[OE-core][kirkstone 00/27] Patch review

Tue, 18 Jul 2023 07:26:18 -0700 

Please review this set of patches for kirkstone and have comments back by
end of day Thursday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5608

with the exception of a known intermittent issue on oe-selftest-ubuntu involving
a regression introduced in recent kernel stable branch updates:

https://bugzilla.yoctoproject.org/show_bug.cgi?id=15138

This will be fixed in an upcoming linux-yocto version bump, see thread below
for details:

https://lists.openembedded.org/g/openembedded-core/topic/99542122#182828

The following changes since commit 200c2783b3f8546f561382fff6bd5268680d403a:

  cve-update-nvd2-native: actually use API keys (2023-07-13 06:39:45 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Alberto Planas (1):
  bitbake.conf: add unzstd in HOSTTOOLS

Alexander Kanavin (5):
  serf: upgrade 1.3.9 -> 1.3.10
  wget: upgrade 1.21.3 -> 1.21.4
  linux-firmware: upgrade 20230404 -> 20230515
  wireless-regdb: upgrade 2023.02.13 -> 2023.05.03
  sysfsutils: fetch a supported fork from github

Alexander Sverdlin (1):
  rust-llvm: backport a fix for build with gcc-13

Chen Qi (4):
  sdk.py: error out when moving file fails
  sdk.py: fix moving dnf contents
  zip: fix configure check by using _Static_assert
  unzip: fix configure check for cross compilation

Heiko Thole (1):
  wic: Add dependencies for erofs-utils

Hitendra Prajapati (1):
  bind : fix CVE-2023-2828 & CVE-2023-2911

Jermain Horsman (1):
  logrotate: Do not create logrotate.status file

Jose Quaresma (1):
  selftest/reproducible: Allow chose the package manager

Marek Vasut (1):
  systemd: Backport nspawn: make sure host root can write to the
    uidmapped mounts we prepare for the container payload

Mauro Queiros (1):
  pybootchartgui: show elapsed time for each task

Mikko Rapeli (1):
  selftest reproducible.py: support different build targets

Nikhil R (1):
  libpng: Add ptest for libpng

Poonam Jadhav (1):
  libx11: Fix CVE-2023-3138 for kirkstone branch

Ross Burton (1):
  tzdata: upgrade to 2023c

Soumya (2):
  perl: Fix CVE-2023-31486
  libwebp: Fix CVE-2023-1999

Tom Hochstein (1):
  cmake: Fix CMAKE_SYSTEM_PROCESSOR setting for SDK

Trevor Gamblin (1):
  vim: upgrade 9.0.1527 -> 9.0.1592

Vijay Anusuri (1):
  sqlite3: CVE-2023-36191 CLI fault on missing -nonce

Vivek Kumbhar (1):
  curl: Added CVE-2023-28320 Follow-up patch

 meta/classes/image_types_wic.bbclass          |   2 +-
 meta/conf/bitbake.conf                        |   2 +-
 .../distro/include/ptest-packagelists.inc     |   1 +
 meta/lib/oe/package_manager/rpm/sdk.py        |   3 +-
 meta/lib/oe/sdk.py                            |   2 +-
 meta/lib/oeqa/selftest/cases/reproducible.py  |  14 +-
 .../bind/bind-9.18.11/CVE-2023-2828.patch     | 197 ++++++++++++
 .../bind/bind-9.18.11/CVE-2023-2911.patch     |  97 ++++++
 .../recipes-connectivity/bind/bind_9.18.11.bb |   2 +
 meta/recipes-core/meta/wic-tools.bb           |   2 +-
 .../sysfsutils/sysfsutils_2.1.0.bb            |  10 +-
 ...-host-root-can-write-to-the-uidmappe.patch | 216 +++++++++++++
 meta/recipes-core/systemd/systemd_250.5.bb    |   1 +
 .../cmake/cmake/OEToolchainConfig.cmake       |   5 +-
 .../perl/files/CVE-2023-31486-0001.patch      | 215 +++++++++++++
 .../perl/files/CVE-2023-31486-0002.patch      |  36 +++
 meta/recipes-devtools/perl/perl_5.34.1.bb     |   2 +
 meta/recipes-devtools/rust/rust-llvm.inc      |   4 +-
 ...-missing-cstdint-header-to-Signals.h.patch |  32 ++
 .../logrotate/logrotate_3.20.1.bb             |   1 -
 meta/recipes-extended/timezone/timezone.inc   |   6 +-
 .../timezone/tzcode-native.bb                 |   2 -
 ...0001-Fix-C23-related-conformance-bug.patch | 301 ------------------
 ...-fix-detection-for-cross-compilation.patch | 103 ++++++
 meta/recipes-extended/unzip/unzip_6.0.bb      |   1 +
 meta/recipes-extended/wget/wget.inc           |   2 +-
 .../wget/{wget_1.21.3.bb => wget_1.21.4.bb}   |   2 +-
 ...se-_Static_assert-to-do-correct-dete.patch |  96 ++++++
 meta/recipes-extended/zip/zip_3.0.bb          |   1 +
 .../xorg-lib/libx11/CVE-2023-3138.patch       | 111 +++++++
 .../xorg-lib/libx11_1.7.3.1.bb                |   1 +
 ...20230404.bb => linux-firmware_20230515.bb} |   4 +-
 ....02.13.bb => wireless-regdb_2023.05.03.bb} |   2 +-
 .../recipes-multimedia/libpng/files/run-ptest |  29 ++
 .../libpng/libpng_1.6.39.bb                   |  16 +-
 .../webp/files/CVE-2023-1999.patch            |  60 ++++
 meta/recipes-multimedia/webp/libwebp_1.2.4.bb |   4 +-
 .../curl/curl/CVE-2023-28320-fol1.patch       | 197 ++++++++++++
 meta/recipes-support/curl/curl_7.82.0.bb      |   1 +
 ...print-in-the-scons-file-to-unbreak-b.patch |  29 --
 ...sl_buckets.c-do-not-use-ERR_GET_FUNC.patch |  28 --
 ...11083-fix-building-with-scons-3.0.0-.patch |  29 --
 ...ories.without.sandbox-install.prefix.patch |   2 +-
 .../serf/{serf_1.3.9.bb => serf_1.3.10.bb}    |   6 +-
 .../sqlite/files/CVE-2023-36191.patch         |  37 +++
 meta/recipes-support/sqlite/sqlite3_3.38.5.bb |   1 +
 meta/recipes-support/vim/vim.inc              |   4 +-
 scripts/lib/wic/misc.py                       |   1 +
 scripts/pybootchartgui/pybootchartgui/draw.py |   5 +
 49 files changed, 1496 insertions(+), 429 deletions(-)
 create mode 100644 
meta/recipes-connectivity/bind/bind-9.18.11/CVE-2023-2828.patch
 create mode 100644 
meta/recipes-connectivity/bind/bind-9.18.11/CVE-2023-2911.patch
 create mode 100644 
meta/recipes-core/systemd/systemd/0001-nspawn-make-sure-host-root-can-write-to-the-uidmappe.patch
 create mode 100644 meta/recipes-devtools/perl/files/CVE-2023-31486-0001.patch
 create mode 100644 meta/recipes-devtools/perl/files/CVE-2023-31486-0002.patch
 create mode 100644 
meta/recipes-devtools/rust/rust-llvm/0003-Support-Add-missing-cstdint-header-to-Signals.h.patch
 delete mode 100644 
meta/recipes-extended/timezone/tzcode/0001-Fix-C23-related-conformance-bug.patch
 create mode 100644 
meta/recipes-extended/unzip/unzip/0001-unix-configure-fix-detection-for-cross-compilation.patch
 rename meta/recipes-extended/wget/{wget_1.21.3.bb => wget_1.21.4.bb} (60%)
 create mode 100644 
meta/recipes-extended/zip/zip-3.0/0001-unix-configure-use-_Static_assert-to-do-correct-dete.patch
 create mode 100644 meta/recipes-graphics/xorg-lib/libx11/CVE-2023-3138.patch
 rename meta/recipes-kernel/linux-firmware/{linux-firmware_20230404.bb => 
linux-firmware_20230515.bb} (99%)
 rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2023.02.13.bb => 
wireless-regdb_2023.05.03.bb} (94%)
 create mode 100644 meta/recipes-multimedia/libpng/files/run-ptest
 create mode 100644 meta/recipes-multimedia/webp/files/CVE-2023-1999.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2023-28320-fol1.patch
 delete mode 100644 
meta/recipes-support/serf/serf/0001-Fix-syntax-of-a-print-in-the-scons-file-to-unbreak-b.patch
 delete mode 100644 
meta/recipes-support/serf/serf/0001-buckets-ssl_buckets.c-do-not-use-ERR_GET_FUNC.patch
 delete mode 100644 
meta/recipes-support/serf/serf/0004-Follow-up-to-r1811083-fix-building-with-scons-3.0.0-.patch
 rename meta/recipes-support/serf/{serf_1.3.9.bb => serf_1.3.10.bb} (78%)
 create mode 100644 meta/recipes-support/sqlite/files/CVE-2023-36191.patch

-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#184504): 
https://lists.openembedded.org/g/openembedded-core/message/184504
Mute This Topic: https://lists.openembedded.org/mt/100216326/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to