mbox

[scarthgap,00/10] Patch review

Message ID cover.1734553652.git.steve@sakoman.com
State Not Applicable, archived
Delegated to: Steve Sakoman
Headers show

Pull-request

https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut

Message

Steve Sakoman Dec. 18, 2024, 10:02 p.m. UTC 
Please review this set of changes for scarthgap and have comments back by
end of day Friday, December 20

Passed a-full on autobuilder:

https://valkyrie.yoctoproject.org/#/builders/29/builds/674

The following changes since commit b19b1e905d966443c4e4d17dfaeb299ae2526575:

  cve-update-nvd2-native: Tweak to work better with NFS DL_DIR (2024-12-18 06:41:14 -0800)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/scarthgap-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/scarthgap-nut

Alexander Kanavin (1):
  rust: add reproducibility patch to eliminate host leakage

Archana Polampalli (3):
  ffmpeg: fix CVE-2024-35366
  ffmpeg: fix CVE-2024-35367
  ffmpeg: fix CVE-2024-35368

Hongxu Jia (1):
  kern-tools-native: fix SyntaxWarning for RegEx calls on Python 3.12

Jiaying Song (1):
  subversion: fix CVE-2024-46901

Khem Raj (1):
  python3: Drop empty patch

Ross Burton (1):
  python3: add dependency on -compression to -core

Sunil Dora (1):
  gcc: Fix c++: tweak for Wrange-loop-construct

Yash Shinde (1):
  binutils: Fix CVE-2024-53589

 .../binutils/binutils-2.42.inc                |   1 +
 .../binutils/0016-CVE-2024-53589.patch        |  92 ++++++++++
 meta/recipes-devtools/gcc/gcc-13.3.inc        |   1 +
 ...ix-c-tweak-for-Wrange-loop-construct.patch | 113 ++++++++++++
 ...lize-struct-termios-before-calling-t.patch |  26 ---
 .../python/python3/python3-manifest.json      |   2 +-
 .../recipes-devtools/python/python3_3.12.6.bb |   1 -
 ...te-host-information-into-compilation.patch |  51 ++++++
 meta/recipes-devtools/rust/rust-source.inc    |   1 +
 .../subversion/CVE-2024-46901.patch           | 161 ++++++++++++++++++
 .../subversion/subversion_1.14.3.bb           |   3 +-
 ...yntaxWarning-for-RegEx-calls-on-Pyth.patch |  60 +++++++
 .../kern-tools/kern-tools-native_git.bb       |   4 +-
 .../ffmpeg/ffmpeg/CVE-2024-35366.patch        |  35 ++++
 .../ffmpeg/ffmpeg/CVE-2024-35367.patch        |  47 +++++
 .../ffmpeg/ffmpeg/CVE-2024-35368.patch        |  41 +++++
 .../recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb |   3 +
 17 files changed, 612 insertions(+), 30 deletions(-)
 create mode 100644 meta/recipes-devtools/binutils/binutils/0016-CVE-2024-53589.patch
 create mode 100644 meta/recipes-devtools/gcc/gcc/0028-gcc-Fix-c-tweak-for-Wrange-loop-construct.patch
 delete mode 100644 meta/recipes-devtools/python/python3/0001-gh-114492-Initialize-struct-termios-before-calling-t.patch
 create mode 100644 meta/recipes-devtools/rust/files/0001-cargo-do-not-write-host-information-into-compilation.patch
 create mode 100644 meta/recipes-devtools/subversion/subversion/CVE-2024-46901.patch
 create mode 100644 meta/recipes-kernel/kern-tools/files/0001-symbol_why-fix-SyntaxWarning-for-RegEx-calls-on-Pyth.patch
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-35366.patch
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-35367.patch
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-35368.patch