On Thu, Jan 21, 2016 at 12:57:52PM +0100, Martin Jansa wrote: > On Sat, Jan 09, 2016 at 04:30:26PM -0800, Armin Kuster wrote: > > Please consider these changes for dizzy-next community support. > > > > The following changes since commit 6d34267e0a13e10ab91b60590b27a2b5ba3b7da6: > > > > documentation: Changed some 'intro' tags to resolve multiple mega-manual > > warnings. (2015-11-18 16:44:05 +0000) > > > > are available in the git repository at: > > > > git://git.yoctoproject.org/poky-contrib akuster/dizzy-next > > http://git.yoctoproject.org/cgit.cgi//log/?h=akuster/dizzy-next > > This is for oe-core, right? So it shouldn't be in poky-contrib and the > http link doesn't work, it should be: > http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=akuster/dizzy-next > > > > > Armin Kuster (2): > > openssh: CVE-2015-6563 CVE-2015-6564 CVE-2015-6565 > > Fixes a heap buffer overflow in glibc wscanf. > > What is this 2nd patch? It doesn't follow commit summary convention and > I don't see it in master (at least not with this subject) > http://git.yoctoproject.org/cgit.cgi/poky-contrib/commit/?h=akuster/dizzy-next&id=4807ff0ca0abf085e6b81257534a4a62fde88d16 > > Other changes look good to me.
ping? > > Belal, Awais (1): > > grub2: Fix CVE-2015-8370 > > > > Chen Qi (1): > > image.bbclass: don't let do_rootfs depend on BUILDNAME > > > > Martin Jansa (3): > > fontcache: allow to pass extra parameters and environment to fc-cache > > texinfo: don't create dependency on INHERIT variable > > linux-dtb.inc: drop unused DTB_NAME variable from do_install > > > > Mike Crowe (1): > > allarch: Force TARGET_*FLAGS variable values > > > > Richard Purdie (2): > > layer.conf: Add several allarch dependency exclusions > > layer.conf: Add missing dependency for allarch package > > initramfs-framework > > > > Sergiy Kibrik (1): > > rsync: backport libattr checking patch > > > > Sona Sarmadi (7): > > libtasn1: CVE-2015-3622 > > grep2.19: CVE-2015-1345 > > libxml2: CVE-2015-7942 > > libxml2: CVE-2015-8035 > > openssl: CVE-2015-3194, CVE-2015-3195 > > libxml2: CVE-2015-8241 > > bind: CVE-2015-8000 > > > > Tudor Florea (2): > > glibc: use patch for CVE-2015-1781 > > unzip: CVE-2015-7696, CVE-2015-7697 > > > > meta/classes/allarch.bbclass | 4 + > > meta/classes/fontcache.bbclass | 19 +- > > meta/classes/image.bbclass | 2 +- > > meta/conf/layer.conf | 11 ++ > > ...E-2015-8370-Grub2-user-pass-vulnerability.patch | 50 ++++++ > > meta/recipes-bsp/grub/grub-efi_2.00.bb | 1 + > > meta/recipes-bsp/grub/grub_2.00.bb | 1 + > > .../bind/bind/CVE-2015-8000.patch | 194 > > +++++++++++++++++++++ > > meta/recipes-connectivity/bind/bind_9.9.5.bb | 1 + > > .../openssh/openssh/CVE-2015-6563.patch | 36 ++++ > > .../openssh/openssh/CVE-2015-6564.patch | 34 ++++ > > .../openssh/openssh/CVE-2015-6565.patch | 35 ++++ > > meta/recipes-connectivity/openssh/openssh_6.6p1.bb | 5 +- > > .../CVE-2015-3194-Add-PSS-parameter-check.patch | 37 ++++ > > ...CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch | 61 +++++++ > > .../recipes-connectivity/openssl/openssl_1.0.1p.bb | 2 + > > ...5-1472-wscanf-allocates-too-little-memory.patch | 108 ++++++++++++ > > meta/recipes-core/glibc/glibc_2.20.bb | 5 +- > > meta/recipes-core/libxml/libxml2.inc | 3 + > > .../libxml/libxml2/CVE-2015-7942.patch | 58 ++++++ > > .../libxml/libxml2/CVE-2015-8035.patch | 35 ++++ > > .../libxml/libxml2/CVE-2015-8241.patch | 41 +++++ > > .../rsync/files/check_libattr.patch | 33 ++++ > > meta/recipes-devtools/rsync/rsync_3.1.0.bb | 3 +- > > .../grep/grep-2.19/grep2.19-CVE-2015-1345.patch | 129 ++++++++++++++ > > meta/recipes-extended/grep/grep_2.19.bb | 4 +- > > meta/recipes-extended/texinfo/texinfo_5.2.bb | 2 +- > > .../unzip/unzip/CVE-2015-7696.patch | 38 ++++ > > .../unzip/unzip/CVE-2015-7697.patch | 31 ++++ > > meta/recipes-extended/unzip/unzip_6.0.bb | 2 + > > meta/recipes-kernel/linux/linux-dtb.inc | 1 - > > .../gnutls/libtasn1/libtasn1-CVE-2015-3622.patch | 44 +++++ > > meta/recipes-support/gnutls/libtasn1_4.0.bb | 1 + > > scripts/postinst-intercepts/update_font_cache | 4 +- > > 34 files changed, 1020 insertions(+), 15 deletions(-) > > create mode 100644 > > meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch > > create mode 100644 meta/recipes-connectivity/bind/bind/CVE-2015-8000.patch > > create mode 100644 > > meta/recipes-connectivity/openssh/openssh/CVE-2015-6563.patch > > create mode 100644 > > meta/recipes-connectivity/openssh/openssh/CVE-2015-6564.patch > > create mode 100644 > > meta/recipes-connectivity/openssh/openssh/CVE-2015-6565.patch > > create mode 100644 > > meta/recipes-connectivity/openssl/openssl/CVE-2015-3194-Add-PSS-parameter-check.patch > > create mode 100644 > > meta/recipes-connectivity/openssl/openssl/CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch > > create mode 100644 > > meta/recipes-core/glibc/glibc/CVE-2015-1472-wscanf-allocates-too-little-memory.patch > > create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2015-7942.patch > > create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2015-8035.patch > > create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2015-8241.patch > > create mode 100644 meta/recipes-devtools/rsync/files/check_libattr.patch > > create mode 100644 > > meta/recipes-extended/grep/grep-2.19/grep2.19-CVE-2015-1345.patch > > create mode 100644 meta/recipes-extended/unzip/unzip/CVE-2015-7696.patch > > create mode 100644 meta/recipes-extended/unzip/unzip/CVE-2015-7697.patch > > create mode 100644 > > meta/recipes-support/gnutls/libtasn1/libtasn1-CVE-2015-3622.patch > > > > -- > > 1.9.1 > > > > -- > > _______________________________________________ > > Openembedded-core mailing list > > [email protected] > > http://lists.openembedded.org/mailman/listinfo/openembedded-core > > -- > Martin 'JaMa' Jansa jabber: [email protected] -- Martin 'JaMa' Jansa jabber: [email protected]
signature.asc
Description: Digital signature
-- _______________________________________________ Openembedded-core mailing list [email protected] http://lists.openembedded.org/mailman/listinfo/openembedded-core
