[OE-core] [PATCH][dunfell 3/3] virglrenderer: fix CVE-2022-0135

[Lee Chee Yang]

From: Chee Yang Lee 

Signed-off-by: Chee Yang Lee 
---
 .../virglrenderer/CVE-2022-0135.patch | 100 ++
 .../virglrenderer/virglrenderer_0.8.2.bb  |   1 +
 2 files changed, 101 insertions(+)
 create mode 100644 
meta/recipes-graphics/virglrenderer/virglrenderer/CVE-2022-0135.patch

diff --git 
a/meta/recipes-graphics/virglrenderer/virglrenderer/CVE-2022-0135.patch 
b/meta/recipes-graphics/virglrenderer/virglrenderer/CVE-2022-0135.patch
new file mode 100644
index 00..4a277bd4d0
--- /dev/null
+++ b/meta/recipes-graphics/virglrenderer/virglrenderer/CVE-2022-0135.patch
@@ -0,0 +1,100 @@
+From 95e581fd181b213c2ed7cdc63f2abc03eaaa77ec Mon Sep 17 00:00:00 2001
+From: Gert Wollny 
+Date: Tue, 30 Nov 2021 10:17:26 +0100
+Subject: [PATCH] vrend: Add test to resource OOB write and fix it
+
+v2: Also check that no depth != 1 has been send when none is due
+
+Closes: #250
+Signed-off-by: Gert Wollny 
+Reviewed-by: Chia-I Wu 
+
+https://gitlab.freedesktop.org/virgl/virglrenderer/-/commit/95e581fd181b213c2ed7cdc63f2abc03eaaa77ec
+Upstream-Status: Backport
+CVE: CVE-2022-0135
+Signed-off-by: Chee Yang Lee 
+---
+ src/vrend_renderer.c|  3 +++
+ tests/test_fuzzer_formats.c | 43 +
+ 2 files changed, 46 insertions(+)
+
+diff --git a/src/vrend_renderer.c b/src/vrend_renderer.c
+index 28f669727..357b81b20 100644
+--- a/src/vrend_renderer.c
 b/src/vrend_renderer.c
+@@ -7833,8 +7833,11 @@ static int vrend_renderer_transfer_write_iov(struct 
vrend_context *ctx,
+   info->box->height) * elsize;
+   if (res->target == GL_TEXTURE_3D ||
+   res->target == GL_TEXTURE_2D_ARRAY ||
++  res->target == GL_TEXTURE_2D_MULTISAMPLE_ARRAY ||
+   res->target == GL_TEXTURE_CUBE_MAP_ARRAY)
+   send_size *= info->box->depth;
++  else if (need_temp && info->box->depth != 1)
++ return EINVAL;
+ 
+   if (need_temp) {
+  data = malloc(send_size);
+diff --git a/tests/test_fuzzer_formats.c b/tests/test_fuzzer_formats.c
+index 59d6fb671..2de9a9a3f 100644
+--- a/tests/test_fuzzer_formats.c
 b/tests/test_fuzzer_formats.c
+@@ -957,6 +957,48 @@ static void test_vrend_set_signle_abo_heap_overflow() {
+ virgl_renderer_submit_cmd((void *) cmd, ctx_id, 0xde);
+ }
+ 
++/* Test adapted from yaojun8558...@gmail.com:
++ * https://gitlab.freedesktop.org/virgl/virglrenderer/-/issues/250
++*/
++static void test_vrend_3d_resource_overflow() {
++
++struct virgl_renderer_resource_create_args resource;
++resource.handle = 0x4c474572;
++resource.target = PIPE_TEXTURE_2D_ARRAY;
++resource.format = VIRGL_FORMAT_Z24X8_UNORM;
++resource.nr_samples = 2;
++resource.last_level = 0;
++resource.array_size = 3;
++resource.bind = VIRGL_BIND_SAMPLER_VIEW;
++resource.depth = 1;
++resource.width = 8;
++resource.height = 4;
++resource.flags = 0;
++
++virgl_renderer_resource_create(, NULL, 0);
++virgl_renderer_ctx_attach_resource(ctx_id, resource.handle);
++
++uint32_t size = 0x400;
++uint32_t cmd[size];
++int i = 0;
++cmd[i++] = (size - 1) << 16 | 0 << 8 | VIRGL_CCMD_RESOURCE_INLINE_WRITE;
++cmd[i++] = resource.handle;
++cmd[i++] = 0; // level
++cmd[i++] = 0; // usage
++cmd[i++] = 0; // stride
++cmd[i++] = 0; // layer_stride
++cmd[i++] = 0; // x
++cmd[i++] = 0; // y
++cmd[i++] = 0; // z
++cmd[i++] = 8; // w
++cmd[i++] = 4; // h
++cmd[i++] = 3; // d
++memset([i], 0, size - i);
++
++virgl_renderer_submit_cmd((void *) cmd, ctx_id, size);
++}
++
++
+ int main()
+ {
+initialize_environment();
+@@ -979,6 +1021,7 @@ int main()
+test_cs_nullpointer_deference();
+test_vrend_set_signle_abo_heap_overflow();
+ 
++   test_vrend_3d_resource_overflow();
+ 
+virgl_renderer_context_destroy(ctx_id);
+virgl_renderer_cleanup();
+-- 
+GitLab
+
diff --git a/meta/recipes-graphics/virglrenderer/virglrenderer_0.8.2.bb 
b/meta/recipes-graphics/virglrenderer/virglrenderer_0.8.2.bb
index 31c45ef89c..8185d6f7e8 100644
--- a/meta/recipes-graphics/virglrenderer/virglrenderer_0.8.2.bb
+++ b/meta/recipes-graphics/virglrenderer/virglrenderer_0.8.2.bb
@@ -13,6 +13,7 @@ SRCREV = "7d204f3927be65fb3365dce01dbcd04d447a4985"
 SRC_URI = "git://anongit.freedesktop.org/git/virglrenderer;branch=master \
file://0001-gallium-Expand-libc-check-to-be-platform-OS-check.patch 
\
file://0001-meson.build-use-python3-directly-for-python.patch \
+   file://CVE-2022-0135.patch \
"
 
 S = "${WORKDIR}/git"
-- 
2.36.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170559): 
https://lists.openembedded.org/g/openembedded-core/message/170559
Mute This Topic: https://lists.openembedded.org/mt/93648836/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: 

[OE-core] [PATCH][dunfell 2/3] gnutls: fix CVE-2021-4209

[Lee Chee Yang]

From: Chee Yang Lee 

Signed-off-by: Chee Yang Lee 
---
 .../gnutls/gnutls/CVE-2021-4209.patch | 37 +++
 meta/recipes-support/gnutls/gnutls_3.6.14.bb  |  1 +
 2 files changed, 38 insertions(+)
 create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2021-4209.patch

diff --git a/meta/recipes-support/gnutls/gnutls/CVE-2021-4209.patch 
b/meta/recipes-support/gnutls/gnutls/CVE-2021-4209.patch
new file mode 100644
index 00..0bcb55e573
--- /dev/null
+++ b/meta/recipes-support/gnutls/gnutls/CVE-2021-4209.patch
@@ -0,0 +1,37 @@
+From 3db352734472d851318944db13be73da61300568 Mon Sep 17 00:00:00 2001
+From: Daiki Ueno 
+Date: Wed, 22 Dec 2021 09:12:25 +0100
+Subject: [PATCH] wrap_nettle_hash_fast: avoid calling _update with zero-length
+ input
+
+As Nettle's hash update functions internally call memcpy, providing
+zero-length input may cause undefined behavior.
+
+Signed-off-by: Daiki Ueno 
+
+https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568
+Upstream-Status: Backport
+CVE: CVE-2021-4209
+Signed-off-by: Chee Yang Lee 
+---
+ lib/nettle/mac.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/lib/nettle/mac.c b/lib/nettle/mac.c
+index f9d4d7a8df..35e070fab0 100644
+--- a/lib/nettle/mac.c
 b/lib/nettle/mac.c
+@@ -788,7 +788,9 @@ static int wrap_nettle_hash_fast(gnutls_digest_algorithm_t 
algo,
+   if (ret < 0)
+   return gnutls_assert_val(ret);
+ 
+-  ctx.update(, text_size, text);
++  if (text_size > 0) {
++  ctx.update(, text_size, text);
++  }
+   ctx.digest(, ctx.length, digest);
+ 
+   return 0;
+-- 
+GitLab
+
diff --git a/meta/recipes-support/gnutls/gnutls_3.6.14.bb 
b/meta/recipes-support/gnutls/gnutls_3.6.14.bb
index e9af71c7bd..f1757871ce 100644
--- a/meta/recipes-support/gnutls/gnutls_3.6.14.bb
+++ b/meta/recipes-support/gnutls/gnutls_3.6.14.bb
@@ -26,6 +26,7 @@ SRC_URI = 
"https://www.gnupg.org/ftp/gcrypt/gnutls/v${SHRT_VER}/gnutls-${PV}.tar
file://CVE-2021-20231.patch \
file://CVE-2021-20232.patch \
file://CVE-2022-2509.patch \
+   file://CVE-2021-4209.patch \
 "
 
 SRC_URI[sha256sum] = 
"5630751adec7025b8ef955af4d141d00d252a985769f51b4059e5affa3d39d63"
-- 
2.36.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170558): 
https://lists.openembedded.org/g/openembedded-core/message/170558
Mute This Topic: https://lists.openembedded.org/mt/93648835/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH][dunfell 1/3] connman: fix CVE-2022-32292

[Lee Chee Yang]

From: Chee Yang Lee 

Signed-off-by: Chee Yang Lee 
---
 .../connman/connman/CVE-2022-32292.patch  | 37 +++
 .../connman/connman_1.37.bb   |  1 +
 2 files changed, 38 insertions(+)
 create mode 100644 
meta/recipes-connectivity/connman/connman/CVE-2022-32292.patch

diff --git a/meta/recipes-connectivity/connman/connman/CVE-2022-32292.patch 
b/meta/recipes-connectivity/connman/connman/CVE-2022-32292.patch
new file mode 100644
index 00..74a739d6a2
--- /dev/null
+++ b/meta/recipes-connectivity/connman/connman/CVE-2022-32292.patch
@@ -0,0 +1,37 @@
+From d1a5ede5d255bde8ef707f8441b997563b9312bd Mon Sep 17 00:00:00 2001
+From: Nathan Crandall 
+Date: Tue, 12 Jul 2022 08:56:34 +0200
+Subject: gweb: Fix OOB write in received_data()
+
+There is a mismatch of handling binary vs. C-string data with memchr
+and strlen, resulting in pos, count, and bytes_read to become out of
+sync and result in a heap overflow.  Instead, do not treat the buffer
+as an ASCII C-string. We calculate the count based on the return value
+of memchr, instead of strlen.
+
+Fixes: CVE-2022-32292
+
+Upstream-Status: Backport
+https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=d1a5ede5d255bde8ef707f8441b997563b9312b
+CVE: CVE-2022-32292
+Signed-off-by: Lee Chee Yang 
+---
+ gweb/gweb.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/gweb/gweb.c b/gweb/gweb.c
+index 12fcb1d8..13c6c5f2 100644
+--- a/gweb/gweb.c
 b/gweb/gweb.c
+@@ -918,7 +918,7 @@ static gboolean received_data(GIOChannel *channel, 
GIOCondition cond,
+   }
+ 
+   *pos = '\0';
+-  count = strlen((char *) ptr);
++  count = pos - ptr;
+   if (count > 0 && ptr[count - 1] == '\r') {
+   ptr[--count] = '\0';
+   bytes_read--;
+-- 
+cgit 
+
diff --git a/meta/recipes-connectivity/connman/connman_1.37.bb 
b/meta/recipes-connectivity/connman/connman_1.37.bb
index bdd1e590ec..4f22c7ad49 100644
--- a/meta/recipes-connectivity/connman/connman_1.37.bb
+++ b/meta/recipes-connectivity/connman/connman_1.37.bb
@@ -12,6 +12,7 @@ SRC_URI  = 
"${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \
 file://CVE-2021-33833.patch \
 file://CVE-2022-23096-7.patch \
 file://CVE-2022-23098.patch \
+file://CVE-2022-32292.patch \
 "
 
 SRC_URI_append_libc-musl = " 
file://0002-resolve-musl-does-not-implement-res_ninit.patch"
-- 
2.36.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170557): 
https://lists.openembedded.org/g/openembedded-core/message/170557
Mute This Topic: https://lists.openembedded.org/mt/93648834/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] OE-core CVE metrics for master on Sun 11 Sep 2022 04:00:01 AM HST

[Khem Raj]

On 9/11/22 7:02 AM, Steve Sakoman wrote:

Branch: master

New this week: 10 CVEs
CVE-2020-35538 (CVSS3: 5.5 MEDIUM): libjpeg-turbo:libjpeg-turbo-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35538 *
CVE-2022-1354 (CVSS3: 5.5 MEDIUM): tiff 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1354 *
CVE-2022-1355 (CVSS3: 6.1 MEDIUM): tiff 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1355 *
CVE-2022-3099 (CVSS3: 7.8 HIGH): vim 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3099 *
CVE-2022-3134 (CVSS3: 7.8 HIGH): vim 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3134 *
CVE-2022-38126 (CVSS3: 5.5 MEDIUM): 
binutils:binutils-cross-testsuite:binutils-cross-x86_64 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38126 *
CVE-2022-38127 (CVSS3: 5.5 MEDIUM): 
binutils:binutils-cross-testsuite:binutils-cross-x86_64 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38127 *
CVE-2022-38128 (CVSS3: 5.5 MEDIUM): 
binutils:binutils-cross-testsuite:binutils-cross-x86_64 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38128 *
CVE-2022-39028 (CVSS3: 7.5 HIGH): inetutils 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-39028 *
CVE-2022-39046 (CVSS3: 5.3 MEDIUM): glibc 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-39046 *

Removed this week: 4 CVEs
CVE-2021-3929 (CVSS3: 8.2 HIGH): qemu:qemu-native:qemu-system-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3929 *
CVE-2022-2953 (CVSS3: 5.5 MEDIUM): tiff 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2953 *
CVE-2022-32893 (CVSS3: 8.8 HIGH): webkitgtk 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32893 *
CVE-2022-38533 (CVSS3: 5.5 MEDIUM): 
binutils:binutils-cross-testsuite:binutils-cross-x86_64 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38533 *

Full list:  Found 15 unpatched CVEs
CVE-2020-35538 (CVSS3: 5.5 MEDIUM): libjpeg-turbo:libjpeg-turbo-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35538 *


We are at 2.1.4 in master and this was fixed in 2.0.6 via 
https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9120a247436e84c0b4eea828cb11e8f665fcde30 
so I wonder why its being flagged.



CVE-2021-3521 (CVSS3: 4.7 MEDIUM): rpm:rpm-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3521 *
CVE-2021-35937 (CVSS3: 6.4 MEDIUM): rpm:rpm-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35937 *
CVE-2021-35938 (CVSS3: 7.8 HIGH): rpm:rpm-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35938 *
CVE-2021-35939 (CVSS3: 7.8 HIGH): rpm:rpm-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35939 *
CVE-2021-4158 (CVSS3: 6.0 MEDIUM): qemu:qemu-native:qemu-system-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4158 *
CVE-2022-1354 (CVSS3: 5.5 MEDIUM): tiff 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1354 *
CVE-2022-1355 (CVSS3: 6.1 MEDIUM): tiff 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1355 *


there is a patch on ml for this.


CVE-2022-3099 (CVSS3: 7.8 HIGH): vim 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3099 *
CVE-2022-3134 (CVSS3: 7.8 HIGH): vim 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3134 *


Richard sent an update hopefully addressing this.


CVE-2022-38126 (CVSS3: 5.5 MEDIUM): 
binutils:binutils-cross-testsuite:binutils-cross-x86_64 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38126 *
CVE-2022-38127 (CVSS3: 5.5 MEDIUM): 
binutils:binutils-cross-testsuite:binutils-cross-x86_64 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38127 *


sent a patch to ml to ignore these two since they are fixed in our 
version of binutils.



CVE-2022-38128 (CVSS3: 5.5 MEDIUM): 
binutils:binutils-cross-testsuite:binutils-cross-x86_64 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38128 *


this is fixed in binutils master, will need some backporting since it 
depends on some more patches from master.



CVE-2022-39028 (CVSS3: 7.5 HIGH): inetutils 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-39028 *


sent a patch for this.


CVE-2022-39046 (CVSS3: 5.3 MEDIUM): glibc 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-39046 *



sent a patch for this.



For further information see: 
https://autobuilder.yocto.io/pub/non-release/patchmetrics/







OpenPGP_0xBB053355919D3314.asc
Description: OpenPGP public key


OpenPGP_signature
Description: OpenPGP digital signature

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170556): 
https://lists.openembedded.org/g/openembedded-core/message/170556
Mute This Topic: https://lists.openembedded.org/mt/93611544/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH] inetutils: Fix remote DoS vulnerability in inetutils-telnetd

[Khem Raj]

Signed-off-by: Khem Raj 
---
 .../inetutils/inetutils/CVE-2022-39028.patch  | 54 +++
 .../inetutils/inetutils_2.3.bb|  1 +
 2 files changed, 55 insertions(+)
 create mode 100644 
meta/recipes-connectivity/inetutils/inetutils/CVE-2022-39028.patch

diff --git a/meta/recipes-connectivity/inetutils/inetutils/CVE-2022-39028.patch 
b/meta/recipes-connectivity/inetutils/inetutils/CVE-2022-39028.patch
new file mode 100644
index 00..3b07515c7b
--- /dev/null
+++ b/meta/recipes-connectivity/inetutils/inetutils/CVE-2022-39028.patch
@@ -0,0 +1,54 @@
+From d52349fa1b6baac77ffa2c74769636aa2ece2ec5 Mon Sep 17 00:00:00 2001
+From: Erik Auerswald 
+Date: Sat, 3 Sep 2022 16:58:16 +0200
+Subject: [PATCH] telnetd: Handle early IAC EC or IAC EL receipt
+
+Fix telnetd crash if the first two bytes of a new connection
+are 0xff 0xf7 (IAC EC) or 0xff 0xf8 (IAC EL).
+
+The problem was reported in:
+.
+
+* NEWS: Mention fix.
+* telnetd/state.c (telrcv): Handle zero slctab[SLC_EC].sptr and
+zero slctab[SLC_EL].sptr.
+
+CVE: CVE-2022-39028
+Upstream-Status: Backport 
[https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=fae8263e467380483c28513c0e5fac143e46f94f]
+Signed-off-by: Khem Raj 
+---
+ telnetd/state.c | 12 +---
+ 1 file changed, 9 insertions(+), 3 deletions(-)
+
+diff --git a/telnetd/state.c b/telnetd/state.c
+index ffc6cba..c2d760f 100644
+--- a/telnetd/state.c
 b/telnetd/state.c
+@@ -312,15 +312,21 @@ telrcv (void)
+   case EC:
+   case EL:
+ {
+-  cc_t ch;
++  cc_t ch = (cc_t) (_POSIX_VDISABLE);
+ 
+   DEBUG (debug_options, 1, printoption ("td: recv IAC", c));
+   ptyflush ();/* half-hearted */
+   init_termbuf ();
+   if (c == EC)
+-ch = *slctab[SLC_EC].sptr;
++{
++  if (slctab[SLC_EC].sptr)
++ch = *slctab[SLC_EC].sptr;
++}
+   else
+-ch = *slctab[SLC_EL].sptr;
++{
++  if (slctab[SLC_EL].sptr)
++ch = *slctab[SLC_EL].sptr;
++}
+   if (ch != (cc_t) (_POSIX_VDISABLE))
+ pty_output_byte ((unsigned char) ch);
+   break;
+-- 
+2.37.3
+
diff --git a/meta/recipes-connectivity/inetutils/inetutils_2.3.bb 
b/meta/recipes-connectivity/inetutils/inetutils_2.3.bb
index 1e8f63637e..2fce84374d 100644
--- a/meta/recipes-connectivity/inetutils/inetutils_2.3.bb
+++ b/meta/recipes-connectivity/inetutils/inetutils_2.3.bb
@@ -21,6 +21,7 @@ SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.xz \
file://tftpd.xinetd.inetutils \
file://inetutils-1.9-PATH_PROCNET_DEV.patch \
file://inetutils-only-check-pam_appl.h-when-pam-enabled.patch \
+   file://CVE-2022-39028.patch \
 "
 
 inherit autotools gettext update-alternatives texinfo
-- 
2.37.3


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170555): 
https://lists.openembedded.org/g/openembedded-core/message/170555
Mute This Topic: https://lists.openembedded.org/mt/93647132/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 2/2] binutils: Ignore CVE-2022-38126 CVE-2022-38127

[Khem Raj]

They are already part of backports to 2_36 branch
as noted

Signed-off-by: Khem Raj 
---
 meta/recipes-devtools/binutils/binutils-2.39.inc | 4 
 1 file changed, 4 insertions(+)

diff --git a/meta/recipes-devtools/binutils/binutils-2.39.inc 
b/meta/recipes-devtools/binutils/binutils-2.39.inc
index 37627c8f93..e4fdb73243 100644
--- a/meta/recipes-devtools/binutils/binutils-2.39.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.39.inc
@@ -34,3 +34,7 @@ SRC_URI = "\
  file://0013-CVE-2022-38533.patch \
 "
 S  = "${WORKDIR}/git"
+# Already in 2.39 branch
+# - https://sourceware.org/bugzilla/show_bug.cgi?id=29289
+# - https://sourceware.org/bugzilla/show_bug.cgi?id=29290
+CVE_CHECK_IGNORE += "CVE-2022-38126 CVE-2022-38127"
-- 
2.37.3


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170554): 
https://lists.openembedded.org/g/openembedded-core/message/170554
Mute This Topic: https://lists.openembedded.org/mt/93646258/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 1/2] glibc: Upgrade to tip of 2.36 branch

[Khem Raj]

Adresses CVE-2022-39046

Brings in following changeset

* c399271c10 nscd: Fix netlink cache invalidation if epoll is used [BZ #29415]
* b46412fb17 Add NEWS entry for CVE-2022-39046
* 645d94808a syslog: Remove extra whitespace between timestamp and message 
(BZ#29544)
* b3736d1a3c elf: Restore how vDSO dependency is printed with 
LD_TRACE_LOADED_OBJECTS (BZ #29539)
* 3c791f2031 Apply asm redirections in wchar.h before first use
* 924e4f3eaa elf: Call __libc_early_init for reused namespaces (bug 29528)
* b0e7888d1f syslog: Fix large messages (BZ#29536)

Signed-off-by: Khem Raj 
---
 meta/recipes-core/glibc/glibc-version.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-core/glibc/glibc-version.inc 
b/meta/recipes-core/glibc/glibc-version.inc
index a078eb6377..bd125ec401 100644
--- a/meta/recipes-core/glibc/glibc-version.inc
+++ b/meta/recipes-core/glibc/glibc-version.inc
@@ -1,6 +1,6 @@
 SRCBRANCH ?= "release/2.36/master"
 PV = "2.36"
-SRCREV_glibc ?= "3bd3c612e98a53ce60ed972f5cd2b90628b3cba5"
+SRCREV_glibc ?= "c399271c10bd00714504e8d4dfbec8aebf996dd4"
 SRCREV_localedef ?= "794da69788cbf9bf57b59a852f9f11307663fa87"
 
 GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"
-- 
2.37.3


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170553): 
https://lists.openembedded.org/g/openembedded-core/message/170553
Mute This Topic: https://lists.openembedded.org/mt/93646257/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] Current high bug count owners for Yocto Project 4.1

[Stephen Jolley]

All,

Below is the list as of top 35 bug owners as of the end of WW37 of who have
open medium or higher bugs and enhancements against YP 4.1.   There are 33
possible work days left until the final release candidates for YP 4.1 needs
to be released.


Who

Count


michael.opdenac...@bootlin.com

37


david.re...@windriver.com

23


bruce.ashfi...@gmail.com

22


ross.bur...@arm.com

19


randy.macl...@windriver.com

16


richard.pur...@linuxfoundation.org

13


sakib.sa...@windriver.com

11


jpewhac...@gmail.com

9


saul.w...@windriver.com

8


aryaman.gu...@windriver.com

6


sundeep.kokko...@gmail.com

5


pa...@zhukoff.net

5


jon.ma...@arm.com

4


tim.orl...@konsulko.com

4


pgowda@gmail.com

3


akuster...@gmail.com

3


mhalst...@linuxfoundation.org

2


hongxu@windriver.com

2


raj.k...@gmail.com

2


qi.c...@windriver.com

2


s...@bigsur.com

2


tvgamb...@gmail.com

2


martin.ja...@gmail.com

1


aeh...@gmail.com

1


open.sou...@oleksandr-kravchuk.com

1


mostthings...@gmail.com

1


ptsne...@gmail.com

1


ola.x.nils...@axis.com

1


martin.bee...@online.de

1


nicolas.deche...@linaro.org

1


thomas.per...@bootlin.com

1


shac...@vdoo.com

1


beh...@converseincode.com

1


alexandre.bell...@bootlin.com

1


alejan...@enedino.org

1


Grand Total

213

Thanks,

 

Stephen K. Jolley

Yocto Project Program Manager

*Cell:(208) 244-4460

* Email:  sjolley.yp...@gmail.com
 

 


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170552): 
https://lists.openembedded.org/g/openembedded-core/message/170552
Mute This Topic: https://lists.openembedded.org/mt/93646101/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] Yocto Project Newcomer & Unassigned Bugs - Help Needed

[Stephen Jolley]

All,

 

The triage team is starting to try and collect up and classify bugs which a
newcomer to the project would be able to work on in a way which means people
can find them. They're being listed on the triage page under the appropriate
heading:

https://wiki.yoctoproject.org/wiki/Bug_Triage#Newcomer_Bugs  Also please
review:
https://www.openembedded.org/wiki/How_to_submit_a_patch_to_OpenEmbedded and
how to create a bugzilla account at:

https://bugzilla.yoctoproject.org/createaccount.cgi

The idea is these bugs should be straight forward for a person to help work
on who doesn't have deep experience with the project.  If anyone can help,
please take ownership of the bug and send patches!  If anyone needs
help/advice there are people on irc who can likely do so, or some of the
more experienced contributors will likely be happy to help too.

 

Also, the triage team meets weekly and does its best to handle the bugs
reported into the Bugzilla. The number of people attending that meeting has
fallen, as have the number of people available to help fix bugs. One of the
things we hear users report is they don't know how to help. We (the triage
team) are therefore going to start reporting out the currently 410
unassigned or newcomer bugs.

 

We're hoping people may be able to spare some time now and again to help out
with these.  Bugs are split into two types, "true bugs" where things don't
work as they should and "enhancements" which are features we'd want to add
to the system.  There are also roughly four different "priority" classes
right now,  "4.1", "4.2", "4.3", "4.99" and "Future", the more
pressing/urgent issues being in "4.1" and then "4.2".

 

Please review this link and if a bug is something you would be able to help
with either take ownership of the bug, or send me (sjolley.yp...@gmail.com
 ) an e-mail with the bug number you would
like and I will assign it to you (please make sure you have a Bugzilla
account).  The list is at:
https://wiki.yoctoproject.org/wiki/Bug_Triage_Archive#Unassigned_or_Newcomer
_Bugs

 

Thanks,

 

Stephen K. Jolley

Yocto Project Program Manager

*Cell:(208) 244-4460

* Email:  sjolley.yp...@gmail.com
 

 


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170551): 
https://lists.openembedded.org/g/openembedded-core/message/170551
Mute This Topic: https://lists.openembedded.org/mt/93646078/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [dunfell][PATCH] tiff: Security fixes CVE-2022-1354 and CVE-2022-1355

[Lee Chee Yang]

From: Yi Zhao 

References:
https://nvd.nist.gov/vuln/detail/CVE-2022-1354
https://security-tracker.debian.org/tracker/CVE-2022-1354

https://nvd.nist.gov/vuln/detail/CVE-2022-1355
https://security-tracker.debian.org/tracker/CVE-2022-1355

Patches from:

CVE-2022-1354:
https://gitlab.com/libtiff/libtiff/-/commit/87f580f39011109b3bb5f6eca13fac543a542798

CVE-2022-1355:
https://gitlab.com/libtiff/libtiff/-/commit/c1ae29f9ebacd29b7c3e0c7db671af7db3584bc2

(From OE-Core rev: 6c373c041f1dd45458866408d1ca16d47cacbd86)

Signed-off-by: Yi Zhao 
Signed-off-by: Steve Sakoman 
Signed-off-by: Richard Purdie 
Signed-off-by: Chee Yang Lee 
---
 .../libtiff/tiff/CVE-2022-1354.patch  | 212 ++
 .../libtiff/tiff/CVE-2022-1355.patch  |  62 +
 meta/recipes-multimedia/libtiff/tiff_4.1.0.bb |   2 +
 3 files changed, 276 insertions(+)
 create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2022-1354.patch
 create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2022-1355.patch

diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2022-1354.patch 
b/meta/recipes-multimedia/libtiff/tiff/CVE-2022-1354.patch
new file mode 100644
index 00..71b85cac10
--- /dev/null
+++ b/meta/recipes-multimedia/libtiff/tiff/CVE-2022-1354.patch
@@ -0,0 +1,212 @@
+From 87881e093691a35c60b91cafed058ba2dd5d9807 Mon Sep 17 00:00:00 2001
+From: Even Rouault 
+Date: Sun, 5 Dec 2021 14:37:46 +0100
+Subject: [PATCH] TIFFReadDirectory: fix OJPEG hack (fixes #319)
+
+to avoid having the size of the strip arrays inconsistent with the
+number of strips returned by TIFFNumberOfStrips(), which may cause
+out-ouf-bounds array read afterwards.
+
+One of the OJPEG hack that alters SamplesPerPixel may influence the
+number of strips. Hence compute tif_dir.td_nstrips only afterwards.
+
+CVE: CVE-2022-1354
+
+Upstream-Status: Backport
+[https://gitlab.com/libtiff/libtiff/-/commit/87f580f39011109b3bb5f6eca13fac543a542798]
+
+Signed-off-by: Yi Zhao 
+---
+ libtiff/tif_dirread.c | 162 ++
+ 1 file changed, 83 insertions(+), 79 deletions(-)
+
+diff --git a/libtiff/tif_dirread.c b/libtiff/tif_dirread.c
+index 8f434ef5..14c031d1 100644
+--- a/libtiff/tif_dirread.c
 b/libtiff/tif_dirread.c
+@@ -3794,50 +3794,7 @@ TIFFReadDirectory(TIFF* tif)
+   MissingRequired(tif,"ImageLength");
+   goto bad;
+   }
+-  /*
+-   * Setup appropriate structures (by strip or by tile)
+-   */
+-  if (!TIFFFieldSet(tif, FIELD_TILEDIMENSIONS)) {
+-  tif->tif_dir.td_nstrips = TIFFNumberOfStrips(tif);  
+-  tif->tif_dir.td_tilewidth = tif->tif_dir.td_imagewidth;
+-  tif->tif_dir.td_tilelength = tif->tif_dir.td_rowsperstrip;
+-  tif->tif_dir.td_tiledepth = tif->tif_dir.td_imagedepth;
+-  tif->tif_flags &= ~TIFF_ISTILED;
+-  } else {
+-  tif->tif_dir.td_nstrips = TIFFNumberOfTiles(tif);
+-  tif->tif_flags |= TIFF_ISTILED;
+-  }
+-  if (!tif->tif_dir.td_nstrips) {
+-  TIFFErrorExt(tif->tif_clientdata, module,
+-  "Cannot handle zero number of %s",
+-  isTiled(tif) ? "tiles" : "strips");
+-  goto bad;
+-  }
+-  tif->tif_dir.td_stripsperimage = tif->tif_dir.td_nstrips;
+-  if (tif->tif_dir.td_planarconfig == PLANARCONFIG_SEPARATE)
+-  tif->tif_dir.td_stripsperimage /= 
tif->tif_dir.td_samplesperpixel;
+-  if (!TIFFFieldSet(tif, FIELD_STRIPOFFSETS)) {
+-#ifdef OJPEG_SUPPORT
+-  if ((tif->tif_dir.td_compression==COMPRESSION_OJPEG) &&
+-  (isTiled(tif)==0) &&
+-  (tif->tif_dir.td_nstrips==1)) {
+-  /*
+-   * XXX: OJPEG hack.
+-   * If a) compression is OJPEG, b) it's not a tiled TIFF,
+-   * and c) the number of strips is 1,
+-   * then we tolerate the absence of stripoffsets tag,
+-   * because, presumably, all required data is in the
+-   * JpegInterchangeFormat stream.
+-   */
+-  TIFFSetFieldBit(tif, FIELD_STRIPOFFSETS);
+-  } else
+-#endif
+-{
+-  MissingRequired(tif,
+-  isTiled(tif) ? "TileOffsets" : "StripOffsets");
+-  goto bad;
+-  }
+-  }
++
+   /*
+* Second pass: extract other information.
+*/
+@@ -4042,41 +3999,6 @@ TIFFReadDirectory(TIFF* tif)
+   } /* -- if (!dp->tdir_ignore) */
+   } /* -- for-loop -- */
+ 
+-if( tif->tif_mode == O_RDWR &&
+-tif->tif_dir.td_stripoffset_entry.tdir_tag != 0 &&
+-tif->tif_dir.td_stripoffset_entry.tdir_count == 0 &&
+-tif->tif_dir.td_stripoffset_entry.tdir_type == 0 &&
+-

[OE-core] [PATCH] vim: Upgrade 9.0.0341 -> 9.0.0453

[Richard Purdie]

Includes fixes for CVE-2022-3099 and CVE-2022-3134.

Signed-off-by: Richard Purdie 
---
 meta/recipes-support/vim/vim.inc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc
index 33a82992433..70dc2dfecf5 100644
--- a/meta/recipes-support/vim/vim.inc
+++ b/meta/recipes-support/vim/vim.inc
@@ -20,8 +20,8 @@ SRC_URI = 
"git://github.com/vim/vim.git;branch=master;protocol=https \
file://no-path-adjust.patch \
"
 
-PV .= ".0341"
-SRCREV = "92a3d20682d46359bb50a452b4f831659e799155"
+PV .= ".0453"
+SRCREV = "83a19c5fda0556330860899bfb484addf9178cd0"
 
 # Remove when 8.3 is out
 UPSTREAM_VERSION_UNKNOWN = "1"
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170549): 
https://lists.openembedded.org/g/openembedded-core/message/170549
Mute This Topic: https://lists.openembedded.org/mt/93644190/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH v3 2/2] nfs-ganesha: Replace unfs3 with nfs-ganesha

[Adrian Freihofer]

Hi Paulo

This looks very interesting. Is the goal here to just replace unfs3 on
a device running a Yocto-based firmware, or is the goal also to enable
the User Space NFS server for development without root privileges as
documented here:
https://docs.yoctoproject.org/dev-manual/qemu.html?highlight=runqemu+rootfs+export#running-under-a-network-file-system-nfs-server
?
Not sure if the patches would break the runqemu-export-rootfs script.
The script starts "$OECORE_NATIVE_SYSROOT/usr/bin/unfsd".

It would be really nice if nfs-ganesha could replace unfs3 also for
this use case. From my point of view, the user space NFS based
development setup has still significant advantages over using a kernel
space NFS server. Might be that the stability of unfs3 was one reason
why many developers still prefer a kernel space NFS server for
development. But with nfs-ganesha I see a great chance to get this
fixed and the possibility to create an even better solution for NFS
booted devices than with the kernel space server.

Maybe there is an other issue with the user space NFS based setup: The
linux-yocto kernel does not contain the corresponding patch to
configure the nfs ports via the kernel command line for some time now
https://docs.yoctoproject.org/dev-manual/qemu.html?highlight=runqemu+rootfs+export#running-under-a-network-file-system-nfs-server.
However, with the current state it is still possible to run a patched
kernel for that reason. Without unfs3 this will no longer be supported.

What will be the state of the runqemu-export-rootfs script after
merging this?

Thank you and regards,
Adrian


On Sun, 2022-08-28 at 19:43 +0200, Paulo Neves wrote:
> nfs-ganesha is actively maintained in contrast with unfs3. glibc tests
> pass with nfs-ganesha.
> 
> Signed-off-by: Paulo Neves 
> ---
>  meta/lib/oeqa/utils/nfs.py|   2 +-
>  ...ix-possible-null-pointer-dereference.patch |  38 +
>  ...-Workaround-for-erroneous-gcc-Werror.patch |  33 
>  ...ke-nfsv3_optype-guarded-by-_USE_NFS3.patch |  35 
>  .../nfs-ganesha/nfs-ganesha/module.patch  |  27 +++
>  .../nfs-ganesha/nfs-ganesha_4.0.bb|  44 +
>  ...1-Add-listen-action-for-a-tcp-socket.patch |  54 --
>  .../0001-attr-fix-utime-for-symlink.patch |  85 --
>  ...0001-daemon.c-Libtirpc-porting-fixes.patch |  37 
>  .../unfs3/unfs3/alternate_rpc_ports.patch | 158 --
>  .../unfs3/unfs3/fix_compile_warning.patch |  25 ---
>  ...fix_pid_race_parent_writes_child_pid.patch |  61 ---
>  .../unfs3/unfs3/no-yywrap.patch   |  14 --
>  .../unfs3/relative_max_socket_path_len.patch  |  74 
>  .../unfs3/unfs3/rename_fh_cache.patch |  64 ---
>  .../unfs3/unfs3/tcp_no_delay.patch|  56 ---
>  .../unfs3/unfs3/unfs3_parallel_build.patch|  37 
>  meta/recipes-devtools/unfs3/unfs3_git.bb  |  45 -
>  18 files changed, 178 insertions(+), 711 deletions(-)
>  create mode 100644 
> meta/recipes-connectivity/nfs-ganesha/nfs-ganesha/0001-Fix-possible-null-pointer-dereference.patch
>  create mode 100644 
> meta/recipes-connectivity/nfs-ganesha/nfs-ganesha/0002-Workaround-for-erroneous-gcc-Werror.patch
>  create mode 100644 
> meta/recipes-connectivity/nfs-ganesha/nfs-ganesha/0003-Make-nfsv3_optype-guarded-by-_USE_NFS3.patch
>  create mode 100644 
> meta/recipes-connectivity/nfs-ganesha/nfs-ganesha/module.patch
>  create mode 100644 meta/recipes-connectivity/nfs-ganesha/nfs-ganesha_4.0.bb
>  delete mode 100644 
> meta/recipes-devtools/unfs3/unfs3/0001-Add-listen-action-for-a-tcp-socket.patch
>  delete mode 100644 
> meta/recipes-devtools/unfs3/unfs3/0001-attr-fix-utime-for-symlink.patch
>  delete mode 100644 
> meta/recipes-devtools/unfs3/unfs3/0001-daemon.c-Libtirpc-porting-fixes.patch
>  delete mode 100644 
> meta/recipes-devtools/unfs3/unfs3/alternate_rpc_ports.patch
>  delete mode 100644 
> meta/recipes-devtools/unfs3/unfs3/fix_compile_warning.patch
>  delete mode 100644 
> meta/recipes-devtools/unfs3/unfs3/fix_pid_race_parent_writes_child_pid.patch
>  delete mode 100644 meta/recipes-devtools/unfs3/unfs3/no-yywrap.patch
>  delete mode 100644 
> meta/recipes-devtools/unfs3/unfs3/relative_max_socket_path_len.patch
>  delete mode 100644 meta/recipes-devtools/unfs3/unfs3/rename_fh_cache.patch
>  delete mode 100644 meta/recipes-devtools/unfs3/unfs3/tcp_no_delay.patch
>  delete mode 100644 
> meta/recipes-devtools/unfs3/unfs3/unfs3_parallel_build.patch
>  delete mode 100644 meta/recipes-devtools/unfs3/unfs3_git.bb
> 
> diff --git a/meta/lib/oeqa/utils/nfs.py b/meta/lib/oeqa/utils/nfs.py
> index c1218656ce..bd947c0b88 100644
> --- a/meta/lib/oeqa/utils/nfs.py
> +++ b/meta/lib/oeqa/utils/nfs.py
> @@ -16,7 +16,7 @@ def unfs_server(directory, logger = None):
>  unfs_sysroot = get_bb_var("RECIPE_SYSROOT_NATIVE", "unfs3-native")
>  if not os.path.exists(os.path.join(unfs_sysroot, "usr", "bin", "unfsd")):
>  # build native tool
> -

Re: [OE-core] [PATCH] libxml2: don't override XML_CATALOG_FILES in xmllint wrapper if already set

[Andreas Müller]

On Mon, Sep 12, 2022 at 11:43 AM Richard Purdie
 wrote:
>
> On Sun, 2022-09-11 at 23:21 +0100, Richard Purdie via
> lists.openembedded.org wrote:
> > On Fri, 2022-09-09 at 23:54 +0100, Richard Purdie via
> > lists.openembedded.org wrote:
> > > On Fri, 2022-09-09 at 17:36 +0100, Ross Burton wrote:
> > > > The KDE build uses custom catalogs by setting XML_CATALOG_FILES, so this
> > > > wrapper should not override that value if it has already been set.
> > > >
> > > > Signed-off-by: Ross Burton 
> > > > ---
> > > >  meta/recipes-core/libxml/libxml2_2.9.14.bb | 2 +-
> > > >  1 file changed, 1 insertion(+), 1 deletion(-)
> > > >
> > > > diff --git a/meta/recipes-core/libxml/libxml2_2.9.14.bb 
> > > > b/meta/recipes-core/libxml/libxml2_2.9.14.bb
> > > > index 2b2289e38a6..165c92d4114 100644
> > > > --- a/meta/recipes-core/libxml/libxml2_2.9.14.bb
> > > > +++ b/meta/recipes-core/libxml/libxml2_2.9.14.bb
> > > > @@ -121,7 +121,7 @@ do_install:append:class-native () {
> > > >   # Docs are not needed in the native case
> > > >   rm ${D}${datadir}/gtk-doc -rf
> > > >
> > > > - create_wrapper ${D}${bindir}/xmllint 
> > > > XML_CATALOG_FILES=${sysconfdir}/xml/catalog
> > > > + create_wrapper ${D}${bindir}/xmllint 
> > > > 'XML_CATALOG_FILES=${XML_CATALOG_FILES:-${sysconfdir}/xml/catalog}'
> > > >  }
> > >
> > > https://autobuilder.yoctoproject.org/typhoon/#/builders/69/builds/5823/steps/24/logs/stdio
> >
> >
> > Dependency on variable 
> > XML_CATALOG_FILES:-/media/build1/poky/build-st-282284/tmp-sstatesamehash/work/x86_64-linux/libxml2-native/2.9.14-r0/recipe-sysroot-native/etc/xml/catalog
> >  was added
> > Dependency on Variable 
> > XML_CATALOG_FILES:-/media/build1/poky/build-st-282284/tmp-sstatesamehash2/work/x86_64-linux/libxml2-native/2.9.14-r0/recipe-sysroot-native/etc/xml/catalog
> >  was removed
> >
> > i.e. it is expanding the variable in the keyname!
>
> I tweaked the patch to exclude this variable for now. We probably need
> to think a bit more about what bitbake is considering a variable name
> though...

Thanks for addressing. Will remove my workaround in meta-qt5-extra and
hope not to come back :)

Andreas

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170547): 
https://lists.openembedded.org/g/openembedded-core/message/170547
Mute This Topic: https://lists.openembedded.org/mt/93577134/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] CVE raffle: collision avoidance

[Steve Sakoman]

On Mon, Sep 12, 2022 at 10:01 AM Marta Rybczynska  wrote:
>
> On Mon, Sep 12, 2022 at 9:16 PM Steve Sakoman  wrote:
> >
> > On Mon, Sep 12, 2022 at 8:57 AM Martin Jansa  wrote:
> > >
> > > You mean this list?
> > > https://lists.yoctoproject.org/g/yocto-security/message/655
> >
> > Yes, I assumed everyone was aware of the weekly CVE list!  Did you
> > have something else in mind?
>
> Sorry for the confusion. I meant that exact list and suggested to use
> it as a reservation list without manually looking into this thread and
> verifying with the three different CVE emails.

This is a dunfell only raffle, so there is only the dunfell CVE mail
to look at :-)

But ... there will be 7 or 8 weekly emails during the raffle period.  So putting
all the reservations in this one thread seemed to make more sense to me.

Steve

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170546): 
https://lists.openembedded.org/g/openembedded-core/message/170546
Mute This Topic: https://lists.openembedded.org/mt/93637108/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] CVE raffle: collision avoidance

[Marta Rybczynska]

On Mon, Sep 12, 2022 at 9:16 PM Steve Sakoman  wrote:
>
> On Mon, Sep 12, 2022 at 8:57 AM Martin Jansa  wrote:
> >
> > You mean this list?
> > https://lists.yoctoproject.org/g/yocto-security/message/655
>
> Yes, I assumed everyone was aware of the weekly CVE list!  Did you
> have something else in mind?

Sorry for the confusion. I meant that exact list and suggested to use
it as a reservation list without manually looking into this thread and
verifying with the three different CVE emails.

Kind regards,
Marta

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170545): 
https://lists.openembedded.org/g/openembedded-core/message/170545
Mute This Topic: https://lists.openembedded.org/mt/93637108/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH 1/1] watchdog: Remove unneeded tirpc dependency

[Khem Raj]

On Mon, Sep 12, 2022 at 12:08 PM Paulo Neves  wrote:
>
> it should as there is no rpc code in the project as far as i scanned. I
> built it with musl successfully.

OK thanks for confirming.

>
> Paulo Neves
>
> On 9/12/22 17:06, Khem Raj wrote:
> > On Mon, Sep 12, 2022 at 2:21 AM Paulo Neves  wrote:
> >> watchdog code does not have any dependency on rpc code,
> >> therefore the dependency and flags to try to use it are
> >> removed.
> >>
> >> Signed-off-by: Paulo Neves 
> >> ---
> >>   meta/recipes-extended/watchdog/watchdog_5.16.bb | 4 
> >>   1 file changed, 4 deletions(-)
> >>
> >> diff --git a/meta/recipes-extended/watchdog/watchdog_5.16.bb 
> >> b/meta/recipes-extended/watchdog/watchdog_5.16.bb
> >> index 26fcc10487..6031dcaa16 100644
> >> --- a/meta/recipes-extended/watchdog/watchdog_5.16.bb
> >> +++ b/meta/recipes-extended/watchdog/watchdog_5.16.bb
> >> @@ -28,10 +28,6 @@ UPSTREAM_CHECK_REGEX = 
> >> "/watchdog/(?P(\d+[\.\-_]*)+)/"
> >>
> >>   inherit autotools update-rc.d systemd pkgconfig
> >>
> >> -DEPENDS += "libtirpc"
> >> -CFLAGS += "-I${STAGING_INCDIR}/tirpc"
> >> -LDFLAGS += "-ltirpc"
> >> -
> > does musl build works too ?
> >
> >>   EXTRA_OECONF += " --disable-nfs "
> >>   CACHED_CONFIGUREVARS += "ac_cv_path_PATH_SENDMAIL=${sbindir}/sendmail"
> >>
> >> --
> >> 2.25.1
> >>
> >>
> >> 
> >>
>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170544): 
https://lists.openembedded.org/g/openembedded-core/message/170544
Mute This Topic: https://lists.openembedded.org/mt/93628579/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] CVE raffle: collision avoidance

[Steve Sakoman]

On Mon, Sep 12, 2022 at 8:57 AM Martin Jansa  wrote:
>
> You mean this list?
> https://lists.yoctoproject.org/g/yocto-security/message/655

Yes, I assumed everyone was aware of the weekly CVE list!  Did you
have something else in mind?

Steve

> On Mon, Sep 12, 2022 at 8:56 PM Marta Rybczynska  wrote:
>>
>>
>>
>>
>> On Mon, 12 Sept 2022, 17:55 Steve Sakoman,  wrote:
>>>
>>> Reply to this thread noting which CVE you plan to work on.  Please
>>> don't claim one unless you really intend to follow through!
>>>
>> Hello Steve,
>> What about sending the list of pending CVEs (from the existing 
>> dunfell/kirkstone/master lists) for easier tracking?
>>
>> Kind regards,
>> Marta
>>
>> 
>>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170543): 
https://lists.openembedded.org/g/openembedded-core/message/170543
Mute This Topic: https://lists.openembedded.org/mt/93637108/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH 1/1] watchdog: Remove unneeded tirpc dependency

[Paulo Neves]

it should as there is no rpc code in the project as far as i scanned. I 
built it with musl successfully.


Paulo Neves

On 9/12/22 17:06, Khem Raj wrote:

On Mon, Sep 12, 2022 at 2:21 AM Paulo Neves  wrote:

watchdog code does not have any dependency on rpc code,
therefore the dependency and flags to try to use it are
removed.

Signed-off-by: Paulo Neves 
---
  meta/recipes-extended/watchdog/watchdog_5.16.bb | 4 
  1 file changed, 4 deletions(-)

diff --git a/meta/recipes-extended/watchdog/watchdog_5.16.bb 
b/meta/recipes-extended/watchdog/watchdog_5.16.bb
index 26fcc10487..6031dcaa16 100644
--- a/meta/recipes-extended/watchdog/watchdog_5.16.bb
+++ b/meta/recipes-extended/watchdog/watchdog_5.16.bb
@@ -28,10 +28,6 @@ UPSTREAM_CHECK_REGEX = "/watchdog/(?P(\d+[\.\-_]*)+)/"

  inherit autotools update-rc.d systemd pkgconfig

-DEPENDS += "libtirpc"
-CFLAGS += "-I${STAGING_INCDIR}/tirpc"
-LDFLAGS += "-ltirpc"
-

does musl build works too ?


  EXTRA_OECONF += " --disable-nfs "
  CACHED_CONFIGUREVARS += "ac_cv_path_PATH_SENDMAIL=${sbindir}/sendmail"

--
2.25.1







-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170542): 
https://lists.openembedded.org/g/openembedded-core/message/170542
Mute This Topic: https://lists.openembedded.org/mt/93628579/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] CVE raffle: collision avoidance

[Martin Jansa]

You mean this list?
https://lists.yoctoproject.org/g/yocto-security/message/655

On Mon, Sep 12, 2022 at 8:56 PM Marta Rybczynska 
wrote:

>
>
>
> On Mon, 12 Sept 2022, 17:55 Steve Sakoman,  wrote:
>
>> Reply to this thread noting which CVE you plan to work on.  Please
>> don't claim one unless you really intend to follow through!
>>
>> Hello Steve,
> What about sending the list of pending CVEs (from the existing
> dunfell/kirkstone/master lists) for easier tracking?
>
> Kind regards,
> Marta
>
> 
>
>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170541): 
https://lists.openembedded.org/g/openembedded-core/message/170541
Mute This Topic: https://lists.openembedded.org/mt/93637108/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] CVE raffle: collision avoidance

[Marta Rybczynska]

On Mon, 12 Sept 2022, 17:55 Steve Sakoman,  wrote:

> Reply to this thread noting which CVE you plan to work on.  Please
> don't claim one unless you really intend to follow through!
>
> Hello Steve,
What about sending the list of pending CVEs (from the existing
dunfell/kirkstone/master lists) for easier tracking?

Kind regards,
Marta

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170540): 
https://lists.openembedded.org/g/openembedded-core/message/170540
Mute This Topic: https://lists.openembedded.org/mt/93637108/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] CVE raffle: collision avoidance

[Steve Sakoman]

Reply to this thread noting which CVE you plan to work on.  Please
don't claim one unless you really intend to follow through!

Thanks!

Steve

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170539): 
https://lists.openembedded.org/g/openembedded-core/message/170539
Mute This Topic: https://lists.openembedded.org/mt/93637108/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] Dunfell CVE reduction fun: Raffle #2

[Steve Sakoman]

Sadly the CVE count for dunfell has been creeping up over the past
few months. Several people regularly contribute CVE patches for
dunfell and their efforts are much appreciated. But we need more
help!

To encourage more folks to contribute to this effort I'm going to be
holding a raffle from now through the end of October.  You'll get
one entry for each CVE fix patch that I merge into dunfell.  And a
CVE database update that results in a reduction in dunfell reported
issues will also get you an entry.

The prize?  A bag of fresh roasted whole bean coffee from my small
coffee orchard here on the Big Island of Hawaii. This coffee won first
prize for the Hamakua District in the 2021 State of Hawaii cupping
competition. If the winner isn't a coffee drinker I'll try to get some
locally grown tea as a substitute prize.

The fine print:

1. Patches and database update requests must be submitted during the
period September 12 through October 31, 2022 to receive a raffle entry.

2. CVE patch submissions should follow the guidelines in the "Patch
name convention and commit message" section of
https://wiki.yoctoproject.org/wiki/Security

3. If the patch also applies to master please send the patch for
master and note that it should be backported to dunfell/kirkstone as
appropriate.  I'll pull this type of patch into dunfell only after it
hits master.

4. CVE database update requests should be sent to:
cpe_diction...@nist.gov  You should note the CVE number and provide
supporting links for why you think an update is appropriate. When you
receive a "Thank you for bringing this to our attention. We appreciate
community input" response please forward a copy to me.  I'll add your
raffle entry to the pool when the database is updated and the dunfell
cve count reduced.

5. To help avoid people working on the same CVE's I'll start a "CVE
raffle: collision avoidance" thread on this list.  Just do a quick
reply noting which CVE you plan to work on.  Please don't claim one
unless you really intend to follow through!

Steve

PS: While CVE patches for master and kirkstone are also much appreciated,
this raffle is intended to help reduce the dunfell CVE count. So only CVE
fixes/database updates that influence the dunfell CVE count will be entered
in the raffle.

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170538): 
https://lists.openembedded.org/g/openembedded-core/message/170538
Mute This Topic: https://lists.openembedded.org/mt/93637037/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH 1/1] watchdog: Remove unneeded tirpc dependency

[Khem Raj]

On Mon, Sep 12, 2022 at 2:21 AM Paulo Neves  wrote:
>
> watchdog code does not have any dependency on rpc code,
> therefore the dependency and flags to try to use it are
> removed.
>
> Signed-off-by: Paulo Neves 
> ---
>  meta/recipes-extended/watchdog/watchdog_5.16.bb | 4 
>  1 file changed, 4 deletions(-)
>
> diff --git a/meta/recipes-extended/watchdog/watchdog_5.16.bb 
> b/meta/recipes-extended/watchdog/watchdog_5.16.bb
> index 26fcc10487..6031dcaa16 100644
> --- a/meta/recipes-extended/watchdog/watchdog_5.16.bb
> +++ b/meta/recipes-extended/watchdog/watchdog_5.16.bb
> @@ -28,10 +28,6 @@ UPSTREAM_CHECK_REGEX = 
> "/watchdog/(?P(\d+[\.\-_]*)+)/"
>
>  inherit autotools update-rc.d systemd pkgconfig
>
> -DEPENDS += "libtirpc"
> -CFLAGS += "-I${STAGING_INCDIR}/tirpc"
> -LDFLAGS += "-ltirpc"
> -

does musl build works too ?

>  EXTRA_OECONF += " --disable-nfs "
>  CACHED_CONFIGUREVARS += "ac_cv_path_PATH_SENDMAIL=${sbindir}/sendmail"
>
> --
> 2.25.1
>
>
> 
>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170537): 
https://lists.openembedded.org/g/openembedded-core/message/170537
Mute This Topic: https://lists.openembedded.org/mt/93628579/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] binutils: update USE_ALTERNATIVES_FOR for symlink files

[Richard Purdie]

On Sun, 2022-09-11 at 16:47 +0800, kai wrote:
> From: Kai Kang 
> 
> It provides more binary files by binutils 2.39. Then add them to
> USE_ALTERNATIVES_FOR as others to handle symlink files via
> update-alternative mechanism.
> 
> Signed-off-by: Kai Kang 
> ---
>  meta/recipes-devtools/binutils/binutils.inc | 6 ++
>  1 file changed, 6 insertions(+)
> 
> diff --git a/meta/recipes-devtools/binutils/binutils.inc 
> b/meta/recipes-devtools/binutils/binutils.inc
> index 789c8bec21..9d33a64371 100644
> --- a/meta/recipes-devtools/binutils/binutils.inc
> +++ b/meta/recipes-devtools/binutils/binutils.inc
> @@ -47,7 +47,13 @@ USE_ALTERNATIVES_FOR = " \
>   as \
>   c++filt \
>   elfedit \
> + gp-archive \
> + gp-collect-app \
> + gp-display-html \
> + gp-display-src \
> + gp-display-text \
>   gprof \
> + gprofng \
>   ld \
>   ld.bfd \
>   ${LDGOLD_ALTS} \

This throws tons of warnings:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4219

e.g.:

https://autobuilder.yoctoproject.org/typhoon/#/builders/65/builds/5896/steps/12/logs/warnings

but many more.

Cheers,

Richard

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170536): 
https://lists.openembedded.org/g/openembedded-core/message/170536
Mute This Topic: https://lists.openembedded.org/mt/93608151/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] Kirkstone Rust - native only error

[Peter Bergin]

Hi Joel,

On 2022-09-11 03:00, Joel Winarske wrote:
I'm putting together a recipe that requires two passes, native, then 
target.  I'm hitting a python error only in the native pass.  I can 
cross compile the tool without error, so the problem is  isolated to 
native.  Any ideas?


Recipe is progress:
https://github.com/meta-flutter/meta-flutter/blob/jw/membrane/recipes-devtools/membrane/membrane-example_git.bb

Thanks,
Joel

| error: linking with 
`/__w/meta-flutter/yocto-kirkstone/build/tmp/work/x86_64-linux/membrane-example-native/git.AUTOINC+4e788100fc-r0/wrapper/target-rust-ccld` 
failed: exit status: 1
528 
| 
|
529 
| 
= note: 
"/__w/meta-flutter/yocto-kirkstone/build/tmp/work/x86_64-linux/membrane-example-native/git.AUTOINC+4e788100fc-r0/wrapper/target-rust-ccld" 
"/__w/meta-flutter/yocto-kirkstone/build/tmp/work/x86_64-linux/membrane-example-native/git.AUTOINC+4e788100fc-r0/build/target/debug/build/parking_lot_core-e7575e9f22c0f65d/build_script_build-e7575e9f22c0f65d.build_script_build.c34fd75e-cgu.0.rcgu.o" 
"/__w/meta-flutter/yocto-kirkstone/build/tmp/work/x86_64-linux/membrane-example-native/git.AUTOINC+4e788100fc-r0/build/target/debug/build/parking_lot_core-e7575e9f22c0f65d/build_script_build-e7575e9f22c0f65d.build_script_build.c34fd75e-cgu.1.rcgu.o" 
"/__w/meta-flutter/yocto-kirkstone/build/tmp/work/x86_64-linux/membrane-example-native/git.AUTOINC+4e788100fc-r0/build/target/debug/build/parking_lot_core-e7575e9f22c0f65d/build_script_build-e7575e9f22c0f65d.build_script_build.c34fd75e-cgu.10.rcgu.o" 
"/__w/meta-flutter/yocto-kirkstone/build/tmp/work/x86_64-linux/membrane-example-native/git.AUTOINC+4e788100fc-r0/build/tar... 

530 
| 
= note: Traceback (most recent call last):
531 
| 
File 
"/__w/meta-flutter/yocto-kirkstone/build/tmp/work/x86_64-linux/membrane-example-native/git.AUTOINC+4e788100fc-r0/wrapper/target-rust-ccld", 
line 6, in 
532 
| 
os.execvp(binary, args)
533 
| 
File 
"/__w/meta-flutter/yocto-kirkstone/build/tmp/work/x86_64-linux/membrane-example-native/git.AUTOINC+4e788100fc-r0/recipe-sysroot-native/usr/lib/python3.10/os.py", 
line 574, in execvp
534 
| 
_execvpe(file, args)
535 
| 
File 
"/__w/meta-flutter/yocto-kirkstone/build/tmp/work/x86_64-linux/membrane-example-native/git.AUTOINC+4e788100fc-r0/recipe-sysroot-native/usr/lib/python3.10/os.py", 
line 616, in _execvpe
536 
| 
raise last_exc
537 
| 
File 
"/__w/meta-flutter/yocto-kirkstone/build/tmp/work/x86_64-linux/membrane-example-native/git.AUTOINC+4e788100fc-r0/recipe-sysroot-native/usr/lib/python3.10/os.py", 
line 607, in _execvpe
538 
| 
exec_func(fullname, *argrest)
539 
| 
FileNotFoundError: [Errno 2] No such file or directory


Just looking at the last line and the error it looks similar to what I 
hunted for in this thread. 
https://lists.openembedded.org/g/openembedded-core/topic/93200332#169698 
Could probably be something similar. In that case the build used wrong 
interpreter. I hope it can help you somewhere.


/Peter


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170535): 
https://lists.openembedded.org/g/openembedded-core/message/170535
Mute This Topic: https://lists.openembedded.org/mt/93604678/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] libxml2: don't override XML_CATALOG_FILES in xmllint wrapper if already set

[Richard Purdie]

On Sun, 2022-09-11 at 23:21 +0100, Richard Purdie via
lists.openembedded.org wrote:
> On Fri, 2022-09-09 at 23:54 +0100, Richard Purdie via
> lists.openembedded.org wrote:
> > On Fri, 2022-09-09 at 17:36 +0100, Ross Burton wrote:
> > > The KDE build uses custom catalogs by setting XML_CATALOG_FILES, so this
> > > wrapper should not override that value if it has already been set.
> > > 
> > > Signed-off-by: Ross Burton 
> > > ---
> > >  meta/recipes-core/libxml/libxml2_2.9.14.bb | 2 +-
> > >  1 file changed, 1 insertion(+), 1 deletion(-)
> > > 
> > > diff --git a/meta/recipes-core/libxml/libxml2_2.9.14.bb 
> > > b/meta/recipes-core/libxml/libxml2_2.9.14.bb
> > > index 2b2289e38a6..165c92d4114 100644
> > > --- a/meta/recipes-core/libxml/libxml2_2.9.14.bb
> > > +++ b/meta/recipes-core/libxml/libxml2_2.9.14.bb
> > > @@ -121,7 +121,7 @@ do_install:append:class-native () {
> > >   # Docs are not needed in the native case
> > >   rm ${D}${datadir}/gtk-doc -rf
> > >  
> > > - create_wrapper ${D}${bindir}/xmllint 
> > > XML_CATALOG_FILES=${sysconfdir}/xml/catalog
> > > + create_wrapper ${D}${bindir}/xmllint 
> > > 'XML_CATALOG_FILES=${XML_CATALOG_FILES:-${sysconfdir}/xml/catalog}'
> > >  }
> > 
> > https://autobuilder.yoctoproject.org/typhoon/#/builders/69/builds/5823/steps/24/logs/stdio
> 
> 
> Dependency on variable 
> XML_CATALOG_FILES:-/media/build1/poky/build-st-282284/tmp-sstatesamehash/work/x86_64-linux/libxml2-native/2.9.14-r0/recipe-sysroot-native/etc/xml/catalog
>  was added
> Dependency on Variable 
> XML_CATALOG_FILES:-/media/build1/poky/build-st-282284/tmp-sstatesamehash2/work/x86_64-linux/libxml2-native/2.9.14-r0/recipe-sysroot-native/etc/xml/catalog
>  was removed
> 
> i.e. it is expanding the variable in the keyname!

I tweaked the patch to exclude this variable for now. We probably need
to think a bit more about what bitbake is considering a variable name
though...

Cheers,

Richard

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170534): 
https://lists.openembedded.org/g/openembedded-core/message/170534
Mute This Topic: https://lists.openembedded.org/mt/93577134/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 1/1] watchdog: Remove unneeded tirpc dependency

[Paulo Neves]

watchdog code does not have any dependency on rpc code,
therefore the dependency and flags to try to use it are
removed.

Signed-off-by: Paulo Neves 
---
 meta/recipes-extended/watchdog/watchdog_5.16.bb | 4 
 1 file changed, 4 deletions(-)

diff --git a/meta/recipes-extended/watchdog/watchdog_5.16.bb 
b/meta/recipes-extended/watchdog/watchdog_5.16.bb
index 26fcc10487..6031dcaa16 100644
--- a/meta/recipes-extended/watchdog/watchdog_5.16.bb
+++ b/meta/recipes-extended/watchdog/watchdog_5.16.bb
@@ -28,10 +28,6 @@ UPSTREAM_CHECK_REGEX = "/watchdog/(?P(\d+[\.\-_]*)+)/"
 
 inherit autotools update-rc.d systemd pkgconfig
 
-DEPENDS += "libtirpc"
-CFLAGS += "-I${STAGING_INCDIR}/tirpc"
-LDFLAGS += "-ltirpc"
-
 EXTRA_OECONF += " --disable-nfs "
 CACHED_CONFIGUREVARS += "ac_cv_path_PATH_SENDMAIL=${sbindir}/sendmail"
 
-- 
2.25.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170533): 
https://lists.openembedded.org/g/openembedded-core/message/170533
Mute This Topic: https://lists.openembedded.org/mt/93628579/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH v4] rust: Use libc++ runtime when using clang with llvm runtime

[Khem Raj]

meta-clang has options when it comes to C++ runtime, default is to use
gnu runtime, other options are llvm runtime and android runtime. This
patch helps when a distro is using llvm runtime for C/C++ runtime. It
informs the rust build system about right C++ runtime to configure for
when such a setting is used.

Signed-off-by: Khem Raj 
---
v2: Rebase now that 1.63 is in
v3: Use renamed variable RUNTIME -> TC_CXX_RUNTIME
v4: Remove True from d.getVar

 meta/recipes-devtools/rust/rust.inc | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta/recipes-devtools/rust/rust.inc 
b/meta/recipes-devtools/rust/rust.inc
index a33eb00e25..956301023a 100644
--- a/meta/recipes-devtools/rust/rust.inc
+++ b/meta/recipes-devtools/rust/rust.inc
@@ -110,6 +110,8 @@ python do_configure() {
 # [llvm]
 config.add_section("llvm")
 config.set("llvm", "static-libstdcpp", e(False))
+if "llvm" in (d.getVar('TC_CXX_RUNTIME') or ""):
+config.set("llvm", "use-libcxx", e(True))
 
 # [rust]
 config.add_section("rust")
-- 
2.37.3


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170532): 
https://lists.openembedded.org/g/openembedded-core/message/170532
Mute This Topic: https://lists.openembedded.org/mt/93627908/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 6/7] python3-rfc3986-validator: switch from SRC_URI:append to SRC_URI +=

[Mikko Rapeli]

The :append can not be removed via bbappends if needed. Thus it's better
for open source layers to use += append if possible.

Signed-off-by: Mikko Rapeli 
---
 meta/recipes-devtools/python/python3-rfc3986-validator_0.1.1.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-devtools/python/python3-rfc3986-validator_0.1.1.bb 
b/meta/recipes-devtools/python/python3-rfc3986-validator_0.1.1.bb
index 4abd181acf..e374979cb4 100644
--- a/meta/recipes-devtools/python/python3-rfc3986-validator_0.1.1.bb
+++ b/meta/recipes-devtools/python/python3-rfc3986-validator_0.1.1.bb
@@ -13,7 +13,7 @@ UPSTREAM_CHECK_REGEX = 
"/rfc3986-validator/(?P(\d+[\.\-_]*)+)/"
 
 inherit pypi setuptools3
 
-SRC_URI:append = " \
+SRC_URI += "\
 file://0001-setup.py-move-pytest-runner-to-test_requirements.patch \
 "
 
-- 
2.17.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170530): 
https://lists.openembedded.org/g/openembedded-core/message/170530
Mute This Topic: https://lists.openembedded.org/mt/93627853/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 5/7] go-native: switch from SRC_URI:append to SRC_URI +=

[Mikko Rapeli]

The :append can not be removed if needed in other layers.

Signed-off-by: Mikko Rapeli 
---
 meta/recipes-devtools/go/go-native_1.19.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-devtools/go/go-native_1.19.bb 
b/meta/recipes-devtools/go/go-native_1.19.bb
index 76c0ab73a6..ddf25b2c9b 100644
--- a/meta/recipes-devtools/go/go-native_1.19.bb
+++ b/meta/recipes-devtools/go/go-native_1.19.bb
@@ -5,7 +5,7 @@ require go-${PV}.inc
 
 inherit native
 
-SRC_URI:append = " 
https://dl.google.com/go/go1.4-bootstrap-20171003.tar.gz;name=bootstrap;subdir=go1.4;
+SRC_URI += 
"https://dl.google.com/go/go1.4-bootstrap-20171003.tar.gz;name=bootstrap;subdir=go1.4;
 SRC_URI[bootstrap.sha256sum] = 
"f4ff5b5eb3a3cae1c993723f3eab519c5bae18866b5e5f96fe1102f0cb5c3e52"
 
 export GOOS = "${BUILD_GOOS}"
-- 
2.17.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170529): 
https://lists.openembedded.org/g/openembedded-core/message/170529
Mute This Topic: https://lists.openembedded.org/mt/93627851/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 7/7] linux-libc-headers: switch from SRC_URI:append to SRC_URI +=

[Mikko Rapeli]

The :append can not be removed via bbappends in custom layers so it's
better to use += appends when ever possible.

Signed-off-by: Mikko Rapeli 
---
 .../linux-libc-headers/linux-libc-headers_5.19.bb   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-kernel/linux-libc-headers/linux-libc-headers_5.19.bb 
b/meta/recipes-kernel/linux-libc-headers/linux-libc-headers_5.19.bb
index 528e1d3379..3557526d14 100644
--- a/meta/recipes-kernel/linux-libc-headers/linux-libc-headers_5.19.bb
+++ b/meta/recipes-kernel/linux-libc-headers/linux-libc-headers_5.19.bb
@@ -7,7 +7,7 @@ SRC_URI:append:libc-musl = "\
 file://0001-include-linux-stddef.h-in-swab.h-uapi-header.patch \
"
 
-SRC_URI:append = "\
+SRC_URI += "\
 file://0001-scripts-Use-fixed-input-and-output-files-instead-of-.patch \
 file://0001-kbuild-install_headers.sh-Strip-_UAPI-from-if-define.patch \
 "
-- 
2.17.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170531): 
https://lists.openembedded.org/g/openembedded-core/message/170531
Mute This Topic: https://lists.openembedded.org/mt/93627855/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 4/7] glibc-tests: use += instead of :append

[Mikko Rapeli]

:append can not be modified in bbappends and thus += is
better in re-usable, generic layers and recipes.

Signed-off-by: Mikko Rapeli 
---
 meta/recipes-core/glibc/glibc-tests_2.36.bb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-core/glibc/glibc-tests_2.36.bb 
b/meta/recipes-core/glibc/glibc-tests_2.36.bb
index aca9675ebb..c71c0831c6 100644
--- a/meta/recipes-core/glibc/glibc-tests_2.36.bb
+++ b/meta/recipes-core/glibc/glibc-tests_2.36.bb
@@ -4,7 +4,7 @@ require glibc-tests.inc
 inherit ptest features_check
 REQUIRED_DISTRO_FEATURES = "ptest"
 
-SRC_URI:append = " \
+SRC_URI += "\
file://run-ptest \
 "
 
@@ -29,7 +29,7 @@ python __anonymous() {
 RPROVIDES:${PN} = "${PN}"
 RRECOMMENDS:${PN} = ""
 RDEPENDS:${PN} = " glibc sed"
-DEPENDS:append = " sed"
+DEPENDS += "sed"
 
 export oe_srcdir="${exec_prefix}/src/debug/glibc/${PV}/"
 
-- 
2.17.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170528): 
https://lists.openembedded.org/g/openembedded-core/message/170528
Mute This Topic: https://lists.openembedded.org/mt/93627849/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 3/7] u-boot: switch from append to += in SRC_URI

[Mikko Rapeli]

+= allows custom layers to change the SRC_URI e.g. when
updating the whole recipe to newer u-boot version.
With :append, there is no way to change the variable
from a bbappend.

Signed-off-by: Mikko Rapeli 
---
 meta/recipes-bsp/u-boot/u-boot_2022.07.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-bsp/u-boot/u-boot_2022.07.bb 
b/meta/recipes-bsp/u-boot/u-boot_2022.07.bb
index 0d2464d74b..1ae575790c 100644
--- a/meta/recipes-bsp/u-boot/u-boot_2022.07.bb
+++ b/meta/recipes-bsp/u-boot/u-boot_2022.07.bb
@@ -1,7 +1,7 @@
 require u-boot-common.inc
 require u-boot.inc
 
-SRC_URI:append = " file://0001-riscv32-Use-double-float-ABI-for-rv32.patch \
+SRC_URI +=   " file://0001-riscv32-Use-double-float-ABI-for-rv32.patch \
file://0001-riscv-fix-build-with-binutils-2.38.patch \
  "
 
-- 
2.17.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170527): 
https://lists.openembedded.org/g/openembedded-core/message/170527
Mute This Topic: https://lists.openembedded.org/mt/93627847/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 2/7] kernel-dev/common.rst: remove SRC_URI:append from examples

[Mikko Rapeli]

It's better to use SRC_URI += to append patches etc. If anything
is added via :append, that can no longer be removed at all.
If common, re-usable layers use SRC_URI:append, then users can
not change those patches or SRC_URI entries without completely
replacing the recipe with a copy in their own layer. Thus
+= is better.

Signed-off-by: Mikko Rapeli 
---
 documentation/kernel-dev/common.rst | 12 ++--
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/documentation/kernel-dev/common.rst 
b/documentation/kernel-dev/common.rst
index 16ef6453bd..fb8d7cd029 100644
--- a/documentation/kernel-dev/common.rst
+++ b/documentation/kernel-dev/common.rst
@@ -360,9 +360,9 @@ home directory:
 
   FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"
 
-  SRC_URI:append = " file://patch-file-one.patch"
-  SRC_URI:append = " file://patch-file-two.patch"
-  SRC_URI:append = " file://patch-file-three.patch"
+  SRC_URI += "file://patch-file-one.patch"
+  SRC_URI += "file://patch-file-two.patch"
+  SRC_URI += "file://patch-file-three.patch"
 
The :term:`FILESEXTRAPATHS` and :term:`SRC_URI` statements
enable the OpenEmbedded build system to find patch files. For more
@@ -1002,7 +1002,7 @@ Section.
contents::
 
   FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"
-  SRC_URI:append = " 
file://0001-calibrate.c-Added-some-printk-statements.patch"
+  SRC_URI += "file://0001-calibrate.c-Added-some-printk-statements.patch"
 
The :term:`FILESEXTRAPATHS` and :term:`SRC_URI` statements
enable the OpenEmbedded build system to find the patch file.
@@ -1875,7 +1875,7 @@ build.
 2. *Add the Feature File to SRC_URI:* Add the ``.scc`` file to the
recipe's :term:`SRC_URI` statement::
 
-  SRC_URI:append = " file://test.scc"
+  SRC_URI += "file://test.scc"
 
The leading space before the path is important as the path is
appended to the existing path.
@@ -1884,7 +1884,7 @@ build.
:term:`KERNEL_FEATURES` statement to specify the feature as a kernel
feature::
 
-  KERNEL_FEATURES:append = " test.scc"
+  KERNEL_FEATURES += "test.scc"
 
The OpenEmbedded build
system processes the kernel feature when it builds the kernel.
-- 
2.17.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170526): 
https://lists.openembedded.org/g/openembedded-core/message/170526
Mute This Topic: https://lists.openembedded.org/mt/93627845/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 1/7] common-tasks.rst: remove SRC_URI:append from examples

[Mikko Rapeli]

Using SRC_URI:append without recipe, machine or architecture
specific limitations makes the :append'ed text unremovable
and thus users and custom layers can not change the variable
anymore. This makes it hard to e.g. override SRC_URI completely
in a bbappend to update the full recipe to a newer version.
Thus common, reusable layers which users are meant to re-use and
customize should not use SRC_URI:append but SRC_URI += instead.

Signed-off-by: Mikko Rapeli 
---
 documentation/dev-manual/common-tasks.rst | 9 +
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/documentation/dev-manual/common-tasks.rst 
b/documentation/dev-manual/common-tasks.rst
index b08a55331d..3112f9b893 100644
--- a/documentation/dev-manual/common-tasks.rst
+++ b/documentation/dev-manual/common-tasks.rst
@@ -2577,7 +2577,7 @@ chapter of the BitBake User Manual.
 
   S = "${WORKDIR}/postfix-${PV}"
   CFLAGS += "-DNO_ASM"
-  SRC_URI:append = " file://fixup.patch"
+  CFLAGS:append = " --enable-important-feature"
 
 -  *Functions:* Functions provide a series of actions to be performed.
You usually use functions to override the default implementation of a
@@ -2708,19 +2708,20 @@ in the BitBake User Manual.
to existing variables. This operator does not add any additional
space. Also, the operator is applied after all the ``+=``, and ``=+``
operators have been applied and after all ``=`` assignments have
-   occurred.
+   occurred. This means that if ``:append`` is used, that text can not be
+   removed.
 
The following example shows the space being explicitly added to the
start to ensure the appended value is not merged with the existing
value::
 
-  SRC_URI:append = " file://fix-makefile.patch"
+  CFLAGS:append = " --enable-important-feature"
 
You can also use
the ``:append`` operator with overrides, which results in the actions
only being performed for the specified target or machine::
 
-  SRC_URI:append:sh4 = " file://fix-makefile.patch"
+  CFLAGS:append:sh4 = " --enable-important-sh4-specific-feature"
 
 -  *Prepending (:prepend):* Use the ``:prepend`` operator to prepend
values to existing variables. This operator does not add any
-- 
2.17.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170525): 
https://lists.openembedded.org/g/openembedded-core/message/170525
Mute This Topic: https://lists.openembedded.org/mt/93627843/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH v3] rust: Use libc++ runtime when using clang with llvm runtime

[Richard Purdie]

On Sun, 2022-09-11 at 16:28 -0700, Khem Raj wrote:
> meta-clang has options when it comes to C++ runtime, default is to use
> gnu runtime, other options are llvm runtime and android runtime. This
> patch helps when a distro is using llvm runtime for C/C++ runtime. It
> informs the rust build system about right C++ runtime to configure for
> when such a setting is used.
> 
> Signed-off-by: Khem Raj 
> ---
> v2: Rebase now that 1.63 is in
> v3: Use renamed variable RUNTIME -> TC_CXX_RUNTIME
> 
>  meta/recipes-devtools/rust/rust.inc | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/meta/recipes-devtools/rust/rust.inc 
> b/meta/recipes-devtools/rust/rust.inc
> index a33eb00e25..4e78b5ea6f 100644
> --- a/meta/recipes-devtools/rust/rust.inc
> +++ b/meta/recipes-devtools/rust/rust.inc
> @@ -110,6 +110,8 @@ python do_configure() {
>  # [llvm]
>  config.add_section("llvm")
>  config.set("llvm", "static-libstdcpp", e(False))
> +if "llvm" in (d.getVar('TC_CXX_RUNTIME', True) or ""):
> +config.set("llvm", "use-libcxx", e(True))
>  
>  # [rust]
>  config.add_section("rust")

We can drop the True from the getVar as expansion is the default.

Cheers,

Richard


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#170524): 
https://lists.openembedded.org/g/openembedded-core/message/170524
Mute This Topic: https://lists.openembedded.org/mt/93622867/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-