[yocto-security] [OE-core CVE] branch master-next updated. 2018-10-1279-g41cbd4f

cve-notice at lists.openembedded.org cve-notice at lists.openembedded.org
Mon Mar 18 17:04:07 PDT 2019 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "".

The branch, master-next has been updated
       via  41cbd4f03e0187866e0c11a6ab39607295bdb49a (commit)
      from  2004d31ead18e750096379d142fe5e89a896ec05 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 41cbd4f03e0187866e0c11a6ab39607295bdb49a
Author: Kai Kang <kai.kang at windriver.com>
Date:   Fri Mar 15 04:01:19 2019 -0400

    qemu: backport patches to fix cves
    
    CVE: CVE-2018-16872
    CVE: CVE-2018-20124
    CVE: CVE-2018-20125
    CVE: CVE-2018-20126
    CVE: CVE-2018-20191
    CVE: CVE-2018-20216
    
    Patches 0015-fix-CVE-2018-20124.patch and 0017-fix-CVE-2018-20126.patch
    are rebased on current source code. Others are not modified.
    
    Signed-off-by: Kai Kang <kai.kang at windriver.com>
    Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>

-----------------------------------------------------------------------

Summary of changes:
 meta/recipes-devtools/qemu/qemu.inc                |   6 ++
 .../qemu/qemu/0014-fix-CVE-2018-16872.patch        |  85 ++++++++++++++++
 .../qemu/qemu/0015-fix-CVE-2018-20124.patch        |  60 +++++++++++
 .../qemu/qemu/0016-fix-CVE-2018-20125.patch        |  54 ++++++++++
 .../qemu/qemu/0017-fix-CVE-2018-20126.patch        | 113 +++++++++++++++++++++
 .../qemu/qemu/0018-fix-CVE-2018-20191.patch        |  47 +++++++++
 .../qemu/qemu/0019-fix-CVE-2018-20216.patch        |  85 ++++++++++++++++
 7 files changed, 450 insertions(+)
 create mode 100644 meta/recipes-devtools/qemu/qemu/0014-fix-CVE-2018-16872.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/0015-fix-CVE-2018-20124.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/0016-fix-CVE-2018-20125.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/0017-fix-CVE-2018-20126.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/0018-fix-CVE-2018-20191.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/0019-fix-CVE-2018-20216.patch


hooks/post-receive
--

More information about the yocto-security mailing list