[oe-commits] [openembedded-core] branch warrior updated (0a1b1e8 -> 279c4da)

git at git.openembedded.org git at git.openembedded.org
Thu Jan 16 22:39:10 UTC 2020 

This is an automated email from the git hooks/post-receive script.

rpurdie pushed a change to branch warrior
in repository openembedded-core.

    from 0a1b1e8  file: fix CVE-2019-18218
     new 230a96d  bind: fix CVE-2019-6471 and CVE-2018-5743
     new 27fea8e  python: fix CVE-2019-16935
     new 98cc3bf  python: fix CVE-2018-20852
     new 7009d82  python: update to 2.7.17
     new 925482b  openssl: set CVE vendor to openssl
     new e128bd7  flex: set CVE_PRODUCT to include vendor
     new 44d4dda  git: set CVE vendor to git-scm
     new 9b5437f  subversion: set CVE vendor to Apache
     new 154e286  ed: set CVE vendor to avoid false positives
     new e8ffa02  boost: set CVE vendor to Boost
     new c214c6c  libpam: set CVE_PRODUCT
     new ab5cc4a  libxfont2: set CVE_PRODUCT
     new 583990f  libsndfile1: whitelist CVE-2018-13419
     new 5fbf5ee  webkitgtk: set CVE_PRODUCT
     new afc529a  procps: whitelist CVE-2018-1121
     new d0e3d1f  libpcap: upgrade 1.9.0 -> 1.9.1
     new 7b8f638  sdk: Install nativesdk locales for all TCLIBC variants
     new 430e95c  cve-check: ensure all known CVEs are in the report
     new d1a16e6  cve-check: failure to parse versions should be more visible
     new 8bfe83d  cve-check: we don't actually need to unpack to check
     new fd16e1b  cve-update-db-native: don't refresh more than once an hour
     new f774665  cve-update-db-native: don't hardcode the database name
     new 9abd2b5  cve-update-db-native: add an index on the CVE ID column
     new 2ddf1c0  cve-update-db-native: clean up proxy handling
     new 9948dd8  cve-check: rewrite look to fix false negatives
     new 0ec6843  cve-check: neaten get_cve_info
     new 0f5b748  cve-check: fetch CVE data once at a time instead of in a single call
     new 72c22b8  cve-check: Switch to NVD CVE JSON feed version 1.1
     new 2e2fb4e  popt: fix SRC_URI
     new abb42b8  sudo: correct SRC_URI
     new adb6af6  sudo: Fix fetching sources
     new 279c4da  stress: update SRC_URI

