From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 00/23] Patch review
Date: Thu, 1 Dec 2022 04:26:54 -1000 [thread overview]
Message-ID: <cover.1669904703.git.steve@sakoman.com> (raw)
Please review this set of patches for kirkstone and have comments back by
end of day Monday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4562
The following changes since commit 5b2ee67e3a5587b4c7d97d2a9bc00022d1eedae3:
create-spdx: default share_src for shared sources (2022-11-25 08:08:10 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Bhabu Bindu (3):
curl: Fix CVE-2022-32221
curl: Fix CVE-2022-42916
curl: Fix CVE-2022-42915
Bruce Ashfield (5):
linux-yocto/5.15: update to v5.15.74
linux-yocto/5.15: update to v5.15.76
linux-yocto/5.15: update to v5.15.78
linux-yocto/5.15: fix CONFIG_CRYPTO_CCM mismatch warnings
kern-tools: integrate ZFS speedup patch
Chee Yang Lee (1):
dropbear: fix CVE-2021-36369
Chen Qi (3):
kernel.bbclass: make KERNEL_DEBUG_TIMESTAMPS work at rebuild
resolvconf: make it work
dhcpcd: fix to work with systemd
Dmitry Baryshkov (2):
linux-firmware: upgrade 20221012 -> 20221109
linux-firmware: add new fw file to ${PN}-qcom-adreno-a530
Enrico Jörns (1):
sstatesig: emit more helpful error message when not finding sstate
manifest
Martin Jansa (2):
tiff: refresh with devtool
tiff: add CVE tag to b258ed69a485a9cfb299d9f060eb2a46c54e5903.patch
Polampalli, Archana (1):
libpam: fix CVE-2022-28321
Qiu, Zheng (1):
tiff: Security fix for CVE-2022-3970
Ross Burton (1):
tiff: fix a number of CVEs
Tim Orling (1):
mirrors.bbclass: update CPAN_MIRROR
Xiangyu Chen (2):
grub2: backport patch to fix CVE-2022-2601 CVE-2022-3775
dbus: upgrade 1.14.0 -> 1.14.4
meta/classes/kernel.bbclass | 8 +
meta/classes/mirrors.bbclass | 3 +-
meta/lib/oe/sstatesig.py | 6 +-
...erflow-in-grub_font_get_glyph_intern.patch | 115 ++++
.../grub/files/CVE-2022-2601.patch | 85 +++
.../grub/files/CVE-2022-3775.patch | 95 +++
meta/recipes-bsp/grub/grub2.inc | 3 +
.../dhcpcd/dhcpcd_9.4.1.bb | 1 +
...mprove-the-sitation-of-working-with-.patch | 82 +++
...01-avoid-using-m-option-for-readlink.patch | 37 +
.../resolvconf/resolvconf_1.91.bb | 9 +-
...eswap-Byte-swap-Unix-fd-indexes-if-n.patch | 76 ---
...idate-Check-brackets-in-signature-ne.patch | 119 ----
...idate-Validate-length-of-arrays-of-f.patch | 61 --
.../dbus/{dbus_1.14.0.bb => dbus_1.14.4.bb} | 10 +-
meta/recipes-core/dropbear/dropbear.inc | 4 +-
.../dropbear/dropbear/CVE-2021-36369.patch | 145 ++++
.../pam/libpam/CVE-2022-28321-0002.patch | 205 ++++++
meta/recipes-extended/pam/libpam_1.5.2.bb | 1 +
.../kern-tools/kern-tools-native_git.bb | 2 +-
...20221012.bb => linux-firmware_20221109.bb} | 6 +-
.../linux/linux-yocto-rt_5.15.bb | 6 +-
.../linux/linux-yocto-tiny_5.15.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 +-
...-of-TIFFTAG_INKNAMES-and-related-TIF.patch | 266 ++++++++
...-the-FPE-in-tiffcrop-415-427-and-428.patch | 2 +-
...rash-when-reading-a-file-with-multip.patch | 14 +-
...ue-330-and-some-more-from-320-to-349.patch | 86 ++-
...fcrop-S-option-Make-decision-simpler.patch | 36 +
...-incompatibility-of-Z-X-Y-z-options-.patch | 59 ++
...ines-require-a-larger-buffer-fixes-2.patch | 640 ++++++++++++++++++
...al-buffer-overflow-for-ASCII-tags-wh.patch | 13 +-
...ue-380-and-382-heap-buffer-overflow-.patch | 14 +-
...-for-return-value-of-limitMalloc-392.patch | 15 +-
...ag-avoid-calling-memcpy-with-a-null-.patch | 16 +-
.../0005-fix-the-FPE-in-tiffcrop-393.patch | 15 +-
...x-heap-buffer-overflow-in-tiffcp-278.patch | 15 +-
...99c99f987dc32ae110370cfdd7df7975586b.patch | 9 +-
.../libtiff/tiff/CVE-2022-1354.patch | 8 +-
.../libtiff/tiff/CVE-2022-1355.patch | 8 +-
.../libtiff/tiff/CVE-2022-2867.patch | 2 +-
.../libtiff/tiff/CVE-2022-2869.patch | 2 +-
.../libtiff/tiff/CVE-2022-2953.patch | 30 +-
.../libtiff/tiff/CVE-2022-34526.patch | 6 +-
.../libtiff/tiff/CVE-2022-3970.patch | 38 ++
...ed69a485a9cfb299d9f060eb2a46c54e5903.patch | 7 +-
...0712f4c3a5b449f70c57988260a667ddbdef.patch | 9 +-
meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 6 +-
.../curl/curl/CVE-2022-32221.patch | 28 +
.../curl/curl/CVE-2022-42915.patch | 53 ++
.../curl/curl/CVE-2022-42916.patch | 136 ++++
meta/recipes-support/curl/curl_7.82.0.bb | 3 +
52 files changed, 2203 insertions(+), 444 deletions(-)
create mode 100644 meta/recipes-bsp/grub/files/0001-font-Fix-size-overflow-in-grub_font_get_glyph_intern.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2022-2601.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2022-3775.patch
create mode 100644 meta/recipes-connectivity/dhcpcd/files/0001-20-resolv.conf-improve-the-sitation-of-working-with-.patch
create mode 100644 meta/recipes-connectivity/resolvconf/resolvconf/0001-avoid-using-m-option-for-readlink.patch
delete mode 100644 meta/recipes-core/dbus/dbus/0001-dbus-marshal-byteswap-Byte-swap-Unix-fd-indexes-if-n.patch
delete mode 100644 meta/recipes-core/dbus/dbus/0001-dbus-marshal-validate-Check-brackets-in-signature-ne.patch
delete mode 100644 meta/recipes-core/dbus/dbus/0001-dbus-marshal-validate-Validate-length-of-arrays-of-f.patch
rename meta/recipes-core/dbus/{dbus_1.14.0.bb => dbus_1.14.4.bb} (93%)
create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2021-36369.patch
create mode 100644 meta/recipes-extended/pam/libpam/CVE-2022-28321-0002.patch
rename meta/recipes-kernel/linux-firmware/{linux-firmware_20221012.bb => linux-firmware_20221109.bb} (99%)
create mode 100644 meta/recipes-multimedia/libtiff/tiff/0001-Revised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/0001-tiffcrop-S-option-Make-decision-simpler.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/0001-tiffcrop-disable-incompatibility-of-Z-X-Y-z-options-.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/0001-tiffcrop-subroutines-require-a-larger-buffer-fixes-2.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2022-3970.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-32221.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-42915.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2022-42916.patch
--
2.25.1
next reply other threads:[~2022-12-01 14:27 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-01 14:26 Steve Sakoman [this message]
2022-12-01 14:26 ` [OE-core][kirkstone 01/23] grub2: backport patch to fix CVE-2022-2601 CVE-2022-3775 Steve Sakoman
2022-12-01 14:26 ` [OE-core][kirkstone 02/23] tiff: refresh with devtool Steve Sakoman
2022-12-01 14:26 ` [OE-core][kirkstone 03/23] tiff: fix a number of CVEs Steve Sakoman
2022-12-01 14:26 ` [OE-core][kirkstone 04/23] tiff: Security fix for CVE-2022-3970 Steve Sakoman
2022-12-01 14:26 ` [OE-core][kirkstone 05/23] tiff: add CVE tag to b258ed69a485a9cfb299d9f060eb2a46c54e5903.patch Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 06/23] curl: Fix CVE-2022-32221 Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 07/23] curl: Fix CVE-2022-42916 Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 08/23] curl: Fix CVE-2022-42915 Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 09/23] dropbear: fix CVE-2021-36369 Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 10/23] libpam: fix CVE-2022-28321 Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 11/23] dbus: upgrade 1.14.0 -> 1.14.4 Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 12/23] linux-yocto/5.15: update to v5.15.74 Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 13/23] linux-yocto/5.15: update to v5.15.76 Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 14/23] linux-yocto/5.15: update to v5.15.78 Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 15/23] linux-yocto/5.15: fix CONFIG_CRYPTO_CCM mismatch warnings Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 16/23] kern-tools: integrate ZFS speedup patch Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 17/23] kernel.bbclass: make KERNEL_DEBUG_TIMESTAMPS work at rebuild Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 18/23] linux-firmware: upgrade 20221012 -> 20221109 Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 19/23] linux-firmware: add new fw file to ${PN}-qcom-adreno-a530 Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 20/23] sstatesig: emit more helpful error message when not finding sstate manifest Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 21/23] resolvconf: make it work Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 22/23] dhcpcd: fix to work with systemd Steve Sakoman
2022-12-01 14:27 ` [OE-core][kirkstone 23/23] mirrors.bbclass: update CPAN_MIRROR Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2024-05-09 12:04 [OE-core][kirkstone 00/23] Patch review Steve Sakoman
2023-02-21 14:40 Steve Sakoman
2022-07-18 0:30 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1669904703.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox