From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 00/31] Patch review
Date: Sun, 27 Nov 2022 03:54:46 -1000 [thread overview]
Message-ID: <cover.1669557026.git.steve@sakoman.com> (raw)
Please review this set of patches for kirkstone and have comments back by
end of day Tuesday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4543
The following changes since commit da2c64b3158c58eb0a484d3acbdf0419df2d34e8:
wic: make ext2/3/4 images reproducible (2022-11-17 07:23:06 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Alexander Kanavin (11):
linux-firmware: upgrade 20220913 -> 20221012
xwayland: upgrade 22.1.3 -> 22.1.4
libffi: upgrade 3.4.2 -> 3.4.4
libical: upgrade 3.0.15 -> 3.0.16
mtd-utils: upgrade 2.1.4 -> 2.1.5
gdk-pixbuf: upgrade 2.42.9 -> 2.42.10
gstreamer1.0: upgrade 1.20.3 -> 1.20.4
libepoxy: convert to git
libepoxy: update 1.5.9 -> 1.5.10
vala: install vapigen-wrapper into /usr/bin/crosscripts and stage only
that
gnomebase.bbclass: return the whole version for tarball directory if
it is a number
Jose Quaresma (3):
sstatesig: skip the rm_work task signature
rm_work: exclude the SSTATETASKS from the rm_work tasks sinature
sstate: Allow optimisation of do_deploy_archives task dependencies
Joshua Watt (2):
qemu-helper-native: Re-write bridge helper as C program
qemu-helper-native: Correctly pass program name as argv[0]
Konrad Weihmann (1):
create-spdx: default share_src for shared sources
Martin Jansa (1):
libsndfile1: Backport fix for CVE-2021-4156
Narpat Mali (2):
ffmpeg: fix for CVE-2022-3964
ffmpeg: fix for CVE-2022-3965
Peter Marko (2):
systemd: add group render to udev package
meta-selftest/staticids: add render group for systemd
Richard Purdie (1):
sanity: Drop data finalize call
Ross Burton (1):
linux-firmware: don't put the firmware into the sysroot
Sakib Sajal (1):
go: fix CVE-2022-2880
Vivek Kumbhar (1):
python3: fix CVE-2022-42919 local privilege escalation via the
multiprocessing forkserver start method
Wang Mingyu (4):
xwayland: upgrade 22.1.4 -> 22.1.5
mobile-broadband-provider-info: upgrade 20220725 -> 20221107
babeltrace: upgrade 1.5.8 -> 1.5.11
iso-codes: upgrade 4.11.0 -> 4.12.0
Xiangyu Chen (1):
bash: backport patch to fix CVE-2022-3715
meta-selftest/files/static-group | 1 +
meta/classes/create-spdx.bbclass | 5 +-
meta/classes/gnomebase.bbclass | 2 +-
meta/classes/rm_work.bbclass | 2 +
meta/classes/sanity.bbclass | 11 +-
meta/classes/sstate.bbclass | 2 +-
meta/lib/oe/sstatesig.py | 6 +
.../mobile-broadband-provider-info_git.bb | 4 +-
meta/recipes-core/systemd/systemd_250.5.bb | 2 +
meta/recipes-devtools/go/go-1.17.13.inc | 1 +
...util-avoid-query-parameter-smuggling.patch | 178 ++++++++++++++++++
meta/recipes-devtools/mtd/mtd-utils_git.bb | 4 +-
.../python/python3/CVE-2022-42919.patch | 70 +++++++
.../recipes-devtools/python/python3_3.10.7.bb | 1 +
.../qemu/qemu-helper-native_1.0.bb | 6 +-
.../qemu/qemu-helper/qemu-oe-bridge-helper | 25 ---
.../qemu/qemu-helper/qemu-oe-bridge-helper.c | 34 ++++
meta/recipes-devtools/vala/vala.inc | 10 +-
.../bash/bash/CVE-2022-3715.patch | 33 ++++
meta/recipes-extended/bash/bash_5.1.16.bb | 1 +
...pixbuf_2.42.9.bb => gdk-pixbuf_2.42.10.bb} | 2 +-
.../{libepoxy_1.5.9.bb => libepoxy_1.5.10.bb} | 5 +-
...{xwayland_22.1.3.bb => xwayland_22.1.5.bb} | 2 +-
...20220913.bb => linux-firmware_20221012.bb} | 9 +-
...beltrace_1.5.8.bb => babeltrace_1.5.11.bb} | 2 +-
...c-stop-accessing-out-of-bounds-frame.patch | 89 +++++++++
...c-stop-accessing-out-of-bounds-frame.patch | 108 +++++++++++
.../recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb | 3 +
...tools_1.20.3.bb => gst-devtools_1.20.4.bb} | 2 +-
...r-APNG-encoder-property-registration.patch | 86 ---------
...1.20.3.bb => gstreamer1.0-libav_1.20.4.bb} | 6 +-
...x_1.20.3.bb => gstreamer1.0-omx_1.20.4.bb} | 2 +-
....bb => gstreamer1.0-plugins-bad_1.20.4.bb} | 2 +-
...bb => gstreamer1.0-plugins-base_1.20.4.bb} | 2 +-
...bb => gstreamer1.0-plugins-good_1.20.4.bb} | 2 +-
...bb => gstreamer1.0-plugins-ugly_1.20.4.bb} | 2 +-
....20.3.bb => gstreamer1.0-python_1.20.4.bb} | 2 +-
....bb => gstreamer1.0-rtsp-server_1.20.4.bb} | 2 +-
...1.20.3.bb => gstreamer1.0-vaapi_1.20.4.bb} | 2 +-
...er1.0_1.20.3.bb => gstreamer1.0_1.20.4.bb} | 2 +-
...flac-Fix-improper-buffer-reusing-732.patch | 29 +++
.../libsndfile/libsndfile1_1.0.31.bb | 1 +
...so-codes_4.11.0.bb => iso-codes_4.12.0.bb} | 2 +-
...m-sysv-reverted-clang-VFP-mitigation.patch | 6 +-
.../libffi/libffi/not-win32.patch | 8 +-
.../{libffi_3.4.2.bb => libffi_3.4.4.bb} | 4 +-
.../{libical_3.0.15.bb => libical_3.0.16.bb} | 2 +-
47 files changed, 612 insertions(+), 170 deletions(-)
create mode 100644 meta/recipes-devtools/go/go-1.18/0001-net-http-httputil-avoid-query-parameter-smuggling.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2022-42919.patch
delete mode 100755 meta/recipes-devtools/qemu/qemu-helper/qemu-oe-bridge-helper
create mode 100644 meta/recipes-devtools/qemu/qemu-helper/qemu-oe-bridge-helper.c
create mode 100644 meta/recipes-extended/bash/bash/CVE-2022-3715.patch
rename meta/recipes-gnome/gdk-pixbuf/{gdk-pixbuf_2.42.9.bb => gdk-pixbuf_2.42.10.bb} (98%)
rename meta/recipes-graphics/libepoxy/{libepoxy_1.5.9.bb => libepoxy_1.5.10.bb} (86%)
rename meta/recipes-graphics/xwayland/{xwayland_22.1.3.bb => xwayland_22.1.5.bb} (95%)
rename meta/recipes-kernel/linux-firmware/{linux-firmware_20220913.bb => linux-firmware_20221012.bb} (99%)
rename meta/recipes-kernel/lttng/{babeltrace_1.5.8.bb => babeltrace_1.5.11.bb} (98%)
create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/0001-avcodec-rpzaenc-stop-accessing-out-of-bounds-frame.patch
create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/0001-avcodec-smcenc-stop-accessing-out-of-bounds-frame.patch
rename meta/recipes-multimedia/gstreamer/{gst-devtools_1.20.3.bb => gst-devtools_1.20.4.bb} (95%)
delete mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-libav/0001-libav-Fix-for-APNG-encoder-property-registration.patch
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-libav_1.20.3.bb => gstreamer1.0-libav_1.20.4.bb} (82%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-omx_1.20.3.bb => gstreamer1.0-omx_1.20.4.bb} (95%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-bad_1.20.3.bb => gstreamer1.0-plugins-bad_1.20.4.bb} (98%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-base_1.20.3.bb => gstreamer1.0-plugins-base_1.20.4.bb} (97%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-good_1.20.3.bb => gstreamer1.0-plugins-good_1.20.4.bb} (97%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-ugly_1.20.3.bb => gstreamer1.0-plugins-ugly_1.20.4.bb} (94%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-python_1.20.3.bb => gstreamer1.0-python_1.20.4.bb} (91%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-rtsp-server_1.20.3.bb => gstreamer1.0-rtsp-server_1.20.4.bb} (90%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-vaapi_1.20.3.bb => gstreamer1.0-vaapi_1.20.4.bb} (95%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0_1.20.3.bb => gstreamer1.0_1.20.4.bb} (97%)
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/0001-flac-Fix-improper-buffer-reusing-732.patch
rename meta/recipes-support/iso-codes/{iso-codes_4.11.0.bb => iso-codes_4.12.0.bb} (94%)
rename meta/recipes-support/libffi/{libffi_3.4.2.bb => libffi_3.4.4.bb} (90%)
rename meta/recipes-support/libical/{libical_3.0.15.bb => libical_3.0.16.bb} (96%)
--
2.25.1
next reply other threads:[~2022-11-27 13:55 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-27 13:54 Steve Sakoman [this message]
2022-11-27 13:54 ` [OE-core][kirkstone 01/31] libsndfile1: Backport fix for CVE-2021-4156 Steve Sakoman
2022-11-27 13:54 ` [OE-core][kirkstone 02/31] bash: backport patch to fix CVE-2022-3715 Steve Sakoman
2022-11-27 13:54 ` [OE-core][kirkstone 03/31] ffmpeg: fix for CVE-2022-3964 Steve Sakoman
2022-11-27 13:54 ` [OE-core][kirkstone 04/31] ffmpeg: fix for CVE-2022-3965 Steve Sakoman
2022-11-27 13:54 ` [OE-core][kirkstone 05/31] python3: fix CVE-2022-42919 local privilege escalation via the multiprocessing forkserver start method Steve Sakoman
2022-11-27 13:54 ` [OE-core][kirkstone 06/31] go: fix CVE-2022-2880 Steve Sakoman
2022-11-27 13:54 ` [OE-core][kirkstone 07/31] linux-firmware: upgrade 20220913 -> 20221012 Steve Sakoman
2022-11-27 13:54 ` [OE-core][kirkstone 08/31] xwayland: upgrade 22.1.3 -> 22.1.4 Steve Sakoman
2022-11-27 13:54 ` [OE-core][kirkstone 09/31] xwayland: upgrade 22.1.4 -> 22.1.5 Steve Sakoman
2022-11-27 13:54 ` [OE-core][kirkstone 10/31] libffi: upgrade 3.4.2 -> 3.4.4 Steve Sakoman
2022-11-27 13:54 ` [OE-core][kirkstone 11/31] libical: upgrade 3.0.15 -> 3.0.16 Steve Sakoman
2022-11-27 13:54 ` [OE-core][kirkstone 12/31] mtd-utils: upgrade 2.1.4 -> 2.1.5 Steve Sakoman
2022-11-27 13:54 ` [OE-core][kirkstone 13/31] gdk-pixbuf: upgrade 2.42.9 -> 2.42.10 Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 14/31] gstreamer1.0: upgrade 1.20.3 -> 1.20.4 Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 15/31] libepoxy: convert to git Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 16/31] libepoxy: update 1.5.9 -> 1.5.10 Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 17/31] mobile-broadband-provider-info: upgrade 20220725 -> 20221107 Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 18/31] babeltrace: upgrade 1.5.8 -> 1.5.11 Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 19/31] iso-codes: upgrade 4.11.0 -> 4.12.0 Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 20/31] qemu-helper-native: Re-write bridge helper as C program Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 21/31] qemu-helper-native: Correctly pass program name as argv[0] Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 22/31] linux-firmware: don't put the firmware into the sysroot Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 23/31] vala: install vapigen-wrapper into /usr/bin/crosscripts and stage only that Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 24/31] gnomebase.bbclass: return the whole version for tarball directory if it is a number Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 25/31] sstatesig: skip the rm_work task signature Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 26/31] rm_work: exclude the SSTATETASKS from the rm_work tasks sinature Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 27/31] sstate: Allow optimisation of do_deploy_archives task dependencies Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 28/31] sanity: Drop data finalize call Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 29/31] systemd: add group render to udev package Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 30/31] meta-selftest/staticids: add render group for systemd Steve Sakoman
2022-11-27 13:55 ` [OE-core][kirkstone 31/31] create-spdx: default share_src for shared sources Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2022-11-04 3:00 [OE-core][kirkstone 00/31] Patch review Steve Sakoman
2022-05-17 18:23 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1669557026.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox