[OE-core][kirkstone 00/12] Patch review

[Steve Sakoman <steve@sakoman.com>]

Please review this set of patches for kirkstone and have comments back by
end of day Monday.

This should be the final set of patches for the 4.0.6 release.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4600

The following changes since commit c0f3da88a9646fc5e6d549b1a2327c0823c0e5a1:

  mirrors.bbclass: update CPAN_MIRROR (2022-11-30 05:51:07 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Alexey Smirnov (1):
  classes: make TOOLCHAIN more permissive for kernel

Chen Qi (1):
  psplash: consider the situation of psplash not exist for systemd

Harald Seiler (1):
  opkg: Set correct info_dir and status_file in opkg.conf

Hitendra Prajapati (1):
  libarchive: CVE-2022-36227 NULL pointer dereference in archive_write.c

Joe Slater (1):
  python3: advance to version 3.10.8

Joshua Watt (1):
  scripts: convert-overrides: Allow command-line customizations

Qiu, Zheng (2):
  vim: upgrade 9.0.0820 -> 9.0.0947
  valgrind: remove most hidden tests for arm64

Richard Purdie (1):
  oeqa/selftest/tinfoil: Add test for separate config_data with
    recipe_parse_file()

Ross Burton (1):
  xserver-xorg: backport fixes for CVE-2022-3550 and CVE-2022-3551

Xiangyu Chen (2):
  sysstat: fix CVE-2022-39377
  grub: backport patches to fix CVE-2022-28736

 meta/classes/kernel-arch.bbclass              |   2 +-
 meta/lib/oeqa/selftest/cases/tinfoil.py       |  14 ++
 ...i-chainloader-Use-grub_loader_set_ex.patch |  86 +++++++
 ...ot-Add-API-to-pass-context-to-loader.patch | 168 +++++++++++++
 ...hainloader-Simplify-the-loader-state.patch | 129 ++++++++++
 meta/recipes-bsp/grub/grub2.inc               |   3 +
 .../psplash/files/psplash-start.service       |   1 +
 .../psplash/files/psplash-systemd.service     |   1 +
 meta/recipes-devtools/opkg/opkg_0.5.0.bb      |   4 +-
 .../python/python3/cve-2022-37454.patch       | 108 +++++++++
 .../{python3_3.10.7.bb => python3_3.10.8.bb}  |   4 +-
 .../valgrind/valgrind/remove-for-aarch64      | 227 +-----------------
 .../libarchive/CVE-2022-36227.patch           |  42 ++++
 .../libarchive/libarchive_3.6.1.bb            |   4 +-
 .../sysstat/sysstat/CVE-2022-39377.patch      |  93 +++++++
 .../sysstat/sysstat_12.4.5.bb                 |   3 +-
 ...possible-memleaks-in-XkbGetKbdByName.patch |  63 +++++
 ...ntedString-against-request-length-at.patch |  38 +++
 .../xorg-xserver/xserver-xorg_21.1.4.bb       |   2 +
 meta/recipes-support/vim/vim.inc              |   4 +-
 scripts/contrib/convert-overrides.py          | 103 ++++----
 21 files changed, 821 insertions(+), 278 deletions(-)
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2022-28736-loader-efi-chainloader-Use-grub_loader_set_ex.patch
 create mode 100644 meta/recipes-bsp/grub/files/commands-boot-Add-API-to-pass-context-to-loader.patch
 create mode 100644 meta/recipes-bsp/grub/files/loader-efi-chainloader-Simplify-the-loader-state.patch
 create mode 100644 meta/recipes-devtools/python/python3/cve-2022-37454.patch
 rename meta/recipes-devtools/python/{python3_3.10.7.bb => python3_3.10.8.bb} (99%)
 create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2022-36227.patch
 create mode 100644 meta/recipes-extended/sysstat/sysstat/CVE-2022-39377.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-xkb-fix-some-possible-memleaks-in-XkbGetKbdByName.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-xkb-proof-GetCountedString-against-request-length-at.patch

-- 
2.25.1