From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 00/15] Patch review
Date: Sat, 6 May 2023 05:24:30 -1000 [thread overview]
Message-ID: <cover.1683386547.git.steve@sakoman.com> (raw)
Please review this set of patches for kirkstone and have comments back by
end of day Tuesday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5269
The following changes since commit 2d67702bdfc64358d364dd6484ae41842ee7c52f:
glibc: stable 2.35 branch updates. (2023-04-28 03:55:33 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Arturo Buzarra (1):
run-postinsts: Set dependency for ldconfig to avoid boot issues
Deepthi Hemraj (4):
binutils : Fix CVE-2023-25584
binutils : Fix CVE-2023-25585
binutils : Fix CVE-2023-1972
binutils : Fix CVE-2023-25588
Hitendra Prajapati (1):
connman: fix CVE-2023-28488 DoS in client.c
Kai Kang (1):
webkitgtk: fix CVE-2022-32888 & CVE-2022-32923
Narpat Mali (2):
ffmpeg: fix for CVE-2022-48434
python3-cryptography: fix for CVE-2023-23931
Randolph Sapp (2):
wic/bootimg-efi: if fixed-size is set then use that for mkdosfs
kernel-devicetree: allow specification of dtb directory
Ranjitsinh Rathod (1):
libbsd: Add correct license for all packages
Shubham Kulkarni (1):
go: Security fix for CVE-2023-24538
Vivek Kumbhar (2):
freetype: fix CVE-2023-2004 integer overflowin in
tt_hvadvance_adjust() in src/truetype/ttgxvar.c
go: fix CVE-2023-24534 denial of service from excessive memory
allocation
meta/classes/kernel-devicetree.bbclass | 22 +-
meta/classes/kernel.bbclass | 2 +
.../connman/connman/CVE-2023-28488.patch | 60 ++
.../connman/connman_1.41.bb | 1 +
.../binutils/binutils-2.38.inc | 6 +
.../binutils/0022-CVE-2023-25584-1.patch | 56 ++
.../binutils/0022-CVE-2023-25584-2.patch | 38 ++
.../binutils/0022-CVE-2023-25584-3.patch | 534 ++++++++++++++++++
.../binutils/0023-CVE-2023-25585.patch | 54 ++
.../binutils/0025-CVE-2023-25588.patch | 147 +++++
.../binutils/0026-CVE-2023-1972.patch | 41 ++
meta/recipes-devtools/go/go-1.17.13.inc | 2 +
.../go/go-1.18/CVE-2023-24534.patch | 200 +++++++
.../go/go-1.18/CVE-2023-24538.patch | 208 +++++++
.../python3-cryptography/CVE-2023-23931.patch | 49 ++
.../python/python3-cryptography_36.0.2.bb | 1 +
.../run-postinsts/run-postinsts.service | 2 +-
.../freetype/freetype/CVE-2023-2004.patch | 41 ++
.../freetype/freetype_2.11.1.bb | 1 +
.../ffmpeg/ffmpeg/CVE-2022-48434.patch | 130 +++++
.../recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb | 3 +-
.../webkit/webkitgtk/CVE-2022-32888.patch | 41 ++
.../webkit/webkitgtk/CVE-2022-32923.patch | 435 ++++++++++++++
meta/recipes-sato/webkit/webkitgtk_2.36.8.bb | 2 +
meta/recipes-support/libbsd/libbsd_0.11.5.bb | 7 +
scripts/lib/wic/plugins/source/bootimg-efi.py | 7 +
26 files changed, 2083 insertions(+), 7 deletions(-)
create mode 100644 meta/recipes-connectivity/connman/connman/CVE-2023-28488.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0022-CVE-2023-25584-1.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0022-CVE-2023-25584-2.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0022-CVE-2023-25584-3.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0023-CVE-2023-25585.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0025-CVE-2023-25588.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0026-CVE-2023-1972.patch
create mode 100644 meta/recipes-devtools/go/go-1.18/CVE-2023-24534.patch
create mode 100644 meta/recipes-devtools/go/go-1.18/CVE-2023-24538.patch
create mode 100644 meta/recipes-devtools/python/python3-cryptography/CVE-2023-23931.patch
create mode 100644 meta/recipes-graphics/freetype/freetype/CVE-2023-2004.patch
create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2022-48434.patch
create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2022-32888.patch
create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2022-32923.patch
--
2.34.1
next reply other threads:[~2023-05-06 15:24 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-05-06 15:24 Steve Sakoman [this message]
2023-05-06 15:24 ` [OE-core][kirkstone 01/15] ffmpeg: fix for CVE-2022-48434 Steve Sakoman
2023-05-06 15:24 ` [OE-core][kirkstone 02/15] connman: fix CVE-2023-28488 DoS in client.c Steve Sakoman
2023-05-06 15:24 ` [OE-core][kirkstone 03/15] freetype: fix CVE-2023-2004 integer overflowin in tt_hvadvance_adjust() in src/truetype/ttgxvar.c Steve Sakoman
2023-05-06 15:24 ` [OE-core][kirkstone 04/15] go: fix CVE-2023-24534 denial of service from excessive memory allocation Steve Sakoman
2023-05-06 15:24 ` [OE-core][kirkstone 05/15] go: Security fix for CVE-2023-24538 Steve Sakoman
2023-05-06 15:24 ` [OE-core][kirkstone 06/15] binutils : Fix CVE-2023-25584 Steve Sakoman
2023-05-06 15:24 ` [OE-core][kirkstone 07/15] binutils : Fix CVE-2023-25585 Steve Sakoman
2023-05-06 15:24 ` [OE-core][kirkstone 08/15] binutils : Fix CVE-2023-1972 Steve Sakoman
2023-05-06 15:24 ` [OE-core][kirkstone 09/15] binutils : Fix CVE-2023-25588 Steve Sakoman
2023-05-06 15:24 ` [OE-core][kirkstone 10/15] webkitgtk: fix CVE-2022-32888 & CVE-2022-32923 Steve Sakoman
2023-05-06 15:24 ` [OE-core][kirkstone 11/15] python3-cryptography: fix for CVE-2023-23931 Steve Sakoman
2023-05-06 15:24 ` [OE-core][kirkstone 12/15] wic/bootimg-efi: if fixed-size is set then use that for mkdosfs Steve Sakoman
2023-05-06 15:24 ` [OE-core][kirkstone 13/15] kernel-devicetree: allow specification of dtb directory Steve Sakoman
2023-05-06 17:25 ` Martin Jansa
2023-05-06 15:24 ` [OE-core][kirkstone 14/15] libbsd: Add correct license for all packages Steve Sakoman
2023-05-06 15:24 ` [OE-core][kirkstone 15/15] run-postinsts: Set dependency for ldconfig to avoid boot issues Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2025-06-10 19:38 [OE-core][kirkstone 00/15] Patch review Steve Sakoman
2025-05-13 19:07 Steve Sakoman
2025-02-27 17:39 Steve Sakoman
2024-09-23 13:13 Steve Sakoman
2024-03-20 16:09 Steve Sakoman
2023-12-08 2:33 Steve Sakoman
2023-05-09 22:32 Steve Sakoman
2022-07-27 0:40 Steve Sakoman
2022-06-19 19:30 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1683386547.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox