From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 00/12] Patch review
Date: Thu, 29 Aug 2024 06:32:23 -0700 [thread overview]
Message-ID: <cover.1724938187.git.steve@sakoman.com> (raw)
Please review this set of changes for scarthgap and have comments back by
end of day Monday, September 2
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/7287
The following changes since commit 8b5c66c91d94f4c8521fe9443e65d86063dba5e5:
oeqa/utils/postactions: transfer whole archive over ssh instead of doing individual copies (2024-08-20 05:03:49 -0700)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut
Archana Polampalli (2):
ffmpeg: fix CVE-2024-32230
qemu: fix CVE-2024-7409
Bartosz Golaszewski (1):
linux-firmware: add a package for ath12k firmware
Changqing Li (2):
expect-native: fix do_compile failure with gcc-14
libcap-ng: update SRC_URI
Niko Mauno (1):
util-linux: Add PACKAGECONFIG option to mitigate rootfs remount error
Peter Marko (2):
libyaml: Ignore CVE-2024-35325
curl: Patch CVE-2024-7264
Quentin Schulz (1):
weston-init: fix weston not starting when xwayland is enabled
Siddharth Doshi (1):
vim: Upgrade 9.1.0114 -> 9.1.0682
Simone Weiß (1):
curl: Ignore CVE-2024-32928
Yogita Urade (1):
qemu: fix CVE-2024-4467
.../util-linux/util-linux_2.39.3.bb | 12 +-
meta/recipes-devtools/expect/expect_5.45.4.bb | 2 +-
meta/recipes-devtools/qemu/qemu.inc | 9 +
.../qemu/qemu/CVE-2024-4467-0001.patch | 112 ++
.../qemu/qemu/CVE-2024-4467-0002.patch | 55 +
.../qemu/qemu/CVE-2024-4467-0003.patch | 57 +
.../qemu/qemu/CVE-2024-4467-0004.patch | 1187 +++++++++++++++++
.../qemu/qemu/CVE-2024-4467-0005.patch | 239 ++++
.../qemu/qemu/CVE-2024-7409-0001.patch | 167 +++
.../qemu/qemu/CVE-2024-7409-0002.patch | 175 +++
.../qemu/qemu/CVE-2024-7409-0003.patch | 126 ++
.../qemu/qemu/CVE-2024-7409-0004.patch | 164 +++
meta/recipes-graphics/wayland/weston-init.bb | 2 +-
.../linux-firmware/linux-firmware_20240312.bb | 8 +-
.../ffmpeg/ffmpeg/CVE-2024-32230.patch | 36 +
.../recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb | 1 +
.../curl/curl/CVE-2024-7264-1.patch | 61 +
.../curl/curl/CVE-2024-7264-2.patch | 316 +++++
meta/recipes-support/curl/curl_8.7.1.bb | 3 +
.../libcap-ng/libcap-ng-python_0.8.5.bb | 2 -
meta/recipes-support/libcap-ng/libcap-ng.inc | 8 +-
meta/recipes-support/libyaml/libyaml_0.2.5.bb | 1 +
...m-add-knob-whether-elf.h-are-checked.patch | 39 -
meta/recipes-support/vim/vim.inc | 5 +-
24 files changed, 2737 insertions(+), 50 deletions(-)
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-4467-0001.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-4467-0002.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-4467-0003.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-4467-0004.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-4467-0005.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-7409-0001.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-7409-0002.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-7409-0003.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-7409-0004.patch
create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-32230.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2024-7264-1.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2024-7264-2.patch
delete mode 100644 meta/recipes-support/vim/files/vim-add-knob-whether-elf.h-are-checked.patch
--
2.34.1
next reply other threads:[~2024-08-29 13:32 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-08-29 13:32 Steve Sakoman [this message]
2024-08-29 13:32 ` [OE-core][scarthgap 01/12] qemu: fix CVE-2024-4467 Steve Sakoman
2024-08-29 13:32 ` [OE-core][scarthgap 02/12] libyaml: Ignore CVE-2024-35325 Steve Sakoman
2024-08-29 13:32 ` [OE-core][scarthgap 03/12] curl: Patch CVE-2024-7264 Steve Sakoman
2024-08-29 13:32 ` [OE-core][scarthgap 04/12] curl: Ignore CVE-2024-32928 Steve Sakoman
2024-08-29 13:32 ` [OE-core][scarthgap 05/12] ffmpeg: fix CVE-2024-32230 Steve Sakoman
2024-08-29 13:32 ` [OE-core][scarthgap 06/12] qemu: fix CVE-2024-7409 Steve Sakoman
2024-08-29 13:32 ` [OE-core][scarthgap 07/12] vim: Upgrade 9.1.0114 -> 9.1.0682 Steve Sakoman
2024-08-29 13:32 ` [OE-core][scarthgap 08/12] util-linux: Add PACKAGECONFIG option to mitigate rootfs remount error Steve Sakoman
2024-08-29 13:32 ` [OE-core][scarthgap 09/12] weston-init: fix weston not starting when xwayland is enabled Steve Sakoman
2024-08-29 13:32 ` [OE-core][scarthgap 10/12] expect-native: fix do_compile failure with gcc-14 Steve Sakoman
2024-08-29 13:32 ` [OE-core][scarthgap 11/12] libcap-ng: update SRC_URI Steve Sakoman
2024-08-29 13:32 ` [OE-core][scarthgap 12/12] linux-firmware: add a package for ath12k firmware Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2025-07-17 2:58 [OE-core][scarthgap 00/12] Patch review Steve Sakoman
2025-07-09 2:51 Steve Sakoman
2025-06-06 15:59 Steve Sakoman
2025-01-30 2:51 Steve Sakoman
2024-12-10 20:56 Steve Sakoman
2024-07-18 13:45 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1724938187.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox