[OE-core] [thud 00/12] patch review

Armin Kuster akuster808 at gmail.com
Tue Oct 8 15:26:32 UTC 2019 

Lastest thud changes. Most have been on the list already.

Commnets by Thursday

The following changes since commit f5be8c8309a932cde507ba24d042880a922df0b6:

  linux-yocto/4.14: update to v4.14.143 (2019-09-24 08:28:04 -0700)

are available in the git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/thud-nmut
  http://cgit.openembedded.org//log/?h=stable/thud-nmut

Adrian Bunk (1):
  json-c: Don't --enable-rdrand

Andrii Bordunov via Openembedded-core (1):
  wget: Security fixes CVE-2018-20483

Armin Kuster (1):
  qemu: fix build issue on new hosts with glibc 2.30

Chen Qi (1):
  oeqa/selftest/context: ensure log directory exists

Dan Tran (3):
  qemu: Fix 4 CVEs
  unzip: fix CVE-2019-13232
  perl: Fix CVE-2018-18311 to 18314

Khem Raj (1):
  gnupg: Do not apply -Woverride-init guard for gcc >= 9

Michael Halstead (1):
  uninative: Update to 2.7 release

Sean Nyekjaer (1):
  libgpg-error: Fix build with gawk 5.x

Shubham Agrawal (2):
  elfutils: CVE fix for elfutils
  sqlite3: Security fix for CVE-2019-8457

 meta/conf/distro/include/yocto-uninative.inc       |  10 +-
 meta/lib/oeqa/selftest/context.py                  |   1 +
 meta/recipes-devtools/elfutils/elfutils_0.175.bb   |   2 +
 .../elfutils/files/CVE-2019-7664.patch             |  65 ++++
 .../elfutils/files/CVE-2019-7665.patch             | 154 +++++++++
 meta/recipes-devtools/json-c/json-c_0.13.1.bb      |   2 -
 .../perl/perl/CVE-2018-18311.patch                 | 183 +++++++++++
 .../perl/perl/CVE-2018-18312.patch                 | Bin 0 -> 2125 bytes
 .../perl/perl/CVE-2018-18313.patch                 |  60 ++++
 .../perl/perl/CVE-2018-18314.patch                 | 271 ++++++++++++++++
 meta/recipes-devtools/perl/perl_5.24.4.bb          |   4 +
 ...nux-user-assume-__NR_gettid-always-exists.patch |  49 +++
 ...rename-gettid-to-sys_gettid-to-avoid-clas.patch |  95 ++++++
 .../qemu/qemu/CVE-2018-10839.patch                 |   2 +-
 .../qemu/qemu/CVE-2018-17958.patch                 |  52 ---
 .../qemu/qemu/CVE-2018-18954.patch                 |  50 +++
 .../recipes-devtools/qemu/qemu/CVE-2019-3812.patch |  39 +++
 .../recipes-devtools/qemu/qemu/CVE-2019-6778.patch |  41 +++
 .../recipes-devtools/qemu/qemu/CVE-2019-8934.patch | 215 +++++++++++++
 meta/recipes-devtools/qemu/qemu_3.0.0.bb           |   8 +-
 .../unzip/unzip/CVE-2019-13232_p1.patch            |  33 ++
 .../unzip/unzip/CVE-2019-13232_p2.patch            | 356 +++++++++++++++++++++
 .../unzip/unzip/CVE-2019-13232_p3.patch            | 121 +++++++
 meta/recipes-extended/unzip/unzip_6.0.bb           |   3 +
 .../wget/wget/CVE-2018-20483_p1.patch              |  73 +++++
 .../wget/wget/CVE-2018-20483_p2.patch              | 127 ++++++++
 meta/recipes-extended/wget/wget_1.19.5.bb          |   2 +
 ...1-Woverride-init-is-not-needed-with-gcc-9.patch |  31 ++
 ...c-use-a-custom-value-for-the-location-of-.patch |   6 +-
 meta/recipes-support/gnupg/gnupg/relocate.patch    |   2 +-
 meta/recipes-support/gnupg/gnupg_2.2.12.bb         |   3 +-
 .../libgpg-error-1.35-gawk5-support.patch          | 161 ++++++++++
 .../libgpg-error/libgpg-error_1.32.bb              |   1 +
 .../sqlite/files/CVE-2019-8457.patch               | 126 ++++++++
 meta/recipes-support/sqlite/sqlite3_3.23.1.bb      |   1 +
 35 files changed, 2283 insertions(+), 66 deletions(-)
 create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2019-7664.patch
 create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2019-7665.patch
 create mode 100644 meta/recipes-devtools/perl/perl/CVE-2018-18311.patch
 create mode 100644 meta/recipes-devtools/perl/perl/CVE-2018-18312.patch
 create mode 100644 meta/recipes-devtools/perl/perl/CVE-2018-18313.patch
 create mode 100644 meta/recipes-devtools/perl/perl/CVE-2018-18314.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/0001-linux-user-assume-__NR_gettid-always-exists.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/0001-linux-user-rename-gettid-to-sys_gettid-to-avoid-clas.patch
 delete mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-17958.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-18954.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2019-3812.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2019-6778.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2019-8934.patch
 create mode 100644 meta/recipes-extended/unzip/unzip/CVE-2019-13232_p1.patch
 create mode 100644 meta/recipes-extended/unzip/unzip/CVE-2019-13232_p2.patch
 create mode 100644 meta/recipes-extended/unzip/unzip/CVE-2019-13232_p3.patch
 create mode 100644 meta/recipes-extended/wget/wget/CVE-2018-20483_p1.patch
 create mode 100644 meta/recipes-extended/wget/wget/CVE-2018-20483_p2.patch
 create mode 100644 meta/recipes-support/gnupg/gnupg/0001-Woverride-init-is-not-needed-with-gcc-9.patch
 create mode 100644 meta/recipes-support/libgpg-error/libgpg-error/libgpg-error-1.35-gawk5-support.patch
 create mode 100644 meta/recipes-support/sqlite/files/CVE-2019-8457.patch

-- 
2.7.4

More information about the Openembedded-core mailing list