[OE-core][nanbield 00/21] Patch review

public inbox for openembedded-core@lists.openembedded.org
 help / color / mirror / Atom feed

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][nanbield 00/21] Patch review
Date: Thu, 15 Feb 2024 06:17:43 -1000	[thread overview]
Message-ID: <cover.1708012696.git.steve@sakoman.com> (raw)

Please review this set of changes for nanbield and have comments back by
end of day Monday, February 19

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6568

The following changes since commit 0584d01f623e1f9b0fef4dfa95dd66de6cbfb7b3:

  build-appliance-image: Update to nanbield head revision (2024-02-08 03:49:03 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/nanbield-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/nanbield-nut

Alexander Sverdlin (1):
  linux-firmware: upgrade 20231030 -> 20231211

Benjamin Bara (1):
  glibc: stable 2.38 branch updates

Chen Qi (1):
  multilib_global.bbclass: fix parsing error with no kernel module split

Jonathan GUILLOT (1):
  udev-extraconf: fix unmount directories containing octal-escaped chars

Julien Stephan (1):
  externalsrc: fix task dependency for do_populate_lic

Kai Kang (1):
  xserver-xorg: 21.1.9 -> 21.1.11

Peter Marko (1):
  zlib: ignore CVE-2023-6992

Richard Purdie (3):
  allarch: Fix allarch corner case
  reproducible: Fix race with externalsrc/devtool over lockfile
  pseudo: Update to pull in gcc14 fix and missing statvfs64 intercept

Robert Joslyn (1):
  gtk: Set CVE_PRODUCT

Ross Burton (3):
  libssh2: backport fix for CVE-2023-48795
  cve_check: handle CVE_STATUS being set to the empty string
  cve_check: cleanup logging

Simone Weiß (1):
  gcc: Update status of CVE-2023-4039

Wang Mingyu (3):
  at-spi2-core: upgrade 2.50.0 -> 2.50.1
  cpio: upgrade 2.14 -> 2.15
  gstreamer: upgrade 1.22.8 -> 1.22.9

Yogita Urade (2):
  tiff: fix CVE-2023-6228
  tiff: fix CVE-2023-52355 and CVE-2023-52356

baruch@tkos.co.il (1):
  overlayfs: add missing closing parenthesis in selftest

 .../overlayfs-user/overlayfs-user.bb          |   2 +-
 meta/classes-recipe/allarch.bbclass           |   4 +-
 meta/classes/externalsrc.bbclass              |   1 +
 meta/classes/multilib_global.bbclass          |   1 +
 meta/lib/oe/cve_check.py                      |  17 +-
 meta/lib/oe/reproducible.py                   |   3 +
 meta/recipes-core/glibc/glibc-version.inc     |   5 +-
 .../recipes-core/udev/udev-extraconf/mount.sh |   2 +-
 meta/recipes-core/zlib/zlib_1.3.bb            |   1 +
 meta/recipes-devtools/gcc/gcc-13.2.inc        |   1 +
 .../pseudo/files/glibc238.patch               |  13 -
 meta/recipes-devtools/pseudo/pseudo_git.bb    |   2 +-
 .../cpio/{cpio_2.14.bb => cpio_2.15.bb}       |   3 +-
 ...e-needed-header-for-major-minor-macr.patch |  48 --
 meta/recipes-gnome/gtk+/gtk+3_3.24.38.bb      |   2 +
 meta/recipes-gnome/gtk+/gtk4_4.12.3.bb        |   2 +
 ...xorg_21.1.9.bb => xserver-xorg_21.1.11.bb} |   2 +-
 ...20231030.bb => linux-firmware_20231211.bb} |   7 +-
 ...tools_1.22.8.bb => gst-devtools_1.22.9.bb} |   2 +-
 ...1.22.8.bb => gstreamer1.0-libav_1.22.9.bb} |   2 +-
 ...x_1.22.8.bb => gstreamer1.0-omx_1.22.9.bb} |   2 +-
 ....bb => gstreamer1.0-plugins-bad_1.22.9.bb} |   2 +-
 ...bb => gstreamer1.0-plugins-base_1.22.9.bb} |   2 +-
 ...bb => gstreamer1.0-plugins-good_1.22.9.bb} |   2 +-
 ...bb => gstreamer1.0-plugins-ugly_1.22.9.bb} |   3 +-
 ....22.8.bb => gstreamer1.0-python_1.22.9.bb} |   2 +-
 ....bb => gstreamer1.0-rtsp-server_1.22.9.bb} |   2 +-
 ...1.22.8.bb => gstreamer1.0-vaapi_1.22.9.bb} |   2 +-
 ...er1.0_1.22.8.bb => gstreamer1.0_1.22.9.bb} |   2 +-
 .../libtiff/tiff/CVE-2023-52355-0001.patch    | 238 +++++++++
 .../libtiff/tiff/CVE-2023-52355-0002.patch    |  28 ++
 .../libtiff/tiff/CVE-2023-52356.patch         |  49 ++
 .../libtiff/tiff/CVE-2023-6228.patch          |  31 ++
 meta/recipes-multimedia/libtiff/tiff_4.6.0.bb |   4 +
 ...-core_2.50.0.bb => at-spi2-core_2.50.1.bb} |   2 +-
 .../libssh2/libssh2/CVE-2023-48795.patch      | 466 ++++++++++++++++++
 .../recipes-support/libssh2/libssh2_1.11.0.bb |   1 +
 37 files changed, 864 insertions(+), 94 deletions(-)
 rename meta/recipes-extended/cpio/{cpio_2.14.bb => cpio_2.15.bb} (94%)
 delete mode 100644 meta/recipes-extended/cpio/files/0001-configure-Include-needed-header-for-major-minor-macr.patch
 rename meta/recipes-graphics/xorg-xserver/{xserver-xorg_21.1.9.bb => xserver-xorg_21.1.11.bb} (92%)
 rename meta/recipes-kernel/linux-firmware/{linux-firmware_20231030.bb => linux-firmware_20231211.bb} (99%)
 rename meta/recipes-multimedia/gstreamer/{gst-devtools_1.22.8.bb => gst-devtools_1.22.9.bb} (95%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-libav_1.22.8.bb => gstreamer1.0-libav_1.22.9.bb} (91%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-omx_1.22.8.bb => gstreamer1.0-omx_1.22.9.bb} (95%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-bad_1.22.8.bb => gstreamer1.0-plugins-bad_1.22.9.bb} (98%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-base_1.22.8.bb => gstreamer1.0-plugins-base_1.22.9.bb} (98%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-good_1.22.8.bb => gstreamer1.0-plugins-good_1.22.9.bb} (97%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-ugly_1.22.8.bb => gstreamer1.0-plugins-ugly_1.22.9.bb} (94%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-python_1.22.8.bb => gstreamer1.0-python_1.22.9.bb} (91%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-rtsp-server_1.22.8.bb => gstreamer1.0-rtsp-server_1.22.9.bb} (90%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-vaapi_1.22.8.bb => gstreamer1.0-vaapi_1.22.9.bb} (95%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0_1.22.8.bb => gstreamer1.0_1.22.9.bb} (97%)
 create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-52355-0001.patch
 create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-52355-0002.patch
 create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-52356.patch
 create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-6228.patch
 rename meta/recipes-support/atk/{at-spi2-core_2.50.0.bb => at-spi2-core_2.50.1.bb} (95%)
 create mode 100644 meta/recipes-support/libssh2/libssh2/CVE-2023-48795.patch

-- 
2.34.1

next             reply	other threads:[~2024-02-15 16:18 UTC|newest]

Thread overview: 22+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-02-15 16:17 Steve Sakoman [this message]
2024-02-15 16:17 ` [OE-core][nanbield 01/21] tiff: fix CVE-2023-6228 Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 02/21] tiff: fix CVE-2023-52355 and CVE-2023-52356 Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 03/21] zlib: ignore CVE-2023-6992 Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 04/21] libssh2: backport fix for CVE-2023-48795 Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 05/21] gcc: Update status of CVE-2023-4039 Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 06/21] cve_check: handle CVE_STATUS being set to the empty string Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 07/21] cve_check: cleanup logging Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 08/21] gtk: Set CVE_PRODUCT Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 09/21] glibc: stable 2.38 branch updates Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 10/21] linux-firmware: upgrade 20231030 -> 20231211 Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 11/21] xserver-xorg: 21.1.9 -> 21.1.11 Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 12/21] at-spi2-core: upgrade 2.50.0 -> 2.50.1 Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 13/21] cpio: upgrade 2.14 -> 2.15 Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 14/21] gstreamer: upgrade 1.22.8 -> 1.22.9 Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 15/21] allarch: Fix allarch corner case Steve Sakoman
2024-02-15 16:17 ` [OE-core][nanbield 16/21] reproducible: Fix race with externalsrc/devtool over lockfile Steve Sakoman
2024-02-15 16:18 ` [OE-core][nanbield 17/21] externalsrc: fix task dependency for do_populate_lic Steve Sakoman
2024-02-15 16:18 ` [OE-core][nanbield 18/21] udev-extraconf: fix unmount directories containing octal-escaped chars Steve Sakoman
2024-02-15 16:18 ` [OE-core][nanbield 19/21] pseudo: Update to pull in gcc14 fix and missing statvfs64 intercept Steve Sakoman
2024-02-15 16:18 ` [OE-core][nanbield 20/21] overlayfs: add missing closing parenthesis in selftest Steve Sakoman
2024-02-15 16:18 ` [OE-core][nanbield 21/21] multilib_global.bbclass: fix parsing error with no kernel module split Steve Sakoman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=cover.1708012696.git.steve@sakoman.com \
    --to=steve@sakoman.com \
    --cc=openembedded-core@lists.openembedded.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox