[dunfell 00/20] Patch review


Steve Sakoman
 

Please review this set of patches for dunfell and have comments back by end
of day Wednesday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3253

The following changes since commit 88c0290520c9e4982d25c20e783bd91eec016b52:

libusb1: correct SRC_URI (2022-02-07 04:40:13 -1000)

are available in the Git repository at:

git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Alexander Kanavin (1):
ruby: correctly set native/target dependencies

Bruce Ashfield (3):
linux-yocto/5.4: update to v5.4.173
linux-yocto/5.4: update to v5.4.176
linux-yocto/5.4: update to v5.4.178

Christian Eggers (1):
sdk: fix search for dynamic loader

Florian Amstutz (1):
devtool: deploy-target: Remove stripped binaries in pseudo context

Martin Beeger (1):
cmake: remove bogus CMAKE_LDFLAGS_FLAGS definition from toolchain file

Purushottam Choudhary (1):
freetype: add missing CVE tag CVE-2020-15999

Richard Purdie (1):
default-distrovars.inc: Switch connectivity check to a
yoctoproject.org page

Ross Burton (1):
lighttpd: backport a fix for CVE-2022-22707

Saul Wold (1):
recipetool: Fix circular reference in SRC_URI

Stefan Herbrechtsmeier (1):
cve-check: create directory of CVE_CHECK_MANIFEST before copy

Steve Sakoman (5):
expat: fix CVE-2022-23990
connman: fix CVE-2022-23096-7
connman: fix CVE-2022-23098
connman: fix CVE-2021-33833
wpa-supplicant: fix CVE-2022-23303-4

Sundeep KOKKONDA (1):
binutils: Fix CVE-2021-45078

bkylerussell@... (1):
rpm: fix intermittent compression failure in do_package_write_rpm

wangmy (1):
linux-firmware: upgrade 20211216 -> 20220209

meta/classes/cve-check.bbclass | 1 +
meta/classes/sanity.bbclass | 2 +-
.../distro/include/default-distrovars.inc | 2 +-
meta/files/toolchain-shar-relocate.sh | 2 +-
.../connman/connman/CVE-2021-33833.patch | 72 +++
.../connman/connman/CVE-2022-23096-7.patch | 121 ++++
.../connman/connman/CVE-2022-23098.patch | 50 ++
.../connman/connman_1.37.bb | 3 +
.../wpa-supplicant/CVE-2022-23303-4.patch | 609 ++++++++++++++++++
.../wpa-supplicant/wpa-supplicant_2.9.bb | 1 +
.../expat/expat/CVE-2022-23990.patch | 49 ++
meta/recipes-core/expat/expat_2.2.9.bb | 1 +
.../binutils/binutils-2.34.inc | 1 +
.../binutils/0001-CVE-2021-45078.patch | 257 ++++++++
.../cmake/cmake/OEToolchainConfig.cmake | 1 -
..._internal-mode-parsing-when-Tn-is-us.patch | 34 +
meta/recipes-devtools/rpm/rpm_4.14.2.1.bb | 1 +
meta/recipes-devtools/ruby/ruby.inc | 4 +-
...ix-out-of-bounds-OOB-write-fixes-313.patch | 100 +++
.../lighttpd/lighttpd_1.4.55.bb | 1 +
...-sfnt-Fix-heap-buffer-overflow-59308.patch | 3 +
...20211216.bb => linux-firmware_20220209.bb} | 4 +-
.../linux/linux-yocto-rt_5.4.bb | 6 +-
.../linux/linux-yocto-tiny_5.4.bb | 8 +-
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +-
scripts/lib/devtool/deploy.py | 2 +-
scripts/lib/recipetool/create.py | 2 +-
27 files changed, 1331 insertions(+), 28 deletions(-)
create mode 100644 meta/recipes-connectivity/connman/connman/CVE-2021-33833.patch
create mode 100644 meta/recipes-connectivity/connman/connman/CVE-2022-23096-7.patch
create mode 100644 meta/recipes-connectivity/connman/connman/CVE-2022-23098.patch
create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2022-23303-4.patch
create mode 100644 meta/recipes-core/expat/expat/CVE-2022-23990.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0001-CVE-2021-45078.patch
create mode 100644 meta/recipes-devtools/rpm/files/0001-rpmio-Fix-lzopen_internal-mode-parsing-when-Tn-is-us.patch
create mode 100644 meta/recipes-extended/lighttpd/lighttpd/0001-mod_extforward-fix-out-of-bounds-OOB-write-fixes-313.patch
rename meta/recipes-kernel/linux-firmware/{linux-firmware_20211216.bb => linux-firmware_20220209.bb} (99%)

--
2.25.1

Join openembedded-core@lists.openembedded.org to automatically receive all group messages.