[OE-core] [PATCH] llvm: remove libLTO.so.*

2023-08-20 Thread Kai Kang 
From: Kai Kang 

Remove libLTO.so.* from llvm which should be provided by clang and
packaged to llvm-linker-tools. It could avoids the error:

ERROR: clang-16.0.6-r0 do_create_spdx: The recipe clang is trying to
   install files into a shared area when those files already exist.
   Those files and their manifest location are:
  /path_to/tmp/deploy/spdx/core2-64/packages/liblto16.spdx.json
(matched in manifest-core2-64-llvm.create_spdx)
Please verify which recipe should provide the above files.

Signed-off-by: Kai Kang 
---
 meta/recipes-devtools/llvm/llvm_git.bb | 12 ++--
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/meta/recipes-devtools/llvm/llvm_git.bb 
b/meta/recipes-devtools/llvm/llvm_git.bb
index f3d6f24bd2..ce9ebfa997 100644
--- a/meta/recipes-devtools/llvm/llvm_git.bb
+++ b/meta/recipes-devtools/llvm/llvm_git.bb
@@ -106,7 +106,7 @@ do_compile() {
 
 do_install() {
 if ${@bb.utils.contains('PACKAGECONFIG', 'libllvm', 'true', 'false', d)}; 
then
-   DESTDIR=${D} ninja -v install
+DESTDIR=${D} ninja -v install
 
 # llvm harcodes usr/lib as install path, so this corrects it to actual 
libdir
 mv -T -n ${D}/${prefix}/lib ${D}/${libdir} || true
@@ -117,6 +117,10 @@ do_install() {
 
 # reproducibility
 sed -i -e 's,${WORKDIR},,g' ${D}/${libdir}/cmake/llvm/LLVMConfig.cmake
+
+# remove libLTO.so.* which should be provided by clang and packaged to
+# llvm-linker-tools
+rm -f ${D}/${libdir}/libLTO.so.*
 fi
 }
 
@@ -134,7 +138,7 @@ llvm_sysroot_preprocess() {
ln -sf llvm-config 
${SYSROOT_DESTDIR}${bindir_crossscripts}/llvm-config${PV}
 }
 
-PACKAGES =+ "${PN}-bugpointpasses ${PN}-llvmhello ${PN}-libllvm 
${PN}-liboptremarks ${PN}-liblto"
+PACKAGES =+ "${PN}-bugpointpasses ${PN}-llvmhello ${PN}-libllvm 
${PN}-liboptremarks"
 
 RRECOMMENDS:${PN}-dev += "${PN}-bugpointpasses ${PN}-llvmhello 
${PN}-liboptremarks"
 
@@ -146,10 +150,6 @@ FILES:${PN}-libllvm = "\
 ${libdir}/libLLVM-${MAJOR_VERSION}.so \
 "
 
-FILES:${PN}-liblto += "\
-${libdir}/libLTO.so.* \
-"
-
 FILES:${PN}-liboptremarks += "\
 ${libdir}/libRemarks.so.* \
 "
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#186419): 
https://lists.openembedded.org/g/openembedded-core/message/186419
Mute This Topic: https://lists.openembedded.org/mt/100866486/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [qa-build-notification] QA notification for completed autobuilder build (yocto-4.2.3.rc1)

2023-08-20 Thread Jing Hui Tham 
Hi all,
 
Intel and WR YP QA is planning for QA execution for YP build yocto-4.2.3.rc1. 
We are planning to execute following tests for this cycle:
 
OEQA-manual tests for following module:
1. OE-Core
2. BSP-hw
 
Runtime auto test for following platforms:
1. MinnowBoard Turbot - 32bit
2. Kaby Lake (7th Generation Intel(r) Core(tm) Processors)
3. Tiger Lake (11th Generation Intel(r) Core(tm) Processors)
4. Alder Lake-S (12th Generation Intel(r) Core(tm) Processors)
5. Raptor Lake-P (13th Generation Intel(r) Core(tm) Processors)
6. Edgerouter
7. Beaglebone

 
ETA for completion Thursday, 24 August.
 
Best regards,
Jing Hui


> -Original Message-
> From: qa-build-notificat...@lists.yoctoproject.org  notificat...@lists.yoctoproject.org> On Behalf Of Pokybuild User
> Sent: Saturday, August 19, 2023 2:12 PM
> To: yo...@lists.yoctoproject.org
> Cc: qa-build-notificat...@lists.yoctoproject.org
> Subject: [qa-build-notification] QA notification for completed autobuilder
> build (yocto-4.2.3.rc1)
> 
> 
> A build flagged for QA (yocto-4.2.3.rc1) was completed on the autobuilder
> and is available at:
> 
> 
> https://autobuilder.yocto.io/pub/releases/yocto-4.2.3.rc1
> 
> 
> Build hash information:
> 
> bitbake: 08033b63ae442c774bd3fce62844eac23e6882d7
> meta-agl: 2b1679097d7b5df438481d7966377a6c0545c156
> meta-arm: 85b0e80e7d6d58bb6aaae6edf88476b9e07d3313
> meta-aws: 7cca28f6e03f3043663c2ad54527c63826a7cb9f
> meta-intel: d24a6fae0229b6b4e79f6e796069c56d435c8ac3
> meta-mingw: 92258028e1b5664a9f832541d5c4f6de0bd05e07
> meta-openembedded: 75cf318cef3b4ee81fad2782cf063ecd69ba8842
> meta-virtualization: b8a964fc30de6dfd5a04d3ac57428809526d29f4
> oecore: 7e3489c0c5970389c8a239dc7b367bcadf554eb5
> poky: aa63b25cbe25d89ab07ca11ee72c17cab68df8de
> 
> 
> 
> This is an automated message from the Yocto Project Autobuilder
> Git: git://git.yoctoproject.org/yocto-autobuilder2
> Email: richard.pur...@linuxfoundation.org
> 
> 
> 
> 
> 
> 
> 


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#186418): 
https://lists.openembedded.org/g/openembedded-core/message/186418
Mute This Topic: https://lists.openembedded.org/mt/100866083/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [dunfell][patch] tiff: CVE-2022-3599.patch also fix CVE-2022-4645 CVE-2023-30774

2023-08-20 Thread Lee Chee Yang 
From: Chee Yang Lee 

The same patch also fix CVE-2022-4645 CVE-2023-30774
CVE-2022-4645 - https://gitlab.com/libtiff/libtiff/-/issues/277
CVE-2023-30774 - https://gitlab.com/libtiff/libtiff/-/issues/463

Signed-off-by: Chee Yang Lee 
---
 meta/recipes-multimedia/libtiff/files/CVE-2022-3599.patch | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2022-3599.patch 
b/meta/recipes-multimedia/libtiff/files/CVE-2022-3599.patch
index 9689a99638..b3232d9002 100644
--- a/meta/recipes-multimedia/libtiff/files/CVE-2022-3599.patch
+++ b/meta/recipes-multimedia/libtiff/files/CVE-2022-3599.patch
@@ -4,7 +4,7 @@ Date: Tue, 30 Aug 2022 16:56:48 +0200
 Subject: [PATCH] Revised handling of TIFFTAG_INKNAMES and related
 
 Upstream-Status: Backport [import from debian 
http://security.debian.org/debian-security/pool/updates/main/t/tiff/tiff_4.1.0+git191117-2~deb10u7.debian.tar.xz
 ]
-CVE: CVE-2022-3599
+CVE: CVE-2022-3599 CVE-2022-4645 CVE-2023-30774
 Signed-off-by: Chee Yang Lee 
 
 Origin: 
https://gitlab.com/libtiff/libtiff/-/commit/e813112545942107551433d61afd16ac094ff246
-- 
2.37.3


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#186417): 
https://lists.openembedded.org/g/openembedded-core/message/186417
Mute This Topic: https://lists.openembedded.org/mt/100865702/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core][mickledore 00/18] Patch review

2023-08-20 Thread Bruce Ashfield 
On Fri, Aug 18, 2023 at 6:37 PM Paul Gortmaker via
lists.openembedded.org
 wrote:
>
> [Re: [OE-core][mickledore 00/18] Patch review] On 17/08/2023 (Thu 23:17) Paul 
> Gortmaker via lists.openembedded.org wrote:
>
> > [Re: [OE-core][mickledore 00/18] Patch review] On 16/08/2023 (Wed 07:50) 
> > Steve Sakoman via lists.openembedded.org wrote:
> >
> > > On Tue, Aug 15, 2023 at 6:24???AM Steve Sakoman via
> > > lists.openembedded.org 
> > > wrote:
> > > >
> > > > Please review this set of changes for mickledore and have comments back 
> > > > by
> > > > end of day Thursday, August 17.
> >
> > [...]
> >
> > > > Bruce Ashfield (2):
> > > >   linux-yocto/6.1: update to v6.1.41
> > > >   linux-yocto/6.1: update to v6.1.43
> > >
> > > I'm seeing intermittent failures with these 6.1 "stable" version bumps
> > > (issues are also seen in master).
> > >
> > > So I am dropping these for now till we can fix the problem.
> >
> > aka "NOHZ tick-stop error: local softirq work is pending, handler #80!!!"
> >
> > For those not on IRC, the "cause" was tracked down to a v6.1.39 change:
> >
> > https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/releases/6.1.39/tick-rcu-fix-bogus-ratelimit-condition.patch
> >
> > [linux-stable commit ID 77cc52f1b8d7 in v6.1]
> >
> > The bad news - when you look at that commit, you realize the softirq-80
> > problem has been there for an as-yet undetermined length of time, but
> > was never output because of the bogus/broken "less than 10" check.
> >
> > The "less than 10" was introduced in v5.18, so that sets a lower bound,
> > but I've not yet tested if the pending-80 was there immediately at 5.18
> > or appeared somewhere between v5.18 and v6.1 - stay tuned.
>
> For the mail archives - it turns out the issue was there immediately at
> v5.18, based on my testing results. - I'm optimistic (for once) that we
> have this softirq-80 issue solved.  But we'll have to wait and see.

To keep everyone in the loop, I'm obviously aware of paul's fix, and I'm
letting it sit upstream briefly, and will cherry pick it to everything post
5.18 if it doesn't merge quickly enough.

Bruce

>
> If folks are interested, more details are in the commit log here:
>
> https://lore.kernel.org/lkml/20230818200757.1808398-1-paul.gortma...@windriver.com/
>
> Paul.
> --
>
> >
> > The same change/issue 1st appears in v6.4.4 stable kernel [7fe63c29cb].
> >
> > Paul.
> > --
> >
> > >
> > > I reran a-full without the version bumps and all tests passed:
> > >
> > > https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5742
> > >
> > > Steve
> > >
> > > > Dmitry Baryshkov (1):
> > > >   linux-firmware: split platform-specific Adreno shaders to separate
> > > > packages
> > > >
> > > > Joel Stanley (1):
> > > >   kernel: don't fail if Modules.symvers doesn't exist
> > > >
> > > > Marek Vasut (1):
> > > >   linux-firmware: Fix mediatek mt7601u firmware path
> > > >
> > > > Mark Hatle (1):
> > > >   tcf-agent: Update to 1.8.0 release
> > > >
> > > > Richard Purdie (1):
> > > >   oeqa/ssh: Further improve process exit handling
> > > >
> > > > Ross Burton (1):
> > > >   openssh: upgrade to 9.3p2
> > > >
> > > > Sudip Mukherjee (1):
> > > >   bind: upgrade to v9.18.17
> > > >
> > > > Yogita Urade (3):
> > > >   qemu: fix CVE-2023-3301
> > > >   qemu: fix CVE-2023-3255
> > > >   qemu: fix CVE-2023-2861
> > > >
> > > > sanjana (1):
> > > >   binutils: stable 2.40 branch updates
> > > >
> > > >  meta/classes-recipe/kernel.bbclass|   4 +-
> > > >  meta/conf/distro/include/maintainers.inc  |   2 +-
> > > >  meta/lib/oeqa/core/target/ssh.py  |   5 +-
> > > >  ...1-avoid-start-failure-with-bind-user.patch |   0
> > > >  ...d-V-and-start-log-hide-build-options.patch |   0
> > > >  ...ching-for-json-headers-searches-sysr.patch |   0
> > > >  .../bind/{bind-9.18.16 => bind}/bind9 |   0
> > > >  .../bind/{bind-9.18.16 => bind}/conf.patch|   0
> > > >  .../generate-rndc-key.sh  |   0
> > > >  ...t.d-add-support-for-read-only-rootfs.patch |   0
> > > >  .../make-etc-initd-bind-stop-work.patch   |   0
> > > >  .../bind/{bind-9.18.16 => bind}/named.service |   0
> > > >  .../bind/{bind_9.18.16.bb => bind_9.18.17.bb} |   4 +-
> > > >  .../{openssh_9.3p1.bb => openssh_9.3p2.bb}|   2 +-
> > > >  meta/recipes-core/glibc/glibc-locale.inc  |   8 +-
> > > >  .../binutils/binutils-2.40.inc|   2 +-
> > > >  meta/recipes-devtools/qemu/qemu.inc   |   3 +
> > > >  .../qemu/qemu/CVE-2023-2861.patch | 171 ++
> > > >  .../qemu/qemu/CVE-2023-3255.patch |  65 +++
> > > >  .../qemu/qemu/CVE-2023-3301.patch |  65 +++
> > > >  .../tcf-agent/tcf-agent_git.bb|   4 +-
> > > >  .../linux-firmware/linux-firmware_20230625.bb |  28 ++-
> > > >  .../linux/linux-yocto-rt_6.1.bb   |   6 +-
> > > >  .../linux/linux-yocto-tiny_6.1.bb |   6 +-
> > >

Re: [OE-core] OE-core CVE metrics for master on Sun 20 Aug 2023 01:00:01 AM HST

2023-08-20 Thread Steve Sakoman 
On Sun, Aug 20, 2023 at 7:30 AM Khem Raj  wrote:
>
> On Sun, Aug 20, 2023 at 4:19 AM Steve Sakoman  wrote:
> >
> > Branch: master
> >
> > New this week: 3 CVEs
> > CVE-2023-0687 (CVSS3: 9.8 CRITICAL): glibc 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0687 *
>
> We are at 2.38 release on master and this release contains
> https://sourceware.org/git/?p=glibc.git;a=commit;h=801af9fafd4689337ebf27260aa115335a0cb2bc
> which fixes this problem. So I wonder why it appears in the scan here ?

Here is the note associated with this CVE:

"** DISPUTED ** A vulnerability was found in GNU C Library 2.38. It
has been declared as critical. This vulnerability affects the function
__monstartup of the file gmon.c of the component Call Graph Monitor.
The manipulation leads to buffer overflow. It is recommended to apply
a patch to fix this issue. VDB-220246 is the identifier assigned to
this vulnerability. NOTE: The real existence of this vulnerability is
still doubted at the moment. The inputs that induce this vulnerability
are basically addresses of the running application that is built with
gmon enabled. It's basically trusted input or input that needs an
actual security flaw to be compromised or controlled."

Steve
>
> > CVE-2023-4128 (CVSS3: 7.8 HIGH): linux-yocto 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4128 *
> > CVE-2023-4147 (CVSS3: 7.8 HIGH): linux-yocto 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4147 *
> >
> > Removed this week: 15 CVEs
> > CVE-2022-3533 (CVSS3: 5.7 MEDIUM): linux-yocto 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3533 *
> > CVE-2022-3606 (CVSS3: 5.5 MEDIUM): linux-yocto 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3606 *
> > CVE-2023-0160 (CVSS3: 5.5 MEDIUM): linux-yocto 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0160 *
> > CVE-2023-2176 (CVSS3: 7.8 HIGH): linux-yocto 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2176 *
> > CVE-2023-23039 (CVSS3: 5.7 MEDIUM): linux-yocto 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-23039 *
> > CVE-2023-2430 (CVSS3: 5.5 MEDIUM): linux-yocto 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2430 *
> > CVE-2023-2975 (CVSS3: 5.3 MEDIUM): openssl:openssl-native 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2975 *
> > CVE-2023-3446 (CVSS3: 5.3 MEDIUM): openssl:openssl-native 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3446 *
> > CVE-2023-35827 (CVSS3: 7.0 HIGH): linux-yocto 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-35827 *
> > CVE-2023-3618 (CVSS3: 6.5 MEDIUM): tiff 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3618 *
> > CVE-2023-37453 (CVSS3: 4.6 MEDIUM): linux-yocto 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37453 *
> > CVE-2023-37454 (CVSS3: 5.5 MEDIUM): linux-yocto 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37454 *
> > CVE-2023-3817 (CVSS3: 5.3 MEDIUM): openssl:openssl-native 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3817 *
> > CVE-2023-4132 (CVSS3: 5.5 MEDIUM): linux-yocto 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4132 *
> > CVE-2023-4133 (CVSS3: 5.5 MEDIUM): linux-yocto 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4133 *
> >
> > Full list:  Found 29 unpatched CVEs
> > CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 *
> > CVE-2021-3714 (CVSS3: 7.5 HIGH): linux-yocto 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3714 *
> > CVE-2021-3864 (CVSS3: 7.0 HIGH): linux-yocto 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3864 *
> > CVE-2022-0400 (CVSS3: 7.5 HIGH): linux-yocto 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0400 *
> > CVE-2022-1247 (CVSS3: 7.0 HIGH): linux-yocto 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1247 *
> > CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 *
> > CVE-2022-33065 (CVSS3: 7.8 HIGH): libsndfile1 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-33065 *
> > CVE-2022-36402 (CVSS3: 5.5 MEDIUM): linux-yocto 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36402 *
> > CVE-2022-38096 (CVSS3: 5.5 MEDIUM): linux-yocto 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38096 *
> > CVE-2022-4543 (CVSS3: 5.5 MEDIUM): linux-yocto 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4543 *
> > CVE-2022-46456 (CVSS3: 6.1 MEDIUM): nasm:nasm-native 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46456 *
> > CVE-2023-0687 (CVSS3: 9.8 CRITICAL): glibc 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0687 *
> > CVE-2023-1206 (CVSS3: 5.7 MEDIUM): linux-yocto 
> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1206 *
> > CVE-2023-1386

Re: [OE-core] OE-core CVE metrics for master on Sun 20 Aug 2023 01:00:01 AM HST

2023-08-20 Thread Khem Raj 
On Sun, Aug 20, 2023 at 4:19 AM Steve Sakoman  wrote:
>
> Branch: master
>
> New this week: 3 CVEs
> CVE-2023-0687 (CVSS3: 9.8 CRITICAL): glibc 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0687 *

We are at 2.38 release on master and this release contains
https://sourceware.org/git/?p=glibc.git;a=commit;h=801af9fafd4689337ebf27260aa115335a0cb2bc
which fixes this problem. So I wonder why it appears in the scan here ?

