[oe-commits] [openembedded-core] branch sumo updated (82b0189 -> 361c40d)
git at git.openembedded.org
git at git.openembedded.org
Thu Sep 27 11:18:05 UTC 2018
This is an automated email from the git hooks/post-receive script.
rpurdie pushed a change to branch sumo
in repository openembedded-core.
from 82b0189 swig: Remove superfluous python dependency
new a925096 util-linux: upgrade 2.32 -> 2.32.1
new 54b2675 blktrace: Security fix CVE-2018-10689
new df1cd90 busybox: handle syslog
new 996247b busybox: move init related configs to init.cfg
new 38f1648 busybox/mdev-mount.sh: Fix partition detect and cleanup mountpoint on fail
new 221e5fc libexif: patch for CVE-2017-7544
new cf3b59c squashfs-tools: patch for CVE-2015-4645(4646)
new 3abf793 libcroco: patch for CVE-2017-7960
new 86be219 libid3tag: patch for CVE-2004-2779
new b5fb3a7 xserver-xorg: config: fix NULL value detection for ID_INPUT being unset
new 4b4c663 taglib: Security fix CVE-2018-11439
new 52d3c4c libice: patch for CVE-2017-2626
new ffe1795 serf: Fix Sconstruct build with python 3.7
new 4e67fa9 os-release: fix to install in the expected location
new 96f69ae wpa-supplicant: fix CVE-2018-14526
new ab1bfa1 libarchive: CVE-2017-14501
new e3254b4 libcgroup: CVE-2018-14348
new a1c0135 binutils: Change the ARM assembler's ADR and ADRl pseudo-ops so that they will only set the bottom bit of imported thumb function symbols if the -mthumb-interwork option is active.
new 7680519 linux-yocto/4.12: update to v4.12.28
new e98edd9 linux-yocto/4.14: update to v4.14.62
new 42660b3 linux-yocto/4.14: update to v4.14.67
new 0a1ff2a lrzsz: fix CVE-2018-10195
new a8cb9b6 apr-util: fix ptest fail problem
new 1c6ae92 cve-check.bbclass: detect CVE IDs listed on multiple lines
new 2f84939 cve-check.bbclass: do not download the CVE DB in package-specific tasks
new c35a035 busybox: CVE-2017-15874
new 4cc1862 libpng: CVE-2018-13785
new 0469c07 sqlite3: CVE-2018-8740
new 361c40d glibc: fix CVE-2018-11237
The 29 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
meta/classes/cve-check.bbclass | 12 +-
.../lrzsz/lrzsz-0.12.20/cve-2018-10195.patch | 28 ++++
meta/recipes-bsp/lrzsz/lrzsz_0.12.20.bb | 1 +
.../wpa_supplicant-CVE-2018-14526.patch | 44 ++++++
.../wpa-supplicant/wpa-supplicant_2.6.bb | 1 +
meta/recipes-core/busybox/busybox.inc | 14 +-
.../busybox/busybox/CVE-2017-15874.patch | 30 ++++
meta/recipes-core/busybox/busybox/defconfig | 12 +-
meta/recipes-core/busybox/busybox/init.cfg | 7 +-
meta/recipes-core/busybox/busybox_1.27.2.bb | 1 +
meta/recipes-core/busybox/files/mdev-mount.sh | 4 +-
meta/recipes-core/glibc/glibc/CVE-2018-11237.patch | 82 ++++++++++
meta/recipes-core/glibc/glibc_2.27.bb | 1 +
.../libcgroup/libcgroup/CVE-2018-14348.patch | 37 +++++
meta/recipes-core/libcgroup/libcgroup_0.41.bb | 3 +-
meta/recipes-core/os-release/os-release.bb | 9 +-
.../{util-linux_2.32.bb => util-linux_2.32.1.bb} | 4 +-
meta/recipes-devtools/binutils/binutils-2.30.inc | 1 +
...ARM-assembler-s-ADR-and-ADRl-pseudo-ops-s.patch | 176 +++++++++++++++++++++
...-squashfs-tools-patch-for-CVE-2015-4645-6.patch | 47 ++++++
.../squashfs-tools/squashfs-tools_git.bb | 1 +
.../libarchive/libarchive/CVE-2017-14501.patch | 79 +++++++++
.../libarchive/libarchive_3.3.2.bb | 1 +
.../xorg-lib/libice/CVE-2017-2626.patch | 149 +++++++++++++++++
meta/recipes-graphics/xorg-lib/libice_1.0.9.bb | 2 +
...NULL-value-detection-for-ID_INPUT-being-u.patch | 40 +++++
.../xorg-xserver/xserver-xorg_1.19.6.bb | 1 +
.../blktrace/blktrace/CVE-2018-10689.patch | 150 ++++++++++++++++++
meta/recipes-kernel/blktrace/blktrace_git.bb | 1 +
meta/recipes-kernel/linux/linux-yocto-rt_4.12.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto-rt_4.14.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto-tiny_4.12.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto-tiny_4.14.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_4.12.bb | 20 +--
meta/recipes-kernel/linux/linux-yocto_4.14.bb | 20 +--
.../libid3tag/libid3tag/10_utf16.dpatch | 33 ++++
.../libid3tag/libid3tag_0.15.1b.bb | 1 +
.../libpng/files/CVE-2018-13785.patch | 37 +++++
meta/recipes-multimedia/libpng/libpng_1.6.34.bb | 4 +-
.../apr-util/0001-Fix-error-handling-in-gdbm.patch | 135 ++++++++++++++++
meta/recipes-support/apr/apr-util_1.6.1.bb | 1 +
.../libcroco/libcroco/CVE-2017-7960.patch | 56 +++++++
meta/recipes-support/libcroco/libcroco_0.6.12.bb | 2 +
.../libexif/libexif/CVE-2017-7544.patch | 40 +++++
meta/recipes-support/libexif/libexif_0.6.21.bb | 3 +-
...of-a-print-in-the-scons-file-to-unbreak-b.patch | 29 ++++
...truct-Fix-path-quoting-for-.def-generator.patch | 27 ++++
meta/recipes-support/serf/serf/0003-gen_def.patch | 22 +++
...o-r1811083-fix-building-with-scons-3.0.0-.patch | 29 ++++
meta/recipes-support/serf/serf_1.3.9.bb | 7 +-
.../sqlite/files/CVE-2018-8740.patch | 47 ++++++
meta/recipes-support/sqlite/sqlite3_3.22.0.bb | 1 +
.../taglib/taglib/CVE-2018-11439.patch | 51 ++++++
meta/recipes-support/taglib/taglib_1.11.1.bb | 1 +
54 files changed, 1468 insertions(+), 60 deletions(-)
create mode 100644 meta/recipes-bsp/lrzsz/lrzsz-0.12.20/cve-2018-10195.patch
create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/wpa_supplicant-CVE-2018-14526.patch
create mode 100644 meta/recipes-core/busybox/busybox/CVE-2017-15874.patch
create mode 100644 meta/recipes-core/glibc/glibc/CVE-2018-11237.patch
create mode 100644 meta/recipes-core/libcgroup/libcgroup/CVE-2018-14348.patch
rename meta/recipes-core/util-linux/{util-linux_2.32.bb => util-linux_2.32.1.bb} (86%)
create mode 100644 meta/recipes-devtools/binutils/binutils/0001-Change-the-ARM-assembler-s-ADR-and-ADRl-pseudo-ops-s.patch
create mode 100644 meta/recipes-devtools/squashfs-tools/squashfs-tools/0001-squashfs-tools-patch-for-CVE-2015-4645-6.patch
create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2017-14501.patch
create mode 100644 meta/recipes-graphics/xorg-lib/libice/CVE-2017-2626.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-config-fix-NULL-value-detection-for-ID_INPUT-being-u.patch
create mode 100644 meta/recipes-kernel/blktrace/blktrace/CVE-2018-10689.patch
create mode 100644 meta/recipes-multimedia/libid3tag/libid3tag/10_utf16.dpatch
create mode 100644 meta/recipes-multimedia/libpng/files/CVE-2018-13785.patch
create mode 100644 meta/recipes-support/apr/apr-util/0001-Fix-error-handling-in-gdbm.patch
create mode 100644 meta/recipes-support/libcroco/libcroco/CVE-2017-7960.patch
create mode 100644 meta/recipes-support/libexif/libexif/CVE-2017-7544.patch
create mode 100644 meta/recipes-support/serf/serf/0001-Fix-syntax-of-a-print-in-the-scons-file-to-unbreak-b.patch
create mode 100644 meta/recipes-support/serf/serf/0002-SConstruct-Fix-path-quoting-for-.def-generator.patch
create mode 100644 meta/recipes-support/serf/serf/0003-gen_def.patch
create mode 100644 meta/recipes-support/serf/serf/0004-Follow-up-to-r1811083-fix-building-with-scons-3.0.0-.patch
create mode 100644 meta/recipes-support/sqlite/files/CVE-2018-8740.patch
create mode 100644 meta/recipes-support/taglib/taglib/CVE-2018-11439.patch
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Openembedded-commits
mailing list