diff options
author | Patrick Williams <patrick@stwcx.xyz> | 2023-05-04 05:37:45 +0300 |
---|---|---|
committer | Patrick Williams <patrick@stwcx.xyz> | 2023-05-04 05:38:27 +0300 |
commit | 841583d6ba5918b60868b708ff0b89cf0409efa7 (patch) | |
tree | 49e155d7d6c2ea5a7081fc4dcbc51cb0a522e120 /meta-openpower | |
parent | 61a2d43a172b70aa34fd7ec33fc048a211fa5c4c (diff) | |
download | openbmc-841583d6ba5918b60868b708ff0b89cf0409efa7.tar.xz |
subtree updates
poky: 90a6f6a110..a631bfc3a3:
Alban Bedel (1):
systemd: Fix systemd when used with busybox less
Alex Kiernan (1):
openssl: upgrade 1.1.1q to 1.1.1s
Alexander Kanavin (12):
tzdata: update to 2022d
linux-firmware: upgrade 20220913 -> 20221012
tzdata: update 2022d -> 2022g
linux-firmware: upgrade 20221109 -> 20221214
selftest/virgl: use pkg-config from the host
oeqa/qemurunner: do not use Popen.poll() when terminating runqemu with a signal
vim: update 9.0.1211 -> 9.0.1293 to resolve open CVEs
linux-firmware: upgrade 20221214 -> 20230117
linux-firmware: upgrade 20230117 -> 20230210
wireless-regdb: upgrade 2022.08.12 -> 2023.02.13
apr: update 1.7.0 -> 1.7.2
apr-util: update 1.6.1 -> 1.6.3
Alexey Smirnov (1):
classes: make TOOLCHAIN more permissive for kernel
Andrej Valek (1):
libarchive: fix CVE-2022-26280
Antonin Godard (2):
busybox: always start do_compile with orig config files
busybox: rm temporary files if do_compile was interrupted
Bartosz Golaszewski (1):
bluez5: add dbus to RDEPENDS
Benoît Mauduit (1):
lib/oe/reproducible: Use git log without gpg signature
Bhabu Bindu (4):
libxml2: Fix CVE-2022-40303
libxml2: Fix CVE-2022-40304
ffmpeg: Fix CVE-2022-3109
ffmpeg: fix for CVE-2022-3341
Bruce Ashfield (12):
linux-yocto/5.4: update to v5.4.216
linux-yocto/5.4: update to v5.4.219
linux-yocto/5.4: update to v5.4.221
linux-yocto/5.4: update to v5.4.224
linux-yocto/5.4: update to v5.4.225
linux-yocto/5.4: update to v5.4.228
linux-yocto/5.4: update to v5.4.229
linux-yocto/5.4: update to v5.4.230
linux-yocto/5.4: update to v5.4.231
linux-yocto/5.4: update to v5.4.233
linux-yocto/5.4: update to v5.4.234
linux-yocto/5.4: update to v5.4.237
Changqing Li (1):
base.bbclass: Fix way to check ccache path
Charlie Davies (1):
bitbake: bitbake: fetch/git: use shlex.quote() to support spaces in SRC_URI url
Chee Yang Lee (6):
libksba: fix CVE-2022-47629
tiff: fix multiple CVEs
ghostscript: add CVE tag for check-stack-limits-after-function-evalution.patch
libksba: fix CVE-2022-3515
qemu: fix multple CVEs
git: ignore CVE-2023-22743
Chen Qi (3):
kernel.bbclass: make KERNEL_DEBUG_TIMESTAMPS work at rebuild
psplash: consider the situation of psplash not exist for systemd
bc: extend to nativesdk
Christoph Lauer (1):
populate_sdk_base: add zip options
Daniel McGregor (1):
coreutils: add openssl PACKAGECONFIG
Dmitry Baryshkov (3):
linux-firmware: upgrade 20221012 -> 20221109
linux-firmware: properly set license for all Qualcomm firmware
linux-firmware: add yamato fw files to qcom-adreno-a2xx package
Frank de Brabander (1):
cve-update-db-native: add timeout to urlopen() calls
Gaurav Gupta (1):
qemu: fix build error introduced by CVE-2021-3929 fix
Geoffrey GIRY (1):
cve-check: Fix false negative version issue
Harald Seiler (1):
opkg: Set correct info_dir and status_file in opkg.conf
Hitendra Prajapati (21):
dhcp: Fix CVE-2022-2928 & CVE-2022-2929
qemu: CVE-2021-3750 hcd-ehci: DMA reentrancy issue leads to use-after-free
golang: CVE-2022-2880 ReverseProxy should not forward unparseable query parameters
libX11: CVE-2022-3554 Fix memory leak
bluez: CVE-2022-3637 A DoS exists in monitor/jlink.c
sudo: CVE-2022-43995 heap-based overflow with very small passwords
libarchive: CVE-2022-36227 NULL pointer dereference in archive_write.c
