[OE-core][dunfell 00/20] Patch review

public inbox for openembedded-core@lists.openembedded.org
 help / color / mirror / Atom feed

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 00/20] Patch review
Date: Mon, 21 Feb 2022 04:13:58 -1000	[thread overview]
Message-ID: <cover.1645452535.git.steve@sakoman.com> (raw)

Please review this set of patches for dunfell and have comments back by end
of day Wednesday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3253

The following changes since commit 88c0290520c9e4982d25c20e783bd91eec016b52:

  libusb1: correct SRC_URI (2022-02-07 04:40:13 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Alexander Kanavin (1):
  ruby: correctly set native/target dependencies

Bruce Ashfield (3):
  linux-yocto/5.4: update to v5.4.173
  linux-yocto/5.4: update to v5.4.176
  linux-yocto/5.4: update to v5.4.178

Christian Eggers (1):
  sdk: fix search for dynamic loader

Florian Amstutz (1):
  devtool: deploy-target: Remove stripped binaries in pseudo context

Martin Beeger (1):
  cmake: remove bogus CMAKE_LDFLAGS_FLAGS definition from toolchain file

Purushottam Choudhary (1):
  freetype: add missing CVE tag CVE-2020-15999

Richard Purdie (1):
  default-distrovars.inc: Switch connectivity check to a
    yoctoproject.org page

Ross Burton (1):
  lighttpd: backport a fix for CVE-2022-22707

Saul Wold (1):
  recipetool: Fix circular reference in SRC_URI

Stefan Herbrechtsmeier (1):
  cve-check: create directory of CVE_CHECK_MANIFEST before copy

Steve Sakoman (5):
  expat: fix CVE-2022-23990
  connman: fix CVE-2022-23096-7
  connman: fix CVE-2022-23098
  connman: fix CVE-2021-33833
  wpa-supplicant: fix CVE-2022-23303-4

Sundeep KOKKONDA (1):
  binutils: Fix CVE-2021-45078

bkylerussell@gmail.com (1):
  rpm: fix intermittent compression failure in do_package_write_rpm

wangmy (1):
  linux-firmware: upgrade 20211216 -> 20220209

 meta/classes/cve-check.bbclass                |   1 +
 meta/classes/sanity.bbclass                   |   2 +-
 .../distro/include/default-distrovars.inc     |   2 +-
 meta/files/toolchain-shar-relocate.sh         |   2 +-
 .../connman/connman/CVE-2021-33833.patch      |  72 +++
 .../connman/connman/CVE-2022-23096-7.patch    | 121 ++++
 .../connman/connman/CVE-2022-23098.patch      |  50 ++
 .../connman/connman_1.37.bb                   |   3 +
 .../wpa-supplicant/CVE-2022-23303-4.patch     | 609 ++++++++++++++++++
 .../wpa-supplicant/wpa-supplicant_2.9.bb      |   1 +
 .../expat/expat/CVE-2022-23990.patch          |  49 ++
 meta/recipes-core/expat/expat_2.2.9.bb        |   1 +
 .../binutils/binutils-2.34.inc                |   1 +
 .../binutils/0001-CVE-2021-45078.patch        | 257 ++++++++
 .../cmake/cmake/OEToolchainConfig.cmake       |   1 -
 ..._internal-mode-parsing-when-Tn-is-us.patch |  34 +
 meta/recipes-devtools/rpm/rpm_4.14.2.1.bb     |   1 +
 meta/recipes-devtools/ruby/ruby.inc           |   4 +-
 ...ix-out-of-bounds-OOB-write-fixes-313.patch | 100 +++
 .../lighttpd/lighttpd_1.4.55.bb               |   1 +
 ...-sfnt-Fix-heap-buffer-overflow-59308.patch |   3 +
 ...20211216.bb => linux-firmware_20220209.bb} |   4 +-
 .../linux/linux-yocto-rt_5.4.bb               |   6 +-
 .../linux/linux-yocto-tiny_5.4.bb             |   8 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  |  22 +-
 scripts/lib/devtool/deploy.py                 |   2 +-
 scripts/lib/recipetool/create.py              |   2 +-
 27 files changed, 1331 insertions(+), 28 deletions(-)
 create mode 100644 meta/recipes-connectivity/connman/connman/CVE-2021-33833.patch
 create mode 100644 meta/recipes-connectivity/connman/connman/CVE-2022-23096-7.patch
 create mode 100644 meta/recipes-connectivity/connman/connman/CVE-2022-23098.patch
 create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2022-23303-4.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2022-23990.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0001-CVE-2021-45078.patch
 create mode 100644 meta/recipes-devtools/rpm/files/0001-rpmio-Fix-lzopen_internal-mode-parsing-when-Tn-is-us.patch
 create mode 100644 meta/recipes-extended/lighttpd/lighttpd/0001-mod_extforward-fix-out-of-bounds-OOB-write-fixes-313.patch
 rename meta/recipes-kernel/linux-firmware/{linux-firmware_20211216.bb => linux-firmware_20220209.bb} (99%)

-- 
2.25.1

next             reply	other threads:[~2022-02-21 14:14 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-02-21 14:13 Steve Sakoman [this message]
2022-02-21 14:13 ` [OE-core][dunfell 01/20] expat: fix CVE-2022-23990 Steve Sakoman
2022-02-21 14:14 ` [OE-core][dunfell 02/20] connman: fix CVE-2022-23096-7 Steve Sakoman
2022-02-21 14:14 ` [OE-core][dunfell 03/20] connman: fix CVE-2022-23098 Steve Sakoman
2022-02-21 14:14 ` [OE-core][dunfell 04/20] connman: fix CVE-2021-33833 Steve Sakoman
2022-02-21 14:14 ` [OE-core][dunfell 05/20] wpa-supplicant: fix CVE-2022-23303-4 Steve Sakoman
2022-02-21 14:14 ` [OE-core][dunfell 06/20] lighttpd: backport a fix for CVE-2022-22707 Steve Sakoman
2022-02-21 14:14 ` [OE-core][dunfell 07/20] binutils: Fix CVE-2021-45078 Steve Sakoman
2022-02-21 14:14 ` [OE-core][dunfell 08/20] freetype: add missing CVE tag CVE-2020-15999 Steve Sakoman
2022-02-21 14:14 ` [OE-core][dunfell 09/20] cve-check: create directory of CVE_CHECK_MANIFEST before copy Steve Sakoman
2022-02-21 14:14 ` [OE-core][dunfell 10/20] recipetool: Fix circular reference in SRC_URI Steve Sakoman
2022-02-21 14:14 ` [OE-core][dunfell 11/20] devtool: deploy-target: Remove stripped binaries in pseudo context Steve Sakoman
2022-02-21 14:14 ` [OE-core][dunfell 12/20] rpm: fix intermittent compression failure in do_package_write_rpm Steve Sakoman
2022-02-21 14:14 ` [OE-core][dunfell 13/20] cmake: remove bogus CMAKE_LDFLAGS_FLAGS definition from toolchain file Steve Sakoman
2022-02-21 14:14 ` [OE-core][dunfell 14/20] linux-yocto/5.4: update to v5.4.173 Steve Sakoman
2022-02-21 14:14 ` [OE-core][dunfell 15/20] linux-yocto/5.4: update to v5.4.176 Steve Sakoman
2022-02-21 14:14 ` [OE-core][dunfell 16/20] linux-yocto/5.4: update to v5.4.178 Steve Sakoman
2022-02-21 14:14 ` [OE-core][dunfell 17/20] linux-firmware: upgrade 20211216 -> 20220209 Steve Sakoman
2022-02-21 14:14 ` [OE-core][dunfell 18/20] sdk: fix search for dynamic loader Steve Sakoman
2022-02-21 14:14 ` [OE-core][dunfell 19/20] default-distrovars.inc: Switch connectivity check to a yoctoproject.org page Steve Sakoman
2022-02-21 14:14 ` [OE-core][dunfell 20/20] ruby: correctly set native/target dependencies Steve Sakoman
2022-02-21 14:17   ` Konrad Weihmann
2022-02-21 14:32     ` Steve Sakoman
  -- strict thread matches above, loose matches on Subject: below --
2022-02-03 19:50 [OE-core][dunfell 00/20] Patch review Steve Sakoman
2020-11-06 14:35 Steve Sakoman
2020-07-17 14:37 Steve Sakoman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=cover.1645452535.git.steve@sakoman.com \
    --to=steve@sakoman.com \
    --cc=openembedded-core@lists.openembedded.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox