[yocto-security] [OE-core CVE] branch master updated. 19528ba2a6014ebe32b7a3d3099b037330228b88
cve-notice at lists.openembedded.org
cve-notice at lists.openembedded.org
Sat Sep 14 13:40:38 PDT 2019
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "".
The branch, master has been updated
via 19528ba2a6014ebe32b7a3d3099b037330228b88 (commit)
via 62fc26075afc2d56a73777aad753a643fbdafbfa (commit)
via 40366aee7a3a45e85b739db883c343c742b2a55d (commit)
via 4a80e37005f0951bf70aee664a058f7911940cb0 (commit)
via 184cf325c1c430b0e9ea23c6976ddad750fe29d3 (commit)
via 7c69fbdfd33407b2b04cc9c671480023f0f9bf47 (commit)
via 4559c0f1f10145a2b0a76dceb97d41841a8799cc (commit)
via 6cde2ccbc7e29d086e67126641dc7f0ac608bcbf (commit)
via 91658fdf357c55b7362df7e021c76abfbfc0f684 (commit)
via 558fa05918c807044f90251dc0885695d6e5c2cd (commit)
via b75237277b101a30d094b636d091e51a0f85af7b (commit)
via 8e4d4391ff026d887f29f26127032f2d9ec51677 (commit)
via 1e4aebcbf4a29bc1dc0ff690ae6675c32ef5f848 (commit)
via 339494109c18540b3b81402dcdc67d98474d63e8 (commit)
via 9a0de2779b9b31f134ffe19388b5b9b37bb6450e (commit)
via ed143daedced74874bc55324ab4ad991249560a6 (commit)
via 1ca5f106990313af777e38a1c7ef1a26f0f8254f (commit)
via 8225bc22363b2c10c34d904a7c95bcdd234be711 (commit)
via aa1387e01cd524f9fc5740953dcc5e904a3b1298 (commit)
via f15e4c2e1fd70e36258cd7c33a5b813125d734d9 (commit)
via 7d5a99f3f34281355499e4ee3d7a74dc7aa75ebf (commit)
via 003f3ad547d945c56e23c9b851d1d757447c9269 (commit)
via e45826be2baedc6505c6bc3e0102227595e747ea (commit)
via f94ba5038587ff51a102e23f32f564229ad6406d (commit)
via ee2df5419d66b4a4a39e3e176d9241bdf8eb502e (commit)
via b7e70d79f86a55d3ab66a78ea9adfa490e02214e (commit)
via 9f825cb31cc9d7e3973fa356f181eb82fc497985 (commit)
via 61ccc6d4a8ca0fb444b1ddb8104d4ce3c5434607 (commit)
from a2928764c2116156e0e13c674ab5d6292a053842 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 19528ba2a6014ebe32b7a3d3099b037330228b88
Author: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Date: Sat Sep 14 15:46:41 2019 +0200
evtest: update to 1.34
Signed-off-by: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 62fc26075afc2d56a73777aad753a643fbdafbfa
Author: Peiran Hong <peiran.hong at windriver.com>
Date: Fri Sep 13 17:27:29 2019 -0400
tcpdump: Fix CVE-2017-16808
Backport selected parts of three upstream commits to fix
CVE-2017-16808 where tcpdump 4.9.2 has a heap-based buffer over-read.
Upstream-Status: Backport
[ several ]
Upstream commits fully backported:
46aead6 [CVE-2017-16808/AoE: Add a missing bounds check]
Upstream commits partially backported:
7068209 [Use nd_ types in 802.x and FDDI headers.]
84ef17a [Replace ND_TTEST2()/ND_TCHECK2() macros by macros using
pointers (1/n)]
46aead6 fixes the vulnerability and requires two macros defined in
7068209 and 84ef17a, which are committed after the release of 4.9.2.
Only the definition of the macros are taken from the two commits
as they impact a wide range of code and are difficult to integrate.
CVE: CVE-2017-16808
Signed-off-by: Peiran Hong <peiran.hong at windriver.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 40366aee7a3a45e85b739db883c343c742b2a55d
Author: Khem Raj <raj.khem at gmail.com>
Date: Fri Sep 13 10:08:50 2019 -0700
bigbuckbunny: Use faster download mirrors
Original URIs are very slow and these files are quite large where it can
mean hours of download
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 4a80e37005f0951bf70aee664a058f7911940cb0
Author: Adrian Bunk <bunk at stusta.de>
Date: Fri Sep 13 16:13:54 2019 +0300
libqmi: Replace clang patch with configure option
Signed-off-by: Adrian Bunk <bunk at stusta.de>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 184cf325c1c430b0e9ea23c6976ddad750fe29d3
Author: Bartosz Golaszewski <bgolaszewski at baylibre.com>
Date: Fri Sep 13 11:43:07 2019 +0200
unclutter-xfixes: new package
Add a recipe for unclutter-xfixes - a rewrite of the popular tool
unclutter using the x11-xfixes extension.
Included is a patch adding autotools support (instead of a hand-coded
Makefile) that's already been submitted upstream.
Signed-off-by: Bartosz Golaszewski <bgolaszewski at baylibre.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 7c69fbdfd33407b2b04cc9c671480023f0f9bf47
Author: Bartosz Golaszewski <bgolaszewski at baylibre.com>
Date: Fri Sep 13 09:29:53 2019 +0200
zenity: new package
This adds a recipe for zenity - GNOME's utility for displaying dialog
boxes from the command line and shell scripts.
Signed-off-by: Bartosz Golaszewski <bgolaszewski at baylibre.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 4559c0f1f10145a2b0a76dceb97d41841a8799cc
Author: Bartosz Golaszewski <bgolaszewski at baylibre.com>
Date: Fri Sep 13 09:20:21 2019 +0200
yad: new package
This adds a recipe for yad (Yet Another Dialog) - a command-line utility
allowing to display configurable dialog windows from shell scripts and
parse the input from users.
Signed-off-by: Bartosz Golaszewski <bgolaszewski at baylibre.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 6cde2ccbc7e29d086e67126641dc7f0ac608bcbf
Author: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Date: Fri Sep 13 00:53:58 2019 +0200
xorg-sgml-doctools: update to 1.11
Signed-off-by: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 91658fdf357c55b7362df7e021c76abfbfc0f684
Author: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Date: Fri Sep 13 00:52:12 2019 +0200
xmessage: update to 1.0.5
Signed-off-by: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 558fa05918c807044f90251dc0885695d6e5c2cd
Author: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Date: Fri Sep 13 00:50:50 2019 +0200
xmag: update to 1.0.6
Signed-off-by: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit b75237277b101a30d094b636d091e51a0f85af7b
Author: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Date: Fri Sep 13 00:49:48 2019 +0200
xfontsel: update to 1.0.6
Signed-off-by: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 8e4d4391ff026d887f29f26127032f2d9ec51677
Author: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Date: Fri Sep 13 00:48:41 2019 +0200
xcursorgen: update to 1.0.7
Signed-off-by: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 1e4aebcbf4a29bc1dc0ff690ae6675c32ef5f848
Author: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Date: Fri Sep 13 00:47:02 2019 +0200
xclock: update to 1.0.9
Signed-off-by: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 339494109c18540b3b81402dcdc67d98474d63e8
Author: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Date: Fri Sep 13 00:40:01 2019 +0200
tree: update to 1.8.0
Signed-off-by: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 9a0de2779b9b31f134ffe19388b5b9b37bb6450e
Author: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Date: Fri Sep 13 00:13:46 2019 +0200
libsocketcan: update to 0.0.11
Signed-off-by: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit ed143daedced74874bc55324ab4ad991249560a6
Author: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Date: Fri Sep 13 00:11:41 2019 +0200
libuv: update to 1.32.0
Signed-off-by: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 1ca5f106990313af777e38a1c7ef1a26f0f8254f
Author: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Date: Fri Sep 13 00:07:33 2019 +0200
libsass: update to 3.6.1
Signed-off-by: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 8225bc22363b2c10c34d904a7c95bcdd234be711
Author: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Date: Fri Sep 13 00:03:55 2019 +0200
libopus: update to 1.3.1
Signed-off-by: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit aa1387e01cd524f9fc5740953dcc5e904a3b1298
Author: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Date: Fri Sep 13 00:02:15 2019 +0200
libnice: update to 0.1.16
Signed-off-by: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit f15e4c2e1fd70e36258cd7c33a5b813125d734d9
Author: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Date: Thu Sep 12 23:49:22 2019 +0200
libmodplug: update to 0.8.9.0
Signed-off-by: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 7d5a99f3f34281355499e4ee3d7a74dc7aa75ebf
Author: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Date: Thu Sep 12 23:45:13 2019 +0200
libev: update to 4.27
Signed-off-by: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 003f3ad547d945c56e23c9b851d1d757447c9269
Author: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Date: Thu Sep 12 23:44:00 2019 +0200
libdvdread: update to 6.0.1
Signed-off-by: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit e45826be2baedc6505c6bc3e0102227595e747ea
Author: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Date: Thu Sep 12 23:42:34 2019 +0200
libburn: update to 1.5.0
Signed-off-by: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit f94ba5038587ff51a102e23f32f564229ad6406d
Author: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Date: Thu Sep 12 23:39:48 2019 +0200
jsonrpc: update to 1.2.0
Signed-off-by: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit ee2df5419d66b4a4a39e3e176d9241bdf8eb502e
Author: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Date: Thu Sep 12 23:30:59 2019 +0200
fmt: update to 6.0.0
Signed-off-by: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit b7e70d79f86a55d3ab66a78ea9adfa490e02214e
Author: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Date: Thu Sep 12 23:15:20 2019 +0200
ddrescue: update to 1.24
Signed-off-by: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 9f825cb31cc9d7e3973fa356f181eb82fc497985
Author: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Date: Thu Sep 12 23:04:33 2019 +0200
capnproto: update to 0.7.0
License checksum changed due to minor change to the LICENSE file
mentioning other contributors (see @64db3a6def96453f775d).
Signed-off-by: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem at gmail.com>
commit 61ccc6d4a8ca0fb444b1ddb8104d4ce3c5434607
Author: Khem Raj <raj.khem at gmail.com>
Date: Thu Sep 12 13:16:38 2019 -0700
mycroft: Remove alsa-oss from rdeps
It seems to only need pulseaudio alsa plugins and alsa-oss
does not build for musl so its marked incompatible for musl
so lets remove it
Signed-off-by: Khem Raj <raj.khem at gmail.com>
-----------------------------------------------------------------------
Summary of changes:
.../zenity/0001-build-don-t-generate-manual.patch | 50 +++++
meta-gnome/recipes-gnome/zenity/zenity_3.32.0.bb | 24 +++
.../recipes-multimedia/mycroft/mycroft_19.2.3.bb | 2 +-
.../sample-content/bigbuckbunny-1080p.bb | 2 +-
.../sample-content/bigbuckbunny-480p.bb | 2 +-
.../sample-content/bigbuckbunny-720p.bb | 2 +-
...2017-16808-AoE-Add-a-missing-bounds-check.patch | 61 ++++++
.../recipes-support/tcpdump/tcpdump_4.9.2.bb | 1 +
.../libev/{libev_4.25.bb => libev_4.27.bb} | 4 +-
.../libqmi/libqmi/0001-Detect-clang.patch | 85 --------
.../recipes-connectivity/libqmi/libqmi_1.22.2.bb | 2 +-
.../libuv/{libuv_1.27.0.bb => libuv_1.32.0.bb} | 5 +-
.../{capnproto_0.6.1.bb => capnproto_0.7.0.bb} | 4 +-
.../jsonrpc/{jsonrpc_git.bb => jsonrpc_1.2.0.bb} | 10 +-
.../{ddrescue_1.22.bb => ddrescue_1.24.bb} | 5 +-
...bsocketcan_0.0.10.bb => libsocketcan_0.0.11.bb} | 2 +-
.../0001-build-use-autotools.patch | 238 +++++++++++++++++++++
.../unclutter-xfixes/unclutter-xfixes_1.5.bb | 23 ++
.../{xcursorgen_1.0.5.bb => xcursorgen_1.0.7.bb} | 4 +-
.../xorg-app/{xclock_1.0.5.bb => xclock_1.0.9.bb} | 5 +-
.../{xfontsel_1.0.5.bb => xfontsel_1.0.6.bb} | 4 +-
.../xorg-app/{xmag_1.0.5.bb => xmag_1.0.6.bb} | 4 +-
.../{xmessage_1.0.4.bb => xmessage_1.0.5.bb} | 4 +-
...-doctools_1.7.bb => xorg-sgml-doctools_1.11.bb} | 4 +-
meta-oe/recipes-graphics/yad/yad_4.1.bb | 17 ++
.../libburn/{libburn_1.4.0.bb => libburn_1.5.0.bb} | 4 +-
.../{libdvdread_5.0.3.bb => libdvdread_6.0.1.bb} | 7 +-
...libmodplug_0.8.8.5.bb => libmodplug_0.8.9.0.bb} | 5 +-
.../libopus/{libopus_1.1.3.bb => libopus_1.3.1.bb} | 4 +-
.../{libnice_0.1.14.bb => libnice_0.1.16.bb} | 7 +-
.../fmt/{fmt_5.3.0.bb => fmt_6.0.0.bb} | 7 +-
.../sass/{libsass_git.bb => libsass_3.6.1.bb} | 6 +-
.../tree/{tree_1.7.0.bb => tree_1.8.0.bb} | 4 +-
.../evtest/add_missing_limits_h_include.patch | 37 ++++
.../evtest/{evtest_git.bb => evtest_1.34.bb} | 7 +-
35 files changed, 505 insertions(+), 147 deletions(-)
create mode 100644 meta-gnome/recipes-gnome/zenity/zenity/0001-build-don-t-generate-manual.patch
create mode 100644 meta-gnome/recipes-gnome/zenity/zenity_3.32.0.bb
create mode 100644 meta-networking/recipes-support/tcpdump/tcpdump/0001-CVE-2017-16808-AoE-Add-a-missing-bounds-check.patch
rename meta-oe/recipes-connectivity/libev/{libev_4.25.bb => libev_4.27.bb} (79%)
delete mode 100644 meta-oe/recipes-connectivity/libqmi/libqmi/0001-Detect-clang.patch
rename meta-oe/recipes-connectivity/libuv/{libuv_1.27.0.bb => libuv_1.32.0.bb} (80%)
rename meta-oe/recipes-devtools/capnproto/{capnproto_0.6.1.bb => capnproto_0.7.0.bb} (81%)
rename meta-oe/recipes-devtools/jsonrpc/{jsonrpc_git.bb => jsonrpc_1.2.0.bb} (83%)
rename meta-oe/recipes-extended/ddrescue/{ddrescue_1.22.bb => ddrescue_1.24.bb} (90%)
rename meta-oe/recipes-extended/socketcan/{libsocketcan_0.0.10.bb => libsocketcan_0.0.11.bb} (88%)
create mode 100644 meta-oe/recipes-graphics/unclutter-xfixes/unclutter-xfixes/0001-build-use-autotools.patch
create mode 100644 meta-oe/recipes-graphics/unclutter-xfixes/unclutter-xfixes_1.5.bb
rename meta-oe/recipes-graphics/xcursorgen/{xcursorgen_1.0.5.bb => xcursorgen_1.0.7.bb} (69%)
rename meta-oe/recipes-graphics/xorg-app/{xclock_1.0.5.bb => xclock_1.0.9.bb} (63%)
rename meta-oe/recipes-graphics/xorg-app/{xfontsel_1.0.5.bb => xfontsel_1.0.6.bb} (73%)
rename meta-oe/recipes-graphics/xorg-app/{xmag_1.0.5.bb => xmag_1.0.6.bb} (68%)
rename meta-oe/recipes-graphics/xorg-app/{xmessage_1.0.4.bb => xmessage_1.0.5.bb} (60%)
rename meta-oe/recipes-graphics/xorg-doc/{xorg-sgml-doctools_1.7.bb => xorg-sgml-doctools_1.11.bb} (58%)
create mode 100644 meta-oe/recipes-graphics/yad/yad_4.1.bb
rename meta-oe/recipes-multimedia/libburn/{libburn_1.4.0.bb => libburn_1.5.0.bb} (68%)
rename meta-oe/recipes-multimedia/libdvdread/{libdvdread_5.0.3.bb => libdvdread_6.0.1.bb} (71%)
rename meta-oe/recipes-multimedia/libmodplug/{libmodplug_0.8.8.5.bb => libmodplug_0.8.9.0.bb} (80%)
rename meta-oe/recipes-multimedia/libopus/{libopus_1.1.3.bb => libopus_1.3.1.bb} (94%)
rename meta-oe/recipes-support/farsight/{libnice_0.1.14.bb => libnice_0.1.16.bb} (90%)
rename meta-oe/recipes-support/fmt/{fmt_5.3.0.bb => fmt_6.0.0.bb} (67%)
rename meta-oe/recipes-support/sass/{libsass_git.bb => libsass_3.6.1.bb} (65%)
rename meta-oe/recipes-support/tree/{tree_1.7.0.bb => tree_1.8.0.bb} (80%)
create mode 100644 meta-oe/recipes-test/evtest/evtest/add_missing_limits_h_include.patch
rename meta-oe/recipes-test/evtest/{evtest_git.bb => evtest_1.34.bb} (66%)
hooks/post-receive
--
More information about the yocto-security
mailing list