From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 00/29] Pull request (cover letter only)
Date: Wed, 23 Feb 2022 12:16:01 -1000 [thread overview]
Message-ID: <cover.1645654380.git.steve@sakoman.com> (raw)
The following changes since commit 88c0290520c9e4982d25c20e783bd91eec016b52:
libusb1: correct SRC_URI (2022-02-07 04:40:13 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
Alexander Kanavin (2):
ruby: correctly set native/target dependencies
vim: do not report upstream version check as broken
Bruce Ashfield (3):
linux-yocto/5.4: update to v5.4.173
linux-yocto/5.4: update to v5.4.176
linux-yocto/5.4: update to v5.4.178
Christian Eggers (1):
sdk: fix search for dynamic loader
Florian Amstutz (1):
devtool: deploy-target: Remove stripped binaries in pseudo context
Konrad Weihmann (1):
ruby: fix DEPENDS append
Martin Beeger (1):
cmake: remove bogus CMAKE_LDFLAGS_FLAGS definition from toolchain file
Purushottam Choudhary (1):
freetype: add missing CVE tag CVE-2020-15999
Richard Purdie (3):
default-distrovars.inc: Switch connectivity check to a
yoctoproject.org page
vim: Upgrade 4269 -> 4134
vim: Upgrade 8.2.4314 -> 8.2.4424
Ross Burton (5):
lighttpd: backport a fix for CVE-2022-22707
vim: set PACKAGECONFIG idiomatically
vim: upgrade to 8.2 patch 3752
vim: update to include latest CVE fixes
vim: upgrade to patch 4269
Saul Wold (1):
recipetool: Fix circular reference in SRC_URI
Stefan Herbrechtsmeier (1):
cve-check: create directory of CVE_CHECK_MANIFEST before copy
Steve Sakoman (6):
expat: fix CVE-2022-23990
connman: fix CVE-2022-23096-7
connman: fix CVE-2022-23098
connman: fix CVE-2021-33833
wpa-supplicant: fix CVE-2022-23303-4
Revert "vim: fix CVE-2021-4069"
Sundeep KOKKONDA (1):
binutils: Fix CVE-2021-45078
bkylerussell@gmail.com (1):
rpm: fix intermittent compression failure in do_package_write_rpm
wangmy (1):
linux-firmware: upgrade 20211216 -> 20220209
meta/classes/cve-check.bbclass | 1 +
meta/classes/sanity.bbclass | 2 +-
.../distro/include/default-distrovars.inc | 2 +-
meta/files/toolchain-shar-relocate.sh | 2 +-
.../connman/connman/CVE-2021-33833.patch | 72 +++
.../connman/connman/CVE-2022-23096-7.patch | 121 ++++
.../connman/connman/CVE-2022-23098.patch | 50 ++
.../connman/connman_1.37.bb | 3 +
.../wpa-supplicant/CVE-2022-23303-4.patch | 609 ++++++++++++++++++
.../wpa-supplicant/wpa-supplicant_2.9.bb | 1 +
.../expat/expat/CVE-2022-23990.patch | 49 ++
meta/recipes-core/expat/expat_2.2.9.bb | 1 +
.../binutils/binutils-2.34.inc | 1 +
.../binutils/0001-CVE-2021-45078.patch | 257 ++++++++
.../cmake/cmake/OEToolchainConfig.cmake | 1 -
..._internal-mode-parsing-when-Tn-is-us.patch | 34 +
meta/recipes-devtools/rpm/rpm_4.14.2.1.bb | 1 +
meta/recipes-devtools/ruby/ruby.inc | 4 +-
...ix-out-of-bounds-OOB-write-fixes-313.patch | 100 +++
.../lighttpd/lighttpd_1.4.55.bb | 1 +
...-sfnt-Fix-heap-buffer-overflow-59308.patch | 3 +
...20211216.bb => linux-firmware_20220209.bb} | 4 +-
.../linux/linux-yocto-rt_5.4.bb | 6 +-
.../linux/linux-yocto-tiny_5.4.bb | 8 +-
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +-
...1-reading-character-past-end-of-line.patch | 62 --
...src-Makefile-improve-reproducibility.patch | 13 +-
...28-using-freed-memory-when-replacing.patch | 83 ---
...eading-uninitialized-memory-when-giv.patch | 63 --
...rash-when-using-CTRL-W-f-without-fin.patch | 92 ---
...llegal-memory-access-if-buffer-name-.patch | 86 ---
...ml_get-error-after-search-with-range.patch | 72 ---
...nvalid-memory-access-when-scrolling-.patch | 97 ---
.../vim/files/CVE-2021-3778.patch | 61 --
.../vim/files/CVE-2021-4069.patch | 43 --
...1e135a16091c93f6f5f7525a5c58fb7ca9f9.patch | 207 ------
.../vim/files/disable_acl_header_check.patch | 15 +-
.../vim/files/no-path-adjust.patch | 8 +-
meta/recipes-support/vim/files/racefix.patch | 6 +-
...m-add-knob-whether-elf.h-are-checked.patch | 13 +-
meta/recipes-support/vim/vim.inc | 27 +-
scripts/lib/devtool/deploy.py | 2 +-
scripts/lib/recipetool/create.py | 2 +-
43 files changed, 1364 insertions(+), 943 deletions(-)
create mode 100644 meta/recipes-connectivity/connman/connman/CVE-2021-33833.patch
create mode 100644 meta/recipes-connectivity/connman/connman/CVE-2022-23096-7.patch
create mode 100644 meta/recipes-connectivity/connman/connman/CVE-2022-23098.patch
create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2022-23303-4.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2022-23990.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0001-CVE-2021-45078.patch
create mode 100644 meta/recipes-devtools/rpm/files/0001-rpmio-Fix-lzopen_internal-mode-parsing-when-Tn-is-us.patch
create mode 100644 meta/recipes-extended/lighttpd/lighttpd/0001-mod_extforward-fix-out-of-bounds-OOB-write-fixes-313.patch
rename meta/recipes-kernel/linux-firmware/{linux-firmware_20211216.bb => linux-firmware_20220209.bb} (99%)
delete mode 100644 meta/recipes-support/vim/files/0001-patch-8.2.3581-reading-character-past-end-of-line.patch
delete mode 100644 meta/recipes-support/vim/files/0002-patch-8.2.3428-using-freed-memory-when-replacing.patch
delete mode 100644 meta/recipes-support/vim/files/0002-patch-8.2.3582-reading-uninitialized-memory-when-giv.patch
delete mode 100644 meta/recipes-support/vim/files/0002-patch-8.2.3611-crash-when-using-CTRL-W-f-without-fin.patch
delete mode 100644 meta/recipes-support/vim/files/0003-patch-8.2.3487-illegal-memory-access-if-buffer-name-.patch
delete mode 100644 meta/recipes-support/vim/files/0004-patch-8.2.3489-ml_get-error-after-search-with-range.patch
delete mode 100644 meta/recipes-support/vim/files/0005-patch-8.2.3564-invalid-memory-access-when-scrolling-.patch
delete mode 100644 meta/recipes-support/vim/files/CVE-2021-3778.patch
delete mode 100644 meta/recipes-support/vim/files/CVE-2021-4069.patch
delete mode 100644 meta/recipes-support/vim/files/b7081e135a16091c93f6f5f7525a5c58fb7ca9f9.patch
--
2.25.1
next reply other threads:[~2022-02-23 22:16 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-23 22:16 Steve Sakoman [this message]
-- strict thread matches above, loose matches on Subject: below --
2021-11-03 0:11 [OE-core][dunfell 00/29] Pull request (cover letter only) Steve Sakoman
2021-11-03 11:21 ` Richard Purdie
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1645654380.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox