[OE-core][dunfell 00/16] Patch review

public inbox for openembedded-core@lists.openembedded.org
 help / color / mirror / Atom feed

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 00/16] Patch review
Date: Wed, 25 Jan 2023 04:41:43 -1000	[thread overview]
Message-ID: <cover.1674657501.git.steve@sakoman.com> (raw)

Please review this set of patches for dunfell and have comments back by
end of day Friday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4828

with the exception of a known autobuilder intermittent issue on qemuppc:

https://bugzilla.yoctoproject.org/show_bug.cgi?id=14824

which passed on subsequent re-test:

https://autobuilder.yoctoproject.org/typhoon/#/builders/63/builds/6517

The following changes since commit db81e3c7e7f1d4d9eba52ac35ac97627d0240b63:

  build-appliance-image: Update to dunfell head revision (2023-01-13 18:11:40 +0000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Alexander Kanavin (2):
  linux-firmware: upgrade 20221109 -> 20221214
  selftest/virgl: use pkg-config from the host

Benoît Mauduit (1):
  lib/oe/reproducible: Use git log without gpg signature

Bhabu Bindu (1):
  ffmpeg: Fix CVE-2022-3109

Hitendra Prajapati (2):
  QEMU: CVE-2022-4144 QXL: qxl_phys2virt unsafe address translation can
    lead to out-of-bounds read
  xserver-xorg: Fix Multiple CVEs

Jan Kircher (1):
  toolchain-scripts: compatibility with unbound variable protection

Jermain Horsman (1):
  cve-check: write the cve manifest to IMGDEPLOYDIR

Marta Rybczynska (1):
  cve-update-db-native: avoid incomplete updates

Niko Mauno (1):
  systemd: Consider PACKAGECONFIG in RRECOMMENDS

Quentin Schulz (1):
  cairo: fix CVE patches assigned wrong CVE number

Randy MacLeod (1):
  vim: upgrade 9.0.0947 -> 9.0.1211

Ross Burton (2):
  cve-update-db-native: add more logging when fetching
  cve-update-db-native: show IP on failure

Steve Sakoman (1):
  python3: fix packaging of Windows distutils installer stubs

jan (1):
  cve-update-db-native: Allow to overrule the URL in a bbappend.

 meta/classes/cve-check.bbclass                |   6 +-
 meta/classes/toolchain-scripts.bbclass        |   2 +-
 meta/lib/oe/reproducible.py                   |   3 +-
 meta/lib/oeqa/selftest/cases/runtime_test.py  |   2 +-
 .../recipes-core/meta/cve-update-db-native.bb |  97 ++++++++++++-----
 meta/recipes-core/systemd/systemd_244.5.bb    |   4 +-
 .../python/python3/python3-manifest.json      |   4 +-
 meta/recipes-devtools/qemu/qemu.inc           |   1 +
 .../qemu/qemu/CVE-2022-4144.patch             | 103 ++++++++++++++++++
 .../cairo/cairo/CVE-2019-6461.patch           |  46 +++-----
 .../cairo/cairo/CVE-2019-6462.patch           |  46 +++++---
 .../xserver-xorg/CVE-2022-4283.patch          |  39 +++++++
 .../xserver-xorg/CVE-2022-46340.patch         |  55 ++++++++++
 .../xserver-xorg/CVE-2022-46341.patch         |  86 +++++++++++++++
 .../xserver-xorg/CVE-2022-46342.patch         |  78 +++++++++++++
 .../xserver-xorg/CVE-2022-46343.patch         |  51 +++++++++
 .../xserver-xorg/CVE-2022-46344.patch         |  75 +++++++++++++
 .../xorg-xserver/xserver-xorg_1.20.14.bb      |   8 +-
 ...20221109.bb => linux-firmware_20221214.bb} |   4 +-
 .../ffmpeg/ffmpeg/CVE-2022-3109.patch         |  41 +++++++
 .../recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb |   1 +
 meta/recipes-support/vim/vim.inc              |   4 +-
 22 files changed, 670 insertions(+), 86 deletions(-)
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2022-4144.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2022-4283.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2022-46340.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2022-46341.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2022-46342.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2022-46343.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2022-46344.patch
 rename meta/recipes-kernel/linux-firmware/{linux-firmware_20221109.bb => linux-firmware_20221214.bb} (99%)
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2022-3109.patch

-- 
2.25.1

next             reply	other threads:[~2023-01-25 14:42 UTC|newest]

Thread overview: 25+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-01-25 14:41 Steve Sakoman [this message]
2023-01-25 14:41 ` [OE-core][dunfell 01/16] cve-update-db-native: Allow to overrule the URL in a bbappend Steve Sakoman
2023-01-25 14:41 ` [OE-core][dunfell 02/16] cve-update-db-native: add more logging when fetching Steve Sakoman
2023-01-25 14:41 ` [OE-core][dunfell 03/16] cve-update-db-native: avoid incomplete updates Steve Sakoman
2023-01-25 14:41 ` [OE-core][dunfell 04/16] cve-update-db-native: show IP on failure Steve Sakoman
2023-01-25 14:41 ` [OE-core][dunfell 05/16] cve-check: write the cve manifest to IMGDEPLOYDIR Steve Sakoman
2023-01-25 14:41 ` [OE-core][dunfell 06/16] cairo: fix CVE patches assigned wrong CVE number Steve Sakoman
2023-01-25 14:41 ` [OE-core][dunfell 07/16] QEMU: CVE-2022-4144 QXL: qxl_phys2virt unsafe address translation can lead to out-of-bounds read Steve Sakoman
2023-01-31  7:18   ` Martin Jansa
     [not found]   ` <173F539A3738DDDD.25384@lists.openembedded.org>
2023-01-31  7:39     ` Martin Jansa
2023-02-03 15:59       ` Steve Sakoman
2023-01-25 14:41 ` [OE-core][dunfell 08/16] ffmpeg: Fix CVE-2022-3109 Steve Sakoman
2023-01-25 14:41 ` [OE-core][dunfell 09/16] xserver-xorg: Fix Multiple CVEs Steve Sakoman
2023-01-25 14:41 ` [OE-core][dunfell 10/16] linux-firmware: upgrade 20221109 -> 20221214 Steve Sakoman
2023-01-25 14:41 ` [OE-core][dunfell 11/16] vim: upgrade 9.0.0947 -> 9.0.1211 Steve Sakoman
2023-01-25 14:41 ` [OE-core][dunfell 12/16] systemd: Consider PACKAGECONFIG in RRECOMMENDS Steve Sakoman
2023-01-25 14:41 ` [OE-core][dunfell 13/16] toolchain-scripts: compatibility with unbound variable protection Steve Sakoman
2023-01-25 14:41 ` [OE-core][dunfell 14/16] lib/oe/reproducible: Use git log without gpg signature Steve Sakoman
2023-01-25 14:41 ` [OE-core][dunfell 15/16] selftest/virgl: use pkg-config from the host Steve Sakoman
2023-01-25 14:41 ` [OE-core][dunfell 16/16] python3: fix packaging of Windows distutils installer stubs Steve Sakoman
  -- strict thread matches above, loose matches on Subject: below --
2023-02-20 22:20 [OE-core][dunfell 00/16] Patch review Steve Sakoman
2020-12-01 18:51 Steve Sakoman
2020-10-27 22:29 Steve Sakoman
2020-06-01 14:11 Steve Sakoman
2020-04-29 16:10 Steve Sakoman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=cover.1674657501.git.steve@sakoman.com \
    --to=steve@sakoman.com \
    --cc=openembedded-core@lists.openembedded.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox