> -----Original Message----- > From: Yoann Congal <[email protected]> > Sent: Wednesday, February 4, 2026 11:10 > To: Marko, Peter (FT D EU SK BFS1) <[email protected]>; > [email protected] > Subject: Re: [OE-core][scarthgap][PATCH] gnupg: upgrade 2.4.8 -> 2.4.9 > > On Sat Jan 10, 2026 at 11:44 PM CET, Peter Marko via lists.openembedded.org > wrote: > > From: Peter Marko <[email protected]> > > > > Handles CVE-2025-68973. > > > > Refresh patches. > > > > Signed-off-by: Peter Marko <[email protected]> > > --- > > meta/recipes-support/gnupg/gnupg/relocate.patch | 14 +++++++------- > > .../gnupg/{gnupg_2.4.8.bb => gnupg_2.4.9.bb} | 2 +- > > 2 files changed, 8 insertions(+), 8 deletions(-) > > rename meta/recipes-support/gnupg/{gnupg_2.4.8.bb => gnupg_2.4.9.bb} > (97%) > > Hello, > > I've tested that on autobuilder but got an error in oe-selftest-debian: > https://autobuilder.yoctoproject.org/valkyrie/?#/builders/35/builds/3138 > ERROR: autoconf-native-2.72e-r0 do_recipe_qa: GPG exited with code 2: gpg: > signing failed: Corrupted protection > gpg: signing failed: Corrupted protection > ERROR: patch-native-2.7.6-r0 do_recipe_qa: GPG exited with code 2: gpg: > signing failed: Corrupted protection > gpg: signing failed: Corrupted protection > > I've started a build with this gnupg upgrade reverted to confirm that > this is indeed the cause: > https://autobuilder.yoctoproject.org/valkyrie/?#/builders/35/builds/3142 > > Can you look at this? > Thanks!
Unfortunately, I'm not able to reproduce this failure. On my Debian 11 I have: SANITY_TESTED_DISTROS = "" PACKAGE_CLASSES = "package_rpm" RPM_GPG_SIGN_CHUNK = "1" IMAGE_CLASSES += 'testimage' And run: oe-selftest -r signing -j 16 And get: oe-selftest - INFO - RESULTS - signing.LockedSignatures.test_locked_signatures: PASSED (122.35s) oe-selftest - INFO - RESULTS - signing.Signing.test_signing_packages: PASSED (155.34s) oe-selftest - INFO - RESULTS - signing.Signing.test_signing_sstate_archive: PASSED (121.11s) oe-selftest - INFO - oe-selftest - OK - All required tests passed (successes=3, skipped=0, failures=0, errors=0) So I guess I just backport the CVE fix instead of this upgrade. Peter > > Regards, > > -- > Yoann Congal > Smile ECS
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#231413): https://lists.openembedded.org/g/openembedded-core/message/231413 Mute This Topic: https://lists.openembedded.org/mt/117199147/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
