[yocto-security] [OE-core CVE] branch master-next updated. 1ede5a0c181c4562795ab7f9e98889c9a6800d3b
cve-notice at lists.openembedded.org
cve-notice at lists.openembedded.org
Tue Oct 8 00:55:21 PDT 2019
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "".
The branch, master-next has been updated
discards e5583f53c55a64aba989ff1d3651e9b2b6e92dfe (commit)
discards 9aebe4c1283869b839a308e0ad69f0f39681e218 (commit)
discards 2eef1e841ba335cf35cd77c1c46d97a64e32d931 (commit)
discards 9e079f53abeac14b63a206d952f9d468d83521cd (commit)
discards ecbbce3b00046278c4fac138cdb906ade9d17866 (commit)
via 1ede5a0c181c4562795ab7f9e98889c9a6800d3b (commit)
via 31161b5fee5ae8616f18e135990fd27838c7a6ad (commit)
via fb0a590c4a21c7303de6f0b048bbc648b0e7f5f5 (commit)
via 71535e2f0ea76d39d2911e022905ec8ee9843872 (commit)
via b75c618de85e674b60f0f054b9e9b11577db5483 (commit)
via bfe144b038ee49290bed7b7d851bca52d340af2e (commit)
This update added new revisions after undoing existing revisions. That is
to say, the old revision is not a strict subset of the new revision. This
situation occurs when you --force push a change and generate a repository
containing something like this:
* -- * -- B -- O -- O -- O (e5583f53c55a64aba989ff1d3651e9b2b6e92dfe)
\
N -- N -- N (1ede5a0c181c4562795ab7f9e98889c9a6800d3b)
When this happens we assume that you've already had alert emails for all
of the O revisions, and so we here report only the revisions in the N
branch from the common base, B.
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 1ede5a0c181c4562795ab7f9e98889c9a6800d3b
Author: Khem Raj <raj.khem at gmail.com>
Date: Mon Oct 7 08:53:16 2019 -0700
grpc: Update to 1.24.1
upb dependency needs to fed as source, since it lacks the CMake based
external module builds like some other deps
Forward port the cross lib installation patch
Drop gettid patch as it was a backport which is in this revision
Link with libatomic on mips
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 31161b5fee5ae8616f18e135990fd27838c7a6ad
Author: Khem Raj <raj.khem at gmail.com>
Date: Mon Oct 7 20:03:34 2019 -0700
mongodb: Turn system libpcre support into packageconfig
when libpcre is built with clang and mongodb with gcc then they dont
link well, in such cases its better to use in-tree pcre, this paves a
way to achieve that if needed
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit fb0a590c4a21c7303de6f0b048bbc648b0e7f5f5
Author: Otavio Salvador <otavio at ossystems.com.br>
Date: Tue Oct 1 09:15:10 2019 -0300
modemmanager: Upgrade 1.10.2 -> 1.10.6
Signed-off-by: Otavio Salvador <otavio at ossystems.com.br>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 71535e2f0ea76d39d2911e022905ec8ee9843872
Author: Peiran Hong <peiran.hong at windriver.com>
Date: Mon Oct 7 09:43:40 2019 -0400
tcpdump: upgrade 4.9.2 -> 4.9.3
This upgrade adds some new features and fixes numerous bugs including
the following CVEs:
CVE: CVE-2017-16808 (AoE)
CVE: CVE-2018-14468 (FrameRelay)
CVE: CVE-2018-14469 (IKEv1)
CVE: CVE-2018-14470 (BABEL)
CVE: CVE-2018-14466 (AFS/RX)
CVE: CVE-2018-14461 (LDP)
CVE: CVE-2018-14462 (ICMP)
CVE: CVE-2018-14465 (RSVP)
CVE: CVE-2018-14881 (BGP)
CVE: CVE-2018-14464 (LMP)
CVE: CVE-2018-14463 (VRRP)
CVE: CVE-2018-14467 (BGP)
CVE: CVE-2018-10103 (SMB - partially fixed, but SMB printing disabled)
CVE: CVE-2018-10105 (SMB - too unreliably reproduced,
SMB printing disabled)
CVE: CVE-2018-14880 (OSPF6)
CVE: CVE-2018-16451 (SMB)
CVE: CVE-2018-14882 (RPL)
CVE: CVE-2018-16227 (802.11)
CVE: CVE-2018-16229 (DCCP)
CVE: CVE-2018-16301 (was fixed in libpcap)
CVE: CVE-2018-16230 (BGP)
CVE: CVE-2018-16452 (SMB)
CVE: CVE-2018-16300 (BGP)
CVE: CVE-2018-16228 (HNCP)
CVE: CVE-2019-15166 (LMP)
CVE: CVE-2019-15167 (VRRP)
CVE: CVE-2018-14879 (tcpdump -V)
Deleted patch "0001-CVE-2017-16808-AoE-Add-a-missing-bounds-check.patch"
since the fix is included in the upgrade.
Modified patches "avoid-absolute-path-when-searching-for-libdlpi.patch",
"unnecessary-to-check-libpcap.patch", and "add-ptest.path" since
the upgrade renamed configure.in to configure.ac and made changes
to the file.
Added PACKAGECONFIG for smb. It is disabled by default in
the upgraded version in both the package's configure script and this
bitbake recipe since it is insecure.
Modified the parsing of ptest result to align with the new output
format.
With core-image-minimal on qemux86-64/kvm:
Recipe | Passed | Failed | Skipped | Time(s)
Before | 408 | 0 | 2 | 4
After | 431 | 11 | 2 | 10
11 test failed after the upgrade since libpcap is not upgraded
alongside with tcpdump.
Signed-off-by: Peiran Hong <peiran.hong at windriver.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit b75c618de85e674b60f0f054b9e9b11577db5483
Author: Stefan Wiehler <stefan.wiehler at missinglinkelectronics.com>
Date: Mon Oct 7 15:42:49 2019 +0200
nvme-cli: upgrade 1.6 -> 1.9
Signed-off-by: Stefan Wiehler <stefan.wiehler at missinglinkelectronics.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit bfe144b038ee49290bed7b7d851bca52d340af2e
Author: William A. Kennington III via Openembedded-devel <openembedded-devel at lists.openembedded.org>
Date: Mon Oct 7 10:22:59 2019 +0100
log4cpp: Stop using RC as a variable
This recipe cannot be parsed when using meta-mingw because ${RC} expands
to the Windows resource compiler. Let's use PRC instead to avoid that
problem.
Signed-off-by: Mike Crowe <mac at mcrowe.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
-----------------------------------------------------------------------
Summary of changes:
meta-networking/recipes-devtools/grpc/grpc_1.24.1.bb | 6 +++++-
meta-oe/recipes-dbs/mongodb/mongodb_git.bb | 6 +++---
2 files changed, 8 insertions(+), 4 deletions(-)
hooks/post-receive
--
More information about the yocto-security
mailing list