Please consider this series for the next warrior release. The following changes since commit 0a1b1e88b936177344392e185fbd077622d88b3e:
file: fix CVE-2019-18218 (2019-11-11 20:49:54 -0800) are available in the Git repository at: git://git.openembedded.org/openembedded-core-contrib stable/warrior-next http://cgit.openembedded.org//log/?h=stable/warrior-next Alexander Kanavin (2): python: update to 2.7.17 sudo: correct SRC_URI Anuj Mittal (2): python: fix CVE-2018-20852 openssl: set CVE vendor to openssl Armin Kuster (1): stress: update SRC_URI Chen Qi (3): python: fix CVE-2019-16935 libxfont2: set CVE_PRODUCT webkitgtk: set CVE_PRODUCT Ferry Toth (1): sudo: Fix fetching sources Kai Kang (1): bind: fix CVE-2019-6471 and CVE-2018-5743 Khem Raj (1): sdk: Install nativesdk locales for all TCLIBC variants Niko Mauno (1): cve-check: Switch to NVD CVE JSON feed version 1.1 Oleksandr Kravchuk (1): popt: fix SRC_URI Ross Burton (18): flex: set CVE_PRODUCT to include vendor git: set CVE vendor to git-scm subversion: set CVE vendor to Apache ed: set CVE vendor to avoid false positives boost: set CVE vendor to Boost libpam: set CVE_PRODUCT libsndfile1: whitelist CVE-2018-13419 procps: whitelist CVE-2018-1121 cve-check: ensure all known CVEs are in the report cve-check: failure to parse versions should be more visible cve-check: we don't actually need to unpack to check cve-update-db-native: don't refresh more than once an hour cve-update-db-native: don't hardcode the database name cve-update-db-native: add an index on the CVE ID column cve-update-db-native: clean up proxy handling cve-check: rewrite look to fix false negatives cve-check: neaten get_cve_info cve-check: fetch CVE data once at a time instead of in a single call Zang Ruochen (1): libpcap: upgrade 1.9.0 -> 1.9.1 meta/classes/cve-check.bbclass | 105 +- meta/lib/oe/sdk.py | 4 - .../bind/0001-bind-fix-CVE-2019-6471.patch | 64 ++ ...01-fix-enforcement-of-tcp-clients-v1.patch | 60 ++ ...p-clients-could-still-be-exceeded-v2.patch | 670 +++++++++++++ ...rence-counter-for-pipeline-groups-v3.patch | 278 ++++++ ...accounting-and-client-mortality-chec.patch | 512 ++++++++++ ...a-and-pipeline-refs-allow-special-ca.patch | 911 ++++++++++++++++++ ...allowance-for-tcp-clients-interfaces.patch | 80 ++ ...perations-in-bin-named-client.c-with.patch | 140 +++ .../bind/bind_9.11.5-P4.bb | 8 + ...-add-missing-limits.h-for-musl-syste.patch | 29 - .../{libpcap_1.9.0.bb => libpcap_1.9.1.bb} | 5 +- .../openssl/openssl_1.1.1b.bb | 2 + .../recipes-core/meta/cve-update-db-native.bb | 46 +- meta/recipes-devtools/flex/flex_2.6.0.bb | 3 + meta/recipes-devtools/git/git.inc | 2 + ...-fix-one-do_populate_sysroot-warning.patch | 25 +- ...tive_2.7.16.bb => python-native_2.7.17.bb} | 2 +- meta/recipes-devtools/python/python.inc | 9 +- ...nt-parse-domains-containing-GH-13079.patch | 90 -- ...Resolve-intermediate-staging-issues.patch} | 53 +- .../python/python/CVE-2019-9740.patch | 215 ----- .../python/bpo-35907-cve-2019-9948-fix.patch | 55 -- .../python/bpo-35907-cve-2019-9948.patch | 55 -- .../python/bpo-36216-cve-2019-9636-fix.patch | 28 - .../python/bpo-36216-cve-2019-9636.patch | 111 --- .../python/bpo-36742-cve-2019-10160.patch | 81 -- .../{python_2.7.16.bb => python_2.7.17.bb} | 2 - .../subversion/subversion_1.11.1.bb | 2 + meta/recipes-extended/ed/ed_1.15.bb | 2 + meta/recipes-extended/pam/libpam_1.3.0.bb | 2 + meta/recipes-extended/procps/procps_3.3.15.bb | 3 + meta/recipes-extended/stress/stress_1.0.4.bb | 2 +- meta/recipes-extended/sudo/sudo_1.8.27.bb | 2 +- .../xorg-lib/libxfont2_2.0.3.bb | 2 + .../libsndfile/libsndfile1_1.0.28.bb | 3 + meta/recipes-sato/webkit/webkitgtk_2.22.7.bb | 2 + meta/recipes-support/boost/boost.inc | 2 + meta/recipes-support/popt/popt_1.16.bb | 2 +- 40 files changed, 2873 insertions(+), 796 deletions(-) create mode 100644 meta/recipes-connectivity/bind/bind/0001-bind-fix-CVE-2019-6471.patch create mode 100644 meta/recipes-connectivity/bind/bind/0001-fix-enforcement-of-tcp-clients-v1.patch create mode 100644 meta/recipes-connectivity/bind/bind/0002-tcp-clients-could-still-be-exceeded-v2.patch create mode 100644 meta/recipes-connectivity/bind/bind/0003-use-reference-counter-for-pipeline-groups-v3.patch create mode 100644 meta/recipes-connectivity/bind/bind/0004-better-tcpquota-accounting-and-client-mortality-chec.patch create mode 100644 meta/recipes-connectivity/bind/bind/0005-refactor-tcpquota-and-pipeline-refs-allow-special-ca.patch create mode 100644 meta/recipes-connectivity/bind/bind/0006-restore-allowance-for-tcp-clients-interfaces.patch create mode 100644 meta/recipes-connectivity/bind/bind/0007-Replace-atomic-operations-in-bin-named-client.c-with.patch delete mode 100644 meta/recipes-connectivity/libpcap/libpcap/0001-pcap-usb-linux.c-add-missing-limits.h-for-musl-syste.patch rename meta/recipes-connectivity/libpcap/{libpcap_1.9.0.bb => libpcap_1.9.1.bb} (88%) rename meta/recipes-devtools/python/{python-native_2.7.16.bb => python-native_2.7.17.bb} (97%) delete mode 100644 meta/recipes-devtools/python/python/0001-2.7-bpo-34155-Dont-parse-domains-containing-GH-13079.patch rename meta/recipes-devtools/python/python/{builddir.patch => 0001-python-Resolve-intermediate-staging-issues.patch} (58%) delete mode 100644 meta/recipes-devtools/python/python/CVE-2019-9740.patch delete mode 100644 meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948-fix.patch delete mode 100644 meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948.patch delete mode 100644 meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636-fix.patch delete mode 100644 meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636.patch delete mode 100644 meta/recipes-devtools/python/python/bpo-36742-cve-2019-10160.patch rename meta/recipes-devtools/python/{python_2.7.16.bb => python_2.7.17.bb} (98%) -- 2.17.1 -- _______________________________________________ Openembedded-core mailing list [email protected] http://lists.openembedded.org/mailman/listinfo/openembedded-core
