[honister,10/13] vim: update to include latest CVE fixes

Message ID	10e6043aa5a11675127760097580b78a8cac4515.1643113252.git.anuj.mittal@intel.com
State	Accepted, archived
Commit	10e6043aa5a11675127760097580b78a8cac4515
Headers	show Return-Path: <anuj.mittal@intel.com> ip: 134.134.136.31, mailfrom: anuj.mittal@intel.com) From: Anuj Mittal <anuj.mittal@intel.com> To: openembedded-core@lists.openembedded.org Subject: [honister][PATCH 10/13] vim: update to include latest CVE fixes Date: Tue, 25 Jan 2022 21:46:04 +0800 Message-Id: <10e6043aa5a11675127760097580b78a8cac4515.1643113252.git.anuj.mittal@intel.com> In-Reply-To: <cover.1643113252.git.anuj.mittal@intel.com> References: <cover.1643113252.git.anuj.mittal@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[honister,01/13] pigz: fix one failure of command "unpigz -l" \| expand [honister,01/13] pigz: fix one failure of command "unpigz -l" [honister,02/13] socat: update SRC_URI [honister,03/13] linux-yocto/5.10: amdgpu: updates for CVE-2021-42327 [honister,04/13] linux-yocto/5.10: update to v5.10.91 [honister,05/13] bootchart2: Add missing python3-math dependency [honister,06/13] speex: fix CVE-2020-23903 [honister,07/13] expat: upgrade 2.4.1 -> 2.4.2 [honister,08/13] expat: Upgrade 2.4.2 -> 2.4.3 [honister,09/13] vim: upgrade to 8.2 patch 3752 [honister,10/13] vim: update to include latest CVE fixes [honister,11/13] lighttpd: backport a fix for CVE-2022-22707 [honister,12/13] glibc : Fix CVE-2022-23218 [honister,13/13] glibc : Fix CVE-2022-23219

Message ID

10e6043aa5a11675127760097580b78a8cac4515.1643113252.git.anuj.mittal@intel.com

State

Accepted, archived

Commit

10e6043aa5a11675127760097580b78a8cac4515

Headers

From: Anuj Mittal <anuj.mittal@intel.com>
To: openembedded-core@lists.openembedded.org
Subject: [honister][PATCH 10/13] vim: update to include latest CVE fixes
Date: Tue, 25 Jan 2022 21:46:04 +0800
Message-Id: 
 <10e6043aa5a11675127760097580b78a8cac4515.1643113252.git.anuj.mittal@intel.com>
In-Reply-To: <cover.1643113252.git.anuj.mittal@intel.com>
References: <cover.1643113252.git.anuj.mittal@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[honister,01/13] pigz: fix one failure of command "unpigz -l" | expand

Commit Message

Mittal, Anuj Jan. 25, 2022, 1:46 p.m. UTC

From: Ross Burton <ross@burtonini.com>

Update the version to 4.2.4118, which incorporates the following CVE
fixes:

- CVE-2021-4187
- CVE-2022-0128
- CVE-2022-0156
- CVE-2022-0158

Also remove the explicit whitelisting of CVE-2021-3968 as this is now
handled with an accurate CPE specifying the fixed version.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 764519ad0da6b881918667ca272fcc273b56168a)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-support/vim/vim.inc | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc
index 0ddf95ab72..d68fade26a 100644
--- a/meta/recipes-support/vim/vim.inc
+++ b/meta/recipes-support/vim/vim.inc
@@ -20,15 +20,12 @@  SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \
            file://racefix.patch \
            "
 
-PV .= ".3752"
-SRCREV = "8603be338ac810446f23c092f21bc6082f787519"
+PV .= ".4118"
+SRCREV = "0023f82a76cf43a12b41e71f97a2e860d0444e1b"
 
 # Do not consider .z in x.y.z, as that is updated with every commit
 UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+\.\d+)\.0"
 
-# CVE-2021-3968 is related to an issue which was introduced after 8.2, this can be removed after 8.3.
-CVE_CHECK_WHITELIST += "CVE-2021-3968"
-
 S = "${WORKDIR}/git"
 
 VIMDIR = "vim${@d.getVar('PV').split('.')[0]}${@d.getVar('PV').split('.')[1]}"

[honister,10/13] vim: update to include latest CVE fixes

Commit Message

Patch