The 32 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 meta/classes/cve-check.bbclass                     | 105 +--
 meta/lib/oe/sdk.py                                 |   4 -
 .../bind/bind/0001-bind-fix-CVE-2019-6471.patch    |  64 ++
 .../0001-fix-enforcement-of-tcp-clients-v1.patch   |  60 ++
 ...02-tcp-clients-could-still-be-exceeded-v2.patch | 670 +++++++++++++++
 ...-reference-counter-for-pipeline-groups-v3.patch | 278 +++++++
 ...uota-accounting-and-client-mortality-chec.patch | 512 ++++++++++++
 ...pquota-and-pipeline-refs-allow-special-ca.patch | 911 +++++++++++++++++++++
 ...tore-allowance-for-tcp-clients-interfaces.patch |  80 ++
 ...mic-operations-in-bin-named-client.c-with.patch | 140 ++++
 meta/recipes-connectivity/bind/bind_9.11.5-P4.bb   |   8 +
 ...nux.c-add-missing-limits.h-for-musl-syste.patch |  29 -
 .../libpcap/{libpcap_1.9.0.bb => libpcap_1.9.1.bb} |   5 +-
 .../recipes-connectivity/openssl/openssl_1.1.1b.bb |   2 +
 meta/recipes-core/meta/cve-update-db-native.bb     |  46 +-
 meta/recipes-devtools/flex/flex_2.6.0.bb           |   3 +
 meta/recipes-devtools/git/git.inc                  |   2 +
 ...ative-fix-one-do_populate_sysroot-warning.patch |  25 +-
 ...on-native_2.7.16.bb => python-native_2.7.17.bb} |   2 +-
 meta/recipes-devtools/python/python.inc            |   9 +-
 ...55-Dont-parse-domains-containing-GH-13079.patch |  90 --
 ...thon-Resolve-intermediate-staging-issues.patch} |  53 +-
 .../python/python/CVE-2019-9740.patch              | 215 -----
 .../python/bpo-35907-cve-2019-9948-fix.patch       |  55 --
 .../python/python/bpo-35907-cve-2019-9948.patch    |  55 --
 .../python/bpo-36216-cve-2019-9636-fix.patch       |  28 -
 .../python/python/bpo-36216-cve-2019-9636.patch    | 111 ---
 .../python/python/bpo-36742-cve-2019-10160.patch   |  81 --
 .../python/{python_2.7.16.bb => python_2.7.17.bb}  |   2 -
 .../subversion/subversion_1.11.1.bb                |   2 +
 meta/recipes-extended/ed/ed_1.15.bb                |   2 +
 meta/recipes-extended/pam/libpam_1.3.0.bb          |   2 +
 meta/recipes-extended/procps/procps_3.3.15.bb      |   3 +
 meta/recipes-extended/stress/stress_1.0.4.bb       |   2 +-
 meta/recipes-extended/sudo/sudo_1.8.27.bb          |   2 +-
 meta/recipes-graphics/xorg-lib/libxfont2_2.0.3.bb  |   2 +
 .../libsndfile/libsndfile1_1.0.28.bb               |   3 +
 meta/recipes-sato/webkit/webkitgtk_2.22.7.bb       |   2 +
 meta/recipes-support/boost/boost.inc               |   2 +
 meta/recipes-support/popt/popt_1.16.bb             |   2 +-
 40 files changed, 2873 insertions(+), 796 deletions(-)
 create mode 100644 meta/recipes-connectivity/bind/bind/0001-bind-fix-CVE-2019-6471.patch
 create mode 100644 meta/recipes-connectivity/bind/bind/0001-fix-enforcement-of-tcp-clients-v1.patch
 create mode 100644 meta/recipes-connectivity/bind/bind/0002-tcp-clients-could-still-be-exceeded-v2.patch
 create mode 100644 meta/recipes-connectivity/bind/bind/0003-use-reference-counter-for-pipeline-groups-v3.patch
 create mode 100644 meta/recipes-connectivity/bind/bind/0004-better-tcpquota-accounting-and-client-mortality-chec.patch
 create mode 100644 meta/recipes-connectivity/bind/bind/0005-refactor-tcpquota-and-pipeline-refs-allow-special-ca.patch
 create mode 100644 meta/recipes-connectivity/bind/bind/0006-restore-allowance-for-tcp-clients-interfaces.patch
 create mode 100644 meta/recipes-connectivity/bind/bind/0007-Replace-atomic-operations-in-bin-named-client.c-with.patch
 delete mode 100644 meta/recipes-connectivity/libpcap/libpcap/0001-pcap-usb-linux.c-add-missing-limits.h-for-musl-syste.patch
 rename meta/recipes-connectivity/libpcap/{libpcap_1.9.0.bb => libpcap_1.9.1.bb} (88%)
 rename meta/recipes-devtools/python/{python-native_2.7.16.bb => python-native_2.7.17.bb} (97%)
 delete mode 100644 meta/recipes-devtools/python/python/0001-2.7-bpo-34155-Dont-parse-domains-containing-GH-13079.patch
 rename meta/recipes-devtools/python/python/{builddir.patch => 0001-python-Resolve-intermediate-staging-issues.patch} (58%)
 delete mode 100644 meta/recipes-devtools/python/python/CVE-2019-9740.patch
 delete mode 100644 meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948-fix.patch
 delete mode 100644 meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948.patch
 delete mode 100644 meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636-fix.patch
 delete mode 100644 meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636.patch
 delete mode 100644 meta/recipes-devtools/python/python/bpo-36742-cve-2019-10160.patch
 rename meta/recipes-devtools/python/{python_2.7.16.bb => python_2.7.17.bb} (98%)

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.

More information about the Openembedded-commits mailing list