This set passed A-full AB. Most fo these have already been on the mailing list.
This is last set needed for the next dot release. The following changes since commit b6e17afc06d7a44dc9774ee98de7f186580ddf0d: uninative: Update to 2.7 release (2019-10-08 07:54:37 -0700) are available in the git repository at: git://git.openembedded.org/openembedded-core-contrib stable/warrior-next http://cgit.openembedded.org//log/?h=stable/warrior-next Alexander Kanavin (1): linux-yocto: add drm-bochs support Anuj Mittal (1): python: include CVE patches for python-native as well Armin Kuster (1): qemu: update to 3.1.1.1 Bruce Ashfield (6): linux-yocto/5.0: bsp: add basic xilinx zynqmp support linux-yocto/5.0: make scsi-debug include scsi core configs linux-yocto: bsp/beaglebone: support qemu -machine virt linux-yocto: arch/x86/boot: use prefix map to avoid embedded paths kernel-yocto: import security fragments from meta-security linux-yocto/4.19: make drm-bochs feature available Changqing Li (2): python: Fix CVE-2019-10160 sudo: fix CVE-2019-14287 Chen Qi (2): python: CVE-2019-16056 go: fix CVE-2019-16276 Dmitry Eremin-Solenikov (1): kernel.bbclass: fix installation of modules signing certificates George McCollister (1): openssl: make OPENSSL_ENGINES match install path Muminul Islam (1): libcroco: Fix two CVEs Yi Zhao (2): python: add tk-lib as runtime dependency for python-tkinter libgcrypt: fix CVE-2019-12904 Zang Ruochen (1): gnutls:upgrade 3.6.7 -> 3.6.8 meta/classes/kernel.bbclass | 2 +- .../recipes-connectivity/openssl/openssl_1.1.1b.bb | 2 +- meta/recipes-devtools/go/go-1.12.inc | 1 + ...nch.go1.12-security-net-textproto-don-t-n.patch | 163 ++++++++++ meta/recipes-devtools/python/python.inc | 5 + ...55-Dont-parse-domains-containing-GH-13079.patch | 90 ++++++ .../python/python/bpo-36742-cve-2019-10160.patch | 81 +++++ meta/recipes-devtools/python/python3_3.7.4.bb | 2 +- meta/recipes-devtools/python/python_2.7.16.bb | 9 +- ...qemu-native_3.1.0.bb => qemu-native_3.1.1.1.bb} | 0 ...tive_3.1.0.bb => qemu-system-native_3.1.1.1.bb} | 0 meta/recipes-devtools/qemu/qemu.inc | 14 +- .../0001-egl-headless-add-egl_create_context.patch | 50 ---- .../qemu/qemu/0014-fix-CVE-2018-16872.patch | 85 ------ .../qemu/qemu/0015-fix-CVE-2018-20124.patch | 60 ---- .../qemu/qemu/0016-fix-CVE-2018-20125.patch | 54 ---- .../qemu/qemu/0017-fix-CVE-2018-20126.patch | 113 ------- .../qemu/qemu/0018-fix-CVE-2018-20191.patch | 47 --- .../qemu/qemu/0019-fix-CVE-2018-20216.patch | 85 ------ .../qemu/qemu/CVE-2018-20815.patch | 38 --- .../recipes-devtools/qemu/qemu/CVE-2019-3812.patch | 39 --- .../recipes-devtools/qemu/qemu/CVE-2019-8934.patch | 215 ------------- .../qemu/{qemu_3.1.0.bb => qemu_3.1.1.1.bb} | 0 .../sudo/sudo/CVE-2019-14287-1.patch | 178 +++++++++++ .../sudo/sudo/CVE-2019-14287-2.patch | 112 +++++++ meta/recipes-extended/sudo/sudo_1.8.27.bb | 2 + meta/recipes-kernel/linux/linux-yocto-dev.bb | 2 +- meta/recipes-kernel/linux/linux-yocto-rt_4.19.bb | 4 +- meta/recipes-kernel/linux/linux-yocto-rt_5.0.bb | 6 +- meta/recipes-kernel/linux/linux-yocto-tiny_4.19.bb | 2 +- meta/recipes-kernel/linux/linux-yocto-tiny_5.0.bb | 6 +- meta/recipes-kernel/linux/linux-yocto_4.19.bb | 4 +- meta/recipes-kernel/linux/linux-yocto_5.0.bb | 21 +- .../gnutls/{gnutls_3.6.7.bb => gnutls_3.6.8.bb} | 4 +- .../libcroco/libcroco/CVE-2017-8834_71.patch | 38 +++ meta/recipes-support/libcroco/libcroco_0.6.12.bb | 1 + .../files/0001-Prefetch-GCM-look-up-tables.patch | 90 ++++++ ...ok-up-tables-to-.data-section-and-unshare.patch | 332 +++++++++++++++++++++ ...ok-up-table-to-.data-section-and-unshare-.patch | 178 +++++++++++ meta/recipes-support/libgcrypt/libgcrypt_1.8.4.bb | 3 + 40 files changed, 1307 insertions(+), 831 deletions(-) create mode 100644 meta/recipes-devtools/go/go-1.12/0001-release-branch.go1.12-security-net-textproto-don-t-n.patch create mode 100644 meta/recipes-devtools/python/python/0001-2.7-bpo-34155-Dont-parse-domains-containing-GH-13079.patch create mode 100644 meta/recipes-devtools/python/python/bpo-36742-cve-2019-10160.patch rename meta/recipes-devtools/qemu/{qemu-native_3.1.0.bb => qemu-native_3.1.1.1.bb} (100%) rename meta/recipes-devtools/qemu/{qemu-system-native_3.1.0.bb => qemu-system-native_3.1.1.1.bb} (100%) delete mode 100644 meta/recipes-devtools/qemu/qemu/0001-egl-headless-add-egl_create_context.patch delete mode 100644 meta/recipes-devtools/qemu/qemu/0014-fix-CVE-2018-16872.patch delete mode 100644 meta/recipes-devtools/qemu/qemu/0015-fix-CVE-2018-20124.patch delete mode 100644 meta/recipes-devtools/qemu/qemu/0016-fix-CVE-2018-20125.patch delete mode 100644 meta/recipes-devtools/qemu/qemu/0017-fix-CVE-2018-20126.patch delete mode 100644 meta/recipes-devtools/qemu/qemu/0018-fix-CVE-2018-20191.patch delete mode 100644 meta/recipes-devtools/qemu/qemu/0019-fix-CVE-2018-20216.patch delete mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-20815.patch delete mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2019-3812.patch delete mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2019-8934.patch rename meta/recipes-devtools/qemu/{qemu_3.1.0.bb => qemu_3.1.1.1.bb} (100%) create mode 100644 meta/recipes-extended/sudo/sudo/CVE-2019-14287-1.patch create mode 100644 meta/recipes-extended/sudo/sudo/CVE-2019-14287-2.patch rename meta/recipes-support/gnutls/{gnutls_3.6.7.bb => gnutls_3.6.8.bb} (93%) create mode 100644 meta/recipes-support/libcroco/libcroco/CVE-2017-8834_71.patch create mode 100644 meta/recipes-support/libgcrypt/files/0001-Prefetch-GCM-look-up-tables.patch create mode 100644 meta/recipes-support/libgcrypt/files/0002-AES-move-look-up-tables-to-.data-section-and-unshare.patch create mode 100644 meta/recipes-support/libgcrypt/files/0003-GCM-move-look-up-table-to-.data-section-and-unshare-.patch -- 2.7.4 -- _______________________________________________ Openembedded-core mailing list [email protected] http://lists.openembedded.org/mailman/listinfo/openembedded-core
