[yocto-security] [OE-core CVE] branch master updated. 2018-10-1281-g563de8e
cve-notice at lists.openembedded.org
cve-notice at lists.openembedded.org
Tue Mar 19 08:47:34 PDT 2019
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "".
The branch, master has been updated
via 563de8e3a07942beb60c72eb1a8072be9035a0a7 (commit)
via 8191942fd1c758e8761ab6aef8aec6da9871a935 (commit)
via 7a528511445165c72ba24dc1cffeaca9ce71caf5 (commit)
via 489ece1aa90d8f76b4c1f009d837f82e38e11ba9 (commit)
from f24178993e7b0830510900e80e879c7f9f8e28f0 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 563de8e3a07942beb60c72eb1a8072be9035a0a7
Author: Khem Raj <raj.khem at gmail.com>
Date: Mon Mar 18 21:41:59 2019 -0700
gdb: Do not disable lttng-ust on risc-v
Signed-off-by: Khem Raj <raj.khem at gmail.com>
Cc: Jonathan Rajotte-Julien <jonathan.rajotte-julien at efficios.com>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
commit 8191942fd1c758e8761ab6aef8aec6da9871a935
Author: Khem Raj <raj.khem at gmail.com>
Date: Mon Mar 18 21:41:58 2019 -0700
packagegroup-core-tools-profile: Do not remove lttng-ust for musl and risc-v
Signed-off-by: Khem Raj <raj.khem at gmail.com>
Cc: Jonathan Rajotte-Julien <jonathan.rajotte-julien at efficios.com>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
commit 7a528511445165c72ba24dc1cffeaca9ce71caf5
Author: Khem Raj <raj.khem at gmail.com>
Date: Mon Mar 18 21:41:57 2019 -0700
lttng: Enable tools and modules on riscv
Latest version compiles on risv64 now
Signed-off-by: Khem Raj <raj.khem at gmail.com>
Cc: Jonathan Rajotte-Julien <jonathan.rajotte-julien at efficios.com>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
commit 489ece1aa90d8f76b4c1f009d837f82e38e11ba9
Author: Kai Kang <kai.kang at windriver.com>
Date: Fri Mar 15 04:01:19 2019 -0400
qemu: backport patches to fix cves
CVE: CVE-2018-16872
CVE: CVE-2018-20124
CVE: CVE-2018-20125
CVE: CVE-2018-20126
CVE: CVE-2018-20191
CVE: CVE-2018-20216
Patches 0015-fix-CVE-2018-20124.patch and 0017-fix-CVE-2018-20126.patch
are rebased on current source code. Others are not modified.
Signed-off-by: Kai Kang <kai.kang at windriver.com>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
-----------------------------------------------------------------------
Summary of changes:
.../packagegroup-core-tools-profile.bb | 3 -
meta/recipes-devtools/gdb/gdb-common.inc | 1 -
meta/recipes-devtools/qemu/qemu.inc | 6 ++
.../qemu/qemu/0014-fix-CVE-2018-16872.patch | 85 ++++++++++++++++
.../qemu/qemu/0015-fix-CVE-2018-20124.patch | 60 +++++++++++
.../qemu/qemu/0016-fix-CVE-2018-20125.patch | 54 ++++++++++
.../qemu/qemu/0017-fix-CVE-2018-20126.patch | 113 +++++++++++++++++++++
.../qemu/qemu/0018-fix-CVE-2018-20191.patch | 47 +++++++++
.../qemu/qemu/0019-fix-CVE-2018-20216.patch | 85 ++++++++++++++++
meta/recipes-kernel/lttng/lttng-modules_2.10.8.bb | 2 +-
meta/recipes-kernel/lttng/lttng-tools_2.10.6.bb | 1 -
11 files changed, 451 insertions(+), 6 deletions(-)
create mode 100644 meta/recipes-devtools/qemu/qemu/0014-fix-CVE-2018-16872.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0015-fix-CVE-2018-20124.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0016-fix-CVE-2018-20125.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0017-fix-CVE-2018-20126.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0018-fix-CVE-2018-20191.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0019-fix-CVE-2018-20216.patch
hooks/post-receive
--
More information about the yocto-security
mailing list