[OE-core] [Thud][ 00/24] Thud patch review

Armin Kuster akuster808 at gmail.com
Tue Sep 24 03:12:56 UTC 2019 

Here is the lastes backports for thud-next.

Please review by Thursday.

The following changes since commit d3d3f443039b03f1200a14bfe99f985592632018:

  build-appliance-image: Update to thud head revision (2019-08-01 11:58:11 +0100)

are available in the git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/thud-nmut
  http://cgit.openembedded.org//log/?h=stable/thud-nmut

Adrian Bunk (1):
  bind: upgrade 9.11.5 -> 9.11.5-P4

Alexander Kanavin (1):
  buildhistory: call a dependency parser only on actual dependency lists

Andrii Bordunov via Openembedded-core (4):
  curl: fix CVE-2018-16890 CVE-2019-3822 CVE-2019-3823
  dbus: fix CVE-2019-12749
  glib-2.0: fix CVE-2019-13012
  libcomps: fix CVE-2019-3817

Anuj Mittal (5):
  patch: fix CVE-2019-13636
  python3: fix CVE-2019-9740
  libxslt: fix CVE-2019-13117 CVE-2019-13118
  patch: backport fixes
  pango: fix CVE-2019-1010238

Armin Kuster (6):
  gcc: Security fix for CVE-2019-14250
  binutils: Security fix for CVE-2019-14444
  binutils: Security fix for CVE-2019-12972
  bind: update to latest LTS 9.11.5
  go: update to 1.11.13, minor updates
  dhcp: fix issue with new bind changes

Bartosz Golaszewski (1):
  qemu: add a patch fixing the native build on newer kernels

