mbox

[kirkstone,00/11] Patch review

Message ID cover.1723551231.git.steve@sakoman.com
State Not Applicable, archived
Delegated to: Steve Sakoman
Headers show

Pull-request

https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut

Message

Steve Sakoman Aug. 13, 2024, 12:16 p.m. UTC 
Please review this set of changes for kirkstone and have comments back by
end of day Thursday, August 15

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/7236

The following changes since commit 2721f84ba755ceea5780e44feb0713ad8c4d0217:

  lttng-modules: Upgrade 2.13.9 -> 2.13.14 (2024-08-02 12:10:02 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Archana Polampalli (4):
  ghostscript: fix CVE-2024-29511
  ghostscript: fix CVE-2024-29509
  ghostscript: fix CVE-2024-29506
  go: fix CVE-2024-24791

Hitendra Prajapati (1):
  busybox: CVE-2023-42364, CVE-2023-42365, CVE-2023-42366 fixes

Peter Marko (1):
  libyaml: Update status of CVE-2024-35328

Richard Purdie (1):
  cve_check: Use a local copy of the database during builds

Ross Burton (1):
  python3-pycryptodome(x): use python_setuptools_build_meta build class

Soumya Sambu (1):
  python3-certifi: Fix CVE-2024-39689

Vijay Anusuri (1):
  orc: upgrade 0.4.32 -> 0.4.39

Yogita Urade (1):
  ofono: fix CVE-2023-2794

 meta/classes/cve-check.bbclass                |   7 +-
 .../ofono/ofono/CVE-2023-2794-0001.patch      |  37 ++
 .../ofono/ofono/CVE-2023-2794-0002.patch      |  32 ++
 .../ofono/ofono/CVE-2023-2794-0003.patch      |  44 +++
 .../ofono/ofono/CVE-2023-2794-0004.patch      | 127 +++++++
 meta/recipes-connectivity/ofono/ofono_1.34.bb |   4 +
 .../busybox/CVE-2023-42364_42365-1.patch      | 197 ++++++++++
 .../busybox/CVE-2023-42364_42365-2.patch      |  96 +++++
 .../busybox/busybox/CVE-2023-42366.patch      |  36 ++
 meta/recipes-core/busybox/busybox_1.35.0.bb   |   3 +
 .../meta/cve-update-nvd2-native.bb            |  18 +-
 meta/recipes-devtools/go/go-1.17.13.inc       |   1 +
 .../go/go-1.21/CVE-2024-24791.patch           | 359 ++++++++++++++++++
 .../orc/{orc_0.4.32.bb => orc_0.4.39.bb}      |   2 +-
 .../python3-certifi/CVE-2024-39689.patch      |  69 ++++
 .../python/python3-certifi_2021.10.8.bb       |   1 +
 .../python/python3-pycryptodome_3.14.1.bb     |   2 +-
 .../python/python3-pycryptodomex_3.14.1.bb    |   2 +-
 .../ghostscript/CVE-2024-29506.patch          |  45 +++
 .../ghostscript/CVE-2024-29509.patch          |  45 +++
 .../ghostscript/CVE-2024-29511-0001.patch     | 100 +++++
 .../ghostscript/CVE-2024-29511-0002.patch     | 219 +++++++++++
 .../ghostscript/ghostscript_9.55.0.bb         |   4 +
 meta/recipes-support/libyaml/libyaml_0.2.5.bb |   3 +
 24 files changed, 1442 insertions(+), 11 deletions(-)
 create mode 100644 meta/recipes-connectivity/ofono/ofono/CVE-2023-2794-0001.patch
 create mode 100644 meta/recipes-connectivity/ofono/ofono/CVE-2023-2794-0002.patch
 create mode 100644 meta/recipes-connectivity/ofono/ofono/CVE-2023-2794-0003.patch
 create mode 100644 meta/recipes-connectivity/ofono/ofono/CVE-2023-2794-0004.patch
 create mode 100644 meta/recipes-core/busybox/busybox/CVE-2023-42364_42365-1.patch
 create mode 100644 meta/recipes-core/busybox/busybox/CVE-2023-42364_42365-2.patch
 create mode 100644 meta/recipes-core/busybox/busybox/CVE-2023-42366.patch
 create mode 100644 meta/recipes-devtools/go/go-1.21/CVE-2024-24791.patch
 rename meta/recipes-devtools/orc/{orc_0.4.32.bb => orc_0.4.39.bb} (92%)
 create mode 100644 meta/recipes-devtools/python/python3-certifi/CVE-2024-39689.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-29506.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-29509.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-29511-0001.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-29511-0002.patch