[yocto-security] [OE-core CVE] branch pyro-next updated. uninative-1.6-602-g1bde969
cve-notice at lists.openembedded.org
cve-notice at lists.openembedded.org
Sat Dec 9 09:38:03 PST 2017
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "".
The branch, pyro-next has been updated
discards d679a9208f85216df8240bb5abd3ba123b4d2d04 (commit)
discards 31d1054e8eee7a0368f1ba2ad2634891536ff566 (commit)
discards 6afd5cb344f0c7eb415dc1731bade1af4dd600f0 (commit)
discards bb5c7b792162f6397634d05c151ec67ff60dd7d1 (commit)
discards 7f74ff71ae9d9ef1ca55c12be16094f1a9d7fade (commit)
discards b01272e99be11eedbc7c52730307735055b48bab (commit)
discards 72cb25b1b745857c2be3ac527f3bac7624ef062f (commit)
discards 8681df291103602ba65f94a8ab7c4bbf1b99fe02 (commit)
discards 735d7786196a19d1ee270c764ed4c9092394e14e (commit)
discards 51291d2f6d973d022c5b1e45b9c17016054d0d17 (commit)
discards 9e5c0c6efcfbb2645ef12d967e5b35732ce4358c (commit)
discards 00f51c65184799d758197c05a9e9c97e228363fe (commit)
discards 39869e4867df711637dde13eb52181f2da94aaae (commit)
discards 30b0aba1909a8c7666de5ec6d7148ec5ba884a23 (commit)
discards 13298ea3516d1ca3db89df1946f0be19d3272ec6 (commit)
discards 27420913e9951ca384eac397ae62e178f88940f6 (commit)
discards a5290e6c12f8e1735e96397e10716fb75e8137a7 (commit)
discards d4a41cb6cc3d8863f5207f8a97699004caa03584 (commit)
discards 832115c7114777a4b902250dbd4450e7be40cd26 (commit)
discards 8be059a5bf284450314391d907874ec60a1445ec (commit)
discards 13ab8bfcf79ec38eeb0cb5aab4aa87755d85512a (commit)
discards ce543abcf2e35910956cf6f7866bc95078f8b96c (commit)
discards 10796249138e84370b0bd3fffe911bc0a57fc322 (commit)
discards 60a01b49f538db152e360668f24affbe384d6b70 (commit)
discards c3593cbe368f1c267a217a55b4dccafc643d5ce1 (commit)
discards 5a6f46756bd026bb7d73d156996512b591ea0cd9 (commit)
discards 3c69f0b5d5e3175022e89be0acbe5a1720d4871d (commit)
discards 1fd60ec87a713b64b94c436adc0a9a075131c4a8 (commit)
discards e4141497c960e82a0b825e4fde1df55223095546 (commit)
discards 191b57de907e55bcd2a41459d071822028cba704 (commit)
discards 45e5bc6473261184a09461716a52b6618e476c29 (commit)
discards ebb62460e2c6f5038087e1a1f5842e739edd8c34 (commit)
discards d6df7f276dd190eeb578626fcd9c714a32742b37 (commit)
discards 339074b2f197499f67e979cd4ebadbede4a9025c (commit)
discards 1fdb28d834b48536caf499334bfbc418eeca97af (commit)
discards ca566f66433c6ce9469807c40a1f56f6edf2c305 (commit)
discards f4cdffebd208df81dc1b88e102fdaf11e33c50cf (commit)
discards 7e9593665848fd32c3afb688a886661aea1384ac (commit)
discards 59618f872651eaca0b8db435cbc76c22a17c5cc9 (commit)
discards 95ef2df1ab682d73ed3418c32c31c0a8836a60f9 (commit)
discards 5fb13f27b4781354034444fab2e4cc44a41a033a (commit)
via 1bde969058f7e832db0e7eb9c6f7ef00f027628c (commit)
via 2db9d0854239bca9d5c4efde808a1931c4c0ca0e (commit)
via a12cc7500a224d4be91f67f7921e1f16fcf880d4 (commit)
via eafbe104727d79643c1738360789ae455fff116c (commit)
via b6ec8ab42befaa07c859a5c5cc14611b821a1304 (commit)
via 957e9f92b17c6b268e6c037666d2f32ef23f7bf9 (commit)
via 7423b8318a381d139590f6ab2c50874d0eb775a6 (commit)
via 13704be6d172eef2459bb3a5ceed47711ef08b99 (commit)
via e22d6cab6dcfa020408b541242c26a994958831f (commit)
via 7af2f595a595533356ddef42e542825faab3382a (commit)
via ac828e5620430cff207ac5dc14dc5e2dbf99f9de (commit)
via 4c918f46c40878ae91d8de4223c6370f8c10ec66 (commit)
via 9600bca011fe5fd2837606ab05e64325b3f12114 (commit)
via f9efc9fc8d26784c7a2017efc771e809e6471911 (commit)
via 91aff69faa7861f9872331ea386145667607550c (commit)
via aa1dc0afd99970f474f38a671e6c49aa2090fbe3 (commit)
via a384e06b6ac12541b9928ecbc5834ef1d505ac0f (commit)
via a34da9ea14275d0bf8e9f2b7df7416fe622770cb (commit)
via d358e9bda3dcbdcfff7008804099f89f97f8bf79 (commit)
via fe734c3adddef18e1dade182eb77c6d3c923e498 (commit)
via 0699de9efe40029a6c5e799bb8c9616337fd163e (commit)
via d40bcafb574788ed26855c5d1a072523893c1b4b (commit)
via 979ff606d8c4c6f66c6dc533a92212f18708089e (commit)
via 73f1397d86f33abace089cc9a28e859b47bb7b6c (commit)
via 9b0cb8149ce82c0e6fa3054b54d35e9bf1353bf0 (commit)
via b1843e60ebe534243b49f3685540fa5ea49d5f35 (commit)
via f4dbb4ce29fcd03e64c83efea39f32df437c21cc (commit)
via ed459bc971697fdd46e5204f625cde7afcdef6eb (commit)
via 3db4004b2982a297a02ebeb6b0cb90cebdb44a0a (commit)
via d60b3d02949ba318e30627131fd38f74c74cf590 (commit)
via 1353892f3a130bcfa4e9c5b36b3ed7eb4a2c872d (commit)
via feb78cb536a5e5cc9f1c36014b1a1ae1c147f45c (commit)
via 60f0e4b18c7d77d7be2b22573b7d0c7ad3d0832f (commit)
via a406704fd68d08c3916b7986f96175be34affc50 (commit)
via 4c8be205c317eaa649d034de22b960409bb3fa3b (commit)
via 23b520c42e93e47e3a19037877281af673144b31 (commit)
via 89a00238c45b0457bdf7add3629124901bc72f4b (commit)
via 11064f15d7fc10b99eac4084af48a91d8b212932 (commit)
via 79c7c8342859306750f0af17210a183fdc543caf (commit)
via d0047eb364b5e38c3fbd349c40c71f6c50a1a22d (commit)
via 5e9e8b336931335c660733a269c59ae0547019bd (commit)
via c33426e2011054043c276c72b8af651a9aa179ad (commit)
via 265db40c75b6a4b9a666e49dd1739423eb711695 (commit)
via ef5f97aea26fa22accfd1841a2f1319935d6d95f (commit)
via 3a5a8280a1c079c8cc1161e0abc407c1a62aa068 (commit)
via 6b3f1a6107de04bc4f212876db2e3c4c762b044a (commit)
via f2a7a52b7a0915bd9905b3244b7b0deb6795205d (commit)
via 20f54eb2b2a306858f330eb50205e594d53767ec (commit)
via aa367a3583f6e1fb0e55f7ec46ddad13291f1c6f (commit)
via e8112536055e75dff43369395a6cf6ba44ba8db7 (commit)
via 93dd2f9f3edf0584f9e806c629611d645dd72dbf (commit)
via 28d2d47f2a4fc3eb649cf58e82bce0525ab0bc74 (commit)
via 404a04a862a71a5a0fb1c20b6bc9fc9c8b2bb98c (commit)
via 5c4c077a9182561a95f071d9c0d4a7a7f06fca98 (commit)
via 9b7ac3fbe76424a9c797b62cb7ed895c2844ea4b (commit)
via ea56903d4dded44845d89d7ee7208b88027512d8 (commit)
via cda7f3650deebd8a3a7108a2a2e782ebb661150c (commit)
via 96c573e6e146f7e6366e3543054c87cf9960603e (commit)
via aa18cb2391dad13bb332b9674b931ce31271cb64 (commit)
via 8114054e92a575ef64b72124194dd3162c56ebb2 (commit)
via fd7b5e308d17f92ea24b6eb17631327a4e9eec9f (commit)
via 1f5675a43e1781635fee15cc3674143c195da169 (commit)
via 8b0c5abe824647c6c9205ecedd29c3ac54c423a5 (commit)
via 514cadd28d05f5060b2538ef9b2920370c22bf73 (commit)
via 189ea6f0232f1910736121fb15f80eea97932af8 (commit)
via ed1aaf24bfd4a09132c7e0247c460102ec85254d (commit)
via d9f3c803d739a815fe5ee2e1227c5ae571fefb8f (commit)
via 5c8f831c71932e2abebd72f8be1ec95e1b6c3ab7 (commit)
via fd329fdc6374ebde3f5ab171dbe76bf5cec6771d (commit)
via 35059f271964da1f8112a45f19875b59fb9cd02f (commit)
via 92f73702d95e9c6ae72de667f225c9d24afe5c0a (commit)
via eade33d548bd1a16f5397a44299ac809707efd60 (commit)
via 7b3584ace93d45ac4078019a7ef185c6e190c51f (commit)
via 347976bf08158d1aa46dfea6f0f9d6dcc0d97395 (commit)
via 3969c068bc9557b405a5ad61c10c402ec93bd932 (commit)
via 970d4df7336e5102ac61e66689e977fb2e41a1aa (commit)
via 67438ac91a40429affc952ad1d7e92c763f52bab (commit)
via fcedfce43adad8659a1376bb28b1ed41e621dd53 (commit)
via 55a7787d86d087549a7a146a0485d4c9777d7ce7 (commit)
via 6da24ad2d2c843455fb8ce0faf5254462ca85c3b (commit)
via 74826c639d06ff19737602841333bd9235a142e3 (commit)
via 35eebe3cf2c6190e1c13d5b828e3550fe798ba02 (commit)
via 10ade11241a52b490fbadc4f51988307b2b1ba24 (commit)
via a2fbe75d029c389e03c9775f4e82e8de233f4ddb (commit)
via 68f353d8a82a3b345e6e635258a606bf1c3991fb (commit)
via 0a8c61d2351de7536c817242b0844e36dfe8b334 (commit)
via 9699ffe52d65ba426c01fd27697ab2789e29e19c (commit)
via 5d92cf0618e863472dc3ac54c89dd2f469733a2b (commit)
via 764159600a202d1f0c2f0217c7bf7b55348a2f5d (commit)
via 9aa06b3116c095a512be1d1f5da84ffaedf845dc (commit)
via 3987dddff58410f1b2535ceb1f48aebbbd987889 (commit)
via 571e53024b4f924e50cf6a478ccc8d6f097816bb (commit)
via 1c9d891886f35e6cc4485f244180d7d0ffa82cd3 (commit)
via d2b1486bf8773d3eef36c5e77b82e70c88d9c682 (commit)
via bb90e08fbcbc7c60731aacdc4b82163507d9afdc (commit)
via d2fc87e074ed41d265667383827c36ceb0302693 (commit)
via 1c9e3318791e36d6bc851192a7640ee639f61f23 (commit)
via 7fe1e9d46954f082af4debfa63cd982558dbf965 (commit)
via eaf72d105bed54e332e2e5c0c5c0a0087ecd91dd (commit)
via 649f78102222ec156d490968c13d3222379a1956 (commit)
via 201fa8f6a10469886db6d48c3a3e91712382e561 (commit)
via eec5e5ce04cfbd1e41e54be31afee72ecc9ec5dd (commit)
via a23241c1e10c706754c19d7f69fe7c6cbac3732e (commit)
via eed7d052dc053732e2d485dcc7e551b6754c4576 (commit)
via 03fbdba18b767be95c5fa13d72b52c16f8a77b52 (commit)
via 8c42a9508bded870d1ac018e2cfa129772983c52 (commit)
via 4077e088b6e750c4143a59c5d89258ab682ed96b (commit)
via 7ba25f0d8d95ece5f5d56ace5b1e9c8c797efbc0 (commit)
via 450942db7f4638eba7ec262901fe1d7e1b1f6070 (commit)
via 2f95c71ba17a6d68d3805efe82097c10b6740244 (commit)
via 564209df3d0fd87742ffccb7475b8908c4a7efa4 (commit)
via d17b2f44f69a160c227cbd808a2cf62c994ed92e (commit)
via 9c54510632d22c12850962572ce7276170ce5488 (commit)
via ee006aac0a52709cf5524aeb17a92b8c5c44be34 (commit)
This update added new revisions after undoing existing revisions. That is
to say, the old revision is not a strict subset of the new revision. This
situation occurs when you --force push a change and generate a repository
containing something like this:
* -- * -- B -- O -- O -- O (d679a9208f85216df8240bb5abd3ba123b4d2d04)
\
N -- N -- N (1bde969058f7e832db0e7eb9c6f7ef00f027628c)
When this happens we assume that you've already had alert emails for all
of the O revisions, and so we here report only the revisions in the N
branch from the common base, B.
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 1bde969058f7e832db0e7eb9c6f7ef00f027628c
Author: Richard Purdie <richard.purdie at linuxfoundation.org>
Date: Sat Dec 9 11:06:47 2017 +0000
populate_sdk_ext: Use prebuilt uninative tarball
For uninative to work, it relies on it being updated to new versions as
newer glibcs are built. This means the uninative generated by the current
build may not be as recent as the uninative that is being downloaded by
uninative.bbclass.
If this occurs, we can get symbol mismatch errors.
Ultimately, the sstate and the uninative versions need to match so we
should use the same tarball as uninative.bbclass is using, not the one
we built.
[YOCTO #12405]
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
-----------------------------------------------------------------------
Summary of changes:
meta/classes/copyleft_filter.bbclass | 32 +-
meta/classes/goarch.bbclass | 7 +-
meta/classes/image.bbclass | 11 +-
meta/classes/image_types.bbclass | 6 +-
meta/classes/image_types_uboot.bbclass | 29 -
meta/classes/kernel-fitimage.bbclass | 9 +-
meta/classes/kernel-uboot.bbclass | 8 +-
meta/classes/kernel-uimage.bbclass | 26 +-
meta/classes/mirrors.bbclass | 4 +-
meta/classes/own-mirrors.bbclass | 2 +-
meta/classes/package_rpm.bbclass | 4 +
meta/classes/populate_sdk_ext.bbclass | 13 +-
meta/classes/rootfs-postcommands.bbclass | 22 +-
meta/classes/useradd-staticids.bbclass | 10 +-
meta/classes/useradd.bbclass | 2 +-
meta/conf/bitbake.conf | 3 +
.../cases/{buildiptables.py => buildlzip.py} | 6 +-
.../sdk/cases/{buildiptables.py => buildlzip.py} | 8 +-
meta/lib/oeqa/selftest/archiver.py | 78 +-
meta/lib/oeqa/selftest/recipetool.py | 12 +-
meta/recipes-connectivity/openssh/openssh/init | 31 +-
.../openssh/openssh/sshd_check_keys | 64 ++
.../openssh/openssh/sshdgenkeys.service | 16 +-
meta/recipes-connectivity/openssh/openssh_7.4p1.bb | 8 +
.../wpa-supplicant/key-replay-cve-multiple.patch | 1025 ++++++++++++++++++++
.../wpa-supplicant/wpa-supplicant_2.6.bb | 1 +
...mproper-optimization-req.r.rtm_scope-may-.patch | 33 +
.../0001-iproute-support-scope-.-Closes-8561.patch | 122 +++
.../busybox-tar-add-IF_FEATURE_-checks.patch | 70 ++
meta/recipes-core/busybox/busybox_1.24.1.bb | 3 +
meta/recipes-core/expat/expat.inc | 3 -
meta/recipes-core/expat/expat/no_getrandom.patch | 23 -
meta/recipes-core/glibc/glibc-locale.inc | 4 +
.../binutils/binutils-cross-canadian.inc | 2 +
meta/recipes-devtools/binutils/binutils.inc | 1 -
meta/recipes-devtools/gcc/gcc-6.3.inc | 1 +
.../gcc/gcc-6.3/0055-unwind_h-glibc26.patch | 139 +++
meta/recipes-devtools/gdb/gdb-7.12.1.inc | 1 +
..._gdb_patches_120-sigprocmask-invalid-call.patch | 45 +
...-FALLTHRU-comment-to-handle-GCC7-warnings.patch | 77 ++
meta/recipes-devtools/json-c/json-c_0.12.bb | 1 +
.../ruby/ruby/CVE-2017-14064.patch | 353 +++++++
meta/recipes-devtools/ruby/ruby_2.4.0.bb | 1 +
meta/recipes-devtools/valgrind/valgrind_3.12.0.bb | 2 -
meta/recipes-graphics/waffle/waffle_1.5.2.bb | 10 +-
meta/recipes-kernel/linux/linux-yocto-rt_4.1.bb | 4 +-
meta/recipes-kernel/linux/linux-yocto-rt_4.10.bb | 4 +-
meta/recipes-kernel/linux/linux-yocto-rt_4.4.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto-rt_4.9.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto-tiny_4.1.bb | 4 +-
meta/recipes-kernel/linux/linux-yocto-tiny_4.10.bb | 4 +-
meta/recipes-kernel/linux/linux-yocto-tiny_4.4.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto-tiny_4.9.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_4.1.bb | 18 +-
meta/recipes-kernel/linux/linux-yocto_4.10.bb | 18 +-
meta/recipes-kernel/linux/linux-yocto_4.4.bb | 20 +-
meta/recipes-kernel/linux/linux-yocto_4.9.bb | 20 +-
meta/recipes-multimedia/alsa/alsa-utils_1.1.3.bb | 4 +-
.../libtiff/files/CVE-2016-10093.patch | 47 +
.../libtiff/files/CVE-2016-10266.patch | 60 ++
.../libtiff/files/CVE-2016-10267.patch | 70 ++
.../libtiff/files/CVE-2016-10268.patch | 30 +
.../libtiff/files/CVE-2016-10269.patch | 131 +++
.../libtiff/files/CVE-2016-10270.patch | 134 +++
.../libtiff/files/CVE-2016-10271.patch | 30 +
.../libtiff/files/CVE-2017-7592.patch | 40 +
.../libtiff/files/CVE-2017-7593.patch | 98 ++
.../libtiff/files/CVE-2017-7594-p1.patch | 43 +
.../libtiff/files/CVE-2017-7594-p2.patch | 50 +
.../libtiff/files/CVE-2017-7595.patch | 48 +
.../libtiff/files/CVE-2017-7596.patch | 308 ++++++
.../libtiff/files/CVE-2017-7598.patch | 65 ++
.../libtiff/files/CVE-2017-7601.patch | 52 +
.../libtiff/files/CVE-2017-7602.patch | 69 ++
meta/recipes-multimedia/libtiff/tiff_4.0.7.bb | 18 +-
.../ca-certificates/ca-certificates_20161130.bb | 11 +-
.../curl/curl/CVE-2017-1000100.patch | 50 +
.../curl/curl/CVE-2017-1000101.patch | 92 ++
meta/recipes-support/curl/curl_7.53.1.bb | 12 +-
.../debianutils/debianutils_4.8.1.bb | 4 +-
meta/recipes-support/libproxy/libproxy_0.4.14.bb | 7 +-
scripts/lib/wic/utils/misc.py | 2 +-
scripts/oe-build-perf-report | 9 +-
scripts/oe-pkgdata-util | 12 +-
84 files changed, 3674 insertions(+), 266 deletions(-)
delete mode 100644 meta/classes/image_types_uboot.bbclass
rename meta/lib/oeqa/runtime/cases/{buildiptables.py => buildlzip.py} (89%)
rename meta/lib/oeqa/sdk/cases/{buildiptables.py => buildlzip.py} (84%)
create mode 100644 meta/recipes-connectivity/openssh/openssh/sshd_check_keys
create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple.patch
create mode 100644 meta/recipes-core/busybox/busybox/0001-ip-fix-an-improper-optimization-req.r.rtm_scope-may-.patch
create mode 100644 meta/recipes-core/busybox/busybox/0001-iproute-support-scope-.-Closes-8561.patch
create mode 100644 meta/recipes-core/busybox/busybox/busybox-tar-add-IF_FEATURE_-checks.patch
delete mode 100644 meta/recipes-core/expat/expat/no_getrandom.patch
create mode 100644 meta/recipes-devtools/gcc/gcc-6.3/0055-unwind_h-glibc26.patch
create mode 100644 meta/recipes-devtools/gdb/gdb/package_devel_gdb_patches_120-sigprocmask-invalid-call.patch
create mode 100644 meta/recipes-devtools/json-c/json-c/0001-Add-FALLTHRU-comment-to-handle-GCC7-warnings.patch
create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2017-14064.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-10093.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-10266.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-10267.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-10268.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-10269.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-10270.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-10271.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2017-7592.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2017-7593.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2017-7594-p1.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2017-7594-p2.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2017-7595.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2017-7596.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2017-7598.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2017-7601.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2017-7602.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2017-1000100.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2017-1000101.patch
hooks/post-receive
--
More information about the yocto-security
mailing list