From: "Steve Sakoman" <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 00/11] Pull request (cover letter only)
Date: Fri, 3 Jun 2022 13:30:30 -1000 [thread overview]
Message-ID: <cover.1654298780.git.steve@sakoman.com> (raw)
This is the final oe-core pull request for the 3.1.17 release next week.
The following changes since commit add860e1a69f848097bbc511137a62d5746e5019:
oeqa/selftest/cve_check: add tests for recipe and image reports (2022-05-24 04:31:18 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next
Dan Tran (1):
ncurses: Fix CVE-2022-29458
Ernst Sjöstrand (2):
cve-check: Add helper for symlink handling
cve-check: Only include installed packages for rootfs manifest
Ranjitsinh Rathod (3):
ruby: Upgrade ruby to 2.7.6 for security fix
ruby: Whitelist CVE-2021-28966 as this affects Windows OS only
libsdl2: Add fix for CVE-2021-33657
Richard Purdie (2):
vim: Upgrade 8.2.4912 -> 8.2.5034 to fix 9 CVEs
cve-check: Allow warnings to be disabled
Riyaz (1):
libxml2: Fix CVE-2022-29824 for libxml2
Virendra Thakur (1):
ffmpeg: Fix for CVE-2022-1475
leimaohui (1):
cve-check.bbclass: Added do_populate_sdk[recrdeptask].
meta/classes/cve-check.bbclass | 109 ++++--
.../libxml2/CVE-2022-29824-dependent.patch | 53 +++
.../libxml/libxml2/CVE-2022-29824.patch | 348 ++++++++++++++++++
meta/recipes-core/libxml/libxml2_2.9.10.bb | 2 +
.../ncurses/files/CVE-2022-29458.patch | 135 +++++++
meta/recipes-core/ncurses/ncurses_6.2.bb | 1 +
.../ruby/{ruby_2.7.5.bb => ruby_2.7.6.bb} | 8 +-
.../libsdl2/libsdl2/CVE-2021-33657.patch | 38 ++
.../libsdl2/libsdl2_2.0.12.bb | 1 +
.../ffmpeg/ffmpeg/CVE-2022-1475.patch | 36 ++
.../recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb | 1 +
meta/recipes-support/vim/vim.inc | 4 +-
12 files changed, 694 insertions(+), 42 deletions(-)
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2022-29824-dependent.patch
create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2022-29824.patch
create mode 100644 meta/recipes-core/ncurses/files/CVE-2022-29458.patch
rename meta/recipes-devtools/ruby/{ruby_2.7.5.bb => ruby_2.7.6.bb} (90%)
create mode 100644 meta/recipes-graphics/libsdl2/libsdl2/CVE-2021-33657.patch
create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2022-1475.patch
--
2.25.1
next reply other threads:[~2022-06-03 23:30 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-03 23:30 Steve Sakoman [this message]
-- strict thread matches above, loose matches on Subject: below --
2022-11-16 14:10 [OE-core][dunfell 00/11] Pull request (cover letter only) Steve Sakoman
2022-09-30 2:38 Steve Sakoman
2022-08-21 23:03 Steve Sakoman
2022-08-12 21:11 Steve Sakoman
2022-04-20 2:42 Steve Sakoman
2022-01-24 22:32 Steve Sakoman
2022-01-18 22:23 Steve Sakoman
2021-04-22 16:04 Steve Sakoman
2020-08-07 16:39 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1654298780.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox