[OE-core][dunfell 0/9] Patch review

[OE-core][dunfell 0/9] Patch review

[Steve Sakoman]

PLease review this next set of patches for dunfell and have comments back by
end of day Thursday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/1603

The following changes since commit b4a92a20a683a74423fd5a833d5c016f63dba2b4:

  freetype: fix CVE-2020-15999, backport from 2.10.4 (2020-11-13 05:57:16 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Alexander Kanavin (2):
  ptest-runner: fix upstream version check
  glib-2.0: correct build with latest meson

Anibal Limon (1):
  ptest-runner: Bump to 2.4.0

Joshua Watt (3):
  classes/reproducible: Move to library code
  lib/oe/reproducible: Fix error when no git HEAD
  lib/oe/reproducible.py: Fix git HEAD check

Khem Raj (1):
  ptest-runner: Backport patch to fix inappropriate ioctl error

Mark Jonas (1):
  libbsd: Remove BSD-4-Clause from main package

Mingli Yu (1):
  python3: add ldconfig rdepends for python3-ctypes

 meta/classes/reproducible_build.bbclass       |  90 +--------------
 meta/lib/oe/reproducible.py                   | 104 ++++++++++++++++++
 .../glib-2.0/meson.cross.d/common-linux       |   2 +-
 meta/recipes-devtools/python/python3_3.8.2.bb |   1 +
 meta/recipes-support/libbsd/libbsd_0.10.0.bb  |   3 +-
 ...-runner_2.3.2.bb => ptest-runner_2.4.0.bb} |   5 +-
 6 files changed, 114 insertions(+), 91 deletions(-)
 create mode 100644 meta/lib/oe/reproducible.py
 rename meta/recipes-support/ptest-runner/{ptest-runner_2.3.2.bb => ptest-runner_2.4.0.bb} (87%)

-- 
2.17.1

[OE-core][dunfell 0/9] Patch review

[Steve Sakoman]

Please review this next set of patches for dunfell and have comments back by
Wednesday end of day.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/1648

The following changes since commit 071806feb195961e59069f778c9ae8f27a739d9a:

  e2fsprogs: Fix a ptest permissions determinism issue (2020-11-30 12:05:57 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Bruce Ashfield (8):
  linux-yocto/5.4: update to v5.4.71
  linux-yocto/5.4: update to v5.4.72
  linux-yocto/5.4: update to v5.4.73
  linux-yocto/5.4: config cleanup / warnings
  linux-yocto/5.4: update to v5.4.75
  linux-yocto/5.4: perf: Alias SYS_futex with SYS_futex_time64 on 32-bit
    arches with 64bit time_t
  linux-yocto/5.4: update to v5.4.78
  lttng-modules: add post 2.11.6 patches

Lee Chee Yang (1):
  go: update to 1.14.12

 meta/recipes-devtools/go/go-1.14.inc          |   5 +-
 ...t-CGO_LDFLAGS-to-appear-in-go-ldflag.patch |  98 ++++++
 .../linux/linux-yocto-rt_5.4.bb               |   6 +-
 .../linux/linux-yocto-tiny_5.4.bb             |   8 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  |  22 +-
 ...ncpy-equals-destination-size-warning.patch |  42 +++
 ...jtool-Rename-frame.h-objtool.h-v5.10.patch |  88 +++++
 ...oints-output-proper-root-owner-for-t.patch | 316 ++++++++++++++++++
 ...rdered-extent-tracepoint-take-btrfs_.patch | 179 ++++++++++
 ...ext4-fast-commit-recovery-path-v5.10.patch |  91 +++++
 ...intr-vectoring-info-and-error-code-t.patch | 124 +++++++
 ...x86-mmu-Add-TDP-MMU-PF-handler-v5.10.patch |  82 +++++
 ...Return-unique-RET_PF_-values-if-the-.patch |  71 ++++
 ...int-Optimize-using-static_call-v5.10.patch | 155 +++++++++
 ...-fix-include-order-for-older-kernels.patch |  31 ++
 .../0011-Add-release-maintainer-script.patch  |  59 ++++
 .../0012-Improve-the-release-script.patch     | 173 ++++++++++
 ...fix-ext4-fast-commit-recovery-path-v.patch |  32 ++
 ...-fix-include-order-for-older-kernels.patch |  32 ++
 ...fix-tracepoint-Optimize-using-static.patch |  46 +++
 ...ion-range-for-trace_find_free_extent.patch |  30 ++
 .../lttng/lttng-modules_2.11.6.bb             |  16 +
 22 files changed, 1686 insertions(+), 20 deletions(-)
 create mode 100644 meta/recipes-devtools/go/go-1.14/0010-cmd-go-permit-CGO_LDFLAGS-to-appear-in-go-ldflag.patch
 create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0001-fix-strncpy-equals-destination-size-warning.patch
 create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0002-fix-objtool-Rename-frame.h-objtool.h-v5.10.patch
 create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0003-fix-btrfs-tracepoints-output-proper-root-owner-for-t.patch
 create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0004-fix-btrfs-make-ordered-extent-tracepoint-take-btrfs_.patch
 create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0005-fix-ext4-fast-commit-recovery-path-v5.10.patch
 create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0006-fix-KVM-x86-Add-intr-vectoring-info-and-error-code-t.patch
 create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0007-fix-kvm-x86-mmu-Add-TDP-MMU-PF-handler-v5.10.patch
 create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0008-fix-KVM-x86-mmu-Return-unique-RET_PF_-values-if-the-.patch
 create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0009-fix-tracepoint-Optimize-using-static_call-v5.10.patch
 create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0010-fix-include-order-for-older-kernels.patch
 create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0011-Add-release-maintainer-script.patch
 create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0012-Improve-the-release-script.patch
 create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0013-fix-backport-of-fix-ext4-fast-commit-recovery-path-v.patch
 create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0014-Revert-fix-include-order-for-older-kernels.patch
 create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0015-fix-backport-of-fix-tracepoint-Optimize-using-static.patch
 create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0016-fix-adjust-version-range-for-trace_find_free_extent.patch

-- 
2.17.1

[OE-core][dunfell 0/9] Patch review

[Steve Sakoman]

Please review this next set of patches for dunfell and have comments back by
end of day Monday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/2570

The following changes since commit fcc609d3bafef2f63039dc54c0fd0eaf062710a1:

  rt-tests: set branch name in SRC_URI (2021-09-08 04:50:47 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Armin Kuster (2):
  xserver-xorg: Security fix for CVE-2020-14360/-25712
  go: Several Security fixes

Ovidiu Panait (2):
  dbus-test: Remove EXTRA_OECONF_X configs
  dbus,dbus-test: Move common parts to dbus.inc

Richard Purdie (2):
  flex: Add CVE-2019-6293 to exclusions for checks
  go: Exclude CVE-2021-29923 from report list

Wang Mingyu (3):
  dbus: upgrade 1.12.16 -> 1.12.18
  dbus-test: upgrade 1.12.16 -> 1.12.18
  dbus: upgrade 1.12.18 -> 1.12.20

 .../distro/include/cve-extra-exclusions.inc   |   4 -
 ...s-test_1.12.16.bb => dbus-test_1.12.20.bb} |  42 +----
 meta/recipes-core/dbus/dbus.inc               |  34 ++++
 .../dbus/dbus/CVE-2020-12049.patch            |  78 ---------
 .../dbus/{dbus_1.12.16.bb => dbus_1.12.20.bb} |  40 +----
 meta/recipes-devtools/flex/flex_2.6.4.bb      |   5 +
 meta/recipes-devtools/go/go-1.14.inc          |   9 ++
 .../go/go-1.14/CVE-2021-33196.patch           | 124 ++++++++++++++
 .../go/go-1.14/CVE-2021-33197.patch           | 152 ++++++++++++++++++
 .../go/go-1.14/CVE-2021-34558.patch           |  51 ++++++
 .../xserver-xorg/CVE-2020-14360.patch         | 132 +++++++++++++++
 .../xserver-xorg/CVE-2020-25712.patch         | 102 ++++++++++++
 .../xorg-xserver/xserver-xorg_1.20.8.bb       |   2 +
 13 files changed, 624 insertions(+), 151 deletions(-)
 rename meta/recipes-core/dbus/{dbus-test_1.12.16.bb => dbus-test_1.12.20.bb} (51%)
 create mode 100644 meta/recipes-core/dbus/dbus.inc
 delete mode 100644 meta/recipes-core/dbus/dbus/CVE-2020-12049.patch
 rename meta/recipes-core/dbus/{dbus_1.12.16.bb => dbus_1.12.20.bb} (75%)
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2021-33196.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2021-33197.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2021-34558.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14360.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-25712.patch

-- 
2.25.1

[OE-core][dunfell 0/9] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by end
of day Friday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3552

except for a known intermittent issue (the infamous ping issue), which passed on
subsequent re-test:

https://autobuilder.yoctoproject.org/typhoon/#/builders/63/builds/5054

The following changes since commit 8fd5133fc7f6bc84193ec6fcbc1746c59bfc8caf:

  libxshmfence: Correct LICENSE to HPND (2022-04-18 12:13:17 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Bruce Ashfield (5):
  linux-yocto/5.4: update to v5.4.182
  linux-yocto/5.4: update to v5.4.183
  linux-yocto/5.4: update to v5.4.186
  linux-yocto/5.4: update to v5.4.188
  linux-yocto/5.4: update to v5.4.190

Peter Kjellerstedt (1):
  u-boot: Correct the SRC_URI

Steve Sakoman (1):
  git update from 2.24.3 to 2.24.4

wangmy (1):
  linux-firmware: upgrade 20220310 -> 20220411

zhengruoqin (1):
  wireless-regdb: upgrade 2022.02.18 -> 2022.04.08

 meta/recipes-bsp/u-boot/u-boot-common.inc     |   4 +-
 .../git/files/CVE-2021-21300.patch            | 305 ------------------
 meta/recipes-devtools/git/git.inc             |   1 -
 .../git/{git_2.24.3.bb => git_2.24.4.bb}      |   4 +-
 ...20220310.bb => linux-firmware_20220411.bb} |   4 +-
 .../linux/linux-yocto-rt_5.4.bb               |   6 +-
 .../linux/linux-yocto-tiny_5.4.bb             |   8 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  |  22 +-
 ....02.18.bb => wireless-regdb_2022.04.08.bb} |   2 +-
 9 files changed, 25 insertions(+), 331 deletions(-)
 delete mode 100644 meta/recipes-devtools/git/files/CVE-2021-21300.patch
 rename meta/recipes-devtools/git/{git_2.24.3.bb => git_2.24.4.bb} (51%)
 rename meta/recipes-kernel/linux-firmware/{linux-firmware_20220310.bb => linux-firmware_20220411.bb} (99%)
 rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2022.02.18.bb => wireless-regdb_2022.04.08.bb} (94%)

-- 
2.25.1

[OE-core][dunfell 0/9] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by end
of day Wednesday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3600

with the exception of the meta-virtualization test which was just added
to a-full:

https://autobuilder.yoctoproject.org/typhoon/#/builders/128/builds/19

Note that the test passed for qemuarm and qemuarm64, but failed for qemux86-64.

I tried to refrain from commenting that the test was added by someone with an
arm.com address, but I couldn't help myself ;-) (looking at you Ross!)

I'm not going to hold up the review process on this, since this is a newly added test.

Any help fixing this for qemux86-64 would be much appreciated.

Steve

The following changes since commit bb3fc61f0d7f7bcd77ef194b76f4fdd8a7ff6aa5:

  scripts/contrib/oe-build-perf-report-email.py: remove obsolete check for phantomjs and optipng (2022-04-27 05:00:00 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Chen Qi (1):
  cases/buildepoxy.py: fix typo

Khem Raj (1):
  busybox: Use base_bindir instead of hardcoding /bin path

Paul Gortmaker (1):
  install/devshell: Introduce git intercept script due to fakeroot
    issues

Peter Kjellerstedt (1):
  devshell.bbclass: Allow devshell & pydevshell to use the network

Rahul Kumar (1):
  neard: Switch SRC_URI to git repo

Richard Purdie (2):
  base: Drop git intercept
  uninative: Upgrade to 3.6 with gcc 12 support

Ross Burton (2):
  python3: ignore CVE-2015-20107
  bitbake.conf: mark all directories as safe for git to read

 meta/classes/devshell.bbclass                 |  4 ++++
 meta/conf/bitbake.conf                        |  8 ++++++++
 meta/conf/distro/include/yocto-uninative.inc  |  8 ++++----
 meta/lib/oeqa/sdk/cases/buildepoxy.py         |  2 +-
 meta/recipes-connectivity/neard/neard_0.16.bb | 13 +++++++------
 meta/recipes-core/busybox/busybox.inc         |  2 +-
 .../recipes-devtools/python/python3_3.8.13.bb |  3 +++
 scripts/git-intercept/git                     | 19 +++++++++++++++++++
 8 files changed, 47 insertions(+), 12 deletions(-)
 create mode 100755 scripts/git-intercept/git

-- 
2.25.1

[OE-core][dunfell 0/9] Patch review

[Steve Sakoman]

Please review this set of changes for dunfell and have comments back by end
of day Thursday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3677

The following changes since commit 0f6ae13d76129d96f788b7ede312cfc361ee2bda:

  scripts/git: Ensure we don't have circular references (2022-05-10 08:23:12 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Dmitry Baryshkov (1):
  linux-firmware: upgrade 20220411 -> 20220509

Konrad Weihmann (1):
  linux-firmware: replace mkdir by install

Ranjitsinh Rathod (4):
  tiff: Add patches to fix multiple CVEs
  freetype: Fix CVEs for freetype
  git: Use CVE_CHECK_WHITELIST instead of CVE_CHECK_IGNORE
  openssl: Minor security upgrade 1.1.1n to 1.1.1o

Richard Purdie (1):
  vim: Upgrade 8.2.4681 -> 8.2.4912

Sana Kazi (1):
  curl: Fix CVEs for curl

Steve Sakoman (1):
  selftest: skip virgl test on alma 8.6

 meta/lib/oeqa/selftest/cases/runtime_test.py  |   2 +
 .../{openssl_1.1.1n.bb => openssl_1.1.1o.bb}  |   2 +-
 meta/recipes-devtools/git/git.inc             |   2 +-
 .../freetype/freetype/CVE-2022-27404.patch    |  33 ++++
 .../freetype/freetype/CVE-2022-27405.patch    |  38 +++++
 .../freetype/freetype/CVE-2022-27406.patch    |  31 ++++
 .../freetype/freetype_2.10.1.bb               |   3 +
 ...01-Makefile-replace-mkdir-by-install.patch |  84 ++++++++++
 ...20220411.bb => linux-firmware_20220509.bb} |   9 +-
 .../libtiff/files/CVE-2022-0865.patch         |  39 +++++
 .../libtiff/files/CVE-2022-0907.patch         |  94 +++++++++++
 .../libtiff/files/CVE-2022-0908.patch         |  34 ++++
 .../libtiff/files/CVE-2022-0909.patch         |  37 +++++
 .../libtiff/files/CVE-2022-0924.patch         |  58 +++++++
 meta/recipes-multimedia/libtiff/tiff_4.1.0.bb |   5 +
 .../curl/curl/CVE-2022-22576.patch            | 148 ++++++++++++++++++
 .../curl/curl/CVE-2022-27775.patch            |  39 +++++
 .../curl/curl/CVE-2022-27776.patch            | 114 ++++++++++++++
 meta/recipes-support/curl/curl_7.69.1.bb      |   3 +
 meta/recipes-support/vim/vim.inc              |   4 +-
 20 files changed, 772 insertions(+), 7 deletions(-)
 rename meta/recipes-connectivity/openssl/{openssl_1.1.1n.bb => openssl_1.1.1o.bb} (98%)
 create mode 100644 meta/recipes-graphics/freetype/freetype/CVE-2022-27404.patch
 create mode 100644 meta/recipes-graphics/freetype/freetype/CVE-2022-27405.patch
 create mode 100644 meta/recipes-graphics/freetype/freetype/CVE-2022-27406.patch
 create mode 100644 meta/recipes-kernel/linux-firmware/files/0001-Makefile-replace-mkdir-by-install.patch
 rename meta/recipes-kernel/linux-firmware/{linux-firmware_20220411.bb => linux-firmware_20220509.bb} (99%)
 create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2022-0865.patch
 create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2022-0907.patch
 create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2022-0908.patch
 create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2022-0909.patch
 create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2022-0924.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2022-22576.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27775.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2022-27776.patch

-- 
2.25.1

[OE-core][dunfell 0/9] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by end
of day Thursday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4224

The following changes since commit c9a9d5a1f7fbe88422ccee542a89afbc4c5336e4:

  vim: Upgrade 9.0.0242 -> 9.0.0341 (2022-09-07 04:40:43 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Chee Yang Lee (3):
  connman: fix CVE-2022-32292
  gnutls: fix CVE-2021-4209
  virglrenderer: fix CVE-2022-0135

Florin Diaconescu (1):
  binutils : CVE-2022-38533

Khan@kpit.com (1):
  python3: Fix CVE-2021-28861 for python3

Virendra Thakur (1):
  tiff: Fix for CVE-2022-2867/8/9

Yi Zhao (1):
  tiff: Security fixes CVE-2022-1354 and CVE-2022-1355

niko.mauno@vaisala.com (2):
  systemd: Fix unwritable /var/lock when no sysvinit handling
  systemd: Add 'no-dns-fallback' PACKAGECONFIG option

 .../connman/connman/CVE-2022-32292.patch      |  37 +++
 .../connman/connman_1.37.bb                   |   1 +
 .../systemd/systemd/00-create-volatile.conf   |   1 +
 meta/recipes-core/systemd/systemd_244.5.bb    |   1 +
 .../binutils/binutils-2.34.inc                |   1 +
 .../binutils/binutils/CVE-2022-38533.patch    |  37 +++
 .../python/python3/CVE-2021-28861.patch       | 135 +++++++++++
 .../recipes-devtools/python/python3_3.8.13.bb |   1 +
 .../virglrenderer/CVE-2022-0135.patch         | 100 +++++++++
 .../virglrenderer/virglrenderer_0.8.2.bb      |   1 +
 ...022-2867-CVE-2022-2868-CVE-2022-2869.patch | 159 +++++++++++++
 .../libtiff/tiff/CVE-2022-1354.patch          | 212 ++++++++++++++++++
 .../libtiff/tiff/CVE-2022-1355.patch          |  62 +++++
 meta/recipes-multimedia/libtiff/tiff_4.1.0.bb |   3 +
 .../gnutls/gnutls/CVE-2021-4209.patch         |  37 +++
 meta/recipes-support/gnutls/gnutls_3.6.14.bb  |   1 +
 16 files changed, 789 insertions(+)
 create mode 100644 meta/recipes-connectivity/connman/connman/CVE-2022-32292.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2022-38533.patch
 create mode 100644 meta/recipes-devtools/python/python3/CVE-2021-28861.patch
 create mode 100644 meta/recipes-graphics/virglrenderer/virglrenderer/CVE-2022-0135.patch
 create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2022-2867-CVE-2022-2868-CVE-2022-2869.patch
 create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2022-1354.patch
 create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2022-1355.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2021-4209.patch

-- 
2.25.1

[OE-core][dunfell 0/9] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by
end of day Monday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4330

The following changes since commit dbad46a0079843b380cf3dda6008b12ab9526688:

  build-appliance-image: Update to dunfell head revision (2022-10-06 23:23:20 +0100)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Hitendra Prajapati (2):
  dhcp: Fix CVE-2022-2928 & CVE-2022-2929
  qemu: CVE-2021-3750 hcd-ehci: DMA reentrancy issue leads to
    use-after-free

John Edward Broadbent (1):
  externalsrc: git submodule--helper list unsupported

Michael Halstead (1):
  uninative: Upgrade to 3.7 to work with glibc 2.36

Richard Purdie (1):
  qemu: Avoid accidental librdmacm linkage

Steve Sakoman (3):
  selftest: skip virgl test on ubuntu 22.04
  qemu: Avoid accidental libvdeplug linkage
  qemu: Add PACKAGECONFIG for rbd

Tim Orling (1):
  python3: upgrade 3.8.13 -> 3.8.14

 meta/classes/externalsrc.bbclass              |  19 +-
 meta/conf/distro/include/yocto-uninative.inc  |  10 +-
 meta/lib/oeqa/selftest/cases/runtime_test.py  |   2 +
 .../dhcp/dhcp/CVE-2022-2928.patch             | 120 ++++++++++++
 .../dhcp/dhcp/CVE-2022-2929.patch             |  40 ++++
 meta/recipes-connectivity/dhcp/dhcp_4.4.2.bb  |   2 +
 .../python/python3/CVE-2021-28861.patch       | 135 -------------
 .../{python3_3.8.13.bb => python3_3.8.14.bb}  |   5 +-
 meta/recipes-devtools/qemu/qemu.inc           |   4 +
 .../qemu/qemu/CVE-2021-3750.patch             | 180 ++++++++++++++++++
 10 files changed, 365 insertions(+), 152 deletions(-)
 create mode 100644 meta/recipes-connectivity/dhcp/dhcp/CVE-2022-2928.patch
 create mode 100644 meta/recipes-connectivity/dhcp/dhcp/CVE-2022-2929.patch
 delete mode 100644 meta/recipes-devtools/python/python3/CVE-2021-28861.patch
 rename meta/recipes-devtools/python/{python3_3.8.13.bb => python3_3.8.14.bb} (98%)
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3750.patch

-- 
2.25.1

[OE-core][dunfell 1/9] dhcp: Fix CVE-2022-2928 & CVE-2022-2929

[Steve Sakoman]

From: Hitendra Prajapati <hprajapati@mvista.com>

Source: https://downloads.isc.org/isc/dhcp
MR: 122797, 122812
Type: Security Fix
Disposition: Backport from https://downloads.isc.org/isc/dhcp/4.4.3-P1/patches/
ChangeID: 31490133cae8fc9c77073f9023955d3ff39c0b6e
Description:

Fixed CVEs:
	1. CVE-2022-2928
	2. CVE-2022-2929

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../dhcp/dhcp/CVE-2022-2928.patch             | 120 ++++++++++++++++++
 .../dhcp/dhcp/CVE-2022-2929.patch             |  40 ++++++
 meta/recipes-connectivity/dhcp/dhcp_4.4.2.bb  |   2 +
 3 files changed, 162 insertions(+)
 create mode 100644 meta/recipes-connectivity/dhcp/dhcp/CVE-2022-2928.patch
 create mode 100644 meta/recipes-connectivity/dhcp/dhcp/CVE-2022-2929.patch

diff --git a/meta/recipes-connectivity/dhcp/dhcp/CVE-2022-2928.patch b/meta/recipes-connectivity/dhcp/dhcp/CVE-2022-2928.patch
new file mode 100644
index 0000000000..11f162cbda
--- /dev/null
+++ b/meta/recipes-connectivity/dhcp/dhcp/CVE-2022-2928.patch
@@ -0,0 +1,120 @@
+From 8a5d739eea10ee6e193f053b1662142d5657cbc6 Mon Sep 17 00:00:00 2001
+From: Hitendra Prajapati <hprajapati@mvista.com>
+Date: Thu, 6 Oct 2022 09:39:18 +0530
+Subject: [PATCH] CVE-2022-2928
+
+Upstream-Status: Backport [https://downloads.isc.org/isc/dhcp/4.4.3-P1/patches/]
+CVE: CVE-2022-2928
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ common/options.c               |  7 +++++
+ common/tests/option_unittest.c | 54 ++++++++++++++++++++++++++++++++++
+ 2 files changed, 61 insertions(+)
+
+diff --git a/common/options.c b/common/options.c
+index a7ed84c..4e53bb4 100644
+--- a/common/options.c
++++ b/common/options.c
+@@ -4452,6 +4452,8 @@ add_option(struct option_state *options,
+ 	if (!option_cache_allocate(&oc, MDL)) {
+ 		log_error("No memory for option cache adding %s (option %d).",
+ 			  option->name, option_num);
++		/* Get rid of reference created during hash lookup. */
++		option_dereference(&option, MDL);
+ 		return 0;
+ 	}
+ 
+@@ -4463,6 +4465,8 @@ add_option(struct option_state *options,
+ 			     MDL)) {
+ 		log_error("No memory for constant data adding %s (option %d).",
+ 			  option->name, option_num);
++		/* Get rid of reference created during hash lookup. */
++		option_dereference(&option, MDL);
+ 		option_cache_dereference(&oc, MDL);
+ 		return 0;
+ 	}
+@@ -4471,6 +4475,9 @@ add_option(struct option_state *options,
+ 	save_option(&dhcp_universe, options, oc);
+ 	option_cache_dereference(&oc, MDL);
+ 
++	/* Get rid of reference created during hash lookup. */
++	option_dereference(&option, MDL);
++
+ 	return 1;
+ }
+ 
+diff --git a/common/tests/option_unittest.c b/common/tests/option_unittest.c
+index cd52cfb..690704d 100644
+--- a/common/tests/option_unittest.c
++++ b/common/tests/option_unittest.c
+@@ -130,6 +130,59 @@ ATF_TC_BODY(pretty_print_option, tc)
+ }
+ 
+ 
++ATF_TC(add_option_ref_cnt);
++
++ATF_TC_HEAD(add_option_ref_cnt, tc)
++{
++    atf_tc_set_md_var(tc, "descr",
++        "Verify add_option() does not leak option ref counts.");
++}
++
++ATF_TC_BODY(add_option_ref_cnt, tc)
++{
++    struct option_state *options = NULL;
++    struct option *option = NULL;
++    unsigned int cid_code = DHO_DHCP_CLIENT_IDENTIFIER;
++    char *cid_str = "1234";
++    int refcnt_before = 0;
++
++    // Look up the option we're going to add.
++    initialize_common_option_spaces();
++    if (!option_code_hash_lookup(&option, dhcp_universe.code_hash,
++                                 &cid_code, 0, MDL)) {
++        atf_tc_fail("cannot find option definition?");
++    }
++
++    // Get the option's reference count before we call add_options.
++    refcnt_before = option->refcnt;
++
++    // Allocate a option_state to which to add an option.
++    if (!option_state_allocate(&options, MDL)) {
++	    atf_tc_fail("cannot allocat options state");
++    }
++
++    // Call add_option() to add the option to the option state.
++    if (!add_option(options, cid_code, cid_str, strlen(cid_str))) {
++	    atf_tc_fail("add_option returned 0");
++    }
++
++    // Verify that calling add_option() only adds 1 to the option ref count.
++    if (option->refcnt != (refcnt_before + 1)) {
++        atf_tc_fail("after add_option(), count is wrong, before %d, after: %d",
++                    refcnt_before, option->refcnt);
++    }
++
++    // Derefrence the option_state, this should reduce the ref count to
++    // it's starting value.
++    option_state_dereference(&options, MDL);
++
++    // Verify that dereferencing option_state restores option ref count.
++    if (option->refcnt != refcnt_before) {
++        atf_tc_fail("after state deref, count is wrong, before %d, after: %d",
++                    refcnt_before, option->refcnt);
++    }
++}
++
+ /* This macro defines main() method that will call specified
+    test cases. tp and simple_test_case names can be whatever you want
+    as long as it is a valid variable identifier. */
+@@ -137,6 +190,7 @@ ATF_TP_ADD_TCS(tp)
+ {
+     ATF_TP_ADD_TC(tp, option_refcnt);
+     ATF_TP_ADD_TC(tp, pretty_print_option);
++    ATF_TP_ADD_TC(tp, add_option_ref_cnt);
+ 
+     return (atf_no_error());
+ }
+-- 
+2.25.1
+
diff --git a/meta/recipes-connectivity/dhcp/dhcp/CVE-2022-2929.patch b/meta/recipes-connectivity/dhcp/dhcp/CVE-2022-2929.patch
new file mode 100644
index 0000000000..d605204f89
--- /dev/null
+++ b/meta/recipes-connectivity/dhcp/dhcp/CVE-2022-2929.patch
@@ -0,0 +1,40 @@
+From 5c959166ebee7605e2048de573f2475b4d731ff7 Mon Sep 17 00:00:00 2001
+From: Hitendra Prajapati <hprajapati@mvista.com>
+Date: Thu, 6 Oct 2022 09:42:59 +0530
+Subject: [PATCH] CVE-2022-2929
+
+Upstream-Status: Backport [https://downloads.isc.org/isc/dhcp/4.4.3-P1/patches/]
+CVE: CVE-2022-2929
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ common/options.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/common/options.c b/common/options.c
+index 4e53bb4..28800fc 100644
+--- a/common/options.c
++++ b/common/options.c
+@@ -454,16 +454,16 @@ int fqdn_universe_decode (struct option_state *options,
+ 		while (s < &bp -> data[0] + length + 2) {
+ 			len = *s;
+ 			if (len > 63) {
+-				log_info ("fancy bits in fqdn option");
+-				return 0;
++				log_info ("label length exceeds 63 in fqdn option");
++				goto bad;
+ 			}
+ 			if (len == 0) {
+ 				terminated = 1;
+ 				break;
+ 			}
+ 			if (s + len > &bp -> data [0] + length + 3) {
+-				log_info ("fqdn tag longer than buffer");
+-				return 0;
++				log_info ("fqdn label longer than buffer");
++				goto bad;
+ 			}
+ 
+ 			if (first_len == 0) {
+-- 
+2.25.1
+
diff --git a/meta/recipes-connectivity/dhcp/dhcp_4.4.2.bb b/meta/recipes-connectivity/dhcp/dhcp_4.4.2.bb
index 5609a350cc..d3c87d0d07 100644
--- a/meta/recipes-connectivity/dhcp/dhcp_4.4.2.bb
+++ b/meta/recipes-connectivity/dhcp/dhcp_4.4.2.bb
@@ -11,6 +11,8 @@ SRC_URI += "file://0001-define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.pat
             file://0013-fixup_use_libbind.patch \
             file://0001-workaround-busybox-limitation-in-linux-dhclient-script.patch \
             file://CVE-2021-25217.patch \
+            file://CVE-2022-2928.patch \
+            file://CVE-2022-2929.patch \
 "
 
 SRC_URI[md5sum] = "2afdaf8498dc1edaf3012efdd589b3e1"
-- 
2.25.1

[OE-core][dunfell 2/9] qemu: CVE-2021-3750 hcd-ehci: DMA reentrancy issue leads to use-after-free

[Steve Sakoman]

From: Hitendra Prajapati <hprajapati@mvista.com>

Source: https://git.qemu.org/?p=qemu.git
MR: 117886
Type: Security Fix
Disposition: Backport from https://git.qemu.org/?p=qemu.git;a=commit;h=b9d383ab797f54ae5fa8746117770709921dc529 && https://git.qemu.org/?p=qemu.git;a=commit;h=3ab6fdc91b72e156da22848f0003ff4225690ced && https://git.qemu.org/?p=qemu.git;a=commit;h=58e74682baf4e1ad26b064d8c02e5bc99c75c5d9
ChangeID: 3af901d20ad8ff389468eda2c53b4943e3a77bb8
Description:
	CVE-2021-3750 QEMU: hcd-ehci: DMA reentrancy issue leads to use-after-free.

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/qemu/qemu.inc           |   1 +
 .../qemu/qemu/CVE-2021-3750.patch             | 180 ++++++++++++++++++
 2 files changed, 181 insertions(+)
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3750.patch

diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index 368be9979a..3c0b34d851 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -111,6 +111,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \
            file://CVE-2021-4207.patch \
            file://CVE-2022-0216-1.patch \
            file://CVE-2022-0216-2.patch \
+           file://CVE-2021-3750.patch \
            "
 UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar"
 
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-3750.patch b/meta/recipes-devtools/qemu/qemu/CVE-2021-3750.patch
new file mode 100644
index 0000000000..43630e71fb
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-3750.patch
@@ -0,0 +1,180 @@
+From 1938fbc7ec197e2612ab2ce36dd69bff19208aa5 Mon Sep 17 00:00:00 2001
+From: Hitendra Prajapati <hprajapati@mvista.com>
+Date: Mon, 10 Oct 2022 17:44:41 +0530
+Subject: [PATCH] CVE-2021-3750
+
+Upstream-Status: Backport [https://git.qemu.org/?p=qemu.git;a=commit;h=b9d383ab797f54ae5fa8746117770709921dc529 && https://git.qemu.org/?p=qemu.git;a=commit;h=3ab6fdc91b72e156da22848f0003ff4225690ced && https://git.qemu.org/?p=qemu.git;a=commit;h=58e74682baf4e1ad26b064d8c02e5bc99c75c5d9]
+CVE: CVE-2021-3750
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ exec.c                     | 55 +++++++++++++++++++++++++++++++-------
+ hw/intc/arm_gicv3_redist.c |  4 +--
+ include/exec/memattrs.h    |  9 +++++++
+ 3 files changed, 56 insertions(+), 12 deletions(-)
+
+diff --git a/exec.c b/exec.c
+index 1360051a..10581d8d 100644
+--- a/exec.c
++++ b/exec.c
+@@ -39,6 +39,7 @@
+ #include "qemu/config-file.h"
+ #include "qemu/error-report.h"
+ #include "qemu/qemu-print.h"
++#include "qemu/log.h"
+ #if defined(CONFIG_USER_ONLY)
+ #include "qemu.h"
+ #else /* !CONFIG_USER_ONLY */
+@@ -3118,6 +3119,33 @@ static bool prepare_mmio_access(MemoryRegion *mr)
+     return release_lock;
+ }
+ 
++/**
+++ * flatview_access_allowed
+++ * @mr: #MemoryRegion to be accessed
+++ * @attrs: memory transaction attributes
+++ * @addr: address within that memory region
+++ * @len: the number of bytes to access
+++ *
+++ * Check if a memory transaction is allowed.
+++ *
+++ * Returns: true if transaction is allowed, false if denied.
+++ */
++static bool flatview_access_allowed(MemoryRegion *mr, MemTxAttrs attrs,
++                                    hwaddr addr, hwaddr len)
++{
++    if (likely(!attrs.memory)) {
++        return true;
++    }
++    if (memory_region_is_ram(mr)) {
++        return true;
++    }
++    qemu_log_mask(LOG_GUEST_ERROR,
++                  "Invalid access to non-RAM device at "
++                  "addr 0x%" HWADDR_PRIX ", size %" HWADDR_PRIu ", "
++                  "region '%s'\n", addr, len, memory_region_name(mr));
++    return false;
++}
++
+ /* Called within RCU critical section.  */
+ static MemTxResult flatview_write_continue(FlatView *fv, hwaddr addr,
+                                            MemTxAttrs attrs,
+@@ -3131,7 +3159,10 @@ static MemTxResult flatview_write_continue(FlatView *fv, hwaddr addr,
+     bool release_lock = false;
+ 
+     for (;;) {
+-        if (!memory_access_is_direct(mr, true)) {
++	if (!flatview_access_allowed(mr, attrs, addr1, l)) {
++            result |= MEMTX_ACCESS_ERROR;
++            /* Keep going. */
++        } else if (!memory_access_is_direct(mr, true)) {
+             release_lock |= prepare_mmio_access(mr);
+             l = memory_access_size(mr, l, addr1);
+             /* XXX: could force current_cpu to NULL to avoid
+@@ -3173,14 +3204,14 @@ static MemTxResult flatview_write(FlatView *fv, hwaddr addr, MemTxAttrs attrs,
+     hwaddr l;
+     hwaddr addr1;
+     MemoryRegion *mr;
+-    MemTxResult result = MEMTX_OK;
+ 
+     l = len;
+     mr = flatview_translate(fv, addr, &addr1, &l, true, attrs);
+-    result = flatview_write_continue(fv, addr, attrs, buf, len,
+-                                     addr1, l, mr);
+-
+-    return result;
++    if (!flatview_access_allowed(mr, attrs, addr, len)) {
++        return MEMTX_ACCESS_ERROR;
++    }
++    return flatview_write_continue(fv, addr, attrs, buf, len,
++                                   addr1, l, mr);
+ }
+ 
+ /* Called within RCU critical section.  */
+@@ -3195,7 +3226,10 @@ MemTxResult flatview_read_continue(FlatView *fv, hwaddr addr,
+     bool release_lock = false;
+ 
+     for (;;) {
+-        if (!memory_access_is_direct(mr, false)) {
++        if (!flatview_access_allowed(mr, attrs, addr1, l)) {
++            result |= MEMTX_ACCESS_ERROR;
++            /* Keep going. */
++        } else if (!memory_access_is_direct(mr, false)) {
+             /* I/O case */
+             release_lock |= prepare_mmio_access(mr);
+             l = memory_access_size(mr, l, addr1);
+@@ -3238,6 +3272,9 @@ static MemTxResult flatview_read(FlatView *fv, hwaddr addr,
+ 
+     l = len;
+     mr = flatview_translate(fv, addr, &addr1, &l, false, attrs);
++    if (!flatview_access_allowed(mr, attrs, addr, len)) {
++        return MEMTX_ACCESS_ERROR;
++    }
+     return flatview_read_continue(fv, addr, attrs, buf, len,
+                                   addr1, l, mr);
+ }
+@@ -3474,12 +3511,10 @@ bool address_space_access_valid(AddressSpace *as, hwaddr addr,
+                                 MemTxAttrs attrs)
+ {
+     FlatView *fv;
+-    bool result;
+ 
+     RCU_READ_LOCK_GUARD();
+     fv = address_space_to_flatview(as);
+-    result = flatview_access_valid(fv, addr, len, is_write, attrs);
+-    return result;
++    return flatview_access_valid(fv, addr, len, is_write, attrs);
+ }
+ 
+ static hwaddr
+diff --git a/hw/intc/arm_gicv3_redist.c b/hw/intc/arm_gicv3_redist.c
+index 8645220d..44368e28 100644
+--- a/hw/intc/arm_gicv3_redist.c
++++ b/hw/intc/arm_gicv3_redist.c
+@@ -450,7 +450,7 @@ MemTxResult gicv3_redist_read(void *opaque, hwaddr offset, uint64_t *data,
+         break;
+     }
+ 
+-    if (r == MEMTX_ERROR) {
++    if (r != MEMTX_OK) {
+         qemu_log_mask(LOG_GUEST_ERROR,
+                       "%s: invalid guest read at offset " TARGET_FMT_plx
+                       "size %u\n", __func__, offset, size);
+@@ -507,7 +507,7 @@ MemTxResult gicv3_redist_write(void *opaque, hwaddr offset, uint64_t data,
+         break;
+     }
+ 
+-    if (r == MEMTX_ERROR) {
++    if (r != MEMTX_OK) {
+         qemu_log_mask(LOG_GUEST_ERROR,
+                       "%s: invalid guest write at offset " TARGET_FMT_plx
+                       "size %u\n", __func__, offset, size);
+diff --git a/include/exec/memattrs.h b/include/exec/memattrs.h
+index 95f2d20d..9fb98bc1 100644
+--- a/include/exec/memattrs.h
++++ b/include/exec/memattrs.h
+@@ -35,6 +35,14 @@ typedef struct MemTxAttrs {
+     unsigned int secure:1;
+     /* Memory access is usermode (unprivileged) */
+     unsigned int user:1;
++    /*
++     * Bus interconnect and peripherals can access anything (memories,
++     * devices) by default. By setting the 'memory' bit, bus transaction
++     * are restricted to "normal" memories (per the AMBA documentation)
++     * versus devices. Access to devices will be logged and rejected
++     * (see MEMTX_ACCESS_ERROR).
++     */
++    unsigned int memory:1;
+     /* Requester ID (for MSI for example) */
+     unsigned int requester_id:16;
+     /* Invert endianness for this page */
+@@ -66,6 +74,7 @@ typedef struct MemTxAttrs {
+ #define MEMTX_OK 0
+ #define MEMTX_ERROR             (1U << 0) /* device returned an error */
+ #define MEMTX_DECODE_ERROR      (1U << 1) /* nothing at that address */
++#define MEMTX_ACCESS_ERROR      (1U << 2) /* access denied */
+ typedef uint32_t MemTxResult;
+ 
+ #endif
+-- 
+2.25.1
+
-- 
2.25.1

[OE-core][dunfell 3/9] python3: upgrade 3.8.13 -> 3.8.14

[Steve Sakoman]

From: Tim Orling <ticotimo@gmail.com>

Security and bug fixes.

* Drop CVE-2021-28861.patch as it was merged in 3.8.14 release.

Fixes:
  * CVE-2020-10735
    https://nvd.nist.gov/vuln/detail/CVE-2020-10735
  * CVE-2021-28861
    https://nvd.nist.gov/vuln/detail/CVE-2021-28861
  * CVE-2018-25032
    https://nvd.nist.gov/vuln/detail/CVE-2018-25032

Python 3.8.14
Release Date: Sept. 6, 2022

This is a security release of Python 3.8
Note: The release you're looking at is Python 3.8.14, a security bugfix
      release for the legacy 3.8 series. Python 3.10 is now the latest
      feature release series of Python 3.

Security content in this release
CVE-2020-10735: converting between int and str in bases other than
  2 (binary), 4, 8 (octal), 16 (hexadecimal), or 32 such as base
  10 (decimal) now raises a ValueError if the number of digits in string
  form is above a limit to avoid potential denial of service attacks due
  to the algorithmic complexity.
gh-87389: http.server: Fix an open redirection vulnerability in the HTTP
  server when an URI path starts with //.
gh-93065: Fix contextvars HAMT implementation to handle iteration over
  deep trees to avoid a potential crash of the interpreter.
gh-90355: Fix ensurepip environment isolation for the subprocess running
  pip.
gh-80254: Raise ProgrammingError instead of segfaulting on recursive usage
  of cursors in sqlite3 converters.

Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../python/python3/CVE-2021-28861.patch       | 135 ------------------
 .../{python3_3.8.13.bb => python3_3.8.14.bb}  |   5 +-
 2 files changed, 2 insertions(+), 138 deletions(-)
 delete mode 100644 meta/recipes-devtools/python/python3/CVE-2021-28861.patch
 rename meta/recipes-devtools/python/{python3_3.8.13.bb => python3_3.8.14.bb} (98%)

diff --git a/meta/recipes-devtools/python/python3/CVE-2021-28861.patch b/meta/recipes-devtools/python/python3/CVE-2021-28861.patch
deleted file mode 100644
index dc97c6b4eb..0000000000
--- a/meta/recipes-devtools/python/python3/CVE-2021-28861.patch
+++ /dev/null
@@ -1,135 +0,0 @@
-From 4dc2cae3abd75f386374d0635d00443b897d0672 Mon Sep 17 00:00:00 2001
-From: "Miss Islington (bot)"
- <31488909+miss-islington@users.noreply.github.com>
-Date: Wed, 22 Jun 2022 01:42:52 -0700
-Subject: [PATCH] gh-87389: Fix an open redirection vulnerability in
- http.server. (GH-93879) (GH-94094)
-
-Fix an open redirection vulnerability in the `http.server` module when
-an URI path starts with `//` that could produce a 301 Location header
-with a misleading target.  Vulnerability discovered, and logic fix
-proposed, by Hamza Avvan (@hamzaavvan).
-
-Test and comments authored by Gregory P. Smith [Google].
-(cherry picked from commit 4abab6b603dd38bec1168e9a37c40a48ec89508e)
-
-Co-authored-by: Gregory P. Smith <greg@krypto.org>
-
-Signed-off-by: Riyaz Khan <Riyaz.Khan@kpit.com>
-
-CVE: CVE-2021-28861
-
-Upstream-Status: Backport [https://github.com/python/cpython/commit/4dc2cae3abd75f386374d0635d00443b897d0672]
-
----
- Lib/http/server.py                            |  7 +++
- Lib/test/test_httpservers.py                  | 53 ++++++++++++++++++-
- ...2-06-15-20-09-23.gh-issue-87389.QVaC3f.rst |  3 ++
- 3 files changed, 61 insertions(+), 2 deletions(-)
- create mode 100644 Misc/NEWS.d/next/Security/2022-06-15-20-09-23.gh-issue-87389.QVaC3f.rst
-
-diff --git a/Lib/http/server.py b/Lib/http/server.py
-index 38f7accad7a3..39de35458c38 100644
---- a/Lib/http/server.py
-+++ b/Lib/http/server.py
-@@ -332,6 +332,13 @@ def parse_request(self):
-                 return False
-         self.command, self.path = command, path
- 
-+        # gh-87389: The purpose of replacing '//' with '/' is to protect
-+        # against open redirect attacks possibly triggered if the path starts
-+        # with '//' because http clients treat //path as an absolute URI
-+        # without scheme (similar to http://path) rather than a path.
-+        if self.path.startswith('//'):
-+            self.path = '/' + self.path.lstrip('/')  # Reduce to a single /
-+
-         # Examine the headers and look for a Connection directive.
-         try:
-             self.headers = http.client.parse_headers(self.rfile,
-diff --git a/Lib/test/test_httpservers.py b/Lib/test/test_httpservers.py
-index 87d4924a34b3..fb026188f0b4 100644
---- a/Lib/test/test_httpservers.py
-+++ b/Lib/test/test_httpservers.py
-@@ -330,7 +330,7 @@ class request_handler(NoLogRequestHandler, SimpleHTTPRequestHandler):
-         pass
- 
-     def setUp(self):
--        BaseTestCase.setUp(self)
-+        super().setUp()
-         self.cwd = os.getcwd()
-         basetempdir = tempfile.gettempdir()
-         os.chdir(basetempdir)
-@@ -358,7 +358,7 @@ def tearDown(self):
-             except:
-                 pass
-         finally:
--            BaseTestCase.tearDown(self)
-+            super().tearDown()
- 
-     def check_status_and_reason(self, response, status, data=None):
-         def close_conn():
-@@ -414,6 +414,55 @@ def test_undecodable_filename(self):
-         self.check_status_and_reason(response, HTTPStatus.OK,
-                                      data=support.TESTFN_UNDECODABLE)
- 
-+    def test_get_dir_redirect_location_domain_injection_bug(self):
-+        """Ensure //evil.co/..%2f../../X does not put //evil.co/ in Location.
-+
-+        //netloc/ in a Location header is a redirect to a new host.
-+        https://github.com/python/cpython/issues/87389
-+
-+        This checks that a path resolving to a directory on our server cannot
-+        resolve into a redirect to another server.
-+        """
-+        os.mkdir(os.path.join(self.tempdir, 'existing_directory'))
-+        url = f'/python.org/..%2f..%2f..%2f..%2f..%2f../%0a%0d/../{self.tempdir_name}/existing_directory'
-+        expected_location = f'{url}/'  # /python.org.../ single slash single prefix, trailing slash
-+        # Canonicalizes to /tmp/tempdir_name/existing_directory which does
-+        # exist and is a dir, triggering the 301 redirect logic.
-+        response = self.request(url)
-+        self.check_status_and_reason(response, HTTPStatus.MOVED_PERMANENTLY)
-+        location = response.getheader('Location')
-+        self.assertEqual(location, expected_location, msg='non-attack failed!')
-+
-+        # //python.org... multi-slash prefix, no trailing slash
-+        attack_url = f'/{url}'
-+        response = self.request(attack_url)
-+        self.check_status_and_reason(response, HTTPStatus.MOVED_PERMANENTLY)
-+        location = response.getheader('Location')
-+        self.assertFalse(location.startswith('//'), msg=location)
-+        self.assertEqual(location, expected_location,
-+                msg='Expected Location header to start with a single / and '
-+                'end with a / as this is a directory redirect.')
-+
-+        # ///python.org... triple-slash prefix, no trailing slash
-+        attack3_url = f'//{url}'
-+        response = self.request(attack3_url)
-+        self.check_status_and_reason(response, HTTPStatus.MOVED_PERMANENTLY)
-+        self.assertEqual(response.getheader('Location'), expected_location)
-+
-+        # If the second word in the http request (Request-URI for the http
-+        # method) is a full URI, we don't worry about it, as that'll be parsed
-+        # and reassembled as a full URI within BaseHTTPRequestHandler.send_head
-+        # so no errant scheme-less //netloc//evil.co/ domain mixup can happen.
-+        attack_scheme_netloc_2slash_url = f'https://pypi.org/{url}'
-+        expected_scheme_netloc_location = f'{attack_scheme_netloc_2slash_url}/'
-+        response = self.request(attack_scheme_netloc_2slash_url)
-+        self.check_status_and_reason(response, HTTPStatus.MOVED_PERMANENTLY)
-+        location = response.getheader('Location')
-+        # We're just ensuring that the scheme and domain make it through, if
-+        # there are or aren't multiple slashes at the start of the path that
-+        # follows that isn't important in this Location: header.
-+        self.assertTrue(location.startswith('https://pypi.org/'), msg=location)
-+
-     def test_get(self):
-         #constructs the path relative to the root directory of the HTTPServer
-         response = self.request(self.base_url + '/test')
-diff --git a/Misc/NEWS.d/next/Security/2022-06-15-20-09-23.gh-issue-87389.QVaC3f.rst b/Misc/NEWS.d/next/Security/2022-06-15-20-09-23.gh-issue-87389.QVaC3f.rst
-new file mode 100644
-index 000000000000..029d437190de
---- /dev/null
-+++ b/Misc/NEWS.d/next/Security/2022-06-15-20-09-23.gh-issue-87389.QVaC3f.rst
-@@ -0,0 +1,3 @@
-+:mod:`http.server`: Fix an open redirection vulnerability in the HTTP server
-+when an URI path starts with ``//``.  Vulnerability discovered, and initial
-+fix proposed, by Hamza Avvan.
diff --git a/meta/recipes-devtools/python/python3_3.8.13.bb b/meta/recipes-devtools/python/python3_3.8.14.bb
similarity index 98%
rename from meta/recipes-devtools/python/python3_3.8.13.bb
rename to meta/recipes-devtools/python/python3_3.8.14.bb
index d87abe2351..035eda9ecd 100644
--- a/meta/recipes-devtools/python/python3_3.8.13.bb
+++ b/meta/recipes-devtools/python/python3_3.8.14.bb
@@ -34,7 +34,6 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \
            file://0001-python3-Do-not-hardcode-lib-for-distutils.patch \
            file://0020-configure.ac-setup.py-do-not-add-a-curses-include-pa.patch \
            file://makerace.patch \
-           file://CVE-2021-28861.patch \
            "
 
