Re: [OE-core] [PATCH 3/3] stress-ng: upgrade 0.15.08 -> 0.16.04

[Chen Qi via lists.openembedded.org]

This upgrade introduces a build failure when DEBUG_BUILD is enabled.
I've sent out a patch to disable it in this recipe as a workaround.
I've also filed a new issue for stress-ng upstream: 
https://github.com/ColinIanKing/stress-ng/issues/315


Regards,
Qi

On 8/17/23 15:38, Anuj Mittal wrote:

Signed-off-by: Anuj Mittal 
---
  .../stress-ng/{stress-ng_0.15.08.bb => stress-ng_0.16.04.bb}| 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)
  rename meta/recipes-extended/stress-ng/{stress-ng_0.15.08.bb => 
stress-ng_0.16.04.bb} (94%)

diff --git a/meta/recipes-extended/stress-ng/stress-ng_0.15.08.bb 
b/meta/recipes-extended/stress-ng/stress-ng_0.16.04.bb
similarity index 94%
rename from meta/recipes-extended/stress-ng/stress-ng_0.15.08.bb
rename to meta/recipes-extended/stress-ng/stress-ng_0.16.04.bb
index 9952c4ef8a5..6e5665cc3b9 100644
--- a/meta/recipes-extended/stress-ng/stress-ng_0.15.08.bb
+++ b/meta/recipes-extended/stress-ng/stress-ng_0.16.04.bb
@@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = 
"file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
  
  SRC_URI = "git://github.com/ColinIanKing/stress-ng.git;protocol=https;branch=master \

 "
-SRCREV = "4fc205238518cdaf80cf18e8bd411708f7ba3856"
+SRCREV = "95777d7cf32de9fc88c452a968ae2ae23ed269c2"
  S = "${WORKDIR}/git"
  
  DEPENDS = "coreutils-native libbsd"







-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#186868): 
https://lists.openembedded.org/g/openembedded-core/message/186868
Mute This Topic: https://lists.openembedded.org/mt/100796322/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] OpenEmbedded Happy Hour August 30 9pm/2100 UTC

[Denys Dmytriyenko]

All,

You are cordially invited to the next OpenEmbedded Happy Hour on August 30 
for Asia/Pacific timezones @ 2100/9pm UTC (5pm ET / 2pm PT):

https://www.openembedded.org/wiki/Calendar
https://www.openembedded.org/wiki/Happy_Hours
https://www.timeanddate.com/worldclock/fixedtime.html?msg=OpenEmbedded+Happy+Hour+August+30=20230830T21

-- 
Regards,
Denys Dmytriyenko 
PGP: 0x420902729A92C964 - https://denix.org/0x420902729A92C964
Fingerprint: 25FC E4A5 8A72 2F69 1186  6D76 4209 0272 9A92 C964

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#186867): 
https://lists.openembedded.org/g/openembedded-core/message/186867
Mute This Topic: https://lists.openembedded.org/mt/101042131/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH] qemu: Upgrade 8.0.4 -> 8.1.0

[Richard Purdie]

This upgrade isn't straighforward as upstream made changes. A pyenv
is now needed containing meson. This doesn't work for us for reasons
as yet unclear however it does mean we need python3native inherited
for that to stand a chance of working as otherwise host system
dependencies may be missing. For now, allow meson to work from our
sysroot via a patch. Our meson is always deterministic anyway so
we don't need their help for that.

The submodules approach used previously has changed, switch the options
for new ones to disable downloads and docs.

Some of the images binaries shipped for s390 show QA warnings for
relocations in code sections. Drop those binaries to avoid the QA
warnings since we don't need them anyway.

Drop a backported patch and refresh another.

Signed-off-by: Richard Purdie 
---
 meta/conf/distro/include/tcmode-default.inc   |  2 +-
 ...u-native_8.0.4.bb => qemu-native_8.1.0.bb} |  0
 ...e_8.0.4.bb => qemu-system-native_8.1.0.bb} |  0
 meta/recipes-devtools/qemu/qemu.inc   | 17 ++--
 ...lative-paths-for-line-preprocessor-d.patch | 84 ---
 ...dd-pkg-config-handling-for-libgcrypt.patch | 12 +--
 .../qemu/qemu/fixedmeson.patch| 20 +
 .../qemu/{qemu_8.0.4.bb => qemu_8.1.0.bb} |  0
 8 files changed, 38 insertions(+), 97 deletions(-)
 rename meta/recipes-devtools/qemu/{qemu-native_8.0.4.bb => 
qemu-native_8.1.0.bb} (100%)
 rename meta/recipes-devtools/qemu/{qemu-system-native_8.0.4.bb => 
qemu-system-native_8.1.0.bb} (100%)
 delete mode 100644 
meta/recipes-devtools/qemu/qemu/0001-tracetool-use-relative-paths-for-line-preprocessor-d.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/fixedmeson.patch
 rename meta/recipes-devtools/qemu/{qemu_8.0.4.bb => qemu_8.1.0.bb} (100%)

diff --git a/meta/conf/distro/include/tcmode-default.inc 
b/meta/conf/distro/include/tcmode-default.inc
index 660ca5f72d6..2e403ce9808 100644
--- a/meta/conf/distro/include/tcmode-default.inc
+++ b/meta/conf/distro/include/tcmode-default.inc
@@ -22,7 +22,7 @@ BINUVERSION ?= "2.41%"
 GDBVERSION ?= "13.%"
 GLIBCVERSION ?= "2.38"
 LINUXLIBCVERSION ?= "6.4%"
-QEMUVERSION ?= "8.0%"
+QEMUVERSION ?= "8.1%"
 GOVERSION ?= "1.20%"
 LLVMVERSION ?= "16.%"
 RUSTVERSION ?= "1.70%"
diff --git a/meta/recipes-devtools/qemu/qemu-native_8.0.4.bb 
b/meta/recipes-devtools/qemu/qemu-native_8.1.0.bb
similarity index 100%
rename from meta/recipes-devtools/qemu/qemu-native_8.0.4.bb
rename to meta/recipes-devtools/qemu/qemu-native_8.1.0.bb
diff --git a/meta/recipes-devtools/qemu/qemu-system-native_8.0.4.bb 
b/meta/recipes-devtools/qemu/qemu-system-native_8.1.0.bb
similarity index 100%
rename from meta/recipes-devtools/qemu/qemu-system-native_8.0.4.bb
rename to meta/recipes-devtools/qemu/qemu-system-native_8.1.0.bb
diff --git a/meta/recipes-devtools/qemu/qemu.inc 
b/meta/recipes-devtools/qemu/qemu.inc
index 82a7b361b13..131162dd62f 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -9,7 +9,9 @@ LICENSE = "GPL-2.0-only & LGPL-2.1-only"
 RDEPENDS:${PN}-ptest = "bash"
 
 require qemu-targets.inc
-inherit pkgconfig ptest update-rc.d systemd
+# 
https://gitlab.com/qemu-project/qemu/-/commit/81e2b198a8cb4ee5fdf108bd438f44b193ee3a36
 means
+# we need a full python3-native setup
+inherit pkgconfig ptest update-rc.d systemd python3native
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=441c28d2cf86e15a37fa47e15a72fbac \
 
file://COPYING.LIB;endline=24;md5=8c5efda6cf1e1b03dcfd0e6c0d271c7f"
@@ -27,13 +29,13 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \

file://0009-Define-MAP_SYNC-and-MAP_SHARED_VALIDATE-on-needed-li.patch \

file://0010-hw-pvrdma-Protect-against-buggy-or-malicious-guest-d.patch \

file://0002-linux-user-Replace-use-of-lfs64-related-functions-an.patch \
-   
file://0001-tracetool-use-relative-paths-for-line-preprocessor-d.patch \
+   file://fixedmeson.patch \
file://qemu-guest-agent.init \
file://qemu-guest-agent.udev \
"
 UPSTREAM_CHECK_REGEX = "qemu-(?P\d+(\.\d+)+)\.tar"
 
