[OE-core] [zeus 00/29] Patch review
Armin Kuster
akuster808 at gmail.com
Sun Feb 9 16:09:28 UTC 2020
These are the additional changes to help address reproducibility issues and additional fixes
we would like to be included in 3.0.2
Please have comments back by Tuesday
The following changes since commit 9b1bf083129be2b849db52d4f0eda9eb6077c97e:
python2: add ntpath (2020-02-02 18:19:50 -0800)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/zeus-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/zeus-nut
Alejandro del Castillo (1):
opkg-utils: upgrade to version 0.4.2
Alexander Kanavin (1):
perl: do not install files that contain build host specific data
Anuj Mittal (3):
Revert "bzip2: Fix CVE-2019-12900"
curl: fix CVE-2019-15601
cpio: fix CVE-2019-14866
Joshua Watt (2):
classes/reproducible_build: Read SDE file later
mc: Fix build reproducibility
Lee Chee Yang (1):
rsync: whitelist CVE-2017-16548
Richard Purdie (17):
opkg-utils: Fix reproducibility issues in opkg-build
oeqa/reproducible: Improve test output and ensure deb+ipk compared
sudo: Set vardir deterministically
libxshmfence: Set shm directory deterministically
mc: Set zipinfo presence determinstically
mc: Fix manpage date indeterminism
tar: Fix build determinism, disable rsh
patch: Extend to native/nativesdk and depend upon
libidn2: Fix reproducibility issue
perl: Fix various reproducibile build issues
openssl: Fix reproducibility issue
iputils: Fix build determinism
libinput: Fix determinism issue
libgcrypt: Fix determinism issue
sysvinit: Fix Reproducibility issue
libevdev: Fix determinism issue
ncurses: Fix reproducibility issue
Ross Burton (2):
gtk+3: sort resources for reproducible binaries
sudo: specify where target tools are
Taras Kondratiuk via Openembedded-core (1):
gcc-9.2: fix bug #91102 'aarch64 ICE on Linux kernel with -Os'
Tom Hochstein (1):
devtool/standard.py: Allow recipe to disable menuconfig logic
meta/classes/patch.bbclass | 7 +
meta/classes/reproducible_build.bbclass | 40 ++-
meta/lib/oeqa/selftest/cases/reproducible.py | 9 +-
.../openssl/openssl/reproducible.patch | 32 ++
.../openssl/openssl_1.1.1d.bb | 1 +
meta/recipes-core/meta/buildtools-tarball.bb | 1 +
meta/recipes-core/ncurses/ncurses.inc | 1 +
.../recipes-core/sysvinit/sysvinit_2.88dsf.bb | 1 +
meta/recipes-devtools/gcc/gcc-9.2.inc | 1 +
...02-aarch64-ICE-on-Linux-kernel-with-.patch | 95 ++++++
...Switch-all-scripts-to-use-Python-3.x.patch | 113 -------
...ld-clamp-mtimes-to-SOURCE_DATE_EPOCH.patch | 44 ---
.../opkg-utils/fix-reproducibility.patch | 32 ++
.../opkg-utils/opkg-utils/pipefail.patch | 31 --
...pkg-utils_0.4.1.bb => opkg-utils_0.4.2.bb} | 13 +-
meta/recipes-devtools/patch/patch_2.7.6.bb | 3 +
.../perl/files/determinism.patch | 81 +++++
meta/recipes-devtools/perl/perl-ptest.inc | 3 +
meta/recipes-devtools/perl/perl_5.30.0.bb | 4 +
meta/recipes-devtools/rsync/rsync_3.1.3.bb | 3 +
.../bzip2/bzip2-1.0.6/CVE-2019-12900.patch | 36 --
.../cpio/cpio-2.12/CVE-2019-14866.patch | 316 ++++++++++++++++++
meta/recipes-extended/cpio/cpio_2.12.bb | 1 +
.../iputils/iputils_s20190709.bb | 3 +-
meta/recipes-extended/libidn/libidn2_2.2.0.bb | 3 +-
...Add-option-to-control-configure-args.patch | 99 ++++++
.../recipes-extended/mc/files/nomandate.patch | 21 ++
meta/recipes-extended/mc/mc_4.8.23.bb | 7 +-
meta/recipes-extended/sudo/sudo.inc | 2 +-
meta/recipes-extended/sudo/sudo_1.8.27.bb | 10 +-
meta/recipes-extended/tar/tar_1.32.bb | 2 +
.../gtk+/gtk+3/sort-resources.patch | 19 ++
meta/recipes-gnome/gtk+/gtk+3_3.24.8.bb | 1 +
.../wayland/libinput/determinism.patch | 21 ++
.../wayland/libinput_1.14.1.bb | 4 +-
.../xorg-lib/libxshmfence_1.3.bb | 2 +
.../curl/curl/CVE-2019-15601.patch | 46 +++
meta/recipes-support/curl/curl_7.66.0.bb | 1 +
.../libevdev/libevdev/determinism.patch | 34 ++
.../libevdev/libevdev_1.8.0.bb | 3 +-
.../libgcrypt/files/determinism.patch | 32 ++
.../libgcrypt/libgcrypt_1.8.4.bb | 1 +
scripts/lib/devtool/standard.py | 6 +-
43 files changed, 933 insertions(+), 252 deletions(-)
create mode 100644 meta/recipes-connectivity/openssl/openssl/reproducible.patch
create mode 100644 meta/recipes-devtools/gcc/gcc-9.2/re-PR-target-91102-aarch64-ICE-on-Linux-kernel-with-.patch
delete mode 100644 meta/recipes-devtools/opkg-utils/opkg-utils/0001-Switch-all-scripts-to-use-Python-3.x.patch
delete mode 100644 meta/recipes-devtools/opkg-utils/opkg-utils/0001-opkg-build-clamp-mtimes-to-SOURCE_DATE_EPOCH.patch
create mode 100644 meta/recipes-devtools/opkg-utils/opkg-utils/fix-reproducibility.patch
delete mode 100644 meta/recipes-devtools/opkg-utils/opkg-utils/pipefail.patch
rename meta/recipes-devtools/opkg-utils/{opkg-utils_0.4.1.bb => opkg-utils_0.4.2.bb} (83%)
create mode 100644 meta/recipes-devtools/perl/files/determinism.patch
delete mode 100644 meta/recipes-extended/bzip2/bzip2-1.0.6/CVE-2019-12900.patch
create mode 100644 meta/recipes-extended/cpio/cpio-2.12/CVE-2019-14866.patch
create mode 100644 meta/recipes-extended/mc/files/0001-Add-option-to-control-configure-args.patch
create mode 100644 meta/recipes-extended/mc/files/nomandate.patch
create mode 100644 meta/recipes-gnome/gtk+/gtk+3/sort-resources.patch
create mode 100644 meta/recipes-graphics/wayland/libinput/determinism.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2019-15601.patch
create mode 100644 meta/recipes-support/libevdev/libevdev/determinism.patch
create mode 100644 meta/recipes-support/libgcrypt/files/determinism.patch
--
2.17.1
More information about the Openembedded-core
mailing list