> -----Original Message----- > From: openembedded-devel@lists.openembedded.org <openembedded- > de...@lists.openembedded.org> On Behalf Of akuster via > lists.openembedded.org > Sent: 17 January 2021 18:46 > To: openembedded-devel@lists.openembedded.org > Subject: [oe] [dunfell 00/28] Patch review Jan 17th > > Here is the next batch for Dunfell. Please review and have comments back by > Wednesday. > > The following changes since commit > f2d02cb71eaff8eb285a1997b30be52486c160ae: > > python3-pyinotify: Add missing ctypes dependency (2020-11-15 11:13:25 - > 0800) > > are available in the Git repository at: > > git://git.openembedded.org/meta-openembedded-contrib stable/dunfell- > nut > http://cgit.openembedded.org/meta-openembedded- > contrib/log/?h=stable/dunfell-nut > > Armin Kuster (5): > wireguard-module: fix build issue with 5.4 kernel > mariadb: update to 10.4.17 for cve fixes > lua: update to 5.3.6 > nss: Security fix CVE-2020-12401 > wireshark: Several securtiy fixes > > Chenxi Mao (1): > geoclue: select avahi-daemon if nmea enabled > > Gianfranco (1): > dlt-daemon: add upstream patch to fix CVE-2020-29394 > > Khem Raj (4): > nodejs: Fix build with icu 67.1 > nodejs: Upgrade to 12.18.3 > nodejs: Fix arm32/thumb builds with clang > nodejs: Update to 12.19.0 > > Leon Anavi (1): > php: Upgrade 7.4.4 -> 7.4.9 > > Max Kellermann (1): > php: remove the failing ${D}/${TMPDIR} code > > Roland Hieber (1): > pcsc-lite: provide pcsc-lite-lib-native explicitly for native build > > Sakib Sajal (1): > apache2: upgrade v2.4.43 -> v2.4.46 > > Sean Nyekjaer (1): > nodejs: 12.19.1 -> 12.20.1 > > Stacy Gaikovaia (1): > nodejs: 12.19.0 -> 12.19.1 > > Wang Mingyu (1): > zabbix: CVE-2020-15803 Security Advisory > > Wenlin Kang (2): > lua: fix CVE-2020-15945 > lua: fix CVE-2020-24371 > > Zang Ruochen (1): > mcpp: Normalize the patch format of CVE > > Zheng Ruoqin (4): > samba: CVE-2020-14318 Security Advisory > samba: CVE-2020-14383 Security Advisory > php: CVE-2020-7070 > php: CVE-2020-7069 > > jabdoa2 (2): > libsdl2-mixer: Fix ogg/vorbis support in libsdl2-mixer > libsdl2-mixer: set --disable-music-ogg-shared to link statically > > viatsk (1): > tcpdump: Patch for CVE-2020-8037 > > .../samba/samba/CVE-2020-14318.patch | 142 +++++++++++++++ > .../samba/samba/CVE-2020-14383.patch | 112 ++++++++++++ > .../samba/samba_4.10.18.bb | 2 + > ...NC_-START-END-were-backported-to-5.4.patch | 29 +++ > .../wireguard-module_1.0.20200401.bb | 3 +- > ...ping-don-t-allocate-a-too-large-buff.patch | 70 ++++++++ > .../recipes-support/tcpdump/tcpdump_4.9.3.bb | 1 + > ...wireshark_3.2.7.bb => wireshark_3.2.10.bb} | 2 +- > .../zabbix/zabbix/CVE-2020-15803.patch | 36 ++++ > .../zabbix/zabbix_4.4.6.bb | 1 + > ...e_10.4.12.bb => mariadb-native_10.4.17.bb} | 0 > meta-oe/recipes-dbs/mysql/mariadb.inc | 6 +- > ...-breakage-from-lock_guard-error-6161.patch | 32 ---- > .../mariadb/0001-Fix-library-LZ4-lookup.patch | 19 +- > .../mysql/mariadb/c11_atomics.patch | 24 ++- > .../configure.cmake-fix-valgrind.patch | 10 +- > .../mariadb/fix-a-building-failure.patch | 13 +- > .../mysql/mariadb/fix-arm-atomic.patch | 13 +- > ...Lists.txt-fix-gen_lex_hash-not-found.patch | 12 +- > ...akeLists.txt-fix-do_populate_sysroot.patch | 10 +- > ...{mariadb_10.4.12.bb => mariadb_10.4.17.bb} | 0 > ...rriers-cannot-be-active-during-sweep.patch | 90 ++++++++++ > .../lua/lua/CVE-2020-15945.patch | 167 ++++++++++++++++++ > .../lua/{lua_5.3.5.bb => lua_5.3.6.bb} | 8 +- > .../mcpp/files/CVE-2019-14274.patch | 34 ++++ > .../mcpp/files/ice-mcpp.patch | 31 ---- > meta-oe/recipes-devtools/mcpp/mcpp_2.7.2.bb | 3 +- > ...gister-r7-because-llvm-now-issues-an.patch | 53 ++++++ > ...