[oe-commits] [openembedded-core] branch warrior updated (0a1b1e8 -> 279c4da)
git at git.openembedded.org
git at git.openembedded.org
Thu Jan 16 22:39:10 UTC 2020
This is an automated email from the git hooks/post-receive script.
rpurdie pushed a change to branch warrior
in repository openembedded-core.
from 0a1b1e8 file: fix CVE-2019-18218
new 230a96d bind: fix CVE-2019-6471 and CVE-2018-5743
new 27fea8e python: fix CVE-2019-16935
new 98cc3bf python: fix CVE-2018-20852
new 7009d82 python: update to 2.7.17
new 925482b openssl: set CVE vendor to openssl
new e128bd7 flex: set CVE_PRODUCT to include vendor
new 44d4dda git: set CVE vendor to git-scm
new 9b5437f subversion: set CVE vendor to Apache
new 154e286 ed: set CVE vendor to avoid false positives
new e8ffa02 boost: set CVE vendor to Boost
new c214c6c libpam: set CVE_PRODUCT
new ab5cc4a libxfont2: set CVE_PRODUCT
new 583990f libsndfile1: whitelist CVE-2018-13419
new 5fbf5ee webkitgtk: set CVE_PRODUCT
new afc529a procps: whitelist CVE-2018-1121
new d0e3d1f libpcap: upgrade 1.9.0 -> 1.9.1
new 7b8f638 sdk: Install nativesdk locales for all TCLIBC variants
new 430e95c cve-check: ensure all known CVEs are in the report
new d1a16e6 cve-check: failure to parse versions should be more visible
new 8bfe83d cve-check: we don't actually need to unpack to check
new fd16e1b cve-update-db-native: don't refresh more than once an hour
new f774665 cve-update-db-native: don't hardcode the database name
new 9abd2b5 cve-update-db-native: add an index on the CVE ID column
new 2ddf1c0 cve-update-db-native: clean up proxy handling
new 9948dd8 cve-check: rewrite look to fix false negatives
new 0ec6843 cve-check: neaten get_cve_info
new 0f5b748 cve-check: fetch CVE data once at a time instead of in a single call
new 72c22b8 cve-check: Switch to NVD CVE JSON feed version 1.1
new 2e2fb4e popt: fix SRC_URI
new abb42b8 sudo: correct SRC_URI
new adb6af6 sudo: Fix fetching sources
new 279c4da stress: update SRC_URI
The 32 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
meta/classes/cve-check.bbclass | 105 +--
meta/lib/oe/sdk.py | 4 -
.../bind/bind/0001-bind-fix-CVE-2019-6471.patch | 64 ++
.../0001-fix-enforcement-of-tcp-clients-v1.patch | 60 ++
...02-tcp-clients-could-still-be-exceeded-v2.patch | 670 +++++++++++++++
...-reference-counter-for-pipeline-groups-v3.patch | 278 +++++++
...uota-accounting-and-client-mortality-chec.patch | 512 ++++++++++++
...pquota-and-pipeline-refs-allow-special-ca.patch | 911 +++++++++++++++++++++
...tore-allowance-for-tcp-clients-interfaces.patch | 80 ++
...mic-operations-in-bin-named-client.c-with.patch | 140 ++++
meta/recipes-connectivity/bind/bind_9.11.5-P4.bb | 8 +
...nux.c-add-missing-limits.h-for-musl-syste.patch | 29 -
.../libpcap/{libpcap_1.9.0.bb => libpcap_1.9.1.bb} | 5 +-
.../recipes-connectivity/openssl/openssl_1.1.1b.bb | 2 +
meta/recipes-core/meta/cve-update-db-native.bb | 46 +-
meta/recipes-devtools/flex/flex_2.6.0.bb | 3 +
meta/recipes-devtools/git/git.inc | 2 +
...ative-fix-one-do_populate_sysroot-warning.patch | 25 +-
...on-native_2.7.16.bb => python-native_2.7.17.bb} | 2 +-
meta/recipes-devtools/python/python.inc | 9 +-
