[hardknott,12/14] vim: update to include latest CVE fixes

Message ID	1ef8e3ec21b32d6d3654319561b24b8b1ce63243.1645106980.git.anuj.mittal@intel.com
State	Accepted, archived
Commit	1ef8e3ec21b32d6d3654319561b24b8b1ce63243
Headers	show Return-Path: <anuj.mittal@intel.com> ip: 134.134.136.24, mailfrom: anuj.mittal@intel.com) From: Anuj Mittal <anuj.mittal@intel.com> To: openembedded-core@lists.openembedded.org Subject: [hardknott][PATCH 12/14] vim: update to include latest CVE fixes Date: Thu, 17 Feb 2022 22:18:21 +0800 Message-Id: <1ef8e3ec21b32d6d3654319561b24b8b1ce63243.1645106980.git.anuj.mittal@intel.com> In-Reply-To: <cover.1645106980.git.anuj.mittal@intel.com> References: <cover.1645106980.git.anuj.mittal@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[hardknott,01/14] sdk: fix search for dynamic loader \| expand [hardknott,01/14] sdk: fix search for dynamic loader [hardknott,02/14] glibc: upgrade glibc-2.33 to latest version [hardknott,03/14] recipetool: Fix circular reference in SRC_URI [hardknott,04/14] scripts/runqemu-ifdown: Don't treat the last iptables command as special [hardknott,05/14] cve-check: create directory of CVE_CHECK_MANIFEST before copy [hardknott,06/14] linux-yocto/5.10: update to v5.10.96 [hardknott,07/14] default-distrovars.inc: Switch connectivity check to a yoctoproject.org page [hardknott,08/14] linux-yocto/5.10: update to v5.10.99 [hardknott,09/14] linux-yocto/5.4: update to v5.4.173 [hardknott,10/14] linux-yocto/5.4: update to v5.4.176 [hardknott,11/14] linux-yocto/5.4: update to v5.4.178 [hardknott,12/14] vim: update to include latest CVE fixes [hardknott,13/14] vim: upgrade to patch 4269 [hardknott,14/14] runtime_test: skip virgl test on fedora 34

Message ID

1ef8e3ec21b32d6d3654319561b24b8b1ce63243.1645106980.git.anuj.mittal@intel.com

State

Accepted, archived

Commit

1ef8e3ec21b32d6d3654319561b24b8b1ce63243

Headers

From: Anuj Mittal <anuj.mittal@intel.com>
To: openembedded-core@lists.openembedded.org
Subject: [hardknott][PATCH 12/14] vim: update to include latest CVE fixes
Date: Thu, 17 Feb 2022 22:18:21 +0800
Message-Id: 
 <1ef8e3ec21b32d6d3654319561b24b8b1ce63243.1645106980.git.anuj.mittal@intel.com>
In-Reply-To: <cover.1645106980.git.anuj.mittal@intel.com>
References: <cover.1645106980.git.anuj.mittal@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[hardknott,01/14] sdk: fix search for dynamic loader | expand

Commit Message

Mittal, Anuj Feb. 17, 2022, 2:18 p.m. UTC

From: Ross Burton <ross@burtonini.com>

Update the version to 4.2.4118, which incorporates the following CVE
fixes:

- CVE-2021-4187
- CVE-2022-0128
- CVE-2022-0156
- CVE-2022-0158

Also remove the explicit whitelisting of CVE-2021-3968 as this is now
handled with an accurate CPE specifying the fixed version.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 764519ad0da6b881918667ca272fcc273b56168a)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-support/vim/vim.inc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc
index 7174d818ff..0be75b6306 100644
--- a/meta/recipes-support/vim/vim.inc
+++ b/meta/recipes-support/vim/vim.inc
@@ -20,8 +20,8 @@  SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \
            file://racefix.patch \
 "
 
-PV .= ".3752"
-SRCREV = "8603be338ac810446f23c092f21bc6082f787519"
+PV .= ".4118"
+SRCREV = "0023f82a76cf43a12b41e71f97a2e860d0444e1b"
 
 # Do not consider .z in x.y.z, as that is updated with every commit
 UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+\.\d+)\.0"

[hardknott,12/14] vim: update to include latest CVE fixes

Commit Message

Patch