[OE-core][dunfell 00/14] Patch review

public inbox for openembedded-core@lists.openembedded.org
 help / color / mirror / Atom feed

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 00/14] Patch review
Date: Wed,  8 Jun 2022 04:46:24 -1000	[thread overview]
Message-ID: <cover.1654699348.git.steve@sakoman.com> (raw)

Please review this set of patches for dunfell and have comments back by
end of day Friday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3760

The following changes since commit 4051d1a3aa5f70da96c381f9dea5f52cd9306939:

  openssl: Backport fix for ptest cert expiry (2022-06-07 11:33:46 +0100)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Bruce Ashfield (1):
  linux-yocto/5.4: update to v5.4.196

Hitendra Prajapati (2):
  e2fsprogs: CVE-2022-1304 out-of-bounds read/write via crafted
    filesystem
  pcre2: CVE-2022-1587 Out-of-bounds read

Marta Rybczynska (4):
  cve-check: move update_symlinks to a library
  cve-check: write empty fragment files in the text mode
  cve-check: add coverage statistics on recipes with/without CVEs
  cve-update-db-native: make it possible to disable database updates

Richard Purdie (1):
  libxslt: Mark CVE-2022-29824 as not applying

Robert Joslyn (2):
  curl: Backport CVE fixes
  curl: Fix CVE_CHECK_WHITELIST typo

Steve Sakoman (3):
  Revert "openssl: Backport fix for ptest cert expiry"
  openssl: backport fix for ptest certificate expiration
  openssl: update the epoch time for ct_test ptest

omkar patil (1):
  libxslt: Fix CVE-2021-30560

 meta/classes/cve-check.bbclass                |  86 ++-
 meta/lib/oe/cve_check.py                      |  10 +
 ...5d82489b3ec09ccc772dfcee14fef0e8e908.patch | 192 +++++
 ...ea88c3888cc5cb3ebc94ffcef706c68bc1d2.patch |  55 --
 ...611887cfac633aacc052b2e71a7f195418b8.patch |  29 +
 .../openssl/openssl_1.1.1o.bb                 |   3 +-
 .../recipes-core/meta/cve-update-db-native.bb |   6 +-
 .../e2fsprogs/e2fsprogs/CVE-2022-1304.patch   |  42 ++
 .../e2fsprogs/e2fsprogs_1.45.7.bb             |   1 +
 .../linux/linux-yocto-rt_5.4.bb               |   6 +-
 .../linux/linux-yocto-tiny_5.4.bb             |   8 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  |  22 +-
 .../curl/curl/CVE-2022-27774-1.patch          |  45 ++
 .../curl/curl/CVE-2022-27774-2.patch          |  80 +++
 .../curl/curl/CVE-2022-27774-3.patch          |  83 +++
 .../curl/curl/CVE-2022-27774-4.patch          |  35 +
 .../curl/curl/CVE-2022-27781.patch            |  46 ++
 .../curl/curl/CVE-2022-27782-1.patch          | 363 ++++++++++
 .../curl/curl/CVE-2022-27782-2.patch          |  71 ++
 meta/recipes-support/curl/curl_7.69.1.bb      |   9 +-
 .../libpcre/libpcre2/CVE-2022-1587.patch      | 660 ++++++++++++++++++
 .../recipes-support/libpcre/libpcre2_10.34.bb |   1 +
 .../libxslt/libxslt/CVE-2021-30560.patch      | 201 ++++++
 .../recipes-support/libxslt/libxslt_1.1.34.bb |   5 +
 24 files changed, 1949 insertions(+), 110 deletions(-)
 create mode 100644 meta/recipes-connectivity/openssl/openssl/73db5d82489b3ec09ccc772dfcee14fef0e8e908.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl/770aea88c3888cc5cb3ebc94ffcef706c68bc1d2.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/b7ce611887cfac633aacc052b2e71a7f195418b8.patch
 create mode 100644 meta/recipes-devtools/e2fsprogs/e2fsprogs/CVE-2022-1304.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27774-1.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27774-2.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27774-3.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27774-4.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27781.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27782-1.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27782-2.patch
 create mode 100644 meta/recipes-support/libpcre/libpcre2/CVE-2022-1587.patch
 create mode 100644 meta/recipes-support/libxslt/libxslt/CVE-2021-30560.patch

-- 
2.25.1

next             reply	other threads:[~2022-06-08 14:46 UTC|newest]

Thread overview: 30+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-06-08 14:46 Steve Sakoman [this message]
2022-06-08 14:46 ` [OE-core][dunfell 01/14] Revert "openssl: Backport fix for ptest cert expiry" Steve Sakoman
2022-06-08 14:46 ` [OE-core][dunfell 02/14] openssl: backport fix for ptest certificate expiration Steve Sakoman
2022-06-08 14:46 ` [OE-core][dunfell 03/14] openssl: update the epoch time for ct_test ptest Steve Sakoman
2022-06-08 14:46 ` [OE-core][dunfell 04/14] e2fsprogs: CVE-2022-1304 out-of-bounds read/write via crafted filesystem Steve Sakoman
2022-06-08 14:46 ` [OE-core][dunfell 05/14] pcre2: CVE-2022-1587 Out-of-bounds read Steve Sakoman
2022-06-08 14:46 ` [OE-core][dunfell 06/14] libxslt: Fix CVE-2021-30560 Steve Sakoman
2022-06-08 14:46 ` [OE-core][dunfell 07/14] libxslt: Mark CVE-2022-29824 as not applying Steve Sakoman
2022-06-08 14:46 ` [OE-core][dunfell 08/14] curl: Backport CVE fixes Steve Sakoman
2022-06-08 14:46 ` [OE-core][dunfell 09/14] curl: Fix CVE_CHECK_WHITELIST typo Steve Sakoman
2022-06-08 14:46 ` [OE-core][dunfell 10/14] cve-check: move update_symlinks to a library Steve Sakoman
2022-06-08 14:46 ` [OE-core][dunfell 11/14] cve-check: write empty fragment files in the text mode Steve Sakoman
2022-06-08 14:46 ` [OE-core][dunfell 12/14] cve-check: add coverage statistics on recipes with/without CVEs Steve Sakoman
2022-06-08 14:46 ` [OE-core][dunfell 13/14] cve-update-db-native: make it possible to disable database updates Steve Sakoman
2022-06-08 14:46 ` [OE-core][dunfell 14/14] linux-yocto/5.4: update to v5.4.196 Steve Sakoman
  -- strict thread matches above, loose matches on Subject: below --
2023-09-12 13:53 [OE-core][dunfell 00/14] Patch review Steve Sakoman
2023-08-25  2:47 Steve Sakoman
2023-06-22 15:31 Steve Sakoman
2023-08-02 12:05 ` Marta Rybczynska
2023-03-21 14:20 Steve Sakoman
2022-08-29 21:02 Steve Sakoman
2022-07-07 21:59 Steve Sakoman
2022-05-11 18:19 Steve Sakoman
2021-12-22 14:12 Steve Sakoman
     [not found] <16B6626DB9B02798.14836@lists.openembedded.org>
2021-11-11 14:16 ` Steve Sakoman
2021-11-11  4:08 Steve Sakoman
2021-06-28 15:05 Steve Sakoman
2021-06-29  0:13 ` [dunfell " Minjae Kim
2021-06-29 14:09   ` [OE-core] " Steve Sakoman
2020-10-22 15:51 [OE-core][dunfell " Steve Sakoman
2020-10-09 14:18 Steve Sakoman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=cover.1654699348.git.steve@sakoman.com \
    --to=steve@sakoman.com \
    --cc=openembedded-core@lists.openembedded.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox