[OE-core][dunfell 0/7] Patch review

Steve Sakoman Thu, 11 May 2023 14:28:26 -0700

Please review this set of patches for dunfell and have comments back by
end of day Monday.


Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5294

The following changes since commit fd4cc8d7b5156c43d162a1a5a809fae507457ef4:

  build-appliance-image: Update to dunfell head revision (2023-05-03 12:29:24 
-1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Arturo Buzarra (1):
  run-postinsts: Set dependency for ldconfig to avoid boot issues

Ashish Sharma (1):
  connman: Fix CVE-2023-28488 DoS in client.c

Peter Marko (1):
  libxml2: patch CVE-2023-28484 and CVE-2023-29469

Ranjitsinh Rathod (1):
  libbsd: Add correct license for all packages

Shubham Kulkarni (1):
  go: Security fix for CVE-2023-24538

Vivek Kumbhar (1):
  freetype: fix CVE-2023-2004 integer overflowin in
    tt_hvadvance_adjust() in src/truetype/ttgxvar.c

Yoann Congal (1):
  linux-yocto: Exclude 294 CVEs already fixed upstream

 .../connman/connman/CVE-2023-28488.patch      |   54 +
 .../connman/connman_1.37.bb                   |    1 +
 .../libxml/libxml2/CVE-2023-28484.patch       |   79 +
 .../libxml/libxml2/CVE-2023-29469.patch       |   42 +
 meta/recipes-core/libxml/libxml2_2.9.10.bb    |    2 +
 meta/recipes-devtools/go/go-1.14.inc          |    3 +
 .../go/go-1.14/CVE-2023-24538-1.patch         |  125 ++
 .../go/go-1.14/CVE-2023-24538-2.patch         |  196 ++
 .../go/go-1.14/CVE-2023-24538-3.patch         |  208 ++
 .../run-postinsts/run-postinsts.service       |    2 +-
 .../freetype/freetype/CVE-2023-2004.patch     |   40 +
 .../freetype/freetype_2.10.1.bb               |    1 +
 meta/recipes-kernel/linux/cve-exclusion.inc   | 1840 +++++++++++++++++
 meta/recipes-kernel/linux/linux-yocto.inc     |    3 +
 meta/recipes-support/libbsd/libbsd_0.10.0.bb  |    6 +
 15 files changed, 2601 insertions(+), 1 deletion(-)
 create mode 100644 
meta/recipes-connectivity/connman/connman/CVE-2023-28488.patch
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2023-28484.patch
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2023-29469.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-24538-1.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-24538-2.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-24538-3.patch
 create mode 100644 meta/recipes-graphics/freetype/freetype/CVE-2023-2004.patch
 create mode 100644 meta/recipes-kernel/linux/cve-exclusion.inc

-- 
2.34.1

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181146): 
https://lists.openembedded.org/g/openembedded-core/message/181146
Mute This Topic: https://lists.openembedded.org/mt/98837346/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][dunfell 0/7] Patch review

Reply via email to