From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 00/25] Patch review
Date: Sat, 4 Jan 2025 05:41:24 -0800 [thread overview]
Message-ID: <cover.1735997984.git.steve@sakoman.com> (raw)
Please review this set of changes for scarthgap and have comments back by
end of day Tuesday, January 7
Passed a-full on autobuilder:
https://valkyrie.yoctoproject.org/#/builders/29/builds/737
The following changes since commit 01423828248b75e1f5afe2e5959ccd971df875cd:
rust: add reproducibility patch to eliminate host leakage (2024-12-19 05:36:59 -0800)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut
Changqing Li (1):
sanity.bbclass: skip check_userns for non-local uid
Divya Chellam (1):
libxml2: Upgrade 2.12.8 -> 2.12.9
Guðni Már Gilbert (2):
python3: upgrade 3.12.6 -> 3.12.7
python3: upgrade 3.12.7 -> 3.12.8
Mark Hatle (1):
populate_sdk_ext: write_local_conf add shutil import
Mikko Rapeli (1):
ovmf-native: remove .pyc files from install
Peter Marko (16):
gstreamer1.0-plugins-good: fix several CVEs
gstreamer1.0-plugins-base: patch CVE-2024-47538
gstreamer1.0-plugins-base: patch CVE-2024-47607
gstreamer1.0-plugins-base: patch CVE-2024-47615
gstreamer1.0-plugins-good: patch CVE-2024-47613
gstreamer1.0-plugins-good: patch several CVEs
gstreamer1.0-plugins-base: patch CVE-2024-47541
gstreamer1.0-plugins-base: patch CVE-2024-47542
gstreamer1.0-plugins-good: patch CVE-2024-47599
gstreamer1.0-plugins-base: patch CVE-2024-47600
gstreamer1.0-plugins-good: patch CVE-2024-47606
gstreamer1.0-plugins-good: patch CVE-2024-47606
gstreamer1.0-plugins-good: patch CVE-2024-47774
gstreamer1.0-plugins-good: patch several CVEs
gstreamer1.0-plugins-base: patch CVE-2024-47835
gstreamer1.0: ignore CVEs fixed in plugins recipes
Soumya Sambu (1):
python3-requests: upgrade 2.32.0 -> 2.32.3
Xiangyu Chen (1):
lttng-modules: fix sched_stat_runtime changed in Linux 6.6.66
aszh07 (1):
libarchive: Fix CVE-2024-20696
meta/classes-global/sanity.bbclass | 2 +
meta/classes-recipe/populate_sdk_ext.bbclass | 2 +
.../{libxml2_2.12.8.bb => libxml2_2.12.9.bb} | 2 +-
meta/recipes-core/ovmf/ovmf_git.bb | 1 +
...s_2.32.0.bb => python3-requests_2.32.3.bb} | 4 +-
...shebang-overflow-on-python-config.py.patch | 6 +-
...e-stdin-I-O-errors-same-way-as-maste.patch | 3 +-
...-use-prefix-value-from-build-configu.patch | 5 +-
...-qemu-wrapper-when-gathering-profile.patch | 6 +-
...sts-due-to-load-variability-on-YP-AB.patch | 16 +-
...est_sysconfig-for-posix_user-purelib.patch | 7 +-
...e-treat-overflow-in-UID-GID-as-failu.patch | 9 +-
...asename-to-replace-CC-for-checking-c.patch | 20 +-
..._fileno-test-due-to-load-variability.patch | 6 +-
...g.py-use-platlibdir-also-for-purelib.patch | 5 +-
...ctive_children-skip-problematic-test.patch | 9 +-
...pes.test_find-skip-without-tools-sdk.patch | 5 +-
...-test_deadlock-skip-problematic-test.patch | 9 +-
...le.py-correct-the-test-output-format.patch | 7 +-
...t_readline-skip-limited-history-test.patch | 14 +-
...-test_shutdown-skip-problematic-test.patch | 11 +-
...orlines-skip-due-to-load-variability.patch | 5 +-
...up.py-do-not-add-a-curses-include-pa.patch | 6 +-
.../python/python3/cgi_py.patch | 3 +-
.../python/python3/crosspythonpath.patch | 5 +-
.../python3/deterministic_imports.patch | 5 +-
.../python/python3/makerace.patch | 6 +-
.../{python3_3.12.6.bb => python3_3.12.8.bb} | 2 +-
.../libarchive/CVE-2024-20696.patch | 115 +++++
.../libarchive/libarchive_3.7.4.bb | 3 +-
...stat_runtime-changed-in-Linux-6.6.66.patch | 51 ++
.../lttng/lttng-modules_2.13.12.bb | 1 +
...at-most-64-channels-to-NONE-position.patch | 35 ++
...at-most-64-channels-to-NONE-position.patch | 41 ++
...ck-writes-to-GstOggStream.vorbis_mod.patch | 80 ++++
...w-and-fix-per-format-min_packet_size.patch | 168 +++++++
...for-closing-brace-after-opening-brac.patch | 38 ++
...se-strstr-on-strings-that-are-potent.patch | 99 ++++
...parsing-extended-header-if-not-enoug.patch | 64 +++
...-print-channel-layout-for-more-than-.patch | 38 ++
...or-NULL-return-of-strchr-when-parsin.patch | 39 ++
.../gstreamer1.0-plugins-base_1.22.12.bb | 9 +
...o-sized-boxes-instead-of-stopping-to.patch | 124 +++++
...ger-overflow-when-allocating-the-sam.patch | 63 +++
...Fix-debug-output-during-trun-parsing.patch | 72 +++
...erate-over-all-trun-entries-if-none-.patch | 35 ++
...zes-of-stsc-stco-stts-before-trying-.patch | 63 +++
...e-only-an-even-number-of-bytes-is-pr.patch | 44 ++
...e-enough-data-is-available-before-re.patch | 120 +++++
...th-checks-and-offsets-in-stsd-entry-.patch | 450 ++++++++++++++++++
...r-handling-when-parsing-cenc-sample-.patch | 56 +++
...e-there-are-enough-offsets-to-read-w.patch | 49 ++
...-handle-errors-returns-from-various-.patch | 97 ++++
...r-invalid-atom-length-when-extractin.patch | 36 ++
...size-check-for-parsing-SMI-SEQH-atom.patch | 37 ++
...ck-if-initializing-the-video-info-ac.patch | 53 +++
...ly-unmap-GstMapInfo-in-WavPack-heade.patch | 60 +++
...x-off-by-one-when-parsing-multi-chan.patch | 35 ++
...eck-for-big-enough-WavPack-codec-pri.patch | 43 ++
...n-t-take-data-out-of-an-empty-adapte.patch | 51 ++
...ip-over-laces-directly-when-postproc.patch | 52 ++
...ip-over-zero-sized-Xiph-stream-heade.patch | 43 ++
...t-a-copy-of-the-codec-data-into-the-.patch | 44 ++
...ly-error-out-on-negotiation-failures.patch | 99 ++++
...teger-overflow-when-parsing-Theora-e.patch | 44 ++
...size-checks-and-avoid-overflows-when.patch | 46 ++
...or-short-reads-when-parsing-headers-.patch | 174 +++++++
...re-enough-data-for-the-tag-list-tag-.patch | 41 ++
...7-wavparse-Fix-parsing-of-acid-chunk.patch | 65 +++
...hat-at-least-4-bytes-are-available-b.patch | 37 ++
...hat-at-least-32-bytes-are-available-.patch | 40 ++
...ix-clipping-of-size-to-the-file-size.patch | 47 ++
...Check-size-before-reading-ds64-chunk.patch | 41 ++
.../gstreamer1.0-plugins-good_1.22.12.bb | 34 +-
...integer-overflow-when-allocating-sys.patch | 56 +++
.../gstreamer/gstreamer1.0_1.22.12.bb | 14 +
76 files changed, 3226 insertions(+), 101 deletions(-)
rename meta/recipes-core/libxml/{libxml2_2.12.8.bb => libxml2_2.12.9.bb} (97%)
rename meta/recipes-devtools/python/{python3-requests_2.32.0.bb => python3-requests_2.32.3.bb} (78%)
rename meta/recipes-devtools/python/{python3_3.12.6.bb => python3_3.12.8.bb} (99%)
create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2024-20696.patch
create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0001-Fix-sched_stat_runtime-changed-in-Linux-6.6.66.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/0004-vorbisdec-Set-at-most-64-channels-to-NONE-position.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/0005-opusdec-Set-at-most-64-channels-to-NONE-position.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/0006-vorbis_parse-check-writes-to-GstOggStream.vorbis_mod.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/0007-oggstream-review-and-fix-per-format-min_packet_size.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/0008-ssaparse-Search-for-closing-brace-after-opening-brac.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/0009-ssaparse-Don-t-use-strstr-on-strings-that-are-potent.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/0010-id3v2-Don-t-try-parsing-extended-header-if-not-enoug.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/0011-discoverer-Don-t-print-channel-layout-for-more-than-.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/0012-subparse-Check-for-NULL-return-of-strchr-when-parsin.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0001-qtdemux-Skip-zero-sized-boxes-instead-of-stopping-to.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0002-qtdemux-Fix-integer-overflow-when-allocating-the-sam.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0003-qtdemux-Fix-debug-output-during-trun-parsing.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0004-qtdemux-Don-t-iterate-over-all-trun-entries-if-none-.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0005-qtdemux-Check-sizes-of-stsc-stco-stts-before-trying-.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0006-qtdemux-Make-sure-only-an-even-number-of-bytes-is-pr.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0007-qtdemux-Make-sure-enough-data-is-available-before-re.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0008-qtdemux-Fix-length-checks-and-offsets-in-stsd-entry-.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0009-qtdemux-Fix-error-handling-when-parsing-cenc-sample-.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0010-qtdemux-Make-sure-there-are-enough-offsets-to-read-w.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0011-qtdemux-Actually-handle-errors-returns-from-various-.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0012-qtdemux-Check-for-invalid-atom-length-when-extractin.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0013-qtdemux-Add-size-check-for-parsing-SMI-SEQH-atom.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0014-gdkpixbufdec-Check-if-initializing-the-video-info-ac.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0015-matroskademux-Only-unmap-GstMapInfo-in-WavPack-heade.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0016-matroskademux-Fix-off-by-one-when-parsing-multi-chan.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0017-matroskademux-Check-for-big-enough-WavPack-codec-pri.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0018-matroskademux-Don-t-take-data-out-of-an-empty-adapte.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0019-matroskademux-Skip-over-laces-directly-when-postproc.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0020-matroskademux-Skip-over-zero-sized-Xiph-stream-heade.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0021-matroskademux-Put-a-copy-of-the-codec-data-into-the-.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0022-jpegdec-Directly-error-out-on-negotiation-failures.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0023-qtdemux-Avoid-integer-overflow-when-parsing-Theora-e.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0024-avisubtitle-Fix-size-checks-and-avoid-overflows-when.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0025-wavparse-Check-for-short-reads-when-parsing-headers-.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0026-wavparse-Make-sure-enough-data-for-the-tag-list-tag-.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0027-wavparse-Fix-parsing-of-acid-chunk.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0028-wavparse-Check-that-at-least-4-bytes-are-available-b.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0029-wavparse-Check-that-at-least-32-bytes-are-available-.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0030-wavparse-Fix-clipping-of-size-to-the-file-size.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0031-wavparse-Check-size-before-reading-ds64-chunk.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0/0005-allocator-Avoid-integer-overflow-when-allocating-sys.patch
--
2.43.0
next reply other threads:[~2025-01-04 13:42 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-01-04 13:41 Steve Sakoman [this message]
2025-01-04 13:41 ` [OE-core][scarthgap 01/25] gstreamer1.0-plugins-good: fix several CVEs Steve Sakoman
2025-01-04 13:41 ` [OE-core][scarthgap 02/25] gstreamer1.0-plugins-base: patch CVE-2024-47538 Steve Sakoman
2025-01-04 13:41 ` [OE-core][scarthgap 03/25] gstreamer1.0-plugins-base: patch CVE-2024-47607 Steve Sakoman
2025-01-04 13:41 ` [OE-core][scarthgap 04/25] gstreamer1.0-plugins-base: patch CVE-2024-47615 Steve Sakoman
2025-01-04 13:41 ` [OE-core][scarthgap 05/25] gstreamer1.0-plugins-good: patch CVE-2024-47613 Steve Sakoman
2025-01-04 13:41 ` [OE-core][scarthgap 06/25] gstreamer1.0-plugins-good: patch several CVEs Steve Sakoman
2025-01-04 13:41 ` [OE-core][scarthgap 07/25] gstreamer1.0-plugins-base: patch CVE-2024-47541 Steve Sakoman
2025-01-04 13:41 ` [OE-core][scarthgap 08/25] gstreamer1.0-plugins-base: patch CVE-2024-47542 Steve Sakoman
2025-01-04 13:41 ` [OE-core][scarthgap 09/25] gstreamer1.0-plugins-good: patch CVE-2024-47599 Steve Sakoman
2025-01-04 13:41 ` [OE-core][scarthgap 10/25] gstreamer1.0-plugins-base: patch CVE-2024-47600 Steve Sakoman
2025-01-04 13:41 ` [OE-core][scarthgap 11/25] gstreamer1.0-plugins-good: patch CVE-2024-47606 Steve Sakoman
2025-01-04 13:41 ` [OE-core][scarthgap 12/25] " Steve Sakoman
2025-01-04 13:41 ` [OE-core][scarthgap 13/25] gstreamer1.0-plugins-good: patch CVE-2024-47774 Steve Sakoman
2025-01-04 13:41 ` [OE-core][scarthgap 14/25] gstreamer1.0-plugins-good: patch several CVEs Steve Sakoman
2025-01-04 13:41 ` [OE-core][scarthgap 15/25] gstreamer1.0-plugins-base: patch CVE-2024-47835 Steve Sakoman
2025-01-04 13:41 ` [OE-core][scarthgap 16/25] gstreamer1.0: ignore CVEs fixed in plugins recipes Steve Sakoman
2025-01-04 13:41 ` [OE-core][scarthgap 17/25] libarchive: Fix CVE-2024-20696 Steve Sakoman
2025-01-04 13:41 ` [OE-core][scarthgap 18/25] python3: upgrade 3.12.6 -> 3.12.7 Steve Sakoman
2025-01-04 13:41 ` [OE-core][scarthgap 19/25] python3: upgrade 3.12.7 -> 3.12.8 Steve Sakoman
2025-01-04 13:41 ` [OE-core][scarthgap 20/25] libxml2: Upgrade 2.12.8 -> 2.12.9 Steve Sakoman
2025-01-04 13:41 ` [OE-core][scarthgap 21/25] python3-requests: upgrade 2.32.0 -> 2.32.3 Steve Sakoman
2025-01-04 13:41 ` [OE-core][scarthgap 22/25] populate_sdk_ext: write_local_conf add shutil import Steve Sakoman
2025-01-04 13:41 ` [OE-core][scarthgap 23/25] lttng-modules: fix sched_stat_runtime changed in Linux 6.6.66 Steve Sakoman
2025-01-04 13:41 ` [OE-core][scarthgap 24/25] ovmf-native: remove .pyc files from install Steve Sakoman
2025-01-04 13:41 ` [OE-core][scarthgap 25/25] sanity.bbclass: skip check_userns for non-local uid Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2026-02-09 9:28 [OE-core][scarthgap 00/25] Patch review Yoann Congal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1735997984.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox