[OE-core][kirkstone 00/30] Pull request (cover letter only)

["Steve Sakoman" <steve@sakoman.com>]

The following changes since commit eea52e0c3d24c79464f4afdbc3c397e1cb982231:

  build-appliance-image: Update to kirkstone head revision (2022-06-29 07:48:24 +0100)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/kirkstone-next
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-next

Ahmed Hossam (1):
  insane.bbclass: host-user-contaminated: Correct per package home path

Alexander Kanavin (3):
  wireless-regdb: upgrade 2022.04.08 -> 2022.06.06
  oeqa/sdk: drop the nativesdk-python 2.x test
  at: take tarballs from debian

David Bagonyi (1):
  sanity.bbclass: Add ftps to accepted URI protocols for mirrors sanity

Jose Quaresma (1):
  curl: backport openssl fix CN check error code

Kai Kang (1):
  glibc-tests: not clear BBCLASSEXTEND

Lee Chee Yang (1):
  ghostscript: fix CVE-2022-2085

Lucas Stach (1):
  perf: sort-pmuevents: really keep array terminators

Martin Jansa (1):
  wic: fix WicError message

Maxime Roussin-Bélanger (1):
  libffi: fix native build being not portable

Muhammad Hamza (1):
  initramfs-framework: move storage mounts to actual rootfs

Peter Bergin (1):
  rust: fix issue building cross-canadian tools for aarch64 on x86_64

Peter Kjellerstedt (1):
  base.bbclass: Correct the test for obsolete license exceptions

Pgowda (1):
  binutils : CVE-2019-1010204

Raju Kumar Pothuraju (1):
  kernel-uboot.bbclass: Use vmlinux.initramfs when
    INITRAMFS_IMAGE_BUNDLE set

Richard Purdie (8):
  unzip: Port debian fixes for two CVEs
  cve-extra-exclusions: Clean up and ignore three CVEs (2xqemu and nasm)
  vim: 8.2.5083 -> 9.0.0005
  openssl: Upgrade 3.0.3 -> 3.0.4
  coreutils: Tweak packaging variable names for coreutils-dev
  oeqa/runtime/scp: Disable scp test for dropbear
  packagegroup-core-ssh-dropbear: Add openssh-sftp-server recommendation
  oe-selftest-image: Ensure the image has sftp as well as dropbear

Ross Burton (3):
  cups: ignore CVE-2022-26691
  busybox: fix CVE-2022-30065
  cve-check: hook cleanup to the BuildCompleted event, not CookerExit

Steve Sakoman (2):
  openssh: break dependency on base package for -dev package
  dropbear: break dependency on base package for -dev package

Thomas Roos (1):
  recipetool/devtool: Fix python egg whitespace issues in PACKAGECONFIG

 .../recipes-test/images/oe-selftest-image.bb  |  2 +-
 meta/classes/base.bbclass                     |  4 +-
 meta/classes/cve-check.bbclass                |  2 +-
 meta/classes/insane.bbclass                   |  2 +-
 meta/classes/kernel-uboot.bbclass             |  6 ++
 meta/classes/sanity.bbclass                   |  2 +-
 .../distro/include/cve-extra-exclusions.inc   | 30 +++++-----
 meta/lib/oeqa/runtime/cases/scp.py            |  2 +-
 meta/lib/oeqa/sdk/cases/python.py             | 11 ----
 meta/lib/oeqa/selftest/cases/devtool.py       | 15 ++++-
 .../openssh/openssh_8.9p1.bb                  |  5 ++
 ...1-Configure-do-not-tweak-mips-cflags.patch | 10 ++--
 ...sysroot-and-debug-prefix-map-from-co.patch | 20 +++----
 ...ea88c3888cc5cb3ebc94ffcef706c68bc1d2.patch | 55 -------------------
 .../openssl/openssl/afalg.patch               | 10 ++--
 .../{openssl_3.0.3.bb => openssl_3.0.4.bb}    |  3 +-
 .../busybox/busybox/CVE-2022-30065.patch      | 29 ++++++++++
 meta/recipes-core/busybox/busybox_1.35.0.bb   |  1 +
 meta/recipes-core/coreutils/coreutils_9.0.bb  |  3 +-
 meta/recipes-core/dropbear/dropbear.inc       |  5 ++
 meta/recipes-core/glibc/glibc-tests_2.35.bb   |  5 +-
 .../initrdscripts/initramfs-framework/finish  |  9 +++
 .../packagegroup-core-ssh-dropbear.bb         |  1 +
 .../binutils/binutils-2.38.inc                |  1 +
 .../binutils/0014-CVE-2019-1010204.patch      | 49 +++++++++++++++++
 meta/recipes-devtools/rust/rust-common.inc    |  5 +-
 meta/recipes-extended/at/at_3.2.5.bb          |  2 +-
 meta/recipes-extended/cups/cups.inc           |  2 +
 .../ghostscript/CVE-2022-2085.patch           | 44 +++++++++++++++
 .../ghostscript/ghostscript_9.55.0.bb         |  1 +
 .../unzip/unzip/CVE-2022-0529.patch           | 39 +++++++++++++
 .../unzip/unzip/CVE-2022-0530.patch           | 33 +++++++++++
 meta/recipes-extended/unzip/unzip_6.0.bb      |  2 +
 .../perf/perf/sort-pmuevents.py               |  5 +-
 ....04.08.bb => wireless-regdb_2022.06.06.bb} |  2 +-
 ...0001-openssl-fix-CN-check-error-code.patch | 38 +++++++++++++
 meta/recipes-support/curl/curl_7.82.0.bb      |  1 +
 meta/recipes-support/libffi/libffi_3.4.2.bb   |  2 +-
 .../vim/{vim-tiny_8.2.bb => vim-tiny_9.0.bb}  |  0
 meta/recipes-support/vim/vim.inc              |  6 +-
 .../vim/{vim_8.2.bb => vim_9.0.bb}            |  0
 .../lib/recipetool/create_buildsys_python.py  | 13 +++++
 scripts/wic                                   |  2 +-
 43 files changed, 353 insertions(+), 126 deletions(-)
 delete mode 100644 meta/recipes-connectivity/openssl/openssl/770aea88c3888cc5cb3ebc94ffcef706c68bc1d2.patch
 rename meta/recipes-connectivity/openssl/{openssl_3.0.3.bb => openssl_3.0.4.bb} (98%)
 create mode 100644 meta/recipes-core/busybox/busybox/CVE-2022-30065.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0014-CVE-2019-1010204.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2022-2085.patch
 create mode 100644 meta/recipes-extended/unzip/unzip/CVE-2022-0529.patch
 create mode 100644 meta/recipes-extended/unzip/unzip/CVE-2022-0530.patch
 rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2022.04.08.bb => wireless-regdb_2022.06.06.bb} (94%)
 create mode 100644 meta/recipes-support/curl/curl/0001-openssl-fix-CN-check-error-code.patch
 rename meta/recipes-support/vim/{vim-tiny_8.2.bb => vim-tiny_9.0.bb} (100%)
 rename meta/recipes-support/vim/{vim_8.2.bb => vim_9.0.bb} (100%)

-- 
2.25.1