Re: [OE-core][kirkstone 00/28] Pull request (cover letter only)
On Wed, Mar 8, 2023 at 3:27 AM Steve Sakoman wrote: > The following changes since commit > b20e2134daec33fbb8ce358d984751d887752bd5: > > build-appliance-image: Update to kirkstone head revision (2023-02-27 > 23:39:05 +) > > are available in the Git repository at: > > https://git.openembedded.org/openembedded-core-contrib > stable/kirkstone-next > > http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-next Acked-by: Martin Jansa -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#178213): https://lists.openembedded.org/g/openembedded-core/message/178213 Mute This Topic: https://lists.openembedded.org/mt/97465094/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][kirkstone 00/28] Pull request (cover letter only)
The following changes since commit b20e2134daec33fbb8ce358d984751d887752bd5:
build-appliance-image: Update to kirkstone head revision (2023-02-27 23:39:05
+)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-next
Alexander Kanavin (4):
vim: update 9.0.1211 -> 9.0.1293 to resolve open CVEs
dbus: upgrade 1.14.4 -> 1.14.6
linux-firmware: upgrade 20230117 -> 20230210
wireless-regdb: upgrade 2022.08.12 -> 2023.02.13
Alexis Lothoré (1):
oeqa/selftest/resulttooltests: fix minor typo
Bruce Ashfield (1):
lttng-modules: fix for kernel 6.2+
Changqing Li (1):
libsdl2: fix CVE-2022-4743
Dmitry Baryshkov (2):
linux-firmware: properly set license for all Qualcomm firmware
linux-firmware: add yamato fw files to qcom-adreno-a2xx package
Federico Pellegrin (1):
curl: fix dependencies when building with ldap/ldaps
Hitendra Prajapati (1):
less: backport the fix for CVE-2022-46663
Joe Slater (1):
nghttp2: never build python bindings
Kai Kang (1):
xserver-xorg: 21.1.6 -> 21.1.7
Mateusz Marciniec (1):
sstatesig: Improve output hash calculation
Mikko Rapeli (2):
oeqa ssh.py: fix hangs in run()
runqemu: kill qemu if it hangs
Narpat Mali (1):
libseccomp: fix for the ptest result format
Pavel Zhukov (1):
wic: Fix usage of fstype=none in wic
Richard Purdie (1):
libssh2: Clean up ptest patch/coverage
Ross Burton (1):
lib/buildstats: handle tasks that never finished
Saul Wold (2):
package.bbclase: Add check for /build in copydebugsources()
busybox: Fix depmod patch
Siddharth Doshi (1):
openssl: Upgrade 3.0.7 -> 3.0.8
Ulrich Ölmann (1):
kernel-yocto: fix kernel-meta data detection
Wang Mingyu (2):
libjpeg-turbo: upgrade 2.1.5 -> 2.1.5.1
xwayland: upgrade 22.1.7 -> 22.1.8
Xiangyu Chen (1):
dhcpcd: fix dhcpcd start failure on qemuppc64
Yash Shinde (1):
binutils : Fix CVE-2023-22608
meta/classes/kernel-yocto.bbclass | 2 +-
meta/classes/package.bbclass | 7 +
meta/lib/oe/sstatesig.py | 4 +
meta/lib/oeqa/core/target/ssh.py | 39 +-
.../oeqa/selftest/cases/resulttooltests.py| 2 +-
.../dhcpcd/dhcpcd_9.4.1.bb| 1 +
...x-SECCOMP_AUDIT_ARCH-missing-ppc64le.patch | 34 ++
.../openssl/openssl/CVE-2022-3996.patch | 43 --
.../{openssl_3.0.7.bb => openssl_3.0.8.bb}| 3 +-
...001-depmod-Ignore-.debug-directories.patch | 2 +-
.../dbus/{dbus_1.14.4.bb => dbus_1.14.6.bb} | 4 +-
.../binutils/binutils-2.38.inc| 3 +
.../binutils/0020-CVE-2023-22608-1.patch | 506 ++
.../binutils/0020-CVE-2023-22608-2.patch | 210
.../binutils/0020-CVE-2023-22608-3.patch | 32 ++
.../less/less/CVE-2022-46663.patch| 31 ++
meta/recipes-extended/less/less_600.bb| 1 +
...urbo_2.1.5.bb => libjpeg-turbo_2.1.5.1.bb} | 2 +-
...ial-memory-leak-in-GLES_CreateTextur.patch | 40 ++
.../libsdl2/libsdl2_2.0.20.bb | 1 +
...-xorg_21.1.6.bb => xserver-xorg_21.1.7.bb} | 2 +-
...{xwayland_22.1.7.bb => xwayland_22.1.8.bb} | 2 +-
...20230117.bb => linux-firmware_20230210.bb} | 41 +-
...ccessor-helpers-into-accessors.h-v6..patch | 45 ++
.../lttng/lttng-modules_2.13.8.bb | 1 +
08.12.bb => wireless-regdb_2023.02.13.bb} | 2 +-
meta/recipes-support/curl/curl_7.82.0.bb | 4 +-
.../libseccomp/files/run-ptest| 3 +
...nviroment-to-decide-if-a-test-is-bui.patch | 44 --
.../libssh2/libssh2/fix-ssh2-test.patch | 23 +
.../libssh2/{files => libssh2}/run-ptest | 3 +-
.../recipes-support/libssh2/libssh2_1.10.0.bb | 3 +-
.../recipes-support/nghttp2/nghttp2_1.47.0.bb | 4 +
meta/recipes-support/vim/vim.inc | 4 +-
scripts/lib/buildstats.py | 33 +-
scripts/lib/wic/partition.py | 5 +
scripts/runqemu | 24 +-
37 files changed, 1075 insertions(+), 135 deletions(-)
create mode 100644
meta/recipes-connectivity/dhcpcd/files/0001-privsep-linux-fix-SECCOMP_AUDIT_ARCH-missing-ppc64le.patch
delete mode 100644
meta/recipes-connectivity/openssl/openssl/CVE-2022-3996.patch
rename meta/recipes-connectivity/openssl/{openssl_3.0.7.bb =>
openssl_3.0.8.bb} (98%)
rename meta/recipes-core/dbus/{dbus_1.14.4.bb => dbus_1.14.6.bb} (98%)
create mode 100644
meta/recipes-devtools/binutils/binutils/0020-CVE-2023-22608-1.patch
create mode 100644
meta/recipes-devtools/binutils/binutils/0020-CVE-2023-22608-2.patch
create mode 100644
meta/recipes-devtools/binutils/binutils/0020-CVE-2023-22608-3.patch
create mode 100644 meta/recipes-extended/less/less/CVE-2022-46663.patch
rename meta/recipes-graphics/jpeg/{libjpeg-turbo_2.1.5.bb =>
libjpeg-turbo_2.1.5.1.bb} (97%)
create mode 100644
[OE-core][kirkstone 00/28] Pull request (cover letter only)
The following changes since commit 10891d4d955f347c328cf8c099031f05f5c855a2:
lttng-modules: replace mips compaction fix with upstream change (2022-08-17
04:55:49 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/kirkstone-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-next
Alexander Kanavin (9):
bluez5: update 5.64 -> 5.65
libwpe: upgrade 1.12.0 -> 1.12.2
ell: upgrade 0.49 -> 0.50
iso-codes: upgrade 4.10.0 -> 4.11.0
libcap: upgrade 2.64 -> 2.65
libwebp: upgrade 1.2.2 -> 1.2.3
mobile-broadband-provider-info: upgrade 20220511 -> 20220725
webkitgtk: upgrade 2.36.4 -> 2.36.5
weston: upgrade 10.0.1 -> 10.0.2
Beniamin Sandu (1):
libpam: use /run instead of /var/run in systemd tmpfiles
Changqing Li (1):
apt: fix nativesdk-apt build failure during the second time build
Daiane Angolini (1):
python3-pip: Fix RDEPENDS after the update
Ernst Sjöstrand (1):
cve-check: Don't use f-strings
Hitendra Prajapati (1):
libtiff: CVE-2022-34526 A stack overflow was discovered
Jose Quaresma (2):
archiver.bbclass: some recipes that uses the kernelsrc bbclass uses
the shared source
linux-yocto: prepend the the value with a space when append to
KERNEL_EXTRA_ARGS
Kai Kang (1):
packagegroup-self-hosted: update for strace
Khem Raj (4):
libxml2: Ignore CVE-2016-3709
connman: Backports for security fixes
cracklib: Drop using register keyword
tcp-wrappers: Fix implicit-function-declaration warnings
Peter Marko (1):
create-spdx: handle links to inaccessible locations
Richard Purdie (1):
perf: Fix reproducibility issues with 5.19 onwards
Sakib Sajal (3):
u-boot: fix CVE-2022-30552
u-boot: fix CVE-2022-33967
go: update v1.17.12 -> v1.17.13
Yongxin Liu (1):
grub2: fix several CVEs
wangmy (1):
libcap: upgrade 2.63 -> 2.64
meta/classes/archiver.bbclass | 4 +-
meta/classes/create-spdx.bbclass | 2 +-
meta/lib/oe/cve_check.py | 2 +-
...g-Drop-greyscale-support-to-fix-heap.patch | 179 +
...ng-Avoid-heap-OOB-R-W-inserting-huff.patch | 50 ++
...peg-Block-int-underflow-wild-pointer.patch | 84 +++
...3-net-ip-Do-IP-fragment-maths-safely.patch | 63 ++
...or-out-on-headers-with-LF-without-CR.patch | 58 ++
...Fix-OOB-write-for-split-http-headers.patch | 56 ++
...ct-non-kernel-files-in-the-shim_lock.patch | 111 +++
.../video-Remove-trailing-whitespaces.patch | 693 ++
...eg-Abort-sooner-if-a-read-operation-.patch | 264 +++
...eg-Refuse-to-handle-multiple-start-o.patch | 53 ++
meta/recipes-bsp/grub/grub2.inc | 10 +
...s-squashfs-Use-kcalloc-when-relevant.patch | 64 ++
...e-minimum-IP-fragmented-datagram-siz.patch | 207 ++
meta/recipes-bsp/u-boot/u-boot_2022.01.bb | 2 +
meta/recipes-connectivity/bluez5/bluez5.inc | 1 -
.../bluez5/bluez5/fix_service.patch | 30 -
.../bluez5/{bluez5_5.64.bb => bluez5_5.65.bb} | 2 +-
.../connman/connman/CVE-2022-32292.patch | 37 +
.../connman/connman/CVE-2022-32293_p1.patch | 141
.../connman/connman/CVE-2022-32293_p2.patch | 174 +
.../connman/connman_1.41.bb | 3 +
.../mobile-broadband-provider-info_git.bb | 4 +-
.../ell/{ell_0.49.bb => ell_0.50.bb} | 2 +-
meta/recipes-core/libxml/libxml2_2.9.14.bb| 4 +
.../packagegroups/packagegroup-self-hosted.bb | 5 +-
meta/recipes-devtools/apt/apt_2.4.5.bb| 2 +-
.../go/{go-1.17.12.inc => go-1.17.13.inc} | 2 +-
...1.17.12.bb => go-binary-native_1.17.13.bb} | 4 +-
17.12.bb => go-cross-canadian_1.17.13.bb} | 0
...o-cross_1.17.12.bb => go-cross_1.17.13.bb} | 0
...ssdk_1.17.12.bb => go-crosssdk_1.17.13.bb} | 0
...native_1.17.12.bb => go-native_1.17.13.bb} | 0
...ntime_1.17.12.bb => go-runtime_1.17.13.bb} | 0
.../go/{go_1.17.12.bb => go_1.17.13.bb} | 0
.../python/python3-pip_22.0.3.bb | 2 +
...01-rules-Drop-using-register-keyword.patch | 278 +++
...rrect-parameter-types-to-Debug-calls.patch | 40 +
.../cracklib/cracklib_2.9.7.bb| 5 +-
meta/recipes-extended/pam/libpam/99_pam | 2 +-
...plicit-function-declaration-warnings.patch | 109 +++
.../tcp-wrappers/tcp-wrappers_7.6.bb | 1 +
.../weston/dont-use-plane-add-prop.patch | 32 -
.../{weston_10.0.1.bb => weston_10.0.2.bb}| 4 +-
meta/recipes-kernel/linux/linux-yocto.inc | 2 +-
meta/recipes-kernel/perf/perf.bb | 2 +-
.../libtiff/tiff/CVE-2022-34526.patch | 29 +
meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 1 +
.../{libwebp_1.2.2.bb => libwebp_1.2.3.bb}| 2 +-
...ure-due-to-libc-using-libc-functions.patch | 42 ++
.../{libwpe_1.12.0.bb => libwpe_1.12.2.bb}| 6 +-
...ebkitgtk_2.36.4.bb => webkitgtk_2.36.5.bb} | 2 +-
...so-codes_4.10.0.bb => iso-codes_4.11.0.bb} | 2 +-
