From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 00/38] Patch review
Date: Wed, 4 Dec 2024 09:53:27 -0800 [thread overview]
Message-ID: <cover.1733334655.git.steve@sakoman.com> (raw)
Please review this set of changes for kirkstone and have comments back by
end of day Friday, December 6
Passed a-full on autobuilder:
https://valkyrie.yoctoproject.org/#/builders/29/builds/581
The following changes since commit 13b13b81b91f618c13cf972067c47bd810de852f:
gstreamer1.0: improve test reliability (2024-11-27 06:57:56 -0800)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Changqing Li (2):
libsoup: fix CVE-2024-52531
rxvt-unicode.inc: disable the terminfo installation by setting TIC to
:
Divya Chellam (1):
qemu: fix CVE-2024-3446
Hongxu Jia (3):
ovmf: fix CVE-2024-38796
ovmf: fix CVE-2024-1298
python3-zipp: fix CVE-2024-5569
Jiaying Song (1):
diffoscope: fix CVE-2024-25711
Peter Marko (6):
cpio: ignore CVE-2023-7216
gnupg: ignore CVE-2022-3515
qemu: ignore CVE-2022-36648
grub: ignore CVE-2024-1048 and CVE-2023-4001
pixman: ignore CVE-2023-37769
qemu: patch CVE-2024-6505
Richard Purdie (12):
do_package/sstate/sstatesig: Change timestamp clamping to hash output
only
selftest/reproducible: Drop rawlogs
selftest/reproducible: Clean up pathnames
resulttool: Allow store to filter to specific revisions
resulttool: Use single space indentation in json output
oeqa/utils/gitarchive: Return tag name and improve exclude handling
resulttool: Fix passthrough of --all files in store mode
resulttool: Add --logfile-archive option to store mode
resulttool: Handle ltp rawlogs as well as ptest
resulttool: Clean up repoducible build logs
resulttool: Trim the precision of duration information
resulttool: Improve repo layout for oeselftest results
Soumya Sambu (11):
ovmf: Fix CVE-2022-36763
ovmf: Fix CVE-2022-36764
ovmf: Fix CVE-2023-45230
ovmf: Fix CVE-2023-45231
ovmf: Fix CVE-2023-45232, CVE-2023-45233
ovmf: Fix CVE-2023-45234
ovmf: Fix CVE-2023-45235
ovmf: Fix CVE-2023-45229
ovmf: Fix CVE-2023-45237
ovmf: Fix CVE-2023-45236
ovmf: Fix CVE-2022-36765
Vijay Anusuri (1):
libsoup-2.4: Backport fix for CVE-2024-52531
Yogita Urade (1):
qemu: fix CVE-2024-3447
meta/classes/sstate.bbclass | 16 -
meta/lib/oe/sstatesig.py | 7 +-
meta/lib/oeqa/core/runner.py | 2 +-
meta/lib/oeqa/selftest/cases/reproducible.py | 8 +-
meta/lib/oeqa/utils/gitarchive.py | 4 +-
meta/recipes-bsp/grub/grub2.inc | 2 +
...ential-UINT32-overflow-in-S3-ResumeC.patch | 51 +
...-Fix-overflow-issue-in-BasePeCoffLib.patch | 37 +
.../ovmf/ovmf/CVE-2022-36763-0001.patch | 985 ++++++++++
.../ovmf/ovmf/CVE-2022-36763-0002.patch | 889 +++++++++
.../ovmf/ovmf/CVE-2022-36763-0003.patch | 55 +
.../ovmf/ovmf/CVE-2022-36764-0001.patch | 271 +++
.../ovmf/ovmf/CVE-2022-36764-0002.patch | 281 +++
.../ovmf/ovmf/CVE-2022-36764-0003.patch | 48 +
.../ovmf/ovmf/CVE-2022-36765-0001.patch | 179 ++
.../ovmf/ovmf/CVE-2022-36765-0002.patch | 157 ++
.../ovmf/ovmf/CVE-2022-36765-0003.patch | 135 ++
.../ovmf/ovmf/CVE-2023-45229-0001.patch | 604 ++++++
.../ovmf/ovmf/CVE-2023-45229-0002.patch | 539 ++++++
.../ovmf/ovmf/CVE-2023-45229-0003.patch | 244 +++
.../ovmf/ovmf/CVE-2023-45229-0004.patch | 157 ++
.../ovmf/ovmf/CVE-2023-45230-0001.patch | 1617 +++++++++++++++++
.../ovmf/ovmf/CVE-2023-45230-0002.patch | 604 ++++++
.../ovmf/ovmf/CVE-2023-45231-0001.patch | 65 +
.../ovmf/ovmf/CVE-2023-45231-0002.patch | 250 +++
.../CVE-2023-45232-CVE-2023-45233-0001.patch | 360 ++++
.../CVE-2023-45232-CVE-2023-45233-0002.patch | 417 +++++
.../ovmf/ovmf/CVE-2023-45234-0001.patch | 154 ++
.../ovmf/ovmf/CVE-2023-45234-0002.patch | 485 +++++
.../ovmf/ovmf/CVE-2023-45235-0001.patch | 243 +++
.../ovmf/ovmf/CVE-2023-45235-0002.patch | 379 ++++
.../ovmf/ovmf/CVE-2023-45236.patch | 829 +++++++++
.../ovmf/ovmf/CVE-2023-45237-0001.patch | 78 +
.../ovmf/ovmf/CVE-2023-45237-0002.patch | 1288 +++++++++++++
meta/recipes-core/ovmf/ovmf_git.bb | 28 +
.../0001-Add-SanitizedNames-mixin.patch | 89 +
...Names-in-CompleteDirs.-Fixes-broken-.patch | 30 +
.../0003-Removed-SanitizedNames.patch | 95 +
...-loop-when-zipfile-begins-with-more-.patch | 48 +
...ath.rstrip-to-consolidate-checks-for.patch | 30 +
.../python/python3-zipp_3.7.0.bb | 8 +
meta/recipes-devtools/qemu/qemu.inc | 13 +
.../qemu/qemu/CVE-2024-3446-0001.patch | 218 +++
.../qemu/qemu/CVE-2024-3446-0002.patch | 427 +++++
.../qemu/qemu/CVE-2024-3446-0003.patch | 68 +
.../qemu/qemu/CVE-2024-3446-0004.patch | 144 ++
.../qemu/qemu/CVE-2024-3446-0005.patch | 42 +
.../qemu/qemu/CVE-2024-3446-0006.patch | 43 +
.../qemu/qemu/CVE-2024-3447.patch | 137 ++
.../qemu/qemu/CVE-2024-6505.patch | 40 +
meta/recipes-extended/cpio/cpio_2.14.bb | 2 +
.../xorg-lib/pixman_0.40.0.bb | 3 +
.../rxvt-unicode/rxvt-unicode.inc | 3 +-
.../diffoscope/CVE-2024-25711.patch | 116 ++
.../diffoscope/diffoscope_208.bb | 1 +
meta/recipes-support/gnupg/gnupg_2.3.7.bb | 2 +
.../libsoup-2.4/CVE-2024-52531-1.patch | 131 ++
.../libsoup-2.4/CVE-2024-52531-2.patch | 36 +
.../libsoup/libsoup-2.4_2.74.2.bb | 2 +
.../libsoup/libsoup/CVE-2024-52531-1.patch | 116 ++
.../libsoup/libsoup/CVE-2024-52531-2.patch | 40 +
.../libsoup/libsoup/CVE-2024-52531-3.patch | 136 ++
meta/recipes-support/libsoup/libsoup_3.0.7.bb | 3 +
scripts/lib/resulttool/manualexecution.py | 2 +-
scripts/lib/resulttool/report.py | 2 +-
scripts/lib/resulttool/resultutils.py | 76 +-
scripts/lib/resulttool/store.py | 26 +-
67 files changed, 13550 insertions(+), 47 deletions(-)
create mode 100644 meta/recipes-core/ovmf/ovmf/0001-MdeModulePkg-Potential-UINT32-overflow-in-S3-ResumeC.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/0001-MdePkg-Fix-overflow-issue-in-BasePeCoffLib.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2022-36763-0001.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2022-36763-0002.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2022-36763-0003.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2022-36764-0001.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2022-36764-0002.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2022-36764-0003.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2022-36765-0001.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2022-36765-0002.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2022-36765-0003.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45229-0001.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45229-0002.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45229-0003.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45229-0004.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45230-0001.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45230-0002.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45231-0001.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45231-0002.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45232-CVE-2023-45233-0001.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45232-CVE-2023-45233-0002.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45234-0001.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45234-0002.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45235-0001.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45235-0002.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45236.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45237-0001.patch
create mode 100644 meta/recipes-core/ovmf/ovmf/CVE-2023-45237-0002.patch
create mode 100644 meta/recipes-devtools/python/python3-zipp/0001-Add-SanitizedNames-mixin.patch
create mode 100644 meta/recipes-devtools/python/python3-zipp/0002-Employ-SanitizedNames-in-CompleteDirs.-Fixes-broken-.patch
create mode 100644 meta/recipes-devtools/python/python3-zipp/0003-Removed-SanitizedNames.patch
create mode 100644 meta/recipes-devtools/python/python3-zipp/0004-Address-infinite-loop-when-zipfile-begins-with-more-.patch
create mode 100644 meta/recipes-devtools/python/python3-zipp/0005-Prefer-simpler-path.rstrip-to-consolidate-checks-for.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3446-0001.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3446-0002.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3446-0003.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3446-0004.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3446-0005.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3446-0006.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3447.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-6505.patch
create mode 100644 meta/recipes-support/diffoscope/diffoscope/CVE-2024-25711.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2024-52531-1.patch
create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2024-52531-2.patch
create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2024-52531-1.patch
create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2024-52531-2.patch
create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2024-52531-3.patch
--
2.34.1
next reply other threads:[~2024-12-04 17:54 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-04 17:53 Steve Sakoman [this message]
2024-12-04 17:53 ` [OE-core][kirkstone 01/38] ovmf: Fix CVE-2022-36763 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 02/38] ovmf: Fix CVE-2022-36764 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 03/38] ovmf: Fix CVE-2023-45230 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 04/38] ovmf: Fix CVE-2023-45231 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 05/38] ovmf: Fix CVE-2023-45232, CVE-2023-45233 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 06/38] ovmf: Fix CVE-2023-45234 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 07/38] ovmf: Fix CVE-2023-45235 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 08/38] ovmf: Fix CVE-2023-45229 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 09/38] ovmf: Fix CVE-2023-45237 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 10/38] ovmf: Fix CVE-2023-45236 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 11/38] ovmf: Fix CVE-2022-36765 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 12/38] ovmf: fix CVE-2024-38796 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 13/38] ovmf: fix CVE-2024-1298 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 14/38] libsoup: fix CVE-2024-52531 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 15/38] python3-zipp: fix CVE-2024-5569 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 16/38] libsoup-2.4: Backport fix for CVE-2024-52531 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 17/38] cpio: ignore CVE-2023-7216 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 18/38] gnupg: ignore CVE-2022-3515 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 19/38] qemu: ignore CVE-2022-36648 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 20/38] grub: ignore CVE-2024-1048 and CVE-2023-4001 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 21/38] pixman: ignore CVE-2023-37769 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 22/38] qemu: patch CVE-2024-6505 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 23/38] qemu: fix CVE-2024-3446 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 24/38] qemu: fix CVE-2024-3447 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 25/38] diffoscope: fix CVE-2024-25711 Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 26/38] do_package/sstate/sstatesig: Change timestamp clamping to hash output only Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 27/38] rxvt-unicode.inc: disable the terminfo installation by setting TIC to : Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 28/38] selftest/reproducible: Drop rawlogs Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 29/38] selftest/reproducible: Clean up pathnames Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 30/38] resulttool: Allow store to filter to specific revisions Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 31/38] resulttool: Use single space indentation in json output Steve Sakoman
2024-12-04 17:53 ` [OE-core][kirkstone 32/38] oeqa/utils/gitarchive: Return tag name and improve exclude handling Steve Sakoman
2024-12-04 17:54 ` [OE-core][kirkstone 33/38] resulttool: Fix passthrough of --all files in store mode Steve Sakoman
2024-12-04 17:54 ` [OE-core][kirkstone 34/38] resulttool: Add --logfile-archive option to " Steve Sakoman
2024-12-04 17:54 ` [OE-core][kirkstone 35/38] resulttool: Handle ltp rawlogs as well as ptest Steve Sakoman
2024-12-04 17:54 ` [OE-core][kirkstone 36/38] resulttool: Clean up repoducible build logs Steve Sakoman
2024-12-04 17:54 ` [OE-core][kirkstone 37/38] resulttool: Trim the precision of duration information Steve Sakoman
2024-12-04 17:54 ` [OE-core][kirkstone 38/38] resulttool: Improve repo layout for oeselftest results Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2026-02-24 14:23 [OE-core][kirkstone 00/38] Patch review Yoann Congal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1733334655.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox