[oe-commits] [openembedded-core] branch thud-next updated (1fd7d0f -> 4f22710)
git at git.openembedded.org
git at git.openembedded.org
Fri Nov 16 17:02:06 UTC 2018
This is an automated email from the git hooks/post-receive script.
rpurdie pushed a change to branch thud-next
in repository openembedded-core.
from 1fd7d0f build-appliance-image: Update to master head revision
add 14b5854 xserver-xorg: fix CVE-2018-14665
add 9d5d19c nss: update to 3.39 includes CVE-2018-12384
add a24d0c1 tzcode-native: update to 2018g
add 32e5dd9 tzdata: update to 2018g
add 0ef7060 systemd: fix CVE-2018-15686
add eeb621a systemd: fix CVE-2018-15687
add 13591d7 systemd: fix CVE-2018-15688
add 5c2b164 qemu: fix for CVE-2018-10839
add 2ddb3b2 unzip: fix for CVE-2018-18384
add 024b395 nasm: fix CVE-2018-1000667
add 777c1f8 elfutils: 0.173 -> 0.174
add bd8d2c2 elfutils: fix CVE-2018-18520 & CVE-2018-18521 & CVE-2018-18310
add 6c32ea1 ghostscript: fix CVE-2018-17961
add 6098c19 ghostscript: fix CVE-2018-18073
add 98ab5c5 ghostscript: fix CVE-2018-18284
add 9d5c6a8 openssl: fix CVE-2018-0734 for both 1.0.2p and 1.1.1
add 78e751e openssl: fix CVE-2018-0735 for 1.1.1
add 0f0db9f curl: fix for CVE-2018-16839/CVE-2018-16840/CVE-2018-16842
add e7b891b reproducible_build: update do_deploy_source_date_epoch commment
add 9dcb393 common-licenses: Correct the FreeType license text
add 90ab83e apr: Trim license info extracted from apr_lib.h
add 2edb0f2 apr-util: Trim license info extracted from apu_version.h
add a5c1ff6 libgpg-error: Trim license info extracted from init.c & gpg-error.h.in
add d0a209e pixman: Trim license info extracted from pixman-matrix.c
add e188a75 gdbm: fix ptest failure
add effa141 python3: Fix python3-pyvenv run-time dependency
add ed5e754 python3: add python3-venv to the python3-modules RDEPENDS
add 786322e go-dep: disable PTEST_ENABLED for mips and mips64
add e3c7e17 go: Change from TARGET_ARCH to TUNE_PKGARCH
add 6e162e6 crosssdk: Remove usage of host flags for cross-compilation
add a13e088 oeqa/runtime/ptest: Inject results+logs into stored json results file
add b06a6cd oe-init-buildenv/base: Relax python version checks in favour of HOSTTOOLS manipulation
add 69f7579 v86d: Make cross compilation working on more architectures
add f1af780 libgpg-error: Support build for native on ppc64/ppc64le hosts
add 9a25b2e oeqa/selftest: Add test for Yocto source mirror functionality/completeness
add 82f9157 wic: use explicit errno import
add 1859182 meta: Use double colon for chown OWNER:GROUP
add 2f86c3f scripts/autobuilder-worker-prereq-tests: adjust max_user_watches
add 3904f98 archiver: Drop unwanted directories
add 0b5972c apt: update SRC_URI
add bb06900 perf: Disable libunwind for ARC & RISCV64
add 84bb9c0 binutils: fix four CVE issues
add 8079e2d base.bbclass: avoid 'find -ignore_readdir_race -delete'
add 4cbf901 glibc: make ld-2.28.so reproducible on arm
add 2012d6b oeqa/selftest: Standardize json logging output directory
add 17d5574 valgrind: drop mips n32 support
add af67bf4 image-buildinfo,oeqa/selftest/containerimage: Ensure image-buildinfo doesn't break tests
add e97a31e oeqa/selftest/recipetool: Fix problems from changing upstream source
add d8e1b7a unzip: actually apply CVE-2018-18384
add f0394e8 curl: actually apply latest CVE patches
new 5f4fe91 shadow: improve reproducibility by hard-coding shell path
new bade7cc busybox: make busybox.links.{suid, nosuid} reproducible
new 8f5b6a3 openssl-1.1.1: remove build path from version info
new cc04714 oeqa/utils/httpserver: Rework to avoid hangs and improve logging
new 4f22710 sanity: Add check for WSL
The 5 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
meta/classes/archiver.bbclass | 10 +-
meta/classes/base.bbclass | 10 +-
meta/classes/crosssdk.bbclass | 8 +-
meta/classes/go.bbclass | 2 +-
meta/classes/image-buildinfo.bbclass | 2 +
meta/classes/reproducible_build.bbclass | 5 +-
meta/classes/sanity.bbclass | 11 +
meta/conf/bitbake.conf | 3 +-
meta/files/common-licenses/FreeType | 4 +-
meta/lib/oeqa/core/runner.py | 8 +
meta/lib/oeqa/runtime/cases/apt.py | 2 +-
meta/lib/oeqa/runtime/cases/dnf.py | 2 +-
meta/lib/oeqa/runtime/cases/opkg.py | 2 +-
meta/lib/oeqa/runtime/cases/ptest.py | 21 +-
meta/lib/oeqa/selftest/cases/buildoptions.py | 23 +
meta/lib/oeqa/selftest/cases/containerimage.py | 1 +
meta/lib/oeqa/selftest/cases/recipetool.py | 4 +-
meta/lib/oeqa/selftest/context.py | 2 +-
meta/lib/oeqa/utils/httpserver.py | 37 +-
.../v86d/v86d/Support-for-cross-compilation.patch | 34 +
meta/recipes-bsp/v86d/v86d/aarch64-host.patch | 18 -
meta/recipes-bsp/v86d/v86d_0.1.10.bb | 4 +-
...trip-sysroot-and-debug-prefix-map-from-co.patch | 70 ++
.../openssl/openssl/0002-fix-CVE-2018-0734.patch | 108 +++
.../openssl/openssl/0003-fix-CVE-2018-0735.patch | 50 ++
.../openssl/openssl10/0001-fix-CVE-2018-0734.patch | 33 +
.../openssl/openssl10_1.0.2p.bb | 1 +
meta/recipes-connectivity/openssl/openssl_1.1.1.bb | 3 +
meta/recipes-core/busybox/busybox.inc | 3 +-
.../0034-inject-file-assembly-directives.patch | 13 +
.../images/build-appliance-image_15.0.0.bb | 6 +-
.../initscripts-1.0/populate-volatile.sh | 4 +-
.../packagegroup-core-tools-profile.bb | 1 +
...sive-let-s-rework-the-recursive-logic-to-.patch | 219 ++++++
...eserializing-state-always-use-read_line-L.patch | 250 +++++++
...sure-we-have-enough-space-for-the-DHCP6-o.patch | 39 +
meta/recipes-core/systemd/systemd_239.bb | 3 +
meta/recipes-core/sysvinit/sysvinit_2.88dsf.bb | 2 +-
meta/recipes-devtools/apt/apt.inc | 2 +-
meta/recipes-devtools/binutils/binutils-2.31.inc | 4 +
.../binutils/binutils/CVE-2018-18309.patch | 308 ++++++++
.../binutils/binutils/CVE-2018-18605.patch | 47 ++
.../binutils/binutils/CVE-2018-18606.patch | 70 ++
.../binutils/binutils/CVE-2018-18607.patch | 77 ++
.../{elfutils_0.173.bb => elfutils_0.174.bb} | 10 +-
...01-arlib-Check-that-sh_entsize-isn-t-zero.patch | 36 +
...Check-end-of-attributes-list-consistently.patch | 84 ---
...Sanity-check-partial-core-file-data-reads.patch | 60 ++
.../0001-size-Handle-recursive-ELF-ar-files.patch | 40 +
...rn-error-if-elf_compress_gnu-is-used-on-S.patch | 59 --
...de-alternatives-for-glibc-assumptions-hel.patch | 808 +--------------------
.../elfutils/files/CVE-2018-16062.patch | 79 --
meta/recipes-devtools/go/go-cross.inc | 4 +-
meta/recipes-devtools/go/go-dep_0.5.0.bb | 5 +
meta/recipes-devtools/go/go-runtime.inc | 2 +-
meta/recipes-devtools/go/go-target.inc | 2 +-
...proc-parse_size-Check-for-string-provided.patch | 37 +
meta/recipes-devtools/nasm/nasm_2.13.03.bb | 1 +
.../python/python3/python3-manifest.json | 17 +
meta/recipes-devtools/python/python3_3.5.6.bb | 4 +-
.../{CVE-2018-17958.patch => CVE-2018-10839.patch} | 22 +-
meta/recipes-devtools/valgrind/valgrind_3.14.0.bb | 1 +
...add-operand-checking-to-.setnativefontmap.patch | 59 ++
...Improve-hiding-of-security-critical-custo.patch | 434 +++++++++++
...32-add-control-over-hiding-error-handlers.patch | 172 +++++
...operators-pass-a-name-object-to-error-han.patch | 105 +++
...-699938-.loadfontloop-must-be-an-operator.patch | 31 +
...define-some-additional-internal-operators.patch | 42 ++
...don-t-include-operator-arrays-in-execstac.patch | 197 +++++
...put-unavailable-from-.policyprocs-helper-.patch | 245 +++++++
.../ghostscript/ghostscript_9.25.bb | 8 +
meta/recipes-extended/shadow/shadow.inc | 2 +
...code-native_2018f.bb => tzcode-native_2018g.bb} | 8 +-
.../tzdata/{tzdata_2018f.bb => tzdata_2018g.bb} | 4 +-
.../unzip/unzip/CVE-2018-18384.patch | 39 +
meta/recipes-extended/unzip/unzip_6.0.bb | 1 +
meta/recipes-graphics/xorg-lib/pixman_0.34.0.bb | 2 +-
.../xorg-xserver/xserver-xorg/CVE-2018-14665.patch | 62 ++
.../xorg-xserver/xserver-xorg_1.20.1.bb | 1 +
meta/recipes-kernel/perf/perf.bb | 4 +
meta/recipes-support/apr/apr-util_1.6.1.bb | 2 +-
meta/recipes-support/apr/apr_1.6.3.bb | 2 +-
.../recipes-support/curl/curl/CVE-2018-16839.patch | 35 +
.../recipes-support/curl/curl/CVE-2018-16840.patch | 43 ++
.../recipes-support/curl/curl/CVE-2018-16842.patch | 35 +
meta/recipes-support/curl/curl_7.61.0.bb | 3 +
meta/recipes-support/gdbm/gdbm_1.18.bb | 2 +-
.../libgpg-error/libgpg-error_1.32.bb | 6 +-
.../nss/{nss_3.38.bb => nss_3.39.bb} | 4 +-
scripts/autobuilder-worker-prereq-tests | 9 +-
scripts/lib/wic/filemap.py | 9 +-
scripts/oe-buildenv-internal | 11 +-
92 files changed, 3255 insertions(+), 1119 deletions(-)
create mode 100644 meta/recipes-bsp/v86d/v86d/Support-for-cross-compilation.patch
delete mode 100644 meta/recipes-bsp/v86d/v86d/aarch64-host.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/0002-fix-CVE-2018-0734.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/0003-fix-CVE-2018-0735.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl10/0001-fix-CVE-2018-0734.patch
create mode 100644 meta/recipes-core/systemd/systemd/0001-chown-recursive-let-s-rework-the-recursive-logic-to-.patch
create mode 100644 meta/recipes-core/systemd/systemd/0001-core-when-deserializing-state-always-use-read_line-L.patch
create mode 100644 meta/recipes-core/systemd/systemd/0001-dhcp6-make-sure-we-have-enough-space-for-the-DHCP6-o.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2018-18309.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2018-18605.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2018-18606.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2018-18607.patch
rename meta/recipes-devtools/elfutils/{elfutils_0.173.bb => elfutils_0.174.bb} (89%)
create mode 100644 meta/recipes-devtools/elfutils/files/0001-arlib-Check-that-sh_entsize-isn-t-zero.patch
delete mode 100644 meta/recipes-devtools/elfutils/files/0001-libdw-Check-end-of-attributes-list-consistently.patch
create mode 100644 meta/recipes-devtools/elfutils/files/0001-libdwfl-Sanity-check-partial-core-file-data-reads.patch
create mode 100644 meta/recipes-devtools/elfutils/files/0001-size-Handle-recursive-ELF-ar-files.patch
delete mode 100644 meta/recipes-devtools/elfutils/files/0002-libelf-Return-error-if-elf_compress_gnu-is-used-on-S.patch
delete mode 100644 meta/recipes-devtools/elfutils/files/CVE-2018-16062.patch
create mode 100644 meta/recipes-devtools/nasm/nasm/0001-preproc-parse_size-Check-for-string-provided.patch
copy meta/recipes-devtools/qemu/qemu/{CVE-2018-17958.patch => CVE-2018-10839.patch} (74%)
create mode 100644 meta/recipes-extended/ghostscript/files/0001-Bug-699795-add-operand-checking-to-.setnativefontmap.patch
create mode 100644 meta/recipes-extended/ghostscript/files/0002-Bug-699816-Improve-hiding-of-security-critical-custo.patch
create mode 100644 meta/recipes-extended/ghostscript/files/0003-Bug-699832-add-control-over-hiding-error-handlers.patch
create mode 100644 meta/recipes-extended/ghostscript/files/0004-For-hidden-operators-pass-a-name-object-to-error-han.patch
create mode 100644 meta/recipes-extended/ghostscript/files/0005-Bug-699938-.loadfontloop-must-be-an-operator.patch
create mode 100644 meta/recipes-extended/ghostscript/files/0006-Undefine-some-additional-internal-operators.patch
create mode 100644 meta/recipes-extended/ghostscript/files/0007-Bug-699927-don-t-include-operator-arrays-in-execstac.patch
create mode 100644 meta/recipes-extended/ghostscript/files/0008-Make-.forceput-unavailable-from-.policyprocs-helper-.patch
rename meta/recipes-extended/tzcode/{tzcode-native_2018f.bb => tzcode-native_2018g.bb} (70%)
rename meta/recipes-extended/tzdata/{tzdata_2018f.bb => tzdata_2018g.bb} (98%)
create mode 100644 meta/recipes-extended/unzip/unzip/CVE-2018-18384.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2018-14665.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2018-16839.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2018-16840.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2018-16842.patch
rename meta/recipes-support/nss/{nss_3.38.bb => nss_3.39.bb} (98%)
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Openembedded-commits
mailing list