++++++++++++
 meta/recipes-core/libxml/libxml2_2.9.10.bb    |  2 +
 3 files changed, 105 insertions(+)
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2021-3517.patch
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2021-3537.patch

diff --git a/meta/recipes-core/libxml/libxml2/CVE-2021-3517.patch b/meta/recipes-core/libxml/libxml2/CVE-2021-3517.patch
new file mode 100644
index 0000000000..e88a8ae7c6
--- /dev/null
+++ b/meta/recipes-core/libxml/libxml2/CVE-2021-3517.patch
@@ -0,0 +1,53 @@
+From bf22713507fe1fc3a2c4b525cf0a88c2dc87a3a2 Mon Sep 17 00:00:00 2001
+From: Joel Hockey <joel.hockey@gmail.com>
+Date: Sun, 16 Aug 2020 17:19:35 -0700
+Subject: [PATCH] Validate UTF8 in xmlEncodeEntities
+
+Code is currently assuming UTF-8 without validating. Truncated UTF-8
+input can cause out-of-bounds array access.
+
+Adds further checks to partial fix in 50f06b3e.
+
+Fixes #178
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/-/commit/bf22713507fe1fc3a2c4b525cf0a88c2dc87a3a2]
+CVE: CVE-2021-3517
+Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
+
+---
+ entities.c | 16 +++++++++++++++-
+ 1 file changed, 15 insertions(+), 1 deletion(-)
+
+diff --git a/entities.c b/entities.c
+index 37b99a56..1a8f86f0 100644
+--- a/entities.c
++++ b/entities.c
+@@ -704,11 +704,25 @@ xmlEncodeEntitiesInternal(xmlDocPtr doc, const xmlChar *input, int attr) {
+ 	    } else {
+ 		/*
+ 		 * We assume we have UTF-8 input.
++		 * It must match either:
++		 *   110xxxxx 10xxxxxx
++		 *   1110xxxx 10xxxxxx 10xxxxxx
++		 *   11110xxx 10xxxxxx 10xxxxxx 10xxxxxx
++		 * That is:
++		 *   cur[0] is 11xxxxxx
++		 *   cur[1] is 10xxxxxx
++		 *   cur[2] is 10xxxxxx if cur[0] is 111xxxxx
++		 *   cur[3] is 10xxxxxx if cur[0] is 1111xxxx
++		 *   cur[0] is not 11111xxx
+ 		 */
+ 		char buf[11], *ptr;
+ 		int val = 0, l = 1;
+ 
+-		if (*cur < 0xC0) {
++		if (((cur[0] & 0xC0) != 0xC0) ||
++		    ((cur[1] & 0xC0) != 0x80) ||
++		    (((cur[0] & 0xE0) == 0xE0) && ((cur[2] & 0xC0) != 0x80)) ||
++		    (((cur[0] & 0xF0) == 0xF0) && ((cur[3] & 0xC0) != 0x80)) ||
++		    (((cur[0] & 0xF8) == 0xF8))) {
+ 		    xmlEntitiesErr(XML_CHECK_NOT_UTF8,
+ 			    "xmlEncodeEntities: input not UTF-8");
+ 		    if (doc != NULL)
+-- 
+GitLab
+
diff --git a/meta/recipes-core/libxml/libxml2/CVE-2021-3537.patch b/meta/recipes-core/libxml/libxml2/CVE-2021-3537.patch
new file mode 100644
index 0000000000..9e64c2a36d
--- /dev/null
+++ b/meta/recipes-core/libxml/libxml2/CVE-2021-3537.patch
@@ -0,0 +1,50 @@
+From babe75030c7f64a37826bb3342317134568bef61 Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Sat, 1 May 2021 16:53:33 +0200
+Subject: [PATCH] Propagate error in xmlParseElementChildrenContentDeclPriv
+
+Check return value of recursive calls to
+xmlParseElementChildrenContentDeclPriv and return immediately in case
+of errors. Otherwise, struct xmlElementContent could contain unexpected
+null pointers, leading to a null deref when post-validating documents
+which aren't well-formed and parsed in recovery mode.
+
+Fixes #243.
+
+Upstream-Status: Backport
+[https://gitlab.gnome.org/GNOME/libxml2/-/commit/babe75030c7f64a37826bb3342317134568bef61]
+CVE: CVE-2021-3537
+Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
+
+---
+ parser.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/parser.c b/parser.c
+index b42e6043..73c27edd 100644
+--- a/parser.c
++++ b/parser.c
+@@ -6208,6 +6208,8 @@ xmlParseElementChildrenContentDeclPriv(xmlParserCtxtPtr ctxt, int inputchk,
+ 	SKIP_BLANKS;
+         cur = ret = xmlParseElementChildrenContentDeclPriv(ctxt, inputid,
+                                                            depth + 1);
++        if (cur == NULL)
++            return(NULL);
+ 	SKIP_BLANKS;
+ 	GROW;
+     } else {
+@@ -6341,6 +6343,11 @@ xmlParseElementChildrenContentDeclPriv(xmlParserCtxtPtr ctxt, int inputchk,
+ 	    SKIP_BLANKS;
+ 	    last = xmlParseElementChildrenContentDeclPriv(ctxt, inputid,
+                                                           depth + 1);
++            if (last == NULL) {
++		if (ret != NULL)
++		    xmlFreeDocElementContent(ctxt->myDoc, ret);
++		return(NULL);
++            }
+ 	    SKIP_BLANKS;
+ 	} else {
+ 	    elem = xmlParseName(ctxt);
+-- 
+GitLab
+
diff --git a/meta/recipes-core/libxml/libxml2_2.9.10.bb b/meta/recipes-core/libxml/libxml2_2.9.10.bb
index db660b9869..097613fb28 100644
--- a/meta/recipes-core/libxml/libxml2_2.9.10.bb
+++ b/meta/recipes-core/libxml/libxml2_2.9.10.bb
@@ -23,6 +23,8 @@ SRC_URI = "http://www.xmlsoft.org/sources/libxml2-${PV}.tar.gz;name=libtar \
            file://CVE-2020-7595.patch \
            file://CVE-2019-20388.patch \
            file://CVE-2020-24977.patch \
+           file://CVE-2021-3517.patch \
+           file://CVE-2021-3537.patch \
            "
 
 SRC_URI[libtar.md5sum] = "10942a1dc23137a8aa07f0639cbfece5"
-- 
2.25.1

[OE-core][dunfell 2/6] gnutls: fix CVE-2021-20231 CVE-2021-20232

[Steve Sakoman]

From: Lee Chee Yang <chee.yang.lee@intel.com>

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../gnutls/gnutls/CVE-2021-20231.patch        | 67 +++++++++++++++++++
 .../gnutls/gnutls/CVE-2021-20232.patch        | 65 ++++++++++++++++++
 meta/recipes-support/gnutls/gnutls_3.6.14.bb  |  2 +
 3 files changed, 134 insertions(+)
 create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2021-20231.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2021-20232.patch