> CVE-2023-4128 (CVSS3: 7.8 HIGH): linux-yocto 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4128 *
> CVE-2023-4147 (CVSS3: 7.8 HIGH): linux-yocto 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4147 *
>
> Removed this week: 15 CVEs
> CVE-2022-3533 (CVSS3: 5.7 MEDIUM): linux-yocto 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3533 *
> CVE-2022-3606 (CVSS3: 5.5 MEDIUM): linux-yocto 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3606 *
> CVE-2023-0160 (CVSS3: 5.5 MEDIUM): linux-yocto 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0160 *
> CVE-2023-2176 (CVSS3: 7.8 HIGH): linux-yocto 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2176 *
> CVE-2023-23039 (CVSS3: 5.7 MEDIUM): linux-yocto 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-23039 *
> CVE-2023-2430 (CVSS3: 5.5 MEDIUM): linux-yocto 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2430 *
> CVE-2023-2975 (CVSS3: 5.3 MEDIUM): openssl:openssl-native 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2975 *
> CVE-2023-3446 (CVSS3: 5.3 MEDIUM): openssl:openssl-native 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3446 *
> CVE-2023-35827 (CVSS3: 7.0 HIGH): linux-yocto 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-35827 *
> CVE-2023-3618 (CVSS3: 6.5 MEDIUM): tiff 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3618 *
> CVE-2023-37453 (CVSS3: 4.6 MEDIUM): linux-yocto 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37453 *
> CVE-2023-37454 (CVSS3: 5.5 MEDIUM): linux-yocto 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37454 *
> CVE-2023-3817 (CVSS3: 5.3 MEDIUM): openssl:openssl-native 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3817 *
> CVE-2023-4132 (CVSS3: 5.5 MEDIUM): linux-yocto 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4132 *
> CVE-2023-4133 (CVSS3: 5.5 MEDIUM): linux-yocto 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4133 *
>
> Full list:  Found 29 unpatched CVEs
> CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 *
> CVE-2021-3714 (CVSS3: 7.5 HIGH): linux-yocto 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3714 *
> CVE-2021-3864 (CVSS3: 7.0 HIGH): linux-yocto 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3864 *
> CVE-2022-0400 (CVSS3: 7.5 HIGH): linux-yocto 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0400 *
> CVE-2022-1247 (CVSS3: 7.0 HIGH): linux-yocto 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1247 *
> CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 *
> CVE-2022-33065 (CVSS3: 7.8 HIGH): libsndfile1 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-33065 *
> CVE-2022-36402 (CVSS3: 5.5 MEDIUM): linux-yocto 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36402 *
> CVE-2022-38096 (CVSS3: 5.5 MEDIUM): linux-yocto 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38096 *
> CVE-2022-4543 (CVSS3: 5.5 MEDIUM): linux-yocto 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4543 *
> CVE-2022-46456 (CVSS3: 6.1 MEDIUM): nasm:nasm-native 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46456 *
> CVE-2023-0687 (CVSS3: 9.8 CRITICAL): glibc 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0687 *
> CVE-2023-1206 (CVSS3: 5.7 MEDIUM): linux-yocto 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1206 *
> CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 *
> CVE-2023-3019 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3019 *
> CVE-2023-3180 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3180 *
> CVE-2023-3354 (CVSS3: 7.5 HIGH): qemu:qemu-native:qemu-system-native 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3354 *
> CVE-2023-3640 (CVSS3: 7.8 HIGH): linux-yocto 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3640 *
> CVE-2023-36632 (CVSS3: 7.5 HIGH): python3:python3-native 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-36632 *
> CVE-2023-36664 (CVSS3: 7.8 HIGH): ghostscript 
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-36664 *
> CVE-2023-3772 (CVSS3: 4.4

Re: [oe-core][PATCHv2] gtk4: upgrade 4.10.5 -> 4.12.0

2023-08-20 Thread Markus Volk 
On Sun, Aug 20 2023 at 07:54:19 AM -07:00:00, Khem Raj 
 wrote:
Ok the cmdline looks normal what’s the install location of these 
files above


flk@intel-corei7-64:~/poky/build$ ll /usr/lib/libgcc*
lrwxrwxrwx 1 root root   17 Mar  9  2018 /usr/lib/libgccpp.so.1 -> 
libgccpp.so.1.5.0

-rwxr-xr-x 1 root root  14K Mar  9  2018 /usr/lib/libgccpp.so.1.5.0
-rw-r--r-- 1 root root  132 Mar  9  2018 /usr/lib/libgcc_s.so
-rw-r--r-- 1 root root 143K Mar  9  2018 /usr/lib/libgcc_s.so.1
flk@intel-corei7-64:~/poky/build$ ll /usr/lib/x86_64-poky-linux/13.2.0/
total 6.3M
drwxr-xr-x 1 root root  260 Mar  9  2018 .
drwxr-xr-x 1 root root   12 Mar  9  2018 ..
-rw-r--r-- 1 root root 2.5K Mar  9  2018 crtbegin.o
-rw-r--r-- 1 root root 2.8K Mar  9  2018 crtbeginS.o
-rw-r--r-- 1 root root 3.0K Mar  9  2018 crtbeginT.o
-rw-r--r-- 1 root root 1.2K Mar  9  2018 crtend.o
-rw-r--r-- 1 root root 1.2K Mar  9  2018 crtendS.o
-rw-r--r-- 1 root root 3.8K Mar  9  2018 crtfastmath.o
-rw-r--r-- 1 root root 3.5K Mar  9  2018 crtprec32.o
-rw-r--r-- 1 root root 3.5K Mar  9  2018 crtprec64.o
-rw-r--r-- 1 root root 3.5K Mar  9  2018 crtprec80.o
drwxr-xr-x 1 root root   66 Mar  9  2018 include
-rw-r--r-- 1 root root 5.7M Mar  9  2018 libgcc.a
-rw-r--r-- 1 root root 322K Mar  9  2018 libgcc_eh.a
-rw-r--r-- 1 root root 292K Mar  9  2018 libgcov.a



-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#186413): 
https://lists.openembedded.org/g/openembedded-core/message/186413
Mute This Topic: https://lists.openembedded.org/mt/100759433/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [oe-core][PATCHv2] gtk4: upgrade 4.10.5 -> 4.12.0

2023-08-20 Thread Khem Raj 
On Sat, Aug 19, 2023 at 10:24 PM Khem Raj  wrote:

> On Thu, Aug 17, 2023 at 7:49 AM Markus Volk  wrote:
> >
> > Sorry for the late reply. I was on the road yesterday.
> >
> > I can't reproduce the issue unfortunately. That's because I've been
> running my build host with a homebuilt yocto image for a couple of weeks
> now to find runtime errors (and because it gets me better hardware
> support). So far this is running very well, but I seem to have a problem
> with libgcc-initial. When I want to use the clang toolchain, libcxx-native
> aborts with:
> >
> > | /home/flk/poky/build/tmp/hosttools/ld: cannot find crtbeginS.o: No
> such file or directory
> > | /home/flk/poky/build/tmp/hosttools/ld: cannot find -lgcc: No such file
> or directory
> > | /home/flk/poky/build/tmp/hosttools/ld: cannot find -lgcc: No such file
> or directory
> > | clang-16: error: linker command failed with exit code 1 (use -v to see
> the call)
> > | ninja: build stopped: subcommand failed.


Ok the cmdline looks normal what’s the install location of these files
above



>
> while it is interesting that you are using OE based distro on your
> build host, its not a combination thats commonly tested. Especially in
> native libcxx case, its using
> clang-native with runtime from build host and I am sure thats where
> problem is perhaps some paths are being detected wrong. Clang does
> encode distro information
> into its driver. Can you post full log of failed task may be it has
> some hints. It will be also good to see the output of failing linker
> cmdline with --verbose option, it will
> show what paths clang driver is looking for runtime stuff.
>
> >
> > Will have to look into this first. So far I have no idea what is going
> on. In any case, at most I'd be able to hack this with a 'cast', but I
> don't have enough knowledge of the gtk code to find the root cause
> >
> > I think the best thing would be to create an issue at gitlab, but I'm a
> bit afraid of that because I can't help if something needs to be tested or
> if I should add more context.
> >
> > In general this is an issue that should be fixed in gcc because this
> seems to be indeed a bug.
> >
> > Short term solutions might be to add -Wno-int-conversion to the cflags
> for clang to make it less strict or to disable the experimental vulkan
> support in gtk4 by default?
> >
> > On Wed, Aug 16 2023 at 07:44:50 AM -07:00:00, Khem Raj <
> raj.k...@gmail.com> wrote:
> >
> > clang finds more errors with this upgrade
> https://errors.yoctoproject.org/Errors/Details/731552/ On Tue, Aug 15,
> 2023 at 7:52 AM Markus Volk  wrote:
> >
> > gtk.h: gtkscrollinfo.h was added, no change of license gdk.h:
> gdkpixbuf.h was deprecated, no change of license update renamed
> build-options Overview of Changes in 4.12.0, 05-08-2023
> = * List widgets: - Add scroll_to
> APIs * GtkFileLauncher: - Add an always-ask property * GtkTextView: - Make
> backspace behavior match GtkEntry * gsk: - Fix handling of luminance in
> mask nodes * Text rendering: - Automate the setting of
> gtk-hint-font-metrics from the scale factor. This improves font rendering
> in flatpaks * Wayland: - Fix behavior of stylus buttons - Support suspended
> window state * Vulkan: - Many improvements * Tools: - Add
> gtk4-rendernode-tool * Debugging: - Drop the GTK_DEBUG_TOUCHSCREEN flag *
> Build: - Some build options have been renamed: gtk_doc -> documentation
> update_screenshots -> screenshots The old names still work Overview of
> Changes in 4.11.4, 03-07-2023 = *
> GtkFileChooser: - Default to sorting folders first - Fix a crash when
> visiting recent files * GtkTextView: - Fix corner cases in word navigation
> * GtkMenuButton: - Normalize label layout * GtkDropDown: - Add support for
> sections * GtkVideo: - Make the overlay icon clickable * GtkWindow: - Clear
> the resize cursors to avoid artifacts * GtkFileDialog: - Always set
> initial-folder * GtkDropDown: - Update on expression changes *
> GtkMapListModel: - Implement GtkSectionModel * Accessibility: -
> Improvements all over the place: GtkButton, GtkPasswordEntry,
> GtkFontChooserDialog, GtkColorChooserDialog, GtkShortcutsWindow,
> GtkMenuButton, GtkAboutDialog, GtkFileChooserDialog, GtkStackSidebar,
> GtkStackSwitcher, GtkMediaControls, GtkColorDialogButton, GtkDropDown,
> GtkInfoBar, GtkNotebook, GtkPrintUnixDialog, GtkModelButton - Make name
> computation follow the ARIA spec more closely - Adapt name computation for
> the common 'nested button' scenario - Change many containers to use
> `generic` instead of `group` - Use `generic` as the default role - Use
> `application` instead of `window` for windows - Add properties for
> accessible names of not directly exposed widgets in GtkListView,
> GtkGridView and GtkColumnView * DND: - Fix criticals when drops are
> rejected * X11: - Fix regressions in GLX setup * Windows: - Center newly
> created transient windows * Vulkan: - Add

[OE-core] OE-core CVE metrics for mickledore on Sun 20 Aug 2023 04:00:01 AM HST

2023-08-20 Thread Steve Sakoman 
Branch: mickledore

New this week: 5 CVEs
CVE-2023-39533 (CVSS3: 7.5 HIGH): 
go:go-binary-native:go-cross-core2-64:go-runtime 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39533 *
CVE-2023-4128 (CVSS3: 7.8 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4128 *
CVE-2023-4147 (CVSS3: 7.8 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4147 *
CVE-2023-4194 (CVSS3: 5.5 MEDIUM): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4194 *
CVE-2023-4273 (CVSS3: 6.7 MEDIUM): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4273 *

Removed this week: 9 CVEs
CVE-2023-1989 (CVSS3: 7.0 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1989 *
CVE-2023-2828 (CVSS3: 7.5 HIGH): bind 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2828 *
CVE-2023-2829 (CVSS3: 7.5 HIGH): bind 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2829 *
CVE-2023-2911 (CVSS3: 7.5 HIGH): bind 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2911 *
CVE-2023-29406 (CVSS3: 6.5 MEDIUM): 
go:go-binary-native:go-cross-core2-64:go-runtime 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29406 *
CVE-2023-30571 (CVSS3: 5.3 MEDIUM): libarchive:libarchive-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-30571 *
CVE-2023-31436 (CVSS3: 7.8 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-31436 *
CVE-2023-3618 (CVSS3: 6.5 MEDIUM): tiff 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3618 *
CVE-2023-38408 (CVSS3: 9.8 CRITICAL): openssh 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-38408 *

