Please review this set of changes for dunfell and have comments back by end of day Thursday.
Passed a-full on autobuilder: https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5614 The following changes since commit b3fc8ef9aba822b3d485242c8ebd0e0bff0ebfc8: cve-update-nvd2-native: actually use API keys (2023-07-13 06:54:58 -1000) are available in the Git repository at: https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut Alexander Kanavin (2): linux-firmware: upgrade 20230404 -> 20230515 wireless-regdb: upgrade 2023.02.13 -> 2023.05.03 Anthony Bagwell (1): kernel-fitimage: fix dtbo support for fit images Ashish Sharma (1): go: Fix CVE-2023-29400 Deepthi Hemraj (1): glibc: stable 2.31 branch updates. Nikhil R (1): libpng: Add ptest for libpng Poonam Jadhav (1): libx11: Fix CVE-2023-3138 for dunfell branch Priyal Doshi (1): tzdata: upgrade to 2023c Tom Hochstein (1): cmake: Fix CMAKE_SYSTEM_PROCESSOR setting for SDK Trevor Gamblin (1): vim: upgrade 9.0.1527 -> 9.0.1592 Vijay Anusuri (1): qemu: backport Debian patch to fix CVE-2023-0330 Vivek Kumbhar (2): curl: fix CVE-2023-28320 siglongjmp race condition may lead to crash python3: fix CVE-2023-24329 urllib.parse url blocklisting bypass meta/classes/kernel-fitimage.bbclass | 2 +- .../distro/include/ptest-packagelists.inc | 1 + meta/recipes-core/glibc/glibc-version.inc | 2 +- .../cmake/cmake/OEToolchainConfig.cmake | 5 +- meta/recipes-devtools/go/go-1.14.inc | 1 + .../go/go-1.14/CVE-2023-29400.patch | 94 +++++++++ .../python/python3/CVE-2023-24329.patch | 80 +++++++ .../recipes-devtools/python/python3_3.8.17.bb | 1 + meta/recipes-devtools/qemu/qemu.inc | 1 + .../qemu/qemu/CVE-2023-0330.patch | 77 +++++++ meta/recipes-extended/timezone/timezone.inc | 6 +- .../xorg-lib/libx11/CVE-2023-3138.patch | 111 ++++++++++ .../recipes-graphics/xorg-lib/libx11_1.6.9.bb | 1 + ...20230404.bb => linux-firmware_20230515.bb} | 4 +- ....02.13.bb => wireless-regdb_2023.05.03.bb} | 2 +- .../recipes-multimedia/libpng/files/run-ptest | 29 +++ .../libpng/libpng_1.6.37.bb | 15 +- .../curl/curl/CVE-2023-28320-fol1.patch | 197 ++++++++++++++++++ .../curl/curl/CVE-2023-28320.patch | 86 ++++++++ meta/recipes-support/curl/curl_7.69.1.bb | 2 + meta/recipes-support/vim/vim.inc | 4 +- 21 files changed, 705 insertions(+), 16 deletions(-) create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-29400.patch create mode 100644 meta/recipes-devtools/python/python3/CVE-2023-24329.patch create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-0330.patch create mode 100644 meta/recipes-graphics/xorg-lib/libx11/CVE-2023-3138.patch rename meta/recipes-kernel/linux-firmware/{linux-firmware_20230404.bb => linux-firmware_20230515.bb} (99%) rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2023.02.13.bb => wireless-regdb_2023.05.03.bb} (94%) create mode 100644 meta/recipes-multimedia/libpng/files/run-ptest create mode 100644 meta/recipes-support/curl/curl/CVE-2023-28320-fol1.patch create mode 100644 meta/recipes-support/curl/curl/CVE-2023-28320.patch -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#184537): https://lists.openembedded.org/g/openembedded-core/message/184537 Mute This Topic: https://lists.openembedded.org/mt/100218478/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
