[OE-core] [zeus 00/28] Patch review
Armin Kuster
akuster808 at gmail.com
Sat Oct 26 06:49:32 UTC 2019
This is what has been backported from master or patches.
Comments by Monday.
The following changes since commit 59938780e7e776d87146002ea939b185f8704408:
build-appliance-image: Update to master head revision (2019-10-09 22:28:44 +0100)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/zeus-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/zeus-next
Alexander Kanavin (1):
runqemu: unset another environment variable for 'egl-headless'
André Draszik (1):
connman: mark connman-wait-online as SYSTEMD_PACKAGE
Changqing Li (3):
qemu: Fix CVE-2019-12068
python: Fix CVE-2019-10160
sudo: fix CVE-2019-14287
Chee Yang Lee (1):
wic/engine: use 'linux-swap' for swap file system
Chen Qi (3):
python: CVE-2019-16056
python3: CVE-2019-16056
go: fix CVE-2019-16276
Douglas Royds via Openembedded-core (1):
icecc: Export ICECC_CC and friends via wrapper-script
Eugene Smirnov (1):
wic/rawcopy: Support files in sub-directories
George McCollister (1):
openssl: make OPENSSL_ENGINES match install path
Hongxu Jia (1):
openssh: fix CVE-2019-16905
Joerg Vehlow (1):
runqemu: Remove disabling of high resolution timer
Liwei Song (1):
util-linux: fix PKNAME name is NULL when use lsblk [LIN1019-2963]
Michael Ho (1):
cmake.bbclass: add HOSTTOOLS_DIR to CMAKE_FIND_ROOT_PATH
Qi.Chen at windriver.com (1):
sqlite3: fix CVE-2019-16168
Ricardo Ribalda Delgado (1):
i2c-tools: Add missing RDEPEND
Ross Burton (3):
sanity: check the format of SDK_VENDOR
file: explicitly disable seccomp
python3: -dev should depend on distutils
Stefan Agner (1):
uninative: check .done file instead of tarball
Tom Benn (1):
dbus: update dbus-1.init to reflect new PID file
Trevor Gamblin (2):
aspell: fix CVE-2019-17544
ncurses: fix CVE-2019-17594, CVE-2019-17595
Wenlin Kang (1):
sysstat: fix CVE-2019-16167
Yi Zhao (2):
libsdl2: fix CVE-2019-13616
libgcrypt: fix CVE-2019-12904
meta/classes/cmake.bbclass | 3 +-
meta/classes/icecc.bbclass | 32 +-
meta/classes/sanity.bbclass | 5 +
meta/classes/uninative.bbclass | 2 +-
meta/recipes-connectivity/connman/connman.inc | 2 +-
...x-integer-overflow-in-XMSS-private-key-pa.patch | 40 +++
meta/recipes-connectivity/openssh/openssh_8.0p1.bb | 1 +
.../recipes-connectivity/openssl/openssl_1.1.1d.bb | 2 +-
meta/recipes-core/dbus/dbus/dbus-1.init | 4 +-
...rses-selective-backport-of-20191012-patch.patch | 169 +++++++++++
meta/recipes-core/ncurses/ncurses_6.1+20190803.bb | 1 +
...lsblk-force-to-print-PKNAME-for-partition.patch | 36 +++
meta/recipes-core/util-linux/util-linux_2.34.bb | 1 +
meta/recipes-devtools/file/file_5.37.bb | 2 +
meta/recipes-devtools/go/go-1.12.inc | 1 +
...nch.go1.12-security-net-textproto-don-t-n.patch | 163 ++++++++++
meta/recipes-devtools/i2c-tools/i2c-tools_4.1.bb | 1 +
...55-Dont-parse-domains-containing-GH-13079.patch | 90 ++++++
.../python/python/bpo-36742-cve-2019-10160.patch | 81 +++++
...55-Dont-parse-domains-containing-GH-13079.patch | 132 ++++++++
.../python/python3/python3-manifest.json | 3 +-
meta/recipes-devtools/python/python3_3.7.4.bb | 1 +
meta/recipes-devtools/python/python_2.7.16.bb | 2 +
meta/recipes-devtools/qemu/qemu.inc | 1 +
.../qemu/qemu/CVE-2019-12068.patch | 108 +++++++
.../sudo/sudo/CVE-2019-14287-1.patch | 178 +++++++++++
.../sudo/sudo/CVE-2019-14287-2.patch | 112 +++++++
meta/recipes-extended/sudo/sudo_1.8.27.bb | 2 +
...ory-corruption-bug-due-to-Integer-Overflo.patch | 46 +++
meta/recipes-extended/sysstat/sysstat_12.1.6.bb | 4 +-
...538-validate-image-size-when-loading-BMP-.patch | 34 +++
meta/recipes-graphics/libsdl2/libsdl2_2.0.10.bb | 1 +
.../0001-Fix-various-bugs-found-by-OSS-Fuze.patch | 56 ++++
meta/recipes-support/aspell/aspell_0.60.7.bb | 4 +-
.../files/0001-Prefetch-GCM-look-up-tables.patch | 90 ++++++
...ok-up-tables-to-.data-section-and-unshare.patch | 332 +++++++++++++++++++++
...ok-up-table-to-.data-section-and-unshare-.patch | 178 +++++++++++
meta/recipes-support/libgcrypt/libgcrypt_1.8.4.bb | 3 +
.../sqlite/files/0001-Fix-CVE-2019-16168.patch | 40 +++
meta/recipes-support/sqlite/sqlite3_3.29.0.bb | 3 +-
scripts/lib/wic/engine.py | 2 +-
scripts/lib/wic/plugins/source/rawcopy.py | 3 +
scripts/runqemu | 5 +-
43 files changed, 1951 insertions(+), 25 deletions(-)
create mode 100644 meta/recipes-connectivity/openssh/openssh/0001-upstream-fix-integer-overflow-in-XMSS-private-key-pa.patch
create mode 100644 meta/recipes-core/ncurses/files/0001-ncurses-selective-backport-of-20191012-patch.patch
create mode 100644 meta/recipes-core/util-linux/util-linux/0001-lsblk-force-to-print-PKNAME-for-partition.patch
create mode 100644 meta/recipes-devtools/go/go-1.12/0001-release-branch.go1.12-security-net-textproto-don-t-n.patch
create mode 100644 meta/recipes-devtools/python/python/0001-2.7-bpo-34155-Dont-parse-domains-containing-GH-13079.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-36742-cve-2019-10160.patch
create mode 100644 meta/recipes-devtools/python/python3/0001-bpo-34155-Dont-parse-domains-containing-GH-13079.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2019-12068.patch
create mode 100644 meta/recipes-extended/sudo/sudo/CVE-2019-14287-1.patch
create mode 100644 meta/recipes-extended/sudo/sudo/CVE-2019-14287-2.patch
create mode 100644 meta/recipes-extended/sysstat/sysstat/0001-Fix-232-Memory-corruption-bug-due-to-Integer-Overflo.patch
create mode 100644 meta/recipes-graphics/libsdl2/libsdl2/0001-Fixed-bug-4538-validate-image-size-when-loading-BMP-.patch
create mode 100644 meta/recipes-support/aspell/aspell/0001-Fix-various-bugs-found-by-OSS-Fuze.patch
create mode 100644 meta/recipes-support/libgcrypt/files/0001-Prefetch-GCM-look-up-tables.patch
create mode 100644 meta/recipes-support/libgcrypt/files/0002-AES-move-look-up-tables-to-.data-section-and-unshare.patch
create mode 100644 meta/recipes-support/libgcrypt/files/0003-GCM-move-look-up-table-to-.data-section-and-unshare-.patch
create mode 100644 meta/recipes-support/sqlite/files/0001-Fix-CVE-2019-16168.patch
--
2.7.4
More information about the Openembedded-core
mailing list