Full list:  Found 125 unpatched CVEs
CVE-2015-8955 (CVSS3: 7.3 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8955 *
CVE-2018-10878 (CVSS3: 7.8 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10878 *
CVE-2020-11935 (CVSS3: 5.5 MEDIUM): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-11935 *
CVE-2020-25668 (CVSS3: 7.0 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25668 *
CVE-2020-2 (CVSS3: 6.7 MEDIUM): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2 *
CVE-2020-27815 (CVSS3: 7.8 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27815 *
CVE-2021-28972 (CVSS3: 6.7 MEDIUM): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28972 *
CVE-2021-3640 (CVSS3: 7.0 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3640 *
CVE-2021-3714 (CVSS3: 7.5 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3714 *
CVE-2021-3864 (CVSS3: 7.0 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3864 *
CVE-2021-4083 (CVSS3: 7.0 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4083 *
CVE-2022-0400 (CVSS3: 7.5 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0400 *
CVE-2022-1247 (CVSS3: 7.0 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1247 *
CVE-2022-3202 (CVSS3: 7.1 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3202 *
CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 *
CVE-2022-33065 (CVSS3: 7.8 HIGH): libsndfile1 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-33065 *
CVE-2022-3533 (CVSS3: 5.7 MEDIUM): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3533 *
CVE-2022-3606 (CVSS3: 5.5 MEDIUM): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3606 *
CVE-2022-36402 (CVSS3: 5.5 MEDIUM): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36402 *
CVE-2022-38096 (CVSS3: 5.5 MEDIUM): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38096 *
CVE-2022-3964 (CVSS3: 8.1 HIGH): ffmpeg 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3964 *
CVE-2022-3965 (CVSS3: 8.1 HIGH): ffmpeg 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3965 *
CVE-2022-41858 (CVSS3: 7.1 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-41858 *
CVE-2022-4543 (CVSS3: 5.5 MEDIUM): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4543 *
CVE-2022-46456 (CVSS3: 6.1 MEDIUM): nasm:nasm-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46456 *
CVE-2022-48425 (CVSS3: 7.8 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-48425 *
CVE-2022-48502 (CVSS3: 7.1 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-48502 *
CVE-2023-0160 (CVSS3: 5.5 MEDIUM): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0160 *
CVE-2023-0615 (CVSS3: 5.5 MEDIUM): linux-yocto

[OE-core] OE-core CVE metrics for kirkstone on Sun 20 Aug 2023 03:00:01 AM HST

2023-08-20 Thread Steve Sakoman 
Branch: kirkstone

New this week: 1 CVEs
CVE-2023-39533 (CVSS3: 7.5 HIGH): go 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39533 *

Removed this week: 4 CVEs
CVE-2023-3180 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3180 *
CVE-2023-3354 (CVSS3: 7.5 HIGH): qemu:qemu-native:qemu-system-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3354 *
CVE-2023-38559 (CVSS3: 5.5 MEDIUM): ghostscript:ghostscript-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-38559 *
CVE-2023-4016 (CVSS3: 5.5 MEDIUM): procps 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4016 *

Full list:  Found 32 unpatched CVEs
CVE-2021-35937 (CVSS3: 6.4 MEDIUM): rpm:rpm-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35937 *
CVE-2021-35938 (CVSS3: 6.7 MEDIUM): rpm:rpm-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35938 *
CVE-2021-35939 (CVSS3: 6.7 MEDIUM): rpm:rpm-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35939 *
CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 *
CVE-2022-33065 (CVSS3: 7.8 HIGH): libsndfile1 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-33065 *
CVE-2022-3515 (CVSS3: 9.8 CRITICAL): gnupg:gnupg-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3515 *
CVE-2022-3553 (CVSS3: 6.5 MEDIUM): xserver-xorg 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3553 *
CVE-2022-3563 (CVSS3: 5.7 MEDIUM): bluez5 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3563 *
CVE-2022-3637 (CVSS3: 5.5 MEDIUM): bluez5 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3637 *
CVE-2022-3872 (CVSS3: 8.6 HIGH): qemu:qemu-native:qemu-system-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3872 *
CVE-2022-3964 (CVSS3: 8.1 HIGH): ffmpeg 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3964 *
CVE-2022-3965 (CVSS3: 8.1 HIGH): ffmpeg 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3965 *
CVE-2022-4055 (CVSS3: 7.4 HIGH): xdg-utils 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4055 *
CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 *
CVE-2023-1544 (CVSS3: 6.3 MEDIUM): qemu:qemu-native:qemu-system-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1544 *
CVE-2023-1916 (CVSS3: 6.1 MEDIUM): tiff 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1916 *
CVE-2023-24532 (CVSS3: 5.3 MEDIUM): go 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24532 *
CVE-2023-27043 (CVSS3: 5.3 MEDIUM): python3:python3-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27043 *
CVE-2023-2731 (CVSS3: 5.5 MEDIUM): tiff 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2731 *
CVE-2023-2829 (CVSS3: 7.5 HIGH): bind 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2829 *
CVE-2023-2908 (CVSS3: 5.5 MEDIUM): tiff 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2908 *
CVE-2023-29403 (CVSS3: 7.8 HIGH): go 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29403 *
CVE-2023-29409 (CVSS3: 5.3 MEDIUM): go 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29409 *
CVE-2023-29491 (CVSS3: 7.8 HIGH): ncurses:ncurses-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29491 *
CVE-2023-3019 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3019 *
CVE-2023-3316 (CVSS3: 6.5 MEDIUM): tiff 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3316 *
CVE-2023-3618 (CVSS3: 6.5 MEDIUM): tiff 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3618 *
CVE-2023-37769 (CVSS3: 6.5 MEDIUM): pixman:pixman-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37769 *
CVE-2023-38560 (CVSS3: 5.5 MEDIUM): ghostscript:ghostscript-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-38560 *
CVE-2023-38633 (CVSS3: 5.5 MEDIUM): librsvg:librsvg-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-38633 *
CVE-2023-39533 (CVSS3: 7.5 HIGH): go 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39533 *
CVE-2023-4135 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4135 *

For further information see: 
https://autobuilder.yocto.io/pub/non-release/patchmetrics/

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#186410): 
https://lists.openembedded.org/g/openembedded-core/message/186410
Mute This Topic: https://lists.openembedded.org/mt/100854326/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] OE-core CVE metrics for dunfell on Sun 20 Aug 2023 02:00:01 AM HST

2023-08-20 Thread Steve Sakoman 
Branch: dunfell

New this week: 1 CVEs
CVE-2023-39533 (CVSS3: 7.5 HIGH): go:go-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39533 *

Removed this week: 15 CVEs
CVE-2021-33621 (CVSS3: 8.8 HIGH): ruby:ruby-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33621 *
CVE-2022-41409 (CVSS3: 7.5 HIGH): libpcre2:libpcre2-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-41409 *
CVE-2023-26965 (CVSS3: 5.5 MEDIUM): tiff 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-26965 *
CVE-2023-2804 (CVSS3: 6.5 MEDIUM): libjpeg-turbo:libjpeg-turbo-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2804 *
CVE-2023-2908 (CVSS3: 5.5 MEDIUM): tiff 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2908 *
CVE-2023-29406 (CVSS3: 6.5 MEDIUM): go:go-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29406 *
CVE-2023-30571 (CVSS3: 5.3 MEDIUM): libarchive:libarchive-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-30571 *
CVE-2023-30630 (CVSS3: 7.8 HIGH): dmidecode 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-30630 *
CVE-2023-3316 (CVSS3: 6.5 MEDIUM): tiff 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3316 *
CVE-2023-3354 (CVSS3: 7.5 HIGH): qemu:qemu-native:qemu-system-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3354 *
CVE-2023-3618 (CVSS3: 6.5 MEDIUM): tiff 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3618 *
CVE-2023-36632 (CVSS3: 7.5 HIGH): python3:python3-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-36632 *
CVE-2023-3817 (CVSS3: 5.3 MEDIUM): openssl:openssl-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3817 *
CVE-2023-38559 (CVSS3: 5.5 MEDIUM): ghostscript:ghostscript-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-38559 *
CVE-2023-4016 (CVSS3: 5.5 MEDIUM): procps 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4016 *

Full list:  Found 96 unpatched CVEs
CVE-2020-15705 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15705 *
CVE-2020-25742 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25742 *
CVE-2020-25743 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25743 *
CVE-2020-27918 (CVSS3: 7.8 HIGH): webkitgtk 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27918 *
CVE-2020-29623 (CVSS3: 3.3 LOW): webkitgtk 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29623 *
CVE-2020-35503 (CVSS3: 6.0 MEDIUM): qemu:qemu-native:qemu-system-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35503 *
CVE-2020-35506 (CVSS3: 6.7 MEDIUM): qemu:qemu-native:qemu-system-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35506 *
CVE-2020-9948 (CVSS3: 8.8 HIGH): webkitgtk 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9948 *
CVE-2020-9951 (CVSS3: 8.8 HIGH): webkitgtk 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9951 *
CVE-2020-9952 (CVSS3: 7.1 HIGH): webkitgtk 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9952 *
CVE-2021-1765 (CVSS3: 6.5 MEDIUM): webkitgtk 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1765 *
CVE-2021-1789 (CVSS3: 8.8 HIGH): webkitgtk 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1789 *
CVE-2021-1799 (CVSS3: 6.5 MEDIUM): webkitgtk 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1799 *
CVE-2021-1801 (CVSS3: 6.5 MEDIUM): webkitgtk 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1801 *
CVE-2021-1870 (CVSS3: 9.8 CRITICAL): webkitgtk 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1870 *
CVE-2021-20269 (CVSS3: 5.5 MEDIUM): kexec-tools 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20269 *
CVE-2021-20295 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20295 *
CVE-2021-27097 (CVSS3: 7.8 HIGH): u-boot 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27097 *
CVE-2021-27138 (CVSS3: 7.8 HIGH): u-boot 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27138 *
CVE-2021-31879 (CVSS3: 6.1 MEDIUM): wget 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31879 *
CVE-2021-3418 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3418 *
CVE-2021-3445 (CVSS3: 7.5 HIGH): libdnf 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3445 *
CVE-2021-35937 (CVSS3: 6.4 MEDIUM): rpm:rpm-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35937 *
CVE-2021-35938 (CVSS3: 6.7 MEDIUM): rpm:rpm-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35938 *
CVE-2021-35939 (CVSS3: 6.7 MEDIUM): rpm:rpm-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35939 *
CVE-2021-3611 (CVSS3: 6.5 MEDIUM):

[OE-core] OE-core CVE metrics for master on Sun 20 Aug 2023 01:00:01 AM HST

2023-08-20 Thread Steve Sakoman 
Branch: master

New this week: 3 CVEs
CVE-2023-0687 (CVSS3: 9.8 CRITICAL): glibc 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0687 *
CVE-2023-4128 (CVSS3: 7.8 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4128 *
CVE-2023-4147 (CVSS3: 7.8 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4147 *

Removed this week: 15 CVEs
CVE-2022-3533 (CVSS3: 5.7 MEDIUM): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3533 *
CVE-2022-3606 (CVSS3: 5.5 MEDIUM): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3606 *
CVE-2023-0160 (CVSS3: 5.5 MEDIUM): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0160 *
CVE-2023-2176 (CVSS3: 7.8 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2176 *
CVE-2023-23039 (CVSS3: 5.7 MEDIUM): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-23039 *
CVE-2023-2430 (CVSS3: 5.5 MEDIUM): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2430 *
CVE-2023-2975 (CVSS3: 5.3 MEDIUM): openssl:openssl-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2975 *
CVE-2023-3446 (CVSS3: 5.3 MEDIUM): openssl:openssl-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3446 *
CVE-2023-35827 (CVSS3: 7.0 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-35827 *
CVE-2023-3618 (CVSS3: 6.5 MEDIUM): tiff 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3618 *
CVE-2023-37453 (CVSS3: 4.6 MEDIUM): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37453 *
CVE-2023-37454 (CVSS3: 5.5 MEDIUM): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37454 *
CVE-2023-3817 (CVSS3: 5.3 MEDIUM): openssl:openssl-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3817 *
CVE-2023-4132 (CVSS3: 5.5 MEDIUM): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4132 *
CVE-2023-4133 (CVSS3: 5.5 MEDIUM): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4133 *

Full list:  Found 29 unpatched CVEs
CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 *
CVE-2021-3714 (CVSS3: 7.5 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3714 *
CVE-2021-3864 (CVSS3: 7.0 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3864 *
CVE-2022-0400 (CVSS3: 7.5 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0400 *
CVE-2022-1247 (CVSS3: 7.0 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1247 *
CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 *
CVE-2022-33065 (CVSS3: 7.8 HIGH): libsndfile1 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-33065 *
CVE-2022-36402 (CVSS3: 5.5 MEDIUM): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36402 *
CVE-2022-38096 (CVSS3: 5.5 MEDIUM): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38096 *
CVE-2022-4543 (CVSS3: 5.5 MEDIUM): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4543 *
CVE-2022-46456 (CVSS3: 6.1 MEDIUM): nasm:nasm-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46456 *
CVE-2023-0687 (CVSS3: 9.8 CRITICAL): glibc 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0687 *
CVE-2023-1206 (CVSS3: 5.7 MEDIUM): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1206 *
CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 *
CVE-2023-3019 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3019 *
CVE-2023-3180 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3180 *
CVE-2023-3354 (CVSS3: 7.5 HIGH): qemu:qemu-native:qemu-system-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3354 *
CVE-2023-3640 (CVSS3: 7.8 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3640 *
CVE-2023-36632 (CVSS3: 7.5 HIGH): python3:python3-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-36632 *
CVE-2023-36664 (CVSS3: 7.8 HIGH): ghostscript 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-36664 *
CVE-2023-3772 (CVSS3: 4.4 MEDIUM): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3772 *
CVE-2023-3773 (CVSS3: 4.4 MEDIUM): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3773 *
CVE-2023-37769 (CVSS3: 6.5 MEDIUM): pixman:pixman-native 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37769 *
CVE-2023-4004 (CVSS3: 7.8 HIGH): linux-yocto 
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4004 *
CVE-2023-4010

Re: [oe-core][PATCHv2] gtk4: upgrade 4.10.5 -> 4.12.0

2023-08-20 Thread Markus Volk 
On Sat, Aug 19 2023 at 10:24:37 PM -07:00:00, Khem Raj 
 wrote:

while it is interesting that you are using OE based distro on your
build host, its not a combination thats commonly tested


Yes, however I didn't expect it to be well tested. In fact I'm amazed 
in how well it works already. I can do all the stuff I really need on 
this machine.
Basically it is just used to improve the image itself which is a fun 
project and for gaming and that works great.


Here's the log for the failed do_configure task:

DEBUG: Executing python function extend_recipe_sysroot
NOTE: Direct dependencies are 
['/home/flk/poky/meta/recipes-devtools/cmake/cmake-native_3.26.4.bb:do_populate_sysroot', 
'/home/flk/poky/meta/recipes-devtools/quilt/quilt-native_0.67.bb:do_populate_sysroot', 
'virtual:native:/home/flk/poky/meta-clang/recipes-devtools/clang/clang_git.bb:do_populate_sysroot', 
'virtual:native:/home/flk/poky/meta/recipes-devtools/ninja/ninja_1.11.1.bb:do_populate_sysroot', 
'virtual:native:/home/flk/poky/meta/recipes-devtools/patch/patch_2.7.6.bb:do_populate_sysroot', 
'virtual:native:/home/flk/poky/meta/recipes-devtools/python/python3_3.11.4.bb:do_populate_sysroot']

NOTE: Installed into sysroot: []
NOTE: Skipping as already exists in sysroot: ['cmake-native', 
'quilt-native', 'clang-native', 'ninja-native', 'patch-native', 
'python3-native', 'libtool-native', 'attr-native', 're2c-native', 
'zlib-native', 'libffi-native', 'bzip2-native', 'ncurses-native', 
'xz-native', 'openssl-native', 'libnsl2-native', 'libtirpc-native', 
'gdbm-native', 'expat-native', 'util-linux-libuuid-native', 
'libedit-native', 'sqlite3-native', 'binutils-native', 
'libxml2-native', 'swig-native', 'zstd-native', 'texinfo-dummy-native', 
'gettext-minimal-native', 'perl-native', 'gnu-config-native', 
'flex-native', 'libpcre2-native', 'make-native', 'm4-native']

DEBUG: Python function extend_recipe_sysroot finished
DEBUG: Executing shell function do_configure
CMake Warning:
 Ignoring extra path from command line:

  
"/home/flk/poky/build/tmp/work-shared/llvm-project-source-16.0.6-r0/git/llvm"



-- The C compiler identification is Clang 16.0.6
-- The CXX compiler identification is Clang 16.0.6
-- The ASM compiler identification is Clang with GNU-like command-line
-- Found assembler: 
/home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/usr/bin/clang

-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - failed
-- Check for working C compiler: 
/home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/usr/bin/clang
-- Check for working C compiler: 
/home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/usr/bin/clang 
- broken
CMake Error at 
/home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/usr/share/cmake-3.26/Modules/CMakeTestCCompiler.cmake:67 
(message):

 The C compiler

   
"/home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/usr/bin/clang"


 is not able to compile a simple test program.

 It fails with the following output:

   Change Dir: 
/home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/build/CMakeFiles/CMakeScratch/TryCompile-bgcv7F


   Run Build Command(s):ninja -v cmTC_ae66c && [1/2] 
/home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/usr/bin/clang 
-target x86_64-linux 
-isystem/home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/usr/include 
-O2 -pipe -MD -MT CMakeFiles/cmTC_ae66c.dir/testCCompiler.c.o -MF 
CMakeFiles/cmTC_ae66c.dir/testCCompiler.c.o.d -o 
CMakeFiles/cmTC_ae66c.dir/testCCompiler.c.o -c 
/home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/build/CMakeFiles/CMakeScratch/TryCompile-bgcv7F/testCCompiler.c
   [2/2] : && 
/home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/usr/bin/clang 
-target x86_64-linux 
-isystem/home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/usr/include 
-O2 -pipe -target x86_64-linux 
-isystem/home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/usr/include 
-L/home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/usr/lib 
-L/home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/lib 
-Wl,--enable-new-dtags 
-Wl,-rpath-link,/home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/usr/lib 
-Wl,-rpath-link,/home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/lib 
-Wl,-rpath,/home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/usr/lib 
-Wl,-rpath,/home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/lib 
-Wl,-O1 -unwindlib=libgcc -rtlib=libgcc -stdlib=libstdc++ 
-Wl,--allow-shlib-undefined