Please review this set of patches for dunfell and have comments back by end of day Tuesday.
Passed a-full on autobuilder: https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3993 The following changes since commit 3f40d5f095ceb099b604750db96058df00fcd49e: build-appliance-image: Update to dunfell head revision (2022-07-25 15:09:15 +0100) are available in the Git repository at: git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut Hitendra Prajapati (5): gnupg: CVE-2022-34903 possible signature forgery via injection into the status line grub2: Fix buffer underflow write in the heap qemu: CVE-2022-35414 can perform an uninitialized read on the translate_fail path, leading to an io_readx or io_writex crash libTiff: CVE-2022-2056 CVE-2022-2057 CVE-2022-2058 DoS from Divide By Zero Error libtirpc: CVE-2021-46828 DoS vulnerability with lots of connections LUIS ENRIQUEZ (1): kernel-fitimage.bbclass: add padding algorithm property in config nodes Sana.Kazi (1): libjpeg-turbo: Fix CVE-2021-46822 meta/classes/kernel-fitimage.bbclass | 5 + .../grub/files/CVE-2021-3695.patch | 178 +++++++++++++++++ .../grub/files/CVE-2021-3696.patch | 46 +++++ .../grub/files/CVE-2021-3697.patch | 82 ++++++++ meta/recipes-bsp/grub/grub2.inc | 5 +- meta/recipes-devtools/qemu/qemu.inc | 1 + .../qemu/qemu/CVE-2022-35414.patch | 53 +++++ .../libtirpc/libtirpc/CVE-2021-46828.patch | 155 +++++++++++++++ .../libtirpc/libtirpc_1.2.6.bb | 4 +- .../jpeg/files/CVE-2021-46822.patch | 133 +++++++++++++ .../jpeg/libjpeg-turbo_2.0.4.bb | 1 + ...022-2056-CVE-2022-2057-CVE-2022-2058.patch | 183 ++++++++++++++++++ meta/recipes-multimedia/libtiff/tiff_4.1.0.bb | 1 + .../gnupg/gnupg/CVE-2022-34903.patch | 44 +++++ meta/recipes-support/gnupg/gnupg_2.2.27.bb | 1 + 15 files changed, 890 insertions(+), 2 deletions(-) create mode 100644 meta/recipes-bsp/grub/files/CVE-2021-3695.patch create mode 100644 meta/recipes-bsp/grub/files/CVE-2021-3696.patch create mode 100644 meta/recipes-bsp/grub/files/CVE-2021-3697.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2022-35414.patch create mode 100644 meta/recipes-extended/libtirpc/libtirpc/CVE-2021-46828.patch create mode 100644 meta/recipes-graphics/jpeg/files/CVE-2021-46822.patch create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2022-2056-CVE-2022-2057-CVE-2022-2058.patch create mode 100644 meta/recipes-support/gnupg/gnupg/CVE-2022-34903.patch -- 2.25.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#168665): https://lists.openembedded.org/g/openembedded-core/message/168665 Mute This Topic: https://lists.openembedded.org/mt/92693147/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
