Please review this set of changes for kirkstone and have comments back by end of day Thursday, August 15
Passed a-full on autobuilder: https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/7236 The following changes since commit 2721f84ba755ceea5780e44feb0713ad8c4d0217: lttng-modules: Upgrade 2.13.9 -> 2.13.14 (2024-08-02 12:10:02 -0700) are available in the Git repository at: https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut Archana Polampalli (4): ghostscript: fix CVE-2024-29511 ghostscript: fix CVE-2024-29509 ghostscript: fix CVE-2024-29506 go: fix CVE-2024-24791 Hitendra Prajapati (1): busybox: CVE-2023-42364, CVE-2023-42365, CVE-2023-42366 fixes Peter Marko (1): libyaml: Update status of CVE-2024-35328 Richard Purdie (1): cve_check: Use a local copy of the database during builds Ross Burton (1): python3-pycryptodome(x): use python_setuptools_build_meta build class Soumya Sambu (1): python3-certifi: Fix CVE-2024-39689 Vijay Anusuri (1): orc: upgrade 0.4.32 -> 0.4.39 Yogita Urade (1): ofono: fix CVE-2023-2794 meta/classes/cve-check.bbclass | 7 +- .../ofono/ofono/CVE-2023-2794-0001.patch | 37 ++ .../ofono/ofono/CVE-2023-2794-0002.patch | 32 ++ .../ofono/ofono/CVE-2023-2794-0003.patch | 44 +++ .../ofono/ofono/CVE-2023-2794-0004.patch | 127 +++++++ meta/recipes-connectivity/ofono/ofono_1.34.bb | 4 + .../busybox/CVE-2023-42364_42365-1.patch | 197 ++++++++++ .../busybox/CVE-2023-42364_42365-2.patch | 96 +++++ .../busybox/busybox/CVE-2023-42366.patch | 36 ++ meta/recipes-core/busybox/busybox_1.35.0.bb | 3 + .../meta/cve-update-nvd2-native.bb | 18 +- meta/recipes-devtools/go/go-1.17.13.inc | 1 + .../go/go-1.21/CVE-2024-24791.patch | 359 ++++++++++++++++++ .../orc/{orc_0.4.32.bb => orc_0.4.39.bb} | 2 +- .../python3-certifi/CVE-2024-39689.patch | 69 ++++ .../python/python3-certifi_2021.10.8.bb | 1 + .../python/python3-pycryptodome_3.14.1.bb | 2 +- .../python/python3-pycryptodomex_3.14.1.bb | 2 +- .../ghostscript/CVE-2024-29506.patch | 45 +++ .../ghostscript/CVE-2024-29509.patch | 45 +++ .../ghostscript/CVE-2024-29511-0001.patch | 100 +++++ .../ghostscript/CVE-2024-29511-0002.patch | 219 +++++++++++ .../ghostscript/ghostscript_9.55.0.bb | 4 + meta/recipes-support/libyaml/libyaml_0.2.5.bb | 3 + 24 files changed, 1442 insertions(+), 11 deletions(-) create mode 100644 meta/recipes-connectivity/ofono/ofono/CVE-2023-2794-0001.patch create mode 100644 meta/recipes-connectivity/ofono/ofono/CVE-2023-2794-0002.patch create mode 100644 meta/recipes-connectivity/ofono/ofono/CVE-2023-2794-0003.patch create mode 100644 meta/recipes-connectivity/ofono/ofono/CVE-2023-2794-0004.patch create mode 100644 meta/recipes-core/busybox/busybox/CVE-2023-42364_42365-1.patch create mode 100644 meta/recipes-core/busybox/busybox/CVE-2023-42364_42365-2.patch create mode 100644 meta/recipes-core/busybox/busybox/CVE-2023-42366.patch create mode 100644 meta/recipes-devtools/go/go-1.21/CVE-2024-24791.patch rename meta/recipes-devtools/orc/{orc_0.4.32.bb => orc_0.4.39.bb} (92%) create mode 100644 meta/recipes-devtools/python/python3-certifi/CVE-2024-39689.patch create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-29506.patch create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-29509.patch create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-29511-0001.patch create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-29511-0002.patch -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#203264): https://lists.openembedded.org/g/openembedded-core/message/203264 Mute This Topic: https://lists.openembedded.org/mt/107874792/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
