[OE-core] [thud][ 00/25] Patch review
Armin Kuster
akuster808 at gmail.com
Wed Jun 26 16:53:01 UTC 2019
Here is the next set for patches for Thud.
Please have comments by Friday.
The following changes since commit f162d5bfe6eaeca24f441c83c87252c8d05744fc:
core-image-sato-sdk-ptest: Tweak size to stay within 4GB limit (2019-05-17 22:05:59 -0700)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/thud-nmut
http://cgit.openembedded.org//log/?h=stable/thud-nmut
Armin Kuster (14):
glibc: Security fix CVE-2019-9169
elfutils: Security fixes CVE-2019-7146,7149,7150
qemu: Several CVE fixes
python: Update to 2.7.16
busybox: Security fixes for CVE-2018-20679 CVE-2019-5747
sqlite3: Security fixes for CVE-2018-20505 & 20506
file: Multiple Secruity fixes
go: update to minor update 1.11.10
qemu: Security fix for CVE-2018-19489
Tar: Security fix CVE-2019-0023
glib-2.0: Security fix for CVE-2019-12450
wget: Security fix for CVE-2019-5953
Curl: Securiyt fix CVE-2019-5435 CVE-2019-5436
qemu: Security fix for CVE-2019-12155
Chen Qi (2):
cups: upgrade to 2.2.9
cups: upgrade to 2.2.10
Hongxu Jia (1):
go-target.inc: fix go not found while multilib enabled
Joshua DeWeese (1):
wpa_supplicant: Changed systemd template units
Khem Raj (1):
go: Upgrade 1.11.1 -> 1.11.4 minor release
Martin Jansa (1):
python: add a fix for CVE-2019-9948 and CVE-2019-9636
Richard Purdie (4):
go-crosssdk: PN should use SDK_SYS, not TARGET_ARCH
yocto-uninative: Update to 2.5 release
uninative: Switch from bz2 to xz
uninative: Update to 2.6 release
Ross Burton (1):
cairo: fix CVE-2018-19876 CVE-2019-6461 CVE-2019-6462
meta/classes/uninative.bbclass | 4 +-
meta/conf/distro/include/yocto-uninative.inc | 8 +-
...place-systemd-install-Alias-with-WantedBy.patch | 52 ++++++
.../wpa-supplicant/wpa-supplicant_2.6.bb | 1 +
.../busybox/busybox/CVE-2018-20679.patch | 142 +++++++++++++++
.../busybox/busybox/CVE-2019-5747.patch | 60 +++++++
meta/recipes-core/busybox/busybox_1.29.3.bb | 2 +
.../glib-2.0/glib-2.0/CVE-2019-12450.patch | 59 ++++++
meta/recipes-core/glib-2.0/glib-2.0_2.58.0.bb | 1 +
meta/recipes-core/glibc/glibc/CVE-2019-9169.patch | 63 +++++++
meta/recipes-core/glibc/glibc_2.28.bb | 1 +
meta/recipes-devtools/elfutils/elfutils_0.175.bb | 4 +
.../elfutils/files/CVE-2019-7146_p1.patch | 52 ++++++
.../elfutils/files/CVE-2019-7146_p2.patch | 65 +++++++
.../elfutils/files/CVE-2019-7149.patch | 148 +++++++++++++++
.../elfutils/files/CVE-2019-7150.patch | 51 ++++++
.../recipes-devtools/file/file/CVE-2019-8904.patch | 30 ++++
.../file/file/CVE-2019-8905_CVE-2019-8907.patch | 120 +++++++++++++
.../recipes-devtools/file/file/CVE-2019-8906.patch | 27 +++
meta/recipes-devtools/file/file_5.34.bb | 3 +
meta/recipes-devtools/go/go-1.11.inc | 7 +-
...07-cmd-go-make-GOROOT-precious-by-default.patch | 6 +-
.../0008-use-GOBUILDMODE-to-set-buildmode.patch | 13 +-
meta/recipes-devtools/go/go-crosssdk.inc | 2 +-
meta/recipes-devtools/go/go-target.inc | 2 +-
...on-native_2.7.15.bb => python-native_2.7.16.bb} | 2 -
meta/recipes-devtools/python/python.inc | 18 +-
...23-Use-XML_SetHashSalt-in-_elementtree-GH.patch | 96 ----------
...ix-test_ssl-when-a-filename-cannot-be-enc.patch | 55 ------
...LS-1.3-ciphers-for-OpenSSL-1.1.1-GH-6976-.patch | 120 -------------
...34540-Convert-shutil._call_external_zip-t.patch | 67 -------
...dd-missing-closing-wrapper-in-test_tls1_3.patch | 37 ----
...ix-test_ssl.test_options-to-account-for-O.patch | 37 ----
...ix-test_default_ecdh_curve-needs-no-tlsv1.patch | 34 ----
.../python/bpo-35907-cve-2019-9948-fix.patch | 55 ++++++
.../python/python/bpo-35907-cve-2019-9948.patch | 55 ++++++
.../python/bpo-36216-cve-2019-9636-fix.patch | 28 +++
.../python/python/bpo-36216-cve-2019-9636.patch | 111 ++++++++++++
.../python/{python_2.7.15.bb => python_2.7.16.bb} | 6 +-
.../qemu/qemu/CVE-2018-16867.patch | 49 +++++
.../qemu/qemu/CVE-2018-16872.patch | 89 +++++++++
.../qemu/qemu/CVE-2018-18849.patch | 86 +++++++++
.../qemu/qemu/CVE-2018-19364_p1.patch | 51 ++++++
.../qemu/qemu/CVE-2018-19364_p2.patch | 115 ++++++++++++
.../qemu/qemu/CVE-2018-19489.patch | 83 +++++++++
.../qemu/qemu/CVE-2019-12155.patch | 38 ++++
meta/recipes-devtools/qemu/qemu_3.0.0.bb | 7 +
.../0001-don-t-try-to-run-generated-binaries.patch | 29 +--
.../cups/{cups_2.2.8.bb => cups_2.2.10.bb} | 4 +-
meta/recipes-extended/tar/tar/CVE-2019-9923.patch | 38 ++++
meta/recipes-extended/tar/tar_1.30.bb | 1 +
.../recipes-extended/wget/wget/CVE-2019-5953.patch | 51 ++++++
meta/recipes-extended/wget/wget_1.19.5.bb | 1 +
.../cairo/cairo/CVE-2019-6461.patch | 19 ++
.../cairo/cairo/CVE-2019-6462.patch | 20 +++
meta/recipes-graphics/cairo/cairo_1.14.12.bb | 2 +
meta/recipes-support/curl/curl/CVE-2019-5435.patch | 200 +++++++++++++++++++++
meta/recipes-support/curl/curl/CVE-2019-5436.patch | 32 ++++
meta/recipes-support/curl/curl_7.61.0.bb | 2 +
.../sqlite/files/CVE-2018-20505.patch | 31 ++++
.../sqlite/files/CVE-2018-20506.patch | 103 +++++++++++
meta/recipes-support/sqlite/sqlite3_3.23.1.bb | 2 +
62 files changed, 2196 insertions(+), 501 deletions(-)
create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-replace-systemd-install-Alias-with-WantedBy.patch
create mode 100644 meta/recipes-core/busybox/busybox/CVE-2018-20679.patch
create mode 100644 meta/recipes-core/busybox/busybox/CVE-2019-5747.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2019-12450.patch
create mode 100644 meta/recipes-core/glibc/glibc/CVE-2019-9169.patch
create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2019-7146_p1.patch
create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2019-7146_p2.patch
create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2019-7149.patch
create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2019-7150.patch
create mode 100644 meta/recipes-devtools/file/file/CVE-2019-8904.patch
create mode 100644 meta/recipes-devtools/file/file/CVE-2019-8905_CVE-2019-8907.patch
create mode 100644 meta/recipes-devtools/file/file/CVE-2019-8906.patch
rename meta/recipes-devtools/python/{python-native_2.7.15.bb => python-native_2.7.16.bb} (96%)
delete mode 100644 meta/recipes-devtools/python/python/0001-2.7-bpo-34623-Use-XML_SetHashSalt-in-_elementtree-GH.patch
delete mode 100644 meta/recipes-devtools/python/python/0001-bpo-33354-Fix-test_ssl-when-a-filename-cannot-be-enc.patch
delete mode 100644 meta/recipes-devtools/python/python/0001-bpo-33570-TLS-1.3-ciphers-for-OpenSSL-1.1.1-GH-6976-.patch
delete mode 100644 meta/recipes-devtools/python/python/0001-closes-bpo-34540-Convert-shutil._call_external_zip-t.patch
delete mode 100644 meta/recipes-devtools/python/python/0002-bpo-34818-Add-missing-closing-wrapper-in-test_tls1_3.patch
delete mode 100644 meta/recipes-devtools/python/python/0003-bpo-34834-Fix-test_ssl.test_options-to-account-for-O.patch
delete mode 100644 meta/recipes-devtools/python/python/0004-bpo-34836-fix-test_default_ecdh_curve-needs-no-tlsv1.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948-fix.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636-fix.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636.patch
rename meta/recipes-devtools/python/{python_2.7.15.bb => python_2.7.16.bb} (98%)
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-16867.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-16872.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-18849.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-19364_p1.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-19364_p2.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-19489.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2019-12155.patch
rename meta/recipes-extended/cups/{cups_2.2.8.bb => cups_2.2.10.bb} (40%)
create mode 100644 meta/recipes-extended/tar/tar/CVE-2019-9923.patch
create mode 100644 meta/recipes-extended/wget/wget/CVE-2019-5953.patch
create mode 100644 meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch
create mode 100644 meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2019-5435.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2019-5436.patch
create mode 100644 meta/recipes-support/sqlite/files/CVE-2018-20505.patch
create mode 100644 meta/recipes-support/sqlite/files/CVE-2018-20506.patch
--
2.7.4
More information about the Openembedded-core
mailing list