[OE-core] [thud 00/18] thud pull request
Armin Kuster
akuster808 at gmail.com
Mon Dec 16 15:59:50 UTC 2019
Here are the next series for thud. Passed A-full
The following changes since commit cd7cf933b3235560ec71576d8f3836dff736a39f:
build-appliance-image: Update to thud head revision (2019-10-17 16:45:34 +0100)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/thud-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/thud-next
Armin Kuster (1):
linux-yocto/4.14: update to 4.14.154
Dan Tran (2):
tar: Fix CVE-2018-20482
sudo: Fix CVE-2019-14287
Jed (1):
at-spi2: fix dbus-daemon path
Khem Raj (1):
sdk: Install nativesdk locales for all TCLIBC variants
Ross Burton (12):
cve-check: backport rewrite from master
cve-check: ensure all known CVEs are in the report
cve-check: failure to parse versions should be more visible
cve-check: we don't actually need to unpack to check
cve-update-db-native: don't refresh more than once an hour
cve-update-db-native: don't hardcode the database name
cve-update-db-native: add an index on the CVE ID column
cve-update-db-native: clean up proxy handling
cve-check: rewrite look to fix false negatives
cve-check: neaten get_cve_info
cve-check: fetch CVE data once at a time instead of in a single call
glibc: finish incomplete fix for CVE-2016-10739
Shubham Agrawal (1):
libgcrypt: CVE-2019-12904
meta/classes/cve-check.bbclass | 181 ++--
meta/conf/distro/include/maintainers.inc | 1 +
meta/lib/oe/sdk.py | 4 -
meta/recipes-core/glibc/glibc-locale.inc | 3 +
meta/recipes-core/glibc/glibc-mtrace.inc | 3 +
meta/recipes-core/glibc/glibc-scripts.inc | 3 +
meta/recipes-core/glibc/glibc/CVE-2016-10739.patch | 910 ++++++++++++++++++++-
meta/recipes-core/meta/cve-update-db-native.bb | 185 +++++
.../cve-check-tool/cve-check-tool_5.6.4.bb | 62 --
...01-Fix-freeing-memory-allocated-by-sqlite.patch | 50 --
...ow-overriding-default-CA-certificate-file.patch | 215 -----
...ogress-in-percent-when-downloading-CVE-db.patch | 135 ---
...are-computed-vs-expected-sha256-digit-str.patch | 52 --
.../check-for-malloc_trim-before-using-it.patch | 51 --
.../sudo/sudo/CVE-2019-14287_p1.patch | 170 ++++
.../sudo/sudo/CVE-2019-14287_p2.patch | 98 +++
meta/recipes-extended/sudo/sudo_1.8.23.bb | 2 +
meta/recipes-extended/tar/tar/CVE-2018-20482.patch | 405 +++++++++
meta/recipes-extended/tar/tar_1.30.bb | 1 +
meta/recipes-kernel/linux/linux-yocto-rt_4.14.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto-tiny_4.14.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_4.14.bb | 20 +-
meta/recipes-support/atk/at-spi2-core_2.28.0.bb | 2 +-
.../libgcrypt/files/CVE-2019-12904_p1.patch | 176 ++++
.../libgcrypt/files/CVE-2019-12904_p2.patch | 330 ++++++++
meta/recipes-support/libgcrypt/libgcrypt_1.8.4.bb | 2 +
26 files changed, 2410 insertions(+), 663 deletions(-)
create mode 100644 meta/recipes-core/meta/cve-update-db-native.bb
delete mode 100644 meta/recipes-devtools/cve-check-tool/cve-check-tool_5.6.4.bb
delete mode 100644 meta/recipes-devtools/cve-check-tool/files/0001-Fix-freeing-memory-allocated-by-sqlite.patch
delete mode 100644 meta/recipes-devtools/cve-check-tool/files/0001-curl-allow-overriding-default-CA-certificate-file.patch
delete mode 100644 meta/recipes-devtools/cve-check-tool/files/0001-print-progress-in-percent-when-downloading-CVE-db.patch
delete mode 100644 meta/recipes-devtools/cve-check-tool/files/0001-update-Compare-computed-vs-expected-sha256-digit-str.patch
delete mode 100644 meta/recipes-devtools/cve-check-tool/files/check-for-malloc_trim-before-using-it.patch
create mode 100644 meta/recipes-extended/sudo/sudo/CVE-2019-14287_p1.patch
create mode 100644 meta/recipes-extended/sudo/sudo/CVE-2019-14287_p2.patch
create mode 100644 meta/recipes-extended/tar/tar/CVE-2018-20482.patch
create mode 100644 meta/recipes-support/libgcrypt/files/CVE-2019-12904_p1.patch
create mode 100644 meta/recipes-support/libgcrypt/files/CVE-2019-12904_p2.patch
--
2.7.4
More information about the Openembedded-core
mailing list