[yocto-security] [OE-core CVE] branch master-next updated. c986cbed9329aff1401acede425ffb0910512ad2
cve-notice at lists.openembedded.org
cve-notice at lists.openembedded.org
Mon Oct 28 15:26:57 PDT 2019
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "".
The branch, master-next has been updated
discards 7a87198e50e932a7f3e239bf9703220934cae130 (commit)
discards 918f192b8c063bbacd05e4aa73ad944a4697f90e (commit)
discards c3577af53a71caceda28e186bcf97038bc0c8234 (commit)
discards aa3a915261076c26f1e8877a494265608a9a46a4 (commit)
discards 00a617fbb290830bdfa75ddf01860ebed9bd37e6 (commit)
discards 666dd4318bfdd4315d0c4107cb52dc7e77ca1372 (commit)
discards 8abff5bb405b293ea9d23c93714aaf252e3474f3 (commit)
discards d5d1adcea66e3cc62d82a04479a0b03852e559ce (commit)
discards 1c04e72f3deb8592fba91ecf248934d383591ddb (commit)
discards 76eb3c01cecc7f04b55f582b8fd86b95180e5c20 (commit)
discards 17c22dacc1ae13e92a1abac4bc94bce0343a70cd (commit)
discards e10de180d72b5a3ddaa99ff1ef3ba0896eb0fc9e (commit)
discards 2639fac2c8c483cd6581e7c5d279caffd0ef087e (commit)
discards 6c3518c3ce22837e378689834bd1d24a17a32c9e (commit)
discards d2d8ffd727206479a270d4612b124c9a2092ffd8 (commit)
via c986cbed9329aff1401acede425ffb0910512ad2 (commit)
via 6608219c2473b15c2d7410a06a28bffd45ae8826 (commit)
via f708d12d70670d8227adaa395d7064b4bf4bdcb0 (commit)
via 3a0cf86c34e1543f0fdb95f2577d374fabc11f29 (commit)
via e51cd9132a274c0db2ae33f60dd0d0730c1c5761 (commit)
via 1f546d96020c3c82690243a0147bed80e2da106d (commit)
via 5988e70cf279155fc1d855c2c9021214140a111e (commit)
via 71af733347cf3aa2f22abbaded72ae1383c40375 (commit)
via 9ac1df048a8af359f55fb5c57b6e031353996617 (commit)
via c12bca1e7aefbb5d16ecf32de1c519becd5cf877 (commit)
via 65cf98b5a4e6026acafebdc9bc0a86e039773418 (commit)
via 5a4d3da0c548c295a4c4a79b2935662180e639a0 (commit)
via bce8070ae1b54318bd74a1e87a9036a5e3452cf6 (commit)
This update added new revisions after undoing existing revisions. That is
to say, the old revision is not a strict subset of the new revision. This
situation occurs when you --force push a change and generate a repository
containing something like this:
* -- * -- B -- O -- O -- O (7a87198e50e932a7f3e239bf9703220934cae130)
\
N -- N -- N (c986cbed9329aff1401acede425ffb0910512ad2)
When this happens we assume that you've already had alert emails for all
of the O revisions, and so we here report only the revisions in the N
branch from the common base, B.
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit c986cbed9329aff1401acede425ffb0910512ad2
Author: Adrian Bunk <bunk at stusta.de>
Date: Mon Oct 28 20:54:47 2019 +0200
vlc: Upgrade 3.0.6 -> 3.0.8
Workaround for riscv64 issue fixed upstream removed.
Also merge the inc into the recipe.
Signed-off-by: Adrian Bunk <bunk at stusta.de>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 6608219c2473b15c2d7410a06a28bffd45ae8826
Author: Adrian Bunk <bunk at stusta.de>
Date: Mon Oct 28 20:54:46 2019 +0200
webrtc-audio-processing: Upgrade 0.3 -> 0.3.1
Backported patches removed.
Signed-off-by: Adrian Bunk <bunk at stusta.de>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit f708d12d70670d8227adaa395d7064b4bf4bdcb0
Author: Adrian Bunk <bunk at stusta.de>
Date: Mon Oct 28 20:54:45 2019 +0200
gstd: Fix the version number
This is Gstd 0.6.3 for GStreamer 1.x.
Also merge the inc into the recipe.
Signed-off-by: Adrian Bunk <bunk at stusta.de>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 3a0cf86c34e1543f0fdb95f2577d374fabc11f29
Author: Adrian Bunk <bunk at stusta.de>
Date: Mon Oct 28 20:54:44 2019 +0200
gerbera: Upgrade 1.3.0 -> 1.3.2
Use the upstream systemd service file.
Signed-off-by: Adrian Bunk <bunk at stusta.de>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit e51cd9132a274c0db2ae33f60dd0d0730c1c5761
Author: Trevor Gamblin <trevor.gamblin at windriver.com>
Date: Mon Oct 28 10:46:05 2019 -0700
rsyslog: upgrade from v8.1908.0 to v8.1910.0
Upgrade rsyslog to latest version for various
fixes including the following CVEs:
CVE: CVE-2019-17040
CVE: CVE-2019-17041
Backported patches for those fixes were removed since
they are contained in v8.1910.0.
Signed-off-by: Trevor Gamblin <trevor.gamblin at windriver.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 1f546d96020c3c82690243a0147bed80e2da106d
Author: Zheng Ruoqin <zhengrq.fnst at cn.fujitsu.com>
Date: Mon Oct 28 23:24:49 2019 +0800
postfix: upgrade 3.4.5 -> 3.4.7
Signed-off-by: Zheng Ruoqin <zhengrq.fnst at cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 5988e70cf279155fc1d855c2c9021214140a111e
Author: Zheng Ruoqin <zhengrq.fnst at cn.fujitsu.com>
Date: Mon Oct 28 23:23:39 2019 +0800
keepalived: upgrade 2.0.16 -> 2.0.19
Signed-off-by: Zheng Ruoqin <zhengrq.fnst at cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 71af733347cf3aa2f22abbaded72ae1383c40375
Author: Luca Boccassi <luca.boccassi at microsoft.com>
Date: Mon Oct 28 14:58:23 2019 +0000
dbus-broker: add patch to fix build with musl libc
Forwarded upstream: https://github.com/bus1/dbus-broker/pull/214
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 9ac1df048a8af359f55fb5c57b6e031353996617
Author: Luca Boccassi <luca.boccassi at microsoft.com>
Date: Mon Oct 28 14:58:22 2019 +0000
dbus-broker: build with SELinux if it's enabled via DISTRO_FEATURES
Signed-off-by: Luca Boccassi <luca.boccassi at microsoft.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit c12bca1e7aefbb5d16ecf32de1c519becd5cf877
Author: Luca Boccassi <luca.boccassi at microsoft.com>
Date: Mon Oct 28 14:58:21 2019 +0000
dbus-broker: backport patches from master
These patches fix issues found in Fedora 30, which switched from
dbus-daemon to dbus-broker.
These backports align meta-oe to Fedora 30.
Signed-off-by: Luca Boccassi <luca.boccassi at microsoft.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 65cf98b5a4e6026acafebdc9bc0a86e039773418
Author: Luca Boccassi <luca.boccassi at microsoft.com>
Date: Mon Oct 28 14:58:20 2019 +0000
dbus-broker: 19 -> 21
Add /lib/systemd/catalog to the package, as snippets for the journal are
now shipped.
Signed-off-by: Luca Boccassi <luca.boccassi at microsoft.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 5a4d3da0c548c295a4c4a79b2935662180e639a0
Author: Adrian Bunk <bunk at stusta.de>
Date: Mon Oct 28 13:14:23 2019 +0200
klibc: Upgrade 2.0.6 -> 2.0.7
Patches applied upstream removed.
Use the release tarball.
Signed-off-by: Adrian Bunk <bunk at stusta.de>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit bce8070ae1b54318bd74a1e87a9036a5e3452cf6
Author: Zang Ruochen <zangrc.fnst at cn.fujitsu.com>
Date: Mon Oct 28 15:30:44 2019 +0800
xmlsec1: upgrade 1.2.28 -> 1.2.29
Signed-off-by: Zang Ruochen <zangrc.fnst at cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
-----------------------------------------------------------------------
Summary of changes:
.../dhcpcd/{dhcpcd_8.1.1.bb => dhcpcd_8.0.2.bb} | 4 ++--
.../autofs/0001-Do-not-hardcode-path-for-pkg.m4.patch | 14 ++++++++------
.../autofs/{autofs_5.1.6.bb => autofs_5.1.5.bb} | 4 ++--
3 files changed, 12 insertions(+), 10 deletions(-)
rename meta-networking/recipes-connectivity/dhcpcd/{dhcpcd_8.1.1.bb => dhcpcd_8.0.2.bb} (86%)
rename meta-networking/recipes-daemons/autofs/{autofs_5.1.6.bb => autofs_5.1.5.bb} (95%)
hooks/post-receive
--
More information about the yocto-security
mailing list