[oe-commits] [openembedded-core] branch thud updated (cd7cf93 -> e68991c)
git at git.openembedded.org
git at git.openembedded.org
Mon Dec 16 23:11:29 UTC 2019
This is an automated email from the git hooks/post-receive script.
rpurdie pushed a change to branch thud
in repository openembedded-core.
from cd7cf93 build-appliance-image: Update to thud head revision
new 3aead67 at-spi2: fix dbus-daemon path
new 4a17afb sdk: Install nativesdk locales for all TCLIBC variants
new fbc13f9 libgcrypt: CVE-2019-12904
new 95ab151 tar: Fix CVE-2018-20482
new e21a8e3 sudo: Fix CVE-2019-14287
new beeed02 cve-check: backport rewrite from master
new 9d01a64 cve-check: ensure all known CVEs are in the report
new 72f44be cve-check: failure to parse versions should be more visible
new cbb5d26 cve-check: we don't actually need to unpack to check
new 091a35c cve-update-db-native: don't refresh more than once an hour
new 29cc2b5 cve-update-db-native: don't hardcode the database name
new 27ee95b cve-update-db-native: add an index on the CVE ID column
new aa197b9 cve-update-db-native: clean up proxy handling
new 541dc24 cve-check: rewrite look to fix false negatives
new 1f3863b cve-check: neaten get_cve_info
new b52d634 cve-check: fetch CVE data once at a time instead of in a single call
new e7ed139 glibc: finish incomplete fix for CVE-2016-10739
new e68991c linux-yocto/4.14: update to 4.14.154
The 18 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
meta/classes/cve-check.bbclass | 181 ++--
meta/conf/distro/include/maintainers.inc | 1 +
meta/lib/oe/sdk.py | 4 -
meta/recipes-core/glibc/glibc-locale.inc | 3 +
meta/recipes-core/glibc/glibc-mtrace.inc | 3 +
meta/recipes-core/glibc/glibc-scripts.inc | 3 +
meta/recipes-core/glibc/glibc/CVE-2016-10739.patch | 910 ++++++++++++++++++++-
meta/recipes-core/meta/cve-update-db-native.bb | 185 +++++
.../cve-check-tool/cve-check-tool_5.6.4.bb | 62 --
...01-Fix-freeing-memory-allocated-by-sqlite.patch | 50 --
...ow-overriding-default-CA-certificate-file.patch | 215 -----
...ogress-in-percent-when-downloading-CVE-db.patch | 135 ---
...are-computed-vs-expected-sha256-digit-str.patch | 52 --
.../check-for-malloc_trim-before-using-it.patch | 51 --
.../sudo/sudo/CVE-2019-14287_p1.patch | 170 ++++
.../sudo/sudo/CVE-2019-14287_p2.patch | 98 +++
meta/recipes-extended/sudo/sudo_1.8.23.bb | 2 +
meta/recipes-extended/tar/tar/CVE-2018-20482.patch | 405 +++++++++
meta/recipes-extended/tar/tar_1.30.bb | 1 +
meta/recipes-kernel/linux/linux-yocto-rt_4.14.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto-tiny_4.14.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_4.14.bb | 20 +-
meta/recipes-support/atk/at-spi2-core_2.28.0.bb | 2 +-
.../libgcrypt/files/CVE-2019-12904_p1.patch | 176 ++++
.../libgcrypt/files/CVE-2019-12904_p2.patch | 330 ++++++++
meta/recipes-support/libgcrypt/libgcrypt_1.8.4.bb | 2 +
26 files changed, 2410 insertions(+), 663 deletions(-)
create mode 100644 meta/recipes-core/meta/cve-update-db-native.bb
delete mode 100644 meta/recipes-devtools/cve-check-tool/cve-check-tool_5.6.4.bb
delete mode 100644 meta/recipes-devtools/cve-check-tool/files/0001-Fix-freeing-memory-allocated-by-sqlite.patch
delete mode 100644 meta/recipes-devtools/cve-check-tool/files/0001-curl-allow-overriding-default-CA-certificate-file.patch
delete mode 100644 meta/recipes-devtools/cve-check-tool/files/0001-print-progress-in-percent-when-downloading-CVE-db.patch
delete mode 100644 meta/recipes-devtools/cve-check-tool/files/0001-update-Compare-computed-vs-expected-sha256-digit-str.patch
delete mode 100644 meta/recipes-devtools/cve-check-tool/files/check-for-malloc_trim-before-using-it.patch
create mode 100644 meta/recipes-extended/sudo/sudo/CVE-2019-14287_p1.patch
create mode 100644 meta/recipes-extended/sudo/sudo/CVE-2019-14287_p2.patch
create mode 100644 meta/recipes-extended/tar/tar/CVE-2018-20482.patch
create mode 100644 meta/recipes-support/libgcrypt/files/CVE-2019-12904_p1.patch
create mode 100644 meta/recipes-support/libgcrypt/files/CVE-2019-12904_p2.patch
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Openembedded-commits
mailing list