diff --git a/meta/recipes-support/gnutls/gnutls/CVE-2021-20231.patch b/meta/recipes-support/gnutls/gnutls/CVE-2021-20231.patch
new file mode 100644
index 0000000000..6fe7a21e33
--- /dev/null
+++ b/meta/recipes-support/gnutls/gnutls/CVE-2021-20231.patch
@@ -0,0 +1,67 @@
+From 15beb4b193b2714d88107e7dffca781798684e7e Mon Sep 17 00:00:00 2001
+From: Daiki Ueno <ueno@gnu.org>
+Date: Fri, 29 Jan 2021 14:06:32 +0100
+Subject: [PATCH] key_share: avoid use-after-free around realloc
+
+Signed-off-by: Daiki Ueno <ueno@gnu.org>
+
+https://gitlab.com/gnutls/gnutls/-/commit/15beb4b193b2714d88107e7dffca781798684e7e
+Upstream-Status: Backport 
+CVE: CVE-2021-CVE-2021-20231
+Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
+---
+ lib/ext/key_share.c | 12 +++++-------
+ 1 file changed, 5 insertions(+), 7 deletions(-)
+
+diff --git a/lib/ext/key_share.c b/lib/ext/key_share.c
+index ab8abf8fe6..a8c4bb5cff 100644
+--- a/lib/ext/key_share.c
++++ b/lib/ext/key_share.c
+@@ -664,14 +664,14 @@ key_share_send_params(gnutls_session_t session,
+ {
+ 	unsigned i;
+ 	int ret;
+-	unsigned char *lengthp;
+-	unsigned int cur_length;
+ 	unsigned int generated = 0;
+ 	const gnutls_group_entry_st *group;
+ 	const version_entry_st *ver;
+ 
+ 	/* this extension is only being sent on client side */
+ 	if (session->security_parameters.entity == GNUTLS_CLIENT) {
++		unsigned int length_pos;
++
+ 		ver = _gnutls_version_max(session);
+ 		if (unlikely(ver == NULL || ver->key_shares == 0))
+ 			return 0;
+@@ -679,16 +679,13 @@ key_share_send_params(gnutls_session_t session,
+ 		if (!have_creds_for_tls13(session))
+ 			return 0;
+ 
+-		/* write the total length later */
+-		lengthp = &extdata->data[extdata->length];
++		length_pos = extdata->length;
+ 
+ 		ret =
+ 		    _gnutls_buffer_append_prefix(extdata, 16, 0);
+ 		if (ret < 0)
+ 			return gnutls_assert_val(ret);
+ 
+-		cur_length = extdata->length;
+-
+ 		if (session->internals.hsk_flags & HSK_HRR_RECEIVED) { /* we know the group */
+ 			group = get_group(session);
+ 			if (unlikely(group == NULL))
+@@ -736,7 +733,8 @@ key_share_send_params(gnutls_session_t session,
+ 		}
+ 
+ 		/* copy actual length */
+-		_gnutls_write_uint16(extdata->length - cur_length, lengthp);
++		_gnutls_write_uint16(extdata->length - length_pos - 2,
++				     &extdata->data[length_pos]);
+ 
+ 	} else { /* server */
+ 		ver = get_version(session);
+-- 
+GitLab
+
diff --git a/meta/recipes-support/gnutls/gnutls/CVE-2021-20232.patch b/meta/recipes-support/gnutls/gnutls/CVE-2021-20232.patch
new file mode 100644
index 0000000000..e13917cddb
--- /dev/null
+++ b/meta/recipes-support/gnutls/gnutls/CVE-2021-20232.patch
@@ -0,0 +1,65 @@
+From 75a937d97f4fefc6f9b08e3791f151445f551cb3 Mon Sep 17 00:00:00 2001
+From: Daiki Ueno <ueno@gnu.org>
+Date: Fri, 29 Jan 2021 14:06:50 +0100
+Subject: [PATCH] pre_shared_key: avoid use-after-free around realloc
+
+Signed-off-by: Daiki Ueno <ueno@gnu.org>
+
+https://gitlab.com/gnutls/gnutls/-/commit/75a937d97f4fefc6f9b08e3791f151445f551cb3
+Upstream-Status: Backport 
+CVE: CVE-2021-CVE-2021-20232
+Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
+---
+ lib/ext/pre_shared_key.c | 15 ++++++++++++---
+ 1 file changed, 12 insertions(+), 3 deletions(-)
+
+diff --git a/lib/ext/pre_shared_key.c b/lib/ext/pre_shared_key.c
+index a042c6488e..380bf39ed5 100644
+--- a/lib/ext/pre_shared_key.c
++++ b/lib/ext/pre_shared_key.c
+@@ -267,7 +267,7 @@ client_send_params(gnutls_session_t session,
+ 	size_t spos;
+ 	gnutls_datum_t username = {NULL, 0};
+ 	gnutls_datum_t user_key = {NULL, 0}, rkey = {NULL, 0};
+-	gnutls_datum_t client_hello;
++	unsigned client_hello_len;
+ 	unsigned next_idx;
+ 	const mac_entry_st *prf_res = NULL;
+ 	const mac_entry_st *prf_psk = NULL;
+@@ -428,8 +428,7 @@ client_send_params(gnutls_session_t session,
+ 	assert(extdata->length >= sizeof(mbuffer_st));
+ 	assert(ext_offset >= (ssize_t)sizeof(mbuffer_st));
+ 	ext_offset -= sizeof(mbuffer_st);
+-	client_hello.data = extdata->data+sizeof(mbuffer_st);
+-	client_hello.size = extdata->length-sizeof(mbuffer_st);
++	client_hello_len = extdata->length-sizeof(mbuffer_st);
+ 
+ 	next_idx = 0;
+ 
+@@ -440,6 +439,11 @@ client_send_params(gnutls_session_t session,
+ 	}
+ 
+ 	if (prf_res && rkey.size > 0) {
++		gnutls_datum_t client_hello;
++
++		client_hello.data = extdata->data+sizeof(mbuffer_st);
++		client_hello.size = client_hello_len;
++
+ 		ret = compute_psk_binder(session, prf_res,
+ 					 binders_len, binders_pos,
+ 					 ext_offset, &rkey, &client_hello, 1,
+@@ -474,6 +478,11 @@ client_send_params(gnutls_session_t session,
+ 	}
+ 
+ 	if (prf_psk && user_key.size > 0 && info) {
++		gnutls_datum_t client_hello;
++
++		client_hello.data = extdata->data+sizeof(mbuffer_st);
++		client_hello.size = client_hello_len;
++
+ 		ret = compute_psk_binder(session, prf_psk,
+ 					 binders_len, binders_pos,
+ 					 ext_offset, &user_key, &client_hello, 0,
+-- 
+GitLab
+
diff --git a/meta/recipes-support/gnutls/gnutls_3.6.14.bb b/meta/recipes-support/gnutls/gnutls_3.6.14.bb
index 903bb5503a..0c68da7c54 100644
--- a/meta/recipes-support/gnutls/gnutls_3.6.14.bb
+++ b/meta/recipes-support/gnutls/gnutls_3.6.14.bb
@@ -23,6 +23,8 @@ SRC_URI = "https://www.gnupg.org/ftp/gcrypt/gnutls/v${SHRT_VER}/gnutls-${PV}.tar
            file://arm_eabi.patch \
            file://0001-Modied-the-license-to-GPLv2.1-to-keep-with-LICENSE-f.patch \
            file://CVE-2020-24659.patch \
+           file://CVE-2021-20231.patch \
+           file://CVE-2021-20232.patch \
 "
 
 SRC_URI[sha256sum] = "5630751adec7025b8ef955af4d141d00d252a985769f51b4059e5affa3d39d63"
-- 
2.25.1

[OE-core][dunfell 3/6] linux-yocto/5.4: update to v5.4.120

[Steve Sakoman]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:

    e05d387ba736 Linux 5.4.120
    7f4ac21468b0 ASoC: rsnd: check all BUSIF status when error
    7f6a9044ff24 nvme: do not try to reconfigure APST when the controller is not live
    aa9d659856b1 clk: exynos7: Mark aclk_fsys1_200 as critical
    baea536cf51f netfilter: conntrack: Make global sysctls readonly in non-init netns
    fb80624f39d3 kobject_uevent: remove warning in init_uevent_argv()
    658e8982f0eb usb: typec: tcpm: Fix error while calculating PPS out values
    718f1c1fdf78 ARM: 9027/1: head.S: explicitly map DT even if it lives in the first physical section
    3c63b72ffba0 ARM: 9020/1: mm: use correct section size macro to describe the FDT virtual address
    b05a28f47582 ARM: 9012/1: move device tree mapping out of linear region
    69e44f71319b ARM: 9011/1: centralize phys-to-virt conversion of DT/ATAGS address
    bb4f8ead473a f2fs: fix error handling in f2fs_end_enable_verity()
    7a474350d8de thermal/core/fair share: Lock the thermal zone while looping over instances
    2c44110300b8 MIPS: Avoid handcoded DIVU in `__div64_32' altogether
    2759b770b53e MIPS: Avoid DIVU in `__div64_32' is result would be zero
    02b120493a9c MIPS: Reinstate platform `__div64_32' handler
    64508ebf9391 FDDI: defxx: Make MMIO the configuration default except for EISA
    ecdf893c5aef mm: fix struct page layout on 32-bit systems
    187598fd82cb KVM: x86: Cancel pvclock_gtod_work on module removal
    cdaae487e85b cdc-wdm: untangle a circular dependency between callback and softint
    b1de23dbeca7 iio: tsl2583: Fix division by a zero lux_val
    8229f1d40501 iio: gyro: mpu3050: Fix reported temperature value
    2496ead8b1b1 xhci: Add reset resume quirk for AMD xhci controller.
    de72d8769bcf xhci: Do not use GFP_KERNEL in (potentially) atomic context
    941328f7bda6 usb: dwc3: gadget: Return success always for kick transfer in ep queue
    7f15d999dd61 usb: core: hub: fix race condition about TRSMRCY of resume
    8f536512db87 usb: dwc2: Fix gadget DMA unmap direction
    36399169e6a0 usb: xhci: Increase timeout for HC halt
    68b5f65eaa6a usb: dwc3: pci: Enable usb2-gadget-lpm-disable for Intel Merrifield
    04904d90a71a usb: dwc3: omap: improve extcon initialization
    f78e2c36609b iomap: fix sub-page uptodate handling
    3c1db90ae0d0 blk-mq: Swap two calls in blk_mq_exit_queue()
    1c4962df9388 nbd: Fix NULL pointer in flush_workqueue
    0b6b4b90b74c kyber: fix out of bounds access when preempted
    dafd4c0b5e83 ACPI: scan: Fix a memory leak in an error handling path
    1648505d1353 hwmon: (occ) Fix poll rate limiting
    fa1547f6e4fb usb: fotg210-hcd: Fix an error message
    57f99e92e2f7 iio: proximity: pulsedlight: Fix rumtime PM imbalance on error
    2b94c23eaf5e drm/i915: Avoid div-by-zero on gen2
    a9b2ac3f6ad1 drm/radeon/dpm: Disable sclk switching on Oland when two 4K 60Hz monitors are connected
    f77aa56ad989 mm/hugetlb: fix F_SEAL_FUTURE_WRITE
    b3f1731c6d7f userfaultfd: release page in error path to avoid BUG_ON
    1b8d4206a48c squashfs: fix divide error in calculate_skip()
    c451a6bafb5f hfsplus: prevent corruption in shrinking truncate
    0b4eb172cc12 powerpc/64s: Fix crashes when toggling entry flush barrier
    379ea3a4e34b powerpc/64s: Fix crashes when toggling stf barrier
    9cca6cc73bb9 ARC: mm: PAE: use 40-bit physical page mask
    e242c138ae01 ARC: entry: fix off-by-one error in syscall number validation
    9c1d454726fc i40e: Fix PHY type identifiers for 2.5G and 5G adapters
    7e7b538a9af5 i40e: fix the restart auto-negotiation after FEC modified
    d718c15a2bf9 i40e: Fix use-after-free in i40e_client_subtask()
    c77e2ef18167 netfilter: nftables: avoid overflows in nft_hash_buckets()
    a8cfa7aff11d kernel: kexec_file: fix error return code of kexec_calculate_store_digests()
    043ebbccdde6 sched/fair: Fix unfairness caused by missing load decay
    687f523c134b sched: Fix out-of-bound access in uclamp
    51d3e462ea91 can: m_can: m_can_tx_work_queue(): fix tx_skb race condition
    c8e3c76cc8c5 netfilter: nfnetlink_osf: Fix a missing skb_header_pointer() NULL check
    ca74d0dbaffa smc: disallow TCP_ULP in smc_setsockopt()
    2f9f92e2ecec net: fix nla_strcmp to handle more then one trailing null character
    6aeba28d1213 ksm: fix potential missing rmap_item for stable_node
    dde73137ce9c mm/migrate.c: fix potential indeterminate pte entry in migrate_vma_insert_page()
    262943265d97 mm/hugeltb: handle the error case in hugetlb_fix_reserve_counts()
    3ddbd4beadfa khugepaged: fix wrong result value for trace_mm_collapse_huge_page_isolate()
    1816d1b3272a drm/radeon: Avoid power table parsing memory leaks
    8e0b76725c38 drm/radeon: Fix off-by-one power_state index heap overwrite
    9e3cbdc52318 netfilter: xt_SECMARK: add new revision to fix structure layout
    7a0a9f5cf8b5 sctp: fix a SCTP_MIB_CURRESTAB leak in sctp_sf_do_dupcook_b
    f7f6f0777409 ethernet:enic: Fix a use after free bug in enic_hard_start_xmit
    a04c2a398dc9 sunrpc: Fix misplaced barrier in call_decode
    b8168792c3fb RISC-V: Fix error code returned by riscv_hartid_to_cpuid()
    b1b31948c0af sctp: do asoc update earlier in sctp_sf_do_dupcook_a
    2e99f6871493 net: hns3: disable phy loopback setting in hclge_mac_start_phy
    954ea8a0cfe1 net: hns3: use netif_tx_disable to stop the transmit queue
    c073c2b27285 net: hns3: fix for vxlan gpe tx checksum bug
    56e680c09002 net: hns3: add check for HNS3_NIC_STATE_INITED in hns3_reset_notify_up_enet()
    282d8a6a5546 net: hns3: initialize the message content in hclge_get_link_mode()
    ccffcc9f3574 net: hns3: fix incorrect configuration for igu_egu_hw_err
    3dd2cd64466e rtc: ds1307: Fix wday settings for rx8130
    2ad8af2b70e9 ceph: fix inode leak on getattr error in __fh_to_dentry
    b37609ad2277 rtc: fsl-ftm-alarm: add MODULE_TABLE()
    7d1ada9e1096 NFSv4.2 fix handling of sr_eof in SEEK's reply
    89862bd77e9c pNFS/flexfiles: fix incorrect size check in decode_nfs_fh()
    ff4d21fb2261 PCI: endpoint: Fix missing destroy_workqueue()
    bdbee0d84520 NFS: Deal correctly with attribute generation counter overflow
    7e16709fc540 NFSv4.2: Always flush out writes in nfs42_proc_fallocate()
    20f9516b8372 rpmsg: qcom_glink_native: fix error return code of qcom_glink_rx_data()
    3ed8832aeaa9 ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook
    0454a3dc8747 PCI: Release OF node in pci_scan_device()'s error path
    364e8bb8b425 PCI: iproc: Fix return value of iproc_msi_irq_domain_alloc()
    e150f825ca29 f2fs: fix a redundant call to f2fs_balance_fs if an error occurs
    f49f00dbe3d0 thermal: thermal_of: Fix error return code of thermal_of_populate_bind_params()
    f599960166a0 ASoC: rt286: Make RT286_SET_GPIO_* readable and writable
    44d96d2dc054 ia64: module: fix symbolizer crash on fdescr
    8b88f16d9d30 bnxt_en: Add PCI IDs for Hyper-V VF devices.
    98e1d0fe20ed net: ethernet: mtk_eth_soc: fix RX VLAN offload
    5da6affd9c7e iavf: remove duplicate free resources calls
    40d1cb16a578 powerpc/iommu: Annotate nested lock for lockdep
    d26436a3b913 qtnfmac: Fix possible buffer overflow in qtnf_event_handle_external_auth
    9184f2608e89 wl3501_cs: Fix out-of-bounds warnings in wl3501_mgmt_join
    78a004cdfd2d wl3501_cs: Fix out-of-bounds warnings in wl3501_send_pkt
    cd06b0786056 drm/amd/display: fixed divide by zero kernel crash during dsc enablement
    eed7287db3a9 powerpc/pseries: Stop calling printk in rtas_stop_self()
    63a42044b9a1 samples/bpf: Fix broken tracex1 due to kprobe argument change
    9f6e107aab14 net: sched: tapr: prevent cycle_time == 0 in parse_taprio_schedule
    3aa4e4d7ccf4 ethtool: ioctl: Fix out-of-bounds warning in store_link_ksettings_for_user()
    061868e90062 ASoC: rt286: Generalize support for ALC3263 codec
    56a6218e97db powerpc/smp: Set numa node before updating mask
    dfa2a8d2d8a7 flow_dissector: Fix out-of-bounds warning in __skb_flow_bpf_to_target()
    5f24807c3cba sctp: Fix out-of-bounds warning in sctp_process_asconf_param()
    9fc2c9579415 ALSA: hda/hdmi: fix race in handling acomp ELD notification at resume
    f59db26081c0 kconfig: nconf: stop endless search loops
    c262de1777e4 selftests: Set CC to clang in lib.mk if LLVM is set
    2b9ad1fd9dd2 drm/amd/display: Force vsync flip when reconfiguring MPCC
    10ed519fa825 iommu/amd: Remove performance counter pre-initialization test
    82f6753ac96b Revert "iommu/amd: Fix performance counter initialization"
    ae33b2f845fd ASoC: rsnd: call rsnd_ssi_master_clk_start() from rsnd_ssi_init()
    d61f2d938135 cuse: prevent clone
    7dac356a65db mt76: mt76x0: disable GTK offloading
    48be573a04f1 pinctrl: samsung: use 'int' for register masks in Exynos
    f88e0fbeff0f mac80211: clear the beacon's CRC after channel switch
    fadf3660a24f i2c: Add I2C_AQ_NO_REP_START adapter quirk
    7ffafbf2537d ASoC: Intel: bytcr_rt5640: Add quirk for the Chuwi Hi8 tablet
    98ebeb87b2cf ip6_vti: proper dev_{hold|put} in ndo_[un]init methods
    fae341909d6c Bluetooth: check for zapped sk before connecting
    29e498ff183a net: bridge: when suppression is enabled exclude RARP packets
    a3893726745f Bluetooth: initialize skb_queue_head at l2cap_chan_create()
    ca0dec6564e6 Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default
    1ac09b2bdc99 ALSA: bebob: enable to deliver MIDI messages for multiple ports
    e2f577188581 ALSA: rme9652: don't disable if not enabled
    a6f2224be419 ALSA: hdspm: don't disable if not enabled
    4ea252600a7d ALSA: hdsp: don't disable if not enabled
    7900cdfbc1dd i2c: bail out early when RDWR parameters are wrong
    3c0432417fa3 ASoC: rsnd: core: Check convert rate in rsnd_hw_params
    e3564792359d net: stmmac: Set FIFO sizes for ipq806x
    ac740f06bf53 ASoC: Intel: bytcr_rt5640: Enable jack-detect support on Asus T100TAF
    aee46e847d19 tipc: convert dest node's address to network order
    ccef53a27a24 fs: dlm: fix debugfs dump
    6c799f6c7427 PM: runtime: Fix unpaired parent child_count for force_resume
    18cb19eab713 KVM: x86/mmu: Remove the defunct update_pte() paging hook
    e888d623a420 tpm, tpm_tis: Reserve locality in tpm_tis_resume()
    a0fd39a09e31 tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt()
    0a60d4be38f0 tpm: fix error return code in tpm2_get_cc_attrs_tbl()

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6d5da1fa69df93d85b7eebbe8d60108eed4e4e6a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../linux/linux-yocto-rt_5.4.bb               |  6 ++---
 .../linux/linux-yocto-tiny_5.4.bb             |  8 +++----
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 22 +++++++++----------
 3 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 2d9a6f50ad..62124af43b 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "62f2f19316f63910f27760e24314d02814a8a90e"
-SRCREV_meta ?= "9e2546ab8d63f70ba458eb159d29ce6736ffd3e4"
+SRCREV_machine ?= "5c7a781b20543c57a49ffc6fabac59cb769bd895"
+SRCREV_meta ?= "76aa6f85d62f7fc05c4b3e371fafe74290fc2238"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
-LINUX_VERSION ?= "5.4.119"
+LINUX_VERSION ?= "5.4.120"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 26a7da085a..9045dade6e 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
 
 require recipes-kernel/linux/linux-yocto.inc
 
-LINUX_VERSION ?= "5.4.119"
+LINUX_VERSION ?= "5.4.120"
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine_qemuarm ?= "de992e88dcfe547cc08bfc1a371b0fc0c0892a31"
-SRCREV_machine ?= "8997f663001be812a7670488ac8698eb916d9d50"
-SRCREV_meta ?= "9e2546ab8d63f70ba458eb159d29ce6736ffd3e4"
+SRCREV_machine_qemuarm ?= "0e1e637fa02afed13331ed27345233fb3969134b"
+SRCREV_machine ?= "0695891aff8c530c4a4ded7f17d6a262a15a0043"
+SRCREV_meta ?= "76aa6f85d62f7fc05c4b3e371fafe74290fc2238"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index 66a5a49b29..bf2e8944c6 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86  ?= "v5.4/standard/base"
 KBRANCH_qemux86-64 ?= "v5.4/standard/base"
 KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
 
-SRCREV_machine_qemuarm ?= "715f9e60c9426156cb73904e65d39daea51288ca"
-SRCREV_machine_qemuarm64 ?= "8997f663001be812a7670488ac8698eb916d9d50"
-SRCREV_machine_qemumips ?= "bd95d2d0a38cf539f34d84740262c4d3aef1833f"
-SRCREV_machine_qemuppc ?= "8997f663001be812a7670488ac8698eb916d9d50"
-SRCREV_machine_qemuriscv64 ?= "8997f663001be812a7670488ac8698eb916d9d50"
-SRCREV_machine_qemux86 ?= "8997f663001be812a7670488ac8698eb916d9d50"
-SRCREV_machine_qemux86-64 ?= "8997f663001be812a7670488ac8698eb916d9d50"
-SRCREV_machine_qemumips64 ?= "45be3768458cb4186ee2761de2a414e323bd6fe0"
-SRCREV_machine ?= "8997f663001be812a7670488ac8698eb916d9d50"
-SRCREV_meta ?= "9e2546ab8d63f70ba458eb159d29ce6736ffd3e4"
+SRCREV_machine_qemuarm ?= "56b22a7df23bba68edae26b7edd742f298703f54"
+SRCREV_machine_qemuarm64 ?= "0695891aff8c530c4a4ded7f17d6a262a15a0043"
+SRCREV_machine_qemumips ?= "58a596a8a9547627afb002264cf2f2084c9856ac"
+SRCREV_machine_qemuppc ?= "0695891aff8c530c4a4ded7f17d6a262a15a0043"
+SRCREV_machine_qemuriscv64 ?= "0695891aff8c530c4a4ded7f17d6a262a15a0043"
+SRCREV_machine_qemux86 ?= "0695891aff8c530c4a4ded7f17d6a262a15a0043"
+SRCREV_machine_qemux86-64 ?= "0695891aff8c530c4a4ded7f17d6a262a15a0043"
+SRCREV_machine_qemumips64 ?= "f24f74364767d24f7b1a4967c162af693897ee51"
+SRCREV_machine ?= "0695891aff8c530c4a4ded7f17d6a262a15a0043"
+SRCREV_meta ?= "76aa6f85d62f7fc05c4b3e371fafe74290fc2238"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.119"
+LINUX_VERSION ?= "5.4.120"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
 DEPENDS += "openssl-native util-linux-native"
-- 
2.25.1

[OE-core][dunfell 4/6] linux-yocto/5.4: update to v5.4.123

[Steve Sakoman]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:

    103f1dbea1ae Linux 5.4.123
    af2a4426baf7 NFC: nci: fix memory leak in nci_allocate_device
    45aef101ca44 perf unwind: Set userdata for all __report_module() paths
    2960df32bb72 perf unwind: Fix separate debug info files when using elfutils' libdw's unwinder
    f3d9f09b10e3 usb: dwc3: gadget: Enable suspend events
    3173c7c80785 bpf: No need to simulate speculative domain for immediates
    2b3cc41d500a bpf: Fix mask direction swap upon off reg sign change
    2768f9962231 bpf: Wrap aux data inside bpf_sanitize_info container
    67154cff6258 Linux 5.4.122
    f97257cde764 Bluetooth: SMP: Fail if remote and local public keys are identical
    46b4a9c68572 video: hgafb: correctly handle card detect failure during probe
    3c18dc7de2bc nvmet: use new ana_log_size instead the old one
    a6f5ef8c1717 Bluetooth: L2CAP: Fix handling LE modes by L2CAP_OPTIONS
    d3d648163a03 ext4: fix error handling in ext4_end_enable_verity()
    829203752441 nvme-multipath: fix double initialization of ANA state
    2dea1e9ae5cf tty: vt: always invoke vc->vc_sw->con_resize callback
    cf52b24b172e vt: Fix character height handling with VT_RESIZEX
    971b3fb5b9a6 vgacon: Record video mode changes with VT_RESIZEX
    f0c9d29f232a video: hgafb: fix potential NULL pointer dereference
    44fe392e1adc qlcnic: Add null check after calling netdev_alloc_skb
    4914c67f1a62 leds: lp5523: check return value of lp5xx_read and jump to cleanup code
    171b3c1afaeb ics932s401: fix broken handling of errors when word reading fails
    d14cd329d83b net: rtlwifi: properly check for alloc_workqueue() failure
    533ac32a80c0 scsi: ufs: handle cleanup correctly on devm_reset_control_get error
    9e38cf9c3070 net: stmicro: handle clk_prepare() failure during init
    9d59d4364dfb ethernet: sun: niu: fix missing checks of niu_pci_eeprom_read()
    8f2efd687d19 Revert "niu: fix missing checks of niu_pci_eeprom_read"
    04a064b36576 Revert "qlcnic: Avoid potential NULL pointer dereference"
    6d53d54ff5be Revert "rtlwifi: fix a potential NULL pointer dereference"
    7fb963895513 Revert "media: rcar_drif: fix a memory disclosure"
    6f2e5eb82557 cdrom: gdrom: initialize global variable at init time
    283cd246bcc1 cdrom: gdrom: deallocate struct gdrom_unit fields in remove_gdrom
    7e230e5ed8fd Revert "gdrom: fix a memory leak bug"
    6ef6f8cd1d34 Revert "scsi: ufs: fix a missing check of devm_reset_control_get"
    9c24899f1fae Revert "ecryptfs: replace BUG_ON with error handling code"
    a1f0e2bb4975 Revert "video: imsttfb: fix potential NULL pointer dereferences"
    bd2a12549fc2 Revert "hwmon: (lm80) fix a missing check of bus read in lm80 probe"
    5c463887edb3 Revert "leds: lp5523: fix a missing check of return value of lp55xx_read"
    1cb9f88cde8c Revert "net: stmicro: fix a missing check of clk_prepare"
    6f2a72774f38 Revert "video: hgafb: fix potential NULL pointer dereference"
    3471a221f308 dm snapshot: fix crash with transient storage and zero chunk size
    198ee66478b3 xen-pciback: reconfigure also from backend watch handler
    f1d3c63c3f12 mmc: sdhci-pci-gli: increase 1.8V regulator wait
    d9e9ec363560 drm/amdgpu: update sdma golden setting for Navi12
    e3be683d5e4e drm/amdgpu: update gc golden setting for Navi12
    1f0495355b60 drm/amdgpu: disable 3DCGCG on picasso/raven1 to avoid compute hang
    c11d59e5edba Revert "serial: mvebu-uart: Fix to avoid a potential NULL pointer dereference"
    d55df42ef369 rapidio: handle create_workqueue() failure
    9f2a613e4b0b Revert "rapidio: fix a NULL pointer dereference when create_workqueue() fails"
    cdd91637d4ef uio_hv_generic: Fix a memory leak in error handling paths
    b0fc59e62bf9 ALSA: hda/realtek: Add fixup for HP Spectre x360 15-df0xxx
    c4e7ed4fa1b1 ALSA: hda/realtek: Add fixup for HP OMEN laptop
    2331f2592879 ALSA: hda/realtek: Fix silent headphone output on ASUS UX430UA
    1c783bfa7f8d ALSA: hda/realtek: Add some CLOVE SSIDs of ALC293
    be1f7f30b66b ALSA: hda/realtek: reset eapd coeff to default value for alc287
    b2297d1b9511 ALSA: firewire-lib: fix check for the size of isochronous packet payload
    f95aabb6aed4 Revert "ALSA: sb8: add a check for request_region"
    2ed8227ebd84 ALSA: hda: fixup headset for ASUS GU502 laptop
    7ef36d303592 ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro
    844faf4a9675 ALSA: usb-audio: Validate MS endpoint descriptors
    c7456fc35dc8 ALSA: firewire-lib: fix calculation for size of IR context payload
    7981c124e34d ALSA: dice: fix stream format at middle sampling rate for Alesis iO 26
    f72b96ff7935 ALSA: line6: Fix racy initialization of LINE6 MIDI
    048840df6de8 ALSA: intel8x0: Don't update period unless prepared
    a67a88f9e667 ALSA: dice: fix stream format for TC Electronic Konnekt Live at high sampling transfer frequency
    34413f21acea cifs: fix memory leak in smb2_copychunk_range
    20197d327560 btrfs: avoid RCU stalls while running delayed iputs
    845c2b9d99b6 locking/mutex: clear MUTEX_FLAGS if wait_list is empty due to signal
    439ce949ee90 nvmet: seset ns->file when open fails
    670d34d54320 ptrace: make ptrace() fail if the tracee changed its pid unexpectedly
    88128a5054f1 RDMA/uverbs: Fix a NULL vs IS_ERR() bug
    6fa78a6b9a3b platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios
    6e90ff540a7b platform/mellanox: mlxbf-tmfifo: Fix a memory barrier issue
    66abc4ef6a8b RDMA/core: Don't access cm_id after its destruction
    73e25a2d51bb RDMA/mlx5: Recover from fatal event in dual port mode
    8d8b8016e0af scsi: qla2xxx: Fix error return code in qla82xx_write_flash_dword()
    07865459eb62 scsi: ufs: core: Increase the usable queue depth
    a62225d951d7 RDMA/rxe: Clear all QP fields if creation failed
    257f132342ea RDMA/siw: Release xarray entry
    a19bb4c0566c RDMA/siw: Properly check send and receive CQ pointers
    a03676848886 openrisc: Fix a memory leak
    50fd584fbbb3 firmware: arm_scpi: Prevent the ternary sign expansion bug
    b239a0365b93 Linux 5.4.121
    b63a8e5b4a25 scripts: switch explicitly to Python 3
    2cbb484788fe tweewide: Fix most Shebang lines
    252495806968 KVM: arm64: Initialize VCPU mdcr_el2 before loading it
    50e5c93ca647 ipv6: remove extra dev_hold() for fallback tunnels
    b811a8a72366 ip6_tunnel: sit: proper dev_{hold|put} in ndo_[un]init methods
    f5ddecb6a195 sit: proper dev_{hold|put} in ndo_[un]init methods
    cca2a2b340a9 ip6_gre: proper dev_{hold|put} in ndo_[un]init methods
    084a1858e256 net: stmmac: Do not enable RX FIFO overflow interrupts
    94600a8300c7 lib: stackdepot: turn depot_lock spinlock to raw_spinlock
    5233f4465e22 block: reexpand iov_iter after read/write
    48744773d63e ALSA: hda: generic: change the DAC ctl name for LO+SPK or LO+HP
    0ce1a72ac9b0 gpiolib: acpi: Add quirk to ignore EC wakeups on Dell Venue 10 Pro 5055
    b3252a87a811 drm/amd/display: Fix two cursor duplication when using overlay
    6cc777c6acbb bridge: Fix possible races between assigning rx_handler_data and setting IFF_BRIDGE_PORT bit
    c5946eb52b73 scsi: target: tcmu: Return from tcmu_handle_completions() if cmd_id not found
    e39a105abbe5 ceph: fix fscache invalidation
    13bc6bda6a1e scsi: lpfc: Fix illegal memory access on Abort IOCBs
    e69c7c149199 riscv: Workaround mcount name prior to clang-13
    cd3ab0ac0a54 scripts/recordmcount.pl: Fix RISC-V regex for clang
    cfa65174402f ARM: 9075/1: kernel: Fix interrupted SMC calls
    a5923afb6149 um: Disable CONFIG_GCOV with MODULES
    2fe3fbcc53b8 um: Mark all kernel symbols as local
    cec4c3810ba3 Input: silead - add workaround for x86 BIOS-es which bring the chip up in a stuck state
    29da2bab24e9 Input: elants_i2c - do not bind to i2c-hid compatible ACPI instantiated devices
    bbd7ba95bb06 ACPI / hotplug / PCI: Fix reference count leak in enable_slot()
    64f8e9526e31 ARM: 9066/1: ftrace: pause/unpause function graph tracer in cpu_suspend()
    41dd2ede9536 dmaengine: dw-edma: Fix crash on loading/unloading driver
    b003a4923628 PCI: thunder: Fix compile testing
    a05fb4ac72fb virtio_net: Do not pull payload in skb->head
    0d08bbce231b xsk: Simplify detection of empty and full rings
    323deebaa2d0 pinctrl: ingenic: Improve unreachable code generation
    e57e2dd9bbdd isdn: capi: fix mismatched prototypes
    7958cdd64cdf cxgb4: Fix the -Wmisleading-indentation warning
    acb4faa5f577 usb: sl811-hcd: improve misleading indentation
    eabb93e34425 kgdb: fix gcc-11 warning on indentation
    b806b41bf55d x86/msr: Fix wr/rdmsr_safe_regs_on_cpu() prototypes

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 881ed7938f84ba89b9bb20ce8e45ef9d85e80cb8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../linux/linux-yocto-rt_5.4.bb               |  6 ++---
 .../linux/linux-yocto-tiny_5.4.bb             |  8 +++----
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 22 +++++++++----------
 3 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 62124af43b..3643e6af46 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "5c7a781b20543c57a49ffc6fabac59cb769bd895"
-SRCREV_meta ?= "76aa6f85d62f7fc05c4b3e371fafe74290fc2238"
+SRCREV_machine ?= "c279b45a44858da788a13f23130ed06663e77c57"
+SRCREV_meta ?= "aa019cb8e4af653d6e136f1b8720884b97ddde49"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
-LINUX_VERSION ?= "5.4.120"
+LINUX_VERSION ?= "5.4.123"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 9045dade6e..cf8e81e0f3 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
 
 require recipes-kernel/linux/linux-yocto.inc
 
-LINUX_VERSION ?= "5.4.120"
+LINUX_VERSION ?= "5.4.123"
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine_qemuarm ?= "0e1e637fa02afed13331ed27345233fb3969134b"
-SRCREV_machine ?= "0695891aff8c530c4a4ded7f17d6a262a15a0043"
-SRCREV_meta ?= "76aa6f85d62f7fc05c4b3e371fafe74290fc2238"
+SRCREV_machine_qemuarm ?= "445028ae9ec9a904122bb5c60995def98d2b1ddc"
+SRCREV_machine ?= "edc1395a32f99faaebc6b48769c4bd02a8b074be"
+SRCREV_meta ?= "aa019cb8e4af653d6e136f1b8720884b97ddde49"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index bf2e8944c6..7282fbcd6e 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86  ?= "v5.4/standard/base"
 KBRANCH_qemux86-64 ?= "v5.4/standard/base"
 KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
 
-SRCREV_machine_qemuarm ?= "56b22a7df23bba68edae26b7edd742f298703f54"
-SRCREV_machine_qemuarm64 ?= "0695891aff8c530c4a4ded7f17d6a262a15a0043"
-SRCREV_machine_qemumips ?= "58a596a8a9547627afb002264cf2f2084c9856ac"
-SRCREV_machine_qemuppc ?= "0695891aff8c530c4a4ded7f17d6a262a15a0043"
-SRCREV_machine_qemuriscv64 ?= "0695891aff8c530c4a4ded7f17d6a262a15a0043"
-SRCREV_machine_qemux86 ?= "0695891aff8c530c4a4ded7f17d6a262a15a0043"
-SRCREV_machine_qemux86-64 ?= "0695891aff8c530c4a4ded7f17d6a262a15a0043"
-SRCREV_machine_qemumips64 ?= "f24f74364767d24f7b1a4967c162af693897ee51"
-SRCREV_machine ?= "0695891aff8c530c4a4ded7f17d6a262a15a0043"
-SRCREV_meta ?= "76aa6f85d62f7fc05c4b3e371fafe74290fc2238"
+SRCREV_machine_qemuarm ?= "c292705386cfec860dad5e1dee74f22407fb7f94"
+SRCREV_machine_qemuarm64 ?= "edc1395a32f99faaebc6b48769c4bd02a8b074be"
+SRCREV_machine_qemumips ?= "d4c949dc0b88dba72f9f94a18fd994aa8482ff8e"
+SRCREV_machine_qemuppc ?= "edc1395a32f99faaebc6b48769c4bd02a8b074be"
+SRCREV_machine_qemuriscv64 ?= "edc1395a32f99faaebc6b48769c4bd02a8b074be"
+SRCREV_machine_qemux86 ?= "edc1395a32f99faaebc6b48769c4bd02a8b074be"
+SRCREV_machine_qemux86-64 ?= "edc1395a32f99faaebc6b48769c4bd02a8b074be"
+SRCREV_machine_qemumips64 ?= "417e8e4e101314f02439a88c78d4cf2ab98df209"
+SRCREV_machine ?= "edc1395a32f99faaebc6b48769c4bd02a8b074be"
+SRCREV_meta ?= "aa019cb8e4af653d6e136f1b8720884b97ddde49"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.120"
+LINUX_VERSION ?= "5.4.123"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
 DEPENDS += "openssl-native util-linux-native"
-- 
2.25.1

[OE-core][dunfell 5/6] kernel-fitimage: Don't use unit addresses on FIT

[Steve Sakoman]

From: Klaus Heinrich Kiwi <klaus@linux.vnet.ibm.com>

Das U-Boot 2021.4-rc1 has the following commit:

    commit 3f04db891a353f4b127ed57279279f851c6b4917
    Author: Simon Glass <sjg@chromium.org>
    Date:   Mon Feb 15 17:08:12 2021 -0700

        image: Check for unit addresses in FITs

        Using unit addresses in a FIT is a security risk. Add a check for
        this and disallow it.

        CVE-2021-27138

Adjust the kernel-fitimage.bbclass accordingly to not use unit
addresses. This changte is required before we can bump U-Boot to 2021.4.

Signed-off-by: Klaus Heinrich Kiwi <klaus@linux.vnet.ibm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
[Backport for Dunfell]
Signed-off-by: Frieder Schrempf <frieder.schrempf@kontron.de>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/classes/kernel-fitimage.bbclass | 32 ++++++++++++++--------------
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/meta/classes/kernel-fitimage.bbclass b/meta/classes/kernel-fitimage.bbclass
index b4d8ff8309..5f5e9dd444 100644
--- a/meta/classes/kernel-fitimage.bbclass
+++ b/meta/classes/kernel-fitimage.bbclass
@@ -124,7 +124,7 @@ fitimage_emit_section_kernel() {
 	fi
 
 	cat << EOF >> ${1}
-                kernel@${2} {
+                kernel-${2} {
                         description = "Linux kernel";
                         data = /incbin/("${3}");
                         type = "kernel";
@@ -133,7 +133,7 @@ fitimage_emit_section_kernel() {
                         compression = "${4}";
                         load = <${UBOOT_LOADADDRESS}>;
                         entry = <${ENTRYPOINT}>;
-                        hash@1 {
+                        hash-1 {
                                 algo = "${kernel_csum}";
                         };
                 };
@@ -160,14 +160,14 @@ fitimage_emit_section_dtb() {
 		dtb_loadline="load = <${UBOOT_DTB_LOADADDRESS}>;"
 	fi
 	cat << EOF >> ${1}
-                fdt@${2} {
+                fdt-${2} {
                         description = "Flattened Device Tree blob";
                         data = /incbin/("${3}");
                         type = "flat_dt";
                         arch = "${UBOOT_ARCH}";
                         compression = "none";
                         ${dtb_loadline}
-                        hash@1 {
+                        hash-1 {
                                 algo = "${dtb_csum}";
                         };
                 };
@@ -185,7 +185,7 @@ fitimage_emit_section_setup() {
 	setup_csum="${FIT_HASH_ALG}"
 
 	cat << EOF >> ${1}
-                setup@${2} {
+                setup-${2} {
                         description = "Linux setup.bin";
                         data = /incbin/("${3}");
                         type = "x86_setup";
@@ -194,7 +194,7 @@ fitimage_emit_section_setup() {
                         compression = "none";
                         load = <0x00090000>;
                         entry = <0x00090000>;
-                        hash@1 {
+                        hash-1 {
                                 algo = "${setup_csum}";
                         };
                 };
@@ -221,7 +221,7 @@ fitimage_emit_section_ramdisk() {
 	fi
 
 	cat << EOF >> ${1}
-                ramdisk@${2} {
+                ramdisk-${2} {
                         description = "${INITRAMFS_IMAGE}";
                         data = /incbin/("${3}");
                         type = "ramdisk";
@@ -230,7 +230,7 @@ fitimage_emit_section_ramdisk() {
                         compression = "none";
                         ${ramdisk_loadline}
                         ${ramdisk_entryline}
-                        hash@1 {
+                        hash-1 {
                                 algo = "${ramdisk_csum}";
                         };
                 };
@@ -266,39 +266,39 @@ fitimage_emit_section_config() {
 	if [ -n "${2}" ]; then
 		conf_desc="Linux kernel"
 		sep=", "
-		kernel_line="kernel = \"kernel@${2}\";"
+		kernel_line="kernel = \"kernel-${2}\";"
 	fi
 
 	if [ -n "${3}" ]; then
 		conf_desc="${conf_desc}${sep}FDT blob"
 		sep=", "
-		fdt_line="fdt = \"fdt@${3}\";"
+		fdt_line="fdt = \"fdt-${3}\";"
 	fi
 
 	if [ -n "${4}" ]; then
 		conf_desc="${conf_desc}${sep}ramdisk"
 		sep=", "
-		ramdisk_line="ramdisk = \"ramdisk@${4}\";"
+		ramdisk_line="ramdisk = \"ramdisk-${4}\";"
 	fi
 
 	if [ -n "${5}" ]; then
 		conf_desc="${conf_desc}${sep}setup"
-		setup_line="setup = \"setup@${5}\";"
+		setup_line="setup = \"setup-${5}\";"
 	fi
 
 	if [ "${6}" = "1" ]; then
-		default_line="default = \"conf@${3}\";"
+		default_line="default = \"conf-${3}\";"
 	fi
 
 	cat << EOF >> ${1}
                 ${default_line}
-                conf@${3} {
+                conf-${3} {
 			description = "${6} ${conf_desc}";
 			${kernel_line}
 			${fdt_line}
 			${ramdisk_line}
 			${setup_line}
-                        hash@1 {
+                        hash-1 {
                                 algo = "${conf_csum}";
                         };
 EOF
@@ -330,7 +330,7 @@ EOF
 		sign_line="${sign_line};"
 
 		cat << EOF >> ${1}
-                        signature@1 {
+                        signature-1 {
                                 algo = "${conf_csum},${conf_sign_algo}";
                                 key-name-hint = "${conf_sign_keyname}";
 				${sign_line}
-- 
2.25.1

[OE-core][dunfell 6/6] kernel-devicetree: Introduce KERNEL_DTC_FLAGS to pass dtc flags

[Steve Sakoman]

From: Ovidiu Panait <ovidiu.panait@windriver.com>

Currently DTC_FLAGS kernel makefile parameter can be specified directly on the
command line by adding it to KERNEL_EXTRA_ARGS. However, this prevents
scripts/Makefile.lib logic from appending flags that silence dtc warnings (all
assignments done from within a makefile, to a variable specified on the command
line, are ignored).

Because of this, the do_compile log is cluttered with dtc warnings that should
only be printed when compiling with W="123":
...
/soc: node has a reg or ranges property, but no unit name
/soc/gpu: missing or empty reg/ranges property
/soc/firmware/gpio: missing or empty reg/ranges property
...

To fix this, introduce the dedicated KERNEL_DTC_FLAGS variable to hold
dtc flags and export DTC_FLAGS in the environment before generating the dtbs
(make allows "+=" operations on variables that come from the environment, so
the warnings are silenced properly).

Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 063b5de86624a42b0aa784db6dddc7552a6dee7f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/classes/kernel-devicetree.bbclass | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/meta/classes/kernel-devicetree.bbclass b/meta/classes/kernel-devicetree.bbclass
index 81dda8003f..d4f8864200 100644
--- a/meta/classes/kernel-devicetree.bbclass
+++ b/meta/classes/kernel-devicetree.bbclass
@@ -9,6 +9,9 @@ FILES_${KERNEL_PACKAGE_NAME}-image-zimage-bundle = "/${KERNEL_IMAGEDEST}/zImage-
 # Generate kernel+devicetree bundle
 KERNEL_DEVICETREE_BUNDLE ?= "0"
 
+# dtc flags passed via DTC_FLAGS env variable
+KERNEL_DTC_FLAGS ?= ""
+
 normalize_dtb () {
 	dtb="$1"
 	if echo $dtb | grep -q '/dts/'; then
@@ -50,6 +53,10 @@ do_configure_append() {
 }
 
 do_compile_append() {
+	if [ -n "${KERNEL_DTC_FLAGS}" ]; then
+		export DTC_FLAGS="${KERNEL_DTC_FLAGS}"
+	fi
+
 	for dtbf in ${KERNEL_DEVICETREE}; do
 		dtb=`normalize_dtb "$dtbf"`
 		oe_runmake $dtb CC="${KERNEL_CC} $cc_extra " LD="${KERNEL_LD}" ${KERNEL_EXTRA_ARGS}
-- 
2.25.1

[OE-core][dunfell 0/6] Patch review

[Steve Sakoman]

Please review this next set of patches for dundell and have comments back by
end of day Thursday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/2247

The following changes since commit 2246b0d7a71c69eb2e89c55991d1387069895466:

  kernel-devicetree: Introduce KERNEL_DTC_FLAGS to pass dtc flags (2021-06-08 04:32:17 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Andrea Adami (1):
  kernel.bbclass: fix do_sizecheck() comparison

Kai Kang (1):
  valgrind: fix a typo

Lee Chee Yang (4):
  gstreamer-plugins-good: fix CVE-2021-3497 CVE-2021-3498
  bind: 9.11.22 -> 9.11.32
  ruby: 2.7.1 -> 2.7.3
  python3: fix CVE-2021-23336

 meta/classes/kernel.bbclass                   |   2 +-
 .../bind/bind/CVE-2020-8625.patch             |  17 -
 .../bind/{bind_9.11.22.bb => bind_9.11.32.bb} |   5 +-
 .../python/python3/CVE-2021-23336.patch       | 530 ++++++++++++++++++
 meta/recipes-devtools/python/python3_3.8.2.bb |   1 +
 .../ruby/ruby/CVE-2020-25613.patch            |  40 --
 .../ruby/{ruby_2.7.1.bb => ruby_2.7.3.bb}     |   5 +-
 .../valgrind/valgrind_3.15.0.bb               |   2 +-
 .../CVE-2021-3497.patch                       | 207 +++++++
 .../CVE-2021-3498.patch                       |  44 ++
 .../gstreamer1.0-plugins-good_1.16.3.bb       |   2 +
 11 files changed, 790 insertions(+), 65 deletions(-)
 delete mode 100644 meta/recipes-connectivity/bind/bind/CVE-2020-8625.patch
 rename meta/recipes-connectivity/bind/{bind_9.11.22.bb => bind_9.11.32.bb} (96%)
 create mode 100644 meta/recipes-devtools/python/python3/CVE-2021-23336.patch
 delete mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2020-25613.patch
 rename meta/recipes-devtools/ruby/{ruby_2.7.1.bb => ruby_2.7.3.bb} (94%)
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2021-3497.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2021-3498.patch

-- 
2.25.1

[OE-core][dunfell 0/6] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by end of
day Monday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3587

The following changes since commit 8e81d38048c953d0823abf04d5b2506cd988f0bb:

  build-appliance-image: Update to dunfell head revision (2022-04-25 15:58:54 +0100)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Dmitry Baryshkov (1):
  linux-firmware: correct license for ar3k firmware

Marta Rybczynska (1):
  cve-check: add json format

Richard Purdie (1):
  perf-build-test/report: Drop phantomjs and html email reports support

Ross Burton (1):
  boost: don't specify gcc version

Steve Sakoman (1):
  scripts/contrib/oe-build-perf-report-email.py: remove obsolete check
    for phantomjs and optipng

sana kazi (1):
  tiff: Fix CVE-2022-0891

 meta/classes/cve-check.bbclass                | 144 +++++++++++-
 meta/lib/oe/cve_check.py                      |  16 ++
 .../linux-firmware/linux-firmware_20220411.bb |   4 +-
 .../libtiff/files/CVE-2022-0891.patch         | 217 ++++++++++++++++++
 meta/recipes-multimedia/libtiff/tiff_4.1.0.bb |   1 +
 meta/recipes-support/boost/boost.inc          |   2 +-
 scripts/contrib/build-perf-test-wrapper.sh    |  15 +-
 scripts/contrib/oe-build-perf-report-email.py | 167 +-------------
 8 files changed, 388 insertions(+), 178 deletions(-)
 create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2022-0891.patch

-- 
2.25.1

[OE-core][dunfell 0/6] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by end
of day Thursday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3805

The following changes since commit 135adeb82c9303c26193bb6f6bd3bc696793aa62:

  archiver: don't use machine variables in shared recipes (2022-06-15 06:40:10 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Chee Yang Lee (1):
  dpkg: update to 1.19.8

Dmitry Baryshkov (2):
  linux-firmware: add support for building snapshots
  linux-firmware: upgrade 20220509 -> 20220610

Hitendra Prajapati (2):
  python-pip: CVE-2021-3572 Incorrect handling of unicode separators in
    git references
  golang: CVE-2021-44717 syscall: don't close fd 0 on ForkExec error

Nick Potenski (1):
  systemd: systemd-systemctl: Support instance conf files during enable

 .../systemd/systemd-systemctl/systemctl       | 14 +++-
 .../dpkg/{dpkg_1.19.7.bb => dpkg_1.19.8.bb}   |  4 +-
 meta/recipes-devtools/go/go-1.14.inc          |  1 +
 .../go/go-1.14/CVE-2021-44717.patch           | 83 ++++++++++++++++++
 .../python/python3-pip/CVE-2021-3572.patch    | 48 +++++++++++
 .../python/python3-pip_20.0.2.bb              |  1 +
 ...01-Makefile-replace-mkdir-by-install.patch | 84 -------------------
 ...20220509.bb => linux-firmware_20220610.bb} | 11 ++-
 8 files changed, 154 insertions(+), 92 deletions(-)
 rename meta/recipes-devtools/dpkg/{dpkg_1.19.7.bb => dpkg_1.19.8.bb} (86%)
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2021-44717.patch
 create mode 100644 meta/recipes-devtools/python/python3-pip/CVE-2021-3572.patch
 delete mode 100644 meta/recipes-kernel/linux-firmware/files/0001-Makefile-replace-mkdir-by-install.patch
 rename meta/recipes-kernel/linux-firmware/{linux-firmware_20220509.bb => linux-firmware_20220610.bb} (99%)

-- 
2.25.1

[OE-core][dunfell 0/6] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by
end of day Thursday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4245

The following changes since commit 46ba253059738dbd4de4bc7a7ac02a2585c498f5:

  vim: Upgrade 9.0.0341 -> 9.0.0453 (2022-09-14 08:08:22 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Andrei Gherzan (1):
  qemu: Define libnfs PACKAGECONFIG

Chee Yang Lee (1):
  qemu: fix and ignore several CVEs

Hitendra Prajapati (1):
  connman: CVE-2022-32293 man-in-the-middle attack against a WISPR HTTP

Richard Purdie (1):
  qemu: Add PACKAGECONFIG for brlapi

Virendra Thakur (2):
  sqlite3: Fix CVE-2020-35525
  sqlite3: Fix CVE-2020-35527

 .../connman/connman/CVE-2022-32293.patch      | 266 ++++++++++++++++++
 .../connman/connman_1.37.bb                   |   1 +
 meta/recipes-devtools/qemu/qemu.inc           |  17 ++
 .../qemu/qemu/CVE-2020-13754-1.patch          |  91 ++++++
 .../qemu/qemu/CVE-2020-13754-2.patch          |  69 +++++
 .../qemu/qemu/CVE-2020-13754-3.patch          |  65 +++++
 .../qemu/qemu/CVE-2020-13754-4.patch          |  39 +++
 .../qemu/qemu/CVE-2021-3713.patch             |  67 +++++
 .../qemu/qemu/CVE-2021-3748.patch             | 124 ++++++++
 .../qemu/qemu/CVE-2021-3930.patch             |  53 ++++
 .../qemu/qemu/CVE-2021-4206.patch             |  89 ++++++
 .../qemu/qemu/CVE-2021-4207.patch             |  43 +++
 .../qemu/qemu/CVE-2022-0216-1.patch           |  42 +++
 .../qemu/qemu/CVE-2022-0216-2.patch           |  52 ++++
 .../sqlite/files/CVE-2020-35525.patch         |  21 ++
 .../sqlite/files/CVE-2020-35527.patch         |  22 ++
 meta/recipes-support/sqlite/sqlite3_3.31.1.bb |   2 +
 17 files changed, 1063 insertions(+)
 create mode 100644 meta/recipes-connectivity/connman/connman/CVE-2022-32293.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-13754-1.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-13754-2.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-13754-3.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-13754-4.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3713.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3748.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3930.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-4206.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-4207.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2022-0216-1.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2022-0216-2.patch
 create mode 100644 meta/recipes-support/sqlite/files/CVE-2020-35525.patch
 create mode 100644 meta/recipes-support/sqlite/files/CVE-2020-35527.patch

-- 
2.25.1

[OE-core][dunfell 0/6] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by end
of day Thursday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4272

The following changes since commit ef38f7acee3f0ae400138fa60f4695a86dffc16e:

  linux-yocto/5.4: update to v5.4.213 (2022-09-22 04:40:18 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Dmitry Baryshkov (3):
  linux-firmware: upgrade 20220708 -> 20220913
  linux-firmware: package new Qualcomm firmware
  linux-firmware: package new Qualcomm firmware

Minjae Kim (1):
  inetutils: CVE-2022-39028 - fix remote DoS vulnerability in
    inetutils-telnetd

Richard Purdie (1):
  vim: Upgrade 9.0.453 -> 9.0.541

Robert Joslyn (1):
  tzdata: Update from 2022b to 2022c

 .../inetutils/inetutils/CVE-2022-39028.patch  | 54 +++++++++++++++++++
 .../inetutils/inetutils_1.9.4.bb              |  1 +
 meta/recipes-extended/timezone/timezone.inc   |  6 +--
 ...20220708.bb => linux-firmware_20220913.bb} | 39 ++++++++++++--
 meta/recipes-support/vim/vim.inc              |  4 +-
 5 files changed, 95 insertions(+), 9 deletions(-)
 create mode 100644 meta/recipes-connectivity/inetutils/inetutils/CVE-2022-39028.patch
 rename meta/recipes-kernel/linux-firmware/{linux-firmware_20220708.bb => linux-firmware_20220913.bb} (94%)

-- 
2.25.1

[OE-core][dunfell 0/6] Patch review

[Steve Sakoman]

Please review this final set of patches for the dunfell 3.1.24 release.

We hope to do the release build this Thursday, so please have any comments
back as soon as possible.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5043

The following changes since commit 51424b9955374196307aaf73cf4b6c184ce4fb6d:

  devshell: Do not add scripts/git-intercept to PATH (2023-03-06 04:54:35 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Ming Liu (1):
  linux: inherit pkgconfig in kernel.bbclass

Richard Purdie (1):
  oeqa/selftest/prservice: Improve debug output for failure

Ross Burton (2):
  shadow: ignore CVE-2016-15024
  vim: add missing pkgconfig inherit

Siddharth Doshi (1):
  harfbuzz: Security fix for CVE-2023-25193

Vivek Kumbhar (1):
  gnutls: fix CVE-2023-0361 timing side-channel in the TLS RSA key
    exchange code

 meta/classes/kernel.bbclass                   |   2 +-
 meta/lib/oeqa/selftest/cases/prservice.py     |   2 +-
 meta/recipes-extended/shadow/shadow_4.8.1.bb  |   4 +
 .../harfbuzz/CVE-2023-25193-pre0.patch        | 335 ++++++++++++++++++
 .../harfbuzz/CVE-2023-25193-pre1.patch        | 135 +++++++
 .../harfbuzz/harfbuzz/CVE-2023-25193.patch    | 179 ++++++++++
 .../harfbuzz/harfbuzz_2.6.4.bb                |   5 +-
 meta/recipes-kernel/linux/linux-yocto-dev.bb  |   2 -
 .../gnutls/gnutls/CVE-2023-0361.patch         |  85 +++++
 meta/recipes-support/gnutls/gnutls_3.6.14.bb  |   1 +
 meta/recipes-support/vim/vim.inc              |   2 +-
 11 files changed, 746 insertions(+), 6 deletions(-)
 create mode 100644 meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2023-25193-pre0.patch
 create mode 100644 meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2023-25193-pre1.patch
 create mode 100644 meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2023-25193.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2023-0361.patch

-- 
2.34.1

[OE-core][dunfell 0/6] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by
end of day Thursday, October 26

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6098

with the exception of a known intermittent reproducibility issue with the
vim-common package.

The following changes since commit 6b4a583169ae40a8d51e7ffa33785409b5111a81:

  systemd: Backport systemd-resolved: use hostname for certificate validation in DoT (2023-10-16 05:07:13 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Ashish Sharma (1):
  binutils: Backport fix CVE-2023-25588

Meenali Gupta (1):
  linux-firmware: upgrade 20230625 -> 20230804

Richard Purdie (1):
  resulttool/report: Avoid divide by zero

Siddharth Doshi (1):
  vim: Upgrade 9.0.2009 -> 9.0.2048

Steve Sakoman (2):
  patch.py: Use shlex instead of deprecated pipe
  cve-exclusion_5.4.inc: update for 5.4.257

 meta/lib/oe/patch.py                          |   6 +-
 .../binutils/binutils-2.34.inc                |   1 +
 .../binutils/binutils/CVE-2023-25588.patch    | 146 ++++++++++++
 ...20230625.bb => linux-firmware_20230804.bb} |   4 +-
 .../linux/cve-exclusion_5.4.inc               | 207 +++++++++++++++---
 meta/recipes-support/vim/vim.inc              |   4 +-
 scripts/lib/resulttool/report.py              |   5 +-
 7 files changed, 338 insertions(+), 35 deletions(-)
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2023-25588.patch
 rename meta/recipes-kernel/linux-firmware/{linux-firmware_20230625.bb => linux-firmware_20230804.bb} (99%)

-- 
2.34.1

[OE-core][dunfell 0/6] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by
end of day Thursday, December 28

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6376

The following changes since commit 05d9f9c6b27c0216fa4e349109ef42cf91bb4084:

  testimage: Exclude wtmp from target-dumper commands (2023-12-21 04:08:46 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Hitendra Prajapati (1):
  bluez5: fix CVE-2023-45866

Lee Chee Yang (1):
  curl: fix CVE-2023-46218

Steve Sakoman (1):
  testimage: drop target_dumper and  host_dumper

Vijay Anusuri (2):
  flac: Backport fix for CVE-2021-0561
  openssh: backport Debian patch for CVE-2023-48795

Virendra Thakur (1):
  binutils: fix multiple cve

 meta/classes/testimage.bbclass                |  21 -
 meta/recipes-connectivity/bluez5/bluez5.inc   |   1 +
 .../bluez5/bluez5/CVE-2023-45866.patch        |  54 ++
 .../openssh/openssh/CVE-2023-48795.patch      | 468 ++++++++++++++++++
 .../openssh/openssh_8.2p1.bb                  |   1 +
 .../binutils/binutils-2.34.inc                |   6 +
 .../binutils/binutils/CVE-2022-47007.patch    |  32 ++
 .../binutils/binutils/CVE-2022-47008.patch    |  64 +++
 .../binutils/binutils/CVE-2022-47010.patch    |  34 ++
 .../binutils/binutils/CVE-2022-47011.patch    |  31 ++
 .../binutils/binutils/CVE-2022-47695.patch    |  57 +++
 .../binutils/binutils/CVE-2022-48063.patch    |  49 ++
 .../flac/files/CVE-2021-0561.patch            |  34 ++
 meta/recipes-multimedia/flac/flac_1.3.3.bb    |   1 +
 .../curl/curl/CVE-2023-46218.patch            |  52 ++
 meta/recipes-support/curl/curl_7.69.1.bb      |   1 +
 16 files changed, 885 insertions(+), 21 deletions(-)
 create mode 100644 meta/recipes-connectivity/bluez5/bluez5/CVE-2023-45866.patch
 create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2023-48795.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2022-47007.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2022-47008.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2022-47010.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2022-47011.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2022-47695.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2022-48063.patch
 create mode 100644 meta/recipes-multimedia/flac/files/CVE-2021-0561.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2023-46218.patch

-- 
2.34.1

[OE-core][dunfell 0/6] Patch review

[Steve Sakoman]

Please review this set of changes for dunfell and have comments back by
end of day Friday, January 19

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6460

The following changes since commit b3dd6852c0d6b8aa9b36377d7024ac95062e8098:

  linux-firmware: upgrade 20230804 -> 20231030 (2024-01-04 07:24:12 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Peter Marko (1):
  zlib: ignore CVE-2023-6992

Vijay Anusuri (5):
  go: Backport fix for CVE-2023-45287
  xserver-xorg: Fix for CVE-2023-6377 and CVE-2023-6478
  libxml2: Fix for CVE-2023-45322
  qemu: Backport fix for CVE-2023-2861
  libtiff: Fix for CVE-2023-6228

 .../libxml/libxml2/CVE-2023-45322-1.patch     |   50 +
 .../libxml/libxml2/CVE-2023-45322-2.patch     |   80 +
 meta/recipes-core/libxml/libxml2_2.9.10.bb    |    2 +
 meta/recipes-core/zlib/zlib_1.2.11.bb         |    3 +
 meta/recipes-devtools/go/go-1.14.inc          |    4 +
 .../go/go-1.14/CVE-2023-45287-pre1.patch      |  393 ++++
 .../go/go-1.14/CVE-2023-45287-pre2.patch      |  401 ++++
 .../go/go-1.14/CVE-2023-45287-pre3.patch      |   86 +
 .../go/go-1.14/CVE-2023-45287.patch           | 1697 +++++++++++++++++
 meta/recipes-devtools/qemu/qemu.inc           |    2 +
 ...x-libcap-header-issue-on-some-distro.patch |    9 +-
 ...e-O_NOATIME-if-we-don-t-have-permiss.patch |   63 +
 .../qemu/qemu/CVE-2023-2861.patch             |  178 ++
 .../xserver-xorg/CVE-2023-6377.patch          |   79 +
 .../xserver-xorg/CVE-2023-6478.patch          |   63 +
 .../xorg-xserver/xserver-xorg_1.20.14.bb      |    2 +
 .../libtiff/files/CVE-2023-6228.patch         |   30 +
 meta/recipes-multimedia/libtiff/tiff_4.1.0.bb |    1 +
 18 files changed, 3140 insertions(+), 3 deletions(-)
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2023-45322-1.patch
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2023-45322-2.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-45287-pre1.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-45287-pre2.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-45287-pre3.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-45287.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/9pfs-local-ignore-O_NOATIME-if-we-don-t-have-permiss.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-2861.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-6377.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-6478.patch
 create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2023-6228.patch

-- 
2.34.1