[oe-commits] [openembedded-core] branch zeus updated (6431e86 -> cabaff5)

git at git.openembedded.org git at git.openembedded.org
Fri Nov 22 23:36:51 UTC 2019


This is an automated email from the git hooks/post-receive script.

rpurdie pushed a change to branch zeus
in repository openembedded-core.

    from 6431e86  iputils: Whitelist CVE-2000-1213 CVE-2000-1214
     new b1a28ec  lz4: Whitelist CVE-2014-4715
     new 94c736e  libsoup: set CVE_PRODUCT
     new 9e3723d  cve-check: we don't actually need to unpack to check
     new 31f6746  cve-update-db-native: don't refresh more than once an hour
     new 664cc53  cve-update-db-native: don't hardcode the database name
     new 3c7aac4  cve-update-db-native: add an index on the CVE ID column
     new 7f37162  cve-update-db-native: clean up proxy handling
     new 3346eae  cve-check: rewrite look to fix false negatives
     new 89cfdc9  cve-check: neaten get_cve_info
     new ceca1c8  cve-check: fetch CVE data once at a time instead of in a single call
     new 222b76a  boost: fix build for x32
     new 7739d14  Revert "devtool/standard.py: Not filtering devtool workspace for devtool finish"
     new 53ec02c  python: update to 2.7.17
     new 2468a57  tiff: Refresh patch
     new cabaff5  bind: fix CVE-2019-6471 and CVE-2018-5743

The 15 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 meta/classes/cve-check.bbclass                     |  98 ++-
 .../bind/bind/0001-bind-fix-CVE-2019-6471.patch    |  64 ++
 .../0001-fix-enforcement-of-tcp-clients-v1.patch   |  60 ++
 ...02-tcp-clients-could-still-be-exceeded-v2.patch | 670 +++++++++++++++
 ...-reference-counter-for-pipeline-groups-v3.patch | 278 +++++++
 ...uota-accounting-and-client-mortality-chec.patch | 512 ++++++++++++
 ...pquota-and-pipeline-refs-allow-special-ca.patch | 911 +++++++++++++++++++++
 ...tore-allowance-for-tcp-clients-interfaces.patch |  80 ++
 ...mic-operations-in-bin-named-client.c-with.patch | 140 ++++
 meta/recipes-connectivity/bind/bind_9.11.5-P4.bb   |   8 +
 meta/recipes-core/meta/cve-update-db-native.bb     |  44 +-
 ...ative-fix-one-do_populate_sysroot-warning.patch |  25 +-
 ...on-native_2.7.16.bb => python-native_2.7.17.bb} |   2 +-
 meta/recipes-devtools/python/python.inc            |  10 +-
 ...55-Dont-parse-domains-containing-GH-13079.patch |  90 --
 ...43-Escape-the-server-title-of-DocXMLRPCSe.patch | 101 ---
 ...thon-Resolve-intermediate-staging-issues.patch} |  53 +-
 .../python/python/CVE-2018-20852.patch             | 123 ---
 .../python/python/CVE-2019-9740.patch              | 216 -----
 .../python/bpo-35907-cve-2019-9948-fix.patch       |  55 --
 .../python/python/bpo-35907-cve-2019-9948.patch    |  55 --
 .../python/bpo-36216-cve-2019-9636-fix.patch       |  28 -
 .../python/python/bpo-36216-cve-2019-9636.patch    | 111 ---
 .../python/python/bpo-36742-cve-2019-10160.patch   |  81 --
 .../python/{python_2.7.16.bb => python_2.7.17.bb}  |   3 -
 .../libtiff/tiff/CVE-2019-7663.patch               |  71 +-
 .../0001-dont-setup-compiler-flags-m32-m64.patch   |  42 +
 meta/recipes-support/boost/boost_1.71.0.bb         |   1 +
 meta/recipes-support/libsoup/libsoup-2.4_2.66.2.bb |   2 +
 meta/recipes-support/lz4/lz4_1.9.2.bb              |   3 +
 scripts/lib/devtool/standard.py                    |   2 +-
 31 files changed, 2911 insertions(+), 1028 deletions(-)
 create mode 100644 meta/recipes-connectivity/bind/bind/0001-bind-fix-CVE-2019-6471.patch
 create mode 100644 meta/recipes-connectivity/bind/bind/0001-fix-enforcement-of-tcp-clients-v1.patch
 create mode 100644 meta/recipes-connectivity/bind/bind/0002-tcp-clients-could-still-be-exceeded-v2.patch
 create mode 100644 meta/recipes-connectivity/bind/bind/0003-use-reference-counter-for-pipeline-groups-v3.patch
 create mode 100644 meta/recipes-connectivity/bind/bind/0004-better-tcpquota-accounting-and-client-mortality-chec.patch
 create mode 100644 meta/recipes-connectivity/bind/bind/0005-refactor-tcpquota-and-pipeline-refs-allow-special-ca.patch
 create mode 100644 meta/recipes-connectivity/bind/bind/0006-restore-allowance-for-tcp-clients-interfaces.patch
 create mode 100644 meta/recipes-connectivity/bind/bind/0007-Replace-atomic-operations-in-bin-named-client.c-with.patch
 rename meta/recipes-devtools/python/{python-native_2.7.16.bb => python-native_2.7.17.bb} (97%)
 delete mode 100644 meta/recipes-devtools/python/python/0001-2.7-bpo-34155-Dont-parse-domains-containing-GH-13079.patch
 delete mode 100644 meta/recipes-devtools/python/python/0001-2.7-bpo-38243-Escape-the-server-title-of-DocXMLRPCSe.patch
 rename meta/recipes-devtools/python/python/{builddir.patch => 0001-python-Resolve-intermediate-staging-issues.patch} (58%)
 delete mode 100644 meta/recipes-devtools/python/python/CVE-2018-20852.patch
 delete mode 100644 meta/recipes-devtools/python/python/CVE-2019-9740.patch
 delete mode 100644 meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948-fix.patch
 delete mode 100644 meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948.patch
 delete mode 100644 meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636-fix.patch
 delete mode 100644 meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636.patch
 delete mode 100644 meta/recipes-devtools/python/python/bpo-36742-cve-2019-10160.patch
 rename meta/recipes-devtools/python/{python_2.7.16.bb => python_2.7.17.bb} (97%)
 create mode 100644 meta/recipes-support/boost/boost/0001-dont-setup-compiler-flags-m32-m64.patch

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.


More information about the Openembedded-commits mailing list