| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: b0a0abbcc5e631e693b9e896bd0fc9b9432dd297)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b301d5203a4da0a0985670848126c5db762ddc86)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 5dd5130f9b13212a4f5e8b075ae1ecda868c5f28)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 96185dac787e14fa9eb77d009653a2fd4d926e3f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Includes fixes for:
CVE-2022-2816
CVE-2022-2817
CVE-2022-2819
CVE-2022-2845
CVE-2022-2849
CVE-2022-2862
CVE-2022-2874
CVE-2022-2889
(From OE-Core rev: 169537045e614aa08052fd0130ea3199523bc8f3)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3ec2d27d09444213ec1c9b91c6f8c4363f297294)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since we're keeping cve-check aligned between the active branches,
and dunfell is supported on Python 3.5, we can't use f-strings.
(From OE-Core rev: 4cc681fd66031c8355f69e53443536b31377eba9)
Signed-off-by: Ernst Sjöstrand <ernstp@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1821cf7464cbba521b55a9c128fe8812c0cc5eca)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Add below patch to fix CVE-2016-3709
CVE-2016-3709.patch
Link: https://github.com/GNOME/libxml2/commit/c1ba6f54d32b707ca6d91cb3257ce9de82876b6f
(From OE-Core rev: b9312041e4c8d565ad1e1102f8634bcc913adfa7)
Signed-off-by: Pawan Badganchi<pawan.badganchi@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: https://github.com/golang/go
MR: 120634
Type: Security Fix
Disposition: Backport from https://github.com/golang/go/commit/703c8ab7e5ba75c95553d4e249309297abad7102
ChangeID: 3ade323dd52a6b654358f6738a0b3411ccc6d3f8
Description:
CVE-2022-32189 golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service.
(From OE-Core rev: 9b3420c9a91059eb55754078bb1e733972e94489)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: https://github.com/golang/go
MR: 120628, 120631
Type: Security Fix
Disposition: Backport from https://github.com/golang/go/commit/ed2f33e1a7e0d18f61bd56f7ee067331d612c27e && https://github.com/golang/go/commit/ed2f33e1a7e0d18f61bd56f7ee067331d612c27e
ChangeID: fbd8d61bdc2e9cb0cdbe9879e02aed218ee93dbe
Description:
Fixed CVE:
1. CVE-2022-30635
2. CVE-2022-32148
(From OE-Core rev: 2c4fb77f417464d9cd40f0ebd8cc52e6e6ca689e)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: https://github.com/golang/go
MR: 120622, 120625
Type: Security Fix
Disposition: Backport from https://github.com/golang/go/commit/76f8b7304d1f7c25834e2a0cc9e88c55276c47df && https://github.com/golang/go/commit/2678d0c957193dceef336c969a9da74dd716a827
ChangeID: aabb29a6dd6a89842f451c95af228aaf66e58bb5
Description:
Fixed CVE:
1. CVE-2022-30632
2. CVE-2022-30633
(From OE-Core rev: 9ffaae887743d77839fb758657b1dec71a9b8880)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: https://github.com/golang/go
MR: 120613, 120613
Type: Security Fix
Disposition: Backport from https://github.com/golang/go/commit/c15a8e2dbb5ac376a6ed890735341b812d6b965c && https://github.com/golang/go/commit/0117dee7dccbbd7803d88f65a2ce8bd686219ad3
ChangeID: 366db775dec045d7b312b8da0436af36ab322046
Description:
Fixed CVE:
1. CVE-2022-30629
2. CVE-2022-30631
(From OE-Core rev: 6813a265c7c21e24636d07a6a8df16ef0cf7da50)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: https://gitlab.com/libtiff/libtiff
MR: 120545
Type: Security Fix
Disposition: Backport from https://gitlab.com/libtiff/libtiff/-/commit/275735d0354e39c0ac1dc3c0db2120d6f31d1990
ChangeID: 4c781586f7aba27420a7adc0adc597cc68495387
Description:
CVE-2022-34526 libtiff: A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit.
(From OE-Core rev: 462d4a55a460c60a7b8c36fe3899e66f13835761)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Pass additional arguments in the fileslocked() context manager to the
underlying lockfile() function. This allows the context manager to be
used for any types of locks (non-blocking, shared, etc.) that the
lockfile() function supports.
(Bitbake rev: 048d682b031644fb9f0d41a489bacb873aa27bd7)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
numa is an existing machine feature, add it to the list so that users
are aware of it.
(From yocto-docs rev: d9931a04bccd115f854275cd46c8195c3fa1d391)
Signed-off-by: Jon Mason <jdmason@kudzu.us>
Reviewed-by: Quentin Schulz <foss+yocto@0leil.net>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
The user does need to be told about this but it isn't really a warning,
just something they may need to be aware of. Drop the level accordingly.
