Please review this set of changes for kirkstone and have comments back by end of day Monday, May 13
Passed a-full on autobuilder: https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6889 The following changes since commit 8a502301209ef144932ef5071c1a9b738db23270: rootfs-postcommands.bbclass: Only set DROPBEAR_RSAKEY_DIR once (2024-04-26 06:15:55 -0700) are available in the Git repository at: https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut Archana Polampalli (4): ofono: fix CVE-2023-4234 ofono: fix CVE-2023-4233 gstreamer1.0-plugins-bad: fix CVE-2024-0444 gstreamer1.0-plugins-bad: fix CVE-2023-44446 Bruce Ashfield (13): linux-yocto/5.15: update to v5.15.151 linux-yocto/5.15: update CVE exclusions (5.15.151) linux-yocto/5.15: update to v5.15.152 linux-yocto/5.15: update CVE exclusions (5.15.152) linux-yocto/5.15: update to v5.15.153 linux-yocto/5.15: update CVE exclusions (5.15.153) linux-yocto/5.15: update to v5.15.155 linux-yocto/5.15: update CVE exclusions (5.15.155) linux-yocto/5.15: update to v5.15.156 linux-yocto/5.15: update CVE exclusions (5.15.156) linux-yocto/5.15: update to v5.15.157 linux-yocto/5.15: update CVE exclusions (5.15.157) linux-yocto/5.15: cfg: remove obselete CONFIG_NFSD_V3 option Heiko (1): kernel.bbclass: check, if directory exists before removing empty module directory Peter Marko (2): python3: Upgrade 3.10.13 -> 3.10.14 libarchive: fix multiple security vulnerabilities in pax writer Poonam Jadhav (1): ppp: Add RSA-MD in LICENSE Soumya Sambu (1): ncurses: Fix CVE-2023-45918 Vijay Anusuri (1): less: backport Debian patch for CVE-2024-32487 meta/classes/kernel.bbclass | 2 +- .../ofono/ofono/CVE-2023-4233.patch | 32 + .../ofono/ofono/CVE-2023-4234.patch | 39 + meta/recipes-connectivity/ofono/ofono_1.34.bb | 2 + meta/recipes-connectivity/ppp/ppp_2.4.9.bb | 2 +- .../ncurses/files/CVE-2023-45918.patch | 180 + .../ncurses/ncurses_6.3+20220423.bb | 1 + ...{python3_3.10.13.bb => python3_3.10.14.bb} | 2 +- .../less/less/CVE-2024-32487.patch | 69 + meta/recipes-extended/less/less_600.bb | 1 + ...ix-multiple-security-vulnerabilities.patch | 107 + .../libarchive/libarchive_3.6.2.bb | 4 +- .../linux/cve-exclusion_5.15.inc | 4508 ++++++++++++----- .../linux/linux-yocto-rt_5.15.bb | 6 +- .../linux/linux-yocto-tiny_5.15.bb | 6 +- meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 +- .../CVE-2023-44446.patch | 329 ++ .../CVE-2024-0444.patch | 42 + .../gstreamer1.0-plugins-bad_1.20.7.bb | 2 + 19 files changed, 4007 insertions(+), 1353 deletions(-) create mode 100644 meta/recipes-connectivity/ofono/ofono/CVE-2023-4233.patch create mode 100644 meta/recipes-connectivity/ofono/ofono/CVE-2023-4234.patch create mode 100644 meta/recipes-core/ncurses/files/CVE-2023-45918.patch rename meta/recipes-devtools/python/{python3_3.10.13.bb => python3_3.10.14.bb} (99%) create mode 100644 meta/recipes-extended/less/less/CVE-2024-32487.patch create mode 100644 meta/recipes-extended/libarchive/libarchive/0001-pax-writer-fix-multiple-security-vulnerabilities.patch create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad/CVE-2023-44446.patch create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad/CVE-2024-0444.patch -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#199147): https://lists.openembedded.org/g/openembedded-core/message/199147 Mute This Topic: https://lists.openembedded.org/mt/105999443/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
