From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 00/16] Patch review
Date: Wed, 2 Oct 2024 06:12:40 -0700 [thread overview]
Message-ID: <cover.1727874367.git.steve@sakoman.com> (raw)
Please review this set of changes for kirkstone and have comments back by
end of day Friday, October 4
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/7370
The following changes since commit ff720f337e40761c7d4d544c963cf518ad5403ad:
lib/oeqa: rename assertRaisesRegexp to assertRaisesRegex (2024-09-21 06:18:58 -0700)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Aleksandar Nikolic (3):
install-buildtools: remove md5 checksum validation
install-buildtools: fix "test installation" step
scripts/install-buildtools: Update to 4.0.21
Deepthi Hemraj (3):
gcc: upgrade to v11.5
glibc: stable 2.35 branch updates
bintuils: stable 2.38 branch update
Jinfeng Wang (1):
procps: patch CVE-2023-4016
Martin Jansa (1):
populate_sdk_base: inherit nopackages
Mingli Yu (1):
curl: free old conn better on reuse
Paul Eggleton (1):
install-buildtools: support buildtools-make-tarball and update to 4.1
Peter Marko (4):
gnupg: Document CVE-2022-3219 and mark wontfix
wpa-supplicant: Ignore CVE-2024-5290
wpa-supplicant: Patch CVE-2024-3596
wpa-supplicant: Patch security advisory 2024-2
Purushottam Choudhary (1):
kmscube: Add patch to fix -int-conversion build error
Vijay Anusuri (1):
curl: backport Debian patch for CVE-2024-8096
meta/classes/populate_sdk_base.bbclass | 2 +-
meta/conf/distro/include/maintainers.inc | 2 +-
...valid-Rejected-Groups-element-length.patch | 52 +
...valid-Rejected-Groups-element-length.patch | 50 +
...id-Rejected-Groups-element-in-the-pa.patch | 38 +
.../wpa-supplicant/CVE-2024-3596_00.patch | 82 +
.../wpa-supplicant/CVE-2024-3596_01.patch | 165 +
.../wpa-supplicant/CVE-2024-3596_02.patch | 62 +
.../wpa-supplicant/CVE-2024-3596_03.patch | 37 +
.../wpa-supplicant/CVE-2024-3596_04.patch | 52 +
.../wpa-supplicant/CVE-2024-3596_05.patch | 51 +
.../wpa-supplicant/CVE-2024-3596_06.patch | 46 +
.../wpa-supplicant/CVE-2024-3596_07.patch | 67 +
.../wpa-supplicant/CVE-2024-3596_08.patch | 47 +
.../wpa-supplicant/wpa-supplicant_2.10.bb | 15 +
meta/recipes-core/glibc/glibc-version.inc | 2 +-
.../binutils/binutils-2.38.inc | 2 +-
.../gcc/{gcc-11.4.inc => gcc-11.5.inc} | 8 +-
...ian_11.4.bb => gcc-cross-canadian_11.5.bb} | 0
.../{gcc-cross_11.4.bb => gcc-cross_11.5.bb} | 0
...-crosssdk_11.4.bb => gcc-crosssdk_11.5.bb} | 0
...cc-runtime_11.4.bb => gcc-runtime_11.5.bb} | 0
...itizers_11.4.bb => gcc-sanitizers_11.5.bb} | 0
...{gcc-source_11.4.bb => gcc-source_11.5.bb} | 0
...rch64-Update-Neoverse-N2-core-defini.patch | 38 -
.../gcc/gcc/CVE-2023-4039.patch | 2893 -----------------
.../gcc/{gcc_11.4.bb => gcc_11.5.bb} | 0
...initial_11.4.bb => libgcc-initial_11.5.bb} | 0
.../gcc/{libgcc_11.4.bb => libgcc_11.5.bb} | 0
...ibgfortran_11.4.bb => libgfortran_11.5.bb} | 0
.../procps/procps/CVE-2023-4016-2.patch | 60 +
meta/recipes-extended/procps/procps_3.3.17.bb | 3 +-
...001-common-fix-cast-type-in-init_egl.patch | 34 +
meta/recipes-graphics/kmscube/kmscube_git.bb | 6 +-
...01-url-free-old-conn-better-on-reuse.patch | 95 +
.../curl/curl/CVE-2024-8096.patch | 210 ++
meta/recipes-support/curl/curl_7.82.0.bb | 2 +
meta/recipes-support/gnupg/gnupg_2.3.7.bb | 2 +
scripts/install-buildtools | 63 +-
39 files changed, 1219 insertions(+), 2967 deletions(-)
create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-SAE-Check-for-invalid-Rejected-Groups-element-length.patch
create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0002-SAE-Check-for-invalid-Rejected-Groups-element-length.patch
create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0003-SAE-Reject-invalid-Rejected-Groups-element-in-the-pa.patch
create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2024-3596_00.patch
create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2024-3596_01.patch
create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2024-3596_02.patch
create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2024-3596_03.patch
