Mirror of git.yoctoproject.org/poky https://git.enea.com/cgit/linux/poky.git/atom?h=mickledore 2023-10-25T14:51:01+00:00 2023-10-25T14:51:01+00:00 Siddharth Doshi sdoshi@mvista.com 2023-10-19T04:12:22+00:00 urn:sha1:3f2a31ddc64e86f708b866f3c96fb0b7dbad8f12 This includes CVE fix for CVE-2023-5535. (From OE-Core rev: b385544941a4d974ab95b0a886031d5c9f3971ba) Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> 2023-10-18T15:25:19+00:00 Siddharth Doshi sdoshi@mvista.com 2023-10-12T06:05:31+00:00 urn:sha1:6f40a967bde1508e1e6c8574f95145e2175513b0 This includes CVE fix for CVE-2023-5441. (From OE-Core rev: 7166f503211c39542d828aa3fef5006dccf2c07a) Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> 2023-09-20T15:23:02+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2023-09-11T20:47:41+00:00 urn:sha1:e031f2e336bad2d6920734e1755355cc7b2e95b2 This includes multiple CVE fixes. The license change is due to changes in maintainership, the license itself is unchanged. (From OE-Core rev: a90e3d1bac7c965e357103c05bf31fd804b87c0b) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 91e66b93a0c0928f0c2cfe78e22898a6c9800f34) Signed-off-by: Steve Sakoman <steve@sakoman.com> 2023-09-20T15:23:02+00:00 Archana Polampalli archana.polampalli@windriver.com 2023-08-18T07:49:37+00:00 urn:sha1:fdeb73d6608e687c25bee24356eb7d576c6fe74f Fixes: https://nvd.nist.gov/vuln/detail/CVE-2023-3896 8154e642a (tag: v9.0.1664) patch 9.0.1664: divide by zero when scrolling with 'smoothscroll' set (From OE-Core rev: a63a84591bdfc7bb0a7ae125a47122f3693a1334) Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 4a1ab744142c9229f03a359b45e5e89a1fbae0d3) Signed-off-by: Steve Sakoman <steve@sakoman.com> 2023-09-04T14:13:25+00:00 Etienne Cordonnier ecordonnier@snap.com 2023-08-21T13:30:07+00:00 urn:sha1:eaadbc79bb2b9a71e37b7839f6943d88920fbda4 vim 8.3 has been out for a long time, so this comment is obsolete. However we still need UPSTREAM_VERSION_UNKNOWN, since we ignore the last digit of the upstream version number. Test result: $ devtool check-upgrade-status vim ... INFO: vim 9.0.1592 UNKNOWN Tom Rini <trini@konsulko.com> c0370529c027abc5b1698d53fcfb8c02a0c515da (From OE-Core rev: 65f5de85c3f488136d1ec2b1f7fe8d8426d6c5b3) (From OE-Core rev: 981fa51afe040550c7c351fff028553d4bbbd1ca) Signed-off-by: Etienne Cordonnier <ecordonnier@snap.com> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 868a19357841470eb55fb7f1c4ab1af09dea99ed) Signed-off-by: Steve Sakoman <steve@sakoman.com> 2023-07-26T15:12:21+00:00 Trevor Gamblin tgamblin@baylibre.com 2023-07-20T09:18:49+00:00 urn:sha1:b3d4ea6522623c3736286b2bacba48079fe7cb45 Fixes: https://nvd.nist.gov/vuln/detail/CVE-2023-2609 d1ae836 patch 9.0.1531: crash when register contents ends up being invalid https://nvd.nist.gov/vuln/detail/CVE-2023-2610 ab9a2d8 patch 9.0.1532: crash when expanding "~" in substitute causes very long text (From OE-Core rev: 5893c605060983db08a4b2d19b1dbfef23f9910d) Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> 2023-06-14T14:14:25+00:00 Randy MacLeod Randy.MacLeod@windriver.com 2023-05-11T14:59:15+00:00 urn:sha1:b6ceaea1610b6d01d4116ee8ed974d641d0b6e63 Fixes: https://nvd.nist.gov/vuln/detail/CVE-2023-2426 caf642c25 patch 9.0.1499: using uninitialized memory with fuzzy matching (From OE-Core rev: 72c741cd9d11f995a20e24d11528842fc020f59e) Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> (cherry picked from commit 4f9a8df5aca99d0a5c2d2346b27ce7be08e7896c) Signed-off-by: Steve Sakoman <steve@sakoman.com> 2023-03-30T09:49:01+00:00 Randy MacLeod randy.macleod@windriver.com 2023-03-28T14:57:51+00:00 urn:sha1:d1f3941417d4b2bb56c63e716d750596f8b151a9 Fixes: CVE-2023-1127, CVE-2023-1170, CVE-2023-1175, CVE-2023-1264, CVE-2023-1355 (From OE-Core rev: 2415072c3800feb164dd4d1fa0b56bd141a5cbd8) Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2023-03-14T17:13:11+00:00 Ross Burton ross.burton@arm.com 2023-03-13T14:25:31+00:00 urn:sha1:a683f6e45add9d574ad38703751363a3425822c3 This incorporates fixes for CVE-2023-1127, CVE-2023-1170, CVE-2023-1175. Also remove runtime/doc/uganda.txt from the license checksum: the Vim license is also in the top-level LICENSE file so this is redundant. (From OE-Core rev: 71111e6b62d37c5e6853d7940dec2993df127a35) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2023-03-14T17:13:11+00:00 Ross Burton ross.burton@arm.com 2023-03-13T16:48:09+00:00 urn:sha1:381d33eb5da24443a89b8d80fb202ed4bfd11ea7 Clause II.3 of the Vim license states that any distribution of Vim that has been extended or modified must _at least_ indicate in the :version output that this is the case. Handily, Vim has a --with-modified-by argument to add a line in that text, so use MAINTAINER. This is the distribution maintainer contact, by default it is OE-Core Developers <openembedded-core@lists.openembedded.org>. (From OE-Core rev: acc007e23445aa53182e13902dd9509c39dd5645) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>