Please review this set of patches for kirkstone and have comments back by end of day Monday.
Passed a-full on autobuilder: https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4416 The following changes since commit fbdf93f43ff4b876487e1f26752598ec8abcb46e: build-appliance-image: Update to kirkstone head revision (2022-10-29 16:32:59 +0100) are available in the Git repository at: https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut Alex Kiernan (1): u-boot: Remove duplicate inherit of cml1 Bartosz Golaszewski (1): bluez5: add dbus to RDEPENDS Bernhard Rosenkränzer (1): cmake-native: Fix host tool contamination (Bug: 14951) Chen Qi (1): openssl: export necessary env vars in SDK Ed Tanous (1): openssl: Upgrade 3.0.5 -> 3.0.7 Frank de Brabander (1): cve-update-db-native: add timeout to urlopen() calls Hitendra Prajapati (1): openssl: CVE-2022-3358 Using a Custom Cipher with NID_undef may lead to NULL encryption Jan-Simon Moeller (1): buildtools-tarball: export certificates to python and curl Jeremy Puhlman (1): qemu-native: Add PACKAGECONFIG option for jack Joshua Watt (2): runqemu: Do not perturb script environment runqemu: Fix gl-es argument from causing other arguments to be ignored Keiya Nobuta (1): gnutls: Unified package names to lower-case Khem Raj (1): perf: Depend on native setuptools3 Liam Beguin (1): meson: make wrapper options sub-command specific Mark Hatle (1): insane.bbclass: Allow hashlib version that only accepts on parameter Narpat Mali (1): wayland: fix CVE-2021-3782 Richard Purdie (1): openssl: Fix SSL_CERT_FILE to match ca-certs location Ross Burton (7): lighttpd: fix CVE-2022-41556 expat: backport the fix for CVE-2022-43680 scripts/oe-check-sstate: cleanup scripts/oe-check-sstate: force build to run for all targets, specifically populate_sysroot opkg-utils: use a git clone, not a dynamic snapshot oe/packagemanager/rpm: don't leak file objects glib-2.0: fix rare GFileInfo test case failure Teoh Jay Shen (1): vim: Upgrade 9.0.0598 -> 9.0.0614 Thomas Perrot (1): psplash: add psplash-default in rdepends Tim Orling (1): vim: upgrade 9.0.0614 -> 9.0.0820 Vyacheslav Yurkov (1): overlayfs: Allow not used mount points Xiangyu Chen (1): ltp: backport clock_gettime04 fix from upstream Zheng Qiu (1): tiff: fix CVE-2022-2953 wangmy (1): ifupdown: upgrade 0.8.37 -> 0.8.39 meta/classes/insane.bbclass | 5 +- meta/classes/overlayfs.bbclass | 6 +- meta/lib/oe/overlayfs.py | 6 +- meta/lib/oe/package_manager/rpm/__init__.py | 33 +- meta/recipes-bsp/u-boot/u-boot.inc | 2 +- meta/recipes-connectivity/bluez5/bluez5.inc | 1 + .../openssl/files/environment.d-openssl.sh | 4 + .../{openssl_3.0.5.bb => openssl_3.0.7.bb} | 2 +- .../expat/expat/CVE-2022-43680.patch | 33 + meta/recipes-core/expat/expat_2.4.9.bb | 1 + ...-info-don-t-assume-million-in-one-ev.patch | 51 ++ meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb | 1 + ...{ifupdown_0.8.37.bb => ifupdown_0.8.39.bb} | 2 +- meta/recipes-core/meta/buildtools-tarball.bb | 2 + .../recipes-core/meta/cve-update-db-native.bb | 9 +- meta/recipes-core/psplash/psplash_git.bb | 2 +- .../cmake/cmake-native_3.22.3.bb | 1 + .../meson/meson/meson-wrapper | 21 +- .../opkg-utils/opkg-utils_0.5.0.bb | 6 +- meta/recipes-devtools/qemu/qemu.inc | 1 + .../lighttpd/lighttpd/CVE-2022-41556.patch | 31 + .../lighttpd/lighttpd_1.4.66.bb | 1 + ...set-threshold-based-on-the-clock-res.patch | 89 +++ meta/recipes-extended/ltp/ltp_20220121.bb | 1 + .../wayland/wayland/CVE-2021-3782.patch | 111 ++++ .../wayland/wayland_1.20.0.bb | 2 + meta/recipes-kernel/perf/perf.bb | 2 +- ...ue-330-and-some-more-from-320-to-349.patch | 609 ++++++++++++++++++ .../libtiff/tiff/CVE-2022-2953.patch | 87 +++ meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 2 + meta/recipes-support/gnutls/gnutls_3.7.4.bb | 2 +- meta/recipes-support/vim/vim.inc | 4 +- scripts/oe-check-sstate | 8 +- scripts/runqemu | 28 +- 34 files changed, 1115 insertions(+), 51 deletions(-) rename meta/recipes-connectivity/openssl/{openssl_3.0.5.bb => openssl_3.0.7.bb} (99%) create mode 100644 meta/recipes-core/expat/expat/CVE-2022-43680.patch create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/0001-gio-tests-g-file-info-don-t-assume-million-in-one-ev.patch rename meta/recipes-core/ifupdown/{ifupdown_0.8.37.bb => ifupdown_0.8.39.bb} (97%) create mode 100644 meta/recipes-extended/lighttpd/lighttpd/CVE-2022-41556.patch create mode 100644 meta/recipes-extended/ltp/ltp/0001-clock_gettime04-set-threshold-based-on-the-clock-res.patch create mode 100644 meta/recipes-graphics/wayland/wayland/CVE-2021-3782.patch create mode 100644 meta/recipes-multimedia/libtiff/tiff/0001-tiffcrop-Fix-issue-330-and-some-more-from-320-to-349.patch create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2022-2953.patch -- 2.25.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#172661): https://lists.openembedded.org/g/openembedded-core/message/172661 Mute This Topic: https://lists.openembedded.org/mt/94799040/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
