[OE-core][kirkstone 00/23] Patch review

Thu, 01 Dec 2022 06:27:34 -0800 

Please review this set of patches for kirkstone and have comments back by
end of day Monday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4562

The following changes since commit 5b2ee67e3a5587b4c7d97d2a9bc00022d1eedae3:

  create-spdx: default share_src for shared sources (2022-11-25 08:08:10 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Bhabu Bindu (3):
  curl: Fix CVE-2022-32221
  curl: Fix CVE-2022-42916
  curl: Fix CVE-2022-42915

Bruce Ashfield (5):
  linux-yocto/5.15: update to v5.15.74
  linux-yocto/5.15: update to v5.15.76
  linux-yocto/5.15: update to v5.15.78
  linux-yocto/5.15: fix CONFIG_CRYPTO_CCM mismatch warnings
  kern-tools: integrate ZFS speedup patch

Chee Yang Lee (1):
  dropbear: fix CVE-2021-36369

Chen Qi (3):
  kernel.bbclass: make KERNEL_DEBUG_TIMESTAMPS work at rebuild
  resolvconf: make it work
  dhcpcd: fix to work with systemd

Dmitry Baryshkov (2):
  linux-firmware: upgrade 20221012 -> 20221109
  linux-firmware: add new fw file to ${PN}-qcom-adreno-a530

Enrico Jörns (1):
  sstatesig: emit more helpful error message when not finding sstate
    manifest

Martin Jansa (2):
  tiff: refresh with devtool
  tiff: add CVE tag to b258ed69a485a9cfb299d9f060eb2a46c54e5903.patch

Polampalli, Archana (1):
  libpam: fix CVE-2022-28321

Qiu, Zheng (1):
  tiff: Security fix for CVE-2022-3970

Ross Burton (1):
  tiff: fix a number of CVEs

Tim Orling (1):
  mirrors.bbclass: update CPAN_MIRROR

Xiangyu Chen (2):
  grub2: backport patch to fix CVE-2022-2601 CVE-2022-3775
  dbus: upgrade 1.14.0 -> 1.14.4

 meta/classes/kernel.bbclass                   |   8 +
 meta/classes/mirrors.bbclass                  |   3 +-
 meta/lib/oe/sstatesig.py                      |   6 +-
 ...erflow-in-grub_font_get_glyph_intern.patch | 115 ++++
 .../grub/files/CVE-2022-2601.patch            |  85 +++
 .../grub/files/CVE-2022-3775.patch            |  95 +++
 meta/recipes-bsp/grub/grub2.inc               |   3 +
 .../dhcpcd/dhcpcd_9.4.1.bb                    |   1 +
 ...mprove-the-sitation-of-working-with-.patch |  82 +++
 ...01-avoid-using-m-option-for-readlink.patch |  37 +
 .../resolvconf/resolvconf_1.91.bb             |   9 +-
 ...eswap-Byte-swap-Unix-fd-indexes-if-n.patch |  76 ---
 ...idate-Check-brackets-in-signature-ne.patch | 119 ----
 ...idate-Validate-length-of-arrays-of-f.patch |  61 --
 .../dbus/{dbus_1.14.0.bb => dbus_1.14.4.bb}   |  10 +-
 meta/recipes-core/dropbear/dropbear.inc       |   4 +-
 .../dropbear/dropbear/CVE-2021-36369.patch    | 145 ++++
 .../pam/libpam/CVE-2022-28321-0002.patch      | 205 ++++++
 meta/recipes-extended/pam/libpam_1.5.2.bb     |   1 +
 .../kern-tools/kern-tools-native_git.bb       |   2 +-
 ...20221012.bb => linux-firmware_20221109.bb} |   6 +-
 .../linux/linux-yocto-rt_5.15.bb              |   6 +-
 .../linux/linux-yocto-tiny_5.15.bb            |   6 +-
 meta/recipes-kernel/linux/linux-yocto_5.15.bb |  26 +-
 ...-of-TIFFTAG_INKNAMES-and-related-TIF.patch | 266 ++++++++
 ...-the-FPE-in-tiffcrop-415-427-and-428.patch |   2 +-
 ...rash-when-reading-a-file-with-multip.patch |  14 +-
 ...ue-330-and-some-more-from-320-to-349.patch |  86 ++-
 ...fcrop-S-option-Make-decision-simpler.patch |  36 +
 ...-incompatibility-of-Z-X-Y-z-options-.patch |  59 ++
 ...ines-require-a-larger-buffer-fixes-2.patch | 640 ++++++++++++++++++
 ...al-buffer-overflow-for-ASCII-tags-wh.patch |  13 +-
 ...ue-380-and-382-heap-buffer-overflow-.patch |  14 +-
 ...-for-return-value-of-limitMalloc-392.patch |  15 +-
 ...ag-avoid-calling-memcpy-with-a-null-.patch |  16 +-
 .../0005-fix-the-FPE-in-tiffcrop-393.patch    |  15 +-
 ...x-heap-buffer-overflow-in-tiffcp-278.patch |  15 +-
 ...99c99f987dc32ae110370cfdd7df7975586b.patch |   9 +-
 .../libtiff/tiff/CVE-2022-1354.patch          |   8 +-
 .../libtiff/tiff/CVE-2022-1355.patch          |   8 +-
 .../libtiff/tiff/CVE-2022-2867.patch          |   2 +-
 .../libtiff/tiff/CVE-2022-2869.patch          |   2 +-
 .../libtiff/tiff/CVE-2022-2953.patch          |  30 +-
 .../libtiff/tiff/CVE-2022-34526.patch         |   6 +-
 .../libtiff/tiff/CVE-2022-3970.patch          |  38 ++
 ...ed69a485a9cfb299d9f060eb2a46c54e5903.patch |   7 +-
 ...0712f4c3a5b449f70c57988260a667ddbdef.patch |   9 +-
 meta/recipes-multimedia/libtiff/tiff_4.3.0.bb |   6 +-
 .../curl/curl/CVE-2022-32221.patch            |  28 +
 .../curl/curl/CVE-2022-42915.patch            |  53 ++
 .../curl/curl/CVE-2022-42916.patch            | 136 ++++
 meta/recipes-support/curl/curl_7.82.0.bb      |   3 +
 52 files changed, 2203 insertions(+), 444 deletions(-)
 create mode 100644 
meta/recipes-bsp/grub/files/0001-font-Fix-size-overflow-in-grub_font_get_glyph_intern.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2022-2601.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2022-3775.patch
 create mode 100644 
meta/recipes-connectivity/dhcpcd/files/0001-20-resolv.conf-improve-the-sitation-of-working-with-.patch
 create mode 100644 
meta/recipes-connectivity/resolvconf/resolvconf/0001-avoid-using-m-option-for-readlink.patch
 delete mode 100644 
meta/recipes-core/dbus/dbus/0001-dbus-marshal-byteswap-Byte-swap-Unix-fd-indexes-if-n.patch
 delete mode 100644 
meta/recipes-core/dbus/dbus/0001-dbus-marshal-validate-Check-brackets-in-signature-ne.patch
 delete mode 100644 
meta/recipes-core/dbus/dbus/0001-dbus-marshal-validate-Validate-length-of-arrays-of-f.patch
 rename meta/recipes-core/dbus/{dbus_1.14.0.bb => dbus_1.14.4.bb} (93%)
 create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2021-36369.patch
 create mode 100644 meta/recipes-extended/pam/libpam/CVE-2022-28321-0002.patch
 rename meta/recipes-kernel/linux-firmware/{linux-firmware_20221012.bb => 
linux-firmware_20221109.bb} (99%)
 create mode 100644 
meta/recipes-multimedia/libtiff/tiff/0001-Revised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch
 create mode 100644 
meta/recipes-multimedia/libtiff/tiff/0001-tiffcrop-S-option-Make-decision-simpler.patch
 create mode 100644 
meta/recipes-multimedia/libtiff/tiff/0001-tiffcrop-disable-incompatibility-of-Z-X-Y-z-options-.patch
 create mode 100644 
meta/recipes-multimedia/libtiff/tiff/0001-tiffcrop-subroutines-require-a-larger-buffer-fixes-2.patch
 create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2022-3970.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2022-32221.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2022-42915.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2022-42916.patch

-- 
2.25.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#174086): 
https://lists.openembedded.org/g/openembedded-core/message/174086
Mute This Topic: https://lists.openembedded.org/mt/95383145/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to