[prev in list] [next in list] [prev in thread] [next in thread]
List: openembedded-core
Subject: [OE-core][dunfell 00/10] Patch review
From: "Steve Sakoman" <steve () sakoman ! com>
Date: 2023-06-30 2:33:13
Message-ID: cover.1688092252.git.steve () sakoman ! com
[Download RAW message or body]
Content-Transfer-Encoding: 8bit
Please review this set of changes for dunfell and have comments back by
end of day Monday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5542
The following changes since commit 2aa82324d43467e7c8bfbbb59570ee3306264b75:
systemd-systemctl: support instance expansion in WantedBy (2023-06-19 06:23:31 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut
Ashish Sharma (1):
go: Backport fix CVE-2023-29405
Bruce Ashfield (5):
linux-yocto/5.4: update to v5.4.246
linux-yocto/5.4: update to v5.4.247
linux-yocto/5.4: update to v5.4.248
linux-yocto-rt/54: fix 5.4-rt build breakage
linux-yocto/5.4: cfg: fix DECNET configuration warning
Hitendra Prajapati (1):
go: fix CVE-2023-29402 & CVE-2023-29404
Ross Burton (1):
ninja: Whitelist CVE-2021-4336, wrong ninja
Vijay Anusuri (2):
libjpeg-turbo: CVE-2020-35538 Null pointer dereference in
jcopy_sample_rows() function
libcap: backport Debian patches to fix CVE-2023-2602 and CVE-2023-2603
meta/recipes-devtools/go/go-1.14.inc | 4 +
.../go/go-1.14/CVE-2023-29402.patch | 201 ++++++++
.../go/go-1.14/CVE-2023-29404.patch | 84 ++++
.../go/go-1.14/CVE-2023-29405-1.patch | 112 +++++
.../go/go-1.14/CVE-2023-29405-2.patch | 38 ++
meta/recipes-devtools/ninja/ninja_1.10.0.bb | 3 +
.../jpeg/files/CVE-2020-35538-1.patch | 457 ++++++++++++++++++
.../jpeg/files/CVE-2020-35538-2.patch | 400 +++++++++++++++
.../jpeg/libjpeg-turbo_2.0.4.bb | 2 +
.../linux/linux-yocto-rt_5.4.bb | 6 +-
.../linux/linux-yocto-tiny_5.4.bb | 8 +-
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +-
.../libcap/files/CVE-2023-2602.patch | 52 ++
.../libcap/files/CVE-2023-2603.patch | 58 +++
meta/recipes-support/libcap/libcap_2.32.bb | 2 +
15 files changed, 1431 insertions(+), 18 deletions(-)
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-29402.patch
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-29404.patch
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-29405-1.patch
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-29405-2.patch
create mode 100644 meta/recipes-graphics/jpeg/files/CVE-2020-35538-1.patch
create mode 100644 meta/recipes-graphics/jpeg/files/CVE-2020-35538-2.patch
create mode 100644 meta/recipes-support/libcap/files/CVE-2023-2602.patch
create mode 100644 meta/recipes-support/libcap/files/CVE-2023-2603.patch
--
2.34.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#183671): https://lists.openembedded.org/g/openembedded-core/message/183671
Mute This Topic: https://lists.openembedded.org/mt/99866039/4454766
Group Owner: openembedded-core+owner@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [openembedded-core@marc.info]
-=-=-=-=-=-=-=-=-=-=-=-
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic