From: Richard Purdie <richard.purdie@...> Update to a version of pseudo which includes a workaround for crazy long paths, as shown by the libfm failures from the libtool

From: Richard Purdie <richard.purdie@...> Everyone I've talked to doesn't see this as a major issue. The CVE asks for a documentation improvement on the --mirror option to git clone

From: Ralph Siemsen <ralph.siemsen@...> Malicious filenames can make xzgrep to write to arbitrary files or (with a GNU sed extension) lead to arbitrary code execution. Upstream-Status:

From: Ross Burton <ross@...> Signed-off-by: Ross Burton <ross.burton@...> Signed-off-by: Steve Sakoman <steve@...> --- .../zlib/zlib/CVE-2018-25032.patch | 347

From: Ralph Siemsen <ralph.siemsen@...> zgrep applied to a crafted file name with two or more newlines can no longer overwrite an arbitrary, attacker-selected file. Upstream-Status: Backport

From: Richard Purdie <richard.purdie@...> License change is a date in the license file only. This includes a fix for CVE-2022-0943. Signed-off-by: Richard Purdie

Please review this set of patches for dunfell and have comments back by end of day Tuesday. Passed a-full on autobuilder: https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3537 with

Richard Purdie <richard.purdie@...> escreveu no dia sábado, 16/04/2022 à(s) 11:26: Will it be a good idea to raise a warning and do another try for such cases? A timeout on socket seems to me that

<richard.purdie@...> wrote: These commits have been backported to 250-stable, released in 250.4, and we already carry that version

Yes, that could well be it :) Particularly when you read: https://github.com/systemd/systemd/issues/15316 Alex: Any thoughts? Cheers, Richard

the systemd issue could be this ? https://github.com/systemd/systemd/pull/22552/commits/de90700f36f2126528f7ce92df0b5b5d5e277558 Am 16.04.22 um 12:26 schrieb Richard Purdie:

From: Richard Purdie <richard.purdie@...> The license in this code is listed as MIT and whilst it is compatible with and usable as MIT, it actually looks like HPND. Clarify the

The following changes since commit 75e47b96d8cf82ec4a7fa3225c7fbb5b6ab62b02: webkitgtk: update to 2.32.4 (2022-04-07 14:40:14 +0800) are available in the Git repository at:

From: Richard Purdie <richard.purdie@...> The license in this code is listed as MIT and whilst it is compatible with and usable as MIT, it actually looks like HPND. Clarify the

The following changes since commit bcef80623f015c006778edee5cf40dad063e51db: wic: Use custom kernel path if provided (2022-03-15 23:00:09 +0800) are available in the Git repository at:

The following changes since commit aa2bb4f62dd7e5c6fdf220264c3d62fbf2cc7d16: xserver-xorg: update to 1.20.14 (2022-03-29 11:43:54 -1000) are available in the Git repository at:

From: Richard Purdie <richard.purdie@...> The license in this code is listed as MIT and whilst it is compatible with and usable as MIT, it actually looks like HPND. Clarify the

Sorry, please ignore this, should be prefixed with [dunfell] // Robert

From: Richard Purdie <richard.purdie@...> The license in this code is listed as MIT and whilst it is compatible with and usable as MIT, it actually looks like HPND. Clarify the

The following changes since commit aa2bb4f62dd7e5c6fdf220264c3d62fbf2cc7d16: xserver-xorg: update to 1.20.14 (2022-03-29 11:43:54 -1000) are available in the Git repository at: