[OE-core] [thud 00/26] Pull request
Armin Kuster
akuster808 at gmail.com
Mon Oct 7 15:10:37 UTC 2019
This has backports waiting for warrior to merge thus the delay for this request.
The following changes since commit d3d3f443039b03f1200a14bfe99f985592632018:
build-appliance-image: Update to thud head revision (2019-08-01 11:58:11 +0100)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/thud-next
http://cgit.openembedded.org//log/?h=stable/thud-next
Adrian Bunk (2):
bind: upgrade 9.11.5 -> 9.11.5-P4
dhcp: Replace OE specific patch for compatibility with latest bind
with upstream patch
Alexander Kanavin (1):
buildhistory: call a dependency parser only on actual dependency lists
Andrii Bordunov via Openembedded-core (4):
curl: fix CVE-2018-16890 CVE-2019-3822 CVE-2019-3823
dbus: fix CVE-2019-12749
glib-2.0: fix CVE-2019-13012
libcomps: fix CVE-2019-3817
Anuj Mittal (5):
patch: fix CVE-2019-13636
python3: fix CVE-2019-9740
libxslt: fix CVE-2019-13117 CVE-2019-13118
patch: backport fixes
pango: fix CVE-2019-1010238
Armin Kuster (6):
gcc: Security fix for CVE-2019-14250
binutils: Security fix for CVE-2019-14444
binutils: Security fix for CVE-2019-12972
bind: update to latest LTS 9.11.5
go: update to 1.11.13, minor updates
dhcp: fix issue with new bind changes
Bartosz Golaszewski (1):
qemu: add a patch fixing the native build on newer kernels
Bruce Ashfield (1):
linux-yocto/4.14: update to v4.14.143
Dan Tran (3):
binutils: Fix 4 CVEs
python: Fix 3 CVEs
python3: Fix CVEs
Muminul Islam (1):
libxslt: Cve fix CVE-2019-11068
Ruslan Bilovol (1):
dhcp: drop lost patch
Trevor Gamblin (1):
patch: fix CVE-2019-13638
meta/lib/oe/buildhistory_analysis.py | 2 +-
.../bind/bind/CVE-2018-5740.patch | 72 -----
.../bind/{bind_9.11.4.bb => bind_9.11.5-P4.bb} | 8 +-
...d-includes-of-new-BIND9-compatibility-hea.patch | 79 +++++
.../dhcp/0008-tweak-to-support-external-bind.patch | 117 -------
meta/recipes-connectivity/dhcp/dhcp_4.4.1.bb | 1 +
meta/recipes-core/dbus/dbus/CVE-2019-12749.patch | 127 ++++++++
meta/recipes-core/dbus/dbus_1.12.10.bb | 1 +
.../glib-2.0/glib-2.0/CVE-2019-13012.patch | 47 +++
meta/recipes-core/glib-2.0/glib-2.0_2.58.0.bb | 1 +
meta/recipes-devtools/binutils/binutils-2.31.inc | 6 +
.../binutils/binutils/CVE-2018-1000876.patch | 180 +++++++++++
.../binutils/binutils/CVE-2018-20623.patch | 74 +++++
.../binutils/binutils/CVE-2018-20651.patch | 35 +++
.../binutils/binutils/CVE-2018-20671.patch | 49 +++
.../binutils/binutils/CVE-2019-12972.patch | 39 +++
.../binutils/binutils/CVE-2019-14444.patch | 33 ++
meta/recipes-devtools/gcc/gcc-8.2.inc | 1 +
.../gcc/gcc-8.2/CVE-2019-14250.patch | 44 +++
meta/recipes-devtools/go/go-1.11.inc | 6 +-
.../libcomps/libcomps/CVE-2019-3817.patch | 97 ++++++
meta/recipes-devtools/libcomps/libcomps_git.bb | 1 +
...k-temporary-file-on-failed-ed-style-patch.patch | 93 ++++++
...ak-temporary-file-on-failed-multi-file-ed.patch | 80 +++++
...ke-ed-directly-instead-of-using-the-shell.patch | 44 +++
.../patch/patch/CVE-2019-13636.patch | 113 +++++++
meta/recipes-devtools/patch/patch_2.7.6.bb | 4 +
.../python/python/bpo-30458-cve-2019-9740.patch | 219 ++++++++++++++
.../python/python/bpo-35121-cve-2018-20852.patch | 127 ++++++++
.../python/python3/CVE-2018-14647.patch | 95 ++++++
.../python/python3/CVE-2018-20406.patch | 217 +++++++++++++
.../python/python3/CVE-2018-20852.patch | 129 ++++++++
.../python/python3/CVE-2019-9636.patch | 154 ++++++++++
.../python/python3/CVE-2019-9740.patch | 155 ++++++++++
meta/recipes-devtools/python/python3_3.5.6.bb | 5 +
meta/recipes-devtools/python/python_2.7.16.bb | 2 +
...error-messages-when-qemi_cpu_kick_thread-.patch | 19 +-
...fix-to-handle-variably-sized-SIOCGSTAMP-w.patch | 336 +++++++++++++++++++++
meta/recipes-devtools/qemu/qemu_3.0.0.bb | 1 +
.../pango/pango/CVE-2019-1010238.patch | 38 +++
meta/recipes-graphics/pango/pango_1.42.4.bb | 4 +-
meta/recipes-kernel/linux/linux-yocto-rt_4.14.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto-tiny_4.14.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_4.14.bb | 20 +-
.../recipes-support/curl/curl/CVE-2018-16890.patch | 50 +++
meta/recipes-support/curl/curl/CVE-2019-3822.patch | 47 +++
meta/recipes-support/curl/curl/CVE-2019-3823.patch | 55 ++++
meta/recipes-support/curl/curl_7.61.0.bb | 3 +
.../libxslt/files/CVE-2019-13117.patch | 33 ++
.../libxslt/files/CVE-2019-13118.patch | 76 +++++
.../libxslt/libxslt/CVE-2019-11068.patch | 128 ++++++++
meta/recipes-support/libxslt/libxslt_1.1.32.bb | 5 +-
52 files changed, 3059 insertions(+), 225 deletions(-)
delete mode 100644 meta/recipes-connectivity/bind/bind/CVE-2018-5740.patch
rename meta/recipes-connectivity/bind/{bind_9.11.4.bb => bind_9.11.5-P4.bb} (95%)
create mode 100644 meta/recipes-connectivity/dhcp/dhcp/0001-master-Added-includes-of-new-BIND9-compatibility-hea.patch
delete mode 100644 meta/recipes-connectivity/dhcp/dhcp/0008-tweak-to-support-external-bind.patch
create mode 100644 meta/recipes-core/dbus/dbus/CVE-2019-12749.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2019-13012.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2018-1000876.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2018-20623.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2018-20651.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2018-20671.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2019-12972.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2019-14444.patch
create mode 100644 meta/recipes-devtools/gcc/gcc-8.2/CVE-2019-14250.patch
create mode 100644 meta/recipes-devtools/libcomps/libcomps/CVE-2019-3817.patch
create mode 100644 meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-ed-style-patch.patch
create mode 100644 meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-multi-file-ed.patch
create mode 100644 meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch
create mode 100644 meta/recipes-devtools/patch/patch/CVE-2019-13636.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-30458-cve-2019-9740.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-35121-cve-2018-20852.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2018-14647.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2018-20406.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2018-20852.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2019-9636.patch
create mode 100644 meta/recipes-devtools/python/python3/CVE-2019-9740.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0014-linux-user-fix-to-handle-variably-sized-SIOCGSTAMP-w.patch
create mode 100644 meta/recipes-graphics/pango/pango/CVE-2019-1010238.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2018-16890.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2019-3822.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2019-3823.patch
create mode 100644 meta/recipes-support/libxslt/files/CVE-2019-13117.patch
create mode 100644 meta/recipes-support/libxslt/files/CVE-2019-13118.patch
create mode 100644 meta/recipes-support/libxslt/libxslt/CVE-2019-11068.patch
--
2.7.4
More information about the Openembedded-core
mailing list