diff options
author | Patrick Williams <patrick@stwcx.xyz> | 2021-07-13 20:29:41 +0300 |
---|---|---|
committer | Patrick Williams <patrick@stwcx.xyz> | 2021-07-13 20:36:25 +0300 |
commit | bcc346ef66ded507480d46242dc88c4e73ca2aa7 (patch) | |
tree | 6a0019a842ca6fa02e0fab5fb928b9504276e58a /poky/meta/recipes-devtools/qemu/qemu.inc | |
parent | e849b5038b885b344296b7c8ba379e340f309935 (diff) | |
download | openbmc-bcc346ef66ded507480d46242dc88c4e73ca2aa7.tar.xz |
subtree updates
meta-security: c6b1eec0e5..5050d1267a:
Armin Kuster (1):
tpm-tools: fix build issue
poky: fd33741e27..da0ce760c5:
Alejandro Hernandez Samaniego (1):
baremetal-image: Fix post process command rootfs_update_timestamp
Alexander Kanavin (3):
bind: upgrade 9.16.12 -> 9.16.13
devtool upgrade: rebase override-only patches as well
libgcrypt: upgrade 1.9.2 -> 1.9.3
Andrea Adami (1):
kernel.bbclass: fix do_sizecheck() comparison
Anuj Mittal (1):
curl: fix build when proxy is not enabled in PACKAGECONFIG
Bruce Ashfield (25):
linux-yocto/5.10: update to v5.10.35
linux-yocto/5.4: update to v5.4.117
linux-yocto/5.10: ktypes/standard: disable obsolete crypto options by default
linux-yocto/5.10: update to v5.10.36
linux-yocto/5.4: update to v5.4.118
linux-yocto/5.10: update to v5.10.37
linux-yocto/5.4: update to v5.4.119
linux-yocto/5.10: update to v5.10.38
linux-yocto/5.4: update to v5.4.120
linux-yocto/5.10: update to v5.10.41
linux-yocto/5.4: update to v5.4.123
linux-yocto/5.4: update to v5.4.124
linux-yocto/5.4: update to v5.4.125
linux-yocto/5.10: update to v5.10.42
linux-yocto/5.10: update to v5.10.43
linux-yocto/5.10: cgroup1: fix leaked context root causing sporadic NULL deref in LTP
linux-yocto/5.10: update to v5.10.46
linux-yocto/5.10: features/nft_tables: refresh config options
linux-yocto/5.4: update to v5.4.128
linux-yocto/5.10: rcu: Fix stall-warning deadlock due to non-release of rcu_node ->lock
kern-tools: add dropped options to audit output
kern-tools: Kconfiglib: add support for bare 'modules' keyword
kernel-devsrc: adjust NM and OBJTOOL variables for target
lttng-modules: update to v2.12.6
bsps/5.10: update to v5.10.43
Changqing Li (1):
pkgconfig: update SRC_URI
Daniel McGregor (2):
sstate: Ignore sstate signing key
lib/oe/gpg_sign.py: Fix gpg verification
Guillaume Champagne (1):
image-live.bbclass: order do_bootimg after do_rootfs
Harald Brinkmann (1):
bitbake: fetch/svn: Fix parsing revision of SVN repos with redirects
Joshua Watt (1):
classes/reproducible_build: Use atomic rename for SDE file
Kai Kang (2):
valgrind: fix a typo
libx11: fix CVE-2021-31535
Khem Raj (1):
linuxloader: Be aware of riscv32 ldso
Michael Ho (1):
sstate.bbclass: fix errors about read-only sstate mirrors
Ming Liu (1):
uboot-sign.bbclass: fix some install commands
Nikolay Papenkov (1):
flex: correct license information
Peter Kjellerstedt (2):
util-linux.inc: Do not modify BPN
native.bbclass: Do not remove "-native" in the middle of recipe names
Richard Purdie (14):
ltp: Disable problematic tests causing autobuilder hangs
grub2: Add CVE whitelist entries for issues fixed in 2.06
grub: Exclude CVE-2019-14865 from cve-check
cve-extra-exclusions.inc: add exclusion list for intractable CVE's
xinetd: Exclude CVE-2013-4342 from cve-check
bind: upgrade 9.16.13 -> 9.16.15
oeqa/runtime/rpm: Drop log message counting test component
linux-firmware: upgrade 20210315 -> 20210511
lttng-tools: upgrade 2.12.3 -> 2.12.4
perf: Use python3targetconfig to ensure we use target libraries
package_pkgdata: Avoid task hash mismatches for generic task changes
selftest/fetch: Avoid occasional selftest failure from poor temp file name choice
kernel: Fix interaction when packaging disabled
kernel-devicetree: Fix interaction when packaging disabled
Ross Burton (2):
package_rpm: pass XZ_THREADS to rpm
avahi: apply fix for CVE-2021-3468
Sakib Sajal (1):
qemu: Exclude CVE-2020-3550[4/5/6] from cve-check
Scott Weaver (1):
bitbake: fetch2: add check for empty SRC_URI hash string
Stefan Ghinea (1):
boost: fix do_fetch failure
Steve Sakoman (1):
expat: set CVE_PRODUCT
Tony Tascioglu (5):
libxml2: Fix CVE-2021-3518
libxml2: Fix CVE-2021-3541
valgrind: Improve non-deterministic ptest reliability
valgrind: remove buggy ptest from arm64
valgrind: Actually install list of non-deterministic ptests
Trevor Gamblin (5):
bind: upgrade 9.16.15 -> 9.16.16
curl: fix CVE-2021-22890
curl: fix CVE-2021-22876
python3: upgrade 3.9.4 -> 3.9.5
curl: cleanup CVE patches for hardknott
Zqiang (1):
ifupdown: Skip wrong test item
jbouchard (1):
Use the label provided when formating a dos partition
meta-openembedded: cf5bd6a830..c51e79dd85:
Alexander Vickberg (1):
hostapd: fix building with CONFIG_TLS=internal
Andrea Adami (3):
initramfs-kexecboot-image: support cases where machines override IMAGE_FSTYPES
initramfs-debug-image: support cases where machines override IMAGE_FSTYPES
rapidjson: remove stale LIB_INSTALL_DIR
Andreas Müller (1):
libgtop: tidy up recipe
Andrej Kozemcak (1):
squid: upgrade 4.14 -> 4.15
Changqing Li (1):
libgtop: fix do_compile error
Chen Qi (1):
minifi-cpp: set CLEANBROKEN to 1
Geoff Parker (1):
cifs-utils: set ROOTSBINDIR to /usr/sbin if DISTRO_FEATURES has usrmerge
Khem Raj (3):
opencv: Disable tbb on riscv/musl
mongodb: Update to 4.4.6-rc0
mongodb: Change PV to 4.4.6
Leon Anavi (5):
python3-cerberus: Upgrade 1.3.3 -> 1.3.4
python3-robotframework: Upgrade 4.0.1 -> 4.0.2
python3-rfc3339-validator: Upgrade 0.1.3 -> 0.1.4
python3-pymongo: Upgrade 3.11.3 -> 3.11.4
python3-django: Upgrade 3.2.3 -> 3.2.4
Marek Vasut (1):
nss: Fix build on Centos 7
Olivier Georget (1):
libpfm4 4.10.1 : enable arm64 host platform
Ovidiu Panait (1):
libeigen: update LICENSE information
Peter Kjellerstedt (2):
net-snmp: A little clean up
net-snmp: Support building for native
Saul Wold (2):
opencv: remove tbb packageconfig for powerpc
sysdig: disable building for ppc
Sekine Shigeki (2):
add CVE-2011-2411 to allowlist
ntp: add CVE-2016-9312 to allowlist
Stefan Ghinea (1):
thunar: fix CVE-2021-32563
Trevor Gamblin (5):
python3-django: upgrade 2.2.20 -> 2.2.22
python3-django: upgrade 3.2 -> 3.2.2
python3-django: upgrade 2.2.22 -> 2.2.23
python3-django: upgrade 3.2.2 -> 3.2.3
python3-django: upgrade 2.2.23 -> 2.2.24
Yi Zhao (1):
minifi-cpp: set correct python processor directory in configure file
ito-yuichi@fujitsu.com (2):
cyrus-sasl: add CVE-2020-8032 to allowlist
dovecot: add CVE-2016-4983 to allowlist
wangmy (10):
uftrace: Fix a plthook crash on aarch64 with binutils2.35.1 and later versions on aarch64
exiv2: Fix CVE-2021-29457
exiv2: Fix CVE-2021-29458
exiv2: Fix CVE-2021-29463
exiv2: Fix CVE-2021-3482
exiv2: Fix CVE-2021-29464
exiv2: Fix CVE-2021-29470
exiv2: Fix CVE-2021-29473
libsdl: Fix CVE-2019-13616
trace-cmd: Conflict resolution
zangrc (2):
postgresql: upgrade 13.2 -> 13.3
wireshark: upgrade 3.4.5 -> 3.4.6
zhengruoqin (1):
net-snmp: upgrade 5.9 -> 5.9.1
meta-raspberrypi: 11209a4981..064f5404ea:
Andrei Gherzan (1):
layer.conf: Define LAYERDEPENDS
Martin Jansa (3):
linux-raspberrypi: allow to change the yocto-kernel-cache branch with LINUX_RPI_KMETA_BRANCH
linux-raspberrypi-dev: drop protocol=git and add LINUX_RPI_KMETA_BRANCH
linux-raspberrypi-dev: use static SRCREV when not selected with PREFERRED_PROVIDER_virtual/kernel
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I1323b4d2f742e7c82b51f25cb74d2196167da023
Diffstat (limited to 'poky/meta/recipes-devtools/qemu/qemu.inc')
-rw-r--r-- | poky/meta/recipes-devtools/qemu/qemu.inc | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/poky/meta/recipes-devtools/qemu/qemu.inc b/poky/meta/recipes-devtools/qemu/qemu.inc index fbda0c9174..3921546df7 100644 --- a/poky/meta/recipes-devtools/qemu/qemu.inc +++ b/poky/meta/recipes-devtools/qemu/qemu.inc @@ -76,6 +76,15 @@ CVE_CHECK_WHITELIST += "CVE-2007-0998" # https://bugzilla.redhat.com/show_bug.cgi?id=1609015#c11 CVE_CHECK_WHITELIST += "CVE-2018-18438" +# Following CVE's affect ESP (NCR53C90) part of chip STP2000 (Master I/O). +# On Sparc32 it is the NCR89C100 part of the chip. +# On Macintosh Quadra it is NCR53C96. +# Both are not supported by yocto. +# Reference: https://www.openwall.com/lists/oss-security/2021/04/16/3 +CVE_CHECK_WHITELIST += "CVE-2020-35504" +CVE_CHECK_WHITELIST += "CVE-2020-35505" +CVE_CHECK_WHITELIST += "CVE-2020-35506" + COMPATIBLE_HOST_mipsarchn32 = "null" COMPATIBLE_HOST_mipsarchn64 = "null" |