Skip to content

staging-next-23.05 iteration 8 - 2023-09-13#254997

Merged
vcunat merged 31 commits intorelease-23.05from
staging-next-23.05
Sep 15, 2023
Merged

staging-next-23.05 iteration 8 - 2023-09-13#254997
vcunat merged 31 commits intorelease-23.05from
staging-next-23.05

Conversation

@vcunat
Copy link
Member

@vcunat vcunat commented Sep 13, 2023

Notably, libwebp security issue is in there: PR #254789

Significant breakages

(will be edited based on progress)

github-actions bot and others added 28 commits September 4, 2023 00:12
@github-actions
Merge release-23.05 into staging-next-23.05
f16e327
@github-actions
Merge staging-next-23.05 into staging-23.05
71052f6
@github-actions
Merge release-23.05 into staging-next-23.05
b3cad33
@github-actions
Merge staging-next-23.05 into staging-23.05
c5ee356
@github-actions
Merge release-23.05 into staging-next-23.05
72c065a
@github-actions
Merge staging-next-23.05 into staging-23.05
9d82d8f
@github-actions
Merge release-23.05 into staging-next-23.05
cf7f581
@github-actions
Merge staging-next-23.05 into staging-23.05
5efba34
@zowoq @github-actions
go_1_20: 1.20.7 -> 1.20.8
41548f8 
Changelog: https://go.dev/doc/devel/release#go1.20
(cherry picked from commit 09c8e20)
@github-actions
Merge release-23.05 into staging-next-23.05
58f4629
@github-actions
Merge staging-next-23.05 into staging-23.05
736a254
@github-actions
Merge release-23.05 into staging-next-23.05
42db4c8
@github-actions
Merge staging-next-23.05 into staging-23.05
dc3123b
@github-actions
Merge release-23.05 into staging-next-23.05
7abb973
@github-actions
Merge staging-next-23.05 into staging-23.05
19117b9
@github-actions
Merge release-23.05 into staging-next-23.05
da153ad
@github-actions
Merge staging-next-23.05 into staging-23.05
ed20c79
@henrirosten
xterm: 379 -> 384
35a7f55 
Signed-off-by: Henri Rosten <[email protected]>
@github-actions
Merge release-23.05 into staging-next-23.05
4690783
@github-actions
Merge staging-next-23.05 into staging-23.05
466694c
@delroth
libwebp: cherry-pick suspected upstream fix for CVE-2023-4863
7d9fb93 
This CVE is critical severity and has been exploited in the wild. It was
reported as being a Chromium vulnerability, but it seems to in fact
impact libwebp (and thus all its downstream users). There is however no
official confirmation of this yet.

The upstream fix patch (webmproject/libwebp@902bc919) does not cleanly
apply onto 1.3.1, so we vendor a very slightly modified version which
does cleanly apply. This is my original work, so YMMV on whether you
trust it or not, reviews very much welcomed :-)

(cherry picked from commit 0f11042)
@mweinelt
Merge pull request #254789 from delroth/backport-CVE-2023-4863
3d9d6b2 
[staging-23.05] libwebp: cherry-pick suspected upstream fix for CVE-2023-4863
@github-actions @rnhmjoj
ffmpeg: re-enable video4linux2 support (#254595)
aeb09d5 
This is useful in some application like mpv to view the webcam stream.
It was enabled before ffmpeg and ffmpeg-full got merged in #211834.

(cherry picked from commit 2ce1ae2)

Co-authored-by: rnhmjoj <[email protected]>
@github-actions
Merge release-23.05 into staging-next-23.05
ca5bdaa
@github-actions
Merge staging-next-23.05 into staging-23.05
4f45319
@vcunat
Merge #253849: go_1_20: 1.20.7 -> 1.20.8
52ce1a8 
...into staging-23.05
@vcunat
Merge #254541: xterm: 379 -> 384
61368b5 
...into staging-23.05
@vcunat
Merge branch 'staging-23.05' into staging-next-23.05
5e22923
@vcunat vcunat added the 1.severity: security Issues which raise a security issue, or PRs that fix one label Sep 13, 2023
@vcunat vcunat requested a review from kalbasit as a code owner September 13, 2023 17:40
@vcunat vcunat requested review from Mic92 and zowoq as code owners September 13, 2023 17:40
@github-actions github-actions bot added the 6.topic: golang Go is a high-level general purpose programming language that is statically typed and compiled. label Sep 13, 2023
@vcunat vcunat mentioned this pull request Sep 13, 2023
Closed
90 tasks
@ofborg ofborg bot added 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 5001+ This PR causes many rebuilds on Darwin and must target the staging branches. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 5001+ This PR causes many rebuilds on Linux and must target the staging branches. labels Sep 13, 2023
@github-actions github-actions bot added the 6.topic: python Python is a high-level, general-purpose programming language. label Sep 15, 2023
@vcunat vcunat merged commit 360a7d3 into release-23.05 Sep 15, 2023
@ofborg ofborg bot requested a review from zhaofengli September 15, 2023 05:13
@vcunat vcunat mentioned this pull request Oct 10, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kalbasit kalbasit Awaiting requested review from kalbasit kalbasit is a code owner

@Mic92 Mic92 Awaiting requested review from Mic92 Mic92 is a code owner

@zowoq zowoq Awaiting requested review from zowoq zowoq is a code owner

@vrthra vrthra Awaiting requested review from vrthra

@qbit qbit Awaiting requested review from qbit

@ajs124 ajs124 Awaiting requested review from ajs124

@NeQuissimus NeQuissimus Awaiting requested review from NeQuissimus

@Atemu Atemu Awaiting requested review from Atemu

@zhaofengli zhaofengli Awaiting requested review from zhaofengli

Assignees

No one assigned

Labels

1.severity: security Issues which raise a security issue, or PRs that fix one 6.topic: golang Go is a high-level general purpose programming language that is statically typed and compiled. 6.topic: python Python is a high-level, general-purpose programming language. 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 5001+ This PR causes many rebuilds on Darwin and must target the staging branches. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 5001+ This PR causes many rebuilds on Linux and must target the staging branches.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@vcunat @zowoq @henrirosten @delroth @mweinelt @K900