sysstat: fix CVE-2022-39377
golang: CVE-2022-41715 regexp/syntax: limit memory used by parsing regexps
grub2: CVE-2022-28735 shim_lock verifier allows non-kernel files to be loaded
grub2: Fix CVE-2022-2601 & CVE-2022-3775
xserver-xorg: Fix Multiple CVEs
git: CVE-2022-23521 gitattributes parsing integer overflow
curl: fix CVE-2022-43552 Use-after-free triggered by an HTTP proxy deny response
QEMU: CVE-2022-4144 QXL: qxl_phys2virt unsafe address translation can lead to out-of-bounds read
curl: CVE-2023-23916 HTTP multi-header compression denial of service
qemu: fix compile error which imported by CVE-2022-4144
ruby: CVE-2023-28756 ReDoS vulnerability in Time
curl: CVE-2023-27534 SFTP path ~ resolving discrepancy
curl: CVE-2023-27538 fix SSH connection too eager reuse
screen: CVE-2023-24626 allows sending SIGHUP to arbitrary PIDs
Hugo SIMELIERE (2):
bluez5: Exclude CVE-2022-39177 from cve-check
openssl: upgrade 1.1.1s to 1.1.1t
Jagadeesh Krishnanjanappa (1):
qemuboot.bbclass: make sure runqemu boots bundled initramfs kernel image
Jan Kircher (1):
toolchain-scripts: compatibility with unbound variable protection
Jermain Horsman (1):
cve-check: write the cve manifest to IMGDEPLOYDIR
John Edward Broadbent (1):
externalsrc: git submodule--helper list unsupported
Joshua Watt (6):
sudo: Use specific BSD license variant
classes/create-spdx: Backport
classes/package: Add extended packaged data
licenses: Add GPL+ licenses to map
create-spdx: Use gzip for compression
classes/package: Use gzip for extended package data
Kenfe-Mickael Laventure (3):
buildtools-tarball: Handle spaces within user $PATH
toolchain-scripts: Handle spaces within user $PATH
populate_sdk_ext: Handle spaces within user $PATH
Khem Raj (3):
libtirpc: Check if file exists before operating on it
apr: Use correct strerror_r implementation based on libc type
apr: Cache configure tests which use AC_TRY_RUN
Lee Chee Yang (1):
dropbear: fix CVE-2021-36369
Luis (1):
rm_work.bbclass: use HOSTTOOLS 'rm' binary exclusively
Manuel Leonhardt (1):
sstate: Account for reserved characters when shortening sstate filenames
Marek Vasut (2):
bitbake: fetch2/git: Prevent git fetcher from fetching gitlab repository metadata
bitbake: fetch2/git: Clarify the meaning of namespace
Marta Rybczynska (1):
cve-update-db-native: avoid incomplete updates
Martin Jansa (3):
externalsrc.bbclass: fix git repo detection
meta: remove True option to getVar and getVarFlag calls (again)
bmap-tools: switch to main branch
Mathieu Dubois-Briand (1):
curl: Fix CVE CVE-2022-35260
Mauro Queiros (1):
image.bbclass: print all QA functions exceptions
Michael Halstead (1):
uninative: Upgrade to 3.7 to work with glibc 2.36
Michael Opdenacker (4):
dev-manual: update session about multiconfig
ref-manual: document SSTATE_EXCLUDEDEPS_SYSROOT
profile-manual: update WireShark hyperlinks
overview-manual: update patchwork instance URL
Mike Crowe (1):
kernel: improve transformation from KERNEL_IMAGETYPE_FOR_MAKE
Mikko Rapeli (2):
oeqa context.py: fix --target-ip comment to include ssh port number
oeqa rtc.py: skip if read-only-rootfs
Ming Liu (1):
linux: inherit pkgconfig in kernel.bbclass
Minjae Kim (2):
xserver-xorg: backport fixes for CVE-2022-3550, CVE-2022-3551 and CVE-2022-3553
ppp: fix CVE-2022-4603
Nikhil R (1):
openssl: Fix CVE-2023-0464
Niko Mauno (2):
systemd: Consider PACKAGECONFIG in RRECOMMENDS
Fix missing leading whitespace with ':append'
Omkar (2):
dbus: upgrade 1.12.22 -> 1.12.24
python3: Fix CVE-2022-45061
Omkar Patil (3):
sudo: Fix CVE-2023-22809
openssl: Fix CVE-2023-0465
openssl: Fix CVE-2023-0466
Paul Eggleton (1):
classes/kernel-fitimage: add ability to add additional signing options
Pavel Zhukov (1):
oeqa/rpm.py: Increase timeout and add debug output
Pawan Badganchi (1):
python3: Fix CVE-2022-37454
Pawel Zalewski (1):
classes/fs-uuid: Fix command output decoding issue
Peter Kjellerstedt (2):
externalsrc.bbclass: Remove a trailing slash from ${B}
devshell: Do not add scripts/git-intercept to PATH
Peter Marko (2):
externalsrc: fix lookup for .gitmodules
go: ignore CVE-2022-41716
Piotr Łobacz (1):
systemd: fix wrong nobody-group assignment
Qiu, Zheng (1):
vim: upgrade 9.0.0820 -> 9.0.0947
Quentin Schulz (2):
cairo: update patch for CVE-2019-6461 with upstream solution
cairo: fix CVE patches assigned wrong CVE number
Ralph Siemsen (11):
golang: fix CVE-2021-33195
golang: fix CVE-2021-33198
golang: fix CVE-2021-44716
golang: fix CVE-2022-24291
golang: fix CVE-2022-28131
golang: fix CVE-2022-28327
golang: ignore CVE-2022-29804
golang: ignore CVE-2021-33194
golang: ignore CVE-2021-41772
golang: ignore CVE-2022-30580
golang: ignore CVE-2022-30630
Randy MacLeod (2):
vim: upgrade 9.0.0947 -> 9.0.1211
vim: upgrade 9.0.1403 -> 9.0.1429
Ranjitsinh Rathod (3):
expat: Fix CVE-2022-43680 for expat
systemd: Fix CVE-2022-3821 issue
libsdl2: Add fix for CVE-2022-4743
Ravula Adhitya Siddartha (1):
linux-yocto/5.4: update genericx86* machines to v5.4.219
Richard Purdie (28):
bitbake: tests/fetch: Allow handling of a file:// url within a submodule
qemu: Avoid accidental librdmacm linkage
build-appliance-image: Update to dunfell head revision
bitbake: utils: Handle lockfile filenames that are too long for filesystems
bitbake: utils: Fix lockfile path length issues
build-appliance-image: Update to dunfell head revision
oeqa/selftest/tinfoil: Add test for separate config_data with recipe_parse_file()
build-appliance-image: Update to dunfell head revision
build-appliance-image: Update to dunfell head revision
bitbake: runqueue: Fix multiconfig deferred task sstate validity caching issue
bitbake: runqueue: Handle deferred task rehashing in multiconfig builds
bitbake: runqueue: Improve multiconfig deferred task issues
bitbake: runqueue: Avoid deadlock avoidance task graph corruption
bitbake: runqueue: Fix issues with multiconfig deferred task deadlock messages
bitbake: runqueue: Ensure deferred tasks are sorted by multiconfig
bitbake: cooker: Drop sre_constants usage
nativesdk: Handle chown/chgrp calls in nativesdk do_install tasks
make-mod-scripts: Ensure kernel build output is deterministic
libc-locale: Fix on target locale generation
apr: Fix to work with autoconf 2.70
apr-util: Fix CFLAGS used in build
oeqa/selftest/prservice: Improve debug output for failure
build-appliance-image: Update to dunfell head revision
staging: Separate out different multiconfig manifests
staging/multilib: Fix manifest corruption
glibc: Add missing binutils dependency
base-files: Drop localhost.localdomain from hosts file
pybootchartui: Fix python syntax issue
Riyaz Khan (1):
rpm: Fix rpm CVE CVE-2021-3521
Robert Andersson (1):
go-crosssdk: avoid host contamination by GOCACHE
Rodolfo Quesada Zumbado (1):
tar: CVE-2022-48303
Ross Burton (14):
sanity: check for GNU tar specifically
pixman: backport fix for CVE-2022-44638
lib/buildstats: fix parsing of trees with reduced_proc_pressure directories
bitbake: bb/utils: include SSL certificate paths in export_proxies
cve-update-db-native: add more logging when fetching
cve-update-db-native: show IP on failure
quilt: fix intermittent failure in faildiff.test
quilt: use upstreamed faildiff.test fix
git: ignore CVE-2022-41953
shadow: ignore CVE-2016-15024
vim: add missing pkgconfig inherit
vim: upgrade to 9.0.1403
vim: set modified-by to the recipe MAINTAINER
lib/resulttool: fix typo breaking resulttool log --ptest
Shubham Kulkarni (5):
glibc: Security fix for CVE-2023-0687
go-runtime: Security fix for CVE-2022-41723
go-runtime: Security fix for CVE-2022-41722
go: Security fix for CVE-2020-29510
go: Ignore CVE-2022-1705
Siddharth Doshi (1):
harfbuzz: Security fix for CVE-2023-25193
Steve Sakoman (30):
selftest: skip virgl test on ubuntu 22.04
qemu: Avoid accidental libvdeplug linkage
qemu: Add PACKAGECONFIG for rbd
devtool: add HostKeyAlgorithms option to ssh and scp commands
selftest: skip virgl test on all Alma Linux
documentation: update for 3.1.21
poky.conf: bump version for 3.1.21
maintainers: update gcc version to 9.5
documentation: update for 3.1.22
poky.conf: bump version for 3.1.22
ovmf: fix gcc12 warning in GenFfs
ovmf: fix gcc12 warning in LzmaEnc
ovmf: fix gcc12 warning for device path handling
documentation: update for 3.1.23
python3: fix packaging of Windows distutils installer stubs
lttng-modules: update 2.11.6 -> 2.11.7
lttng-modules: update 2.11.7 -> 2.11.8
lttng-modules: update 2.11.8 -> 2.11.9
lttng-modules: fix build with 5.4.229 kernel
poky.conf: bump version for 3.1.23
poky.conf: Update SANITY_TESTED_DISTROS to match autobuilder
ref-system-requirements.rst: add Fedora 35, Fedora 36, and Ubuntu 22.04 to list of supported distros
ref-system-requirements.rst: add AlmaLinux 8.7 to list of supported distros
qemu: Fix slirp determinism issue
documentation: update for 3.1.24
poky.conf: bump version for 3.1.24
bitbake: tests/fetch.py: fix link to project documentation
documentation: update for 3.1.25
poky.conf: bump version for 3.1.25
build-appliance-image: Update to dunfell head revision
Sundeep KOKKONDA (3):
binutils: stable 2.34 branch updates
glibc : stable 2.31 branch updates.
gcc: upgrade to v9.5
Sunil Kumar (1):
go: Security Fix for CVE-2022-2879
Teoh Jay Shen (1):
vim: Upgrade 9.0.0598 -> 9.0.0614
Thomas Roos (1):
devtool: fix devtool finish when gitmodules file is empty
Tim Orling (2):
python3: upgrade 3.8.13 -> 3.8.14
vim: upgrade 9.0.0614 -> 9.0.0820
Ulrich Ölmann (1):
kernel-yocto: fix kernel-meta data detection
Vijay Anusuri (4):
git: Security fix for CVE-2022-41903
git: Security fix for CVE-2023-22490 and CVE-2023-23946
sudo: Security fix for CVE-2023-28486 and CVE-2023-28487
curl: Security fix CVE-2023-27533, CVE-2023-27535 and CVE-2023-27536
Virendra Thakur (2):
gcc: Fix inconsistent noexcept specifier for valarray in libstdc++
qemu: Whitelist CVE-2023-0664
Vivek Kumbhar (13):
curl: fix CVE-2022-32221 POST following PUT
qemu: fix CVE-2021-3638 ati-vga: inconsistent check in ati_2d_blt() may lead to out-of-bounds write
libtasn1: fix CVE-2021-46848 off-by-one in asn1_encode_simple_der
qemu: fix CVE-2021-20196 block fdc null pointer dereference may lead to guest crash
go: fix CVE-2022-41717 Excessive memory use in got server
rsync: fix CVE-2022-29154 remote arbitrary files write inside the directories of connecting peers
libx11: fix CVE-2022-3555 memory leak in _XFreeX11XCBStructure() of xcb_disp.c
qemu: fix CVE-2021-3507 fdc heap buffer overflow in DMA read data transfers
go: fix CVE-2022-1962 go/parser stack exhaustion in all Parse* functions
qemu: fix CVE-2021-3929 nvme DMA reentrancy issue leads to use-after-free
gnutls: fix CVE-2023-0361 timing side-channel in the TLS RSA key exchange code
go: fix CVE-2023-24537 Infinite loop in parsing
go: fix CVE-2023-24534 denial of service from excessive memory allocation
Wang Mingyu (1):
mobile-broadband-provider-info: upgrade 20220725 -> 20221107
Xiaobing Luo (1):
devtool: Fix _copy_file() TypeError
ciarancourtney (1):
wic: swap partitions are not added to fstab
jan (1):
cve-update-db-native: Allow to overrule the URL in a bbappend.
rajmohan r (1):
systemd: Fix CVE-2023-26604
wangmy (1):
dbus: upgrade 1.12.20 -> 1.12.22
meta-openembedded: 6792ebdd96..7007d14c25:
Armin Kuster (1):
mariadb: Update to latest lts 10.4.28
Chris Rogers (1):
xterm: Remove undeclared variables introduced by backport
Colin Finck (1):
[dunfell] wireguard: Upgrade to 1.0.20220627 (module) and 1.0.20210914 (tools)
Hitendra Prajapati (9):
postgresql: CVE-2022-1552 Autovacuum, REINDEX, and others omit "security restricted operation" sandbox
dnsmasq: CVE-2022-0934 Heap use after free in dhcp6_no_relay
nginx: CVE-2022-41741, CVE-2022-41742 Memory corruption in the ngx_http_mp4_module
postgresql: Fix CVE-2022-2625
proftpd: CVE-2021-46854 memory disclosure to radius server
net-snmp: CVE-2022-44792 & CVE-2022-44793 Fix NULL Pointer Exception
krb5: CVE-2022-42898 integer overflow vulnerabilities in PAC parsing
postgresql: CVE-2022-41862 Client memory disclosure when connecting with Kerberos to modified server
syslog-ng: CVE-2022-38725 An integer overflow in the RFC3164 parser
Ivan Stepic (1):
flatbuffers: adapt for cross-compilation environments
Mathieu Dubois-Briand (4):
networkmanager: Update to 1.22.16
nss: Add missing CVE product
nss: Whitelist CVEs related to libnssdbm
nss: Fix CVE-2020-25648
Omkar Patil (1):
ntfs-3g-ntfsprogs: Upgrade 2022.5.17 to 2022.10.3
Poonam Jadhav (4):
nodejs: Fix CVE-2022-32212
nodejs: Fix CVE-2022-35255
nodejs: Fix CVE-2022-43548
nodejs: Fix CVEs for nodejs
Priyal Doshi (1):
open-vm-tools: Security fix for CVE-2022-31676
Ranjitsinh Rathod (1):
strongswan: Fix CVE-2022-40617
Roger Knecht (1):
zeromq: 4.3.2 -> 4.3.4
Shubham Kulkarni (1):
python3-pillow: Security fix for CVE-2022-45198
Siddharth Doshi (1):
xterm : Fix CVE-2022-45063 code execution via OSC 50 input sequences] CVE-2022-45063
Valeria Petrov (1):
php: update 7.4.28 -> 7.4.33
Virendra Thakur (2):
capnproto: Fix CVE-2022-46149
nss: Fix CVE CVE-2023-0767
Wang Mingyu (2):
apache2: upgrade 2.4.54 -> 2.4.55
apache2: upgrade 2.4.55 -> 2.4.56
Yi Zhao (1):
postfix: upgrade 3.4.23 -> 3.4.27
vkumbhar (2):
dnsmasq: fix CVE-2023-28450 default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232
mariadb: fix CVE-2022-47015 NULL pointer dereference in spider_db_mbase::print_warnings()
wangmy (1):
apache2: upgrade 2.4.53 -> 2.4.54
meta-security: c62970fda8..eb631c12be:
Hitendra Prajapati (1):
sssd: CVE-2022-4254 libsss_certmap fails to sanitise certificate data used in LDAP filters
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I0ebec73eb7e68d1ca95866bc758e49990731c8bf
Diffstat (limited to 'meta-openpower')
0 files changed, 0 insertions, 0 deletions