[yocto-security] [OE-core CVE] branch warrior-next updated. 2019-04-246-g03b303d
cve-notice at lists.openembedded.org
cve-notice at lists.openembedded.org
Thu Nov 7 13:56:47 PST 2019
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "".
The branch, warrior-next has been updated
via 03b303dbc92521606ff4051bd253f8acc01fd9e5 (commit)
via 8dfe441fd3ad46732c2775b817de1a0d816a87e4 (commit)
via 4e642e6f7b6e51c64e990b74aff3d84b78cd894e (commit)
via 726c3b92298981f5aa2f2449ceeec7b4bf84ed29 (commit)
via 14f04e6b6c1fa40a1c39cd186627b4b8442f2d5e (commit)
via 5fc9b154754e67553296a00a39ed16ab6a1d59de (commit)
via 650dd9486d6e5410665d5376be30732c7625396d (commit)
via a981d9b753a13e100af1f654fb3384f0bcda0b65 (commit)
via 041fb2743a94d7fb065b073efbe5fe5cf46cde53 (commit)
via 23d48f2bea2d358bd8d7d4efd07792bc1f3666bd (commit)
via 49ff6c7ef1d366007c49083f4e5faaf5a9eb086f (commit)
via f83ecbabb911c46de77708ede759a0b768928ea2 (commit)
via e73d5bb4a21497ed645e2a0a4b88c2eeaf65080a (commit)
via fe2d5b0d56201110323911d206243fdcc7f80115 (commit)
via 132fb930109f4930acfc8524bcc40faa3ba6d3d9 (commit)
via 2b7444e41e47e462a8aae0e3e1e95b04cdbaff22 (commit)
via f5ae4010dd29484627a169b8ab02b1012d1dd1d4 (commit)
via a45a6e12d6ce3a531ad924d3e548de8a95055866 (commit)
via 61eed761a51fcb5ac293b76b4dc6edbd6dbbb32f (commit)
via 6c2c6bed0bd5f0a303b9aacfab7db6daec3ee878 (commit)
via 47196abf511d96d9d6c6b561430dc1827484c742 (commit)
via c5d2ca323a255f09c7b3378af5956671205867f4 (commit)
via 6ab0206b8252755367f2357f49007dd78336fec0 (commit)
via b6e17afc06d7a44dc9774ee98de7f186580ddf0d (commit)
via 9051c10e46960a357f0339e347618f5d83923fe4 (commit)
via fbedc2d73ff472c89ba273a890408f93015e8f17 (commit)
via 8b9703454cb2a8a0aa6b7942498f191935d547ea (commit)
via 66c05bb2ca6ecdb621ae1e5bdf28e7aa768d9aba (commit)
via 8bc35e7b23ca0f10f4a2f3c4f7137d3dedc051fb (commit)
via 7f13e4e9ef51bf62729a9a955967aa4752d0d2e8 (commit)
via 07b19cd9ef127ec87f727e154eda62272a828275 (commit)
via 6b7604c536a7a2da99490a7550f997a8e35ca043 (commit)
via 845b9a4ed2b83d716688a7b0d8bf13f37e79a025 (commit)
via acc0f4a6a99fe9367e57a5c2a4f995b6f4db4a9f (commit)
via 20a61476a45d5116dc7081e802b2aaa0bab7e77f (commit)
via 8c87e78547c598cada1bce92e7b25d85b994e2eb (commit)
via 91c42f92cd978a922fff87cb1d0f358c7d9747ea (commit)
via 933a85e45c3edd65cdcc00cb18e17524e0411a09 (commit)
via 7f98309c856e0a54dc9dafda91c9db0a33e57425 (commit)
via 441a2b8979e69c20e7ed0178cdb210eecdec91e1 (commit)
via 51730928df4dbecac72b56e9f843885674b4d18a (commit)
via a579b111349fd9ad91b2d40a51f194fd25af723a (commit)
via d2e5558133f970a8a196c545dd00af9315c1a06a (commit)
via 4e110b7d3b6e84015249f4174766dd3790f9bbbe (commit)
via 9a271cf62d7fc7f2f15c3287831383c2cb3b5dd5 (commit)
via ef7a387c8045af08e5db171e944656b9bf15f598 (commit)
via 6b4c4fbaef8b4655efbc542fb7b97081dbaed8ce (commit)
via 125c77be468adf8b3be8d00f99d80bd77f7d2e1e (commit)
via 7e62ca2a518f1fe6e2f3c7098d17ed0b73ece48c (commit)
via 36c223ecc5349478821a7a64a4ff14bbeae0a7da (commit)
via f7a581264d0f73f0951253a887e380326ffd6180 (commit)
via 273571804567a4520f1e17f5f8a28b85325d0eb2 (commit)
via 21c59450d1c891dadfe1484337bd0a6007a4aa01 (commit)
via a3b083f8b2566bdb4e6b7db15d2a1e000bda57dd (commit)
via 7edf5725631e69c22627e41ecf5de3222f1d624b (commit)
via b7bc9c12219f5c48eb6698e4537f6c0be94ac06a (commit)
via d2ce91ddd66d2c646b0fe273e66538f2724a5cdb (commit)
via 41579d569738a23b80d4599fd6ec082488c6cfee (commit)
via efd32b0e627fe5c8e9963c40c0e1abbd0b9ac8fc (commit)
via 0ccf907992a0e3560897ac300ee6b1352d969c42 (commit)
via 612a4c4df7e9f2e1039d82d1f55492a904dce91a (commit)
via 51fb10275cd9013e3c5fcb94f88e3529e2b8f069 (commit)
via 1a3527231d3c0fa42d16c5b1980c07d68105fea2 (commit)
via 87106ff3f2d24b58a90767e288f783aa92c25748 (commit)
via 93ce13106abc05f4a68a6265590e3770f0bf49a2 (commit)
via 219befc2dad0c6df171f46725c995ce0038fa4f8 (commit)
via e199538cae5177b5b0ab52b0f6417345cf8dca17 (commit)
via cd6de424a1f5ca62d87a0d3c8f8547fc087e8276 (commit)
via 0b73e48c64cb8e651c81b19ddabdd108e4024697 (commit)
via 6387d3ad8cad2d608b88fac17edb8008032c8462 (commit)
via a898245271e8d5c5a5b11041fc0442ac60931ee9 (commit)
via fe6546aab208e5fa2e238aa266db0ea66ad520a1 (commit)
via 423115b70a4a2cdef4b3882ad4491446b84a1f1e (commit)
via b6daf8a5755842c0e38b1a88687a18432138a45a (commit)
via 4f608782e43accb23aa144339ed9169b1718c4f0 (commit)
via 86626171f5a8734c96e9b683f6fec5b779cd20e9 (commit)
via 78193d3037c5ce7333b344e651c78e6e2e5ca371 (commit)
via bbbd16f96f4db392e0bd38da4c2ef8fbb4883938 (commit)
via 507135276293287deed972d49feed511c21391a0 (commit)
via 522ac5ff7aa51ecd5bd0f07c942f350dcaeeb09a (commit)
via 3c036ee32a8080c12a8c31abed6f0e989c06a306 (commit)
via c4fcc2dfefb304ac59f8c49acaad149e239de260 (commit)
via 203439837077275d632a62050f6606bd203c2484 (commit)
via 9be34806ddfbe0e8d214290e0623f2b9779a14b7 (commit)
via 408950d64fe02350acc0ac2ad5a0ea019dbf8945 (commit)
via 7a3b5f260c498da39ecedb313898d1f5482ddd2f (commit)
via feb8ba6821da5c5ccb7b3f9d71eb9f8859006d23 (commit)
via 789be0bd85bfcd6ee27d68fa53f67bd221f8286b (commit)
via 9422bf471953c8e548a369574d960791ceb28a24 (commit)
from 952bfcc3f4b9ee5ba584da0f991f95e80654355a (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 03b303dbc92521606ff4051bd253f8acc01fd9e5
Author: Khem Raj <raj.khem at gmail.com>
Date: Thu Oct 31 19:27:56 2019 +0000
go-1.12: update to 1.12.9 minor release
Signed-off-by: Khem Raj <raj.khem at gmail.com>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
commit 8dfe441fd3ad46732c2775b817de1a0d816a87e4
Author: Adrian Bunk <bunk at stusta.de>
Date: Thu Oct 31 19:27:55 2019 +0000
go: Upgrade 1.12.5 -> 1.12.6
Signed-off-by: Adrian Bunk <bunk at stusta.de>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
commit 4e642e6f7b6e51c64e990b74aff3d84b78cd894e
Author: Alexander Kanavin <alex.kanavin at gmail.com>
Date: Thu Oct 31 19:27:54 2019 +0000
go: update 1.12.1->1.12.5
Signed-off-by: Alexander Kanavin <alex.kanavin at gmail.com>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
-----------------------------------------------------------------------
Summary of changes:
meta/classes/cve-check.bbclass | 142 ++--
meta/classes/icecc.bbclass | 6 +-
meta/classes/image-live.bbclass | 2 +-
meta/classes/kernel-uboot.bbclass | 4 -
meta/classes/kernel.bbclass | 2 +-
meta/classes/multilib.bbclass | 47 ++
meta/classes/package.bbclass | 5 +-
meta/classes/staging.bbclass | 2 +-
meta/classes/uboot-extlinux-config.bbclass | 13 +-
meta/classes/uboot-sign.bbclass | 4 +-
meta/classes/useradd.bbclass | 7 +-
meta/conf/distro/include/maintainers.inc | 1 +
meta/conf/distro/include/yocto-uninative.inc | 10 +-
meta/conf/machine/qemuarm64.conf | 1 +
meta/lib/oe/package.py | 2 +-
.../recipes-connectivity/openssl/openssl_1.1.1b.bb | 2 +-
.../glib-2.0/glib-2.0/CVE-2019-13012.patch | 40 +
meta/recipes-core/glib-2.0/glib-2.0_2.58.3.bb | 1 +
meta/recipes-core/glibc/glibc-locale.inc | 6 +
meta/recipes-core/glibc/glibc-mtrace.inc | 3 +
meta/recipes-core/glibc/glibc-package.inc | 61 +-
meta/recipes-core/glibc/glibc-scripts.inc | 3 +
meta/recipes-core/glibc/glibc/CVE-2019-9169.patch | 1 +
meta/recipes-core/glibc/glibc_2.29.bb | 1 -
.../images/build-appliance-image_15.0.0.bb | 2 +-
meta/recipes-core/libxcrypt/libxcrypt.bb | 4 +-
meta/recipes-core/meta/cve-update-db-native.bb | 195 +++++
meta/recipes-core/systemd/systemd.inc | 2 +-
meta/recipes-devtools/binutils/binutils-2.32.inc | 4 +
...Change-default-emulation-for-mips64-linux.patch | 9 +-
.../binutils/binutils/CVE-2019-12972.patch | 51 ++
.../binutils/binutils/CVE-2019-14250.patch | 33 +
.../binutils/binutils/CVE-2019-14444.patch | 28 +
.../binutils/binutils/CVE-2019-9071.patch | 165 +++++
.../cve-check-tool/cve-check-tool_5.6.4.bb | 62 --
...01-Fix-freeing-memory-allocated-by-sqlite.patch | 50 --
...ow-overriding-default-CA-certificate-file.patch | 215 ------
...ogress-in-percent-when-downloading-CVE-db.patch | 135 ----
...are-computed-vs-expected-sha256-digit-str.patch | 52 --
.../check-for-malloc_trim-before-using-it.patch | 51 --
meta/recipes-devtools/dpkg/dpkg/pager.patch | 21 +
meta/recipes-devtools/dpkg/dpkg_1.19.4.bb | 1 +
meta/recipes-devtools/gcc/gcc-8.3.inc | 6 +
.../gcc/gcc-8.3/0042-PR-debug-86964.patch | 94 +++
...vent-spilling-of-stack-protector-guard-s-.patch | 813 +++++++++++++++++++++
.../gcc/gcc-8.3/CVE-2019-14250.patch | 44 ++
.../gcc/gcc-8.3/CVE-2019-15847_p1.patch | 521 +++++++++++++
.../gcc/gcc-8.3/CVE-2019-15847_p2.patch | 77 ++
.../gcc/gcc-8.3/CVE-2019-15847_p3.patch | 45 ++
meta/recipes-devtools/go/go-1.12.inc | 7 +-
...nch.go1.12-security-net-textproto-don-t-n.patch | 163 +++++
meta/recipes-devtools/json-c/json-c_0.13.1.bb | 2 -
meta/recipes-devtools/meson/meson.inc | 1 +
...-return-statements-that-are-seen-with-Wer.patch | 84 +++
.../meson/meson/0003-native_bindir.patch | 2 +-
...k-temporary-file-on-failed-ed-style-patch.patch | 93 +++
...ak-temporary-file-on-failed-multi-file-ed.patch | 80 ++
...ke-ed-directly-instead-of-using-the-shell.patch | 44 ++
.../patch/patch/CVE-2019-13636.patch | 113 +++
meta/recipes-devtools/patch/patch_2.7.6.bb | 4 +
meta/recipes-devtools/python/python.inc | 5 +
...55-Dont-parse-domains-containing-GH-13079.patch | 90 +++
.../python/python/CVE-2019-9740.patch | 215 ++++++
.../python/python/bpo-36742-cve-2019-10160.patch | 81 ++
...ysconfig-append-STAGING_LIBDIR-python-sys.patch | 2 +-
...2-distutils-prefix-is-inside-staging-area.patch | 2 +-
.../python/python3/CVE-2018-20852.patch | 124 ----
.../python/python3/CVE-2019-9636.patch | 154 ----
.../python/{python3_3.7.2.bb => python3_3.7.4.bb} | 10 +-
meta/recipes-devtools/python/python_2.7.16.bb | 8 +-
...qemu-native_3.1.0.bb => qemu-native_3.1.1.1.bb} | 0
...tive_3.1.0.bb => qemu-system-native_3.1.1.1.bb} | 0
meta/recipes-devtools/qemu/qemu.inc | 15 +-
.../0001-egl-headless-add-egl_create_context.patch | 50 --
...nux-user-assume-__NR_gettid-always-exists.patch | 49 ++
...rename-gettid-to-sys_gettid-to-avoid-clas.patch | 95 +++
.../qemu/qemu/0014-fix-CVE-2018-16872.patch | 85 ---
...fix-to-handle-variably-sized-SIOCGSTAMP-w.patch | 339 +++++++++
.../qemu/qemu/0015-fix-CVE-2018-20124.patch | 60 --
.../qemu/qemu/0016-fix-CVE-2018-20125.patch | 54 --
.../qemu/qemu/0017-fix-CVE-2018-20126.patch | 113 ---
.../qemu/qemu/0018-fix-CVE-2018-20191.patch | 47 --
.../qemu/qemu/0019-fix-CVE-2018-20216.patch | 85 ---
.../recipes-devtools/qemu/qemu/CVE-2019-3812.patch | 39 -
.../qemu/{qemu_3.1.0.bb => qemu_3.1.1.1.bb} | 0
.../rsync/files/CVE-2016-9840.patch | 75 ++
.../rsync/files/CVE-2016-9841.patch | 228 ++++++
.../rsync/files/CVE-2016-9842.patch | 33 +
.../rsync/files/CVE-2016-9843.patch | 53 ++
meta/recipes-devtools/rsync/rsync_3.1.3.bb | 4 +
.../ghostscript/CVE-2019-3839-0008.patch | 440 +++++++++++
.../ghostscript/ghostscript_9.26.bb | 1 +
meta/recipes-extended/psmisc/psmisc.inc | 2 +-
.../sudo/sudo/CVE-2019-14287-1.patch | 178 +++++
.../sudo/sudo/CVE-2019-14287-2.patch | 112 +++
meta/recipes-extended/sudo/sudo_1.8.27.bb | 2 +
.../unzip/unzip/CVE-2019-13232_p1.patch | 33 +
.../unzip/unzip/CVE-2019-13232_p2.patch | 356 +++++++++
.../unzip/unzip/CVE-2019-13232_p3.patch | 121 +++
meta/recipes-extended/unzip/unzip_6.0.bb | 3 +
.../libsdl/libsdl-1.2.15/CVE-2019-7572.patch | 114 +++
.../libsdl/libsdl-1.2.15/CVE-2019-7574.patch | 68 ++
.../libsdl/libsdl-1.2.15/CVE-2019-7575.patch | 81 ++
.../libsdl/libsdl-1.2.15/CVE-2019-7576.patch | 80 ++
.../libsdl/libsdl-1.2.15/CVE-2019-7577.patch | 123 ++++
.../libsdl/libsdl-1.2.15/CVE-2019-7578.patch | 64 ++
.../libsdl/libsdl-1.2.15/CVE-2019-7635.patch | 63 ++
.../libsdl/libsdl-1.2.15/CVE-2019-7637.patch | 192 +++++
.../libsdl/libsdl-1.2.15/CVE-2019-7638.patch | 38 +
meta/recipes-graphics/libsdl/libsdl_1.2.15.bb | 9 +
.../mesa/{mesa-gl_19.0.1.bb => mesa-gl_19.0.8.bb} | 0
.../mesa/{mesa_19.0.1.bb => mesa_19.0.8.bb} | 4 +-
.../pango/pango/CVE-2019-1010238.patch | 38 +
meta/recipes-graphics/pango/pango_1.42.4.bb | 4 +-
meta/recipes-kernel/linux/kernel-devsrc.bb | 4 +-
meta/recipes-kernel/linux/linux-yocto-dev.bb | 2 +-
meta/recipes-kernel/linux/linux-yocto-rt_4.19.bb | 8 +-
meta/recipes-kernel/linux/linux-yocto-rt_5.0.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto-tiny_4.19.bb | 8 +-
meta/recipes-kernel/linux/linux-yocto-tiny_5.0.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_4.19.bb | 22 +-
meta/recipes-kernel/linux/linux-yocto_5.0.bb | 21 +-
.../0001-wakeup_xxx.h-include-limits.h.patch | 55 ++
meta/recipes-kernel/powertop/powertop_2.10.bb | 1 +
...der-release-VA-buffers-after-vaEndPicture.patch | 45 ++
...ibs-encoder-jpeg-set-component-id-and-Tqi.patch | 65 ++
.../gstreamer/gstreamer1.0-vaapi_1.14.4.bb | 2 +
.../libid3tag/libid3tag/10_utf16.patch | 1 +
.../libid3tag/libid3tag/unknown-encoding.patch | 39 +
.../libid3tag/libid3tag_0.15.1b.bb | 1 +
.../libtiff/tiff/CVE-2019-6128.patch | 52 ++
.../libtiff/tiff/CVE-2019-7663.patch | 77 ++
meta/recipes-multimedia/libtiff/tiff_4.0.10.bb | 3 +-
meta/recipes-support/boost/boost.inc | 2 +
meta/recipes-support/curl/curl/CVE-2019-5482.patch | 65 ++
meta/recipes-support/curl/curl_7.64.1.bb | 1 +
.../gnutls/{gnutls_3.6.7.bb => gnutls_3.6.8.bb} | 4 +-
.../libcroco/libcroco/CVE-2017-8834_71.patch | 38 +
meta/recipes-support/libcroco/libcroco_0.6.12.bb | 1 +
.../files/0001-Prefetch-GCM-look-up-tables.patch | 90 +++
...ok-up-tables-to-.data-section-and-unshare.patch | 332 +++++++++
...ok-up-table-to-.data-section-and-unshare-.patch | 178 +++++
meta/recipes-support/libgcrypt/libgcrypt_1.8.4.bb | 3 +
.../libgpg-error-1.35-gawk5-support.patch | 161 ++++
.../libgpg-error/libgpg-error_1.35.bb | 1 +
.../libxslt/files/CVE-2019-13117.patch | 33 +
.../libxslt/files/CVE-2019-13118.patch | 76 ++
meta/recipes-support/libxslt/libxslt_1.1.33.bb | 2 +
.../rng-tools/rng-tools/rngd.service | 3 +-
scripts/runqemu | 22 +-
150 files changed, 7736 insertions(+), 1574 deletions(-)
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2019-13012.patch
create mode 100644 meta/recipes-core/meta/cve-update-db-native.bb
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2019-12972.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2019-14250.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2019-14444.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2019-9071.patch
delete mode 100644 meta/recipes-devtools/cve-check-tool/cve-check-tool_5.6.4.bb
delete mode 100644 meta/recipes-devtools/cve-check-tool/files/0001-Fix-freeing-memory-allocated-by-sqlite.patch
delete mode 100644 meta/recipes-devtools/cve-check-tool/files/0001-curl-allow-overriding-default-CA-certificate-file.patch
delete mode 100644 meta/recipes-devtools/cve-check-tool/files/0001-print-progress-in-percent-when-downloading-CVE-db.patch
delete mode 100644 meta/recipes-devtools/cve-check-tool/files/0001-update-Compare-computed-vs-expected-sha256-digit-str.patch
delete mode 100644 meta/recipes-devtools/cve-check-tool/files/check-for-malloc_trim-before-using-it.patch
create mode 100644 meta/recipes-devtools/dpkg/dpkg/pager.patch
create mode 100644 meta/recipes-devtools/gcc/gcc-8.3/0042-PR-debug-86964.patch
create mode 100644 meta/recipes-devtools/gcc/gcc-8.3/0043-PR85434-Prevent-spilling-of-stack-protector-guard-s-.patch
create mode 100644 meta/recipes-devtools/gcc/gcc-8.3/CVE-2019-14250.patch
create mode 100644 meta/recipes-devtools/gcc/gcc-8.3/CVE-2019-15847_p1.patch
create mode 100644 meta/recipes-devtools/gcc/gcc-8.3/CVE-2019-15847_p2.patch
create mode 100644 meta/recipes-devtools/gcc/gcc-8.3/CVE-2019-15847_p3.patch
create mode 100644 meta/recipes-devtools/go/go-1.12/0001-release-branch.go1.12-security-net-textproto-don-t-n.patch
create mode 100644 meta/recipes-devtools/meson/meson/0001-Fix-missing-return-statements-that-are-seen-with-Wer.patch
create mode 100644 meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-ed-style-patch.patch
create mode 100644 meta/recipes-devtools/patch/patch/0001-Don-t-leak-temporary-file-on-failed-multi-file-ed.patch
create mode 100644 meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch
create mode 100644 meta/recipes-devtools/patch/patch/CVE-2019-13636.patch
create mode 100644 meta/recipes-devtools/python/python/0001-2.7-bpo-34155-Dont-parse-domains-containing-GH-13079.patch
create mode 100644 meta/recipes-devtools/python/python/CVE-2019-9740.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-36742-cve-2019-10160.patch
delete mode 100644 meta/recipes-devtools/python/python3/CVE-2018-20852.patch
delete mode 100644 meta/recipes-devtools/python/python3/CVE-2019-9636.patch
rename meta/recipes-devtools/python/{python3_3.7.2.bb => python3_3.7.4.bb} (97%)
rename meta/recipes-devtools/qemu/{qemu-native_3.1.0.bb => qemu-native_3.1.1.1.bb} (100%)
rename meta/recipes-devtools/qemu/{qemu-system-native_3.1.0.bb => qemu-system-native_3.1.1.1.bb} (100%)
delete mode 100644 meta/recipes-devtools/qemu/qemu/0001-egl-headless-add-egl_create_context.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0001-linux-user-assume-__NR_gettid-always-exists.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0001-linux-user-rename-gettid-to-sys_gettid-to-avoid-clas.patch
delete mode 100644 meta/recipes-devtools/qemu/qemu/0014-fix-CVE-2018-16872.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0014-linux-user-fix-to-handle-variably-sized-SIOCGSTAMP-w.patch
delete mode 100644 meta/recipes-devtools/qemu/qemu/0015-fix-CVE-2018-20124.patch
delete mode 100644 meta/recipes-devtools/qemu/qemu/0016-fix-CVE-2018-20125.patch
delete mode 100644 meta/recipes-devtools/qemu/qemu/0017-fix-CVE-2018-20126.patch
delete mode 100644 meta/recipes-devtools/qemu/qemu/0018-fix-CVE-2018-20191.patch
delete mode 100644 meta/recipes-devtools/qemu/qemu/0019-fix-CVE-2018-20216.patch
delete mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2019-3812.patch
rename meta/recipes-devtools/qemu/{qemu_3.1.0.bb => qemu_3.1.1.1.bb} (100%)
create mode 100644 meta/recipes-devtools/rsync/files/CVE-2016-9840.patch
create mode 100644 meta/recipes-devtools/rsync/files/CVE-2016-9841.patch
create mode 100644 meta/recipes-devtools/rsync/files/CVE-2016-9842.patch
create mode 100644 meta/recipes-devtools/rsync/files/CVE-2016-9843.patch
create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2019-3839-0008.patch
create mode 100644 meta/recipes-extended/sudo/sudo/CVE-2019-14287-1.patch
create mode 100644 meta/recipes-extended/sudo/sudo/CVE-2019-14287-2.patch
create mode 100644 meta/recipes-extended/unzip/unzip/CVE-2019-13232_p1.patch
create mode 100644 meta/recipes-extended/unzip/unzip/CVE-2019-13232_p2.patch
create mode 100644 meta/recipes-extended/unzip/unzip/CVE-2019-13232_p3.patch
create mode 100644 meta/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7572.patch
create mode 100644 meta/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7574.patch
create mode 100644 meta/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7575.patch
create mode 100644 meta/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7576.patch
create mode 100644 meta/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7577.patch
create mode 100644 meta/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7578.patch
create mode 100644 meta/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7635.patch
create mode 100644 meta/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7637.patch
create mode 100644 meta/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7638.patch
rename meta/recipes-graphics/mesa/{mesa-gl_19.0.1.bb => mesa-gl_19.0.8.bb} (100%)
rename meta/recipes-graphics/mesa/{mesa_19.0.1.bb => mesa_19.0.8.bb} (85%)
create mode 100644 meta/recipes-graphics/pango/pango/CVE-2019-1010238.patch
create mode 100644 meta/recipes-kernel/powertop/powertop/0001-wakeup_xxx.h-include-limits.h.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi/0001-libs-decoder-release-VA-buffers-after-vaEndPicture.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi/0001-libs-encoder-jpeg-set-component-id-and-Tqi.patch
create mode 100644 meta/recipes-multimedia/libid3tag/libid3tag/unknown-encoding.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2019-6128.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2019-7663.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2019-5482.patch
rename meta/recipes-support/gnutls/{gnutls_3.6.7.bb => gnutls_3.6.8.bb} (93%)
create mode 100644 meta/recipes-support/libcroco/libcroco/CVE-2017-8834_71.patch
create mode 100644 meta/recipes-support/libgcrypt/files/0001-Prefetch-GCM-look-up-tables.patch
create mode 100644 meta/recipes-support/libgcrypt/files/0002-AES-move-look-up-tables-to-.data-section-and-unshare.patch
create mode 100644 meta/recipes-support/libgcrypt/files/0003-GCM-move-look-up-table-to-.data-section-and-unshare-.patch
create mode 100644 meta/recipes-support/libgpg-error/libgpg-error/libgpg-error-1.35-gawk5-support.patch
create mode 100644 meta/recipes-support/libxslt/files/CVE-2019-13117.patch
create mode 100644 meta/recipes-support/libxslt/files/CVE-2019-13118.patch
hooks/post-receive
--
More information about the yocto-security
mailing list