[OE-core][kirkstone 00/29] Pull request (cover letter only)

[Steve Sakoman]

The following changes since commit ada5e64a97d5f269886772540e0bb0c324088b21:

  efibootmgr: update compilation with musl (2022-12-17 04:10:41 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-next
  
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-next

Alejandro Hernandez Samaniego (1):
  baremetal-image: Avoid overriding qemu variables from IMAGE_CLASSES

Alexander Kanavin (5):
  libnewt: update 0.52.21 -> 0.52.23
  ruby: merge .inc into .bb
  ruby: update 3.1.2 -> 3.1.3
  tzdata: update 2022d -> 2022g
  devtool/upgrade: correctly handle recipes where S is a subdir of
    upstream tree

Bruce Ashfield (3):
  linux-yocto/5.10: update to v5.10.152
  linux-yocto/5.10: update to v5.10.154
  linux-yocto/5.10: update to v5.10.160

Hitendra Prajapati (2):
  systemd: CVE-2022-45873 deadlock in systemd-coredump via a crash with
    a long backtrace
  libX11: CVE-2022-3554 & CVE-2022-3555 Fix memory leak

Jagadeesh Krishnanjanappa (1):
  qemuboot.bbclass: make sure runqemu boots bundled initramfs kernel
    image

Joshua Watt (1):
  classes/create-spdx: Add SPDX_PRETTY option

Kai Kang (1):
  webkitgtk: 2.36.7 -> 2.36.8

Martin Jansa (1):
  libxml2: fix test data checksums

Ovidiu Panait (1):
  kernel.bbclass: remove empty module directories to prevent QA issues

Quentin Schulz (1):
  cairo: update patch for CVE-2019-6461 with upstream solution

Randy MacLeod (1):
  valgrind: skip the boost_thread test on arm

Ranjitsinh Rathod (3):
  curl: Correct LICENSE from MIT-open-group to curl
  curl: Add patch to fix CVE-2022-43551
  curl: Add patch to fix CVE-2022-43552

Richard Purdie (1):
  oeqa/concurrencytest: Add number of failures to summary output

Robert Andersson (1):
  go-crosssdk: avoid host contamination by GOCACHE

Ross Burton (1):
  libepoxy: remove upstreamed patch

Vivek Kumbhar (1):
  sqlite: fix CVE-2022-46908 safe mode authorizer callback allows
    disallowed UDFs.

Wang Mingyu (2):
  libpng: upgrade 1.6.38 -> 1.6.39
  gstreamer1.0: upgrade 1.20.4 -> 1.20.5

Xiangyu Chen (1):
  openssh: remove RRECOMMENDS to rng-tools for sshd package

yash.shi...@windriver.com (1):
  binutils : Fix CVE-2022-4285

 meta/classes/baremetal-image.bbclass          |  11 ++
 meta/classes/create-spdx.bbclass              |  22 +++-
 meta/classes/kernel.bbclass                   |   4 +-
 meta/classes/qemuboot.bbclass                 |   3 +-
 meta/lib/oe/sbom.py                           |   4 +-
 meta/lib/oeqa/core/utils/concurrencytest.py   |   4 +-
 .../openssh/openssh_8.9p1.bb                  |  10 +-
 meta/recipes-core/libxml/libxml2_2.9.14.bb    |   4 +-
 .../systemd/systemd/CVE-2022-45873.patch      | 124 ++++++++++++++++++
 meta/recipes-core/systemd/systemd_250.5.bb    |   1 +
 .../binutils/binutils-2.38.inc                |   1 +
 .../binutils/0019-CVE-2022-4285.patch         |  37 ++++++
 meta/recipes-devtools/go/go-crosssdk.inc      |   2 +
 meta/recipes-devtools/ruby/ruby.inc           |  39 ------
 ...001-Remove-dependency-on-libcapstone.patch |  36 -----
 .../ruby/{ruby_3.1.2.bb => ruby_3.1.3.bb}     |  48 ++++++-
 .../valgrind/valgrind/remove-for-aarch64      |   1 +
 .../0001-detect-gold-as-GNU-linker-too.patch  |  14 +-
 ...-t-ignore-CFLAGS-when-building-snack.patch |  29 ----
 ...{libnewt_0.52.21.bb => libnewt_0.52.23.bb} |   4 +-
 meta/recipes-extended/timezone/timezone.inc   |   7 +-
 .../cairo/cairo/CVE-2019-6461.patch           |  35 ++++-
 ...atch_common.h-define-also-EGL_NO_X11.patch |  27 ----
 .../libepoxy/libepoxy_1.5.10.bb               |   4 +-
 .../xorg-lib/libx11/CVE-2022-3554.patch       |  58 ++++++++
 .../xorg-lib/libx11/CVE-2022-3555.patch       |  40 ++++++
 .../xorg-lib/libx11_1.7.3.1.bb                |   2 +
 .../linux/linux-yocto-rt_5.10.bb              |   6 +-
 .../linux/linux-yocto-tiny_5.10.bb            |   8 +-
 meta/recipes-kernel/linux/linux-yocto_5.10.bb |  24 ++--
 ...tools_1.20.4.bb => gst-devtools_1.20.5.bb} |   2 +-
 ...1.20.4.bb => gstreamer1.0-libav_1.20.5.bb} |   2 +-
 ...x_1.20.4.bb => gstreamer1.0-omx_1.20.5.bb} |   2 +-
 ....bb => gstreamer1.0-plugins-bad_1.20.5.bb} |   2 +-
 ...bb => gstreamer1.0-plugins-base_1.20.5.bb} |   2 +-
 ...bb => gstreamer1.0-plugins-good_1.20.5.bb} |   2 +-
 ...bb => gstreamer1.0-plugins-ugly_1.20.5.bb} |   2 +-
 ....20.4.bb => gstreamer1.0-python_1.20.5.bb} |   2 +-
 ....bb => gstreamer1.0-rtsp-server_1.20.5.bb} |   2 +-
 ...1.20.4.bb => gstreamer1.0-vaapi_1.20.5.bb} |   2 +-
 ...er1.0_1.20.4.bb => gstreamer1.0_1.20.5.bb} |   2 +-
 .../{libpng_1.6.38.bb => libpng_1.6.39.bb}    |   2 +-
 ...ebkitgtk_2.36.7.bb => webkitgtk_2.36.8.bb} |   4 +-
 .../curl/curl/CVE-2022-43551.patch            |  35 +++++
 .../curl/curl/CVE-2022-43552.patch            |  80 +++++++++++
 meta/recipes-support/curl/curl_7.82.0.bb      |   4 +-
 .../sqlite/files/CVE-2022-46908.patch         |  39 ++++++
 meta/recipes-support/sqlite/sqlite3_3.38.5.bb |   1 +
 scripts/lib/devtool/standard.py               |  19 +--
 scripts/lib/devtool/upgrade.py                |  18 ++-
 50 files changed, 595 insertions(+), 238 deletions(-)
 create mode 100644 meta/recipes-core/systemd/systemd/CVE-2022-45873.patch
 create mode 100644 
meta/recipes-devtools/binutils/binutils/0019-CVE-2022-4285.patch
 delete mode 100644 meta/recipes-devtools/ruby/ruby.inc
 delete mode 100644 
meta/recipes-devtools/ruby/ruby/0001-Remove-dependency-on-libcapstone.patch
 rename meta/recipes-devtools/ruby/{ruby_3.1.2.bb => ruby_3.1.3.bb} (68%)
 delete mode 100644 
meta/recipes-extended/newt/files/0002-don-t-ignore-CFLAGS-when-building-snack.patch
 rename meta/recipes-extended/newt/{libnewt_0.52.21.bb => libnewt_0.52.23.bb} 
(87%)
 delete mode 100644 
meta/recipes-graphics/libepoxy/files/0001-dispatch_common.h-define-also-EGL_NO_X11.patch
 create mode 100644 meta/recipes-graphics/xorg-lib/libx11/CVE-2022-3554.patch
 create mode 100644 meta/recipes-graphics/xorg-lib/libx11/CVE-2022-3555.patch
 rename meta/recipes-multimedia/gstreamer/{gst-devtools_1.20.4.bb => 
gst-devtools_1.20.5.bb} (95%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-libav_1.20.4.bb => 
gstreamer1.0-libav_1.20.5.bb} (91%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-omx_1.20.4.bb => 
gstreamer1.0-omx_1.20.5.bb} (95%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-bad_1.20.4.bb 
=> gstreamer1.0-plugins-bad_1.20.5.bb} (98%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-base_1.20.4.bb 
=> gstreamer1.0-plugins-base_1.20.5.bb} (97%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-good_1.20.4.bb 
=> gstreamer1.0-plugins-good_1.20.5.bb} (97%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-ugly_1.20.4.bb 
=> gstreamer1.0-plugins-ugly_1.20.5.bb} (94%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-python_1.20.4.bb => 
gstreamer1.0-python_1.20.5.bb} (91%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-rtsp-server_1.20.4.bb 
=> gstreamer1.0-rtsp-server_1.20.5.bb} (90%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-vaapi_1.20.4.bb => 
gstreamer1.0-vaapi_1.20.5.bb} (95%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0_1.20.4.bb => 
gstreamer1.0_1.20.5.bb} (97%)
 rename meta/recipes-multimedia/libpng/{libpng_1.6.38.bb => libpng_1.6.39.bb} 
(93%)
 rename meta/recipes-sato/webkit/{webkitgtk_2.36.7.bb => webkitgtk_2.36.8.bb} 
(97%)
 create mode 100644 meta/recipes-support/curl/curl/CVE-2022-43551.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2022-43552.patch
 create mode 100644 meta/recipes-support/sqlite/files/CVE-2022-46908.patch

-- 
2.25.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#175480): 
https://lists.openembedded.org/g/openembedded-core/message/175480
Mute This Topic: https://lists.openembedded.org/mt/96051032/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-