create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2024-3596_04.patch
create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2024-3596_05.patch
create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2024-3596_06.patch
create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2024-3596_07.patch
create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2024-3596_08.patch
rename meta/recipes-devtools/gcc/{gcc-11.4.inc => gcc-11.5.inc} (95%)
rename meta/recipes-devtools/gcc/{gcc-cross-canadian_11.4.bb => gcc-cross-canadian_11.5.bb} (100%)
rename meta/recipes-devtools/gcc/{gcc-cross_11.4.bb => gcc-cross_11.5.bb} (100%)
rename meta/recipes-devtools/gcc/{gcc-crosssdk_11.4.bb => gcc-crosssdk_11.5.bb} (100%)
rename meta/recipes-devtools/gcc/{gcc-runtime_11.4.bb => gcc-runtime_11.5.bb} (100%)
rename meta/recipes-devtools/gcc/{gcc-sanitizers_11.4.bb => gcc-sanitizers_11.5.bb} (100%)
rename meta/recipes-devtools/gcc/{gcc-source_11.4.bb => gcc-source_11.5.bb} (100%)
delete mode 100644 meta/recipes-devtools/gcc/gcc/0001-aarch64-Update-Neoverse-N2-core-defini.patch
delete mode 100644 meta/recipes-devtools/gcc/gcc/CVE-2023-4039.patch
rename meta/recipes-devtools/gcc/{gcc_11.4.bb => gcc_11.5.bb} (100%)
rename meta/recipes-devtools/gcc/{libgcc-initial_11.4.bb => libgcc-initial_11.5.bb} (100%)
rename meta/recipes-devtools/gcc/{libgcc_11.4.bb => libgcc_11.5.bb} (100%)
rename meta/recipes-devtools/gcc/{libgfortran_11.4.bb => libgfortran_11.5.bb} (100%)
create mode 100644 meta/recipes-extended/procps/procps/CVE-2023-4016-2.patch
create mode 100644 meta/recipes-graphics/kmscube/kmscube/0001-common-fix-cast-type-in-init_egl.patch
create mode 100644 meta/recipes-support/curl/curl/0001-url-free-old-conn-better-on-reuse.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2024-8096.patch
--
2.34.1
next reply other threads:[~2024-10-02 13:13 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-02 13:12 Steve Sakoman [this message]
2024-10-02 13:12 ` [OE-core][kirkstone 01/16] curl: backport Debian patch for CVE-2024-8096 Steve Sakoman
2024-10-02 13:12 ` [OE-core][kirkstone 02/16] gnupg: Document CVE-2022-3219 and mark wontfix Steve Sakoman
2024-10-02 13:12 ` [OE-core][kirkstone 03/16] wpa-supplicant: Ignore CVE-2024-5290 Steve Sakoman
2024-10-02 13:12 ` [OE-core][kirkstone 04/16] wpa-supplicant: Patch CVE-2024-3596 Steve Sakoman
2024-10-02 13:12 ` [OE-core][kirkstone 05/16] wpa-supplicant: Patch security advisory 2024-2 Steve Sakoman
2024-10-02 13:12 ` [OE-core][kirkstone 06/16] procps: patch CVE-2023-4016 Steve Sakoman
2024-10-02 13:12 ` [OE-core][kirkstone 07/16] gcc: upgrade to v11.5 Steve Sakoman
2024-10-02 13:12 ` [OE-core][kirkstone 08/16] glibc: stable 2.35 branch updates Steve Sakoman
2024-10-02 13:12 ` [OE-core][kirkstone 09/16] bintuils: stable 2.38 branch update Steve Sakoman
2024-10-02 13:12 ` [OE-core][kirkstone 10/16] curl: free old conn better on reuse Steve Sakoman
2024-10-02 13:12 ` [OE-core][kirkstone 11/16] install-buildtools: support buildtools-make-tarball and update to 4.1 Steve Sakoman
2024-10-02 13:12 ` [OE-core][kirkstone 12/16] install-buildtools: remove md5 checksum validation Steve Sakoman
2024-10-02 13:12 ` [OE-core][kirkstone 13/16] install-buildtools: fix "test installation" step Steve Sakoman
2024-10-02 13:12 ` [OE-core][kirkstone 14/16] scripts/install-buildtools: Update to 4.0.21 Steve Sakoman
2024-10-02 13:12 ` [OE-core][kirkstone 15/16] kmscube: Add patch to fix -int-conversion build error Steve Sakoman
2024-10-02 13:12 ` [OE-core][kirkstone 16/16] populate_sdk_base: inherit nopackages Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2025-07-15 20:36 [OE-core][kirkstone 00/16] Patch review Steve Sakoman
2025-03-05 15:58 Steve Sakoman
2025-01-20 17:50 Steve Sakoman
2024-02-27 21:56 Steve Sakoman
2023-11-22 2:30 Steve Sakoman
2023-08-17 2:49 Steve Sakoman
2022-09-13 14:17 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1727874367.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox