From: "Steve Sakoman" <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 00/25] Patch review
Date: Fri, 24 Sep 2021 04:15:04 -1000 [thread overview]
Message-ID: <cover.1632492565.git.steve@sakoman.com> (raw)
Please review this next set of patches for dunfell and have comments back by end of
day Tuesday. Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/2639
The following changes since commit 49ca1f62cc17c951b7737a4ee3c236f732bc8ebe:
build-appliance-image: Update to dunfell head revision (2021-09-15 10:42:23 +0100)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
Alexander Kanavin (2):
wic: keep rootfs_size as integer
testimage: symlink the task log and qemu console log to tmp/log/oeqa
Armin Kuster (9):
libgcrypt: Security fix CVE-2021-33560
apr: Security fix for CVE-2021-35940
libsndfile: Security fix for CVE-2021-3246
qemu: Security fix CVE-2020-12829
qemu: Security fix for CVE-2020-27617
qemu: Security fix for CVE-2020-28916
nettle: Security fix for CVE-2021-3580
nettle: Security fix for CVE-2021-20305
tar: ignore node-tar CVEs
Bruce Ashfield (2):
linux-yocto/5.4: update to v5.4.143
linux-yocto/5.4: update to v5.4.144
Jon Mason (2):
Update mailing list address
core-image-sato: Fix runqemu error for qemuarmv5
Kai Kang (1):
squashfs-tools: fix CVE-2021-40153
Mike Crowe (1):
curl: Fix CVE-2021-22946 and CVE-2021-22947, whitelist CVE-2021-22945
Ranjitsinh Rathod (1):
rpm: Handle proper return value to avoid major issues
Richard Purdie (3):
vim: Backport fix for CVE-2021-3770
useradd: Ensure preinst data is expanded correctly in pkgdata
bash: Ensure deterministic build
Ross Burton (1):
libsoup-2.4: remove obsolete intltool dependency
Sakib Sajal (1):
qemu: fix CVE-2021-3682
Steve Sakoman (1):
connman: add CVE_PRODUCT
Visa Hankala (1):
iputils: Fix regression of arp table update
meta/classes/testimage.bbclass | 12 +-
meta/classes/useradd.bbclass | 4 +
meta/conf/distro/include/maintainers.inc | 2 +-
meta/recipes-connectivity/connman/connman.inc | 2 +
.../ldconfig-native-2.12.1/ldconfig.patch | 2 +-
meta/recipes-devtools/qemu/qemu.inc | 8 +
.../qemu/qemu/CVE-2020-12829_1.patch | 164 ++++++++
.../qemu/qemu/CVE-2020-12829_2.patch | 139 +++++++
.../qemu/qemu/CVE-2020-12829_3.patch | 47 +++
.../qemu/qemu/CVE-2020-12829_4.patch | 100 +++++
.../qemu/qemu/CVE-2020-12829_5.patch | 266 +++++++++++++
.../qemu/qemu/CVE-2020-27617.patch | 49 +++
.../qemu/qemu/CVE-2020-28916.patch | 48 +++
.../qemu/qemu/CVE-2021-3682.patch | 41 ++
...rict-virtual-memory-usage-if-limit-s.patch | 25 +-
.../squashfs-tools/files/CVE-2021-40153.patch | 253 +++++++++++++
.../squashfs-tools/squashfs-tools_git.bb | 1 +
meta/recipes-extended/bash/bash.inc | 5 +
...ng-make-update-neighbours-work-again.patch | 79 ++++
.../iputils/iputils_s20190709.bb | 1 +
meta/recipes-extended/tar/tar_1.32.bb | 1 +
.../linux/linux-yocto-rt_5.4.bb | 6 +-
.../linux/linux-yocto-tiny_5.4.bb | 8 +-
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +-
.../libsndfile1/CVE-2021-3246_1.patch | 36 ++
.../libsndfile1/CVE-2021-3246_2.patch | 44 +++
.../libsndfile/libsndfile1_1.0.28.bb | 2 +
meta/recipes-sato/images/core-image-sato.bb | 1 +
.../apr/apr/CVE-2021-35940.patch | 58 +++
meta/recipes-support/apr/apr_1.7.0.bb | 1 +
.../curl/curl/CVE-2021-22946-pre1.patch | 86 +++++
.../curl/curl/CVE-2021-22946.patch | 328 ++++++++++++++++
.../curl/curl/CVE-2021-22947.patch | 352 ++++++++++++++++++
meta/recipes-support/curl/curl_7.69.1.bb | 5 +-
.../libgcrypt/files/CVE-2021-33560.patch | 109 ++++++
.../libgcrypt/libgcrypt_1.8.5.bb | 1 +
.../libsoup/libsoup-2.4_2.68.4.bb | 2 +-
.../nettle-3.5.1/CVE-2021-20305-1.patch | 215 +++++++++++
.../nettle-3.5.1/CVE-2021-20305-2.patch | 53 +++
.../nettle-3.5.1/CVE-2021-20305-3.patch | 122 ++++++
.../nettle-3.5.1/CVE-2021-20305-4.patch | 48 +++
.../nettle-3.5.1/CVE-2021-20305-5.patch | 53 +++
.../nettle/nettle-3.5.1/CVE-2021-3580_1.patch | 277 ++++++++++++++
.../nettle/nettle-3.5.1/CVE-2021-3580_2.patch | 163 ++++++++
meta/recipes-support/nettle/nettle_3.5.1.bb | 7 +
...1e135a16091c93f6f5f7525a5c58fb7ca9f9.patch | 207 ++++++++++
meta/recipes-support/vim/vim.inc | 2 +
scripts/lib/wic/partition.py | 2 +-
48 files changed, 3423 insertions(+), 36 deletions(-)
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-12829_1.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-12829_2.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-12829_3.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-12829_4.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-12829_5.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-27617.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-28916.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3682.patch
create mode 100644 meta/recipes-devtools/squashfs-tools/files/CVE-2021-40153.patch
create mode 100644 meta/recipes-extended/iputils/iputils/0001-arping-make-update-neighbours-work-again.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-3246_1.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-3246_2.patch
create mode 100644 meta/recipes-support/apr/apr/CVE-2021-35940.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2021-22946-pre1.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2021-22946.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2021-22947.patch
create mode 100644 meta/recipes-support/libgcrypt/files/CVE-2021-33560.patch
create mode 100644 meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-1.patch
create mode 100644 meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-2.patch
create mode 100644 meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-3.patch
create mode 100644 meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-4.patch
create mode 100644 meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-5.patch
create mode 100644 meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-3580_1.patch
create mode 100644 meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-3580_2.patch
create mode 100644 meta/recipes-support/vim/files/b7081e135a16091c93f6f5f7525a5c58fb7ca9f9.patch
--
2.25.1
next reply other threads:[~2021-09-24 14:15 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-24 14:15 Steve Sakoman [this message]
2021-09-24 14:15 ` [OE-core][dunfell 01/25] libgcrypt: Security fix CVE-2021-33560 Steve Sakoman
2021-09-24 14:15 ` [OE-core][dunfell 02/25] apr: Security fix for CVE-2021-35940 Steve Sakoman
2021-09-24 14:15 ` [OE-core][dunfell 03/25] libsndfile: Security fix for CVE-2021-3246 Steve Sakoman
2021-09-24 14:15 ` [OE-core][dunfell 04/25] qemu: Security fix CVE-2020-12829 Steve Sakoman
2021-09-24 14:15 ` [OE-core][dunfell 05/25] qemu: Security fix for CVE-2020-27617 Steve Sakoman
2021-09-24 14:15 ` [OE-core][dunfell 06/25] qemu: Security fix for CVE-2020-28916 Steve Sakoman
2021-09-24 14:15 ` [OE-core][dunfell 07/25] qemu: fix CVE-2021-3682 Steve Sakoman
2021-09-24 14:15 ` [OE-core][dunfell 08/25] nettle: Security fix for CVE-2021-3580 Steve Sakoman
2021-09-24 14:15 ` [OE-core][dunfell 09/25] curl: Fix CVE-2021-22946 and CVE-2021-22947, whitelist CVE-2021-22945 Steve Sakoman
2021-09-24 14:15 ` [OE-core][dunfell 10/25] nettle: Security fix for CVE-2021-20305 Steve Sakoman
2021-09-24 14:15 ` [OE-core][dunfell 11/25] squashfs-tools: fix CVE-2021-40153 Steve Sakoman
2021-09-24 14:15 ` [OE-core][dunfell 12/25] tar: ignore node-tar CVEs Steve Sakoman
2021-09-24 14:15 ` [OE-core][dunfell 13/25] vim: Backport fix for CVE-2021-3770 Steve Sakoman
2021-09-24 14:15 ` [OE-core][dunfell 14/25] iputils: Fix regression of arp table update Steve Sakoman
2021-09-24 14:15 ` [OE-core][dunfell 15/25] linux-yocto/5.4: update to v5.4.143 Steve Sakoman
2021-09-24 14:15 ` [OE-core][dunfell 16/25] linux-yocto/5.4: update to v5.4.144 Steve Sakoman
2021-09-24 14:15 ` [OE-core][dunfell 17/25] rpm: Handle proper return value to avoid major issues Steve Sakoman
2021-09-24 14:15 ` [OE-core][dunfell 18/25] useradd: Ensure preinst data is expanded correctly in pkgdata Steve Sakoman
2021-09-24 14:15 ` [OE-core][dunfell 19/25] bash: Ensure deterministic build Steve Sakoman
2021-09-24 14:15 ` [OE-core][dunfell 20/25] Update mailing list address Steve Sakoman
2021-09-24 14:15 ` [OE-core][dunfell 21/25] core-image-sato: Fix runqemu error for qemuarmv5 Steve Sakoman
2021-09-24 14:15 ` [OE-core][dunfell 22/25] wic: keep rootfs_size as integer Steve Sakoman
2021-09-24 14:15 ` [OE-core][dunfell 23/25] testimage: symlink the task log and qemu console log to tmp/log/oeqa Steve Sakoman
2021-09-24 14:15 ` [OE-core][dunfell 24/25] libsoup-2.4: remove obsolete intltool dependency Steve Sakoman
2021-09-24 14:15 ` [OE-core][dunfell 25/25] connman: add CVE_PRODUCT Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2021-05-10 14:28 [OE-core][dunfell 00/25] Patch review Steve Sakoman
2020-12-14 14:36 Steve Sakoman
2020-08-30 18:15 Steve Sakoman
2020-09-01 11:07 ` Richard Purdie
2020-09-01 14:06 ` Steve Sakoman
2020-09-02 3:28 ` Christopher Clark
2020-09-02 14:52 ` Steve Sakoman
2020-07-06 16:10 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1632492565.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox