On 2019/7/20 上午6:28, richard.pur...@linuxfoundation.org wrote:
On Fri, 2019-07-19 at 22:35 +0100, Burton, Ross wrote:
On Thu, 4 Jul 2019 at 15:40, wrote:
+++ b/meta/conf/distro/include/init-manager-systemd.inc
@@ -0,0 +1,6 @@
+# Use systemd for system initialization
+DISTRO_FEATURES_append =
Signed-off-by: Oleksandr Kravchuk
---
.../xorg-app/{xinput_1.6.2.bb => xinput_1.6.3.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta/recipes-graphics/xorg-app/{xinput_1.6.2.bb => xinput_1.6.3.bb}
(67%)
diff --git
Remove upstreamed patches and manually package symlinks which aren't
handled by do_split_package.
Changelog:
http://git.netfilter.org/iptables/log/?qt=range=v1.8.3...v1.8.2
Signed-off-by: Anuj Mittal
---
...format-security-fixes-in-libipt_icmp.patch | 61 -
Fixes build for older versions of git (like on CentOS 7) which don't
follow redirects properly if the .git suffix is missing and cause
errors:
| error: RPC failed; result=22, HTTP code = 404
| fatal: The remote end hung up unexpectedly
Signed-off-by: Anuj Mittal
---
Signed-off-by: Oleksandr Kravchuk
---
.../{python3-docutils_0.14.bb => python3-docutils_0.15.bb} | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
rename meta/recipes-devtools/python/{python3-docutils_0.14.bb =>
python3-docutils_0.15.bb} (74%)
diff --git
Got rid of python-git since there is no python2 version of the package.
Signed-off-by: Oleksandr Kravchuk
---
meta/recipes-devtools/python/python3-mako_1.0.13.bb | 3 ---
.../python/{python-mako.inc => python3-mako_1.0.14.bb} | 6 +++---
2 files changed, 3 insertions(+), 6
Got rid of python-git since there is no python2 version of the package.
Signed-off-by: Oleksandr Kravchuk
---
meta/recipes-devtools/python/python3-git_2.1.11.bb | 2 --
.../python/{python-git.inc => python3-git_2.1.12.bb} | 7 ---
2 files changed, 4 insertions(+), 5
Signed-off-by: Oleksandr Kravchuk
---
...n3-scons-native_3.0.5.bb => python3-scons-native_3.1.0.bb} | 0
.../python/{python3-scons_3.0.5.bb => python3-scons_3.1.0.bb} | 4 ++--
2 files changed, 2 insertions(+), 2 deletions(-)
rename meta/recipes-devtools/python/{python3-scons-native_3.0.5.bb =>
Signed-off-by: Oleksandr Kravchuk
---
meta/recipes-devtools/python/python3-pbr_5.4.0.bb | 5 -
meta/recipes-devtools/python/python3-pbr_5.4.1.bb | 5 +
2 files changed, 5 insertions(+), 5 deletions(-)
delete mode 100644 meta/recipes-devtools/python/python3-pbr_5.4.0.bb
create mode
Signed-off-by: Oleksandr Kravchuk
---
...hon-scons-native_3.0.5.bb => python-scons-native_3.1.0.bb} | 0
.../python/{python-scons_3.0.5.bb => python-scons_3.1.0.bb} | 4 ++--
2 files changed, 2 insertions(+), 2 deletions(-)
rename meta/recipes-devtools/python/{python-scons-native_3.0.5.bb =>
On Fri, Jul 19, 2019 at 1:09 AM Nicolas Dechesne
wrote:
>
> hi Andre!
Hi Nico! :-)
> has anything more been done on that topic? I happen to now need
> something similar. E.g. packaging for proprietary content, and google
> led me to this discussion. What's the recommended approach nowadays to
On Sat, Jul 20, 2019 at 11:00:57AM -0700, Khem Raj wrote:
>...
> ++#if !defined(FNM_EXTMATCH)
> ++# define FNM_EXTMATCH (0)
> ++#endif
>...
As already said in [1] this is expected to result in broken code,
and the upstream testsuite also confirms this.
cu
Adrian
[1]
On Sun, Jul 21, 2019 at 7:25 AM Armin Kuster wrote:
>
> Comments regarding this patch series due by Wednesday.
>
> The following changes since commit f162d5bfe6eaeca24f441c83c87252c8d05744fc:
>
> core-image-sato-sdk-ptest: Tweak size to stay within 4GB limit (2019-05-17
> 22:05:59 -0700)
>
>
From: Armin Kuster
Source: qemu.org
MR: 98623
Type: Security Fix
Disposition: Backport from qemu.org
ChangeID: 03b3f28e5860ef1cb9f58dce89f252bd7ed59f37
Description:
Fixes both CVE-2018-20815 and CVE-2019-9824
Signed-off-by: Armin Kuster
Signed-off-by: Armin Kuster
---
From: Ross Burton
Backport the fixes for several CVEs from the 2.28 stable branch:
- CVE-2016-10739
- CVE-2018-19591
Signed-off-by: Ross Burton
[Dropped CVE-2019-9169 as its in my contrib already]
Signed-off-by: Armin Kuster
---
meta/recipes-core/glibc/glibc/CVE-2016-10739.patch | 232
From: Armin Kuster
Source: gnome.org
MR: 98802
Type: Security Fix
Disposition: Backport from
https://gitlab.gnome.org/GNOME/glib/commit/d553d92d6e9f53cbe5a34166fcb919ba652c6a8e
ChangeID: b73c332f27f47ddc1b1cfd7424f24778acc0c318
Description:
includes supporting patch.
Fixes CVE-2019-9633
From: Robert Yang
Use 4 spaces to replace a tab.
Signed-off-by: Robert Yang
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
meta/classes/uboot-sign.bbclass | 20 ++--
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git
From: Ross Burton
Signed-off-by: Ross Burton
Signed-off-by: Armin Kuster
---
.../lighttpd/lighttpd/fix-http-parseopts.patch | 51 ++
meta/recipes-extended/lighttpd/lighttpd_1.4.51.bb | 1 +
2 files changed, 52 insertions(+)
create mode 100644
From: Richard Purdie
The 2.6 release contains both libcrypt.so.1 and libcrypt.so.2 which fixes
compatibility with recent fedora/suse releases.
The difference is one is built with obsolete APIs enabled and one disabled.
We now ship both in uninative for compatibility regardless of which distro
a
From: Richard Purdie
(From OE-Core rev: 29fc9210b973be68de474e75068e4c72371afe5a)
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
meta/classes/uninative.bbclass | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/meta/classes/uninative.bbclass
From: Armin Kuster
Source: qemu.org
MR: 98382
Type: Security Fix
Disposition: Backport from
https://git.qemu.org/?p=qemu.git;a=commit;h=d52680fc932efb8a2f334cc6993e705ed1e31e99
ChangeID: e4e5983ec1fa489eb8a0db08d1afa0606e59dde3
Description:
Fixes CVE-2019-12155
Affects: <= 4.0.0
Signed-off-by:
From: Armin Kuster
Source: CUrl.org
MR: 98455
Type: Security Fix
Disposition: Backport from https://curl.haxx.se/
ChangeID: 86b094a440ea473b114764e8d64df8142d561609
Description:
Fixes CVE-2019-5435 CVE-2019-5436
Signed-off-by: Armin Kuster
---
From: Richard Purdie
This includes libstdc++ changes from gcc 9.X.
It also switches uninative from bz2 to xz compression.
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
meta/conf/distro/include/yocto-uninative.inc | 8
1 file changed, 4 insertions(+), 4 deletions(-)
From: Armin Kuster
Source: http://git.savannah.gnu.org/cgit/wget.git
MR: 89341
Type: Security Fix
Disposition: Backport from
http://git.savannah.gnu.org/cgit/wget.git/commit/?id=692d5c5215de0db482c252492a92fc424cc6a97c
ChangeID: 1c19a2fd7ead88cc4ee92d425179d60d4635864b
Description:
Fixes
From: Joshua DeWeese
I goofed up the scissor line on the last attempt. Not sure how much it matters,
but here it is correct this time.
Here it is, updated to work with wpa-supplicant_2.6.bb.
-- >8 --
https://www.freedesktop.org/software/systemd/man/systemd.unit.html#WantedBy=
When building
From: Armin Kuster
Source: glib-2.0
MR: 98443
Type: Security Fix
Disposition: Backport from
https://gitlab.gnome.org/GNOME/glib/commit/d8f8f4d637ce43f8699ba94c9b7648beda0ca174
ChangeID: 880b9b349cb8d82c7c1314a3657ec9094baba741
Description:
Signed-off-by: Armin Kuster
---
From: Armin Kuster
Source: Qemu.org
MR: 97453
Type: Security Fix
Disposition: Backport from git.qemu.org/gemu.git
ChangeID: a06fcb432d447cec2ed1caf112822dd1b4831ace
Description:
In the spirt of YP Compatible, sending change upstream.
fixes CVE CVE-2018-19489
Affect < = 4.0.0
Signed-off-by:
From: Armin Kuster
Source: golang.org
MR: 97548,
Type: Security Fix
Disposition: Backport from
https://github.com/golang/go/issues?q=milestone%3AGo1.11.5
ChangeID: 54377c454f038a41bf35dd447a784e3e66db6268
Description:
Bug fix updates only
https://golang.org/doc/devel/release.html#go1.11
From: Richard Purdie
The crosssdk dependencies are handled using the virtual/ namespace so
this name doesn't matter in the general sense. We want to be able to provide
recipe maintainer information through overrides though, so this standardises it
with the behaviour from gcc-crosssdk and ensures
From: Armin Kuster
Source: tar.git
MR: 97928
Type: Security Fix
Disposition: Backport from
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120
ChangeID: 7aee4c0daf8ce813242fe7b872583560a32bc4e3
Description:
Affects tar < 1.32
fixes CVE-2019-9923
From: Khem Raj
Source: OpenEmbedded.org
MR: 98328, 98329, 98330
Type: Security Fix
Disposition: Backport from
https://git.openembedded.org/openembedded-core/commit/meta/recipes-devtools/go?h=warrior=b964551a0d08aa921d4e0ceea2f1e28a5e83510e
ChangeID: 0b4cc69c357ba14c4e7a6c7ff926cfc6f09489b2
From: Hongxu Jia
Go binaries were installed to ${libdir}/go/bin, and create symlink
in ${bindir}, while enabling multilib, libdir was extended (such as
/usr/lib64), but BASELIB was not (still /lib), so use
baselib (such as /lib64)) to replace
Signed-off-by: Hongxu Jia
Signed-off-by: Richard
From: Ross Burton
Source: OpenEmbedded.org
MR: 97538, 97543
Type: Security Fix
Disposition: Backport from
https://git.openembedded.org/openembedded-core/commit/meta/recipes-graphics/cairo?h=warrior=078e4d5c2114d942806cd0d5ad501805a011e841
ChangeID: fa8bdd44ad8613bb0679a1f6d9d670c3b47a0677
From: Chen Qi
Source: OpenEmbedded.org
MR: 97351
Type: Integration
Disposition: Backport from
https://git.openembedded.org/openembedded-core/commit/meta/recipes-extended/cups?h=warrior=ee57d79aec06e9b160cf2713636cda650ba68d5a
ChangeID: ee57d79aec06e9b160cf2713636cda650ba68d5a
Description:
The
From: Chen Qi
Source: OpenEmbedded.org
MR: 97351
Type: Security Fix
Disposition: Backport from
https://git.openembedded.org/openembedded-core/commit/meta/recipes-extended/cups?h=warrior=fbe7a0c9bab7c9be7fd2c0da8b2af61e66de1ebd
ChangeID: fbe7a0c9bab7c9be7fd2c0da8b2af61e66de1ebd
Description:
From: Armin Kuster
Source: sqlite.org
MR: 97484, 97490
Type: Security Fix
Disposition: Backport from sqilte.org
ChangeID: c6105b5d3ce4fb2c0f38c3cab745b769d2df38f5
Description:
Affects < 3.26.0
fixes:
CVE-2018-20505
CVE-2018-20506
Signed-off-by: Armin Kuster
Signed-off-by: Armin Kuster
---
From: Armin Kuster
Source: https://github.com/file
MR: 97573, 97578, 97583, 97588
Type: Security Fix
Disposition: Backport from https://github.com/file/file
ChangeID: 159e532d518623f19ba777c8edc24d2dc7e3a4e9
Description:
CVE-2019-8905 is the same fix as CVE-2019-8907
Affects < 5.36.0
Fixes:
From: Martin Jansa
Source: OpenEmbedded.org
MR: 98320, 98319
Type: Security Fix
Disposition: Backport from
https://git.openembedded.org/openembedded-core/commit/meta/recipes-devtools/python/python_2.7.16.bb?id=9d23b982fa4e0290761b3d15f6959779fed72ad6
ChangeID:
Source: busybox.git
MR: 97332
Type: Security Fix
Disposition: Backport from busybox.git
ChangeID: ec203c79e7322de1ed5721d08b6f59b1eca67c7d
Description:
Affects < 1.30.0
Fixes:
CVE-2018-20679
CVE-2019-5747
Signed-off-by: Armin Kuster
---
.../busybox/busybox/CVE-2018-20679.patch | 142
From: Armin Kuster
Source: Python.org
MR: 98220
Type: Security Fix & Integration
Disposition: Backport from python.org
ChangeID: 96fdd2dee9fe9317eb72584583ae0100c0be9eaa
Description:
Bug fix update per Python.org
https://www.python.org/downloads/release/python-2716/
drop backported patch
From: Armin Kuster
Source: http://sourceware.org/git/elfutils.git
MR: 97563, 97568, 97558
Type: Security Fix
Disposition: Backport from http://sourceware.org/git/elfutils.git
ChangeID: 6183c2a25d5e32eec1846a428dd165e1de659f24
Description:
Affects <= 0.175
Fixes:
CVE-2019-7146
CVE-2019-7149
From: Armin Kuster
Signed-off-by: Armin Kuster
---
meta/recipes-core/glibc/glibc/CVE-2019-9169.patch | 63 +++
meta/recipes-core/glibc/glibc_2.28.bb | 1 +
2 files changed, 64 insertions(+)
create mode 100644 meta/recipes-core/glibc/glibc/CVE-2019-9169.patch
From: Armin Kuster
Source: qemu.org
MR: 97258, 97342, 97438, 97443
Type: Security Fix
Disposition: Backport from git.qemu.org/qemu.git
ChangeID: a5e9fd03ca5bebc880dcc3c4567e10a9ae47dba5
Description:
These issues affect qemu < 3.1.0
Fixes:
CVE-2018-16867
CVE-2018-16872
CVE-2018-18849
Comments regarding this patch series due by Wednesday.
The following changes since commit f162d5bfe6eaeca24f441c83c87252c8d05744fc:
core-image-sato-sdk-ptest: Tweak size to stay within 4GB limit (2019-05-17
22:05:59 -0700)
are available in the git repository at:
44 matches
Mail list logo