[oe-commits] [openembedded-core] branch thud-next updated (aad245e -> 96615cc)
git at git.openembedded.org
git at git.openembedded.org
Fri Nov 22 16:17:43 UTC 2019
This is an automated email from the git hooks/post-receive script.
rpurdie pushed a change to branch thud-next
in repository openembedded-core.
from aad245e expat: fix CVE-2018-20843
add d3d3f44 build-appliance-image: Update to thud head revision
add f965ecb buildhistory: call a dependency parser only on actual dependency lists
add bd367f5 patch: fix CVE-2019-13636
add ad90312 python3: fix CVE-2019-9740
add 75a4b4d curl: fix CVE-2018-16890 CVE-2019-3822 CVE-2019-3823
add 144363d dbus: fix CVE-2019-12749
add 51f7ecf glib-2.0: fix CVE-2019-13012
add 2cebc7f libcomps: fix CVE-2019-3817
add fac2d38 qemu: add a patch fixing the native build on newer kernels
add 7920596 gcc: Security fix for CVE-2019-14250
add a367928 binutils: Security fix for CVE-2019-14444
add 16f4520 binutils: Security fix for CVE-2019-12972
add 25b2f2c bind: update to latest LTS 9.11.5
add b24447b bind: upgrade 9.11.5 -> 9.11.5-P4
add 6018e97 go: update to 1.11.13, minor updates
add d0e2bab dhcp: fix issue with new bind changes
add 109e842 dhcp: drop lost patch
add 5deab12 dhcp: Replace OE specific patch for compatibility with latest bind with upstream patch
add 981eeec binutils: Fix 4 CVEs
add 3f1c02a python: Fix 3 CVEs
add 5862716 python3: Fix CVEs
add c9c3fab libxslt: Cve fix CVE-2019-11068
add 07cd0d6 libxslt: fix CVE-2019-13117 CVE-2019-13118
add 308c44f patch: fix CVE-2019-13638
add e2869ff patch: backport fixes
add 20b23cb pango: fix CVE-2019-1010238
add f5be8c8 linux-yocto/4.14: update to v4.14.143
add c54411d oeqa/selftest/context: ensure log directory exists
add e4b6a39 qemu: Fix 4 CVEs
add 8ca8000 elfutils: CVE fix for elfutils
add 7857d85 unzip: fix CVE-2019-13232
add fad633e json-c: Don't --enable-rdrand
add cffd085 perl: Fix CVE-2018-18311 to 18314
add c0c66d2 sqlite3: Security fix for CVE-2019-8457
add c901bc8 wget: Security fixes CVE-2018-20483
add 5b5ca76 qemu: fix build issue on new hosts with glibc 2.30
add ff3b021 libgpg-error: Fix build with gawk 5.x
add e40c38a gnupg: Do not apply -Woverride-init guard for gcc >= 9
add e6728a8 uninative: Update to 2.7 release
add 4972582 kernel.bbclass: fix installation of modules signing certificates
add 3b8db95 arch-arm64.inc: Lower the priority of aarch64 in MACHINEOVERRIDES
add d68441e glibc: Security fix for cve <CVE-2019-6488, CVE-2019-7309>
add 85da4cc kernel-devsrc: check for localversion files in the kernel source tree
add 54c6892 gnutls: Fix CVE-2019-3829 and CVE-2019-3836
add 82a9850 libsolv: Security fix for CVEs: <CVE-2018-20532, CVE-2018-20533, CVE-2018-20534>
add 57d30f2 curl: Security fix for CVE-2019-5482
add bace400 build-appliance-image: Update to thud head revision
add 5110080 Revert "OpkgPM: use --add-ignore-recommends to process BAD_RECOMMENDATIONS"
add cd7cf93 build-appliance-image: Update to thud head revision
new 96615cc at-spi2: fix dbus-daemon path
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
meta/classes/kernel.bbclass | 2 +-
meta/conf/distro/include/yocto-uninative.inc | 10 +-
meta/conf/machine/include/arm/arch-arm64.inc | 2 +-
meta/lib/oe/buildhistory_analysis.py | 2 +-
meta/lib/oe/package_manager.py | 41 +-
meta/lib/oe/rootfs.py | 2 +
meta/lib/oeqa/selftest/context.py | 1 +
.../bind/bind/CVE-2018-5740.patch | 72 --
.../bind/{bind_9.11.4.bb => bind_9.11.5-P4.bb} | 8 +-
...d-includes-of-new-BIND9-compatibility-hea.patch | 79 ++
.../dhcp/0008-tweak-to-support-external-bind.patch | 117 ---
meta/recipes-connectivity/dhcp/dhcp_4.4.1.bb | 1 +
meta/recipes-core/dbus/dbus/CVE-2019-12749.patch | 127 +++
meta/recipes-core/dbus/dbus_1.12.10.bb | 1 +
.../glib-2.0/glib-2.0/CVE-2019-13012.patch | 47 ++
meta/recipes-core/glib-2.0/glib-2.0_2.58.0.bb | 1 +
meta/recipes-core/glibc/glibc/CVE-2019-6488.patch | 274 +++++++
meta/recipes-core/glibc/glibc/CVE-2019-7309.patch | 207 +++++
meta/recipes-core/glibc/glibc_2.28.bb | 2 +
.../images/build-appliance-image_15.0.0.bb | 2 +-
meta/recipes-devtools/binutils/binutils-2.31.inc | 6 +
.../binutils/binutils/CVE-2018-1000876.patch | 180 +++++
.../binutils/binutils/CVE-2018-20623.patch | 74 ++
.../binutils/binutils/CVE-2018-20651.patch | 35 +
.../binutils/binutils/CVE-2018-20671.patch | 49 ++
.../binutils/binutils/CVE-2019-12972.patch | 39 +
.../binutils/binutils/CVE-2019-14444.patch | 33 +
meta/recipes-devtools/elfutils/elfutils_0.175.bb | 2 +
.../elfutils/files/CVE-2019-7664.patch | 65 ++
.../elfutils/files/CVE-2019-7665.patch | 154 ++++
meta/recipes-devtools/gcc/gcc-8.2.inc | 1 +
.../gcc/gcc-8.2/CVE-2019-14250.patch | 44 ++
meta/recipes-devtools/go/go-1.11.inc | 6 +-
meta/recipes-devtools/json-c/json-c_0.13.1.bb | 2 -
.../libcomps/libcomps/CVE-2019-3817.patch | 97 +++
meta/recipes-devtools/libcomps/libcomps_git.bb | 1 +
...k-temporary-file-on-failed-ed-style-patch.patch | 93 +++
...ak-temporary-file-on-failed-multi-file-ed.patch | 80 ++
...ke-ed-directly-instead-of-using-the-shell.patch | 44 ++
.../patch/patch/CVE-2019-13636.patch | 113 +++
meta/recipes-devtools/patch/patch_2.7.6.bb | 4 +
.../perl/perl/CVE-2018-18311.patch | 183 +++++
.../perl/perl/CVE-2018-18312.patch | Bin 0 -> 2125 bytes
.../perl/perl/CVE-2018-18313.patch | 60 ++
.../perl/perl/CVE-2018-18314.patch | 271 +++++++
meta/recipes-devtools/perl/perl_5.24.4.bb | 4 +
.../python/python/bpo-30458-cve-2019-9740.patch | 219 ++++++
.../python/python/bpo-35121-cve-2018-20852.patch | 127 +++
.../python/python3/CVE-2018-14647.patch | 95 +++
.../python/python3/CVE-2018-20406.patch | 217 +++++
.../python/python3/CVE-2018-20852.patch | 129 +++
.../python/python3/CVE-2019-9636.patch | 154 ++++
.../python/python3/CVE-2019-9740.patch | 155 ++++
meta/recipes-devtools/python/python3_3.5.6.bb | 5 +
meta/recipes-devtools/python/python_2.7.16.bb | 2 +
...nux-user-assume-__NR_gettid-always-exists.patch | 49 ++
...rename-gettid-to-sys_gettid-to-avoid-clas.patch | 95 +++
...error-messages-when-qemi_cpu_kick_thread-.patch | 19 +-
...fix-to-handle-variably-sized-SIOCGSTAMP-w.patch | 336 ++++++++
.../qemu/qemu/CVE-2018-10839.patch | 2 +-
.../qemu/qemu/CVE-2018-17958.patch | 52 --
.../qemu/qemu/CVE-2018-18954.patch | 50 ++
.../recipes-devtools/qemu/qemu/CVE-2019-3812.patch | 39 +
.../recipes-devtools/qemu/qemu/CVE-2019-6778.patch | 41 +
.../recipes-devtools/qemu/qemu/CVE-2019-8934.patch | 215 +++++
meta/recipes-devtools/qemu/qemu_3.0.0.bb | 9 +-
.../0003-Fix-Dereference-of-null-pointer.patch | 33 +
.../0004-Fix-Add-va_end-before-return.patch | 36 +
.../libsolv/libsolv/0005-Fix-Memory-leaks.patch | 158 ++++
.../libsolv/0006-Fix-testsolv-segfault.patch | 41 +
.../libsolv/0007-Fix-testsolv-segfaults.patch | 47 ++
.../0008-Fix-Be-sure-that-NONBLOCK-is-set.patch | 37 +
...0009-Don-t-set-values-that-are-never-read.patch | 113 +++
meta/recipes-extended/libsolv/libsolv_0.6.35.bb | 7 +
.../unzip/unzip/CVE-2019-13232_p1.patch | 33 +
.../unzip/unzip/CVE-2019-13232_p2.patch | 356 +++++++++
.../unzip/unzip/CVE-2019-13232_p3.patch | 121 +++
meta/recipes-extended/unzip/unzip_6.0.bb | 3 +
.../wget/wget/CVE-2018-20483_p1.patch | 73 ++
.../wget/wget/CVE-2018-20483_p2.patch | 127 +++
meta/recipes-extended/wget/wget_1.19.5.bb | 2 +
.../pango/pango/CVE-2019-1010238.patch | 38 +
meta/recipes-graphics/pango/pango_1.42.4.bb | 4 +-
meta/recipes-kernel/linux/kernel-devsrc.bb | 9 +
meta/recipes-kernel/linux/linux-yocto-rt_4.14.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto-tiny_4.14.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_4.14.bb | 20 +-
meta/recipes-support/atk/at-spi2-core_2.28.0.bb | 2 +-
.../recipes-support/curl/curl/CVE-2018-16890.patch | 50 ++
meta/recipes-support/curl/curl/CVE-2019-3822.patch | 47 ++
meta/recipes-support/curl/curl/CVE-2019-3823.patch | 55 ++
meta/recipes-support/curl/curl/CVE-2019-5482.patch | 68 ++
meta/recipes-support/curl/curl_7.61.0.bb | 4 +
...1-Woverride-init-is-not-needed-with-gcc-9.patch | 31 +
...c-use-a-custom-value-for-the-location-of-.patch | 6 +-
meta/recipes-support/gnupg/gnupg/relocate.patch | 2 +-
meta/recipes-support/gnupg/gnupg_2.2.12.bb | 3 +-
.../gnutls/gnutls/CVE-2019-3829_p1.patch | 39 +
.../gnutls/gnutls/CVE-2019-3829_p2.patch | 871 +++++++++++++++++++++
.../gnutls/gnutls/CVE-2019-3829_p3.patch | 36 +
.../gnutls/gnutls/CVE-2019-3836.patch | 35 +
meta/recipes-support/gnutls/gnutls_3.6.4.bb | 4 +
.../libgpg-error-1.35-gawk5-support.patch | 161 ++++
.../libgpg-error/libgpg-error_1.32.bb | 1 +
.../libxslt/files/CVE-2019-13117.patch | 33 +
.../libxslt/files/CVE-2019-13118.patch | 76 ++
.../libxslt/libxslt/CVE-2019-11068.patch | 128 +++
meta/recipes-support/libxslt/libxslt_1.1.32.bb | 5 +-
.../sqlite/files/CVE-2019-8457.patch | 126 +++
meta/recipes-support/sqlite/sqlite3_3.23.1.bb | 1 +
110 files changed, 7405 insertions(+), 297 deletions(-)
delete mode 100644 meta/recipes-connectivity/bind/bind/CVE-2018-5740.patch
rename meta/recipes-connectivity/bind/{bind_9.11.4.bb => bind_9.11.5-P4.bb} (95%)
create mode 100644 meta/recipes-connectivity/dhcp/dhcp/0001-master-Added-includes-of-new-BIND9-compatibility-hea.patch
delete mode 100644 meta/recipes-connectivity/dhcp/dhcp/0008-tweak-to-support-external-bind.patch
create mode 100644 meta/recipes-core/dbus/dbus/CVE-2019-12749.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2019-13012.patch
create mode 100644 meta/recipes-core/glibc/glibc/CVE-2019-6488.patch
create mode 100644 meta/recipes-core/glibc/glibc/CVE-2019-7309.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2018-1000876.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2018-20623.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2018-20651.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2018-20671.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2019-12972.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2019-14444.patch
create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2019-7664.patch
create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2019-7665.patch
create mode 100644 meta/recipes-devtools/gcc/gcc-8.2/CVE-2019-14250.patch
create mode 100644 meta/recipes-devtools/libcomps/libcomps/CVE-2019-3817.patch
create mode 100644 meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-ed-style-patch.patch
create mode 100644 meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-multi-file-ed.patch
create mode 100644 meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch
create mode 100644 meta/recipes-devtools/patch/patch/CVE-2019-13636.patch
create mode 100644 meta/recipes-devtools/perl/perl/CVE-2018-18311.patch
