| Message ID | cover.1672842927.git.steve@sakoman.com |
|---|---|
| State | Not Applicable, archived |
| Headers | show |
On Wed, Jan 4, 2023 at 3:36 PM Steve Sakoman <steve@sakoman.com> wrote: > The following changes since commit > ada5e64a97d5f269886772540e0bb0c324088b21: > > efibootmgr: update compilation with musl (2022-12-17 04:10:41 -1000) > > are available in the Git repository at: > > https://git.openembedded.org/openembedded-core-contrib > stable/kirkstone-next > > http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-next > > Alejandro Hernandez Samaniego (1): > baremetal-image: Avoid overriding qemu variables from IMAGE_CLASSES > > Alexander Kanavin (5): > libnewt: update 0.52.21 -> 0.52.23 > ruby: merge .inc into .bb > ruby: update 3.1.2 -> 3.1.3 > tzdata: update 2022d -> 2022g > devtool/upgrade: correctly handle recipes where S is a subdir of > upstream tree > > Bruce Ashfield (3): > linux-yocto/5.10: update to v5.10.152 > linux-yocto/5.10: update to v5.10.154 > linux-yocto/5.10: update to v5.10.160 > > Hitendra Prajapati (2): > systemd: CVE-2022-45873 deadlock in systemd-coredump via a crash with > a long backtrace > I'm a bit late, but this change seems to cause: | ../git/src/shared/elf-util.c: In function 'parse_elf_object': | ../git/src/shared/elf-util.c:792:27: error: void value not ignored as it ought to be | 792 | r = json_variant_dump(package_metadata, JSON_FORMAT_FLUSH, json_out, NULL); | | ^ I'm trying to find out why this isn't failing for you, it might be triggered with just some PACKAGECONFIG combination we have (we enable coredump, elfutils, oomd, cgroupv2).
On Wed, Jan 4, 2023 at 4:55 AM Martin Jansa <martin.jansa@gmail.com> wrote: > > On Wed, Jan 4, 2023 at 3:36 PM Steve Sakoman <steve@sakoman.com> wrote: >> >> The following changes since commit ada5e64a97d5f269886772540e0bb0c324088b21: >> >> efibootmgr: update compilation with musl (2022-12-17 04:10:41 -1000) >> >> are available in the Git repository at: >> >> https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-next >> http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-next >> >> Alejandro Hernandez Samaniego (1): >> baremetal-image: Avoid overriding qemu variables from IMAGE_CLASSES >> >> Alexander Kanavin (5): >> libnewt: update 0.52.21 -> 0.52.23 >> ruby: merge .inc into .bb >> ruby: update 3.1.2 -> 3.1.3 >> tzdata: update 2022d -> 2022g >> devtool/upgrade: correctly handle recipes where S is a subdir of >> upstream tree >> >> Bruce Ashfield (3): >> linux-yocto/5.10: update to v5.10.152 >> linux-yocto/5.10: update to v5.10.154 >> linux-yocto/5.10: update to v5.10.160 >> >> Hitendra Prajapati (2): >> systemd: CVE-2022-45873 deadlock in systemd-coredump via a crash with >> a long backtrace > > > I'm a bit late, but this change seems to cause: > > | ../git/src/shared/elf-util.c: In function 'parse_elf_object': > | ../git/src/shared/elf-util.c:792:27: error: void value not ignored as it ought to be > | 792 | r = json_variant_dump(package_metadata, JSON_FORMAT_FLUSH, json_out, NULL); > | | ^ > > I'm trying to find out why this isn't failing for you, it might be triggered with just some PACKAGECONFIG combination we have (we enable coredump, elfutils, oomd, cgroupv2). Just to be safe I will remove this from the pull request in stable/kirkstone-next but keep it in stable/kirkstone nut until you finish your investigation. Thanks for the review! Steve
The following changes since commit ada5e64a97d5f269886772540e0bb0c324088b21: efibootmgr: update compilation with musl (2022-12-17 04:10:41 -1000) are available in the Git repository at: https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-next http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-next Alejandro Hernandez Samaniego (1): baremetal-image: Avoid overriding qemu variables from IMAGE_CLASSES Alexander Kanavin (5): libnewt: update 0.52.21 -> 0.52.23 ruby: merge .inc into .bb ruby: update 3.1.2 -> 3.1.3 tzdata: update 2022d -> 2022g devtool/upgrade: correctly handle recipes where S is a subdir of upstream tree Bruce Ashfield (3): linux-yocto/5.10: update to v5.10.152 linux-yocto/5.10: update to v5.10.154 linux-yocto/5.10: update to v5.10.160 Hitendra Prajapati (2): systemd: CVE-2022-45873 deadlock in systemd-coredump via a crash with a long backtrace libX11: CVE-2022-3554 & CVE-2022-3555 Fix memory leak Jagadeesh Krishnanjanappa (1): qemuboot.bbclass: make sure runqemu boots bundled initramfs kernel image Joshua Watt (1): classes/create-spdx: Add SPDX_PRETTY option Kai Kang (1): webkitgtk: 2.36.7 -> 2.36.8 Martin Jansa (1): libxml2: fix test data checksums Ovidiu Panait (1): kernel.bbclass: remove empty module directories to prevent QA issues Quentin Schulz (1): cairo: update patch for CVE-2019-6461 with upstream solution Randy MacLeod (1): valgrind: skip the boost_thread test on arm Ranjitsinh Rathod (3): curl: Correct LICENSE from MIT-open-group to curl curl: Add patch to fix CVE-2022-43551 curl: Add patch to fix CVE-2022-43552 Richard Purdie (1): oeqa/concurrencytest: Add number of failures to summary output Robert Andersson (1): go-crosssdk: avoid host contamination by GOCACHE Ross Burton (1): libepoxy: remove upstreamed patch Vivek Kumbhar (1): sqlite: fix CVE-2022-46908 safe mode authorizer callback allows disallowed UDFs. Wang Mingyu (2): libpng: upgrade 1.6.38 -> 1.6.39 gstreamer1.0: upgrade 1.20.4 -> 1.20.5 Xiangyu Chen (1): openssh: remove RRECOMMENDS to rng-tools for sshd package Yash.Shinde@windriver.com (1): binutils : Fix CVE-2022-4285 meta/classes/baremetal-image.bbclass | 11 ++ meta/classes/create-spdx.bbclass | 22 +++- meta/classes/kernel.bbclass | 4 +- meta/classes/qemuboot.bbclass | 3 +- meta/lib/oe/sbom.py | 4 +- meta/lib/oeqa/core/utils/concurrencytest.py | 4 +- .../openssh/openssh_8.9p1.bb | 10 +- meta/recipes-core/libxml/libxml2_2.9.14.bb | 4 +- .../systemd/systemd/CVE-2022-45873.patch | 124 ++++++++++++++++++ meta/recipes-core/systemd/systemd_250.5.bb | 1 + .../binutils/binutils-2.38.inc | 1 + .../binutils/0019-CVE-2022-4285.patch | 37 ++++++ meta/recipes-devtools/go/go-crosssdk.inc | 2 + meta/recipes-devtools/ruby/ruby.inc | 39 ------ ...001-Remove-dependency-on-libcapstone.patch | 36 ----- .../ruby/{ruby_3.1.2.bb => ruby_3.1.3.bb} | 48 ++++++- .../valgrind/valgrind/remove-for-aarch64 | 1 + .../0001-detect-gold-as-GNU-linker-too.patch | 14 +- ...-t-ignore-CFLAGS-when-building-snack.patch | 29 ---- ...{libnewt_0.52.21.bb => libnewt_0.52.23.bb} | 4 +- meta/recipes-extended/timezone/timezone.inc | 7 +- .../cairo/cairo/CVE-2019-6461.patch | 35 ++++- ...atch_common.h-define-also-EGL_NO_X11.patch | 27 ---- .../libepoxy/libepoxy_1.5.10.bb | 4 +- .../xorg-lib/libx11/CVE-2022-3554.patch | 58 ++++++++ .../xorg-lib/libx11/CVE-2022-3555.patch | 40 ++++++ .../xorg-lib/libx11_1.7.3.1.bb | 2 + .../linux/linux-yocto-rt_5.10.bb | 6 +- .../linux/linux-yocto-tiny_5.10.bb | 8 +- meta/recipes-kernel/linux/linux-yocto_5.10.bb | 24 ++-- ...tools_1.20.4.bb => gst-devtools_1.20.5.bb} | 2 +- ...1.20.4.bb => gstreamer1.0-libav_1.20.5.bb} | 2 +- ...x_1.20.4.bb => gstreamer1.0-omx_1.20.5.bb} | 2 +- ....bb => gstreamer1.0-plugins-bad_1.20.5.bb} | 2 +- ...bb => gstreamer1.0-plugins-base_1.20.5.bb} | 2 +- ...bb => gstreamer1.0-plugins-good_1.20.5.bb} | 2 +- ...bb => gstreamer1.0-plugins-ugly_1.20.5.bb} | 2 +- ....20.4.bb => gstreamer1.0-python_1.20.5.bb} | 2 +- ....bb => gstreamer1.0-rtsp-server_1.20.5.bb} | 2 +- ...1.20.4.bb => gstreamer1.0-vaapi_1.20.5.bb} | 2 +- ...er1.0_1.20.4.bb => gstreamer1.0_1.20.5.bb} | 2 +- .../{libpng_1.6.38.bb => libpng_1.6.39.bb} | 2 +- ...ebkitgtk_2.36.7.bb => webkitgtk_2.36.8.bb} | 4 +- .../curl/curl/CVE-2022-43551.patch | 35 +++++ .../curl/curl/CVE-2022-43552.patch | 80 +++++++++++ meta/recipes-support/curl/curl_7.82.0.bb | 4 +- .../sqlite/files/CVE-2022-46908.patch | 39 ++++++ meta/recipes-support/sqlite/sqlite3_3.38.5.bb | 1 + scripts/lib/devtool/standard.py | 19 +-- scripts/lib/devtool/upgrade.py | 18 ++- 50 files changed, 595 insertions(+), 238 deletions(-) create mode 100644 meta/recipes-core/systemd/systemd/CVE-2022-45873.patch create mode 100644 meta/recipes-devtools/binutils/binutils/0019-CVE-2022-4285.patch delete mode 100644 meta/recipes-devtools/ruby/ruby.inc delete mode 100644 meta/recipes-devtools/ruby/ruby/0001-Remove-dependency-on-libcapstone.patch rename meta/recipes-devtools/ruby/{ruby_3.1.2.bb => ruby_3.1.3.bb} (68%) delete mode 100644 meta/recipes-extended/newt/files/0002-don-t-ignore-CFLAGS-when-building-snack.patch rename meta/recipes-extended/newt/{libnewt_0.52.21.bb => libnewt_0.52.23.bb} (87%) delete mode 100644 meta/recipes-graphics/libepoxy/files/0001-dispatch_common.h-define-also-EGL_NO_X11.patch create mode 100644 meta/recipes-graphics/xorg-lib/libx11/CVE-2022-3554.patch create mode 100644 meta/recipes-graphics/xorg-lib/libx11/CVE-2022-3555.patch rename meta/recipes-multimedia/gstreamer/{gst-devtools_1.20.4.bb => gst-devtools_1.20.5.bb} (95%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-libav_1.20.4.bb => gstreamer1.0-libav_1.20.5.bb} (91%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-omx_1.20.4.bb => gstreamer1.0-omx_1.20.5.bb} (95%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-bad_1.20.4.bb => gstreamer1.0-plugins-bad_1.20.5.bb} (98%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-base_1.20.4.bb => gstreamer1.0-plugins-base_1.20.5.bb} (97%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-good_1.20.4.bb => gstreamer1.0-plugins-good_1.20.5.bb} (97%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-ugly_1.20.4.bb => gstreamer1.0-plugins-ugly_1.20.5.bb} (94%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-python_1.20.4.bb => gstreamer1.0-python_1.20.5.bb} (91%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-rtsp-server_1.20.4.bb => gstreamer1.0-rtsp-server_1.20.5.bb} (90%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-vaapi_1.20.4.bb => gstreamer1.0-vaapi_1.20.5.bb} (95%) rename meta/recipes-multimedia/gstreamer/{gstreamer1.0_1.20.4.bb => gstreamer1.0_1.20.5.bb} (97%) rename meta/recipes-multimedia/libpng/{libpng_1.6.38.bb => libpng_1.6.39.bb} (93%) rename meta/recipes-sato/webkit/{webkitgtk_2.36.7.bb => webkitgtk_2.36.8.bb} (97%) create mode 100644 meta/recipes-support/curl/curl/CVE-2022-43551.patch create mode 100644 meta/recipes-support/curl/curl/CVE-2022-43552.patch create mode 100644 meta/recipes-support/sqlite/files/CVE-2022-46908.patch