[OE-core][kirkstone 0/9] Patch review

Steve Sakoman Tue, 02 Apr 2024 20:47:12 -0700

Please review this set of changes for kirkstone and have comments back by
end of day Thursday, April 4


Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6758

The following changes since commit 1b5405955c7c2579ed1f52522e2e177d0281fa33:

  glibc: Fix subscript typos for get_nscd_addresses (2024-03-19 03:33:32 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Claus Stovgaard (1):
  gcc: Backport sanitizer fix for 32-bit ALSR

Colin McAllister (1):
  common-licenses: Backport missing license

Lee Chee Yang (2):
  xwayland: fix CVE-2023-6816 CVE-2024-0408/0409
  tiff: fix CVE-2023-52356 CVE-2023-6277

Meenali Gupta (1):
  expat: fix CVE-2023-52425

Tan Wen Yan (1):
  python3-urllib3: update to v1.26.18

Vijay Anusuri (2):
  curl: backport Debian patch for CVE-2024-2398
  qemu: Fix for CVE-2023-6683

aszh07 (1):
  nghttp2: fix CVE-2023-44487

 .../LGPL-3.0-with-zeromq-exception            | 181 ++++
 .../expat/expat/CVE-2023-52425-0001.patch     |  40 +
 .../expat/expat/CVE-2023-52425-0002.patch     |  87 ++
 .../expat/expat/CVE-2023-52425-0003.patch     | 222 +++++
 .../expat/expat/CVE-2023-52425-0004.patch     |  42 +
 .../expat/expat/CVE-2023-52425-0005.patch     |  69 ++
 .../expat/expat/CVE-2023-52425-0006.patch     |  67 ++
 .../expat/expat/CVE-2023-52425-0007.patch     | 159 +++
 .../expat/expat/CVE-2023-52425-0008.patch     |  95 ++
 .../expat/expat/CVE-2023-52425-0009.patch     |  52 +
 .../expat/expat/CVE-2023-52425-0010.patch     | 111 +++
 .../expat/expat/CVE-2023-52425-0011.patch     |  89 ++
 .../expat/expat/CVE-2023-52425-0012.patch     |  87 ++
 meta/recipes-core/expat/expat_2.5.0.bb        |  12 +
 meta/recipes-devtools/gcc/gcc-11.4.inc        |   1 +
 .../gcc/gcc/0031-gcc-sanitizers-fix.patch     |  63 ++
 ..._1.26.17.bb => python3-urllib3_1.26.18.bb} |   2 +-
 meta/recipes-devtools/qemu/qemu.inc           |   1 +
 .../qemu/qemu/CVE-2023-6683.patch             |  92 ++
 .../xwayland/xwayland/CVE-2023-6816.patch     |  57 ++
 .../xwayland/xwayland/CVE-2024-0408.patch     |  65 ++
 .../xwayland/xwayland/CVE-2024-0409.patch     |  47 +
 .../xwayland/xwayland_22.1.8.bb               |   3 +
 .../libtiff/tiff/CVE-2023-52356.patch         |  54 +
 .../libtiff/tiff/CVE-2023-6277-1.patch        | 178 ++++
 .../libtiff/tiff/CVE-2023-6277-2.patch        | 151 +++
 .../libtiff/tiff/CVE-2023-6277-3.patch        |  46 +
 .../libtiff/tiff/CVE-2023-6277-4.patch        |  93 ++
 meta/recipes-multimedia/libtiff/tiff_4.3.0.bb |   5 +
 .../curl/curl/CVE-2024-2398.patch             |  89 ++
 meta/recipes-support/curl/curl_7.82.0.bb      |   1 +
 .../nghttp2/nghttp2/CVE-2023-44487.patch      | 927 ++++++++++++++++++
 .../recipes-support/nghttp2/nghttp2_1.47.0.bb |   1 +
 33 files changed, 3188 insertions(+), 1 deletion(-)
 create mode 100644 meta/files/common-licenses/LGPL-3.0-with-zeromq-exception
 create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0001.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0002.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0003.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0004.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0005.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0006.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0007.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0008.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0009.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0010.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0011.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2023-52425-0012.patch
 create mode 100644 meta/recipes-devtools/gcc/gcc/0031-gcc-sanitizers-fix.patch
 rename meta/recipes-devtools/python/{python3-urllib3_1.26.17.bb => 
python3-urllib3_1.26.18.bb} (86%)
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-6683.patch
 create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2023-6816.patch
 create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2024-0408.patch
 create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2024-0409.patch
 create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-52356.patch
 create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-1.patch
 create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-2.patch
 create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-3.patch
 create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-4.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2024-2398.patch
 create mode 100644 meta/recipes-support/nghttp2/nghttp2/CVE-2023-44487.patch

-- 
2.34.1

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#197893): 
https://lists.openembedded.org/g/openembedded-core/message/197893
Mute This Topic: https://lists.openembedded.org/mt/105302698/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone 0/9] Patch review

Reply via email to