-passing-multiple-libs-to-pkg_config.patch | 41 ----- > ...allow-use-of-system-installed-brotli.patch | 66 ------- > ...Install-both-binaries-and-use-libdir.patch | 28 ++- > .../{nodejs_12.14.1.bb => nodejs_12.20.1.bb} | 12 +- > .../php/php/CVE-2020-7069.patch | 158 +++++++++++++++++ > .../php/php/CVE-2020-7070.patch | 24 +++ > .../php/php/debian-php-fixheader.patch | 27 +-- > .../php/{php_7.4.4.bb => php_7.4.9.bb} | 16 +- > .../dlt-daemon/dlt-daemon/275.patch | 38 ++++ > .../dlt-daemon/dlt-daemon_2.18.4.bb | 1 + > .../libsdl/libsdl2-mixer_2.0.4.bb | 2 +- > .../geoclue/geoclue_2.5.3.bb | 2 +- > .../nss/nss/CVE-2020-12401.patch | 52 ++++++ > meta-oe/recipes-support/nss/nss_3.51.1.bb | 1 + > .../pcsc-lite/pcsc-lite_1.8.26.bb | 1 + > .../{apache2_2.4.43.bb => apache2_2.4.46.bb} | 4 +- > 44 files changed, 1111 insertions(+), 285 deletions(-) > create mode 100644 meta-networking/recipes- > connectivity/samba/samba/CVE-2020-14318.patch > create mode 100644 meta-networking/recipes- > connectivity/samba/samba/CVE-2020-14383.patch > create mode 100644 meta-networking/recipes-kernel/wireguard/files/0001- > compat-SYM_FUNC_-START-END-were-backported-to-5.4.patch > create mode 100644 meta-networking/recipes- > support/tcpdump/tcpdump/0001-PPP-When-un-escaping-don-t-allocate-a- > too-large-buff.patch > rename meta-networking/recipes-support/wireshark/{wireshark_3.2.7.bb > => wireshark_3.2.10.bb} (96%) > create mode 100644 meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2020- > 15803.patch > rename meta-oe/recipes-dbs/mysql/{mariadb-native_10.4.12.bb => > mariadb-native_10.4.17.bb} (100%) > delete mode 100644 meta-oe/recipes-dbs/mysql/mariadb/0001-Fix-build- > breakage-from-lock_guard-error-6161.patch > rename meta-oe/recipes-dbs/mysql/{mariadb_10.4.12.bb => > mariadb_10.4.17.bb} (100%) > create mode 100644 meta-oe/recipes-devtools/lua/lua/0001-Fixed-bug- > barriers-cannot-be-active-during-sweep.patch > create mode 100644 meta-oe/recipes-devtools/lua/lua/CVE-2020- > 15945.patch > rename meta-oe/recipes-devtools/lua/{lua_5.3.5.bb => lua_5.3.6.bb} (87%) > create mode 100644 meta-oe/recipes-devtools/mcpp/files/CVE-2019- > 14274.patch > create mode 100644 meta-oe/recipes-devtools/nodejs/nodejs/0001- > Remove-use-of-register-r7-because-llvm-now-issues-an.patch > delete mode 100644 meta-oe/recipes-devtools/nodejs/nodejs/0001-build- > allow-passing-multiple-libs-to-pkg_config.patch > delete mode 100644 meta-oe/recipes-devtools/nodejs/nodejs/0002-build- > allow-use-of-system-installed-brotli.patch > rename meta-oe/recipes-devtools/nodejs/{nodejs_12.14.1.bb => > nodejs_12.20.1.bb} (94%) > create mode 100644 meta-oe/recipes-devtools/php/php/CVE-2020- > 7069.patch > create mode 100644 meta-oe/recipes-devtools/php/php/CVE-2020- > 7070.patch > mode change 100755 => 100644 meta-oe/recipes- > devtools/php/php/debian-php-fixheader.patch > rename meta-oe/recipes-devtools/php/{php_7.4.4.bb => php_7.4.9.bb} > (97%) > create mode 100644 meta-oe/recipes-extended/dlt-daemon/dlt- > daemon/275.patch > create mode 100644 meta-oe/recipes-support/nss/nss/CVE-2020- > 12401.patch > rename meta-webserver/recipes-httpd/apache2/{apache2_2.4.43.bb => > apache2_2.4.46.bb} (98%) > > -- > 2.17.1 Hi Armin,
Is there any specific reason why the gssdp and gupnp updates I sent for dunfell a while ago to fix a CVE are not in? They are in the patch review you've sent for gatesgarth though. Anything I should do? Thanks, Diego -- Diego Santa Cruz, PhD Technology Architect spinetix.com
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#88870): https://lists.openembedded.org/g/openembedded-devel/message/88870 Mute This Topic: https://lists.openembedded.org/mt/79755934/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-