[yocto-security] [OE-core CVE] branch master-next updated. 01d539b324a867a01b271946321f2bfd031c2e67
cve-notice at lists.openembedded.org
cve-notice at lists.openembedded.org
Fri Oct 4 19:12:20 PDT 2019
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "".
The branch, master-next has been updated
discards 36b379a768bcfe062372ed8e3677e906741f25c6 (commit)
discards 7818f2f69d54fb13403eb2a435cd33a00d818951 (commit)
discards c08b7e36668da9909da734ecf4056ea210a39232 (commit)
discards dc0ce1021149ab875d9283694d1f7751928b78dc (commit)
discards aefc5ecf6ae5cde2c0e193c250d8ba3b959b41c7 (commit)
discards c4de5c112800d3feef2ae2fbaab4bc8121e94c37 (commit)
discards a4cedbcf585132d65c0154691e99d6113298bc5b (commit)
discards 25387a367b0999f6e150c24bab872900a7b878b4 (commit)
discards 55ad895ceb54551cbea475628348e64adaee52fe (commit)
discards f19cdd26614ce508794d66e4f2fab872ebd5f994 (commit)
discards aae146b6789b49e649d4ccacb3f4c33413f65903 (commit)
discards fd8ec28e5dab7b1d908037cebf20062369a40907 (commit)
discards 6bfddc941919e0d0ff9da9f44b01f2b6be90d3cd (commit)
discards 77f2088b547d54febd57d3c6be2a65011da4837d (commit)
via 01d539b324a867a01b271946321f2bfd031c2e67 (commit)
via 6e31ebb24a2101477d3fb568374baae0cd8b7b82 (commit)
via 05de7a2cbea9396f5d1933111bdc9d5889f901de (commit)
via e17a684f289d1ed5025e9024e4045391dde7e1ae (commit)
via a4412258ef94d76f67db1e96d54a12c69e533bff (commit)
via b08e503eb75f1e6fee65cea4c03d18ad91e7a217 (commit)
via 1eaeb89b9443298295943bc76af00dde00173e66 (commit)
via 6ce65dc3fbf1f97db6f01fccc6205db243577662 (commit)
via ec48bd3bdfa4db779734417d3866b8437a9470e6 (commit)
via b750c405c7d291a885b8ceb197fe59b2ce125d11 (commit)
via a0c79bfccb7a1007b07b26b19df945baed0c7063 (commit)
via fdd9aea01261e65ead32b56efec901ed8b6a99b9 (commit)
This update added new revisions after undoing existing revisions. That is
to say, the old revision is not a strict subset of the new revision. This
situation occurs when you --force push a change and generate a repository
containing something like this:
* -- * -- B -- O -- O -- O (36b379a768bcfe062372ed8e3677e906741f25c6)
\
N -- N -- N (01d539b324a867a01b271946321f2bfd031c2e67)
When this happens we assume that you've already had alert emails for all
of the O revisions, and so we here report only the revisions in the N
branch from the common base, B.
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 01d539b324a867a01b271946321f2bfd031c2e67
Author: Maciej Pijanowski <maciej.pijanowski at 3mdeb.com>
Date: Fri Oct 4 17:38:02 2019 +0200
smem: package smemcap separately
Signed-off-by: Maciej Pijanowski <maciej.pijanowski at 3mdeb.com>
smemcap is a tiny binary which allows capturing current state of the /proc
for further offline analysis.
Package it seperately so there is no need to install python runtime
dependencies on the embedded system when not required.
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 6e31ebb24a2101477d3fb568374baae0cd8b7b82
Author: Khem Raj <raj.khem at gmail.com>
Date: Wed Oct 2 16:11:45 2019 -0700
xscreensaver: Remove xserver-nodm-init rdep
this seems to be not required anyway
Fixes
ERROR: xscreensaver different signature for task do_package_write_ipk.sigdata between qemux86copy and qemux86
Hash for dependent task x11-common/xserver-nodm-init_3.0.bb:do_packagedata changed from de0944d4fcaeed0efdb143a18cc406bd043469ae291de1704a999bc878a7691c to ba7bdaf35860ba5bf5a5f4ce06379a77c88eb9806e09a1fc5373933888a46507
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 05de7a2cbea9396f5d1933111bdc9d5889f901de
Author: Randy MacLeod <randy.macleod at windriver.com>
Date: Fri Oct 4 11:56:11 2019 -0400
libteam: update from 1.28 to 1.29
Signed-off-by: Randy MacLeod <Randy.MacLeod at windriver.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit e17a684f289d1ed5025e9024e4045391dde7e1ae
Author: Ovidiu Panait <ovidiu.panait at windriver.com>
Date: Fri Oct 4 17:16:49 2019 +0300
kea: Disable parallel install
According to configure.ac, make install might fail when run with multiple jobs:
$ tail -15 log.do_configure
...
When running "make install" do not use any form of parallel or job
server options (such as GNU make's -j option). Doing so may cause
errors.
...
Signed-off-by: Ovidiu Panait <ovidiu.panait at windriver.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit a4412258ef94d76f67db1e96d54a12c69e533bff
Author: Adrian Ratiu <adrian.ratiu at collabora.com>
Date: Fri Oct 4 14:40:26 2019 +0300
renderdoc: add x11 to REQUIRED_DISTRO_FEATURES
This recipe depends on having x11 enabled so we add it to fix:
ERROR: Nothing PROVIDES 'libxcb' (but
meta-oe/meta-oe/recipes-graphics/renderdoc/renderdoc_1.4.bb
DEPENDS on or otherwise requires it)
libxcb was skipped: missing required distro feature 'x11' (not in DISTRO_FEATURES)
Signed-off-by: Adrian Ratiu <adrian.ratiu at collabora.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit b08e503eb75f1e6fee65cea4c03d18ad91e7a217
Author: Callaghan, Dan <dan.callaghan at opengear.com>
Date: Fri Oct 4 13:35:47 2019 +1000
strongswan: install dev headers
These are needed for other packages which want to link against
libstrongswan or other libraries included with Strongswan.
By default, no headers are installed.
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 1eaeb89b9443298295943bc76af00dde00173e66
Author: Callaghan, Dan <dan.callaghan at opengear.com>
Date: Fri Oct 4 13:12:26 2019 +1000
firewalld: update to 0.7.1
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 6ce65dc3fbf1f97db6f01fccc6205db243577662
Author: Trevor Gamblin <trevor.gamblin at windriver.com>
Date: Thu Oct 3 14:58:51 2019 -0400
gd: fix CVE-2019-6978
CVE: CVE-2019-6978
Signed-off-by: Trevor Gamblin <trevor.gamblin at windriver.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit ec48bd3bdfa4db779734417d3866b8437a9470e6
Author: Trevor Gamblin <trevor.gamblin at windriver.com>
Date: Thu Oct 3 14:58:50 2019 -0400
php: fix CVE-2019-6978
Patch for php to sync with the fix for the same issue in
libgd.
CVE: CVE-2019-6978
Signed-off-by: Trevor Gamblin <trevor.gamblin at windriver.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit b750c405c7d291a885b8ceb197fe59b2ce125d11
Author: George McCollister <george.mccollister at gmail.com>
Date: Thu Oct 3 13:08:31 2019 -0500
wireshark: fix qt5 build
Add qttools-native to PACKAGECONFIG[qt5] DEPENDS to resolve missing
Qt5LinguistTools build error.
Add qtmultimedia to PACKAGECONFIG[qt5] DEPENDS to resolve missing
Qt5Multimedia build error.
Add qtsvg to PACKAGECONFIG[qt5] DEPENDS to resolve missing Qt5Svg build
error.
Inherit cmake_qt5 when qt5 is in PACKAGECONFIG to resolve
get_target_property() called with non-existent target "Qt5::qmake"
build error.
Automatically add qt5 to PACKAGECONFIG when meta-qt5 is in the build
since adding qt5 via a .bbappend won't satisfy the conditional inherit
cmake_qt5. The poppler recipe does exactly this.
Signed-off-by: George McCollister <george.mccollister at gmail.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit a0c79bfccb7a1007b07b26b19df945baed0c7063
Author: Jean-Marie LEMETAYER <jean-marie.lemetayer at savoirfairelinux.com>
Date: Thu Oct 3 16:07:29 2019 +0200
python-toml: add recipes for python2 and python3
This package is a Python library for parsing and creating TOML [1].
Another python TOML parser library named pytoml already exists in
meta-oe/recipes-devtools/python/python*-pytoml_*.bb but this library is
deprecated and it is explicitly explained to consider using the toml
package instead [2].
1: https://github.com/toml-lang/toml
2: https://github.com/avakar/pytoml/commit/cd2a62e1444cda2c517b02d36b97151acf379b88
Signed-off-by: Jean-Marie LEMETAYER <jean-marie.lemetayer at savoirfairelinux.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit fdd9aea01261e65ead32b56efec901ed8b6a99b9
Author: Peiran Hong <peiran.hong at windriver.com>
Date: Wed Oct 2 16:01:10 2019 -0400
zabbix: upgrade 3.0.9 -> 4.2.6
This update fixes the following CVEs:
- CVE-2016-10742 (ZBX-13133, refer to 'Changes for 3.4.4rc1' in ChangeLog)
and addresses numerous bugs as well as improved frontend messaging
usage.
Added libevent, libpcre and zlib to DEPENDS as required dependency
to build 4.2.6.
Added --with-libpthread to EXTRA_OECONF as default configure option
since it is turned on by default in the new version.
There are also new optional features available in this update that
could be but are not yet added as PACKAGECONFIG.
Signed-off-by: Peiran Hong <peiran.hong at windriver.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
-----------------------------------------------------------------------
Summary of changes:
.../recipes-apps/catfish/{catfish_1.4.10.bb => catfish_1.4.9.bb} | 4 ++--
...replace-dm-tool.patch => 0001-use-lxdm-to-replace-dm-tool.patch} | 0
.../xfce4-panel/{xfce4-panel_4.14.1.bb => xfce4-panel_4.14.0.bb} | 6 +++---
3 files changed, 5 insertions(+), 5 deletions(-)
rename meta-xfce/recipes-apps/catfish/{catfish_1.4.10.bb => catfish_1.4.9.bb} (72%)
rename meta-xfce/recipes-xfce/xfce4-panel/files/{0002-use-lxdm-to-replace-dm-tool.patch => 0001-use-lxdm-to-replace-dm-tool.patch} (100%)
rename meta-xfce/recipes-xfce/xfce4-panel/{xfce4-panel_4.14.1.bb => xfce4-panel_4.14.0.bb} (87%)
hooks/post-receive
--
More information about the yocto-security
mailing list