create mode 100644 meta/recipes-devtools/perl/perl/CVE-2018-18312.patch
create mode 100644 meta/recipes-devtools/perl/perl/CVE-2018-18313.patch
create mode 100644 meta/recipes-devtools/perl/perl/CVE-2018-18314.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-30458-cve-2019-9740.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-35121-cve-2018-20852.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2018-14647.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2018-20406.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2018-20852.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2019-9636.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2019-9740.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0001-linux-user-assume-__NR_gettid-always-exists.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0001-linux-user-rename-gettid-to-sys_gettid-to-avoid-clas.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0014-linux-user-fix-to-handle-variably-sized-SIOCGSTAMP-w.patch
delete mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-17958.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-18954.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2019-3812.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2019-6778.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2019-8934.patch
create mode 100644 meta/recipes-extended/libsolv/libsolv/0003-Fix-Dereference-of-null-pointer.patch
create mode 100644 meta/recipes-extended/libsolv/libsolv/0004-Fix-Add-va_end-before-return.patch
create mode 100644 meta/recipes-extended/libsolv/libsolv/0005-Fix-Memory-leaks.patch
create mode 100644 meta/recipes-extended/libsolv/libsolv/0006-Fix-testsolv-segfault.patch
create mode 100644 meta/recipes-extended/libsolv/libsolv/0007-Fix-testsolv-segfaults.patch
create mode 100644 meta/recipes-extended/libsolv/libsolv/0008-Fix-Be-sure-that-NONBLOCK-is-set.patch
create mode 100644 meta/recipes-extended/libsolv/libsolv/0009-Don-t-set-values-that-are-never-read.patch
create mode 100644 meta/recipes-extended/unzip/unzip/CVE-2019-13232_p1.patch
create mode 100644 meta/recipes-extended/unzip/unzip/CVE-2019-13232_p2.patch
create mode 100644 meta/recipes-extended/unzip/unzip/CVE-2019-13232_p3.patch
create mode 100644 meta/recipes-extended/wget/wget/CVE-2018-20483_p1.patch
create mode 100644 meta/recipes-extended/wget/wget/CVE-2018-20483_p2.patch
create mode 100644 meta/recipes-graphics/pango/pango/CVE-2019-1010238.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2018-16890.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2019-3822.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2019-3823.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2019-5482.patch
create mode 100644 meta/recipes-support/gnupg/gnupg/0001-Woverride-init-is-not-needed-with-gcc-9.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2019-3829_p1.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2019-3829_p2.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2019-3829_p3.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2019-3836.patch
create mode 100644 meta/recipes-support/libgpg-error/libgpg-error/libgpg-error-1.35-gawk5-support.patch
create mode 100644 meta/recipes-support/libxslt/files/CVE-2019-13117.patch
create mode 100644 meta/recipes-support/libxslt/files/CVE-2019-13118.patch
create mode 100644 meta/recipes-support/libxslt/libxslt/CVE-2019-11068.patch
create mode 100644 meta/recipes-support/sqlite/files/CVE-2019-8457.patch
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Openembedded-commits
mailing list