[OE-core][mickledore 0/9] Patch review

Openembedded Core Discussions
 help / color / mirror / Atom feed

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][mickledore 0/9] Patch review
Date: Fri,  8 Sep 2023 03:46:51 -1000	[thread overview]
Message-ID: <cover.1694179812.git.steve@sakoman.com> (raw)

Please review this set of changes for mickledore and have comments back by
end of day Tuesday, September 12

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5856

The following changes since commit 981fa51afe040550c7c351fff028553d4bbbd1ca:

  vim: update obsolete comment (2023-08-29 06:47:33 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/mickledore-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/mickledore-nut

Alexander Kanavin (2):
  python3: upgrade 3.11.2 -> 3.11.3
  python3: update 3.11.3 -> 3.11.4

Chee Yang Lee (2):
  libssh2: fix CVE-2020-22218
  python3: update to 3.11.5

Kai Kang (2):
  webkitgtk: fix CVE-2023-32439
  webkitgtk: fix CVE-2023-32435

Michael Halstead (1):
  yocto-uninative: Update to 4.3

Sakib Sajal (1):
  go: upgrade 1.20.6 -> 1.20.7

Yogita Urade (1):
  nghttp2: fix CVE-2023-35945

 meta/conf/distro/include/yocto-uninative.inc  |   8 +-
 .../go/{go-1.20.6.inc => go-1.20.7.inc}       |   2 +-
 ...e_1.20.6.bb => go-binary-native_1.20.7.bb} |   6 +-
 ..._1.20.6.bb => go-cross-canadian_1.20.7.bb} |   0
 ...{go-cross_1.20.6.bb => go-cross_1.20.7.bb} |   0
 ...osssdk_1.20.6.bb => go-crosssdk_1.20.7.bb} |   0
 ...o-native_1.20.6.bb => go-native_1.20.7.bb} |   0
 ...runtime_1.20.6.bb => go-runtime_1.20.7.bb} |   0
 .../go/{go_1.20.6.bb => go_1.20.7.bb}         |   0
 ...-search-system-for-headers-libraries.patch |   2 +-
 ...e-stdin-I-O-errors-same-way-as-maste.patch |  12 +-
 ...-use-prefix-value-from-build-configu.patch |   2 +-
 ...tutils-prefix-is-inside-staging-area.patch |   2 +-
 .../python/python3/makerace.patch             |   8 +-
 .../{python3_3.11.2.bb => python3_3.11.5.bb}  |   2 +-
 .../webkit/webkitgtk/CVE-2023-32435.patch     |  59 +++++++
 .../webkit/webkitgtk/CVE-2023-32439.patch     | 128 +++++++++++++++
 meta/recipes-sato/webkit/webkitgtk_2.38.6.bb  |   2 +
 .../libssh2/libssh2/CVE-2020-22218.patch      |  34 ++++
 .../recipes-support/libssh2/libssh2_1.10.0.bb |   1 +
 .../nghttp2/nghttp2/CVE-2023-35945.patch      | 151 ++++++++++++++++++
 .../recipes-support/nghttp2/nghttp2_1.52.0.bb |   1 +
 22 files changed, 398 insertions(+), 22 deletions(-)
 rename meta/recipes-devtools/go/{go-1.20.6.inc => go-1.20.7.inc} (90%)
 rename meta/recipes-devtools/go/{go-binary-native_1.20.6.bb => go-binary-native_1.20.7.bb} (78%)
 rename meta/recipes-devtools/go/{go-cross-canadian_1.20.6.bb => go-cross-canadian_1.20.7.bb} (100%)
 rename meta/recipes-devtools/go/{go-cross_1.20.6.bb => go-cross_1.20.7.bb} (100%)
 rename meta/recipes-devtools/go/{go-crosssdk_1.20.6.bb => go-crosssdk_1.20.7.bb} (100%)
 rename meta/recipes-devtools/go/{go-native_1.20.6.bb => go-native_1.20.7.bb} (100%)
 rename meta/recipes-devtools/go/{go-runtime_1.20.6.bb => go-runtime_1.20.7.bb} (100%)
 rename meta/recipes-devtools/go/{go_1.20.6.bb => go_1.20.7.bb} (100%)
 rename meta/recipes-devtools/python/{python3_3.11.2.bb => python3_3.11.5.bb} (99%)
 create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2023-32435.patch
 create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2023-32439.patch
 create mode 100644 meta/recipes-support/libssh2/libssh2/CVE-2020-22218.patch
 create mode 100644 meta/recipes-support/nghttp2/nghttp2/CVE-2023-35945.patch

-- 
2.34.1

next             reply	other threads:[~2023-09-08 13:47 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-09-08 13:46 Steve Sakoman [this message]
2023-09-08 13:46 ` [OE-core][mickledore 1/9] libssh2: fix CVE-2020-22218 Steve Sakoman
2023-09-08 13:46 ` [OE-core][mickledore 2/9] nghttp2: fix CVE-2023-35945 Steve Sakoman
2023-09-08 13:46 ` [OE-core][mickledore 3/9] webkitgtk: fix CVE-2023-32439 Steve Sakoman
2023-09-08 13:46 ` [OE-core][mickledore 4/9] webkitgtk: fix CVE-2023-32435 Steve Sakoman
2023-09-08 13:46 ` [OE-core][mickledore 5/9] python3: upgrade 3.11.2 -> 3.11.3 Steve Sakoman
2023-09-08 13:46 ` [OE-core][mickledore 6/9] python3: update 3.11.3 -> 3.11.4 Steve Sakoman
2023-09-08 13:46 ` [OE-core][mickledore 7/9] python3: update to 3.11.5 Steve Sakoman
2023-09-08 13:46 ` [OE-core][mickledore 8/9] go: upgrade 1.20.6 -> 1.20.7 Steve Sakoman
2023-09-08 13:47 ` [OE-core][mickledore 9/9] yocto-uninative: Update to 4.3 Steve Sakoman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=cover.1694179812.git.steve@sakoman.com \
    --to=steve@sakoman.com \
    --cc=openembedded-core@lists.openembedded.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox