Please review this next set of patches for dunfell and have comments back by end of day Wednesday.
Passed a-full on autobuilder: https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/1381 The following changes since commit 210ebed1e9c2285d6e457bf03d1f1a1f3ddc7fda: package: get_package_mapping: avoid dependency mapping if renamed package provides original name (2020-09-04 04:31:45 -1000) are available in the Git repository at: git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut Adrian Freihofer (1): oe-publish-sdk: fix layers init via ssh Chris Laplante (4): cve-update-db-native: add progress handler cve-check/cve-update-db-native: use lockfile to fix usage under multiconfig cve-update-db-native: use context manager for cve_f cve-check: avoid FileNotFoundError if no do_cve_check task has run Khem Raj (2): uninative: Upgrade to 2.9 rpcbind: Use update-alternatives for rpcinfo Lee Chee Yang (3): xserver-xorg: fix CVE-2020-14347 qemu: fix CVE-2020-14364 CVE-2020-14415 libx11 : fix CVE-2020-14344 Matt Madison (1): image.bbclass: fix REPRODUCIBLE_TIMESTAMP_ROOTFS reference Oleksandr Kravchuk (1): ell: update to 0.33 Ovidiu Panait (1): libxml2: Fix CVE-2020-24977 Rahul Kumar (1): systemd-serialgetty: Fix sed expression quoting Richard Purdie (3): runqemu: Add a hook to allow it to renice selftest/signing: Ensure build path relocation is safe oeqa/concurrencytest: Improve builddir path manipulations Ross Burton (5): gdk-pixbuf: add tests PACKAGECONFIG insane: only load real files as ELF autoconf: consolidate DEPENDS curl: add vendors to CVE_PRODUCT to exclude false positives cmake: whitelist CVE-2016-10642 Zhixiong Chi (1): gnutls: CVE-2020-24659 akuster (1): cve-check.bbclass: always save cve report meta/classes/cve-check.bbclass | 34 ++ meta/classes/image.bbclass | 2 +- meta/classes/insane.bbclass | 13 +- meta/conf/distro/include/yocto-uninative.inc | 10 +- meta/lib/oeqa/selftest/cases/signing.py | 4 +- meta/lib/oeqa/selftest/context.py | 4 +- .../ell/{ell_0.32.bb => ell_0.33.bb} | 2 +- .../libxml/libxml2/CVE-2020-24977.patch | 41 +++ meta/recipes-core/libxml/libxml2_2.9.10.bb | 1 + .../recipes-core/meta/cve-update-db-native.bb | 96 +++--- .../systemd/systemd-serialgetty.bb | 2 +- meta/recipes-devtools/autoconf/autoconf.inc | 5 +- meta/recipes-devtools/cmake/cmake.inc | 4 + meta/recipes-devtools/qemu/qemu.inc | 2 + .../qemu/qemu/CVE-2020-14364.patch | 93 +++++ .../qemu/qemu/CVE-2020-14415.patch | 37 ++ .../recipes-extended/rpcbind/rpcbind_1.2.5.bb | 5 +- .../gdk-pixbuf/gdk-pixbuf_2.40.0.bb | 8 +- .../xorg-lib/libx11/CVE-2020-14344.patch | 321 ++++++++++++++++++ .../recipes-graphics/xorg-lib/libx11_1.6.9.bb | 4 +- .../xserver-xorg/CVE-2020-14347.patch | 38 +++ .../xorg-xserver/xserver-xorg_1.20.8.bb | 1 + meta/recipes-support/curl/curl_7.69.1.bb | 4 +- .../gnutls/gnutls/CVE-2020-24659.patch | 117 +++++++ meta/recipes-support/gnutls/gnutls_3.6.14.bb | 1 + scripts/oe-publish-sdk | 2 +- scripts/runqemu | 5 + 27 files changed, 782 insertions(+), 74 deletions(-) rename meta/recipes-core/ell/{ell_0.32.bb => ell_0.33.bb} (89%) create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2020-24977.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-14364.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-14415.patch create mode 100644 meta/recipes-graphics/xorg-lib/libx11/CVE-2020-14344.patch create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14347.patch create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2020-24659.patch -- 2.17.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#142506): https://lists.openembedded.org/g/openembedded-core/message/142506 Mute This Topic: https://lists.openembedded.org/mt/76843009/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