(Bitbake rev: 3b719e8e115b7fde869f62ddc180e045c1b51cdf)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Prevent new tasks from being scheduled if the memory pressure is above
a certain threshold, specified through the "BB_MAX_PRESSURE_MEMORY"
variable in the conf/local.conf file. This is an extension to the
following commit and hence regulates pressure in the same way:
48a6d84de1 bitbake: runqueue: add cpu/io pressure regulation
Memory pressure is experienced when time is spent swapping, refaulting
pages from the page cache or performing direct reclaim. This is why
memory pressure is rarely seen but might be useful as a last resort to
prevent OOM errors.
(Bitbake rev: 44c395434c7be8dab968630a610c8807f512920c)
(Bitbake rev: 82b683f8c7a559f4fcab68f6a0fa7dc3dc20fa05)
Signed-off-by: Aryaman Gupta <aryaman.gupta@windriver.com>
Signed-off-by: Randy Macleod <Randy.Macleod@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Prevent the scheduler from starting new tasks if the current cpu or io
pressure is above a certain threshold and there is at least one active
task. This threshold can be specified through the
"BB_PRESSURE_MAX_{CPU|IO}" variables in conf/local.conf.
The threshold represents the difference in "total" pressure from the
previous second. The pressure data is discussed in this oe-core commit:
061931520b buildstats.py: enable collection of /proc/pressure data
where one can see that the average and "total" values are available.
>From tests, it was seen that while using the averaged data was somewhat
useful, the latency in regulating builds was too high. By taking the
difference between the current pressure and the pressure seen in the
previous second, better regulation occurs. Using a shorter time period
is appealing but due to fluctations in pressure, comparing the current
pressure to 1 second ago achieves a reasonable compromise. One can look
at the buildstats logs, that usually sample once per second, to decide a
sensible threshold.
If the thresholds aren't specified, pressure is not monitored and hence
there is no impact on build times. Arbitary lower limit of 1.0 results
in a fatal error to avoid extremely long builds. If the limits are higher
than 1,000,000, then warnings are issued to inform users that the specified
limit is very high and unlikely to result in any regulation.
The current bitbake scheduling algorithm requires that at least one
task be active. This means that if high pressure is seen, then new tasks
will not be started and pressure will be checked only for as long as at
least one task is active. When there are no active tasks, an additional task
will be started and pressure checking resumed. This behaviour means that
if an external source is causing the pressure to exceed the threshold,
bitbake will continue to make some progress towards the requested target.
This violates the intent of limiting pressure but, given the current
scheduling algorithm as described above, there seems to be no other option.
In the case where only one bitbake build is running, the implications of
the scheduler requirement will likely result in pressure being higher
than the threshold. More work would be required to ensure that
the pressure threshold is never exceeded, for example by adding pressure
monitoring to make and ninja.
(Bitbake rev: 502e05cbe67fb7a0e804dcc2cc0764a2e05c014f)
(Bitbake rev: 66741d216e9d4343e82a94f00cd39751632a5b96)
Signed-off-by: Aryaman Gupta <aryaman.gupta@windriver.com>
Signed-off-by: Randy Macleod <randy.macleod@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
| |
(From OE-Core rev: a3cba15142e98177119ef36c09f553d09acf35ef)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From meta-yocto rev: 2de758bc8a4ead8e89619766d5096604b554f2c1)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From yocto-docs rev: 95e030ec74f69eccabcc97737c8a93fd7629f9d9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With the usage of enterprise proxy, the user-agent defined are
too old and refused by proxy configuration. Updating to something
more modern is desirable.
(Bitbake rev: 17be38290d1e971cd89785e6bf44caef0a6416f8)
Signed-off-by: Christophe Priouzeau <christophe.priouzeau@st.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7001fdd7c4dca372cbebd8fd2c0b03c5d43f9400)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
`rc` runs all the KILL scripts in a runlevel before the START scripts.
The umountnfs script is currently configured as a START script, and
runs after the networking KILL script. During shutdown, this causes a
~3 minute timeout after networking is shutdown when the system tries
to connect to and unmount any mounted network shares.
Fix this by changing the script configuration to "stop" so that it can
run before networking is stopped and unmount any network shares
safely.
(From OE-Core rev: e59c72d570102d72786e44c8ace69fd4d0e8e5ef)
Signed-off-by: Shruthi Ravichandran <shruthi.ravichandran@ni.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c419bd4537756e9f6c2fe6da3a9b798526e27eca)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is to ensure host-user-contaminated.txt would be removed before
do_rootfs runs, since ${S} is in cleandirs of do_rootfs, otherwise, a
host-user-contaminated.txt file that generated from previous builds
could be used which is wrong.
