[yocto-security] [OE-core CVE] branch thud-next updated. 2018-10-457-g13ba663
cve-notice at lists.openembedded.org
cve-notice at lists.openembedded.org
Sat Jul 27 12:14:08 PDT 2019
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "".
The branch, thud-next has been updated
via 13ba66338d16cc07cb0129de932f090d0edb7760 (commit)
via c60f9c47380bb53bd2b54373b72f86006edf326e (commit)
via f3ba6cee5927c7475c3dc47658fa0548aec52115 (commit)
via 2bf6098ac1cbbf7ed28522b7f7dce84c8341ce00 (commit)
via 3ebf0fc043b6c9b6c2381dab893b54ebcb8ac13d (commit)
via 5c45cd09fb29d4a1ebda6153a25f16e312049c44 (commit)
via 950a60c0e4183037a807031ddc9167b1a81a5348 (commit)
via 0dbd16a40a28bb75962f38c6ce450c909c22ee79 (commit)
via 352ab80333096df92ef0f4cd331baea98e71aa21 (commit)
via 16785ebdc50f38ef4bc30d477a6833bdd4b541d1 (commit)
via 0497623882da714cbe098a4281982b7f9ce6030f (commit)
via 6045c57895cad301c5e3a94de740427343a08065 (commit)
via 9d5a7dd654a17b67f5cd8a73145e5f5299bfebcc (commit)
via c897b862c6cfaa341cc6155b2c9d98ea7ad02884 (commit)
via 71bfb9dfdc806e0e95f1302d0d6c3c751f03bb4b (commit)
via fc77edc8245ab90eee1f1e857f470b6842dc256f (commit)
via 249447828cd1ed13f9faf19793208b503acf0d30 (commit)
via d05e98cdccbe36be8906c31249adeb0f0bc13ac5 (commit)
via 4e40da53851c550f1a38eff5737d4b69c8cd0afb (commit)
via 69964488112899371b7fd88b6e86e533d968b457 (commit)
via 025cd45d4129266d34a919573c02a8504f092c1b (commit)
via fca74928bf2002daf526ad8c1446c8d9ba891a78 (commit)
via 8b5e68afc9767d8b6b966503e9353cadafae9bfb (commit)
via 85541b9ae8cff770e2c20a9132c0867a25d190c2 (commit)
via 3c76b6660fc21a987e960dedb2631dcd27b87d07 (commit)
via 3d7375eb2e459b891b4ba16c1fc486afbfecef2c (commit)
via e2f9efdc93068bce00b07021aa447f0b8786f69d (commit)
via 7db146abad6d2bbb7d7a549e7091412e0e494db2 (commit)
via e7bdff05da6075efc21c5ac9492b06e481e5a239 (commit)
via 592e7de7f5208940fbcfcad3371f93f8ce2ca738 (commit)
via e3dfe53a334cd952cc2194fd3baad6d082659b7e (commit)
via ac5dca7dc68519b36aa976dfd25d8efa76af74ec (commit)
via 3103f407ff0c579c7e5887fd925d52d5c92c83f9 (commit)
via f162d5bfe6eaeca24f441c83c87252c8d05744fc (commit)
via 22f4d5218ad016442b8511e9ccae649faf79152c (commit)
via becb0a3f855eff7700fa284a0a7981d6a260a1c5 (commit)
via 7d0dfd6ada9b2fdf0c14833c388730ffc887af49 (commit)
via 8f6d55056a1c6f9fd00b09a8e91b3e888750e793 (commit)
via 7dbaaf8a823527a3523187327f5b0885fc682510 (commit)
via 1d3696bd3b6d05b91c119ade79c40510d1426a56 (commit)
via 170a233452539b0b6b8fc4db50cf69d848d1ac5b (commit)
via 7bfb8bef5ec9c4137f439b35c56856697c6b79a4 (commit)
via 3e48404afe27c93fa6ffbd8d66bc52dcd6216005 (commit)
via 3dae8d5a02c29523dc640bee31a362f46ffde6ca (commit)
via 17fd507e218bfd0f6745737bcd1a170d82e712e5 (commit)
via 7d4450d373a297f246b8c3708fd7d2cafadd3ae9 (commit)
via cf4d3230ac439118a2ad3c381bac38e11b3e14e8 (commit)
via 274c22a1fd95418e4afb6633bb4b2e6debc4d7ea (commit)
via 6f58c301e2d3463848df35c5b5c55d167ab34035 (commit)
via f1009d6d44097a3f140e2f8679e9184031b10b44 (commit)
via 3c164b94fbb0efc513ee747cccd571a73688b541 (commit)
via 53df0c93c46b6ab1366df44bd9927dc6f8699b29 (commit)
via 68919826fe4d4db4582223569c5a939a9c2f9c72 (commit)
via 909baeb5901f7f212fbdd6c358c5ada6fe25e091 (commit)
via 5685a349eb471f4c8c9dcc2dc3b34f20369920bb (commit)
via 6351f52609af51055786f7b3b24aee722b4dcea4 (commit)
via 9c63433010aae6891149a7605a637bee879dc4ef (commit)
via ced3c75fa75d9b9373d695d9204b197b98ea3bd9 (commit)
via 5e900f2c9319843c8905713dd3dd12a1ad435976 (commit)
via ae87e2fab31590aaf8c2f0672d327d633f896cbd (commit)
via ed650ca30379279f6a0f1e8f9f728cc542504732 (commit)
via 3a0272bab546a4b47feab117713e32873419bbe7 (commit)
via a9cc1b3f9a684c14f02b06226693b023adc3e609 (commit)
via bddf9bec4913fb8eabe6f2995020bf06cc7f890a (commit)
via 4cf8d01d0066699f39162e25d1cdc847c0175473 (commit)
via b768cfb6c849cbbc2d6e2d03974af009ca5340de (commit)
via 4c6bac8453768cab9c416c012019ead5edeaafa5 (commit)
via ad29465ccb9fea2622aa2ef8c7118a0deae829a2 (commit)
via d761b2ae95a84f353c4132bc9b0506c4a4b4c73f (commit)
via c4bb2bdbe6f74141f30171dabab49fa5cd45371f (commit)
via 2861b339f4539ec4042cc7aa5351361246f4921f (commit)
via dc15a21cbb3090dfb56e78f622486f843be4f54a (commit)
via cf787f8eab1c85dbafb5e74bf12eb4ddb5c5cbf7 (commit)
via fbb34412641afa0fa7327cf599b82564ca375217 (commit)
via 932762be3999906c2e8a0ed9236f1f01d9e2ea93 (commit)
via e6b272b7c0d10f49dde71dd9714aaa0fb6aec091 (commit)
via 883726c93b4e6d64eec942e2fc9c937f7092adb0 (commit)
via 383425fb86fdeccad88080369078d9ac988bab2f (commit)
via 0ae5ff4c0adc5fd727e5c5c47aba8c7859d60a73 (commit)
via eae5caaf050f54a065e2654a60f55fda2c3afd95 (commit)
via 65042ebf07afad2922dcdfceb6e8931c05255649 (commit)
via 12df5392afb8446507bb73f4d33ee42e06a17b82 (commit)
via ca415c4250e32e9430a13b9edf7b308637ce597f (commit)
via 9088a78e78f70721b2aa6bdbdf055551d5bd0265 (commit)
via 9535dc7c6dc185defac2cad6a2733621c42420b7 (commit)
via e041812a84025a9ff9121efabc3805ff2dfe6375 (commit)
via aa4d86ff55b01d150f49b5b4517b0c661a10c36b (commit)
via e7721ee7e7942570ebab793f5870d7a021154a92 (commit)
via aa5c0d159c5016c6517f42a0a1738188b5646517 (commit)
via a053af9d2bbd1f7cf2d05100af208c359190eb97 (commit)
via a3dd494337bbdf20d7bff651d533f944f270766e (commit)
via 3aad3c98cf8af4929bc416bbda55ccc71879f2f2 (commit)
via 5f15e883502e6f737f7cdc577f6c104e8fbeeaa9 (commit)
via d8fc8bbab4bf5c34d316cc884e83fc6e66d57954 (commit)
via 6998a3d7d0ecd27014053fe40c9fb4e0ec970880 (commit)
via 89dc69464b9ec1c2cac5d2420dfe6928da50d384 (commit)
via ba193703ccda16c0ed834248d8c9fda0d6ad2302 (commit)
via 87728d921cfa5997b454ebc5074d2c1aee2def89 (commit)