Bruce Ashfield (1):
  linux-yocto/4.14: update to v4.14.143

Dan Tran (3):
  binutils: Fix 4 CVEs
  python: Fix 3 CVEs
  python3: Fix CVEs

Muminul Islam (1):
  libxslt: Cve fix CVE-2019-11068

Trevor Gamblin (1):
  patch: fix CVE-2019-13638

 meta/lib/oe/buildhistory_analysis.py               |    2 +-
 .../bind/bind/CVE-2018-5740.patch                  |   72 -
 .../bind/{bind_9.11.4.bb => bind_9.11.5-P4.bb}     |    8 +-
 ...eplace-custom-isc_boolean_t-with-C-standa.patch | 2882 ++++++++++++++++++++
 meta/recipes-connectivity/dhcp/dhcp_4.4.1.bb       |    1 +
 meta/recipes-core/dbus/dbus/CVE-2019-12749.patch   |  127 +
 meta/recipes-core/dbus/dbus_1.12.10.bb             |    1 +
 .../glib-2.0/glib-2.0/CVE-2019-13012.patch         |   47 +
 meta/recipes-core/glib-2.0/glib-2.0_2.58.0.bb      |    1 +
 meta/recipes-devtools/binutils/binutils-2.31.inc   |    6 +
 .../binutils/binutils/CVE-2018-1000876.patch       |  180 ++
 .../binutils/binutils/CVE-2018-20623.patch         |   74 +
 .../binutils/binutils/CVE-2018-20651.patch         |   35 +
 .../binutils/binutils/CVE-2018-20671.patch         |   49 +
 .../binutils/binutils/CVE-2019-12972.patch         |   39 +
 .../binutils/binutils/CVE-2019-14444.patch         |   33 +
 meta/recipes-devtools/gcc/gcc-8.2.inc              |    1 +
 .../gcc/gcc-8.2/CVE-2019-14250.patch               |   44 +
 meta/recipes-devtools/go/go-1.11.inc               |    6 +-
 .../libcomps/libcomps/CVE-2019-3817.patch          |   97 +
 meta/recipes-devtools/libcomps/libcomps_git.bb     |    1 +
 ...k-temporary-file-on-failed-ed-style-patch.patch |   93 +
 ...ak-temporary-file-on-failed-multi-file-ed.patch |   80 +
 ...ke-ed-directly-instead-of-using-the-shell.patch |   44 +
 .../patch/patch/CVE-2019-13636.patch               |  113 +
 meta/recipes-devtools/patch/patch_2.7.6.bb         |    4 +
 .../python/python/bpo-30458-cve-2019-9740.patch    |  219 ++
 .../python/python/bpo-35121-cve-2018-20852.patch   |  127 +
 .../python/python3/CVE-2018-14647.patch            |   95 +
 .../python/python3/CVE-2018-20406.patch            |  217 ++
 .../python/python3/CVE-2018-20852.patch            |  129 +
 .../python/python3/CVE-2019-9636.patch             |  154 ++
 .../python/python3/CVE-2019-9740.patch             |  155 ++
 meta/recipes-devtools/python/python3_3.5.6.bb      |    5 +
 meta/recipes-devtools/python/python_2.7.16.bb      |    2 +
 ...error-messages-when-qemi_cpu_kick_thread-.patch |   19 +-
 ...fix-to-handle-variably-sized-SIOCGSTAMP-w.patch |  336 +++
 meta/recipes-devtools/qemu/qemu_3.0.0.bb           |    1 +
 .../pango/pango/CVE-2019-1010238.patch             |   38 +
 meta/recipes-graphics/pango/pango_1.42.4.bb        |    4 +-
 meta/recipes-kernel/linux/linux-yocto-rt_4.14.bb   |    6 +-
 meta/recipes-kernel/linux/linux-yocto-tiny_4.14.bb |    6 +-
 meta/recipes-kernel/linux/linux-yocto_4.14.bb      |   20 +-
 .../recipes-support/curl/curl/CVE-2018-16890.patch |   50 +
 meta/recipes-support/curl/curl/CVE-2019-3822.patch |   47 +
 meta/recipes-support/curl/curl/CVE-2019-3823.patch |   55 +
 meta/recipes-support/curl/curl_7.61.0.bb           |    3 +
 .../libxslt/files/CVE-2019-13117.patch             |   33 +
 .../libxslt/files/CVE-2019-13118.patch             |   76 +
 .../libxslt/libxslt/CVE-2019-11068.patch           |  128 +
 meta/recipes-support/libxslt/libxslt_1.1.32.bb     |    5 +-
 51 files changed, 5862 insertions(+), 108 deletions(-)
 delete mode 100644 meta/recipes-connectivity/bind/bind/CVE-2018-5740.patch
 rename meta/recipes-connectivity/bind/{bind_9.11.4.bb => bind_9.11.5-P4.bb} (95%)
 create mode 100644 meta/recipes-connectivity/dhcp/dhcp/0001-dhcpd-fix-Replace-custom-isc_boolean_t-with-C-standa.patch
 create mode 100644 meta/recipes-core/dbus/dbus/CVE-2019-12749.patch
 create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2019-13012.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2018-1000876.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2018-20623.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2018-20651.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2018-20671.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2019-12972.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2019-14444.patch
 create mode 100644 meta/recipes-devtools/gcc/gcc-8.2/CVE-2019-14250.patch
 create mode 100644 meta/recipes-devtools/libcomps/libcomps/CVE-2019-3817.patch
 create mode 100644 meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-ed-style-patch.patch
 create mode 100644 meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-multi-file-ed.patch
 create mode 100644 meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch
 create mode 100644 meta/recipes-devtools/patch/patch/CVE-2019-13636.patch
 create mode 100644 meta/recipes-devtools/python/python/bpo-30458-cve-2019-9740.patch
 create mode 100644 meta/recipes-devtools/python/python/bpo-35121-cve-2018-20852.patch
 create mode 100644 meta/recipes-devtools/python/python3/CVE-2018-14647.patch
 create mode 100644 meta/recipes-devtools/python/python3/CVE-2018-20406.patch
 create mode 100644 meta/recipes-devtools/python/python3/CVE-2018-20852.patch
 create mode 100644 meta/recipes-devtools/python/python3/CVE-2019-9636.patch
 create mode 100644 meta/recipes-devtools/python/python3/CVE-2019-9740.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/0014-linux-user-fix-to-handle-variably-sized-SIOCGSTAMP-w.patch
 create mode 100644 meta/recipes-graphics/pango/pango/CVE-2019-1010238.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2018-16890.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2019-3822.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2019-3823.patch
 create mode 100644 meta/recipes-support/libxslt/files/CVE-2019-13117.patch
 create mode 100644 meta/recipes-support/libxslt/files/CVE-2019-13118.patch
 create mode 100644 meta/recipes-support/libxslt/libxslt/CVE-2019-11068.patch

-- 
2.7.4

More information about the Openembedded-core mailing list