(From OE-Core rev: 06cfa8be54c9aee23bd8570a370a974b463a0a1a)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 54a3fd63e684d070fad962be97e549f3af7ac111)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This makes the bin_package.bbclass work properly with the native class.
(From OE-Core rev: 0bf78a8e0e1cf7e74b55aca4db0e62dd9dfa55ce)
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ad330b6d4b6e2ba051b5c6c437e07a183831f757)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Building external kernel modules like lttng-modules was showing build paths
inside the debug symbols for the modules and breaking build reproducibility.
Fix this by adding in the mapping needed to map the kernel build directory
to something more approriate on target.
(From OE-Core rev: c4d8834ed3d200f25f12fec8acfa2b954f3240e0)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b56dc9009ba93174de6bf4c01e17808ef249dc5c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Restore WHENCE_CHKSUM variable which is used to hold the WHENCE file
checksum. It is necessary to allow easily overriding it from local.conf
if the devupstream version is selected:
PREFERRED_VERSION_linux-firmware = "1:20220708+git%"
SRCREV:class-devupstream = "${AUTOREV}"
WHENCE_CHKSUM:class-devupstream:pn-linux-firmware = "abf1077491eeb261ecdcb680a34fc059"
Without the WHENCE_CHECKSUM one would need to manually patch the
LIC_FILES_CHKSUM variable to change the checksum of WHENC (e.g. using
the anonymous python function or remove expression).
(From OE-Core rev: ba997f02b2cb86aeaa308873727a9280d1f88b5b)
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 554be2af1e0a03a2d23032d48afbbe0913a45409)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
License-Update: a few obsolete firmware were dropped
(particularly i2400m and tda7706), file list updates.
(From OE-Core rev: a151460d9234d6cd0bd1920c48aff8c78454931a)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e89fb37e13fcb832ee7d35e7d92d45eaca20689e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Drop crosscompile.patch which was merged as part of:
509695c1c (tag: v9.0.0065) patch 9.0.0065: \
cross-compiling doesn't work because of timer_create check
Also drop: racefix.patch which may have been fixed upstream
and is being tracked by:
https://github.com/vim/vim/pull/10776
where upstream is asking if the different approach resolves the
race condition. Let's see what's out there!
(From OE-Core rev: 083d6de4139859a5eb66f78c2a62a1d59c8aee35)
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit 6996472cd33d2d4b91821f2dfe24a27a697e4afe)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pulls in several CVE fixes.
Added a patch to avoid timer_create cross compile issue (and submitted upstream).
Also submit the race fix upstream.
We disable timer_create in the native case since some systems have it
and some don't so this makes us consistent.
Change from master commit: we also disable timer_create in the target case
since the function isn't available in our glibc.
(From OE-Core rev: f99677f79449032a3b0ea79d704fdccbd5be68b7)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d0c1de084c7ce030d47a428e4bbfbc4ce2996057)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: https://github.com/madler/zlib
MR: 120531
Type: Security Fix
Disposition: Backport from https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1 & https://github.com/madler/zlib/commit/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d
ChangeID: 364c17d74213c64fe40b9b37ee78aa172ff93acf
Description:
CVE-2022-37434 zlib: a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field.
(From OE-Core rev: 10ed7cf347d9e73b29e4a3f6ef77e0a4b08e350b)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: https://gitlab.com/gnutls/gnutls
MR: 120421
Type: Security Fix
Disposition: Backport from https://gitlab.com/gnutls/gnutls/-/commit/ce37f9eb265dbe9b6d597f5767449e8ee95848e2
ChangeID: f0c84c6aa8178582ac9838c453dacdf2c7cae0e5
Description:
CVE-2022-2509 gnutls: Double free during gnutls_pkcs7_verify.
(From OE-Core rev: 4cac37913d08f433668778e788f01e009dbb94bd)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: https://git.qemu.org/?p=qemu.git;
MR: 107558
Type: Security Fix
Disposition: Backport from https://git.qemu.org/?p=qemu.git;a=commit;h=4bfb024bc76973d40a359476dc0291f46e435442
ChangeID: c5d25422f43edb7d8728118eb482eba09474ef2c
Description:
CVE-2020-27821 qemu: heap buffer overflow in msix_table_mmio_write() in hw/pci/msix.c.
(From OE-Core rev: 198bd53bdc77d2b01dae19993bde79f03f4dd02c)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: ac6ea1a96645d2a4dd54660256603f0b191bb4d3)
Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit baeab0f51ecc19fb85101c4bd472f0650231d0de)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* but it still won't work well on hosts without libxml2, make
sure to use pre-generated testapi.c in do_compile_ptest
* this is reproducible with SOURCE_DATE_EPOCH set to 0 which
e.g. meta-updater still sets by default for DISTROs which
use it :(, see https://github.com/uptane/meta-updater/pull/35
(From OE-Core rev: 2f78dbcb300e7deae6cf39263e874ee8776d7a7b)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
This test will fail any time the host has libdrm > 2.4.107
(From OE-Core rev: 33d006ed8d93ea4c185d6b28a72b2d252fbb5ae1)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
OpenSSH 9.0 uses sftp by default as the transport for scp, add in
sftp-server so that this works as expected for users, rather than being
left with a confusing "scp: Connection closed" message.
(From OE-Core rev: 788e2c6bccc58e5a88b33fa91ea3c3ffec7611ca)
Signed-off-by: Alex Kiernan <alexk@zuma.ai>
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit be61b9dac78f0d85c870a0d8304fb4b536ec4bc8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes
ERROR: QA Issue: : /work/x86_64-linux/libmodule-build-perl-native/0.4231-r0/sysroot-destdir/work/x86_64-linux/libmodule-build-perl-native/0.4231-r0/recipe-sysroot-native/usr/bin/config_data maximum shebang size exceeded, the maximum size is 128. [shebang-size]
(From OE-Core rev: f11ed8c8fd78b88a50f382df419afff6ccde02a0)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 54ecb2d3f2523293383103cbe590ebdd037ee483)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
If enabled, the buildpaths test hangs in psplash as it tries to open
a fifo and read from it, hanging indefinitely.
Tweak the test to ignore fifo/socket/device files.
(From OE-Core rev: 0106c6a629d0a9f07d76ffaad2dc92e48021e1b0)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2567edb7e0a8c5ca9a88d6940491bf33bfe0eff9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Updating to the latest korg -stable release that comprises
the following commits:
8d8935e76f6f Linux 5.4.209
0b0088e47587 scsi: core: Fix race between handling STS_RESOURCE and completion
85fe8623f061 mt7601u: add USB device ID for some versions of XiaoDu WiFi Dongle.
d5a596c148b3 ARM: crypto: comment out gcc warning that breaks clang builds
8d6dab81ee3d sctp: leave the err path free in sctp_stream_init to sctp_stream_free
a49282eca8ab sfc: disable softirqs for ptp TX
7799f742f24b perf symbol: Correct address for bss symbols
388b3f14ff60 virtio-net: fix the race between refill work and close
52be29e8b645 netfilter: nf_queue: do not allow packet truncation below transport header offset
8e0ed463dbd5 sctp: fix sleep in atomic context bug in timer handlers
bc135e464dee i40e: Fix interface init with MSI interrupts (no MSI-X)
46462e26e65f tcp: Fix a data-race around sysctl_tcp_comp_sack_nr.
d42f68a9ceb4 tcp: Fix a data-race around sysctl_tcp_comp_sack_delay_ns.
c2b57a4d3ff6 Documentation: fix sctp_wmem in ip-sysctl.rst
2d30375343b6 tcp: Fix a data-race around sysctl_tcp_invalid_ratelimit.
5d235c2fc295 tcp: Fix a data-race around sysctl_tcp_autocorking.
e02c7ee5a430 tcp: Fix a data-race around sysctl_tcp_min_rtt_wlen.
558a2949608f tcp: Fix a data-race around sysctl_tcp_min_tso_segs.
fb200869eabe net: sungem_phy: Add of_node_put() for reference returned by of_get_parent()
e20dd1b0e0ea igmp: Fix data-races around sysctl_igmp_qrv.
73e5a0b59129 ipv6/addrconf: fix a null-ptr-deref bug for ip6_ptr
421e5dd1f12e net: ping6: Fix memleak in ipv6_renew_options().
3d492b008b3d tcp: Fix a data-race around sysctl_tcp_challenge_ack_limit.
dfdc635d55f9 tcp: Fix a data-race around sysctl_tcp_limit_output_bytes.
d62e255ecc33 scsi: ufs: host: Hold reference returned by of_parse_phandle()
b1343528c7ae ice: do not setup vlan for loopback VSI
15d019860159 ice: check (DD | EOF) bits on Rx descriptor rather than (EOP | RS)
cd23a2ad7b7c tcp: Fix a data-race around sysctl_tcp_nometrics_save.
f9a03fd8ed31 tcp: Fix a data-race around sysctl_tcp_frto.
3be498bcf6ea tcp: Fix a data-race around sysctl_tcp_adv_win_scale.
f4b83df01105 tcp: Fix a data-race around sysctl_tcp_app_win.
f240d0cad26c tcp: Fix data-races around sysctl_tcp_dsack.
b9f937d3d54d s390/archrandom: prevent CPACF trng invocations in interrupt context
911904c577e0 ntfs: fix use-after-free in ntfs_ucsncmp()
098e07ef0059 Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put
(From OE-Core rev: bd55001d9f895c7d52fedc7d1d2eb7b2ad7032b1)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Updating to the latest korg -stable release that comprises
the following commits:
77ba2b9b46f8 Linux 5.4.208
ca5762c5896e x86: drop bogus "cc" clobber from __try_cmpxchg_user_asm()
f88d8c188229 net: usb: ax88179_178a needs FLAG_SEND_ZLP
f7785092cb7f tty: use new tty_insert_flip_string_and_push_buffer() in pty_write()
815d936e92f9 tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push()
2ea77b0b6d22 tty: drop tty_schedule_flip()
f20912215c9c tty: the rest, stop using tty_schedule_flip()
aa60c0cce8b4 tty: drivers/tty/, stop using tty_schedule_flip()
126137a53d7e Bluetooth: Fix bt_skb_sendmmsg not allocating partial chunks
836b47e6436b Bluetooth: SCO: Fix sco_send_frame returning skb->len
aa2d34cab3e6 Bluetooth: Fix passing NULL to PTR_ERR
10bacb891722 Bluetooth: RFCOMM: Replace use of memcpy_from_msg with bt_skb_sendmmsg
bf46574d4655 Bluetooth: SCO: Replace use of memcpy_from_msg with bt_skb_sendmsg
f00b06003b11 Bluetooth: Add bt_skb_sendmmsg helper
55bf99849be0 Bluetooth: Add bt_skb_sendmsg helper
015af30d373d ALSA: memalloc: Align buffer allocations in page size
352affc31e26 bitfield.h: Fix "type of reg too small for mask" test
0a0fbbd6cb65 x86/mce: Deduplicate exception handling
b524137fa1d8 mmap locking API: initial implementation as rwsem wrappers
592a1c6066dd x86/uaccess: Implement macros for CMPXCHG on user addresses
1d778b54a5c0 x86: get rid of small constant size cases in raw_copy_{to,from}_user()
d0d583484d2e locking/refcount: Consolidate implementations of refcount_t
dab787c73f6e locking/refcount: Consolidate REFCOUNT_{MAX,SATURATED} definitions
0d3182fbe689 locking/refcount: Move saturation warnings out of line
809554147d60 locking/refcount: Improve performance of generic REFCOUNT_FULL code
9c9269977f03 locking/refcount: Move the bulk of the REFCOUNT_FULL implementation into the <linux/refcount.h> header
04bff7d7b808 locking/refcount: Remove unused refcount_*_checked() variants
513b19a43bec locking/refcount: Ensure integer operands are treated as signed
68b4ee68e8c8 locking/refcount: Define constants for saturation and max refcount values
3f71d0e292eb ima: remove the IMA_TEMPLATE Kconfig option
bc7581e36d40 dlm: fix pending remove if msg allocation fails
4f1d21c77b15 bpf: Make sure mac_header was set before using it
a1f8765f68bc mm/mempolicy: fix uninit-value in mpol_rebind_policy()
76668d2a2f36 spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref for non DMA transfers
50a1d3d09750 tcp: Fix data-races around sysctl_tcp_max_reordering.
c64b99819de4 tcp: Fix a data-race around sysctl_tcp_rfc1337.
6cc566df6806 tcp: Fix a data-race around sysctl_tcp_stdurg.
7f68bed16c7b tcp: Fix a data-race around sysctl_tcp_retrans_collapse.
369d99c2b89f tcp: Fix data-races around sysctl_tcp_slow_start_after_idle.
492f3713b282 tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts.
92c35113c633 tcp: Fix data-races around sysctl_tcp_recovery.
83767fe800a3 tcp: Fix a data-race around sysctl_tcp_early_retrans.
795aee11fda4 tcp: Fix data-races around sysctl knobs related to SYN option.
f39b03bd727a udp: Fix a data-race around sysctl_udp_l3mdev_accept.
6727f39e99e0 ipv4: Fix a data-race around sysctl_fib_multipath_use_neigh.
a8569f76df7e be2net: Fix buffer overflow in be_get_module_eeprom
91d6aa19dd72 gpio: pca953x: only use single read/write for No AI mode
031af9e617a6 ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero
55a2a28b3285 i40e: Fix erroneous adapter reinitialization during recovery process
d88d59faf4e6 iavf: Fix handling of dummy receive descriptors
25d53d858a6c tcp: Fix data-races around sysctl_tcp_fastopen.
78420d8e46df tcp: Fix data-races around sysctl_max_syn_backlog.
dc58e68d1e26 tcp: Fix a data-race around sysctl_tcp_tw_reuse.
e9362a993886 tcp: Fix a data-race around sysctl_tcp_notsent_lowat.
b0d9f04c870e tcp: Fix data-races around some timeout sysctl knobs.
ea309c467dac tcp: Fix data-races around sysctl_tcp_reordering.
b222de2560ab tcp: Fix data-races around sysctl_tcp_syncookies.
ff55c025e647 igmp: Fix a data-race around sysctl_igmp_max_memberships.
1656ecaddf90 igmp: Fix data-races around sysctl_igmp_llm_reports.
2aad2c5745ec net/tls: Fix race in TLS device down flow
573768dede0e net: stmmac: fix dma queue left shift overflow issue
911b81fca2d7 i2c: cadence: Change large transfer count reset logic to be unconditional
73a11588751a tcp: Fix a data-race around sysctl_tcp_probe_interval.
b04817c94fbd tcp: Fix a data-race around sysctl_tcp_probe_threshold.
033963b22063 tcp: Fix a data-race around sysctl_tcp_mtu_probe_floor.
fdb96b69f590 tcp: Fix data-races around sysctl_tcp_min_snd_mss.
30b73edc1d24 tcp: Fix data-races around sysctl_tcp_base_mss.
f966773e13cd tcp: Fix data-races around sysctl_tcp_mtu_probing.
a7386602a2fe tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept.
25a635a67c83 ip: Fix a data-race around sysctl_fwmark_reflect.
281de3719986 ip: Fix data-races around sysctl_ip_nonlocal_bind.
7828309df0f8 ip: Fix data-races around sysctl_ip_fwd_use_pmtu.
5af6d9226376 ip: Fix data-races around sysctl_ip_no_pmtu_disc.
16cb6717f4f4 igc: Reinstate IGC_REMOVED logic and implement it properly
98c3c8fd0d4c perf/core: Fix data race between perf_event_set_output() and perf_mmap_close()
6194c021496a pinctrl: ralink: Check for null return of devm_kcalloc
78bdf732cf5d power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe
f4248bdb7d5c xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in xfrm_bundle_lookup()
c68f6e2e4fda serial: mvebu-uart: correctly report configured baudrate value
2230428fb866 PCI: hv: Fix interrupt mapping for multi-MSI
7121d7120fd4 PCI: hv: Reuse existing IRTE allocation in compose_msi_msg()
584c9d41800b PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI
8e94cc883011 PCI: hv: Fix multi-MSI to allow more than one MSI vector
3048666143be xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE
ed3fea55066b lockdown: Fix kexec lockdown bypass with ima policy
c3856fe718ad mlxsw: spectrum_router: Fix IPv4 nexthop gateway indication
c3dc75118445 riscv: add as-options for modules with assembly compontents
e5a6b05d0c68 pinctrl: stm32: fix optional IRQ support to gpios
002c3bbb4713 Linux 5.4.207
08d90846e438 can: m_can: m_can_tx_handler(): fix use after free of skb
579c8a2e6361 serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle
0c8649a49788 serial: stm32: Clear prev values before setting RTS delays
f4c7f5028b48 serial: 8250: fix return error code in serial8250_request_std_resource()
07379bd79d86 tty: serial: samsung_tty: set dma burst_size to 1
edcb2612218d usb: dwc3: gadget: Fix event pending check
40034fe6b8a7 usb: typec: add missing uevent when partner support PD
42373b717a3f USB: serial: ftdi_sio: add Belimo device ids
cbc98dcc38e2 signal handling: don't use BUG_ON() for debugging
172cd32ada70 ARM: dts: stm32: use the correct clock source for CEC on stm32mp151
c7d4b3ec6306 soc: ixp4xx/npe: Fix unused match warning
a3c7c1a726a4 x86: Clear .brk area at early boot
549f70b29953 irqchip: or1k-pic: Undefine mask_ack for level triggered hardware
b0f41db50084 ASoC: madera: Fix event generation for rate controls
79067a663247 ASoC: madera: Fix event generation for OUT1 demux
0e7e515a6733 ASoC: cs47l15: Fix event generation for low power mux control
20b921f22a8b ASoC: wm5110: Fix DRE control
f298d2e4c60c ASoC: ops: Fix off by one in range control validation
ede990cfc427 net: sfp: fix memory leak in sfp_probe()
555cee1bc40b nvme: fix regression when disconnect a recovering ctrl
08082a642aaa NFC: nxp-nci: don't print header length mismatch on i2c error
4919d82f7041 net: tipc: fix possible refcount leak in tipc_sk_create()
70d8aee1de6e platform/x86: hp-wmi: Ignore Sanitization Mode event
8dda30f81c75 cpufreq: pmac32-cpufreq: Fix refcount leak bug
b749af1b8f11 netfilter: br_netfilter: do not skip all hooks with 0 priority
0c9203e75dae virtio_mmio: Restore guest page size on resume
569f1ee032c9 virtio_mmio: Add missing PM calls to freeze/restore
70433d9ea6ff mm: sysctl: fix missing numa_stat when !CONFIG_HUGETLB_PAGE
da346adcf557 sfc: fix kernel panic when creating VF
ba60ca0ed12e seg6: bpf: fix skb checksum in bpf_push_seg6_encap()
de7849d9de1d seg6: fix skb checksum in SRv6 End.B6 and End.B6.Encaps behaviors
487f0f77f1cd seg6: fix skb checksum evaluation in SRH encapsulation/insertion
bcad880865bf sfc: fix use after free when disabling sriov
b8d77f2396d5 net: ftgmac100: Hold reference returned by of_get_child_by_name()
9b61d3f6df1b ipv4: Fix data-races around sysctl_ip_dynaddr.
cc9540ba5b36 raw: Fix a data-race around sysctl_raw_l3mdev_accept.
df691b991043 icmp: Fix a data-race around sysctl_icmp_ratemask.
8bc1f6871490 icmp: Fix a data-race around sysctl_icmp_ratelimit.
3093a6fe3170 drm/i915/gt: Serialize TLB invalidates with GT resets
40d58aad2f66 ARM: dts: sunxi: Fix SPI NOR campatible on Orange Pi Zero
bf676c940865 ARM: dts: at91: sama5d2: Fix typo in i2s1 node
7c1acd98fb22 ipv4: Fix a data-race around sysctl_fib_sync_mem.
0cba7ca667ce icmp: Fix data-races around sysctl.
0e41a0f73ccb cipso: Fix data-races around sysctl.
861f1852af6d net: Fix data-races around sysctl_mem.
8d2daf565f61 inetpeer: Fix data-races around sysctl.
2968830c9b47 net: stmmac: dwc-qos: Disable split header for Tegra194
1273fd5153e8 ASoC: sgtl5000: Fix noise on shutdown/remove
388f3df7c3c8 ima: Fix a potential integer overflow in ima_appraise_measurement
72f231b9a88a drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector()
0f02e7c02bb0 ARM: 9210/1: Mark the FDT_FIXED sections as shareable
41ea241fb3c2 ARM: 9209/1: Spectre-BHB: avoid pr_info() every time a CPU comes out of idle
851730a1989f ARM: dts: imx6qdl-ts7970: Fix ngpio typo and count
18881d7e5171 ext4: fix race condition between ext4_write and ext4_convert_inline_data
423f2695007d sched/rt: Disable RT_RUNTIME_SHARE by default
31e99fa969fd Revert "evm: Fix memleak in init_desc"
d85d19f3b664 nilfs2: fix incorrect masking of permission flags for symlinks
393594aad551 drm/panfrost: Fix shrinker list corruption by madvise IOCTL
ad44e05f3e01 cgroup: Use separate src/dst nodes when preloading css_sets for migration
444be5a02b77 wifi: mac80211: fix queue selection for mesh/OCB interfaces
dba548476909 ARM: 9214/1: alignment: advance IT state after emulating Thumb instruction
b4d99aa5ae90 ARM: 9213/1: Print message about disabled Spectre workarounds only once
2c1cc40fb2a1 ip: fix dflt addr selection for connected nexthop
fb5a7f1548d6 net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale pointer
ecc6dec12c33 tracing/histograms: Fix memory leak problem
7425479d20f9 xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue
9026b280eb7f ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop
bbb82d4d9b3d ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc221
7e2fbf2d9b61 ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671
33d33a66e31c ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model
5e7cc47ab923 ALSA: hda - Add fixup for Dell Latitidue E5430
658410791556 Linux 5.4.206
15a3adfe7593 Revert "mtd: rawnand: gpmi: Fix setting busy timeout setting"
(From OE-Core rev: b98028117b82aab650affb0538e77bb69fb5fdf8)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE tags
If a remote patch is compressed we need to have run the unpack task for
the file to exist locally. Currently cve_check only depends on fetch so
instead of erroring out, emit a warning that this file won't be scanned
for CVE references.
Typically, remote compressed patches won't contain our custom tags, so
this is unlikely to be an issue.
(From OE-Core rev: a2d03f445c45558997484240d2549eaa1e103692)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cefc8741438c91f74264da6b59dece2e31f9e5a5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: https://gitlab.gnome.org/GNOME/gdk-pixbuf
MR: 120380
Type: Security Fix
Disposition: Backport from https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/commit/5398f04d772f7f8baf5265715696ed88db0f0512
ChangeID: d8a843bcf97268ee4f0c6870f1339790a9a908e5
Description:
CVE-2021-46829 gdk-pixbuf: a heap-based buffer overflow when compositing or clearing frames in GIF files.
(From OE-Core rev: ef3f5fba3c3b5e8b16d6b8b7721468e61c65f72f)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: https://git.savannah.gnu.org/gitweb/?p=grub.git
MR: 119763, 119779, 119807
Type: Security Fix
Disposition: Backport from https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=3e4817538de828319ba6d59ced2fbb9b5ca13287 && https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=b26b4c08e7119281ff30d0fb4a6169bd2afa8fe4 && https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=04c86e0bb7b58fc2f913f798cdb18934933e532d
ChangeID: ef7c28bc7b4eb32550df2cf49082791dac64ef1b
Description:
Fix CVEs:
CVE-2022-28733
CVE-2022-28734
CVE-2022-28736
(From OE-Core rev: 4608413d460fa351d583c357fbc9b1957cb3d1d6)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: http://git.linux-nfs.org/?p=steved/libtirpc.git;
MR: 120231
Type: Security Fix
Disposition: Backport from http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed
ChangeID: 544120a5f10a4717cd2c7291821a012e26b14b7f
Description:
CVE-2021-46828 libtirpc: DoS vulnerability with lots of connections.
(From OE-Core rev: 73d2b640ad665f6ff3c4fbe8f5da4ef0dbb175f2)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: https://gitlab.com/libtiff/libtiff
MR: 119341
Type: Security Fix
Disposition: Backport from https://gitlab.com/libtiff/libtiff/-/commit/dd1bcc7abb26094e93636e85520f0d8f81ab0fab
ChangeID: 6cea4937a34a618567a42cef8c41961ade2f3a07
Description:
CVE-2022-2056 CVE-2022-2057 CVE-2022-2058 libTiff: DoS from Divide By Zero Error.
(From OE-Core rev: 429c2c89b65b8e226d4e0d6f94d43300989c143e)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
path, leading to an io_readx or io_writex crash
Source: https://github.com/qemu/qemu
MR: 119832
Type: Security Fix
Disposition: Backport from https://github.com/qemu/qemu/commit/418ade7849ce7641c0f7333718caf5091a02fd4c
ChangeID: 1246afd7bb950d2d5fe2e198961797c0fa14ac00
Description:
CVE-2022-35414 qemu: can perform an uninitialized read on the translate_fail path, leading to an io_readx or io_writex crash.
(From OE-Core rev: 7c3043df56b3090138fe56f8c06df5ca08cafd26)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: https://git.savannah.gnu.org/gitweb/?p=grub.git
MR: 119719, 119733, 119689
Type: Security Fix
Disposition: Backport from https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=e623866d9286410156e8b9d2c82d6253a1b22d08 && https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=210245129c932dc9e1c2748d9d35524fb95b5042 && https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=22a3f97d39f6a10b08ad7fd1cc47c4dcd10413f6
ChangeID: 97605970cd42776fa449fd8318f2762e32bbd177
Description:
Fixed CVEs :
CVE-2021-3695
CVE-2021-3696
CVE-2021-3697
Affects "grub2 < 2.06"
(From OE-Core rev: 191db3c58b52fa7c8530d82f7e3e3b24075fdeb4)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
This allows choosing padding algorithm when building fitImage. It may be pkcs-1.5 or pss.
(From OE-Core rev: 152765b74c77b4da102fce9c4c61a667e71f26a1)
Signed-off-by: LUIS ENRIQUEZ <luis.enriquez@se.com>
From: LUIS ENRIQUEZ <luis.enriquez@se.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Add patch to fix CVE-2021-46822
Link: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/f35fd27ec641c42d6b115bfa595e483ec58188d2.patch
(From OE-Core rev: 80d14a9aaff273daca68c2e860701d51fee45851)
Signed-off-by: Bhabu Bindu <bhabu.bindu@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
status line
Source: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git
MR: 119424
Type: Security Fix
Disposition: Backport from https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=34c649b3601383cd11dbc76221747ec16fd68e1b
ChangeID: 97de66d6aa74e12cb1bf82fe85ee62e2530fccf6
Description:
CVE-2022-34903 gnupg: possible signature forgery via injection into the status line.
(From OE-Core rev: 2bf155d59e33972bbb1780e34753199b5a9192a0)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
| |
(From OE-Core rev: 3f40d5f095ceb099b604750db96058df00fcd49e)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From meta-yocto rev: 57d6803aaf475552a827d322d90d1f07ba73a97d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
