mbox

[kirkstone,00/22] Patch review

Message ID cover.1678888649.git.steve@sakoman.com
State Not Applicable, archived
Headers show

Pull-request

https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut

Message

Steve Sakoman March 15, 2023, 2 p.m. UTC 
Please review this set of patches for kirkstone and have comments back by
end of day Friday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5050

The following changes since commit 9e8cbf46fe6e4e257b76b228de56d4a891199896:

  nghttp2: never build python bindings (2023-03-06 04:10:00 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Bruce Ashfield (3):
  linux-yocto/5.15: update to v5.15.94
  linux-yocto/5.15: update to v5.15.96
  linux-yocto-rt/5.15: update to -rt59

Chee Yang Lee (1):
  tiff: fix multiple CVEs

Ming Liu (1):
  linux: inherit pkgconfig in kernel.bbclass

Narpat Mali (1):
  libmicrohttpd: upgrade 0.9.75 -> 0.9.76

Peter Marko (1):
  systemd: add group sgx to udev package

Poonam (1):
  python3-setuptools-rust-native: Add direct dependency of native
    python3 modules

Richard Purdie (2):
  binutils: Fix nativesdk ld.so search
  oeqa/selftest/prservice: Improve debug output for failure

Ross Burton (2):
  shadow: ignore CVE-2016-15024
  vim: add missing pkgconfig inherit

Shubham Kulkarni (1):
  glibc: Security fix for CVE-2023-0687

Siddharth Doshi (2):
  epiphany: Security fix for CVE-2023-26081
  harfbuzz: Security fix for CVE-2023-25193

Tom Hochstein (2):
  meson: Fix wrapper handling of implicit setup command
  oeqa/sdk: Improve Meson test

Vivek Kumbhar (1):
  gnutls: fix CVE-2023-0361 timing side-channel in the TLS RSA key
    exchange code

Wang Mingyu (3):
  iso-codes: upgrade 4.12.0 -> 4.13.0
  lua: Fix install conflict when enable multilib.
  vala: Fix install conflict when enable multilib.

Xiangyu Chen (1):
  sudo: update 1.9.12p2 -> 1.9.13p3

 meta-selftest/files/static-group              |   1 +
 meta/classes/kernel.bbclass                   |   2 +-
 meta/lib/oeqa/sdk/cases/buildepoxy.py         |   2 +-
 meta/lib/oeqa/selftest/cases/prservice.py     |   2 +-
 .../glibc/glibc/CVE-2023-0687.patch           |  82 ++++++++
 meta/recipes-core/glibc/glibc_2.35.bb         |   1 +
 meta/recipes-core/systemd/systemd_250.5.bb    |   2 +-
 ...dk-Search-for-alternative-ld.so.conf.patch |   2 +-
 meta/recipes-devtools/lua/lua_5.4.4.bb        |   3 +
 .../meson/meson/meson-wrapper                 |  17 +-
 .../python3-setuptools-rust-native_1.1.2.bb   |   4 +-
 meta/recipes-devtools/vala/vala.inc           |   5 +-
 meta/recipes-extended/shadow/shadow_4.11.1.bb |   3 +
 ...o.conf.in-fix-conflict-with-multilib.patch |  21 +-
 meta/recipes-extended/sudo/sudo.inc           |   2 +-
 .../{sudo_1.9.12p2.bb => sudo_1.9.13p3.bb}    |   2 +-
 meta/recipes-gnome/epiphany/epiphany_42.4.bb  |   1 +
 .../epiphany/files/CVE-2023-26081.patch       |  90 +++++++++
 .../harfbuzz/CVE-2023-25193-pre1.patch        | 135 +++++++++++++
 .../harfbuzz/harfbuzz/CVE-2023-25193.patch    | 185 ++++++++++++++++++
 .../harfbuzz/harfbuzz_4.0.1.bb                |   4 +-
 meta/recipes-kernel/linux/linux-yocto-dev.bb  |   2 -
 .../linux/linux-yocto-rt_5.15.bb              |   6 +-
 .../linux/linux-yocto-tiny_5.15.bb            |   6 +-
 meta/recipes-kernel/linux/linux-yocto.inc     |   1 -
 meta/recipes-kernel/linux/linux-yocto_5.15.bb |  26 +--
 .../libtiff/tiff/CVE-2022-48281.patch         |  26 +++
 .../CVE-2023-0800_0801_0802_0803_0804.patch   | 128 ++++++++++++
 meta/recipes-multimedia/libtiff/tiff_4.3.0.bb |   2 +
 .../gnutls/gnutls/CVE-2023-0361.patch         |  85 ++++++++
 meta/recipes-support/gnutls/gnutls_3.7.4.bb   |   1 +
 ...so-codes_4.12.0.bb => iso-codes_4.13.0.bb} |   2 +-
 ...ttpd_0.9.75.bb => libmicrohttpd_0.9.76.bb} |   2 +-
 meta/recipes-support/vim/vim.inc              |   2 +-
 34 files changed, 799 insertions(+), 56 deletions(-)
 create mode 100644 meta/recipes-core/glibc/glibc/CVE-2023-0687.patch
 rename meta/recipes-extended/sudo/{sudo_1.9.12p2.bb => sudo_1.9.13p3.bb} (96%)
 create mode 100644 meta/recipes-gnome/epiphany/files/CVE-2023-26081.patch
 create mode 100644 meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2023-25193-pre1.patch
 create mode 100644 meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2023-25193.patch
 create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2022-48281.patch
 create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-0800_0801_0802_0803_0804.patch
 create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2023-0361.patch
 rename meta/recipes-support/iso-codes/{iso-codes_4.12.0.bb => iso-codes_4.13.0.bb} (94%)
 rename meta/recipes-support/libmicrohttpd/{libmicrohttpd_0.9.75.bb => libmicrohttpd_0.9.76.bb} (91%)