On 11/19/21 7:26 PM, Luca Boccassi wrote:
On Fri, 2021-11-19 at 09:43 +0800, ChenQi wrote:
Hi Luca,
If the real useful part is only about systemd-analyze in case of
nativesdk/native, I'd suggest adding systemd-analyze-native or
nativesdk-systemd-analyze instead of extending the current systemd
From: Kai Kang
Backport patches to fix CVE-2021-41072. And update context for verison
4.4 at same time.
CVE: CVE-2021-41072
Ref:
* https://nvd.nist.gov/vuln/detail/CVE-2021-41072
Signed-off-by: Kai Kang
Signed-off-by: Anuj Mittal
---
.../files/CVE-2021-41072-requisite-1.patch| 135
From: Mingli Yu
Backport patches to fix CVE-2021-3927 and CVE-2021-3928.
Signed-off-by: Mingli Yu
Signed-off-by: Anuj Mittal
---
.../vim/files/CVE-2021-3927.patch | 32 +
.../vim/files/CVE-2021-3928.patch | 34 +++
From: Mingli Yu
Backport patches to fix CVE-2021-25219.
Signed-off-by: Mingli Yu
Signed-off-by: Anuj Mittal
---
.../bind/bind-9.16.16/CVE-2021-25219-1.patch | 76 +++
.../bind/bind-9.16.16/CVE-2021-25219-2.patch | 65
From: Mingli Yu
Backport 2 patches to fix below CVEs:
- CVE-2021-3872
- CVE-2021-3903
Signed-off-by: Mingli Yu
Signed-off-by: Anuj Mittal
---
.../vim/files/CVE-2021-3872.patch | 57 +++
.../vim/files/CVE-2021-3903.patch | 38 +
From: Andrej Valek
gcc11 has -std=gnu++17 as default. Remove deprecated C++17 exceptions based
on http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2016/p0003r5.html.
Signed-off-by: Andrej Valek
Signed-off-by: Steve Sakoman
(cherry picked from commit ef8b7946b4793db653ef7dd716e1d3f919a84725)
From: Mingli Yu
Backport a patch to fix CVE-2021-3875.
Signed-off-by: Mingli Yu
Signed-off-by: Anuj Mittal
---
.../vim/files/CVE-2021-3875.patch | 37 +++
meta/recipes-support/vim/vim.inc | 1 +
2 files changed, 38 insertions(+)
create mode 100644
From: Changqing Li
Signed-off-by: Changqing Li
Signed-off-by: Anuj Mittal
---
.../rpm/files/0001-CVE-2021-3521.patch| 57 +++
.../rpm/files/0002-CVE-2021-3521.patch| 62
.../rpm/files/0003-CVE-2021-3521.patch| 332 ++
From: Yi Zhao
CVE-2021-40491:
The ftp client in GNU Inetutils before 2.2 does not validate addresses
returned by PASV/LSPV responses to make sure they match the server
address. This is similar to CVE-2020-8284 for curl.
References:
https://nvd.nist.gov/vuln/detail/CVE-2021-40491
Patch from:
From: Pgowda
source : https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102035
Upstream-Status:
Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=3929bca9ca95de9d35e82ae8828b188029e3eb70]
Upstream-Status:
From: Richard Purdie
kernel.org now has a mirror of the downloads.yoctoproject.org sources
archive so include this in our mirrors list.
Signed-off-by: Richard Purdie
(cherry picked from commit f602b6c2046bbc52a95dcc68a754f1cbb2db6761)
Signed-off-by: Anuj Mittal
---
From: Jon Mason
The URLs describing Kickstart are no longer valid and do not redirect to
the correct location. Update them with the correct location.
Signed-off-by: Jon Mason
Signed-off-by: Richard Purdie
(cherry picked from commit e5ac75f93c8128b0761af5fee99e8603ddd1657d)
Signed-off-by:
From: Richard Purdie
Give the user a proper error message if there aren't packages built,
rather than a less friendly traceback.
[YOCTO #14619]
Signed-off-by: Richard Purdie
(cherry picked from commit b14c176b7dd74b7d63ca0f72e6e00fbf209f5a0b)
Signed-off-by: Anuj Mittal
---
From: Kai Kang
There may be none, one or more spaces including tab before backslash in
SRC_URI. Use regex to check and update. It helps to avoid malformed uri
such as recipe open-iscsi-user in meta-openstack:
SRC_URI = "git://github.com/open-iscsi/open-iscsi.git;protocol=https
;branch=master
From: Bruce Ashfield
Updating linux-yocto/5.10 to the latest korg -stable release that comprises
the following commits:
5040520482a5 Linux 5.10.78
4c7c0243275b ALSA: usb-audio: Add Audient iD14 to mixer map quirk table
f3eb44f496ef ALSA: usb-audio: Add Schiit Hel device to mixer map
From: Bruce Ashfield
Updating linux-yocto/5.10 to the latest korg -stable release that comprises
the following commits:
09df347cfd18 Linux 5.10.77
fbb91dadb512 perf script: Check session->header.env.arch before using it
6f416815c505 riscv: Fix asan-stack clang build
7a4cf25d8329
Please review these changes for hardknott. No issues seen while testing
on autobuilder.
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/2933
Thanks,
Anuj
The following changes since commit 2fd327ae5b3da8841ebed00bfc60b7bb8d6a64c5:
llvm: bump HASHEQUIV_HASH_VERSION
From: Richard Purdie
At the last nas outage, we realised that we don't have good mirrors of the
uninative tarball if our main system can't be accessed. kernel.org mirrors
some Yocto Project data so we've ensured uninative is there. Add the appropriate
mirror url to make use of that.
Branch: honister
New this week: 1 CVEs
CVE-2021-43618: gmp:gmp-native
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-43618 *
Removed this week: 4 CVEs
CVE-2021-3796: vim
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3796 *
CVE-2021-3872: vim
Branch: hardknott
New this week: 15 CVEs
CVE-2021-42373: busybox
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42373 *
CVE-2021-42374: busybox
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42374 *
CVE-2021-42375: busybox
Branch: dunfell
New this week: 15 CVEs
CVE-2021-3927: vim
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3927 *
CVE-2021-3928: vim
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3928 *
CVE-2021-41771: go:go-native
Branch: master
New this week: 1 CVEs
CVE-2021-43618: gmp:gmp-native
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-43618 *
Removed this week: 5 CVEs
CVE-2021-3527: qemu:qemu-native:qemu-system-native
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3527 *
CVE-2021-3927: vim
On Sat, 2021-11-20 at 10:05 -0800, Khem Raj wrote:
> base-image boots in degraded mode when using systems without display
> system since there is no fb device detected and pslash service would
> fail to start. Removing this image feature means that core-image-base is
> complete for headless
23 matches
Mail list logo