public inbox for openembedded-core@lists.openembedded.org
 help / color / mirror / Atom feed
From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 0/7] Patch review
Date: Sat, 15 Apr 2023 05:26:37 -1000	[thread overview]
Message-ID: <cover.1681572283.git.steve@sakoman.com> (raw)

Please review this set of patches for kirkstone and have comments back by
end of day Tuesday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5185

The following changes since commit ff4b57ffff903a93b710284c7c7f916ddd74712f:

  uninative: Upgrade to 3.9 to include glibc 2.37 (2023-04-04 05:32:01 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Hitendra Prajapati (2):
  curl: CVE-2023-27533 TELNET option IAC injection
  curl: CVE-2023-27534 SFTP path resolving discrepancy

Joe Slater (1):
  go: fix CVE-2022-41724, 41725

Mark Hatle (1):
  openssl: Move microblaze to linux-latomic config

Pawan Badganchi (1):
  tiff: Add fix for CVE-2022-4645

Peter Marko (1):
  package.bbclass: correct check for /build in copydebugsources()

Yash Shinde (1):
  binutils : Fix CVE-2023-1579

 meta/classes/package.bbclass                  |    2 +-
 .../openssl/openssl_3.0.8.bb                  |    4 +-
 .../binutils/binutils-2.38.inc                |    4 +
 .../binutils/0021-CVE-2023-1579-1.patch       |  459 ++++
 .../binutils/0021-CVE-2023-1579-2.patch       | 2127 +++++++++++++++
 .../binutils/0021-CVE-2023-1579-3.patch       |  156 ++
 .../binutils/0021-CVE-2023-1579-4.patch       |   37 +
 meta/recipes-devtools/go/go-1.17.13.inc       |    5 +-
 .../go/go-1.19/add_godebug.patch              |   84 +
 .../go/go-1.19/cve-2022-41724.patch           | 2391 +++++++++++++++++
 .../go/go-1.19/cve-2022-41725.patch           |  652 +++++
 ...-of-TIFFTAG_INKNAMES-and-related-TIF.patch |    5 +-
 .../curl/curl/CVE-2023-27533.patch            |  208 ++
 .../curl/curl/CVE-2023-27534.patch            |  122 +
 meta/recipes-support/curl/curl_7.82.0.bb      |    2 +
 15 files changed, 6252 insertions(+), 6 deletions(-)
 create mode 100644 meta/recipes-devtools/binutils/binutils/0021-CVE-2023-1579-1.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0021-CVE-2023-1579-2.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0021-CVE-2023-1579-3.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0021-CVE-2023-1579-4.patch
 create mode 100644 meta/recipes-devtools/go/go-1.19/add_godebug.patch
 create mode 100644 meta/recipes-devtools/go/go-1.19/cve-2022-41724.patch
 create mode 100644 meta/recipes-devtools/go/go-1.19/cve-2022-41725.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2023-27533.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2023-27534.patch

-- 
2.34.1



             reply	other threads:[~2023-04-15 15:26 UTC|newest]

Thread overview: 22+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-04-15 15:26 Steve Sakoman [this message]
2023-04-15 15:26 ` [OE-core][kirkstone 1/7] binutils : Fix CVE-2023-1579 Steve Sakoman
2023-04-15 15:26 ` [OE-core][kirkstone 2/7] curl: CVE-2023-27533 TELNET option IAC injection Steve Sakoman
2023-04-15 15:26 ` [OE-core][kirkstone 3/7] curl: CVE-2023-27534 SFTP path resolving discrepancy Steve Sakoman
2023-04-15 15:26 ` [OE-core][kirkstone 4/7] tiff: Add fix for CVE-2022-4645 Steve Sakoman
2023-04-15 15:26 ` [OE-core][kirkstone 5/7] go: fix CVE-2022-41724, 41725 Steve Sakoman
2023-04-15 15:26 ` [OE-core][kirkstone 6/7] openssl: Move microblaze to linux-latomic config Steve Sakoman
2023-04-15 15:26 ` [OE-core][kirkstone 7/7] package.bbclass: correct check for /build in copydebugsources() Steve Sakoman
  -- strict thread matches above, loose matches on Subject: below --
2025-11-19 20:42 [OE-core][kirkstone 0/7] Patch review Steve Sakoman
2025-09-30 19:50 Steve Sakoman
2025-03-14 14:10 Steve Sakoman
2025-02-12 14:21 Steve Sakoman
2024-12-11 14:47 Steve Sakoman
2024-08-30 12:52 Steve Sakoman
2024-07-04 12:32 Steve Sakoman
2024-05-30 18:37 Steve Sakoman
2024-04-17 20:35 Steve Sakoman
2024-02-06 15:45 Steve Sakoman
2024-01-17 15:58 Steve Sakoman
2023-11-08 22:52 Steve Sakoman
2023-10-30  2:20 Steve Sakoman
2022-08-04 14:06 Steve Sakoman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=cover.1681572283.git.steve@sakoman.com \
    --to=steve@sakoman.com \
    --cc=openembedded-core@lists.openembedded.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox