Please review this set of changes for kirkstone and have comments back by end of day Friday, October 20
Passed a-full on autobuilder: https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6064 with the exception of a known vim reproducibilty error in the vim-common package where depending on worker we are seeing either: "Content-Type:·text/plain;·charset=CP1251\n" or "Content-Type:·text/plain;·charset=cp1251\n" The issue is still under investigation, but is unrelated to this patch set. The following changes since commit 2572b32e729831762790ebfbf930a1140657faea: apt: add missing <cstdint> for uint16_t (2023-10-13 05:32:41 -1000) are available in the Git repository at: https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut Armin Kuster (1): binutils: CVE-2022-48063 Chaitanya Vadrevu (3): binutils: Fix CVE-2022-47695 binutils: Mark CVE-2022-47673 as patched binutils: Mark CVE-2022-47696 as patched Deepthi Hemraj (2): binutils: Fix CVE-2022-47008 binutils: Fix CVE-2022-47011 Hitendra Prajapati (1): libtiff: Add fix for tiffcrop CVE-2023-1916 Quentin Schulz (1): uboot-extlinux-config.bbclass: fix missed override syntax migration Siddharth Doshi (2): tiff: Security fix for CVE-2023-40745 libxpm: upgrade to 3.5.17 meta/classes/uboot-extlinux-config.bbclass | 2 +- .../binutils/binutils-2.38.inc | 4 + .../binutils/0022-CVE-2023-25584-3.patch | 2 + .../binutils/0025-CVE-2023-25588.patch | 2 + .../binutils/0027-CVE-2022-47008.patch | 67 +++++++++++++ .../binutils/0028-CVE-2022-47011.patch | 35 +++++++ .../binutils/0031-CVE-2022-47695.patch | 58 +++++++++++ .../binutils/binutils/CVE-2022-48063.patch | 48 +++++++++ .../{libxpm_3.5.16.bb => libxpm_3.5.17.bb} | 2 +- .../libtiff/tiff/CVE-2023-1916.patch | 99 +++++++++++++++++++ .../libtiff/tiff/CVE-2023-40745.patch | 34 +++++++ meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 2 + 12 files changed, 353 insertions(+), 2 deletions(-) create mode 100644 meta/recipes-devtools/binutils/binutils/0027-CVE-2022-47008.patch create mode 100644 meta/recipes-devtools/binutils/binutils/0028-CVE-2022-47011.patch create mode 100644 meta/recipes-devtools/binutils/binutils/0031-CVE-2022-47695.patch create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2022-48063.patch rename meta/recipes-graphics/xorg-lib/{libxpm_3.5.16.bb => libxpm_3.5.17.bb} (88%) create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-1916.patch create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-40745.patch -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#189399): https://lists.openembedded.org/g/openembedded-core/message/189399 Mute This Topic: https://lists.openembedded.org/mt/102041733/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