 SRC_URI_append_class-native = " \
@@ -43,8 +42,8 @@ SRC_URI_append_class-native = " \
            file://0001-Don-t-search-system-for-headers-libraries.patch \
            "
 
-SRC_URI[md5sum] = "c4b7100dcaace9d33ab1fda9a3a038d6"
-SRC_URI[sha256sum] = "6f309077012040aa39fe8f0c61db8c0fa1c45136763299d375c9e5756f09cf57"
+SRC_URI[md5sum] = "78710eed185b71f4198d354502ff62c9"
+SRC_URI[sha256sum] = "5d77e278271ba803e9909a41a4f3baca006181c93ada682a5e5fe8dc4a24c5f3"
 
 # exclude pre-releases for both python 2.x and 3.x
 UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar"
-- 
2.25.1

[OE-core][dunfell 4/9] selftest: skip virgl test on ubuntu 22.04

[Steve Sakoman]

This test will fail any time the host has libdrm > 2.4.107

Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/lib/oeqa/selftest/cases/runtime_test.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta/lib/oeqa/selftest/cases/runtime_test.py b/meta/lib/oeqa/selftest/cases/runtime_test.py
index df11984713..399727de49 100644
--- a/meta/lib/oeqa/selftest/cases/runtime_test.py
+++ b/meta/lib/oeqa/selftest/cases/runtime_test.py
@@ -191,6 +191,8 @@ class TestImage(OESelftestTestCase):
             self.skipTest('virgl isn\'t working with Fedora 36')
         if distro and distro == 'opensuseleap-15.0':
             self.skipTest('virgl isn\'t working with Opensuse 15.0')
+        if distro and distro == 'ubuntu-22.04':
+            self.skipTest('virgl isn\'t working with Ubuntu 22.04')
 
         qemu_packageconfig = get_bb_var('PACKAGECONFIG', 'qemu-system-native')
         sdl_packageconfig = get_bb_var('PACKAGECONFIG', 'libsdl2-native')
-- 
2.25.1

[OE-core][dunfell 5/9] uninative: Upgrade to 3.7 to work with glibc 2.36

[Steve Sakoman]

From: Michael Halstead <mhalstead@linuxfoundation.org>

Update uninative to work with the new glibc 2.36 version

Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 410226b053e14e32add1f9b4b811f84a1c445a7c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/conf/distro/include/yocto-uninative.inc | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/meta/conf/distro/include/yocto-uninative.inc b/meta/conf/distro/include/yocto-uninative.inc
index 411fe45a24..7012db441b 100644
--- a/meta/conf/distro/include/yocto-uninative.inc
+++ b/meta/conf/distro/include/yocto-uninative.inc
@@ -6,10 +6,10 @@
 # to the distro running on the build machine.
 #
 
-UNINATIVE_MAXGLIBCVERSION = "2.35"
-UNINATIVE_VERSION = "3.6"
+UNINATIVE_MAXGLIBCVERSION = "2.36"
+UNINATIVE_VERSION = "3.7"
 
 UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/${UNINATIVE_VERSION}/"
-UNINATIVE_CHECKSUM[aarch64] ?= "d64831cf2792c8e470c2e42230660e1a8e5de56a579cdd59978791f663c2f3ed"
-UNINATIVE_CHECKSUM[i686] ?= "2f0ee9b66b1bb2c85e2b592fb3c9c7f5d77399fa638d74961330cdb8de34ca3b"
-UNINATIVE_CHECKSUM[x86_64] ?= "9bfc4c970495b3716b2f9e52c4df9f968c02463a9a95000f6657fbc3fde1f098"
+UNINATIVE_CHECKSUM[aarch64] ?= "6a29bcae4b5b716d2d520e18800b33943b65f8a835eac1ff8793fc5ee65b4be6"
+UNINATIVE_CHECKSUM[i686] ?= "3f6d52e64996570c716108d49f8108baccf499a283bbefae438c7266b7a93305"
+UNINATIVE_CHECKSUM[x86_64] ?= "b110bf2e10fe420f5ca2f3ec55f048ee5f0a54c7e34856a3594e51eb2aea0570"
-- 
2.25.1

[OE-core][dunfell 6/9] externalsrc: git submodule--helper list unsupported

[Steve Sakoman]

From: John Edward Broadbent <jebr@google.com>

Git has removed support for "git submodule--helper list".
https://github.com/git/git/commit/31955475d1c283120d5d84247eb3fd55d9f5fdd9

This change provides an alternate method for gathering the submodules
information.

Tested:
Build recipes with and without submodules

Signed-off-by: Carson Labrado <clabrado@google.com>
Signed-off-by: John Edward Broadbent <jebr@google.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6d9364e5f3535954f65cbbc694ee7933ac1d664f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/classes/externalsrc.bbclass | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/meta/classes/externalsrc.bbclass b/meta/classes/externalsrc.bbclass
index 0e0a3ae89c..291fcf5653 100644
--- a/meta/classes/externalsrc.bbclass
+++ b/meta/classes/externalsrc.bbclass
@@ -225,15 +225,16 @@ def srctree_hash_files(d, srcdir=None):
             env['GIT_INDEX_FILE'] = tmp_index.name
             subprocess.check_output(['git', 'add', '-A', '.'], cwd=s_dir, env=env)
             git_sha1 = subprocess.check_output(['git', 'write-tree'], cwd=s_dir, env=env).decode("utf-8")
-            submodule_helper = subprocess.check_output(['git', 'submodule--helper', 'list'], cwd=s_dir, env=env).decode("utf-8")
-            for line in submodule_helper.splitlines():
-                module_dir = os.path.join(s_dir, line.rsplit(maxsplit=1)[1])
-                if os.path.isdir(module_dir):
-                    proc = subprocess.Popen(['git', 'add', '-A', '.'], cwd=module_dir, env=env, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL)
-                    proc.communicate()
-                    proc = subprocess.Popen(['git', 'write-tree'], cwd=module_dir, env=env, stdout=subprocess.PIPE, stderr=subprocess.DEVNULL)
-                    stdout, _ = proc.communicate()
-                    git_sha1 += stdout.decode("utf-8")
+            if os.path.exists(".gitmodules"):
+                submodule_helper = subprocess.check_output(["git", "config", "--file", ".gitmodules", "--get-regexp", "path"], cwd=s_dir, env=env).decode("utf-8")
+                for line in submodule_helper.splitlines():
+                    module_dir = os.path.join(s_dir, line.rsplit(maxsplit=1)[1])
+                    if os.path.isdir(module_dir):
+                        proc = subprocess.Popen(['git', 'add', '-A', '.'], cwd=module_dir, env=env, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL)
+                        proc.communicate()
+                        proc = subprocess.Popen(['git', 'write-tree'], cwd=module_dir, env=env, stdout=subprocess.PIPE, stderr=subprocess.DEVNULL)
+                        stdout, _ = proc.communicate()
+                        git_sha1 += stdout.decode("utf-8")
             sha1 = hashlib.sha1(git_sha1.encode("utf-8")).hexdigest()
         with open(oe_hash_file, 'w') as fobj:
             fobj.write(sha1)
-- 
2.25.1

[OE-core][dunfell 7/9] qemu: Avoid accidental libvdeplug linkage

[Steve Sakoman]

Avoid accidentally linking to the vde library from the host by
adding a PACKAGECONFIG for the option.

Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8839e9540528b0b46c4fb4f95e508f038bcef8b9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/qemu/qemu.inc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index 3c0b34d851..cdd615997f 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -275,6 +275,7 @@ PACKAGECONFIG[capstone] = "--enable-capstone,--disable-capstone"
 # libnfs is currently provided by meta-kodi
 PACKAGECONFIG[libnfs] = "--enable-libnfs,--disable-libnfs,libnfs"
 PACKAGECONFIG[brlapi] = "--enable-brlapi,--disable-brlapi"
+PACKAGECONFIG[vde] = "--enable-vde,--disable-vde"
 
 INSANE_SKIP_${PN} = "arch"
 
-- 
2.25.1

[OE-core][dunfell 8/9] qemu: Add PACKAGECONFIG for rbd

[Steve Sakoman]

Avoid accidentally linking to the rbd library from the host by
adding a PACKAGECONFIG for the option.

Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/qemu/qemu.inc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index cdd615997f..d85db8f800 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -276,6 +276,7 @@ PACKAGECONFIG[capstone] = "--enable-capstone,--disable-capstone"
 PACKAGECONFIG[libnfs] = "--enable-libnfs,--disable-libnfs,libnfs"
 PACKAGECONFIG[brlapi] = "--enable-brlapi,--disable-brlapi"
 PACKAGECONFIG[vde] = "--enable-vde,--disable-vde"
+PACKAGECONFIG[rbd] = "--enable-rbd,--disable-rbd"
 
 INSANE_SKIP_${PN} = "arch"
 
-- 
2.25.1

[OE-core][dunfell 9/9] qemu: Avoid accidental librdmacm linkage

[Steve Sakoman]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

Avoid accidentally linking to the rdma library from the host by
adding a PACKAGECONFIG for the option. This was found on new
Fedora 36 autobuilder workers.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2a0f3cb225e4d5471155abbcd05d09bd6bf1620f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/qemu/qemu.inc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index d85db8f800..28caefef07 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -277,6 +277,7 @@ PACKAGECONFIG[libnfs] = "--enable-libnfs,--disable-libnfs,libnfs"
 PACKAGECONFIG[brlapi] = "--enable-brlapi,--disable-brlapi"
 PACKAGECONFIG[vde] = "--enable-vde,--disable-vde"
 PACKAGECONFIG[rbd] = "--enable-rbd,--disable-rbd"
+PACKAGECONFIG[rdma] = "--enable-rdma,--disable-rdma"
 
 INSANE_SKIP_${PN} = "arch"
 
-- 
2.25.1

[OE-core][dunfell 0/9] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by
end of day Tuesday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5239

The following changes since commit d1943e6a0ec00653c81cd4c0bb0d6b7e0909094c:

  go: fix CVE-2023-24537 Infinite loop in parsing (2023-04-21 04:15:45 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Christoph Lauer (1):
  populate_sdk_base: add zip options

Nikhil R (1):
  openssl: Fix CVE-2023-0464

Omkar Patil (2):
  openssl: Fix CVE-2023-0465
  openssl: Fix CVE-2023-0466

Shubham Kulkarni (1):
  go: Ignore CVE-2022-1705

Vijay Anusuri (2):
  sudo: Security fix for CVE-2023-28486 and CVE-2023-28487
  curl: Security fix CVE-2023-27533, CVE-2023-27535 and CVE-2023-27536

Virendra Thakur (1):
  qemu: Whitelist CVE-2023-0664

Vivek Kumbhar (1):
  go: fix CVE-2023-24534 denial of service from excessive memory
    allocation

 meta/classes/populate_sdk_base.bbclass        |   4 +-
 .../openssl/openssl/CVE-2023-0464.patch       | 226 ++++++
 .../openssl/openssl/CVE-2023-0465.patch       |  60 ++
 .../openssl/openssl/CVE-2023-0466.patch       |  82 +++
 .../openssl/openssl_1.1.1t.bb                 |   3 +
 meta/recipes-devtools/go/go-1.14.inc          |   4 +
 .../go/go-1.14/CVE-2023-24534.patch           | 200 ++++++
 meta/recipes-devtools/qemu/qemu.inc           |   5 +
 .../CVE-2023-28486_CVE-2023-28487-1.patch     | 646 ++++++++++++++++++
 .../CVE-2023-28486_CVE-2023-28487-2.patch     |  26 +
 meta/recipes-extended/sudo/sudo_1.8.32.bb     |   2 +
 .../curl/curl/CVE-2023-27533.patch            |  59 ++
 .../curl/curl/CVE-2023-27535-pre1.patch       | 236 +++++++
 .../curl/curl/CVE-2023-27535.patch            | 170 +++++
 .../curl/curl/CVE-2023-27536.patch            |  55 ++
 meta/recipes-support/curl/curl_7.69.1.bb      |   4 +
 16 files changed, 1781 insertions(+), 1 deletion(-)
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2023-0464.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2023-0465.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2023-0466.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-24534.patch
 create mode 100644 meta/recipes-extended/sudo/sudo/CVE-2023-28486_CVE-2023-28487-1.patch
 create mode 100644 meta/recipes-extended/sudo/sudo/CVE-2023-28486_CVE-2023-28487-2.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2023-27533.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2023-27535-pre1.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2023-27535.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2023-27536.patch

-- 
2.34.1

[OE-core][dunfell 0/9] Patch review

[Steve Sakoman]

Please review this set of changes for dunfell and have comments back by
end of day Monday, February 26

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6590

The following changes since commit 7ab6087536bc67c63094f08f863dcd3d5e35b8e7:

  cmake: Unset CMAKE_CXX_IMPLICIT_INCLUDE_DIRECTORIES (2024-02-12 17:13:14 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Bruce Ashfield (5):
  linux-yocto/5.4: update to v5.4.264
  linux-yocto/5.4: update to v5.4.265
  linux-yocto/5.4: update to v5.4.266
  linux-yocto/5.4: update to v5.4.267
  linux-yocto/5.4: update to v5.4.268

Peter Marko (1):
  gcc-shared-source: whitelist CVE-2023-4039

Richard Purdie (1):
  sstatesig: Allow exclusion of the root directory for do_package

Steve Sakoman (1):
  cve-exclusion_5.4.inc: update for 5.4.268

Tim Orling (1):
  vim: upgrade v9.0.2130 -> v9.0.2190

 meta/lib/oe/sstatesig.py                      |   5 +-
 .../gcc/gcc-shared-source.inc                 |   3 +
 .../linux/cve-exclusion_5.4.inc               | 199 +++++++++++++++++-
 .../linux/linux-yocto-rt_5.4.bb               |   6 +-
 .../linux/linux-yocto-tiny_5.4.bb             |   8 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  |  22 +-
 meta/recipes-support/vim/vim.inc              |   4 +-
 7 files changed, 215 insertions(+), 32 deletions(-)

-- 
2.34.1