Please review this set of changes for scarthgap and have comments back by end of day Monday, July 8
Passed a-full on autobuilder: https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/7104 The following changes since commit 9abcb18014020804738dfc7d278d7097679f4d19: classes/create-spdx-2.2: Fix SPDX Namespace Prefix (2024-06-28 06:28:58 -0700) are available in the Git repository at: https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut Antonin Godard (1): devtool: ide-sdk: correct help typo Archana Polampalli (1): gstreamer: upgrade 1.22.11 -> 1.22.12 Bruce Ashfield (3): linux-yocto/6.6: update to v6.6.34 linux-yocto/6.6: update to v6.6.35 linux-yocto/6.6: fix AMD boot trace Deepthi Hemraj (1): llvm: Fix CVE-2024-0151 Guðni Már Gilbert (4): python3-requests: cleanup RDEPENDS python3-setuptools: drop python3-2to3 from RDEPENDS python3-bcrypt: drop python3-six from RDEPENDS python3-pyopenssl: drop python3-six from RDEPENDS Hitendra Prajapati (1): QEMU: Fix CVE-2024-3446 & CVE-2024-3567 Jose Quaresma (1): openssh: fix CVE-2024-6387 Khem Raj (1): pcmanfm: Disable incompatible-pointer-types warning as error Martin Jansa (1): rng-tools: ignore incompatible-pointer-types errors for now Mingli Yu (1): ruby: Fix CVE-2023-36617 Richard Purdie (3): python3-jinja2: Upgrade 3.1.3 -> 3.1.4 oeqa/selftest/recipetool: Fix for usrmerge in DISTRO_FEATURES oeqa/selftest/devtool: Fix for usrmerge in DISTRO_FEATURES Ross Burton (1): curl: locale-base-en-us isn't glibc-specific Siddharth Doshi (1): OpenSSL: Security fix for CVE-2024-5535 Yi Zhao (1): libpam: fix runtime error in pam_pwhistory moudle meta/lib/oeqa/selftest/cases/devtool.py | 2 + meta/lib/oeqa/selftest/cases/recipetool.py | 16 +- .../openssh/openssh/CVE-2024-6387.patch | 27 + .../openssh/openssh_9.6p1.bb | 1 + .../openssl/openssl/CVE-2024-5535_1.patch | 113 ++ .../openssl/openssl/CVE-2024-5535_10.patch | 203 +++ .../openssl/openssl/CVE-2024-5535_2.patch | 43 + .../openssl/openssl/CVE-2024-5535_3.patch | 38 + .../openssl/openssl/CVE-2024-5535_4.patch | 82 ++ .../openssl/openssl/CVE-2024-5535_5.patch | 176 +++ .../openssl/openssl/CVE-2024-5535_6.patch | 1173 +++++++++++++++++ .../openssl/openssl/CVE-2024-5535_7.patch | 43 + .../openssl/openssl/CVE-2024-5535_8.patch | 66 + .../openssl/openssl/CVE-2024-5535_9.patch | 271 ++++ .../openssl/openssl_3.2.2.bb | 10 + .../llvm/0002-llvm-Fix-CVE-2024-0151.patch | 1086 +++++++++++++++ meta/recipes-devtools/llvm/llvm_18.1.5.bb | 1 + .../python/python3-bcrypt_4.1.2.bb | 1 - ...inja2_3.1.3.bb => python3-jinja2_3.1.4.bb} | 8 +- .../python/python3-pyopenssl_24.0.0.bb | 1 - .../python/python3-requests_2.31.0.bb | 6 +- .../python/python3-setuptools_69.1.1.bb | 1 - meta/recipes-devtools/qemu/qemu.inc | 5 + .../qemu/qemu/CVE-2024-3446-01.patch | 73 + .../qemu/qemu/CVE-2024-3446-02.patch | 48 + .../qemu/qemu/CVE-2024-3446-03.patch | 47 + .../qemu/qemu/CVE-2024-3446-04.patch | 52 + .../qemu/qemu/CVE-2024-3567.patch | 48 + .../ruby/ruby/CVE-2023-36617_1.patch | 56 + .../ruby/ruby/CVE-2023-36617_2.patch | 52 + meta/recipes-devtools/ruby/ruby_3.2.2.bb | 2 + ...x-passing-NULL-filename-argument-to-.patch | 69 + meta/recipes-extended/pam/libpam_1.5.3.bb | 1 + .../linux/linux-yocto-rt_6.6.bb | 6 +- .../linux/linux-yocto-tiny_6.6.bb | 6 +- meta/recipes-kernel/linux/linux-yocto_6.6.bb | 28 +- ...ols_1.22.11.bb => gst-devtools_1.22.12.bb} | 2 +- ...22.11.bb => gstreamer1.0-libav_1.22.12.bb} | 2 +- ...1.22.11.bb => gstreamer1.0-omx_1.22.12.bb} | 2 +- ...bb => gstreamer1.0-plugins-bad_1.22.12.bb} | 2 +- ...b => gstreamer1.0-plugins-base_1.22.12.bb} | 2 +- ...b => gstreamer1.0-plugins-good_1.22.12.bb} | 2 +- ...b => gstreamer1.0-plugins-ugly_1.22.12.bb} | 2 +- ...2.11.bb => gstreamer1.0-python_1.22.12.bb} | 2 +- ...bb => gstreamer1.0-rtsp-server_1.22.12.bb} | 2 +- ...22.11.bb => gstreamer1.0-vaapi_1.22.12.bb} | 2 +- ...1.0_1.22.11.bb => gstreamer1.0_1.22.12.bb} | 2 +- meta/recipes-sato/pcmanfm/pcmanfm_1.3.2.bb | 2 + meta/recipes-support/curl/curl_8.7.1.bb | 2 +- .../rng-tools/rng-tools_6.16.bb | 4 + scripts/lib/devtool/ide_sdk.py | 2 +- 51 files changed, 3844 insertions(+), 49 deletions(-) create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2024-6387.patch create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_1.patch create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_10.patch create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_2.patch create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_3.patch create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_4.patch create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_5.patch create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_6.patch create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_7.patch create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_8.patch create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_9.patch create mode 100644 meta/recipes-devtools/llvm/llvm/0002-llvm-Fix-CVE-2024-0151.patch rename meta/recipes-devtools/python/{python3-jinja2_3.1.3.bb => python3-jinja2_3.1.4.bb} (79%) create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3446-01.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3446-02.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3446-03.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3446-04.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2024-3567.patch create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2023-36617_1.patch create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2023-36617_2.patch create mode 100644 meta/recipes-extended/pam/libpam/0001-pam_pwhistory-fix-passing-NULL-filename-argument-to-.patch rename meta/recipes-multimedia/gstreamer/{gst-devtools_1.22.11.bb => gst-devtools_1.22.12.bb} (95%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-libav_1.22.11.bb => gstreamer1.0-libav_1.22.12.bb} (91%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-omx_1.22.11.bb => gstreamer1.0-omx_1.22.12.bb} (95%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-bad_1.22.11.bb => gstreamer1.0-plugins-bad_1.22.12.bb} (98%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-base_1.22.11.bb => gstreamer1.0-plugins-base_1.22.12.bb} (98%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-good_1.22.11.bb => gstreamer1.0-plugins-good_1.22.12.bb} (97%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-ugly_1.22.11.bb => gstreamer1.0-plugins-ugly_1.22.12.bb} (94%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-python_1.22.11.bb => gstreamer1.0-python_1.22.12.bb} (91%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-rtsp-server_1.22.11.bb => gstreamer1.0-rtsp-server_1.22.12.bb} (90%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-vaapi_1.22.11.bb => gstreamer1.0-vaapi_1.22.12.bb} (95%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0_1.22.11.bb => gstreamer1.0_1.22.12.bb} (97%) -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#201543): https://lists.openembedded.org/g/openembedded-core/message/201543 Mute This Topic: https://lists.openembedded.org/mt/107036508/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