-SRC_URI[sha256sum] = 
"81c817dda38af958be5bef1a6cf55b658bb2d3fb87c1e6a571de6b7b2c44516c"
+SRC_URI[sha256sum] = 
"710c101198e334d4762eef65f649bc43fa8a5dd75303554b8acfec3eb25f0e55"
 
 SRC_URI:append:class-target = " file://cross.patch"
 SRC_URI:append:class-nativesdk = " file://cross.patch"
@@ -104,9 +106,8 @@ EXTRA_OECONF = " \
 --disable-werror \
 --extra-cflags='${CFLAGS}' \
 --extra-ldflags='${LDFLAGS}' \
---with-git=/bin/false \
---with-git-submodules=ignore \
---meson=meson \
+--disable-download \
+--disable-docs \
 ${PACKAGECONFIG_CONFARGS} \
 "
 
@@ -144,6 +145,10 @@ do_install () {
install -m 0644 ${S}/contrib/systemd/qemu-guest-agent.service 
${D}${systemd_unitdir}/system
sed -i -e 's,-/usr/bin/,-${bindir}/,g' 
${D}${systemd_unitdir}/system/qemu-guest-agent.service
fi
+  

[OE-core] [kirkstone][PATCH v2] json-c: fix CVE-2021-32292

[Adrian Freihofer]

This is a read past end of buffer issue in the json_parse test app,
which can happened with malformed json data. It's not an issue with the
library itself. For what ever reason this CVE has a base score of 9.8.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2021-32292

Upstream issue:
https://github.com/json-c/json-c/issues/654

The CVE is fixed with version 0.16 (which is already in all active
branches of poky).

Signed-off-by: Adrian Freihofer 
---
 .../json-c/json-c/CVE-2021-32292.patch| 30 +++
 meta/recipes-devtools/json-c/json-c_0.15.bb   |  1 +
 2 files changed, 31 insertions(+)
 create mode 100644 meta/recipes-devtools/json-c/json-c/CVE-2021-32292.patch

diff --git a/meta/recipes-devtools/json-c/json-c/CVE-2021-32292.patch 
b/meta/recipes-devtools/json-c/json-c/CVE-2021-32292.patch
new file mode 100644
index 00..7ac08c4cb0
--- /dev/null
+++ b/meta/recipes-devtools/json-c/json-c/CVE-2021-32292.patch
@@ -0,0 +1,30 @@
+From da22ae6541584068f8169315274016920da11d8b Mon Sep 17 00:00:00 2001
+From: Marc <34656315+marct...@users.noreply.github.com>
+Date: Fri, 7 Aug 2020 10:49:45 +0100
+Subject: [PATCH] Fix read past end of buffer
+
+Fixes: CVE-2021-32292
+Issue: https://github.com/json-c/json-c/issues/654
+
+Upstream Status: Backport [4e9e44e5258dee7654f74948b0dd5da39c28beec]
+CVE: CVE-2021-32292
+
+Signed-off-by: Adrian Freihofer 
+---
+ apps/json_parse.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/apps/json_parse.c b/apps/json_parse.c
+index bba4622..72b31a8 100644
+--- a/apps/json_parse.c
 b/apps/json_parse.c
+@@ -82,7 +82,8 @@ static int parseit(int fd, int (*callback)(struct 
json_object *))
+   int parse_end = json_tokener_get_parse_end(tok);
+   if (obj == NULL && jerr != json_tokener_continue)
+   {
+-  char *aterr = [start_pos + parse_end];
++  char *aterr = (start_pos + parse_end < 
sizeof(buf)) ?
++  [start_pos + parse_end] : "";
+   fflush(stdout);
+   int fail_offset = total_read - ret + start_pos 
+ parse_end;
+   fprintf(stderr, "Failed at offset %d: %s %c\n", 
fail_offset,
diff --git a/meta/recipes-devtools/json-c/json-c_0.15.bb 
b/meta/recipes-devtools/json-c/json-c_0.15.bb
index 7cbed55b3b..4da30bc50c 100644
--- a/meta/recipes-devtools/json-c/json-c_0.15.bb
+++ b/meta/recipes-devtools/json-c/json-c_0.15.bb
@@ -7,6 +7,7 @@ LIC_FILES_CHKSUM = 
"file://COPYING;md5=de54b60fbbc35123ba193fea8ee216f2"
 SRC_URI = " \
 https://s3.amazonaws.com/json-c_releases/releases/${BP}.tar.gz \
 file://run-ptest \
+file://CVE-2021-32292.patch \
 "
 
 SRC_URI[sha256sum] = 
"b8d80a1ddb718b3ba7492916237bbf86609e9709fb007e7f7d4322f02341a4c6"
-- 
2.41.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#186865): 
https://lists.openembedded.org/g/openembedded-core/message/186865
Mute This Topic: https://lists.openembedded.org/mt/101035436/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][mickledore][PATCH 1/1] python3-pygments: fix for CVE-2022-40896

[Narpat Mali via lists.openembedded.org]

From: Narpat Mali 

A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments
through 2.15.0 via SmithyLexer.

