On 1/18/21 2:12 AM, Diego Santa Cruz wrote: >> -----Original Message----- >> From: openembedded-devel@lists.openembedded.org <openembedded- >> de...@lists.openembedded.org> On Behalf Of akuster via >> lists.openembedded.org >> Sent: 17 January 2021 18:46 >> To: openembedded-devel@lists.openembedded.org >> Subject: [oe] [dunfell 00/28] Patch review Jan 17th >> >> Here is the next batch for Dunfell. Please review and have comments back by >> Wednesday. >> >> The following changes since commit >> f2d02cb71eaff8eb285a1997b30be52486c160ae: >> >> python3-pyinotify: Add missing ctypes dependency (2020-11-15 11:13:25 - >> 0800) >> >> are available in the Git repository at: >> >> git://git.openembedded.org/meta-openembedded-contrib stable/dunfell- >> nut >> http://cgit.openembedded.org/meta-openembedded- >> contrib/log/?h=stable/dunfell-nut >> >> Armin Kuster (5): >> wireguard-module: fix build issue with 5.4 kernel >> mariadb: update to 10.4.17 for cve fixes >> lua: update to 5.3.6 >> nss: Security fix CVE-2020-12401 >> wireshark: Several securtiy fixes >> >> Chenxi Mao (1): >> geoclue: select avahi-daemon if nmea enabled >> >> Gianfranco (1): >> dlt-daemon: add upstream patch to fix CVE-2020-29394 >> >> Khem Raj (4): >> nodejs: Fix build with icu 67.1 >> nodejs: Upgrade to 12.18.3 >> nodejs: Fix arm32/thumb builds with clang >> nodejs: Update to 12.19.0 >> >> Leon Anavi (1): >> php: Upgrade 7.4.4 -> 7.4.9 >> >> Max Kellermann (1): >> php: remove the failing ${D}/${TMPDIR} code >> >> Roland Hieber (1): >> pcsc-lite: provide pcsc-lite-lib-native explicitly for native build >> >> Sakib Sajal (1): >> apache2: upgrade v2.4.43 -> v2.4.46 >> >> Sean Nyekjaer (1): >> nodejs: 12.19.1 -> 12.20.1 >> >> Stacy Gaikovaia (1): >> nodejs: 12.19.0 -> 12.19.1 >> >> Wang Mingyu (1): >> zabbix: CVE-2020-15803 Security Advisory >> >> Wenlin Kang (2): >> lua: fix CVE-2020-15945 >> lua: fix CVE-2020-24371 >> >> Zang Ruochen (1): >> mcpp: Normalize the patch format of CVE >> >> Zheng Ruoqin (4): >> samba: CVE-2020-14318 Security Advisory >> samba: CVE-2020-14383 Security Advisory >> php: CVE-2020-7070 >> php: CVE-2020-7069 >> >> jabdoa2 (2): >> libsdl2-mixer: Fix ogg/vorbis support in libsdl2-mixer >> libsdl2-mixer: set --disable-music-ogg-shared to link statically >> >> viatsk (1): >> tcpdump: Patch for CVE-2020-8037 >> >> .../samba/samba/CVE-2020-14318.patch | 142 +++++++++++++++ >> .../samba/samba/CVE-2020-14383.patch | 112 ++++++++++++ >> .../samba/samba_4.10.18.bb | 2 + >> ...NC_-START-END-were-backported-to-5.4.patch | 29 +++ >> .../wireguard-module_1.0.20200401.bb | 3 +- >> ...ping-don-t-allocate-a-too-large-buff.patch | 70 ++++++++ >> .../recipes-support/tcpdump/tcpdump_4.9.3.bb | 1 + >> ...wireshark_3.2.7.bb => wireshark_3.2.10.bb} | 2 +- >> .../zabbix/zabbix/CVE-2020-15803.patch | 36 ++++ >> .../zabbix/zabbix_4.4.6.bb | 1 + >> ...e_10.4.12.bb => mariadb-native_10.4.17.bb} | 0 >> meta-oe/recipes-dbs/mysql/mariadb.inc | 6 +- >> ...-breakage-from-lock_guard-error-6161.patch | 32 ---- >> .../mariadb/0001-Fix-library-LZ4-lookup.patch | 19 +- >> .../mysql/mariadb/c11_atomics.patch | 24 ++- >> .../configure.cmake-fix-valgrind.patch | 10 +- >> .../mariadb/fix-a-building-failure.patch | 13 +- >> .../mysql/mariadb/fix-arm-atomic.patch | 13 +- >> ...Lists.txt-fix-gen_lex_hash-not-found.patch | 12 +- >> ...akeLists.txt-fix-do_populate_sysroot.patch | 10 +- >> ...{mariadb_10.4.12.bb => mariadb_10.4.17.bb} | 0 >> ...rriers-cannot-be-active-during-sweep.patch | 90 ++++++++++ >> .../lua/lua/CVE-2020-15945.patch | 167 ++++++++++++++++++ >> .../lua/{lua_5.3.5.bb => lua_5.3.6.bb} | 8 +- >> .../mcpp/files/CVE-2019-14274.patch | 34 ++++ >> .../mcpp/files/ice-mcpp.patch | 31 ---- >> meta-oe/recipes-devtools/mcpp/mcpp_2.7.2.bb | 3 +- >> ...gister-r7-because-llvm-now-issues-an.patch | 53 ++++++ >> ...