Please review this set of changes for scarthgap and have comments back by end of day Tuesday, June 4
Passed a-full on autobuilder: https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6993 with two exceptions, the first a known reproducibility issue also present on master: https://bugzilla.yoctoproject.org/show_bug.cgi?id=15491 and the second is a failure on meta-agl-core, which will require an update to the ptest-runner override in meta-agl once "ptest-runner: Bump to 2.4.4 (95f528c)" merges. The following changes since commit 0795169be206f1d4d140fe378e2476a44d0ce02b: oeqa/selftest/debuginfod: use localpkgfeed to speed server startup (2024-05-19 13:50:01 -0700) are available in the Git repository at: https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut Archana Polampalli (5): ghostscript: fix CVE-2024-33870 ghostscript: fix CVE-2024-33869 ghostscript: fix CVE-2024-33871 ghostscript: fix CVE-2024-29510 xserver-xorg: upgrade 21.1.11 -> 21.1.12 Changqing Li (1): ptest-runner: Bump to 2.4.4 (95f528c) Julien Stephan (2): devtool: standard: update-recipe/finish: fix update localfile in another layer oeqa/selftest/devtool: add test for updating local files into another layer Khem Raj (3): llvm: Upgrade to 18.1.4 llvm: Upgrade to 18.1.5 llvm: Switch to using release tarballs Marek Vasut (1): gstreamer1.0-plugins-good: Include qttools-native during the build with qt5 PACKAGECONFIG Mark Hatle (1): gcc: Fix for CVE-2024-0151 Peter Marko (2): ttyrun: define CVE_PRODUCT update-rc.d: add +git to PV Philip Lorenz (2): lib/package_manager/ipk: Do not hardcode payload compression algorithm ipk: Fix clean up of extracted IPK payload Rasmus Villemoes (1): git: set --with-gitconfig=/etc/gitconfig for -native builds Ricardo Simoes (1): libusb1: Set CVE_PRODUCT Soumya Sambu (1): ncurses: Fix CVE-2023-45918 Yogita Urade (1): libarchive: upgrade 3.7.2 -> 3.7.4 meta/lib/oe/package_manager/ipk/__init__.py | 14 +- meta/lib/oeqa/selftest/cases/devtool.py | 20 +- .../ncurses/files/CVE-2023-45918.patch | 180 ++++++++++ meta/recipes-core/ncurses/ncurses_6.4.bb | 1 + meta/recipes-core/ttyrun/ttyrun_2.31.0.bb | 2 + .../update-rc.d/update-rc.d_0.8.bb | 1 + meta/recipes-devtools/gcc/gcc-13.2.inc | 1 + .../gcc/gcc/CVE-2024-0151.patch | 315 ++++++++++++++++++ meta/recipes-devtools/git/git_2.44.0.bb | 1 + .../llvm/{llvm_git.bb => llvm_18.1.5.bb} | 13 +- .../ghostscript/CVE-2024-29510.patch | 84 +++++ .../ghostscript/CVE-2024-33869-0001.patch | 39 +++ .../ghostscript/CVE-2024-33869-0002.patch | 52 +++ .../ghostscript/CVE-2024-33870.patch | 99 ++++++ .../ghostscript/CVE-2024-33871.patch | 43 +++ .../ghostscript/ghostscript_10.02.1.bb | 5 + .../libarchive/libarchive/configurehack.patch | 19 +- ...ibarchive_3.7.2.bb => libarchive_3.7.4.bb} | 2 +- ...org_21.1.11.bb => xserver-xorg_21.1.12.bb} | 2 +- .../gstreamer1.0-plugins-good_1.22.11.bb | 2 +- meta/recipes-support/libusb/libusb1_1.0.27.bb | 2 + ...-runner_2.4.3.bb => ptest-runner_2.4.4.bb} | 2 +- scripts/lib/devtool/standard.py | 23 +- 23 files changed, 888 insertions(+), 34 deletions(-) create mode 100644 meta/recipes-core/ncurses/files/CVE-2023-45918.patch create mode 100644 meta/recipes-devtools/gcc/gcc/CVE-2024-0151.patch rename meta/recipes-devtools/llvm/{llvm_git.bb => llvm_18.1.5.bb} (93%) create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-29510.patch create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33869-0001.patch create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33869-0002.patch create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33870.patch create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33871.patch rename meta/recipes-extended/libarchive/{libarchive_3.7.2.bb => libarchive_3.7.4.bb} (96%) rename meta/recipes-graphics/xorg-xserver/{xserver-xorg_21.1.11.bb => xserver-xorg_21.1.12.bb} (92%) rename meta/recipes-support/ptest-runner/{ptest-runner_2.4.3.bb => ptest-runner_2.4.4.bb} (95%) -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#200096): https://lists.openembedded.org/g/openembedded-core/message/200096 Mute This Topic: https://lists.openembedded.org/mt/106425330/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