The CVE issue is fixed by these 3 different commits in different version:
1. Improve the Smithy metadata matcher (These changes are already available as 
part
   of current python3-pygments_2.14.0 version):
https://github.com/pygments/pygments/commit/dd52102c38ebe78cd57748e09f38929fd283ad04
 (2.14.0)
2. SQL+Jinja: use a simpler regex in analyse_text:
https://github.com/pygments/pygments/commit/97eb3d5ec7c1b3ea4fcf9dee30a2309cf92bd194
 (2.15.0)
3. Improve Java properties lexer (#2404):
https://github.com/pygments/pygments/commit/fdf182a7af85b1deeeb637ca970d31935e7c9d52
 (2.15.1)

References:
https://nvd.nist.gov/vuln/detail/CVE-2022-40896
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages-part-2/

Signed-off-by: Narpat Mali 
---
 .../CVE-2022-40896-0001.patch |  49 +++
 .../CVE-2022-40896-0002.patch | 301 ++
 .../python/python3-pygments_2.14.0.bb |   4 +
 3 files changed, 354 insertions(+)
 create mode 100644 
meta/recipes-devtools/python/python3-pygments/CVE-2022-40896-0001.patch
 create mode 100644 
meta/recipes-devtools/python/python3-pygments/CVE-2022-40896-0002.patch

diff --git 
a/meta/recipes-devtools/python/python3-pygments/CVE-2022-40896-0001.patch 
b/meta/recipes-devtools/python/python3-pygments/CVE-2022-40896-0001.patch
new file mode 100644
index 00..d7fc87fec8
--- /dev/null
+++ b/meta/recipes-devtools/python/python3-pygments/CVE-2022-40896-0001.patch
@@ -0,0 +1,49 @@
+From 9a73f2a80e5cf869d473ddcbfceaab229fb99b5e Mon Sep 17 00:00:00 2001
+From: Narpat Mali 
+Date: Mon, 28 Aug 2023 15:04:14 +
+Subject: [PATCH] SQL+Jinja: use a simpler regex in analyse_text
+
+Fixes catastrophic backtracking
+
+Fixes #2355
+
+CVE: CVE-2022-40896
+
+Upstream-Status: Backport 
[https://github.com/pygments/pygments/commit/97eb3d5ec7c1b3ea4fcf9dee30a2309cf92bd194]
+
+Signed-off-by: Narpat Mali 
+---
+ CHANGES  | 1 +
+ pygments/lexers/templates.py | 6 +-
+ 2 files changed, 2 insertions(+), 5 deletions(-)
+
+diff --git a/CHANGES b/CHANGES
+index 2aa54fa..4c84fa6 100644
+--- a/CHANGES
 b/CHANGES
+@@ -61,6 +61,7 @@ Version 2.14.0
+   * Spice: Add ``enum`` keyword and fix a bug regarding binary,
+ hexadecimal and octal number tokens (#2227)
+   * YAML: Accept colons in key names (#2277)
++  * SQL+Jinja (``analyse_text`` method): fix catastrophic backtracking 
[Backported]
+
+ - Fix `make mapfiles` when Pygments is not installed in editable mode
+   (#2223)
+diff --git a/pygments/lexers/templates.py b/pygments/lexers/templates.py
+index 1fcf708..1066294 100644
+--- a/pygments/lexers/templates.py
 b/pygments/lexers/templates.py
+@@ -2291,10 +2291,6 @@ class SqlJinjaLexer(DelegatingLexer):
+ if re.search(r'\{\{\s*source\(.*\)\s*\}\}', text):
+ rv += 0.25
+ # Jinja macro
+-if re.search(
+-r'\{%-?\s*macro 
\w+\(.*\)\s*-?%\}\s+.*\s+\{%-?\s*endmacro\s*-?%\}',
+-text,
+-re.S,
+-):
++if re.search(r'\{%-?\s*macro \w+\(.*\)\s*-?%\}', text):
+ rv += 0.15
+ return rv
+--
+2.40.0
diff --git 
a/meta/recipes-devtools/python/python3-pygments/CVE-2022-40896-0002.patch 
b/meta/recipes-devtools/python/python3-pygments/CVE-2022-40896-0002.patch
new file mode 100644
index 00..61ebe5dad5
--- /dev/null
+++ b/meta/recipes-devtools/python/python3-pygments/CVE-2022-40896-0002.patch
@@ -0,0 +1,301 @@
+From 45ff8eabe0363f829c397372aefc3b23aeb135b3 Mon Sep 17 00:00:00 2001
+From: Narpat Mali 
+Date: Tue, 29 Aug 2023 10:45:34 +
+Subject: [PATCH] Improve Java properties lexer (#2404)
+
+Use special lexer rules for escapes; fixes catastrophic backtracking,
+and highlights them too.
+
+Fixes #2356
+
+CVE: CVE-2022-40896
+
+Upstream-Status: Backport 
[https://github.com/pygments/pygments/commit/fdf182a7af85b1deeeb637ca970d31935e7c9d52]
+
+Signed-off-by: Narpat Mali 
+---
+ pygments/lexers/configs.py|  50 +---
+ tests/examplefiles/properties/java.properties |  11 ++
+ .../properties/java.properties.output | 110 +++---
+ .../test_escaped_space_in_value.txt   |   4 +-
+ .../properties/test_just_key_with_space.txt   |   4 +-
+ 5 files changed, 143 insertions(+), 36 deletions(-)
+
+diff --git a/pygments/lexers/configs.py b/pygments/lexers/configs.py
+index e04c722..b28b56a 100644
+--- a/pygments/lexers/configs.py
 b/pygments/lexers/configs.py
+@@ -129,26 +129,42 @@ class PropertiesLexer(RegexLexer):
+
+ tokens = {
+ 'root': [
+-(r'\s+', Whitespace),
++# comments
+ (r'[!#].*|/{2}.*', Comment.Single),
+-# search for first separator
+-(r'([^\\\n]|\\.)*?(?=[ \f\t=:])', Name.Attribute, "separator"),
+-# empty key
+-(r'.+?$', Name.Attribute),
++   

[OE-core] Yocto Project Status 29 August 2023 (WW35)

[Stephen Jolley]

Current Dev Position: YP 4.3 Feature Freeze

Next Deadline: 28th August 2023 YP 4.3 M3 build date

Next Team Meetings:

   -

   Bug Triage meeting Thursday August 31th 7:30 am PDT (
   https://zoom.us/j/454367603?pwd=ZGxoa2ZXL3FkM3Y0bFd5aVpHVVZ6dz09)
   -

   Weekly Project Engineering Sync Tuesday August 29th at 8 am PDT (
   https://zoom.us/j/990892712?pwd=cHU1MjhoM2x6ck81bkcrYjRrcmJsUT09)
   
   -

   Twitch -  See https://www.twitch.tv/theyoctojester


Key Status/Updates:

   -

   We are now at feature freeze for 4.3.
   -

   YP 4.0.12 was released
   -

   YP 4.2.3 is due to be released
   -

   The qemuppc ssh command hangs continues to be a mystery. It seems to be
   something in recent master that regressed it but it isn’t the kernel, the
   binutils upgrade, systemd or glibc or qemu. We’ve not seen any other hangs
   so the x86 issues may have been something else.
   -

   The acl/xattr changes are blocked on a hard requirement on tar 1.35, it
   is unclear how we’d achieve that in all cases.
   -

   Patches have been resubmitted to radically alter the do_unpack process
   for license compliance reasons. The code is complex and hard to understand
   and will have a performance impact on builds as well as making things hard
   to debug. The risk of not taking the changes is that for some legal
   departments, the SPDX data isn’t detailed enough. The compromise between
   performance and ease of use vs. legal requirements is a tough one. We don’t
   really want to have two codepaths either. Feedback/review on the series
   welcome.
   -

   We continue to see intermittent ptest failures for glib-networking and
   openssh, help would be much appreciated.
   -

   The M3 build will depend upon reaching conclusions in several of these
   areas
   -

   We’re happy to be able to announce that some of the work in the RFQ will
   now be progressing, specifically that:
   -

  Marta Rybczynska will be working on the security topic
  -

  Alexander Kanvin will be working on the core workflow topic
  -

  Savoir-faire Linux will be working on the toaster and VSCode topics
  -

  BayLibre will be working on the patchtest and project tooling topics

The other remaining topic areas should be announced soon.

We’d also note that Tim Orling (Konsulko) will be working on the layer
index.

Ways to contribute:

   -

   As people are likely aware, the project has a number of components which
   are either unmaintained, or have people with little to no time trying to
   keep them alive. These components include: patchtest, layerindex, devtool,
   toaster, wic, oeqa, autobuilder, CROPs containers, pseudo and more. Many
   have open bugs. Help is welcome in trying to better look after these
   components!
   -

   There are bugs identified as possible for newcomers to the project:
   https://wiki.yoctoproject.org/wiki/Newcomers
   -

   There are bugs that are currently unassigned for YP 4.3. See:
   
https://wiki.yoctoproject.org/wiki/Bug_Triage#Medium.2B_4.3_Unassigned_Enhancements.2FBugs
   -

   We’d welcome new maintainers for recipes in OE-Core. Please see the list
   at:
   
http://git.yoctoproject.org/cgit.cgi/poky/tree/meta/conf/distro/include/maintainers.inc
   and discuss with the existing maintainer, or ask on the OE-Core mailing
   list. We will likely move a chunk of these to “Unassigned” soon to help
   facilitate this.
   -

   Help is very much welcome in trying to resolve our autobuilder
   intermittent issues. You can see the list of failures we’re continuing to
   see by searching for the “AB-INT” tag in bugzilla:
   https://bugzilla.yoctoproject.org/buglist.cgi?quicksearch=AB-INT.
   -

   Help us resolve CVE issues: CVE metrics
   
   -

   We have a growing number of bugs in bugzilla, any help with them is
   appreciated.


YP 4.3 Milestone Dates:

   -

   YP 4.3 M3 build date  2023/08/28
   -

   YP 4.3 M3 Release date 2023/09/08
   -

   YP 4.3 M4 build date  2023/10/02
   -

   YP 4.3 M4 Release date 2023/10/27


Upcoming dot releases:

   -

   YP 4.0.12 is released
   -

   YP 4.2.3 is ready for release
   -

   YP 3.1.28 build date 2023/09/18
   -

   YP 3.1.28 Release date 2023/09/29
   -

   YP 4.0.13 build date 2023/09/25
   -

   YP 4.0.13 Release date 2023/10/06
   -

   YP 3.1.29 build date 2023/10/30
   -

   YP 3.1.29 Release date 2023/11/10
   -

   YP 4.0.14 build date 2023/11/06
   -

   YP 4.0.14 Release date 2023/11/17
   -

   YP 4.2.4 build date 2023/11/13
   -

   YP 4.2.4 Release date 2023/11/24
   -

   YP 3.1.30 build date 2023/12/11
   -

   YP 3.1.30 Release date 2023/12/22
   -

   YP 4.0.15 build date 2023/12/18
   -

   YP 4.0.15 Release date 2023/12/29


Tracking Metrics:

   -

   WDD 2500 (last week 2488) (
   https://wiki.yoctoproject.org/charts/combo.html)
   -

   OE-Core/Poky Patch Metrics
   -

  Total patches found: 1188 (last week 

[OE-core][PATCH] pybootchartgui: also match subtasks of the main ones

[Jose Quaresma]

This will match other deviation subtask of the same main task,
a couple of them can be found on oe-core layer:
 do_compile_kernelmodules
 do_compile_ptest
 native_add_do_populate_sysroot_deps
 do_package_qa
 cmake_do_configure
 setuptools3_do_configure
 cargo_common_do_configure
 python_pyo3_do_configure
 python_setuptools3_rust_do_configure

Signed-off-by: Jose Quaresma 
---
 scripts/pybootchartgui/pybootchartgui/draw.py | 18 +-
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/scripts/pybootchartgui/pybootchartgui/draw.py 
b/scripts/pybootchartgui/pybootchartgui/draw.py
index 3d1ff695c1..2beb3c7c67 100644
--- a/scripts/pybootchartgui/pybootchartgui/draw.py
+++ b/scripts/pybootchartgui/pybootchartgui/draw.py
@@ -661,20 +661,20 @@ def render_processes_chart(ctx, options, trace, curr_y, 
width, h, sec_w):
 
 #print("proc at %s %s %s %s" % (x, y, w, proc_h))
 col = None
-if task == "do_compile":
+if "_setscene" in task:
+col = WHITE
+elif "do_compile" in task:
 col = TASK_COLOR_COMPILE
-elif task == "do_configure":
+elif "do_configure" in task:
 col = TASK_COLOR_CONFIGURE
-elif task == "do_install":
+elif "do_install" in task:
 col = TASK_COLOR_INSTALL
-elif task == "do_populate_sysroot":
+elif "do_populate_sysroot" in task:
 col = TASK_COLOR_SYSROOT
-elif task == "do_package":
-col = TASK_COLOR_PACKAGE
-elif task == "do_package_write_rpm" or \
- task == "do_package_write_deb" or \
- task == "do_package_write_ipk":
+elif "do_package_write" in task:
 col = TASK_COLOR_PACKAGE_WRITE
+elif "do_package" in task:
+col = TASK_COLOR_PACKAGE
 else:
 col = WHITE
 
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#186862): 
https://lists.openembedded.org/g/openembedded-core/message/186862
Mute This Topic: https://lists.openembedded.org/mt/101032261/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][PATCH] systemd-boot: remove old gummiboot TUNE_CCARGS

[Jose Quaresma]

Looks like this only is required when build with clang toolchain
and the fix is alredy merged [1] on meta-clang.

[1] 
https://github.com/kraj/meta-clang/commit/83c94b8690f0a2922d28d0db9907c722382263c2

Signed-off-by: Jose Quaresma 
---
 meta/recipes-core/systemd/systemd-boot_254.bb | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/meta/recipes-core/systemd/systemd-boot_254.bb 
b/meta/recipes-core/systemd/systemd-boot_254.bb
index 642a5fafe7..4ee25ee72f 100644
--- a/meta/recipes-core/systemd/systemd-boot_254.bb
+++ b/meta/recipes-core/systemd/systemd-boot_254.bb
@@ -47,9 +47,6 @@ FILES:${PN} = "${EFI_FILES_PATH}/${SYSTEMD_BOOT_IMAGE}"
 
 RDEPENDS:${PN} += "virtual-systemd-bootconf"
 
-# Imported from the old gummiboot recipe
-TUNE_CCARGS:remove = "-mfpmath=sse"
-
 CFLAGS:append:libc-musl = " -D__DEFINED_wchar_t"
 
 COMPATIBLE_HOST = "(aarch64.*|arm.*|x86_64.*|i.86.*)-linux"
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#186861): 
https://lists.openembedded.org/g/openembedded-core/message/186861
Mute This Topic: https://lists.openembedded.org/mt/101032241/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][mickledore][PATCH 1/1] inetutils: fix CVE-2023-40303

[Urade, Yogita via lists.openembedded.org]

From: Yogita Urade 

GNU inetutils through 2.4 may allow privilege escalation because
of unchecked return values of set*id() family functions in ftpd,
rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant
if the setuid system call fails when a process is trying to drop
privileges before letting an ordinary user control the activities
of the process.

