[OE-core] [PATCH] llvm: remove libLTO.so.*
From: Kai Kang Remove libLTO.so.* from llvm which should be provided by clang and packaged to llvm-linker-tools. It could avoids the error: ERROR: clang-16.0.6-r0 do_create_spdx: The recipe clang is trying to install files into a shared area when those files already exist. Those files and their manifest location are: /path_to/tmp/deploy/spdx/core2-64/packages/liblto16.spdx.json (matched in manifest-core2-64-llvm.create_spdx) Please verify which recipe should provide the above files. Signed-off-by: Kai Kang --- meta/recipes-devtools/llvm/llvm_git.bb | 12 ++-- 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/meta/recipes-devtools/llvm/llvm_git.bb b/meta/recipes-devtools/llvm/llvm_git.bb index f3d6f24bd2..ce9ebfa997 100644 --- a/meta/recipes-devtools/llvm/llvm_git.bb +++ b/meta/recipes-devtools/llvm/llvm_git.bb @@ -106,7 +106,7 @@ do_compile() { do_install() { if ${@bb.utils.contains('PACKAGECONFIG', 'libllvm', 'true', 'false', d)}; then - DESTDIR=${D} ninja -v install +DESTDIR=${D} ninja -v install # llvm harcodes usr/lib as install path, so this corrects it to actual libdir mv -T -n ${D}/${prefix}/lib ${D}/${libdir} || true @@ -117,6 +117,10 @@ do_install() { # reproducibility sed -i -e 's,${WORKDIR},,g' ${D}/${libdir}/cmake/llvm/LLVMConfig.cmake + +# remove libLTO.so.* which should be provided by clang and packaged to +# llvm-linker-tools +rm -f ${D}/${libdir}/libLTO.so.* fi } @@ -134,7 +138,7 @@ llvm_sysroot_preprocess() { ln -sf llvm-config ${SYSROOT_DESTDIR}${bindir_crossscripts}/llvm-config${PV} } -PACKAGES =+ "${PN}-bugpointpasses ${PN}-llvmhello ${PN}-libllvm ${PN}-liboptremarks ${PN}-liblto" +PACKAGES =+ "${PN}-bugpointpasses ${PN}-llvmhello ${PN}-libllvm ${PN}-liboptremarks" RRECOMMENDS:${PN}-dev += "${PN}-bugpointpasses ${PN}-llvmhello ${PN}-liboptremarks" @@ -146,10 +150,6 @@ FILES:${PN}-libllvm = "\ ${libdir}/libLLVM-${MAJOR_VERSION}.so \ " -FILES:${PN}-liblto += "\ -${libdir}/libLTO.so.* \ -" - FILES:${PN}-liboptremarks += "\ ${libdir}/libRemarks.so.* \ " -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#186419): https://lists.openembedded.org/g/openembedded-core/message/186419 Mute This Topic: https://lists.openembedded.org/mt/100866486/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [qa-build-notification] QA notification for completed autobuilder build (yocto-4.2.3.rc1)
Hi all, Intel and WR YP QA is planning for QA execution for YP build yocto-4.2.3.rc1. We are planning to execute following tests for this cycle: OEQA-manual tests for following module: 1. OE-Core 2. BSP-hw Runtime auto test for following platforms: 1. MinnowBoard Turbot - 32bit 2. Kaby Lake (7th Generation Intel(r) Core(tm) Processors) 3. Tiger Lake (11th Generation Intel(r) Core(tm) Processors) 4. Alder Lake-S (12th Generation Intel(r) Core(tm) Processors) 5. Raptor Lake-P (13th Generation Intel(r) Core(tm) Processors) 6. Edgerouter 7. Beaglebone ETA for completion Thursday, 24 August. Best regards, Jing Hui > -Original Message- > From: qa-build-notificat...@lists.yoctoproject.org notificat...@lists.yoctoproject.org> On Behalf Of Pokybuild User > Sent: Saturday, August 19, 2023 2:12 PM > To: yo...@lists.yoctoproject.org > Cc: qa-build-notificat...@lists.yoctoproject.org > Subject: [qa-build-notification] QA notification for completed autobuilder > build (yocto-4.2.3.rc1) > > > A build flagged for QA (yocto-4.2.3.rc1) was completed on the autobuilder > and is available at: > > > https://autobuilder.yocto.io/pub/releases/yocto-4.2.3.rc1 > > > Build hash information: > > bitbake: 08033b63ae442c774bd3fce62844eac23e6882d7 > meta-agl: 2b1679097d7b5df438481d7966377a6c0545c156 > meta-arm: 85b0e80e7d6d58bb6aaae6edf88476b9e07d3313 > meta-aws: 7cca28f6e03f3043663c2ad54527c63826a7cb9f > meta-intel: d24a6fae0229b6b4e79f6e796069c56d435c8ac3 > meta-mingw: 92258028e1b5664a9f832541d5c4f6de0bd05e07 > meta-openembedded: 75cf318cef3b4ee81fad2782cf063ecd69ba8842 > meta-virtualization: b8a964fc30de6dfd5a04d3ac57428809526d29f4 > oecore: 7e3489c0c5970389c8a239dc7b367bcadf554eb5 > poky: aa63b25cbe25d89ab07ca11ee72c17cab68df8de > > > > This is an automated message from the Yocto Project Autobuilder > Git: git://git.yoctoproject.org/yocto-autobuilder2 > Email: richard.pur...@linuxfoundation.org > > > > > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#186418): https://lists.openembedded.org/g/openembedded-core/message/186418 Mute This Topic: https://lists.openembedded.org/mt/100866083/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [dunfell][patch] tiff: CVE-2022-3599.patch also fix CVE-2022-4645 CVE-2023-30774
From: Chee Yang Lee The same patch also fix CVE-2022-4645 CVE-2023-30774 CVE-2022-4645 - https://gitlab.com/libtiff/libtiff/-/issues/277 CVE-2023-30774 - https://gitlab.com/libtiff/libtiff/-/issues/463 Signed-off-by: Chee Yang Lee --- meta/recipes-multimedia/libtiff/files/CVE-2022-3599.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2022-3599.patch b/meta/recipes-multimedia/libtiff/files/CVE-2022-3599.patch index 9689a99638..b3232d9002 100644 --- a/meta/recipes-multimedia/libtiff/files/CVE-2022-3599.patch +++ b/meta/recipes-multimedia/libtiff/files/CVE-2022-3599.patch @@ -4,7 +4,7 @@ Date: Tue, 30 Aug 2022 16:56:48 +0200 Subject: [PATCH] Revised handling of TIFFTAG_INKNAMES and related Upstream-Status: Backport [import from debian http://security.debian.org/debian-security/pool/updates/main/t/tiff/tiff_4.1.0+git191117-2~deb10u7.debian.tar.xz ] -CVE: CVE-2022-3599 +CVE: CVE-2022-3599 CVE-2022-4645 CVE-2023-30774 Signed-off-by: Chee Yang Lee Origin: https://gitlab.com/libtiff/libtiff/-/commit/e813112545942107551433d61afd16ac094ff246 -- 2.37.3 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#186417): https://lists.openembedded.org/g/openembedded-core/message/186417 Mute This Topic: https://lists.openembedded.org/mt/100865702/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core][mickledore 00/18] Patch review
On Fri, Aug 18, 2023 at 6:37 PM Paul Gortmaker via lists.openembedded.org wrote: > > [Re: [OE-core][mickledore 00/18] Patch review] On 17/08/2023 (Thu 23:17) Paul > Gortmaker via lists.openembedded.org wrote: > > > [Re: [OE-core][mickledore 00/18] Patch review] On 16/08/2023 (Wed 07:50) > > Steve Sakoman via lists.openembedded.org wrote: > > > > > On Tue, Aug 15, 2023 at 6:24???AM Steve Sakoman via > > > lists.openembedded.org > > > wrote: > > > > > > > > Please review this set of changes for mickledore and have comments back > > > > by > > > > end of day Thursday, August 17. > > > > [...] > > > > > > Bruce Ashfield (2): > > > > linux-yocto/6.1: update to v6.1.41 > > > > linux-yocto/6.1: update to v6.1.43 > > > > > > I'm seeing intermittent failures with these 6.1 "stable" version bumps > > > (issues are also seen in master). > > > > > > So I am dropping these for now till we can fix the problem. > > > > aka "NOHZ tick-stop error: local softirq work is pending, handler #80!!!" > > > > For those not on IRC, the "cause" was tracked down to a v6.1.39 change: > > > > https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/releases/6.1.39/tick-rcu-fix-bogus-ratelimit-condition.patch > > > > [linux-stable commit ID 77cc52f1b8d7 in v6.1] > > > > The bad news - when you look at that commit, you realize the softirq-80 > > problem has been there for an as-yet undetermined length of time, but > > was never output because of the bogus/broken "less than 10" check. > > > > The "less than 10" was introduced in v5.18, so that sets a lower bound, > > but I've not yet tested if the pending-80 was there immediately at 5.18 > > or appeared somewhere between v5.18 and v6.1 - stay tuned. > > For the mail archives - it turns out the issue was there immediately at > v5.18, based on my testing results. - I'm optimistic (for once) that we > have this softirq-80 issue solved. But we'll have to wait and see. To keep everyone in the loop, I'm obviously aware of paul's fix, and I'm letting it sit upstream briefly, and will cherry pick it to everything post 5.18 if it doesn't merge quickly enough. Bruce > > If folks are interested, more details are in the commit log here: > > https://lore.kernel.org/lkml/20230818200757.1808398-1-paul.gortma...@windriver.com/ > > Paul. > -- > > > > > The same change/issue 1st appears in v6.4.4 stable kernel [7fe63c29cb]. > > > > Paul. > > -- > > > > > > > > I reran a-full without the version bumps and all tests passed: > > > > > > https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5742 > > > > > > Steve > > > > > > > Dmitry Baryshkov (1): > > > > linux-firmware: split platform-specific Adreno shaders to separate > > > > packages > > > > > > > > Joel Stanley (1): > > > > kernel: don't fail if Modules.symvers doesn't exist > > > > > > > > Marek Vasut (1): > > > > linux-firmware: Fix mediatek mt7601u firmware path > > > > > > > > Mark Hatle (1): > > > > tcf-agent: Update to 1.8.0 release > > > > > > > > Richard Purdie (1): > > > > oeqa/ssh: Further improve process exit handling > > > > > > > > Ross Burton (1): > > > > openssh: upgrade to 9.3p2 > > > > > > > > Sudip Mukherjee (1): > > > > bind: upgrade to v9.18.17 > > > > > > > > Yogita Urade (3): > > > > qemu: fix CVE-2023-3301 > > > > qemu: fix CVE-2023-3255 > > > > qemu: fix CVE-2023-2861 > > > > > > > > sanjana (1): > > > > binutils: stable 2.40 branch updates > > > > > > > > meta/classes-recipe/kernel.bbclass| 4 +- > > > > meta/conf/distro/include/maintainers.inc | 2 +- > > > > meta/lib/oeqa/core/target/ssh.py | 5 +- > > > > ...1-avoid-start-failure-with-bind-user.patch | 0 > > > > ...d-V-and-start-log-hide-build-options.patch | 0 > > > > ...ching-for-json-headers-searches-sysr.patch | 0 > > > > .../bind/{bind-9.18.16 => bind}/bind9 | 0 > > > > .../bind/{bind-9.18.16 => bind}/conf.patch| 0 > > > > .../generate-rndc-key.sh | 0 > > > > ...t.d-add-support-for-read-only-rootfs.patch | 0 > > > > .../make-etc-initd-bind-stop-work.patch | 0 > > > > .../bind/{bind-9.18.16 => bind}/named.service | 0 > > > > .../bind/{bind_9.18.16.bb => bind_9.18.17.bb} | 4 +- > > > > .../{openssh_9.3p1.bb => openssh_9.3p2.bb}| 2 +- > > > > meta/recipes-core/glibc/glibc-locale.inc | 8 +- > > > > .../binutils/binutils-2.40.inc| 2 +- > > > > meta/recipes-devtools/qemu/qemu.inc | 3 + > > > > .../qemu/qemu/CVE-2023-2861.patch | 171 ++ > > > > .../qemu/qemu/CVE-2023-3255.patch | 65 +++ > > > > .../qemu/qemu/CVE-2023-3301.patch | 65 +++ > > > > .../tcf-agent/tcf-agent_git.bb| 4 +- > > > > .../linux-firmware/linux-firmware_20230625.bb | 28 ++- > > > > .../linux/linux-yocto-rt_6.1.bb | 6 +- > > > > .../linux/linux-yocto-tiny_6.1.bb | 6 +- > > >
Re: [OE-core] OE-core CVE metrics for master on Sun 20 Aug 2023 01:00:01 AM HST
On Sun, Aug 20, 2023 at 7:30 AM Khem Raj wrote: > > On Sun, Aug 20, 2023 at 4:19 AM Steve Sakoman wrote: > > > > Branch: master > > > > New this week: 3 CVEs > > CVE-2023-0687 (CVSS3: 9.8 CRITICAL): glibc > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0687 * > > We are at 2.38 release on master and this release contains > https://sourceware.org/git/?p=glibc.git;a=commit;h=801af9fafd4689337ebf27260aa115335a0cb2bc > which fixes this problem. So I wonder why it appears in the scan here ? Here is the note associated with this CVE: "** DISPUTED ** A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. VDB-220246 is the identifier assigned to this vulnerability. NOTE: The real existence of this vulnerability is still doubted at the moment. The inputs that induce this vulnerability are basically addresses of the running application that is built with gmon enabled. It's basically trusted input or input that needs an actual security flaw to be compromised or controlled." Steve > > > CVE-2023-4128 (CVSS3: 7.8 HIGH): linux-yocto > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4128 * > > CVE-2023-4147 (CVSS3: 7.8 HIGH): linux-yocto > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4147 * > > > > Removed this week: 15 CVEs > > CVE-2022-3533 (CVSS3: 5.7 MEDIUM): linux-yocto > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3533 * > > CVE-2022-3606 (CVSS3: 5.5 MEDIUM): linux-yocto > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3606 * > > CVE-2023-0160 (CVSS3: 5.5 MEDIUM): linux-yocto > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0160 * > > CVE-2023-2176 (CVSS3: 7.8 HIGH): linux-yocto > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2176 * > > CVE-2023-23039 (CVSS3: 5.7 MEDIUM): linux-yocto > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-23039 * > > CVE-2023-2430 (CVSS3: 5.5 MEDIUM): linux-yocto > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2430 * > > CVE-2023-2975 (CVSS3: 5.3 MEDIUM): openssl:openssl-native > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2975 * > > CVE-2023-3446 (CVSS3: 5.3 MEDIUM): openssl:openssl-native > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3446 * > > CVE-2023-35827 (CVSS3: 7.0 HIGH): linux-yocto > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-35827 * > > CVE-2023-3618 (CVSS3: 6.5 MEDIUM): tiff > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3618 * > > CVE-2023-37453 (CVSS3: 4.6 MEDIUM): linux-yocto > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37453 * > > CVE-2023-37454 (CVSS3: 5.5 MEDIUM): linux-yocto > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37454 * > > CVE-2023-3817 (CVSS3: 5.3 MEDIUM): openssl:openssl-native > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3817 * > > CVE-2023-4132 (CVSS3: 5.5 MEDIUM): linux-yocto > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4132 * > > CVE-2023-4133 (CVSS3: 5.5 MEDIUM): linux-yocto > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4133 * > > > > Full list: Found 29 unpatched CVEs > > CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 * > > CVE-2021-3714 (CVSS3: 7.5 HIGH): linux-yocto > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3714 * > > CVE-2021-3864 (CVSS3: 7.0 HIGH): linux-yocto > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3864 * > > CVE-2022-0400 (CVSS3: 7.5 HIGH): linux-yocto > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0400 * > > CVE-2022-1247 (CVSS3: 7.0 HIGH): linux-yocto > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1247 * > > CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * > > CVE-2022-33065 (CVSS3: 7.8 HIGH): libsndfile1 > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-33065 * > > CVE-2022-36402 (CVSS3: 5.5 MEDIUM): linux-yocto > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36402 * > > CVE-2022-38096 (CVSS3: 5.5 MEDIUM): linux-yocto > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38096 * > > CVE-2022-4543 (CVSS3: 5.5 MEDIUM): linux-yocto > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4543 * > > CVE-2022-46456 (CVSS3: 6.1 MEDIUM): nasm:nasm-native > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46456 * > > CVE-2023-0687 (CVSS3: 9.8 CRITICAL): glibc > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0687 * > > CVE-2023-1206 (CVSS3: 5.7 MEDIUM): linux-yocto > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1206 * > > CVE-2023-1386
Re: [OE-core] OE-core CVE metrics for master on Sun 20 Aug 2023 01:00:01 AM HST
On Sun, Aug 20, 2023 at 4:19 AM Steve Sakoman wrote: > > Branch: master > > New this week: 3 CVEs > CVE-2023-0687 (CVSS3: 9.8 CRITICAL): glibc > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0687 * We are at 2.38 release on master and this release contains https://sourceware.org/git/?p=glibc.git;a=commit;h=801af9fafd4689337ebf27260aa115335a0cb2bc which fixes this problem. So I wonder why it appears in the scan here ? > CVE-2023-4128 (CVSS3: 7.8 HIGH): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4128 * > CVE-2023-4147 (CVSS3: 7.8 HIGH): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4147 * > > Removed this week: 15 CVEs > CVE-2022-3533 (CVSS3: 5.7 MEDIUM): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3533 * > CVE-2022-3606 (CVSS3: 5.5 MEDIUM): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3606 * > CVE-2023-0160 (CVSS3: 5.5 MEDIUM): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0160 * > CVE-2023-2176 (CVSS3: 7.8 HIGH): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2176 * > CVE-2023-23039 (CVSS3: 5.7 MEDIUM): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-23039 * > CVE-2023-2430 (CVSS3: 5.5 MEDIUM): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2430 * > CVE-2023-2975 (CVSS3: 5.3 MEDIUM): openssl:openssl-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2975 * > CVE-2023-3446 (CVSS3: 5.3 MEDIUM): openssl:openssl-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3446 * > CVE-2023-35827 (CVSS3: 7.0 HIGH): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-35827 * > CVE-2023-3618 (CVSS3: 6.5 MEDIUM): tiff > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3618 * > CVE-2023-37453 (CVSS3: 4.6 MEDIUM): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37453 * > CVE-2023-37454 (CVSS3: 5.5 MEDIUM): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37454 * > CVE-2023-3817 (CVSS3: 5.3 MEDIUM): openssl:openssl-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3817 * > CVE-2023-4132 (CVSS3: 5.5 MEDIUM): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4132 * > CVE-2023-4133 (CVSS3: 5.5 MEDIUM): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4133 * > > Full list: Found 29 unpatched CVEs > CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 * > CVE-2021-3714 (CVSS3: 7.5 HIGH): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3714 * > CVE-2021-3864 (CVSS3: 7.0 HIGH): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3864 * > CVE-2022-0400 (CVSS3: 7.5 HIGH): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0400 * > CVE-2022-1247 (CVSS3: 7.0 HIGH): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1247 * > CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * > CVE-2022-33065 (CVSS3: 7.8 HIGH): libsndfile1 > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-33065 * > CVE-2022-36402 (CVSS3: 5.5 MEDIUM): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36402 * > CVE-2022-38096 (CVSS3: 5.5 MEDIUM): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38096 * > CVE-2022-4543 (CVSS3: 5.5 MEDIUM): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4543 * > CVE-2022-46456 (CVSS3: 6.1 MEDIUM): nasm:nasm-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46456 * > CVE-2023-0687 (CVSS3: 9.8 CRITICAL): glibc > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0687 * > CVE-2023-1206 (CVSS3: 5.7 MEDIUM): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1206 * > CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * > CVE-2023-3019 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3019 * > CVE-2023-3180 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3180 * > CVE-2023-3354 (CVSS3: 7.5 HIGH): qemu:qemu-native:qemu-system-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3354 * > CVE-2023-3640 (CVSS3: 7.8 HIGH): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3640 * > CVE-2023-36632 (CVSS3: 7.5 HIGH): python3:python3-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-36632 * > CVE-2023-36664 (CVSS3: 7.8 HIGH): ghostscript > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-36664 * > CVE-2023-3772 (CVSS3: 4.4
Re: [oe-core][PATCHv2] gtk4: upgrade 4.10.5 -> 4.12.0
On Sun, Aug 20 2023 at 07:54:19 AM -07:00:00, Khem Raj wrote: Ok the cmdline looks normal what’s the install location of these files above flk@intel-corei7-64:~/poky/build$ ll /usr/lib/libgcc* lrwxrwxrwx 1 root root 17 Mar 9 2018 /usr/lib/libgccpp.so.1 -> libgccpp.so.1.5.0 -rwxr-xr-x 1 root root 14K Mar 9 2018 /usr/lib/libgccpp.so.1.5.0 -rw-r--r-- 1 root root 132 Mar 9 2018 /usr/lib/libgcc_s.so -rw-r--r-- 1 root root 143K Mar 9 2018 /usr/lib/libgcc_s.so.1 flk@intel-corei7-64:~/poky/build$ ll /usr/lib/x86_64-poky-linux/13.2.0/ total 6.3M drwxr-xr-x 1 root root 260 Mar 9 2018 . drwxr-xr-x 1 root root 12 Mar 9 2018 .. -rw-r--r-- 1 root root 2.5K Mar 9 2018 crtbegin.o -rw-r--r-- 1 root root 2.8K Mar 9 2018 crtbeginS.o -rw-r--r-- 1 root root 3.0K Mar 9 2018 crtbeginT.o -rw-r--r-- 1 root root 1.2K Mar 9 2018 crtend.o -rw-r--r-- 1 root root 1.2K Mar 9 2018 crtendS.o -rw-r--r-- 1 root root 3.8K Mar 9 2018 crtfastmath.o -rw-r--r-- 1 root root 3.5K Mar 9 2018 crtprec32.o -rw-r--r-- 1 root root 3.5K Mar 9 2018 crtprec64.o -rw-r--r-- 1 root root 3.5K Mar 9 2018 crtprec80.o drwxr-xr-x 1 root root 66 Mar 9 2018 include -rw-r--r-- 1 root root 5.7M Mar 9 2018 libgcc.a -rw-r--r-- 1 root root 322K Mar 9 2018 libgcc_eh.a -rw-r--r-- 1 root root 292K Mar 9 2018 libgcov.a -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#186413): https://lists.openembedded.org/g/openembedded-core/message/186413 Mute This Topic: https://lists.openembedded.org/mt/100759433/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [oe-core][PATCHv2] gtk4: upgrade 4.10.5 -> 4.12.0
On Sat, Aug 19, 2023 at 10:24 PM Khem Raj wrote: > On Thu, Aug 17, 2023 at 7:49 AM Markus Volk wrote: > > > > Sorry for the late reply. I was on the road yesterday. > > > > I can't reproduce the issue unfortunately. That's because I've been > running my build host with a homebuilt yocto image for a couple of weeks > now to find runtime errors (and because it gets me better hardware > support). So far this is running very well, but I seem to have a problem > with libgcc-initial. When I want to use the clang toolchain, libcxx-native > aborts with: > > > > | /home/flk/poky/build/tmp/hosttools/ld: cannot find crtbeginS.o: No > such file or directory > > | /home/flk/poky/build/tmp/hosttools/ld: cannot find -lgcc: No such file > or directory > > | /home/flk/poky/build/tmp/hosttools/ld: cannot find -lgcc: No such file > or directory > > | clang-16: error: linker command failed with exit code 1 (use -v to see > the call) > > | ninja: build stopped: subcommand failed. Ok the cmdline looks normal what’s the install location of these files above > > while it is interesting that you are using OE based distro on your > build host, its not a combination thats commonly tested. Especially in > native libcxx case, its using > clang-native with runtime from build host and I am sure thats where > problem is perhaps some paths are being detected wrong. Clang does > encode distro information > into its driver. Can you post full log of failed task may be it has > some hints. It will be also good to see the output of failing linker > cmdline with --verbose option, it will > show what paths clang driver is looking for runtime stuff. > > > > > Will have to look into this first. So far I have no idea what is going > on. In any case, at most I'd be able to hack this with a 'cast', but I > don't have enough knowledge of the gtk code to find the root cause > > > > I think the best thing would be to create an issue at gitlab, but I'm a > bit afraid of that because I can't help if something needs to be tested or > if I should add more context. > > > > In general this is an issue that should be fixed in gcc because this > seems to be indeed a bug. > > > > Short term solutions might be to add -Wno-int-conversion to the cflags > for clang to make it less strict or to disable the experimental vulkan > support in gtk4 by default? > > > > On Wed, Aug 16 2023 at 07:44:50 AM -07:00:00, Khem Raj < > raj.k...@gmail.com> wrote: > > > > clang finds more errors with this upgrade > https://errors.yoctoproject.org/Errors/Details/731552/ On Tue, Aug 15, > 2023 at 7:52 AM Markus Volk wrote: > > > > gtk.h: gtkscrollinfo.h was added, no change of license gdk.h: > gdkpixbuf.h was deprecated, no change of license update renamed > build-options Overview of Changes in 4.12.0, 05-08-2023 > = * List widgets: - Add scroll_to > APIs * GtkFileLauncher: - Add an always-ask property * GtkTextView: - Make > backspace behavior match GtkEntry * gsk: - Fix handling of luminance in > mask nodes * Text rendering: - Automate the setting of > gtk-hint-font-metrics from the scale factor. This improves font rendering > in flatpaks * Wayland: - Fix behavior of stylus buttons - Support suspended > window state * Vulkan: - Many improvements * Tools: - Add > gtk4-rendernode-tool * Debugging: - Drop the GTK_DEBUG_TOUCHSCREEN flag * > Build: - Some build options have been renamed: gtk_doc -> documentation > update_screenshots -> screenshots The old names still work Overview of > Changes in 4.11.4, 03-07-2023 = * > GtkFileChooser: - Default to sorting folders first - Fix a crash when > visiting recent files * GtkTextView: - Fix corner cases in word navigation > * GtkMenuButton: - Normalize label layout * GtkDropDown: - Add support for > sections * GtkVideo: - Make the overlay icon clickable * GtkWindow: - Clear > the resize cursors to avoid artifacts * GtkFileDialog: - Always set > initial-folder * GtkDropDown: - Update on expression changes * > GtkMapListModel: - Implement GtkSectionModel * Accessibility: - > Improvements all over the place: GtkButton, GtkPasswordEntry, > GtkFontChooserDialog, GtkColorChooserDialog, GtkShortcutsWindow, > GtkMenuButton, GtkAboutDialog, GtkFileChooserDialog, GtkStackSidebar, > GtkStackSwitcher, GtkMediaControls, GtkColorDialogButton, GtkDropDown, > GtkInfoBar, GtkNotebook, GtkPrintUnixDialog, GtkModelButton - Make name > computation follow the ARIA spec more closely - Adapt name computation for > the common 'nested button' scenario - Change many containers to use > `generic` instead of `group` - Use `generic` as the default role - Use > `application` instead of `window` for windows - Add properties for > accessible names of not directly exposed widgets in GtkListView, > GtkGridView and GtkColumnView * DND: - Fix criticals when drops are > rejected * X11: - Fix regressions in GLX setup * Windows: - Center newly > created transient windows * Vulkan: - Add
[OE-core] OE-core CVE metrics for mickledore on Sun 20 Aug 2023 04:00:01 AM HST
Branch: mickledore New this week: 5 CVEs CVE-2023-39533 (CVSS3: 7.5 HIGH): go:go-binary-native:go-cross-core2-64:go-runtime https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39533 * CVE-2023-4128 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4128 * CVE-2023-4147 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4147 * CVE-2023-4194 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4194 * CVE-2023-4273 (CVSS3: 6.7 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4273 * Removed this week: 9 CVEs CVE-2023-1989 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1989 * CVE-2023-2828 (CVSS3: 7.5 HIGH): bind https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2828 * CVE-2023-2829 (CVSS3: 7.5 HIGH): bind https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2829 * CVE-2023-2911 (CVSS3: 7.5 HIGH): bind https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2911 * CVE-2023-29406 (CVSS3: 6.5 MEDIUM): go:go-binary-native:go-cross-core2-64:go-runtime https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29406 * CVE-2023-30571 (CVSS3: 5.3 MEDIUM): libarchive:libarchive-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-30571 * CVE-2023-31436 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-31436 * CVE-2023-3618 (CVSS3: 6.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3618 * CVE-2023-38408 (CVSS3: 9.8 CRITICAL): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-38408 * Full list: Found 125 unpatched CVEs CVE-2015-8955 (CVSS3: 7.3 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8955 * CVE-2018-10878 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10878 * CVE-2020-11935 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-11935 * CVE-2020-25668 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25668 * CVE-2020-2 (CVSS3: 6.7 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2 * CVE-2020-27815 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27815 * CVE-2021-28972 (CVSS3: 6.7 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28972 * CVE-2021-3640 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3640 * CVE-2021-3714 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3714 * CVE-2021-3864 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3864 * CVE-2021-4083 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4083 * CVE-2022-0400 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0400 * CVE-2022-1247 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1247 * CVE-2022-3202 (CVSS3: 7.1 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3202 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-33065 (CVSS3: 7.8 HIGH): libsndfile1 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-33065 * CVE-2022-3533 (CVSS3: 5.7 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3533 * CVE-2022-3606 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3606 * CVE-2022-36402 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36402 * CVE-2022-38096 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38096 * CVE-2022-3964 (CVSS3: 8.1 HIGH): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3964 * CVE-2022-3965 (CVSS3: 8.1 HIGH): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3965 * CVE-2022-41858 (CVSS3: 7.1 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-41858 * CVE-2022-4543 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4543 * CVE-2022-46456 (CVSS3: 6.1 MEDIUM): nasm:nasm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46456 * CVE-2022-48425 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-48425 * CVE-2022-48502 (CVSS3: 7.1 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-48502 * CVE-2023-0160 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0160 * CVE-2023-0615 (CVSS3: 5.5 MEDIUM): linux-yocto
[OE-core] OE-core CVE metrics for kirkstone on Sun 20 Aug 2023 03:00:01 AM HST
Branch: kirkstone New this week: 1 CVEs CVE-2023-39533 (CVSS3: 7.5 HIGH): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39533 * Removed this week: 4 CVEs CVE-2023-3180 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3180 * CVE-2023-3354 (CVSS3: 7.5 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3354 * CVE-2023-38559 (CVSS3: 5.5 MEDIUM): ghostscript:ghostscript-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-38559 * CVE-2023-4016 (CVSS3: 5.5 MEDIUM): procps https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4016 * Full list: Found 32 unpatched CVEs CVE-2021-35937 (CVSS3: 6.4 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35937 * CVE-2021-35938 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35938 * CVE-2021-35939 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35939 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-33065 (CVSS3: 7.8 HIGH): libsndfile1 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-33065 * CVE-2022-3515 (CVSS3: 9.8 CRITICAL): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3515 * CVE-2022-3553 (CVSS3: 6.5 MEDIUM): xserver-xorg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3553 * CVE-2022-3563 (CVSS3: 5.7 MEDIUM): bluez5 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3563 * CVE-2022-3637 (CVSS3: 5.5 MEDIUM): bluez5 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3637 * CVE-2022-3872 (CVSS3: 8.6 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3872 * CVE-2022-3964 (CVSS3: 8.1 HIGH): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3964 * CVE-2022-3965 (CVSS3: 8.1 HIGH): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3965 * CVE-2022-4055 (CVSS3: 7.4 HIGH): xdg-utils https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4055 * CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * CVE-2023-1544 (CVSS3: 6.3 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1544 * CVE-2023-1916 (CVSS3: 6.1 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1916 * CVE-2023-24532 (CVSS3: 5.3 MEDIUM): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24532 * CVE-2023-27043 (CVSS3: 5.3 MEDIUM): python3:python3-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27043 * CVE-2023-2731 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2731 * CVE-2023-2829 (CVSS3: 7.5 HIGH): bind https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2829 * CVE-2023-2908 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2908 * CVE-2023-29403 (CVSS3: 7.8 HIGH): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29403 * CVE-2023-29409 (CVSS3: 5.3 MEDIUM): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29409 * CVE-2023-29491 (CVSS3: 7.8 HIGH): ncurses:ncurses-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29491 * CVE-2023-3019 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3019 * CVE-2023-3316 (CVSS3: 6.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3316 * CVE-2023-3618 (CVSS3: 6.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3618 * CVE-2023-37769 (CVSS3: 6.5 MEDIUM): pixman:pixman-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37769 * CVE-2023-38560 (CVSS3: 5.5 MEDIUM): ghostscript:ghostscript-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-38560 * CVE-2023-38633 (CVSS3: 5.5 MEDIUM): librsvg:librsvg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-38633 * CVE-2023-39533 (CVSS3: 7.5 HIGH): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39533 * CVE-2023-4135 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4135 * For further information see: https://autobuilder.yocto.io/pub/non-release/patchmetrics/ -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#186410): https://lists.openembedded.org/g/openembedded-core/message/186410 Mute This Topic: https://lists.openembedded.org/mt/100854326/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] OE-core CVE metrics for dunfell on Sun 20 Aug 2023 02:00:01 AM HST
Branch: dunfell New this week: 1 CVEs CVE-2023-39533 (CVSS3: 7.5 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39533 * Removed this week: 15 CVEs CVE-2021-33621 (CVSS3: 8.8 HIGH): ruby:ruby-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33621 * CVE-2022-41409 (CVSS3: 7.5 HIGH): libpcre2:libpcre2-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-41409 * CVE-2023-26965 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-26965 * CVE-2023-2804 (CVSS3: 6.5 MEDIUM): libjpeg-turbo:libjpeg-turbo-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2804 * CVE-2023-2908 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2908 * CVE-2023-29406 (CVSS3: 6.5 MEDIUM): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29406 * CVE-2023-30571 (CVSS3: 5.3 MEDIUM): libarchive:libarchive-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-30571 * CVE-2023-30630 (CVSS3: 7.8 HIGH): dmidecode https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-30630 * CVE-2023-3316 (CVSS3: 6.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3316 * CVE-2023-3354 (CVSS3: 7.5 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3354 * CVE-2023-3618 (CVSS3: 6.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3618 * CVE-2023-36632 (CVSS3: 7.5 HIGH): python3:python3-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-36632 * CVE-2023-3817 (CVSS3: 5.3 MEDIUM): openssl:openssl-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3817 * CVE-2023-38559 (CVSS3: 5.5 MEDIUM): ghostscript:ghostscript-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-38559 * CVE-2023-4016 (CVSS3: 5.5 MEDIUM): procps https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4016 * Full list: Found 96 unpatched CVEs CVE-2020-15705 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15705 * CVE-2020-25742 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25742 * CVE-2020-25743 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25743 * CVE-2020-27918 (CVSS3: 7.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27918 * CVE-2020-29623 (CVSS3: 3.3 LOW): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29623 * CVE-2020-35503 (CVSS3: 6.0 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35503 * CVE-2020-35506 (CVSS3: 6.7 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35506 * CVE-2020-9948 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9948 * CVE-2020-9951 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9951 * CVE-2020-9952 (CVSS3: 7.1 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9952 * CVE-2021-1765 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1765 * CVE-2021-1789 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1789 * CVE-2021-1799 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1799 * CVE-2021-1801 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1801 * CVE-2021-1870 (CVSS3: 9.8 CRITICAL): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1870 * CVE-2021-20269 (CVSS3: 5.5 MEDIUM): kexec-tools https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20269 * CVE-2021-20295 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20295 * CVE-2021-27097 (CVSS3: 7.8 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27097 * CVE-2021-27138 (CVSS3: 7.8 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27138 * CVE-2021-31879 (CVSS3: 6.1 MEDIUM): wget https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31879 * CVE-2021-3418 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3418 * CVE-2021-3445 (CVSS3: 7.5 HIGH): libdnf https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3445 * CVE-2021-35937 (CVSS3: 6.4 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35937 * CVE-2021-35938 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35938 * CVE-2021-35939 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35939 * CVE-2021-3611 (CVSS3: 6.5 MEDIUM):
[OE-core] OE-core CVE metrics for master on Sun 20 Aug 2023 01:00:01 AM HST
Branch: master New this week: 3 CVEs CVE-2023-0687 (CVSS3: 9.8 CRITICAL): glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0687 * CVE-2023-4128 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4128 * CVE-2023-4147 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4147 * Removed this week: 15 CVEs CVE-2022-3533 (CVSS3: 5.7 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3533 * CVE-2022-3606 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3606 * CVE-2023-0160 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0160 * CVE-2023-2176 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2176 * CVE-2023-23039 (CVSS3: 5.7 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-23039 * CVE-2023-2430 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2430 * CVE-2023-2975 (CVSS3: 5.3 MEDIUM): openssl:openssl-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2975 * CVE-2023-3446 (CVSS3: 5.3 MEDIUM): openssl:openssl-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3446 * CVE-2023-35827 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-35827 * CVE-2023-3618 (CVSS3: 6.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3618 * CVE-2023-37453 (CVSS3: 4.6 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37453 * CVE-2023-37454 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37454 * CVE-2023-3817 (CVSS3: 5.3 MEDIUM): openssl:openssl-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3817 * CVE-2023-4132 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4132 * CVE-2023-4133 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4133 * Full list: Found 29 unpatched CVEs CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 * CVE-2021-3714 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3714 * CVE-2021-3864 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3864 * CVE-2022-0400 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0400 * CVE-2022-1247 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1247 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-33065 (CVSS3: 7.8 HIGH): libsndfile1 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-33065 * CVE-2022-36402 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36402 * CVE-2022-38096 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38096 * CVE-2022-4543 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4543 * CVE-2022-46456 (CVSS3: 6.1 MEDIUM): nasm:nasm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46456 * CVE-2023-0687 (CVSS3: 9.8 CRITICAL): glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0687 * CVE-2023-1206 (CVSS3: 5.7 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1206 * CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * CVE-2023-3019 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3019 * CVE-2023-3180 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3180 * CVE-2023-3354 (CVSS3: 7.5 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3354 * CVE-2023-3640 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3640 * CVE-2023-36632 (CVSS3: 7.5 HIGH): python3:python3-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-36632 * CVE-2023-36664 (CVSS3: 7.8 HIGH): ghostscript https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-36664 * CVE-2023-3772 (CVSS3: 4.4 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3772 * CVE-2023-3773 (CVSS3: 4.4 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3773 * CVE-2023-37769 (CVSS3: 6.5 MEDIUM): pixman:pixman-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37769 * CVE-2023-4004 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4004 * CVE-2023-4010
Re: [oe-core][PATCHv2] gtk4: upgrade 4.10.5 -> 4.12.0
On Sat, Aug 19 2023 at 10:24:37 PM -07:00:00, Khem Raj wrote: while it is interesting that you are using OE based distro on your build host, its not a combination thats commonly tested Yes, however I didn't expect it to be well tested. In fact I'm amazed in how well it works already. I can do all the stuff I really need on this machine. Basically it is just used to improve the image itself which is a fun project and for gaming and that works great. Here's the log for the failed do_configure task: DEBUG: Executing python function extend_recipe_sysroot NOTE: Direct dependencies are ['/home/flk/poky/meta/recipes-devtools/cmake/cmake-native_3.26.4.bb:do_populate_sysroot', '/home/flk/poky/meta/recipes-devtools/quilt/quilt-native_0.67.bb:do_populate_sysroot', 'virtual:native:/home/flk/poky/meta-clang/recipes-devtools/clang/clang_git.bb:do_populate_sysroot', 'virtual:native:/home/flk/poky/meta/recipes-devtools/ninja/ninja_1.11.1.bb:do_populate_sysroot', 'virtual:native:/home/flk/poky/meta/recipes-devtools/patch/patch_2.7.6.bb:do_populate_sysroot', 'virtual:native:/home/flk/poky/meta/recipes-devtools/python/python3_3.11.4.bb:do_populate_sysroot'] NOTE: Installed into sysroot: [] NOTE: Skipping as already exists in sysroot: ['cmake-native', 'quilt-native', 'clang-native', 'ninja-native', 'patch-native', 'python3-native', 'libtool-native', 'attr-native', 're2c-native', 'zlib-native', 'libffi-native', 'bzip2-native', 'ncurses-native', 'xz-native', 'openssl-native', 'libnsl2-native', 'libtirpc-native', 'gdbm-native', 'expat-native', 'util-linux-libuuid-native', 'libedit-native', 'sqlite3-native', 'binutils-native', 'libxml2-native', 'swig-native', 'zstd-native', 'texinfo-dummy-native', 'gettext-minimal-native', 'perl-native', 'gnu-config-native', 'flex-native', 'libpcre2-native', 'make-native', 'm4-native'] DEBUG: Python function extend_recipe_sysroot finished DEBUG: Executing shell function do_configure CMake Warning: Ignoring extra path from command line: "/home/flk/poky/build/tmp/work-shared/llvm-project-source-16.0.6-r0/git/llvm" -- The C compiler identification is Clang 16.0.6 -- The CXX compiler identification is Clang 16.0.6 -- The ASM compiler identification is Clang with GNU-like command-line -- Found assembler: /home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/usr/bin/clang -- Detecting C compiler ABI info -- Detecting C compiler ABI info - failed -- Check for working C compiler: /home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/usr/bin/clang -- Check for working C compiler: /home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/usr/bin/clang - broken CMake Error at /home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/usr/share/cmake-3.26/Modules/CMakeTestCCompiler.cmake:67 (message): The C compiler "/home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/usr/bin/clang" is not able to compile a simple test program. It fails with the following output: Change Dir: /home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/build/CMakeFiles/CMakeScratch/TryCompile-bgcv7F Run Build Command(s):ninja -v cmTC_ae66c && [1/2] /home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/usr/bin/clang -target x86_64-linux -isystem/home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/usr/include -O2 -pipe -MD -MT CMakeFiles/cmTC_ae66c.dir/testCCompiler.c.o -MF CMakeFiles/cmTC_ae66c.dir/testCCompiler.c.o.d -o CMakeFiles/cmTC_ae66c.dir/testCCompiler.c.o -c /home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/build/CMakeFiles/CMakeScratch/TryCompile-bgcv7F/testCCompiler.c [2/2] : && /home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/usr/bin/clang -target x86_64-linux -isystem/home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/usr/include -O2 -pipe -target x86_64-linux -isystem/home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/usr/include -L/home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/usr/lib -L/home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/lib -Wl,--enable-new-dtags -Wl,-rpath-link,/home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/usr/lib -Wl,-rpath-link,/home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/lib -Wl,-rpath,/home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/usr/lib -Wl,-rpath,/home/flk/poky/build/tmp/work/x86_64-linux/libcxx-native/16.0.6/recipe-sysroot-native/lib -Wl,-O1 -unwindlib=libgcc -rtlib=libgcc -stdlib=libstdc++ -Wl,--allow-shlib-undefined