[OE-core][dunfell 00/25] Pull request (cover letter only)

Steve Sakoman Tue, 28 Sep 2021 16:24:34 -0700

The following changes since commit c7d2281eb6cda9c1637c20b3540b142073bca235:


  build-appliance-image: Update to dunfell head revision (2021-09-15 18:34:19 
+0100)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
  
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next

Alexander Kanavin (2):
  wic: keep rootfs_size as integer
  testimage: symlink the task log and qemu console log to tmp/log/oeqa

Armin Kuster (9):
  libgcrypt: Security fix CVE-2021-33560
  apr: Security fix for CVE-2021-35940
  libsndfile: Security fix for CVE-2021-3246
  qemu: Security fix CVE-2020-12829
  qemu: Security fix for CVE-2020-27617
  qemu: Security fix for CVE-2020-28916
  nettle: Security fix for CVE-2021-3580
  nettle: Security fix for CVE-2021-20305
  tar: ignore node-tar CVEs

Bruce Ashfield (2):
  linux-yocto/5.4: update to v5.4.143
  linux-yocto/5.4: update to v5.4.144

Jon Mason (2):
  Update mailing list address
  core-image-sato: Fix runqemu error for qemuarmv5

Kai Kang (1):
  squashfs-tools: fix CVE-2021-40153

Mike Crowe (1):
  curl: Fix CVE-2021-22946 and CVE-2021-22947, whitelist CVE-2021-22945

Ranjitsinh Rathod (1):
  rpm: Handle proper return value to avoid major issues

Richard Purdie (3):
  vim: Backport fix for CVE-2021-3770
  useradd: Ensure preinst data is expanded correctly in pkgdata
  bash: Ensure deterministic build

Ross Burton (1):
  libsoup-2.4: remove obsolete intltool dependency

Sakib Sajal (1):
  qemu: fix CVE-2021-3682

Steve Sakoman (1):
  connman: add CVE_PRODUCT

Visa Hankala (1):
  iputils: Fix regression of arp table update

 meta/classes/testimage.bbclass                |  12 +-
 meta/classes/useradd.bbclass                  |   4 +
 meta/conf/distro/include/maintainers.inc      |   2 +-
 meta/recipes-connectivity/connman/connman.inc |   2 +
 .../ldconfig-native-2.12.1/ldconfig.patch     |   2 +-
 meta/recipes-devtools/qemu/qemu.inc           |   8 +
 .../qemu/qemu/CVE-2020-12829_1.patch          | 164 ++++++++
 .../qemu/qemu/CVE-2020-12829_2.patch          | 139 +++++++
 .../qemu/qemu/CVE-2020-12829_3.patch          |  47 +++
 .../qemu/qemu/CVE-2020-12829_4.patch          | 100 +++++
 .../qemu/qemu/CVE-2020-12829_5.patch          | 266 +++++++++++++
 .../qemu/qemu/CVE-2020-27617.patch            |  49 +++
 .../qemu/qemu/CVE-2020-28916.patch            |  48 +++
 .../qemu/qemu/CVE-2021-3682.patch             |  41 ++
 ...rict-virtual-memory-usage-if-limit-s.patch |  25 +-
 .../squashfs-tools/files/CVE-2021-40153.patch | 253 +++++++++++++
 .../squashfs-tools/squashfs-tools_git.bb      |   1 +
 meta/recipes-extended/bash/bash.inc           |   5 +
 ...ng-make-update-neighbours-work-again.patch |  79 ++++
 .../iputils/iputils_s20190709.bb              |   1 +
 meta/recipes-extended/tar/tar_1.32.bb         |   1 +
 .../linux/linux-yocto-rt_5.4.bb               |   6 +-
 .../linux/linux-yocto-tiny_5.4.bb             |   8 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  |  22 +-
 .../libsndfile1/CVE-2021-3246_1.patch         |  36 ++
 .../libsndfile1/CVE-2021-3246_2.patch         |  44 +++
 .../libsndfile/libsndfile1_1.0.28.bb          |   2 +
 meta/recipes-sato/images/core-image-sato.bb   |   1 +
 .../apr/apr/CVE-2021-35940.patch              |  58 +++
 meta/recipes-support/apr/apr_1.7.0.bb         |   1 +
 .../curl/curl/CVE-2021-22946-pre1.patch       |  86 +++++
 .../curl/curl/CVE-2021-22946.patch            | 328 ++++++++++++++++
 .../curl/curl/CVE-2021-22947.patch            | 352 ++++++++++++++++++
 meta/recipes-support/curl/curl_7.69.1.bb      |   5 +-
 .../libgcrypt/files/CVE-2021-33560.patch      | 109 ++++++
 .../libgcrypt/libgcrypt_1.8.5.bb              |   1 +
 .../libsoup/libsoup-2.4_2.68.4.bb             |   2 +-
 .../nettle-3.5.1/CVE-2021-20305-1.patch       | 215 +++++++++++
 .../nettle-3.5.1/CVE-2021-20305-2.patch       |  53 +++
 .../nettle-3.5.1/CVE-2021-20305-3.patch       | 122 ++++++
 .../nettle-3.5.1/CVE-2021-20305-4.patch       |  48 +++
 .../nettle-3.5.1/CVE-2021-20305-5.patch       |  53 +++
 .../nettle/nettle-3.5.1/CVE-2021-3580_1.patch | 277 ++++++++++++++
 .../nettle/nettle-3.5.1/CVE-2021-3580_2.patch | 163 ++++++++
 meta/recipes-support/nettle/nettle_3.5.1.bb   |   7 +
 ...1e135a16091c93f6f5f7525a5c58fb7ca9f9.patch | 207 ++++++++++
 meta/recipes-support/vim/vim.inc              |   2 +
 scripts/lib/wic/partition.py                  |   2 +-
 48 files changed, 3423 insertions(+), 36 deletions(-)
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-12829_1.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-12829_2.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-12829_3.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-12829_4.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-12829_5.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-27617.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-28916.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3682.patch
 create mode 100644 
meta/recipes-devtools/squashfs-tools/files/CVE-2021-40153.patch
 create mode 100644 
meta/recipes-extended/iputils/iputils/0001-arping-make-update-neighbours-work-again.patch
 create mode 100644 
meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-3246_1.patch
 create mode 100644 
meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-3246_2.patch
 create mode 100644 meta/recipes-support/apr/apr/CVE-2021-35940.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2021-22946-pre1.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2021-22946.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2021-22947.patch
 create mode 100644 meta/recipes-support/libgcrypt/files/CVE-2021-33560.patch
 create mode 100644 
meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-1.patch
 create mode 100644 
meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-2.patch
 create mode 100644 
meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-3.patch
 create mode 100644 
meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-4.patch
 create mode 100644 
meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-5.patch
 create mode 100644 
meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-3580_1.patch
 create mode 100644 
meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-3580_2.patch
 create mode 100644 
meta/recipes-support/vim/files/b7081e135a16091c93f6f5f7525a5c58fb7ca9f9.patch

-- 
2.25.1

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#156433): 
https://lists.openembedded.org/g/openembedded-core/message/156433
Mute This Topic: https://lists.openembedded.org/mt/85937425/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][dunfell 00/25] Pull request (cover letter only)

Reply via email to