Refernces:
https://nvd.nist.gov/vuln/detail/CVE-2023-40303

Signed-off-by: Yogita Urade 
---
 ...tpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch | 284 ++
 ...03-Indent-changes-in-previous-commit.patch | 258 
 .../inetutils/inetutils_2.4.bb|   2 +
 3 files changed, 544 insertions(+)
 create mode 100644 
meta/recipes-connectivity/inetutils/inetutils/0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch
 create mode 100644 
meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch

diff --git 
a/meta/recipes-connectivity/inetutils/inetutils/0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch
 
b/meta/recipes-connectivity/inetutils/inetutils/0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch
new file mode 100644
index 00..04fd9b1f85
--- /dev/null
+++ 
b/meta/recipes-connectivity/inetutils/inetutils/0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch
@@ -0,0 +1,284 @@
+From e4e65c03f4c11292a3e40ef72ca3f194c8bffdd6 Mon Sep 17 00:00:00 2001
+From: Jeffrey Bencteux 
+Date: Mon, 28 Aug 2023 15:35:19 +
+Subject: [PATCH] CVE-2023-40303: ftpd,rcp,rlogin,rsh,rshd,uucpd: fix: check
+set*id() return values
+
+Several setuid(), setgid(), seteuid() and setguid() return values
+were not checked in ftpd/rcp/rlogin/rsh/rshd/uucpd code potentially
+leading to potential security issues.
+
+Signed-off-by: Jeffrey Bencteux 
+Signed-off-by: Simon Josefsson 
+
+CVE: CVE-2023-40303
+
+Upstream-Status: Backport 
[https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=e4e65c03f4c11292a3e40ef72ca3f194c8bffdd6]
+
+Signed-off-by: Yogita Urade 
+---
+ ftpd/ftpd.c  | 10 +++---
+ src/rcp.c| 39 +--
+ src/rlogin.c | 11 +--
+ src/rsh.c| 25 +
+ src/rshd.c   | 20 +---
+ src/uucpd.c  | 15 +--
+ 6 files changed, 100 insertions(+), 20 deletions(-)
+
+diff --git a/ftpd/ftpd.c b/ftpd/ftpd.c
+index 92b2cca..009f3f1 100644
+--- a/ftpd/ftpd.c
 b/ftpd/ftpd.c
+@@ -862,7 +862,9 @@ end_login (struct credentials *pcred)
+   char *remotehost = pcred->remotehost;
+   int atype = pcred->auth_type;
+
+-  seteuid ((uid_t) 0);
++  if (seteuid ((uid_t) 0) == -1)
++_exit (EXIT_FAILURE);
++
+   if (pcred->logged_in)
+ {
+   logwtmp_keep_open (ttyline, "", "");
+@@ -1151,7 +1153,8 @@ getdatasock (const char *mode)
+
+   if (data >= 0)
+ return fdopen (data, mode);
+-  seteuid ((uid_t) 0);
++  if (seteuid ((uid_t) 0) == -1)
++_exit (EXIT_FAILURE);
+   s = socket (ctrl_addr.ss_family, SOCK_STREAM, 0);
+   if (s < 0)
+ goto bad;
+@@ -1978,7 +1981,8 @@ passive (int epsv, int af)
+   else/* !AF_INET6 */
+ ((struct sockaddr_in *) _addr)->sin_port = 0;
+
+-  seteuid ((uid_t) 0);
++  if (seteuid ((uid_t) 0) == -1)
++_exit (EXIT_FAILURE);
+   if (bind (pdata, (struct sockaddr *) _addr, pasv_addrlen) < 0)
+ {
+   if (seteuid ((uid_t) cred.uid))
+diff --git a/src/rcp.c b/src/rcp.c
+index 75adb25..f913256 100644
+--- a/src/rcp.c
 b/src/rcp.c
+@@ -345,14 +345,23 @@ main (int argc, char *argv[])
+   if (from_option)
+ { /* Follow "protocol", send data. */
+   response ();
+-  setuid (userid);
++
++  if (setuid (userid) == -1)
++  {
++  error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
++  }
++
+   source (argc, argv);
+   exit (errs);
+ }
+
+   if (to_option)
+ { /* Receive data. */
+-  setuid (userid);
++  if (setuid (userid) == -1)
++  {
++  error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
++  }
++
+   sink (argc, argv);
+   exit (errs);
+ }
+@@ -537,7 +546,11 @@ toremote (char *targ, int argc, char *argv[])
+ if (response () < 0)
+   exit (EXIT_FAILURE);
+ free (bp);
+-setuid (userid);
++
++if (setuid (userid) == -1)
++{
++  error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() 
failed)");
++}
+   }
+ source (1, argv + i);
+ close (rem);
+@@ -630,7 +643,12 @@ tolocal (int argc, char *argv[])
+ ++errs;
+ continue;
+   }
+-  seteuid (userid);
++
++  if (seteuid (userid) == -1)
++  {
++  error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
++  }
++
+ #if defined IP_TOS && defined IPPROTO_IP && defined IPTOS_THROUGHPUT
+   sslen = sizeof (ss);
+   (void) 

[OE-core] [PATCH 1/3] inetutils: fix CVE-2023-40303

[Ross Burton]

From: Ross Burton 

Backport the patch from upstream.

Signed-off-by: Ross Burton 
---
 ...rsh-rshd-uucpd-fix-check-set-id-retu.patch | 283 ++
 .../inetutils/inetutils_2.4.bb|   1 +
 2 files changed, 284 insertions(+)
 create mode 100644 
meta/recipes-connectivity/inetutils/inetutils/0001-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-check-set-id-retu.patch

diff --git 
a/meta/recipes-connectivity/inetutils/inetutils/0001-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-check-set-id-retu.patch
 
b/meta/recipes-connectivity/inetutils/inetutils/0001-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-check-set-id-retu.patch
new file mode 100644
index 000..42353d147c6
--- /dev/null
+++ 
b/meta/recipes-connectivity/inetutils/inetutils/0001-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-check-set-id-retu.patch
@@ -0,0 +1,283 @@
+From 21a6e7be1935c966d7247bdeb7e2a2cec4b63ba9 Mon Sep 17 00:00:00 2001
+From: Jeffrey Bencteux 
+Date: Fri, 30 Jun 2023 19:02:45 +0200
+Subject: [PATCH] ftpd,rcp,rlogin,rsh,rshd,uucpd: fix: check set*id() return
+ values
+
+Several setuid(), setgid(), seteuid() and setguid() return values
+were not checked in ftpd/rcp/rlogin/rsh/rshd/uucpd code potentially
+leading to potential security issues.
+
+Signed-off-by: Jeffrey Bencteux 
+Signed-off-by: Simon Josefsson 
+
+CVE: CVE-2023-40303
+Upstream-Status: Backport
+Signed-off-by: Ross Burton 
+---
+ ftpd/ftpd.c  | 10 +++---
+ src/rcp.c| 39 +--
+ src/rlogin.c | 11 +--
+ src/rsh.c| 25 +
+ src/rshd.c   | 20 +---
+ src/uucpd.c  | 15 +--
+ 6 files changed, 100 insertions(+), 20 deletions(-)
+
+diff --git a/ftpd/ftpd.c b/ftpd/ftpd.c
+index 92b2cca5..28dd523f 100644
+--- a/ftpd/ftpd.c
 b/ftpd/ftpd.c
+@@ -862,7 +862,9 @@ end_login (struct credentials *pcred)
+   char *remotehost = pcred->remotehost;
+   int atype = pcred->auth_type;
+ 
+-  seteuid ((uid_t) 0);
++  if (seteuid ((uid_t) 0) == -1)
++_exit (EXIT_FAILURE);
++
+   if (pcred->logged_in)
+ {
+   logwtmp_keep_open (ttyline, "", "");
+@@ -1151,7 +1153,8 @@ getdatasock (const char *mode)
+ 
+   if (data >= 0)
+ return fdopen (data, mode);
+-  seteuid ((uid_t) 0);
++  if (seteuid ((uid_t) 0) == -1)
++_exit (EXIT_FAILURE);
+   s = socket (ctrl_addr.ss_family, SOCK_STREAM, 0);
+   if (s < 0)
+ goto bad;
+@@ -1978,7 +1981,8 @@ passive (int epsv, int af)
+   else/* !AF_INET6 */
+ ((struct sockaddr_in *) _addr)->sin_port = 0;
+ 
+-  seteuid ((uid_t) 0);
++  if (seteuid ((uid_t) 0) == -1)
++_exit (EXIT_FAILURE);
+   if (bind (pdata, (struct sockaddr *) _addr, pasv_addrlen) < 0)
+ {
+   if (seteuid ((uid_t) cred.uid))
+diff --git a/src/rcp.c b/src/rcp.c
+index 75adb253..cdcf8500 100644
+--- a/src/rcp.c
 b/src/rcp.c
+@@ -345,14 +345,23 @@ main (int argc, char *argv[])
+   if (from_option)
+ { /* Follow "protocol", send data. */
+   response ();
+-  setuid (userid);
++
++  if (setuid (userid) == -1)
++  {
++error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() 
failed)");
++  }
++
+   source (argc, argv);
+   exit (errs);
+ }
+ 
+   if (to_option)
+ { /* Receive data. */
+-  setuid (userid);
++  if (setuid (userid) == -1)
++  {
++error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() 
failed)");
++  }
++
+   sink (argc, argv);
+   exit (errs);
+ }
+@@ -537,7 +546,11 @@ toremote (char *targ, int argc, char *argv[])
+ if (response () < 0)
+   exit (EXIT_FAILURE);
+ free (bp);
+-setuid (userid);
++
++if (setuid (userid) == -1)
++  {
++error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() 
failed)");
++  }
+   }
+ source (1, argv + i);
+ close (rem);
+@@ -630,7 +643,12 @@ tolocal (int argc, char *argv[])
+ ++errs;
+ continue;
+   }
+-  seteuid (userid);
++
++  if (seteuid (userid) == -1)
++  {
++error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() 
failed)");
++  }
++
+ #if defined IP_TOS && defined IPPROTO_IP && defined IPTOS_THROUGHPUT
+   sslen = sizeof (ss);
+   (void) getpeername (rem, (struct sockaddr *) , );
+@@ -643,7 +661,12 @@ tolocal (int argc, char *argv[])
+ #endif
+   vect[0] = target;
+   sink (1, vect);
+-  seteuid (effuid);
++
++  if (seteuid (effuid) == -1)
++  {
++error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() 
failed)");
++  }
++
+   close (rem);
+   rem = -1;
+ #ifdef SHISHI
+@@ -1441,7 +1464,11 @@ susystem (char *s, int userid)
+   return (127);
+ 
+ case 0:
+-  setuid (userid);
++  if (setuid (userid) == -1)
++  {
++error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() 
failed)");
++  }
++
+   execl 

[OE-core] [PATCH 3/3] inetutils: remove obsolete patches

[Ross Burton]

From: Ross Burton 

fix-disable-ipv6.patch: we don't support uclibc, and most libcs don't
have optional support for IPv6.

inetutils-1.8-0001-printf-parse-pull-in-features.h-for-__GLIBC__.patch and
inetutils-1.8-0003-wchar.patch: these don't appear to be needed anymore.

inetutils-only-check-pam_appl.h-when-pam-enabled.patch: configure.ac
doesn't fail if PAM is disabled anymore.

Signed-off-by: Ross Burton 
---
 .../inetutils/fix-disable-ipv6.patch  | 85 ---
 ...rse-pull-in-features.h-for-__GLIBC__.patch | 27 --
 .../inetutils/inetutils-1.8-0003-wchar.patch  | 25 --
 ...ly-check-pam_appl.h-when-pam-enabled.patch | 49 ---
 .../inetutils/inetutils_2.4.bb|  7 +-
 5 files changed, 1 insertion(+), 192 deletions(-)
 delete mode 100644 
meta/recipes-connectivity/inetutils/inetutils/fix-disable-ipv6.patch
 delete mode 100644 
meta/recipes-connectivity/inetutils/inetutils/inetutils-1.8-0001-printf-parse-pull-in-features.h-for-__GLIBC__.patch
 delete mode 100644 
meta/recipes-connectivity/inetutils/inetutils/inetutils-1.8-0003-wchar.patch
 delete mode 100644 
meta/recipes-connectivity/inetutils/inetutils/inetutils-only-check-pam_appl.h-when-pam-enabled.patch

diff --git 
a/meta/recipes-connectivity/inetutils/inetutils/fix-disable-ipv6.patch 
b/meta/recipes-connectivity/inetutils/inetutils/fix-disable-ipv6.patch
deleted file mode 100644
index 603d2baf9d2..000
--- a/meta/recipes-connectivity/inetutils/inetutils/fix-disable-ipv6.patch
+++ /dev/null
@@ -1,85 +0,0 @@
-From c7c27ba763c613f83c1561e56448b49315c271c5 Mon Sep 17 00:00:00 2001
-From: Jackie Huang 
-Date: Wed, 6 Mar 2019 09:36:11 -0500
-Subject: [PATCH] Upstream:
- http://www.mail-archive.com/bug-inetutils@gnu.org/msg02103.html
-
-Upstream-Status: Pending
-
-Signed-off-by: Jackie Huang 
-

- ping/ping_common.h | 20 
- 1 file changed, 20 insertions(+)
-
-diff --git a/ping/ping_common.h b/ping/ping_common.h
-index 65e3e60..3e84db0 100644
 a/ping/ping_common.h
-+++ b/ping/ping_common.h
-@@ -18,10 +18,14 @@
-   You should have received a copy of the GNU General Public License
-   along with this program.  If not, see `http://www.gnu.org/licenses/'. */
- 
-+#include 
-+
- #include 
- #include 
- #include 
-+#ifdef HAVE_IPV6
- #include 
-+#endif
- #include 
- #include 
- #include 
-@@ -63,7 +67,12 @@ struct ping_stat
-want to follow the traditional behaviour of ping.  */
- #define DEFAULT_PING_COUNT 0
- 
-+#ifdef HAVE_IPV6
- #define PING_HEADER_LEN (USE_IPV6 ? sizeof (struct icmp6_hdr) : ICMP_MINLEN)
-+#else
-+#define PING_HEADER_LEN (ICMP_MINLEN)
-+#endif
-+
- #define PING_TIMING(s)  ((s) >= sizeof (struct timeval))
- #define PING_DATALEN(64 - PING_HEADER_LEN)  /* default data length */
- 
-@@ -78,13 +87,20 @@ struct ping_stat
- 
- #define PING_MIN_USER_INTERVAL (20/PING_PRECISION)
- 
-+#ifdef HAVE_IPV6
- /* FIXME: Adjust IPv6 case for options and their consumption.  */
- #define _PING_BUFLEN(p, u) ((u)? ((p)->ping_datalen + sizeof (struct 
icmp6_hdr)) : \
-  (MAXIPLEN + (p)->ping_datalen + ICMP_TSLEN))
- 
-+#else
-+#define _PING_BUFLEN(p, u) (MAXIPLEN + (p)->ping_datalen + ICMP_TSLEN)
-+#endif
-+
-+#ifdef HAVE_IPV6
- typedef int (*ping_efp6) (int code, void *closure, struct sockaddr_in6 * dest,
- struct sockaddr_in6 * from, struct icmp6_hdr * icmp,
- int datalen);
-+#endif
- 
- typedef int (*ping_efp) (int code,
-void *closure,
-@@ -93,13 +109,17 @@ typedef int (*ping_efp) (int code,
-struct ip * ip, icmphdr_t * icmp, int datalen);
- 
- union event {
-+#ifdef HAVE_IPV6
-   ping_efp6 handler6;
-+#endif
-   ping_efp handler;
- };
- 
- union ping_address {
-   struct sockaddr_in ping_sockaddr;
-+#ifdef HAVE_IPV6
-   struct sockaddr_in6 ping_sockaddr6;
-+#endif
- };
- 
- typedef struct ping_data PING;
diff --git 
a/meta/recipes-connectivity/inetutils/inetutils/inetutils-1.8-0001-printf-parse-pull-in-features.h-for-__GLIBC__.patch
 
b/meta/recipes-connectivity/inetutils/inetutils/inetutils-1.8-0001-printf-parse-pull-in-features.h-for-__GLIBC__.patch
deleted file mode 100644
index 2974bd4f94d..000
--- 
a/meta/recipes-connectivity/inetutils/inetutils/inetutils-1.8-0001-printf-parse-pull-in-features.h-for-__GLIBC__.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From f7f785c21306010b2367572250b2822df5bc7728 Mon Sep 17 00:00:00 2001
-From: Mike Frysinger 
-Date: Thu, 18 Nov 2010 16:59:14 -0500
-Subject: [PATCH] printf-parse: pull in features.h for __GLIBC__
-
-Upstream-Status: Pending
-
-Signed-off-by: Mike Frysinger 
-

- lib/printf-parse.h | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/lib/printf-parse.h b/lib/printf-parse.h
-index e7d0f82..d7b4534 100644
 a/lib/printf-parse.h
-+++ b/lib/printf-parse.h
-@@ -28,6 +28,9 @@
- 
- #include "printf-args.h"
- 
-+#ifdef HAVE_FEATURES_H
-+# include /* for __GLIBC__ */
-+#endif

[OE-core] [PATCH 2/3] inetutils: don't guess target paths

[Ross Burton]

From: Ross Burton 

inetutils guesses a lot of target paths in cross builds, and warns that
some of them are known to be wrong (for example, whether /proc/net/dev
exists is guessed as 'no').

Add a post-configure function to check for these warnings, and pass
--with-path-* as appropriate to set the paths explicitly.

This means we can remove the patch which was setting PATH_PROCNET_DEV,
and the autoconf cache value inetutils_cv_path_login.

The downside is that these --with-path-* options are not real autoconf
options, so the "unknown options" warning is emitted.  Losing those is
an acceptable compromise, so disable it.

Signed-off-by: Ross Burton 
---
 .../inetutils-1.9-PATH_PROCNET_DEV.patch  | 37 ---
 .../inetutils/inetutils_2.4.bb| 18 -
 2 files changed, 16 insertions(+), 39 deletions(-)
 delete mode 100644 
meta/recipes-connectivity/inetutils/inetutils/inetutils-1.9-PATH_PROCNET_DEV.patch

diff --git 
a/meta/recipes-connectivity/inetutils/inetutils/inetutils-1.9-PATH_PROCNET_DEV.patch
 
b/meta/recipes-connectivity/inetutils/inetutils/inetutils-1.9-PATH_PROCNET_DEV.patch
deleted file mode 100644
index 460ddf98300..000
--- 
a/meta/recipes-connectivity/inetutils/inetutils/inetutils-1.9-PATH_PROCNET_DEV.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-From 101130f422dd5c01a1459645d7b2a5b8d19720ab Mon Sep 17 00:00:00 2001
-From: Martin Jansa 
-Date: Wed, 6 Mar 2019 09:36:11 -0500
-Subject: [PATCH] inetutils: define PATH_PROCNET_DEV if not already defined
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-this prevents the following compilation error :
-system/linux.c:401:15: error: 'PATH_PROCNET_DEV' undeclared (first use in this 
function)
-
-this patch comes from :
- http://repository.timesys.com/buildsources/i/inetutils/inetutils-1.9/
-
-Upstream-Status: Inappropriate [not author]
-
-Signed-of-by: Eric Bénard 
-