via dc2238b268d48b4e62a795a4f6b257efc298e2b2 (commit)
via 7b5a069d4f11e36a1c407c4212aba5aafaf4ee7f (commit)
via 31449f3a7649be781b7b61f915d5e879728e87af (commit)
via 2d96a9228fb451752c061c25582a5cc1735099bf (commit)
via 6bb181b1e5f14d166cab8023b14316e54012c583 (commit)
via f28cfbdad40a69f0cc1a7e71d20260c9621e6194 (commit)
via 3c5e5730031ccfb8e851734db23814a4d4fcae4a (commit)
via 5173954c1ec75629bedbe06d6979dae36eb71b6f (commit)
via ebb3076c847c379d8c620d14927f696302fc4f26 (commit)
via 498f84fee3c85227ffb8dba9723c2acec00e03bd (commit)
via 879f5aeac3ca4d053347e5a86a6c0fb303cf0dc3 (commit)
via 2af492e8b34e59fc58fe267da05f0868cb13ea0f (commit)
via cfadaf037788f59dce84d569abaf3b1fb2d78824 (commit)
via f86542369fc5aabe4376e66b282981f35d437d5d (commit)
via 88f9b2c5f86b05b42ae6429a5f74fa2f8b66e8ab (commit)
via ff596eb0f0e84decdb5addadd3f1f16d62c25401 (commit)
via fddd3ca8490adaceab6491632cf249c2320e4fda (commit)
via 45032e30be70503faeee468159b216031b729309 (commit)
via afb96dc9ecf15ecb89c749271c7f48d3f8048a02 (commit)
from 6b839dc9c55b2ea282041b9dc2dddb233236d612 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 13ba66338d16cc07cb0129de932f090d0edb7760
Author: Alejandro del Castillo <alejandro.delcastillo at ni.com>
Date: Tue Jun 11 16:46:48 2019 +0200
OpkgPM: use --add-ignore-recommends to process BAD_RECOMMENDATIONS
Currently, BAD_RECOMMENDATIONS on the opkg backed relies on editing the
opkg status file (it sets BAD_RECOMMENDATIONS pkg want state to
deinstalled and pinned). This is brittle, and not consistent across the
different solver backends. Use new --add-ignore-recommends flag instead.
(From OE-Core rev: 0d11e813ba9b4e8de9e6e5099ff85f5d914243bc)
(From OE-Core rev: bfb0acb6bc6bc11e4aa2c9527916359e1a763e85)
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo at ni.com>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
commit c60f9c47380bb53bd2b54373b72f86006edf326e
Author: Alejandro del Castillo <alejandro.delcastillo at ni.com>
Date: Tue Jun 11 16:46:47 2019 +0200
opkg: add --ignore-recommends flag
To be used for BAD_RECOMMENDATIONS feature.
(From OE-Core rev: 788d97b4f8e4452cef1ba6bb3e565e1b52dbb7de)
(From OE-Core rev: 85007cdb260bc77ac4ae5f914b0e3a4408606dfd)
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo at ni.com>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
[Backport from opkg_0.4.0.bb]
Signed-off-by: Quentin Schulz <quentin.schulz at streamunlimited.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
commit f3ba6cee5927c7475c3dc47658fa0548aec52115
Author: Richard Purdie <richard.purdie at linuxfoundation.org>
Date: Thu Nov 15 15:04:02 2018 +0000
scripts: Remove deprecated imp module usage
The imp module is deprecated, port the code over to use importlib
as recently done for bb.utils as well.
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
-----------------------------------------------------------------------
Summary of changes:
meta/classes/image_types.bbclass | 5 +-
meta/classes/testimage.bbclass | 3 +-
meta/classes/uboot-sign.bbclass | 20 +-
meta/classes/uninative.bbclass | 4 +-
meta/conf/distro/include/yocto-uninative.inc | 8 +-
meta/lib/oe/package_manager.py | 41 +-
meta/lib/oe/rootfs.py | 2 -
meta/lib/oeqa/core/runner.py | 34 +-
meta/lib/oeqa/core/target/ssh.py | 4 +-
meta/lib/oeqa/core/utils/concurrencytest.py | 27 +-
meta/lib/oeqa/manual/bsp-hw.json | 264 +-
meta/lib/oeqa/manual/compliance-test.json | 194 ++
meta/lib/oeqa/manual/kernel-dev.json | 36 +-
meta/lib/oeqa/manual/sdk.json | 14 +-
meta/lib/oeqa/manual/toaster-managed-mode.json | 2572 ++++++++++++++++++++
meta/lib/oeqa/manual/toaster-unmanaged-mode.json | 1170 +++++++++
meta/lib/oeqa/sdk/case.py | 2 +-
meta/lib/oeqa/sdk/utils/sdkbuildproject.py | 3 +-
meta/lib/oeqa/selftest/cases/pkgdata.py | 1 +
meta/lib/oeqa/targetcontrol.py | 2 +-
meta/lib/oeqa/utils/qemurunner.py | 1 +
meta/recipes-connectivity/avahi/avahi.inc | 4 +-
.../avahi/files/fix-CVE-2017-6519.patch | 48 +
meta/recipes-connectivity/bluez5/bluez5.inc | 3 +-
.../bluez5/bluez5/CVE-2018-10910.patch | 705 ++++++
meta/recipes-connectivity/bluez5/bluez5/init | 12 +-
.../openssl/openssl/CVE-2019-1543.patch | 69 +
.../openssl/openssl/afalg.patch | 31 +
.../recipes-connectivity/openssl/openssl/run-ptest | 2 +-
.../{openssl10_1.0.2q.bb => openssl10_1.0.2r.bb} | 4 +-
.../{openssl_1.1.1a.bb => openssl_1.1.1b.bb} | 16 +-
...place-systemd-install-Alias-with-WantedBy.patch | 52 +
.../wpa-supplicant/wpa-supplicant_2.6.bb | 1 +
.../busybox/busybox/CVE-2018-20679.patch | 142 ++
.../busybox/busybox/CVE-2019-5747.patch | 60 +
meta/recipes-core/busybox/busybox_1.29.3.bb | 2 +
.../glib-2.0/glib-2.0/CVE-2019-12450.patch | 59 +
.../glib-2.0/glib-2.0/CVE-2019-9633_p1.patch | 316 +++
.../glib-2.0/glib-2.0/CVE-2019-9633_p2.patch | 231 ++
meta/recipes-core/glib-2.0/glib-2.0/run-ptest | 1 +
meta/recipes-core/glib-2.0/glib-2.0_2.58.0.bb | 3 +
...26-reset-dl_load_write_lock-after-forking.patch | 37 -
...so-lock-before-switching-to-malloc_atfork.patch | 65 -
meta/recipes-core/glibc/glibc/CVE-2016-10739.patch | 232 ++
meta/recipes-core/glibc/glibc/CVE-2018-19591.patch | 48 +
meta/recipes-core/glibc/glibc/CVE-2019-9169.patch | 63 +
meta/recipes-core/glibc/glibc_2.28.bb | 5 +-
.../images/build-appliance-image_15.0.0.bb | 2 +-
.../zlib/zlib-1.2.11/Makefile-runtests.patch | 38 -
.../zlib/zlib-1.2.11/remove.ldconfig.call.patch | 21 -
meta/recipes-core/zlib/zlib-1.2.11/run-ptest | 2 -
.../zlib/{zlib-1.2.11 => zlib}/ldflags-tests.patch | 4 +-
meta/recipes-core/zlib/zlib/run-ptest | 7 +
meta/recipes-core/zlib/zlib_1.2.11.bb | 19 +-
.../recipes-devtools/e2fsprogs/e2fsprogs/run-ptest | 2 +-
meta/recipes-devtools/elfutils/elfutils_0.175.bb | 4 +
.../elfutils/files/CVE-2019-7146_p1.patch | 52 +
.../elfutils/files/CVE-2019-7146_p2.patch | 65 +
.../elfutils/files/CVE-2019-7149.patch | 148 ++
