[OE-core][mickledore 00/20] Patch review

[Steve Sakoman <steve@sakoman.com>]

Please review this set of changes for mickledore and have comments back by
end of day Tuesday, August 29.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5786

The following changes since commit 7e3489c0c5970389c8a239dc7b367bcadf554eb5:

  build-appliance-image: Update to mickledore head revision (2023-08-18 03:58:04 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/mickledore-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/mickledore-nut

Alexis Lothoré (1):
  oeqa/utils/gitarchive: fix tag computation when creating archive

Chee Yang Lee (3):
  curl: fix CVE-2023-32001
  ghostscript: fix CVE-2023-38559
  librsvg: upgrade to 2.54.6

Markus Volk (1):
  gtk4: upgrade 4.10.4 -> 4.10.5

Michael Halstead (2):
  yocto-uninative: Update hashes for uninative 4.1
  yocto-uninative: Update to 4.2 for glibc 2.38

Michael Opdenacker (1):
  scripts/create-pull-request: update URLs to git repositories

Narpat Mali (2):
  ffmpeg: add CVE_CHECK_IGNORE for CVE-2023-39018
  python3-git: upgrade 3.1.31 -> 3.1.32

Peter Marko (1):
  openssl: Upgrade 3.1.1 -> 3.1.2

Peter Suti (1):
  externalsrc: fix dependency chain issues

Richard Purdie (4):
  pseudo: Fix to work with glibc 2.38
  lib/package_manager: Improve repo artefact filtering
  gnupg: Fix reproducibility failure
  resulttool/report: Avoid divide by zero

Ross Burton (2):
  linux-yocto: add script to generate kernel CVE_CHECK_IGNORE entries
  linux/cve-exclusion: add generated CVE_CHECK_IGNOREs

Wang Mingyu (1):
  file: upgrade 5.44 -> 5.45

sanjana (1):
  glibc: stable 2.37 branch updates

 meta/classes/externalsrc.bbclass              |    7 +-
 meta/conf/distro/include/yocto-uninative.inc  |   10 +-
 meta/lib/oe/package_manager/__init__.py       |    5 +-
 meta/lib/oeqa/utils/gitarchive.py             |    6 +-
 .../{openssl_3.1.1.bb => openssl_3.1.2.bb}    |    2 +-
 meta/recipes-core/glibc/glibc-version.inc     |    2 +-
 .../file/{file_5.44.bb => file_5.45.bb}       |    2 +-
 .../pseudo/files/glibc238.patch               |   72 +
 meta/recipes-devtools/pseudo/pseudo_git.bb    |    1 +
 ...n3-git_3.1.31.bb => python3-git_3.1.32.bb} |    2 +-
 .../ghostscript/CVE-2023-38559.patch          |   31 +
 .../ghostscript/ghostscript_10.0.0.bb         |    1 +
 .../gtk+/{gtk4_4.10.4.bb => gtk4_4.10.5.bb}   |    2 +-
 .../{librsvg_2.54.5.bb => librsvg_2.54.6.bb}  |    2 +-
 .../linux/cve-exclusion_6.1.inc               | 7250 ++++++++++++++++-
 .../linux/generate-cve-exclusions.py          |  101 +
 .../recipes-multimedia/ffmpeg/ffmpeg_5.1.2.bb |    6 +
 .../curl/curl/CVE-2023-32001.patch            |   39 +
 meta/recipes-support/curl/curl_8.0.1.bb       |    1 +
 meta/recipes-support/gnupg/gnupg_2.4.2.bb     |    2 +
 scripts/create-pull-request                   |    7 +-
 scripts/lib/resulttool/report.py              |    5 +-
 22 files changed, 7502 insertions(+), 54 deletions(-)
 rename meta/recipes-connectivity/openssl/{openssl_3.1.1.bb => openssl_3.1.2.bb} (99%)
 rename meta/recipes-devtools/file/{file_5.44.bb => file_5.45.bb} (97%)
 create mode 100644 meta/recipes-devtools/pseudo/files/glibc238.patch
 rename meta/recipes-devtools/python/{python3-git_3.1.31.bb => python3-git_3.1.32.bb} (92%)
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2023-38559.patch
 rename meta/recipes-gnome/gtk+/{gtk4_4.10.4.bb => gtk4_4.10.5.bb} (98%)
 rename meta/recipes-gnome/librsvg/{librsvg_2.54.5.bb => librsvg_2.54.6.bb} (97%)
 create mode 100755 meta/recipes-kernel/linux/generate-cve-exclusions.py
 create mode 100644 meta/recipes-support/curl/curl/CVE-2023-32001.patch

-- 
2.34.1