From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 0/8] Patch review - vim CVEs
Date: Mon, 21 Feb 2022 09:34:21 -1000 [thread overview]
Message-ID: <cover.1645465376.git.steve@sakoman.com> (raw)
There's a fairly constant flow of CVEs being reported for vim, which are
getting increasing non-trivial to backport. There are currenly 26 CVEs
outstanding for vim in dunfell.
This has been handled in master with a number of version updates. Since
vim is a fairly stand-alone package it seems to make sense to also follow
this strategy for dunfell.
This patch series backports the vim version updates from master.
I'd love to get some feedback on this approach.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3256
with the exception of a known autobuilder intermittent issue on oe-selftest-ubuntu,
which passed on subsequent retest:
https://autobuilder.yoctoproject.org/typhoon/#/builders/87/builds/3193
The following changes since commit 81fab225daf798792c139f669f5bfd96d9fd25a8:
ruby: fix DEPENDS append (2022-02-21 04:52:33 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
Alexander Kanavin (1):
vim: do not report upstream version check as broken
Richard Purdie (2):
vim: Upgrade 4269 -> 4134
vim: Upgrade 8.2.4314 -> 8.2.4424
Ross Burton (4):
vim: set PACKAGECONFIG idiomatically
vim: upgrade to 8.2 patch 3752
vim: update to include latest CVE fixes
vim: upgrade to patch 4269
Steve Sakoman (1):
Revert "vim: fix CVE-2021-4069"
...1-reading-character-past-end-of-line.patch | 62 ------
...src-Makefile-improve-reproducibility.patch | 13 +-
...28-using-freed-memory-when-replacing.patch | 83 -------
...eading-uninitialized-memory-when-giv.patch | 63 ------
...rash-when-using-CTRL-W-f-without-fin.patch | 92 --------
...llegal-memory-access-if-buffer-name-.patch | 86 --------
...ml_get-error-after-search-with-range.patch | 72 ------
...nvalid-memory-access-when-scrolling-.patch | 97 --------
.../vim/files/CVE-2021-3778.patch | 61 ------
.../vim/files/CVE-2021-4069.patch | 43 ----
...1e135a16091c93f6f5f7525a5c58fb7ca9f9.patch | 207 ------------------
.../vim/files/disable_acl_header_check.patch | 15 +-
.../vim/files/no-path-adjust.patch | 8 +-
meta/recipes-support/vim/files/racefix.patch | 6 +-
...m-add-knob-whether-elf.h-are-checked.patch | 13 +-
meta/recipes-support/vim/vim.inc | 27 +--
16 files changed, 33 insertions(+), 915 deletions(-)
delete mode 100644 meta/recipes-support/vim/files/0001-patch-8.2.3581-reading-character-past-end-of-line.patch
delete mode 100644 meta/recipes-support/vim/files/0002-patch-8.2.3428-using-freed-memory-when-replacing.patch
delete mode 100644 meta/recipes-support/vim/files/0002-patch-8.2.3582-reading-uninitialized-memory-when-giv.patch
delete mode 100644 meta/recipes-support/vim/files/0002-patch-8.2.3611-crash-when-using-CTRL-W-f-without-fin.patch
delete mode 100644 meta/recipes-support/vim/files/0003-patch-8.2.3487-illegal-memory-access-if-buffer-name-.patch
delete mode 100644 meta/recipes-support/vim/files/0004-patch-8.2.3489-ml_get-error-after-search-with-range.patch
delete mode 100644 meta/recipes-support/vim/files/0005-patch-8.2.3564-invalid-memory-access-when-scrolling-.patch
delete mode 100644 meta/recipes-support/vim/files/CVE-2021-3778.patch
delete mode 100644 meta/recipes-support/vim/files/CVE-2021-4069.patch
delete mode 100644 meta/recipes-support/vim/files/b7081e135a16091c93f6f5f7525a5c58fb7ca9f9.patch
--
2.25.1
next reply other threads:[~2022-02-21 19:34 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-21 19:34 Steve Sakoman [this message]
2022-02-21 19:34 ` [OE-core][dunfell 1/8] Revert "vim: fix CVE-2021-4069" Steve Sakoman
2022-02-21 19:34 ` [OE-core][dunfell 2/8] vim: set PACKAGECONFIG idiomatically Steve Sakoman
2022-02-21 19:34 ` [OE-core][dunfell 3/8] vim: upgrade to 8.2 patch 3752 Steve Sakoman
2022-02-21 19:34 ` [OE-core][dunfell 4/8] vim: do not report upstream version check as broken Steve Sakoman
2022-02-21 19:34 ` [OE-core][dunfell 5/8] vim: update to include latest CVE fixes Steve Sakoman
2022-02-21 19:34 ` [OE-core][dunfell 6/8] vim: upgrade to patch 4269 Steve Sakoman
2022-02-21 19:34 ` [OE-core][dunfell 7/8] vim: Upgrade 4269 -> 4134 Steve Sakoman
2022-02-21 19:34 ` [OE-core][dunfell 8/8] vim: Upgrade 8.2.4314 -> 8.2.4424 Steve Sakoman
2022-02-24 6:01 ` [OE-core][dunfell 0/8] Patch review - vim CVEs akuster808
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1645465376.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox