Message ID | cover.1687143192.git.steve@sakoman.com |
---|---|
State | Not Applicable, archived |
Headers | show |
On Mon, Jun 19, 2023 at 4:55 AM Steve Sakoman <steve@sakoman.com> wrote: > Please review this set of changes for kirkstone and have comments back by > end of day Tuesday. > > Passed a-full on autobuilder: > > https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5481 > > The following changes since commit > 6e0d694ea1eb5d478dc7508d181c3a820098ee5f: > > uninative: Upgrade to 4.0 to include latest gcc 13.1.1 (2023-06-09 > 06:04:24 -1000) > > are available in the Git repository at: > > https://git.openembedded.org/openembedded-core-contrib > stable/kirkstone-nut > > http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut > > Andrew Jeffery (1): > Revert "ipk: Decode byte data to string in manifest handling" > > Bruce Ashfield (5): > linux-yocto/5.15: update to v5.15.109 > linux-yocto/5.15: update to v5.15.110 > linux-yocto/5.15: update to v5.15.111 > linux-yocto/5.15: update to v5.15.112 > linux-yocto/5.15: update to v5.15.113 > > Chen Qi (1): > openssh: fix CVE-2023-28531 > > Deepthi Hemraj (1): > glibc: stable 2.35 branch updates > > Ian Ray (1): > systemd-systemctl: support instance expansion in WantedBy > > Jan Vermaete (1): > cve-update-nvd2-native: added the missing http import > > Marta Rybczynska (1): > cve-update-nvd2-native: new CVE database fetcher > > Qiu Tingting (1): > e2fsprogs: fix ptest bug for second running > > Randy MacLeod (1): > vim: upgrade 9.0.1429 -> 9.0.1527 > > Sanjay Chitroda (1): > cups: Fix CVE-2023-32324 > > Yogita Urade (4): > webkitgtk: fix CVE-2022-46691 > webkitgtk: fix CVE-2022-46699 > webkitgtk: fix CVE-2022-42867 > webkitgtk: fix CVE-2022-46700 > > meta/classes/cve-check.bbclass | 4 +- > meta/lib/oe/package_manager/ipk/manifest.py | 2 +- > ...-destination-constraints-for-smartca.patch | 35 ++ > .../openssh/openssh_8.9p1.bb | 1 + > meta/recipes-core/glibc/glibc-version.inc | 2 +- > .../glibc/glibc/CVE-2023-0687.patch | 82 ----- > meta/recipes-core/glibc/glibc_2.35.bb | 1 - > .../meta/cve-update-nvd2-native.bb | 334 ++++++++++++++++++ > .../systemd/systemd-systemctl/systemctl | 9 +- > .../e2fsprogs/e2fsprogs/run-ptest | 1 + > .../e2fsprogs/e2fsprogs_1.46.5.bb | 3 + > meta/recipes-extended/cups/cups.inc | 1 + > .../cups/cups/CVE-2023-32324.patch | 36 ++ > .../linux/linux-yocto-rt_5.15.bb | 6 +- > .../linux/linux-yocto-tiny_5.15.bb | 6 +- > meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 +- > .../webkit/webkitgtk/CVE-2022-42867.patch | 104 ++++++ > .../webkit/webkitgtk/CVE-2022-46691.patch | 43 +++ > .../webkit/webkitgtk/CVE-2022-46699.patch | 136 +++++++ > .../webkit/webkitgtk/CVE-2022-46700.patch | 67 ++++ > meta/recipes-sato/webkit/webkitgtk_2.36.8.bb | 4 + > meta/recipes-support/vim/vim.inc | 4 +- > 22 files changed, 792 insertions(+), 115 deletions(-) > create mode 100644 > meta/recipes-connectivity/openssh/openssh/0001-upstream-include-destination-constraints-for-smartca.patch > delete mode 100644 meta/recipes-core/glibc/glibc/CVE-2023-0687.patch > create mode 100644 meta/recipes-core/meta/cve-update-nvd2-native.bb > create mode 100644 meta/recipes-extended/cups/cups/CVE-2023-32324.patch > create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2022-42867.patch > create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2022-46691.patch > create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2022-46699.patch > create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2022-46700.patch > > > Tested for the CVE fetcher backport to kirkstone, no unexpected issues seen. Kind regards, Marta