[yocto-security] [OE-core CVE] branch master-next updated. uninative-2.1-238-gbcffa92
cve-notice at lists.openembedded.org
cve-notice at lists.openembedded.org
Tue Jul 3 00:25:04 PDT 2018
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "".
The branch, master-next has been updated
discards 4623b26d1009cd1be220ab2d6e137346a545e873 (commit)
discards 9b2956f6d6455fae3d15f4f2c5271e67ebe20317 (commit)
discards 1f574c424ea89c0d8cff840f88815c3fdfa6386d (commit)
discards 492ac1a8c009ffb36639a941220fee2e6d196ed0 (commit)
discards 21c24c2ca53d665231c5c7588e41e624ac404821 (commit)
discards aa16d16908073cba8a2d4b5f3b0d2e5915289d5f (commit)
discards 1c8cadb53b33c792e698cd731883b86439a4235e (commit)
discards 9ee4bcbf224e4981777542eb871f0dc5a666f685 (commit)
discards 5bb1d5aa1d8fccdc8844aba722aa7779c6adfc5e (commit)
discards 13963827ceba83761f21e1fb31ba2158f5d1656b (commit)
discards 430a0c80aedd0445dd6b230f763bc58bc042dc23 (commit)
discards f302a473e6931bc741b2cfb12c44925ed7c2a815 (commit)
discards cd82f709db5696897603054df5ccccec07cd6857 (commit)
discards 23300a8843d21b47f82b6a775688a732e28609a9 (commit)
discards 115b775ea15c2f9147de466cee2ac22f2402452e (commit)
discards 76f6cf2fdb0c81679055dc18c1ba8d9e195889ac (commit)
via bcffa929fc7e3e7e34171f90a8ce0864f1679482 (commit)
via 946097c762f5e9066817c83d7957f09bf1cddae9 (commit)
via 2e7f3b2b9318d1e5395ad58131eafb873f614326 (commit)
via 069426b0a7a6848a9290cd2e8cdce941d7e3c08c (commit)
via 4b56d6a61bfe4ca28d1301ae83898a979d3df73a (commit)
via 397410d6ca6864c9a956b8a1e602b97f57d0031f (commit)
via c15a7f739a929c3f43f17387c5a950c9d6a02203 (commit)
via 93b0a04d77b0b513fefaa80fb3fb9334c549a76f (commit)
via 5d84441e148a43f42697dc7493d6c37c713fe397 (commit)
via dbbe9c1d1f822cf13a4c16b79bccf6bf5c4b91e4 (commit)
via 3e48ac4a65efca1653d6cd69434b0164af4ef39a (commit)
via 82b2a087e4f0f9ff9e602e7b507be94498a7a73b (commit)
via 4d09b6a411504be78379dff172ef12620204b89a (commit)
via 7aece42c6b4744c54a8eb05ff90bd3bf4fbb14a3 (commit)
via a0d74767f7bd18c853df6b0be162363076d8f965 (commit)
This update added new revisions after undoing existing revisions. That is
to say, the old revision is not a strict subset of the new revision. This
situation occurs when you --force push a change and generate a repository
containing something like this:
* -- * -- B -- O -- O -- O (4623b26d1009cd1be220ab2d6e137346a545e873)
\
N -- N -- N (bcffa929fc7e3e7e34171f90a8ce0864f1679482)
When this happens we assume that you've already had alert emails for all
of the O revisions, and so we here report only the revisions in the N
branch from the common base, B.
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit bcffa929fc7e3e7e34171f90a8ce0864f1679482
Author: Armin Kuster <akuster808 at gmail.com>
Date: Sun Jul 1 15:52:01 2018 -0700
bind: update to ESV version 9.11.3
LIC_FILES_CHKSUM changed do to updated year
removed:
dont-test-on-host.patch, no longer implemented
drop use-python3-and-fix-install-lib-path.patch, they added the ability to pass in lib dir loctions
drop bind-confgen-build-unix.o-once.patch, fix included in update
Refresh other patches:
add python3 flag for PACKAGECONFIG to pull in python
add new config option --with-eddsa=no (needs openssl support not released)
[v2]
Remove python3 in default PACKACKECONFIG
include https://patchwork.openembedded.org/patch/148257/
Because of the newly added dependency on meta-python, the python(3)
packageconfig is no longer "default-on".
Signed-off-by: Martin Hundebøll <mnhu at prevas.dk>
[v3]
Made formating and spelling changes per Martin
[v4]
Minor typo fixes
cleanup python3 support
[v5]
swtich to 9.11.3 ESV version
fix isc python install
keep *.la for dhcp
update config options
move mdig to same location as dig
[v6]
remove incorrect PYTHON_SITEPACKAGES_DIR inclusion
python3-ply rdepend belongs with pytho3-bind package
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
Acked-by: Martin Hundebøll <mnhu at prevas.dk>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
commit 946097c762f5e9066817c83d7957f09bf1cddae9
Author: Armin Kuster <akuster808 at gmail.com>
Date: Sun Jul 1 15:53:20 2018 -0700
dhcp: update 4.4.1
include several CVE fixes.
CVE: CVE-2018-5733
CVE: CVE-2018-5732
LIC_CHKSUM_FILE updated to SPFX format
https://kb.isc.org/article/AA-01571
remove several patches now included in update.
Shared libarary support is now enabled in configure+lt, use it
and revert to autotools-brokensep
Refresh patches
aligns support with bind 9.11.x
add libxml2 support to configure.ac+lt
[v2]
cleaned up do_configure per feedback
fix hard coded lib & include patch
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
commit 2e7f3b2b9318d1e5395ad58131eafb873f614326
Author: Paulo Neves <ptsneves at gmail.com>
Date: Mon Jul 2 17:03:44 2018 +0200
kernel-devicetree: Corrected normalize_dtb
The normalize_dtb function was buggy because
it only converted from .dts suffix to .dtb
suffix if the user passed a full source path to
KERNEL_DEVICETREE containing the /dts/ path.
The problem is that if the user did that there
would be a warning.
On the othet hand if user just set the variable
KERNEL_DEVICETREE="file.dts" the bbclass translation
to the respective .dtb target did not occur and
make would fail saying it has no rule to make target
file.dts
This patch decouples the logic of having /dts/ in the
path from the target translation.
Signed-off-by: Paulo Neves <ptsneves at gmail.com>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
commit 069426b0a7a6848a9290cd2e8cdce941d7e3c08c
Author: Kai Kang <kai.kang at windriver.com>
Date: Mon Jul 2 09:15:34 2018 +0800
webkitgtk: 2.20.2 -> 2.20.3
Upgrade webkitgtk from 2.20.2 to 2.20.3.
* update context of 0001-WebKitMacros-Append-to-I-and-not-to-isystem.patch
* remove detect-atomics-during-configure.patch that webkitgtk 2.20.3
contains the commit of better solution, see
https://bugs.webkit.org/show_bug.cgi?id=161900#c9
Signed-off-by: Kai Kang <kai.kang at windriver.com>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
commit 4b56d6a61bfe4ca28d1301ae83898a979d3df73a
Author: Hongxu Jia <hongxu.jia at windriver.com>
Date: Mon Jul 2 16:18:38 2018 +0800
ghostscript: fix CVE-2018-10194
https://nvd.nist.gov/vuln/detail/CVE-2018-10194
Signed-off-by: Hongxu Jia <hongxu.jia at windriver.com>
Signed-off-by: Ross Burton <ross.burton at intel.com>
commit 397410d6ca6864c9a956b8a1e602b97f57d0031f
Author: Hongxu Jia <hongxu.jia at windriver.com>
Date: Mon Jul 2 13:57:13 2018 +0800
ncurses: 6.1 -> 6.1+20180630
Signed-off-by: Hongxu Jia <hongxu.jia at windriver.com>
Signed-off-by: Ross Burton <ross.burton at intel.com>
commit c15a7f739a929c3f43f17387c5a950c9d6a02203
Author: Hongxu Jia <hongxu.jia at windriver.com>
Date: Mon Jul 2 13:57:12 2018 +0800
libgcrypt: 1.8.2 -> 1.8.3
Signed-off-by: Hongxu Jia <hongxu.jia at windriver.com>
Signed-off-by: Ross Burton <ross.burton at intel.com>
commit 93b0a04d77b0b513fefaa80fb3fb9334c549a76f
Author: Hongxu Jia <hongxu.jia at windriver.com>
Date: Mon Jul 2 13:57:11 2018 +0800
help2man-native: 1.47.5 -> 1.47.6
Signed-off-by: Hongxu Jia <hongxu.jia at windriver.com>
Signed-off-by: Ross Burton <ross.burton at intel.com>
commit 5d84441e148a43f42697dc7493d6c37c713fe397
Author: Hongxu Jia <hongxu.jia at windriver.com>
Date: Mon Jul 2 13:57:10 2018 +0800
man-pages: 4.14 -> 4.16
Signed-off-by: Hongxu Jia <hongxu.jia at windriver.com>
Signed-off-by: Ross Burton <ross.burton at intel.com>
commit dbbe9c1d1f822cf13a4c16b79bccf6bf5c4b91e4
Author: Hongxu Jia <hongxu.jia at windriver.com>
Date: Mon Jul 2 13:57:09 2018 +0800
elfutils: 0.170 -> 0.172
- Update debian 0.170 patches and rebase them for 0.172;
- Drop 0001-Use-fallthrough-attribute.patch which was
accepted by upstream;
- Drop 0001-Ensure-that-packed-structs-follow-the-gcc-memory-lay.patch
which was backported from upstream;
Signed-off-by: Hongxu Jia <hongxu.jia at windriver.com>
Signed-off-by: Ross Burton <ross.burton at intel.com>
commit 3e48ac4a65efca1653d6cd69434b0164af4ef39a
Author: Hongxu Jia <hongxu.jia at windriver.com>
Date: Mon Jul 2 13:57:08 2018 +0800
man-db: 2.8.2 -> 2.8.3
Signed-off-by: Hongxu Jia <hongxu.jia at windriver.com>
Signed-off-by: Ross Burton <ross.burton at intel.com>
commit 82b2a087e4f0f9ff9e602e7b507be94498a7a73b
Author: Hongxu Jia <hongxu.jia at windriver.com>
Date: Mon Jul 2 13:57:07 2018 +0800
gpgme: 1.10.0 -> 1.11.1
License-Update: copyright years updated 2001-2017 -> 2001-2018
Signed-off-by: Hongxu Jia <hongxu.jia at windriver.com>
Signed-off-by: Ross Burton <ross.burton at intel.com>
commit 4d09b6a411504be78379dff172ef12620204b89a
Author: Hongxu Jia <hongxu.jia at windriver.com>
Date: Mon Jul 2 13:57:06 2018 +0800
gnupg: 2.2.5 -> 2.2.8
Signed-off-by: Hongxu Jia <hongxu.jia at windriver.com>
Signed-off-by: Ross Burton <ross.burton at intel.com>
commit 7aece42c6b4744c54a8eb05ff90bd3bf4fbb14a3
Author: Christopher Larson <chris_larson at mentor.com>
Date: Fri Jun 22 02:09:34 2018 +0500
recipetool: add 'edit' subcommand
This edits the recipe and any bbappends for the specified target.
Signed-off-by: Christopher Larson <chris_larson at mentor.com>
Signed-off-by: Ross Burton <ross.burton at intel.com>
commit a0d74767f7bd18c853df6b0be162363076d8f965
Author: Alex Kiernan <alex.kiernan at gmail.com>
Date: Wed Jun 20 04:23:19 2018 +0000
kernel-fitimage: Make DTB key insertion optional
If UBOOT_DTB_BINARY is empty, then don't try inserting the U-Boot
signing keys into the DTB. In this configuration the keys are expected
to be already present in U-Boot's DTB.
Signed-off-by: Alex Kiernan <alex.kiernan at gmail.com>
Signed-off-by: Ross Burton <ross.burton at intel.com>
-----------------------------------------------------------------------
Summary of changes:
.../0002-mdadm-Specify-enough-length-when-write-to-buffer.patch | 6 +-----
1 file changed, 1 insertion(+), 5 deletions(-)
hooks/post-receive
--
More information about the yocto-security
mailing list