-passing-multiple-libs-to-pkg_config.patch | 41 ----- >> ...allow-use-of-system-installed-brotli.patch | 66 ------- >> ...Install-both-binaries-and-use-libdir.patch | 28 ++- >> .../{nodejs_12.14.1.bb => nodejs_12.20.1.bb} | 12 +- >> .../php/php/CVE-2020-7069.patch | 158 +++++++++++++++++ >> .../php/php/CVE-2020-7070.patch | 24 +++ >> .../php/php/debian-php-fixheader.patch | 27 +-- >> .../php/{php_7.4.4.bb => php_7.4.9.bb} | 16 +- >> .../dlt-daemon/dlt-daemon/275.patch | 38 ++++ >> .../dlt-daemon/dlt-daemon_2.18.4.bb | 1 + >> .../libsdl/libsdl2-mixer_2.0.4.bb | 2 +- >> .../geoclue/geoclue_2.5.3.bb | 2 +- >> .../nss/nss/CVE-2020-12401.patch | 52 ++++++ >> meta-oe/recipes-support/nss/nss_3.51.1.bb | 1 + >> .../pcsc-lite/pcsc-lite_1.8.26.bb | 1 + >> .../{apache2_2.4.43.bb => apache2_2.4.46.bb} | 4 +- >> 44 files changed, 1111 insertions(+), 285 deletions(-) >> create mode 100644 meta-networking/recipes- >> connectivity/samba/samba/CVE-2020-14318.patch >> create mode 100644 meta-networking/recipes- >> connectivity/samba/samba/CVE-2020-14383.patch >> create mode 100644 meta-networking/recipes-kernel/wireguard/files/0001- >> compat-SYM_FUNC_-START-END-were-backported-to-5.4.patch >> create mode 100644 meta-networking/recipes- >> support/tcpdump/tcpdump/0001-PPP-When-un-escaping-don-t-allocate-a- >> too-large-buff.patch >> rename meta-networking/recipes-support/wireshark/{wireshark_3.2.7.bb >> => wireshark_3.2.10.bb} (96%) >> create mode 100644 meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2020- >> 15803.patch >> rename meta-oe/recipes-dbs/mysql/{mariadb-native_10.4.12.bb => >> mariadb-native_10.4.17.bb} (100%) >> delete mode 100644 meta-oe/recipes-dbs/mysql/mariadb/0001-Fix-build- >> breakage-from-lock_guard-error-6161.patch >> rename meta-oe/recipes-dbs/mysql/{mariadb_10.4.12.bb => >> mariadb_10.4.17.bb} (100%) >> create mode 100644 meta-oe/recipes-devtools/lua/lua/0001-Fixed-bug- >> barriers-cannot-be-active-during-sweep.patch >> create mode 100644 meta-oe/recipes-devtools/lua/lua/CVE-2020- >> 15945.patch >> rename meta-oe/recipes-devtools/lua/{lua_5.3.5.bb => lua_5.3.6.bb} (87%) >> create mode 100644 meta-oe/recipes-devtools/mcpp/files/CVE-2019- >> 14274.patch >> create mode 100644 meta-oe/recipes-devtools/nodejs/nodejs/0001- >> Remove-use-of-register-r7-because-llvm-now-issues-an.patch >> delete mode 100644 meta-oe/recipes-devtools/nodejs/nodejs/0001-build- >> allow-passing-multiple-libs-to-pkg_config.patch >> delete mode 100644 meta-oe/recipes-devtools/nodejs/nodejs/0002-build- >> allow-use-of-system-installed-brotli.patch >> rename meta-oe/recipes-devtools/nodejs/{nodejs_12.14.1.bb => >> nodejs_12.20.1.bb} (94%) >> create mode 100644 meta-oe/recipes-devtools/php/php/CVE-2020- >> 7069.patch >> create mode 100644 meta-oe/recipes-devtools/php/php/CVE-2020- >> 7070.patch >> mode change 100755 => 100644 meta-oe/recipes- >> devtools/php/php/debian-php-fixheader.patch >> rename meta-oe/recipes-devtools/php/{php_7.4.4.bb => php_7.4.9.bb} >> (97%) >> create mode 100644 meta-oe/recipes-extended/dlt-daemon/dlt- >> daemon/275.patch >> create mode 100644 meta-oe/recipes-support/nss/nss/CVE-2020- >> 12401.patch >> rename meta-webserver/recipes-httpd/apache2/{apache2_2.4.43.bb => >> apache2_2.4.46.bb} (98%) >> >> -- >> 2.17.1 > Hi Armin, > > Is there any specific reason why the gssdp and gupnp updates I sent for > dunfell a while ago to fix a CVE are not in? They are in the patch review > you've sent for gatesgarth though. I most forgot to merge them from Gatesgarth. They are in there shortly. -armin > > Anything I should do? > > Thanks, > > Diego >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#88873): https://lists.openembedded.org/g/openembedded-devel/message/88873 Mute This Topic: https://lists.openembedded.org/mt/79755934/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