.../elfutils/files/CVE-2019-7150.patch | 51 +
.../recipes-devtools/file/file/CVE-2019-8904.patch | 30 +
.../file/file/CVE-2019-8905_CVE-2019-8907.patch | 120 +
.../recipes-devtools/file/file/CVE-2019-8906.patch | 27 +
meta/recipes-devtools/file/file_5.34.bb | 3 +
meta/recipes-devtools/go/go-1.11.inc | 7 +-
...07-cmd-go-make-GOROOT-precious-by-default.patch | 6 +-
.../0008-use-GOBUILDMODE-to-set-buildmode.patch | 13 +-
meta/recipes-devtools/go/go-crosssdk.inc | 2 +-
meta/recipes-devtools/go/go-target.inc | 2 +-
...pkg-make-index-use-ctime-instead-of-mtime.patch | 59 +
.../opkg-utils/opkg-utils_0.3.6.bb | 1 +
...-libopkg-add-add-ignore-recommends-option.patch | 260 ++
meta/recipes-devtools/opkg/opkg_0.3.6.bb | 1 +
meta/recipes-devtools/pseudo/pseudo_git.bb | 2 +-
...ative-fix-one-do_populate_sysroot-warning.patch | 39 +
...on-native_2.7.15.bb => python-native_2.7.16.bb} | 2 +-
meta/recipes-devtools/python/python.inc | 18 +-
...23-Use-XML_SetHashSalt-in-_elementtree-GH.patch | 96 -
...ix-test_ssl-when-a-filename-cannot-be-enc.patch | 55 -
...LS-1.3-ciphers-for-OpenSSL-1.1.1-GH-6976-.patch | 120 -
...34540-Convert-shutil._call_external_zip-t.patch | 67 -
...dd-missing-closing-wrapper-in-test_tls1_3.patch | 37 -
...ix-test_ssl.test_options-to-account-for-O.patch | 37 -
...ix-test_default_ecdh_curve-needs-no-tlsv1.patch | 34 -
.../python/bpo-35907-cve-2019-9948-fix.patch | 55 +
.../python/python/bpo-35907-cve-2019-9948.patch | 55 +
.../python/bpo-36216-cve-2019-9636-fix.patch | 28 +
.../python/python/bpo-36216-cve-2019-9636.patch | 111 +
meta/recipes-devtools/python/python3_3.5.6.bb | 1 +
.../python/{python_2.7.15.bb => python_2.7.16.bb} | 8 +-
.../qemu/qemu/CVE-2018-16867.patch | 49 +
.../qemu/qemu/CVE-2018-16872.patch | 89 +
.../qemu/qemu/CVE-2018-18849.patch | 86 +
.../qemu/qemu/CVE-2018-19364_p1.patch | 51 +
.../qemu/qemu/CVE-2018-19364_p2.patch | 115 +
.../qemu/qemu/CVE-2018-19489.patch | 83 +
.../qemu/qemu/CVE-2018-20815_p1.patch | 42 +
.../qemu/qemu/CVE-2018-20815_p2.patch | 52 +
.../qemu/qemu/CVE-2019-12155.patch | 38 +
.../recipes-devtools/qemu/qemu/CVE-2019-9824.patch | 47 +
meta/recipes-devtools/qemu/qemu_3.0.0.bb | 10 +
meta/recipes-devtools/ruby/ruby.inc | 6 +-
.../ruby/ruby/CVE-2018-1000073.patch | 34 -
meta/recipes-devtools/ruby/ruby/run-ptest | 13 +
meta/recipes-devtools/ruby/ruby_2.5.3.bb | 12 +-
.../0001-don-t-try-to-run-generated-binaries.patch | 29 +-
meta/recipes-extended/cups/cups_2.2.10.bb | 6 +
meta/recipes-extended/cups/cups_2.2.8.bb | 6 -
.../lighttpd/lighttpd/fix-http-parseopts.patch | 51 +
meta/recipes-extended/lighttpd/lighttpd_1.4.51.bb | 1 +
meta/recipes-extended/tar/tar/CVE-2019-9923.patch | 38 +
meta/recipes-extended/tar/tar_1.30.bb | 1 +
meta/recipes-extended/timezone/timezone.inc | 18 +
meta/recipes-extended/timezone/tzcode-native.bb | 17 +
.../{tzdata/tzdata_2018i.bb => timezone/tzdata.bb} | 12 +-
.../recipes-extended/tzcode/tzcode-native_2018i.bb | 30 -
.../recipes-extended/wget/wget/CVE-2019-5953.patch | 51 +
meta/recipes-extended/wget/wget_1.19.5.bb | 1 +
.../gnome/adwaita-icon-theme_3.28.0.bb | 10 +-
.../cairo/cairo/CVE-2019-6461.patch | 19 +
.../cairo/cairo/CVE-2019-6462.patch | 20 +
meta/recipes-graphics/cairo/cairo_1.14.12.bb | 2 +
meta/recipes-kernel/linux/linux-yocto-rt_4.18.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto-tiny_4.18.bb | 10 +-
meta/recipes-kernel/linux/linux-yocto_4.18.bb | 20 +-
...-a-ulaw-fix-multiple-buffer-overflows-432.patch | 18 +-
.../libsndfile/libsndfile1/CVE-2017-12562.patch | 96 +
.../libsndfile1/CVE-2017-14245-14246.patch | 121 -
.../libsndfile/libsndfile1/CVE-2018-13139.patch | 30 +-
.../libsndfile/libsndfile1/CVE-2018-19758.patch | 34 +
.../libsndfile/libsndfile1/CVE-2019-3832.patch | 37 +
.../libsndfile/libsndfile1_1.0.28.bb | 4 +-
.../images/core-image-sato-sdk-ptest.bb | 10 +-
...bjam-native_1.69.0.bb => bjam-native_1.68.0.bb} | 0
.../boost/{boost-1.69.0.inc => boost-1.68.0.inc} | 4 +-
meta/recipes-support/boost/boost.inc | 1 +
...-arch-instruction-set-flags-we-do-that-o.patch} | 23 +-
...ucibility-add-file-directive-to-assembler.patch | 243 ++
.../boost/{boost_1.69.0.bb => boost_1.68.0.bb} | 6 +-
meta/recipes-support/curl/curl/CVE-2019-5435.patch | 200 ++
meta/recipes-support/curl/curl/CVE-2019-5436.patch | 32 +
meta/recipes-support/curl/curl_7.61.0.bb | 2 +
.../libexif/libexif/CVE-2016-6328.patch | 64 +
.../libexif/libexif/CVE-2018-20030.patch | 115 +
meta/recipes-support/libexif/libexif_0.6.21.bb | 4 +-
.../sqlite/files/CVE-2018-20505.patch | 31 +
.../sqlite/files/CVE-2018-20506.patch | 103 +
meta/recipes-support/sqlite/sqlite3_3.23.1.bb | 2 +
oe-init-build-env | 7 +-
scripts/lib/devtool/__init__.py | 1 +
scripts/lib/devtool/standard.py | 4 +-
scripts/lib/recipetool/create.py | 2 +-
scripts/lib/recipetool/create_npm.py | 1 +
scripts/lib/resulttool/log.py | 78 +
scripts/lib/resulttool/manualexecution.py | 214 +-
scripts/lib/resulttool/merge.py | 8 +-
scripts/lib/resulttool/regression.py | 6 +-
scripts/lib/resulttool/report.py | 2 +-
scripts/lib/resulttool/resultutils.py | 78 +-
scripts/lib/resulttool/store.py | 25 +-
scripts/lib/scriptutils.py | 11 +-
scripts/lib/wic/plugins/source/bootimg-efi.py | 6 +-
scripts/pythondeps | 8 +-
scripts/resulttool | 12 +-
scripts/runqemu | 6 +-
scripts/wic | 2 +-
166 files changed, 9763 insertions(+), 1292 deletions(-)
create mode 100644 meta/lib/oeqa/manual/compliance-test.json
create mode 100644 meta/lib/oeqa/manual/toaster-managed-mode.json
create mode 100644 meta/lib/oeqa/manual/toaster-unmanaged-mode.json
create mode 100644 meta/recipes-connectivity/avahi/files/fix-CVE-2017-6519.patch
create mode 100644 meta/recipes-connectivity/bluez5/bluez5/CVE-2018-10910.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2019-1543.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/afalg.patch
rename meta/recipes-connectivity/openssl/{openssl10_1.0.2q.bb => openssl10_1.0.2r.bb} (98%)
rename meta/recipes-connectivity/openssl/{openssl_1.1.1a.bb => openssl_1.1.1b.bb} (93%)
create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-replace-systemd-install-Alias-with-WantedBy.patch
create mode 100644 meta/recipes-core/busybox/busybox/CVE-2018-20679.patch
create mode 100644 meta/recipes-core/busybox/busybox/CVE-2019-5747.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2019-12450.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2019-9633_p1.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2019-9633_p2.patch
delete mode 100644 meta/recipes-core/glibc/glibc/0026-reset-dl_load_write_lock-after-forking.patch
delete mode 100644 meta/recipes-core/glibc/glibc/0027-Acquire-ld.so-lock-before-switching-to-malloc_atfork.patch
create mode 100644 meta/recipes-core/glibc/glibc/CVE-2016-10739.patch
create mode 100644 meta/recipes-core/glibc/glibc/CVE-2018-19591.patch
create mode 100644 meta/recipes-core/glibc/glibc/CVE-2019-9169.patch
delete mode 100644 meta/recipes-core/zlib/zlib-1.2.11/Makefile-runtests.patch
delete mode 100644 meta/recipes-core/zlib/zlib-1.2.11/remove.ldconfig.call.patch
delete mode 100644 meta/recipes-core/zlib/zlib-1.2.11/run-ptest
rename meta/recipes-core/zlib/{zlib-1.2.11 => zlib}/ldflags-tests.patch (91%)
create mode 100644 meta/recipes-core/zlib/zlib/run-ptest
create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2019-7146_p1.patch
create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2019-7146_p2.patch
create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2019-7149.patch
create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2019-7150.patch
create mode 100644 meta/recipes-devtools/file/file/CVE-2019-8904.patch
create mode 100644 meta/recipes-devtools/file/file/CVE-2019-8905_CVE-2019-8907.patch
create mode 100644 meta/recipes-devtools/file/file/CVE-2019-8906.patch
create mode 100644 meta/recipes-devtools/opkg-utils/opkg-utils/0001-opkg-make-index-use-ctime-instead-of-mtime.patch
create mode 100644 meta/recipes-devtools/opkg/opkg/0001-libopkg-add-add-ignore-recommends-option.patch
create mode 100644 meta/recipes-devtools/python/python-native/0001-python-native-fix-one-do_populate_sysroot-warning.patch
rename meta/recipes-devtools/python/{python-native_2.7.15.bb => python-native_2.7.16.bb} (97%)
delete mode 100644 meta/recipes-devtools/python/python/0001-2.7-bpo-34623-Use-XML_SetHashSalt-in-_elementtree-GH.patch
delete mode 100644 meta/recipes-devtools/python/python/0001-bpo-33354-Fix-test_ssl-when-a-filename-cannot-be-enc.patch
delete mode 100644 meta/recipes-devtools/python/python/0001-bpo-33570-TLS-1.3-ciphers-for-OpenSSL-1.1.1-GH-6976-.patch
delete mode 100644 meta/recipes-devtools/python/python/0001-closes-bpo-34540-Convert-shutil._call_external_zip-t.patch
delete mode 100644 meta/recipes-devtools/python/python/0002-bpo-34818-Add-missing-closing-wrapper-in-test_tls1_3.patch
delete mode 100644 meta/recipes-devtools/python/python/0003-bpo-34834-Fix-test_ssl.test_options-to-account-for-O.patch
delete mode 100644 meta/recipes-devtools/python/python/0004-bpo-34836-fix-test_default_ecdh_curve-needs-no-tlsv1.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948-fix.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636-fix.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636.patch
rename meta/recipes-devtools/python/{python_2.7.15.bb => python_2.7.16.bb} (98%)
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-16867.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-16872.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-18849.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-19364_p1.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-19364_p2.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-19489.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-20815_p1.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-20815_p2.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2019-12155.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2019-9824.patch
delete mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2018-1000073.patch
create mode 100644 meta/recipes-devtools/ruby/ruby/run-ptest
create mode 100644 meta/recipes-extended/cups/cups_2.2.10.bb
delete mode 100644 meta/recipes-extended/cups/cups_2.2.8.bb
create mode 100644 meta/recipes-extended/lighttpd/lighttpd/fix-http-parseopts.patch
create mode 100644 meta/recipes-extended/tar/tar/CVE-2019-9923.patch
create mode 100644 meta/recipes-extended/timezone/timezone.inc
create mode 100644 meta/recipes-extended/timezone/tzcode-native.bb
rename meta/recipes-extended/{tzdata/tzdata_2018i.bb => timezone/tzdata.bb} (94%)
delete mode 100644 meta/recipes-extended/tzcode/tzcode-native_2018i.bb
create mode 100644 meta/recipes-extended/wget/wget/CVE-2019-5953.patch
create mode 100644 meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch
create mode 100644 meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-12562.patch
delete mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-14245-14246.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-19758.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2019-3832.patch
rename meta/recipes-support/boost/{bjam-native_1.69.0.bb => bjam-native_1.68.0.bb} (100%)
rename meta/recipes-support/boost/{boost-1.69.0.inc => boost-1.68.0.inc} (85%)
rename meta/recipes-support/boost/boost/{0001-Don-t-set-up-arch-instruction-set-flags-we-do-that-o.patch => 0003-Don-t-set-up-arch-instruction-set-flags-we-do-that-o.patch} (93%)
create mode 100644 meta/recipes-support/boost/boost/reproducibility-add-file-directive-to-assembler.patch
rename meta/recipes-support/boost/{boost_1.69.0.bb => boost_1.68.0.bb} (56%)
create mode 100644 meta/recipes-support/curl/curl/CVE-2019-5435.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2019-5436.patch
create mode 100644 meta/recipes-support/libexif/libexif/CVE-2016-6328.patch
create mode 100644 meta/recipes-support/libexif/libexif/CVE-2018-20030.patch
create mode 100644 meta/recipes-support/sqlite/files/CVE-2018-20505.patch
create mode 100644 meta/recipes-support/sqlite/files/CVE-2018-20506.patch
create mode 100644 scripts/lib/resulttool/log.py
hooks/post-receive
--
More information about the yocto-security
mailing list