...55-Dont-parse-domains-containing-GH-13079.patch | 90 --
...thon-Resolve-intermediate-staging-issues.patch} | 53 +-
.../python/python/CVE-2019-9740.patch | 215 -----
.../python/bpo-35907-cve-2019-9948-fix.patch | 55 --
.../python/python/bpo-35907-cve-2019-9948.patch | 55 --
.../python/bpo-36216-cve-2019-9636-fix.patch | 28 -
.../python/python/bpo-36216-cve-2019-9636.patch | 111 ---
.../python/python/bpo-36742-cve-2019-10160.patch | 81 --
.../python/{python_2.7.16.bb => python_2.7.17.bb} | 2 -
.../subversion/subversion_1.11.1.bb | 2 +
meta/recipes-extended/ed/ed_1.15.bb | 2 +
meta/recipes-extended/pam/libpam_1.3.0.bb | 2 +
meta/recipes-extended/procps/procps_3.3.15.bb | 3 +
meta/recipes-extended/stress/stress_1.0.4.bb | 2 +-
meta/recipes-extended/sudo/sudo_1.8.27.bb | 2 +-
meta/recipes-graphics/xorg-lib/libxfont2_2.0.3.bb | 2 +
.../libsndfile/libsndfile1_1.0.28.bb | 3 +
meta/recipes-sato/webkit/webkitgtk_2.22.7.bb | 2 +
meta/recipes-support/boost/boost.inc | 2 +
meta/recipes-support/popt/popt_1.16.bb | 2 +-
40 files changed, 2873 insertions(+), 796 deletions(-)
create mode 100644 meta/recipes-connectivity/bind/bind/0001-bind-fix-CVE-2019-6471.patch
create mode 100644 meta/recipes-connectivity/bind/bind/0001-fix-enforcement-of-tcp-clients-v1.patch
create mode 100644 meta/recipes-connectivity/bind/bind/0002-tcp-clients-could-still-be-exceeded-v2.patch
create mode 100644 meta/recipes-connectivity/bind/bind/0003-use-reference-counter-for-pipeline-groups-v3.patch
create mode 100644 meta/recipes-connectivity/bind/bind/0004-better-tcpquota-accounting-and-client-mortality-chec.patch
create mode 100644 meta/recipes-connectivity/bind/bind/0005-refactor-tcpquota-and-pipeline-refs-allow-special-ca.patch
create mode 100644 meta/recipes-connectivity/bind/bind/0006-restore-allowance-for-tcp-clients-interfaces.patch
create mode 100644 meta/recipes-connectivity/bind/bind/0007-Replace-atomic-operations-in-bin-named-client.c-with.patch
delete mode 100644 meta/recipes-connectivity/libpcap/libpcap/0001-pcap-usb-linux.c-add-missing-limits.h-for-musl-syste.patch
rename meta/recipes-connectivity/libpcap/{libpcap_1.9.0.bb => libpcap_1.9.1.bb} (88%)
rename meta/recipes-devtools/python/{python-native_2.7.16.bb => python-native_2.7.17.bb} (97%)
delete mode 100644 meta/recipes-devtools/python/python/0001-2.7-bpo-34155-Dont-parse-domains-containing-GH-13079.patch
rename meta/recipes-devtools/python/python/{builddir.patch => 0001-python-Resolve-intermediate-staging-issues.patch} (58%)
delete mode 100644 meta/recipes-devtools/python/python/CVE-2019-9740.patch
delete mode 100644 meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948-fix.patch
delete mode 100644 meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948.patch
delete mode 100644 meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636-fix.patch
delete mode 100644 meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636.patch
delete mode 100644 meta/recipes-devtools/python/python/bpo-36742-cve-2019-10160.patch
rename meta/recipes-devtools/python/{python_2.7.16.bb => python_2.7.17.bb} (98%)
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Openembedded-commits
mailing list