[kirkstone,00/15] Patch review

Message ID	cover.1683386547.git.steve@sakoman.com
State	New, archived
Headers	show Return-Path: <steve@sakoman.com> ip: 209.85.215.179, mailfrom: steve@sakoman.com) From: Steve Sakoman <steve@sakoman.com> To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 00/15] Patch review Date: Sat, 6 May 2023 05:24:30 -1000 Message-Id: <cover.1683386547.git.steve@sakoman.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit

Message ID

cover.1683386547.git.steve@sakoman.com

State

New, archived

Headers

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 00/15] Patch review
Date: Sat,  6 May 2023 05:24:30 -1000
Message-Id: <cover.1683386547.git.steve@sakoman.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Message

Steve Sakoman May 6, 2023, 3:24 p.m. UTC

Please review this set of patches for kirkstone and have comments back by
end of day Tuesday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5269

The following changes since commit 2d67702bdfc64358d364dd6484ae41842ee7c52f:

  glibc: stable 2.35 branch updates. (2023-04-28 03:55:33 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Arturo Buzarra (1):
  run-postinsts: Set dependency for ldconfig to avoid boot issues

Deepthi Hemraj (4):
  binutils : Fix CVE-2023-25584
  binutils : Fix CVE-2023-25585
  binutils : Fix CVE-2023-1972
  binutils : Fix CVE-2023-25588

Hitendra Prajapati (1):
  connman: fix CVE-2023-28488 DoS in client.c

Kai Kang (1):
  webkitgtk: fix CVE-2022-32888 & CVE-2022-32923

Narpat Mali (2):
  ffmpeg: fix for CVE-2022-48434
  python3-cryptography: fix for CVE-2023-23931

Randolph Sapp (2):
  wic/bootimg-efi: if fixed-size is set then use that for mkdosfs
  kernel-devicetree: allow specification of dtb directory

Ranjitsinh Rathod (1):
  libbsd: Add correct license for all packages

Shubham Kulkarni (1):
  go: Security fix for CVE-2023-24538

Vivek Kumbhar (2):
  freetype: fix CVE-2023-2004 integer overflowin in
    tt_hvadvance_adjust() in src/truetype/ttgxvar.c
  go: fix CVE-2023-24534 denial of service from excessive memory
    allocation

 meta/classes/kernel-devicetree.bbclass        |  22 +-
 meta/classes/kernel.bbclass                   |   2 +
 .../connman/connman/CVE-2023-28488.patch      |  60 ++
 .../connman/connman_1.41.bb                   |   1 +
 .../binutils/binutils-2.38.inc                |   6 +
 .../binutils/0022-CVE-2023-25584-1.patch      |  56 ++
 .../binutils/0022-CVE-2023-25584-2.patch      |  38 ++
 .../binutils/0022-CVE-2023-25584-3.patch      | 534 ++++++++++++++++++
 .../binutils/0023-CVE-2023-25585.patch        |  54 ++
 .../binutils/0025-CVE-2023-25588.patch        | 147 +++++
 .../binutils/0026-CVE-2023-1972.patch         |  41 ++
 meta/recipes-devtools/go/go-1.17.13.inc       |   2 +
 .../go/go-1.18/CVE-2023-24534.patch           | 200 +++++++
 .../go/go-1.18/CVE-2023-24538.patch           | 208 +++++++
 .../python3-cryptography/CVE-2023-23931.patch |  49 ++
 .../python/python3-cryptography_36.0.2.bb     |   1 +
 .../run-postinsts/run-postinsts.service       |   2 +-
 .../freetype/freetype/CVE-2023-2004.patch     |  41 ++
 .../freetype/freetype_2.11.1.bb               |   1 +
 .../ffmpeg/ffmpeg/CVE-2022-48434.patch        | 130 +++++
 .../recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb |   3 +-
 .../webkit/webkitgtk/CVE-2022-32888.patch     |  41 ++
 .../webkit/webkitgtk/CVE-2022-32923.patch     | 435 ++++++++++++++
 meta/recipes-sato/webkit/webkitgtk_2.36.8.bb  |   2 +
 meta/recipes-support/libbsd/libbsd_0.11.5.bb  |   7 +
 scripts/lib/wic/plugins/source/bootimg-efi.py |   7 +
 26 files changed, 2083 insertions(+), 7 deletions(-)
 create mode 100644 meta/recipes-connectivity/connman/connman/CVE-2023-28488.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0022-CVE-2023-25584-1.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0022-CVE-2023-25584-2.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0022-CVE-2023-25584-3.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0023-CVE-2023-25585.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0025-CVE-2023-25588.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0026-CVE-2023-1972.patch
 create mode 100644 meta/recipes-devtools/go/go-1.18/CVE-2023-24534.patch
 create mode 100644 meta/recipes-devtools/go/go-1.18/CVE-2023-24538.patch
 create mode 100644 meta/recipes-devtools/python/python3-cryptography/CVE-2023-23931.patch
 create mode 100644 meta/recipes-graphics/freetype/freetype/CVE-2023-2004.patch
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2022-48434.patch
 create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2022-32888.patch
 create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2022-32923.patch

[kirkstone,00/15] Patch review

Pull-request

Message