[yocto-security] [OE-core CVE] branch master-next updated. 7a87198e50e932a7f3e239bf9703220934cae130

cve-notice at lists.openembedded.org cve-notice at lists.openembedded.org
Mon Oct 28 15:21:33 PDT 2019


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "".

The branch, master-next has been updated
  discards  e97ee2ac5e43ab793c38e632043eaeeac6f02621 (commit)
  discards  982ada0a5c7b992c9bde7226dd021cf1799249d1 (commit)
  discards  e06c496ef4a27f5ea7befd00a48659883515f8c9 (commit)
  discards  5c1f97a8ed75f45180c30be78b2eba4ff23b1f0b (commit)
  discards  ebff06fb282ba2514952813e96cdca5ac7b921ab (commit)
  discards  5b1fbac2448bb2f3b71541c31781c661c1ff5a7e (commit)
       via  7a87198e50e932a7f3e239bf9703220934cae130 (commit)
       via  918f192b8c063bbacd05e4aa73ad944a4697f90e (commit)
       via  c3577af53a71caceda28e186bcf97038bc0c8234 (commit)
       via  aa3a915261076c26f1e8877a494265608a9a46a4 (commit)
       via  00a617fbb290830bdfa75ddf01860ebed9bd37e6 (commit)

This update added new revisions after undoing existing revisions.  That is
to say, the old revision is not a strict subset of the new revision.  This
situation occurs when you --force push a change and generate a repository
containing something like this:

 * -- * -- B -- O -- O -- O (e97ee2ac5e43ab793c38e632043eaeeac6f02621)
            \
             N -- N -- N (7a87198e50e932a7f3e239bf9703220934cae130)

When this happens we assume that you've already had alert emails for all
of the O revisions, and so we here report only the revisions in the N
branch from the common base, B.

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 7a87198e50e932a7f3e239bf9703220934cae130
Author: Adrian Bunk <bunk at stusta.de>
Date:   Mon Oct 28 20:54:47 2019 +0200

    vlc: Upgrade 3.0.6 -> 3.0.8
    
    Workaround for riscv64 issue fixed upstream removed.
    Also merge the inc into the recipe.
    
    Signed-off-by: Adrian Bunk <bunk at stusta.de>
    Signed-off-by: Khem Raj <raj.khem at gmail.com>

commit 918f192b8c063bbacd05e4aa73ad944a4697f90e
Author: Adrian Bunk <bunk at stusta.de>
Date:   Mon Oct 28 20:54:46 2019 +0200

    webrtc-audio-processing: Upgrade 0.3 -> 0.3.1
    
    Backported patches removed.
    
    Signed-off-by: Adrian Bunk <bunk at stusta.de>
    Signed-off-by: Khem Raj <raj.khem at gmail.com>

commit c3577af53a71caceda28e186bcf97038bc0c8234
Author: Adrian Bunk <bunk at stusta.de>
Date:   Mon Oct 28 20:54:45 2019 +0200

    gstd: Fix the version number
    
    This is Gstd 0.6.3 for GStreamer 1.x.
    
    Also merge the inc into the recipe.
    
    Signed-off-by: Adrian Bunk <bunk at stusta.de>
    Signed-off-by: Khem Raj <raj.khem at gmail.com>

commit aa3a915261076c26f1e8877a494265608a9a46a4
Author: Adrian Bunk <bunk at stusta.de>
Date:   Mon Oct 28 20:54:44 2019 +0200

    gerbera: Upgrade 1.3.0 -> 1.3.2
    
    Use the upstream systemd service file.
    
    Signed-off-by: Adrian Bunk <bunk at stusta.de>
    Signed-off-by: Khem Raj <raj.khem at gmail.com>

commit 00a617fbb290830bdfa75ddf01860ebed9bd37e6
Author: Trevor Gamblin <trevor.gamblin at windriver.com>
Date:   Mon Oct 28 10:46:05 2019 -0700

    rsyslog: upgrade from v8.1908.0 to v8.1910.0
    
    Upgrade rsyslog to latest version for various
    fixes including the following CVEs:
    
    CVE: CVE-2019-17040
    CVE: CVE-2019-17041
    
    Backported patches for those fixes were removed since
    they are contained in v8.1910.0.
    
    Signed-off-by: Trevor Gamblin <trevor.gamblin at windriver.com>
    Signed-off-by: Khem Raj <raj.khem at gmail.com>

-----------------------------------------------------------------------

Summary of changes:
 meta-oe/recipes-support/libiio/libiio_git.bb | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)


hooks/post-receive
-- 



More information about the yocto-security mailing list