Please review these changes for hardknott. Testing on autobuilder resulted in some intermittent ptest failures in valgrind, tcl and lttng-tools and also a qemu timeout failure in musl-qemux86-64.
Thanks, Anuj The following changes since commit 2fd915eda136e20ab52baea6bb908d08ef8f5cbc: oe-setup-builddir: update YP docs and OE URLs (2021-07-31 17:56:12 +0800) are available in the Git repository at: git://push.openembedded.org/openembedded-core-contrib anujm/hardknott Alexander Kanavin (2): devtool: print a warning on upgrades if PREFERRED_VERSION is set nettle: update 3.7.2 -> 3.7.3 Bruce Ashfield (4): linux-yocto/5.10: update to v5.10.53 linux-yocto/5.4: update to v5.4.135 linux-yocto-rt/5.10: update to -rt47 linux-yocto/5.10: enable TYPEC_TCPCI in usbc fragment Chen Qi (1): zstd: fix CVE_PRODUCT Joe Slater (1): util-linux: fix CVE 2021-37600 Jon Mason (1): parselogs.py: qemuarm should be qemuarmv5 Khem Raj (1): stress-ng: Drop defining daddr_t Lee Chee Yang (2): aspell: fix CVE-2019-25051 qemu: fix CVE-2021-3527 Matthias Klein (1): runqemu: Fix typo in error message Michael Opdenacker (3): cve-check: fix comments cve-check: update link to NVD website for CVE details cve-check: improve comment about CVE patch file names Mingli Yu (2): curl: fix CVE-2021-22925 curl: fix CVES Richard Purdie (3): sstate: Fix rebuilds when changing layer config license: Exclude COPYING.MIT from pseudo oeqa/runtime/cases/ptest: Increase test timeout from 300s to 450s Ross Burton (1): qemu: fix virtio vhost-user-gpu CVEs hongxu (1): createrepo-c: fix createrepo-c failed in nativesdk meta/classes/cve-check.bbclass | 19 +- meta/classes/license.bbclass | 2 +- meta/classes/sstate.bbclass | 1 + meta/lib/oeqa/runtime/cases/parselogs.py | 3 +- meta/lib/oeqa/runtime/cases/ptest.py | 2 +- meta/recipes-core/util-linux/util-linux.inc | 1 + .../util-linux/CVE-2021-37600.patch | 38 ++ .../createrepo-c/createrepo-c_0.17.0.bb | 4 +- meta/recipes-devtools/qemu/qemu.inc | 9 + ...ix-memory-disclosure-in-virgl_cmd_ge.patch | 43 ++ ...ix-resource-leak-in-vg_resource_crea.patch | 41 ++ ...ix-memory-leak-in-vg_resource_attach.patch | 48 ++ ...ix-memory-leak-while-calling-vg_reso.patch | 50 ++ ...ix-memory-leak-in-virgl_cmd_resource.patch | 58 +++ ...ix-memory-leak-in-virgl_resource_att.patch | 49 ++ ...ix-OOB-write-in-virgl_cmd_get_capset.patch | 49 ++ .../qemu/qemu/CVE-2021-3527-1.patch | 42 ++ .../qemu/qemu/CVE-2021-3527-2.patch | 59 +++ .../stress-ng/stress-ng/no_daddr_t.patch | 32 -- .../stress-ng/stress-ng_0.12.05.bb | 2 - meta/recipes-extended/zstd/zstd_1.4.9.bb | 2 + .../linux/linux-yocto-rt_5.10.bb | 6 +- .../linux/linux-yocto-rt_5.4.bb | 6 +- .../linux/linux-yocto-tiny_5.10.bb | 8 +- .../linux/linux-yocto-tiny_5.4.bb | 8 +- meta/recipes-kernel/linux/linux-yocto_5.10.bb | 24 +- meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +- meta/recipes-support/aspell/aspell_0.60.8.bb | 4 +- .../aspell/files/CVE-2019-25051.patch | 101 ++++ .../curl/curl/CVE-2021-22901.patch | 453 ++++++++++++++++++ .../curl/curl/CVE-2021-22924.patch | 298 ++++++++++++ .../curl/curl/CVE-2021-22925.patch | 50 ++ .../curl/curl/CVE-2021-22926.patch | 79 +++ meta/recipes-support/curl/curl_7.75.0.bb | 4 + .../{nettle_3.7.2.bb => nettle_3.7.3.bb} | 2 +- scripts/lib/devtool/upgrade.py | 3 + scripts/runqemu | 2 +- 37 files changed, 1537 insertions(+), 87 deletions(-) create mode 100644 meta/recipes-core/util-linux/util-linux/CVE-2021-37600.patch create mode 100644 meta/recipes-devtools/qemu/qemu/0001-vhost-user-gpu-fix-memory-disclosure-in-virgl_cmd_ge.patch create mode 100644 meta/recipes-devtools/qemu/qemu/0002-vhost-user-gpu-fix-resource-leak-in-vg_resource_crea.patch create mode 100644 meta/recipes-devtools/qemu/qemu/0003-vhost-user-gpu-fix-memory-leak-in-vg_resource_attach.patch create mode 100644 meta/recipes-devtools/qemu/qemu/0004-vhost-user-gpu-fix-memory-leak-while-calling-vg_reso.patch create mode 100644 meta/recipes-devtools/qemu/qemu/0005-vhost-user-gpu-fix-memory-leak-in-virgl_cmd_resource.patch create mode 100644 meta/recipes-devtools/qemu/qemu/0006-vhost-user-gpu-fix-memory-leak-in-virgl_resource_att.patch create mode 100644 meta/recipes-devtools/qemu/qemu/0007-vhost-user-gpu-fix-OOB-write-in-virgl_cmd_get_capset.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3527-1.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3527-2.patch delete mode 100644 meta/recipes-extended/stress-ng/stress-ng/no_daddr_t.patch create mode 100644 meta/recipes-support/aspell/files/CVE-2019-25051.patch create mode 100644 meta/recipes-support/curl/curl/CVE-2021-22901.patch create mode 100644 meta/recipes-support/curl/curl/CVE-2021-22924.patch create mode 100644 meta/recipes-support/curl/curl/CVE-2021-22925.patch create mode 100644 meta/recipes-support/curl/curl/CVE-2021-22926.patch rename meta/recipes-support/nettle/{nettle_3.7.2.bb => nettle_3.7.3.bb} (96%) -- 2.31.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#154625): https://lists.openembedded.org/g/openembedded-core/message/154625 Mute This Topic: https://lists.openembedded.org/mt/84771241/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-