Message ID | cover.1645465376.git.steve@sakoman.com |
---|---|
State | Not Applicable, archived |
Headers | show |
On 2/21/22 11:34, Steve Sakoman wrote: > There's a fairly constant flow of CVEs being reported for vim, which are > getting increasing non-trivial to backport. There are currenly 26 CVEs > outstanding for vim in dunfell. > > This has been handled in master with a number of version updates. Since > vim is a fairly stand-alone package it seems to make sense to also follow > this strategy for dunfell. > > This patch series backports the vim version updates from master. > > I'd love to get some feedback on this approach. Under the situation, this is a good approach. Thanks for putting series together. - armin > > Passed a-full on autobuilder: > > https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3256 > > with the exception of a known autobuilder intermittent issue on oe-selftest-ubuntu, > which passed on subsequent retest: > > https://autobuilder.yoctoproject.org/typhoon/#/builders/87/builds/3193 > > > The following changes since commit 81fab225daf798792c139f669f5bfd96d9fd25a8: > > ruby: fix DEPENDS append (2022-02-21 04:52:33 -1000) > > are available in the Git repository at: > > git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut > http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut > > Alexander Kanavin (1): > vim: do not report upstream version check as broken > > Richard Purdie (2): > vim: Upgrade 4269 -> 4134 > vim: Upgrade 8.2.4314 -> 8.2.4424 > > Ross Burton (4): > vim: set PACKAGECONFIG idiomatically > vim: upgrade to 8.2 patch 3752 > vim: update to include latest CVE fixes > vim: upgrade to patch 4269 > > Steve Sakoman (1): > Revert "vim: fix CVE-2021-4069" > > ...1-reading-character-past-end-of-line.patch | 62 ------ > ...src-Makefile-improve-reproducibility.patch | 13 +- > ...28-using-freed-memory-when-replacing.patch | 83 ------- > ...eading-uninitialized-memory-when-giv.patch | 63 ------ > ...rash-when-using-CTRL-W-f-without-fin.patch | 92 -------- > ...llegal-memory-access-if-buffer-name-.patch | 86 -------- > ...ml_get-error-after-search-with-range.patch | 72 ------ > ...nvalid-memory-access-when-scrolling-.patch | 97 -------- > .../vim/files/CVE-2021-3778.patch | 61 ------ > .../vim/files/CVE-2021-4069.patch | 43 ---- > ...1e135a16091c93f6f5f7525a5c58fb7ca9f9.patch | 207 ------------------ > .../vim/files/disable_acl_header_check.patch | 15 +- > .../vim/files/no-path-adjust.patch | 8 +- > meta/recipes-support/vim/files/racefix.patch | 6 +- > ...m-add-knob-whether-elf.h-are-checked.patch | 13 +- > meta/recipes-support/vim/vim.inc | 27 +-- > 16 files changed, 33 insertions(+), 915 deletions(-) > delete mode 100644 meta/recipes-support/vim/files/0001-patch-8.2.3581-reading-character-past-end-of-line.patch > delete mode 100644 meta/recipes-support/vim/files/0002-patch-8.2.3428-using-freed-memory-when-replacing.patch > delete mode 100644 meta/recipes-support/vim/files/0002-patch-8.2.3582-reading-uninitialized-memory-when-giv.patch > delete mode 100644 meta/recipes-support/vim/files/0002-patch-8.2.3611-crash-when-using-CTRL-W-f-without-fin.patch > delete mode 100644 meta/recipes-support/vim/files/0003-patch-8.2.3487-illegal-memory-access-if-buffer-name-.patch > delete mode 100644 meta/recipes-support/vim/files/0004-patch-8.2.3489-ml_get-error-after-search-with-range.patch > delete mode 100644 meta/recipes-support/vim/files/0005-patch-8.2.3564-invalid-memory-access-when-scrolling-.patch > delete mode 100644 meta/recipes-support/vim/files/CVE-2021-3778.patch > delete mode 100644 meta/recipes-support/vim/files/CVE-2021-4069.patch > delete mode 100644 meta/recipes-support/vim/files/b7081e135a16091c93f6f5f7525a5c58fb7ca9f9.patch > > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#162067): https://lists.openembedded.org/g/openembedded-core/message/162067 > Mute This Topic: https://lists.openembedded.org/mt/89301811/3616698 > Group Owner: openembedded-core+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [akuster808@gmail.com] > -=-=-=-=-=-=-=-=-=-=-=- >