Here are the next series for thud. Passed A-full
The following changes since commit cd7cf933b3235560ec71576d8f3836dff736a39f: build-appliance-image: Update to thud head revision (2019-10-17 16:45:34 +0100) are available in the git repository at: git://git.openembedded.org/openembedded-core-contrib stable/thud-next http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/thud-next Armin Kuster (1): linux-yocto/4.14: update to 4.14.154 Dan Tran (2): tar: Fix CVE-2018-20482 sudo: Fix CVE-2019-14287 Jed (1): at-spi2: fix dbus-daemon path Khem Raj (1): sdk: Install nativesdk locales for all TCLIBC variants Ross Burton (12): cve-check: backport rewrite from master cve-check: ensure all known CVEs are in the report cve-check: failure to parse versions should be more visible cve-check: we don't actually need to unpack to check cve-update-db-native: don't refresh more than once an hour cve-update-db-native: don't hardcode the database name cve-update-db-native: add an index on the CVE ID column cve-update-db-native: clean up proxy handling cve-check: rewrite look to fix false negatives cve-check: neaten get_cve_info cve-check: fetch CVE data once at a time instead of in a single call glibc: finish incomplete fix for CVE-2016-10739 Shubham Agrawal (1): libgcrypt: CVE-2019-12904 meta/classes/cve-check.bbclass | 181 ++-- meta/conf/distro/include/maintainers.inc | 1 + meta/lib/oe/sdk.py | 4 - meta/recipes-core/glibc/glibc-locale.inc | 3 + meta/recipes-core/glibc/glibc-mtrace.inc | 3 + meta/recipes-core/glibc/glibc-scripts.inc | 3 + meta/recipes-core/glibc/glibc/CVE-2016-10739.patch | 910 ++++++++++++++++++++- meta/recipes-core/meta/cve-update-db-native.bb | 185 +++++ .../cve-check-tool/cve-check-tool_5.6.4.bb | 62 -- ...01-Fix-freeing-memory-allocated-by-sqlite.patch | 50 -- ...ow-overriding-default-CA-certificate-file.patch | 215 ----- ...ogress-in-percent-when-downloading-CVE-db.patch | 135 --- ...are-computed-vs-expected-sha256-digit-str.patch | 52 -- .../check-for-malloc_trim-before-using-it.patch | 51 -- .../sudo/sudo/CVE-2019-14287_p1.patch | 170 ++++ .../sudo/sudo/CVE-2019-14287_p2.patch | 98 +++ meta/recipes-extended/sudo/sudo_1.8.23.bb | 2 + meta/recipes-extended/tar/tar/CVE-2018-20482.patch | 405 +++++++++ meta/recipes-extended/tar/tar_1.30.bb | 1 + meta/recipes-kernel/linux/linux-yocto-rt_4.14.bb | 6 +- meta/recipes-kernel/linux/linux-yocto-tiny_4.14.bb | 6 +- meta/recipes-kernel/linux/linux-yocto_4.14.bb | 20 +- meta/recipes-support/atk/at-spi2-core_2.28.0.bb | 2 +- .../libgcrypt/files/CVE-2019-12904_p1.patch | 176 ++++ .../libgcrypt/files/CVE-2019-12904_p2.patch | 330 ++++++++ meta/recipes-support/libgcrypt/libgcrypt_1.8.4.bb | 2 + 26 files changed, 2410 insertions(+), 663 deletions(-) create mode 100644 meta/recipes-core/meta/cve-update-db-native.bb delete mode 100644 meta/recipes-devtools/cve-check-tool/cve-check-tool_5.6.4.bb delete mode 100644 meta/recipes-devtools/cve-check-tool/files/0001-Fix-freeing-memory-allocated-by-sqlite.patch delete mode 100644 meta/recipes-devtools/cve-check-tool/files/0001-curl-allow-overriding-default-CA-certificate-file.patch delete mode 100644 meta/recipes-devtools/cve-check-tool/files/0001-print-progress-in-percent-when-downloading-CVE-db.patch delete mode 100644 meta/recipes-devtools/cve-check-tool/files/0001-update-Compare-computed-vs-expected-sha256-digit-str.patch delete mode 100644 meta/recipes-devtools/cve-check-tool/files/check-for-malloc_trim-before-using-it.patch create mode 100644 meta/recipes-extended/sudo/sudo/CVE-2019-14287_p1.patch create mode 100644 meta/recipes-extended/sudo/sudo/CVE-2019-14287_p2.patch create mode 100644 meta/recipes-extended/tar/tar/CVE-2018-20482.patch create mode 100644 meta/recipes-support/libgcrypt/files/CVE-2019-12904_p1.patch create mode 100644 meta/recipes-support/libgcrypt/files/CVE-2019-12904_p2.patch -- 2.7.4 -- _______________________________________________ Openembedded-core mailing list [email protected] http://lists.openembedded.org/mailman/listinfo/openembedded-core