- ifconfig/system/linux.c | 4 
- 1 file changed, 4 insertions(+)
-
-diff --git a/ifconfig/system/linux.c b/ifconfig/system/linux.c
-index e453b46..4268ca9 100644
 a/ifconfig/system/linux.c
-+++ b/ifconfig/system/linux.c
-@@ -53,6 +53,10 @@
- #include "../ifconfig.h"
- 
- 
-+#ifndef PATH_PROCNET_DEV
-+  #define PATH_PROCNET_DEV "/proc/net/dev"
-+#endif
-+
- /* ARPHRD stuff.  */
- 
- static void
diff --git a/meta/recipes-connectivity/inetutils/inetutils_2.4.bb 
b/meta/recipes-connectivity/inetutils/inetutils_2.4.bb
index 9b4c98d63cc..16e40cc20f8 100644
--- a/meta/recipes-connectivity/inetutils/inetutils_2.4.bb
+++ b/meta/recipes-connectivity/inetutils/inetutils_2.4.bb
@@ -20,7 +20,6 @@ SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.xz \
file://rsh.xinetd.inetutils \
file://telnet.xinetd.inetutils \
file://tftpd.xinetd.inetutils \
-   file://inetutils-1.9-PATH_PROCNET_DEV.patch \
file://inetutils-only-check-pam_appl.h-when-pam-enabled.patch \

file://0001-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-check-set-id-retu.patch \
 "
@@ -42,15 +41,30 @@ PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6 
gl_cv_socket_ipv6=no,"
 PACKAGECONFIG[ping6] = "--enable-ping6,--disable-ping6,"
 
 EXTRA_OECONF = "--with-ncurses-include-dir=${STAGING_INCDIR} \
-inetutils_cv_path_login=${base_bindir}/login \
 --with-libreadline-prefix=${STAGING_LIBDIR} \
 --enable-rpath=no \
 "
 
+EXTRA_OECONF += "--with-path-login=${base_bindir}/login \
+ --with-path-cp=${base_bindir}/cp \
+ --with-path-uucico=${libexecdir}/uuico \
+ --with-path-procnet-dev=/proc/net/dev"
+
 # These are horrible for security, disable them
 EXTRA_OECONF:append = " --disable-rsh --disable-rshd --disable-rcp \
 --disable-rlogin --disable-rlogind --disable-rexec --disable-rexecd"
 
+# The configure script guesses many paths in cross builds, check for this 
happening
+do_configure_cross_check() {
+if grep "may be incorrect because of cross-compilation" ${B}/config.log; 
then
+bberror Default path values used, these must be set explicitly
+fi
+}
+do_configure[postfuncs] += "do_configure_cross_check"
+
+# The --with-path options are not actually options, so this check needs to be 
silenced
+ERROR_QA:remove = "unknown-configure-option"
+
 do_configure:prepend () {
 export HELP2MAN='true'
 cp ${STAGING_DATADIR_NATIVE}/gettext/config.rpath 
${S}/build-aux/config.rpath
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#186858): 
https://lists.openembedded.org/g/openembedded-core/message/186858
Mute This Topic: https://lists.openembedded.org/mt/101029639/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] linux-firmware: add firmware files for NXP BT chipsets

[Tom Hochstein]

On Fri, Aug 25, 2023 at 07:37 AM, Tom Hochstein wrote:

> 
> Please hold off on this. The -common design is not working correctly and
> is causing those firmware packages to be registered as a runtime
> dependency of the main package.

Actually, the -common design is working fine, there was just a misunderstanding.

Please do consider this patch as-is.

Tom

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#186856): 
https://lists.openembedded.org/g/openembedded-core/message/186856
Mute This Topic: https://lists.openembedded.org/mt/100943055/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [kirkstone][PATCH] json-c: fix CVE-2021-32292

[Adrian Freihofer]

This is a read past end of buffer issue in the json_parse test app,
which can happened with malformed json data. It's not an issue with the
library itself. For what ever reason this CVE has a base score of 9.8.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2021-32292

Upstream issue:
https://github.com/json-c/json-c/issues/654

The CVE is fixed with version 0.16 (which is already in all active
branches of poky).

Signed-off-by: Adrian Freihofer 
---
 .../json-c/json-c/CVE-2021-32292.patch| 24 +++
 meta/recipes-devtools/json-c/json-c_0.15.bb   |  1 +
 2 files changed, 25 insertions(+)
 create mode 100644 meta/recipes-devtools/json-c/json-c/CVE-2021-32292.patch

diff --git a/meta/recipes-devtools/json-c/json-c/CVE-2021-32292.patch 
b/meta/recipes-devtools/json-c/json-c/CVE-2021-32292.patch
new file mode 100644
index 00..f3af0a52c9
--- /dev/null
+++ b/meta/recipes-devtools/json-c/json-c/CVE-2021-32292.patch
@@ -0,0 +1,24 @@
+From da22ae6541584068f8169315274016920da11d8b Mon Sep 17 00:00:00 2001
+From: Marc <34656315+marct...@users.noreply.github.com>
+Date: Fri, 7 Aug 2020 10:49:45 +0100
+Subject: [PATCH] Fix read past end of buffer
+
+Resolves https://github.com/json-c/json-c/issues/654
+---
+ apps/json_parse.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/apps/json_parse.c b/apps/json_parse.c
+index bba4622..72b31a8 100644
+--- a/apps/json_parse.c
 b/apps/json_parse.c
+@@ -82,7 +82,8 @@ static int parseit(int fd, int (*callback)(struct 
json_object *))
+   int parse_end = json_tokener_get_parse_end(tok);
+   if (obj == NULL && jerr != json_tokener_continue)
+   {
+-  char *aterr = [start_pos + parse_end];
++  char *aterr = (start_pos + parse_end < 
sizeof(buf)) ?
++  [start_pos + parse_end] : "";
+   fflush(stdout);
+   int fail_offset = total_read - ret + start_pos 
+ parse_end;
+   fprintf(stderr, "Failed at offset %d: %s %c\n", 
fail_offset,
diff --git a/meta/recipes-devtools/json-c/json-c_0.15.bb 
b/meta/recipes-devtools/json-c/json-c_0.15.bb
index 7cbed55b3b..4da30bc50c 100644
--- a/meta/recipes-devtools/json-c/json-c_0.15.bb
+++ b/meta/recipes-devtools/json-c/json-c_0.15.bb
@@ -7,6 +7,7 @@ LIC_FILES_CHKSUM = 
"file://COPYING;md5=de54b60fbbc35123ba193fea8ee216f2"
 SRC_URI = " \
 https://s3.amazonaws.com/json-c_releases/releases/${BP}.tar.gz \
 file://run-ptest \
+file://CVE-2021-32292.patch \
 "
 
 SRC_URI[sha256sum] = 
"b8d80a1ddb718b3ba7492916237bbf86609e9709fb007e7f7d4322f02341a4c6"
-- 
2.41.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#186855): 
https://lists.openembedded.org/g/openembedded-core/message/186855
Mute This Topic: https://lists.openembedded.org/mt/101029090/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 2/2] dhcpcd: fix buffer overflow

[Yi Zhao]

Backport a patch to fix buffer overflow for strlcpy:

$ dhcpcd enp0s3
dhcpcd-10.0.2 starting
*** buffer overflow detected ***: terminated
dhcpcd_fork_cb: truncated read 0 (expected 4)

Signed-off-by: Yi Zhao 
---
 .../dhcpcd/dhcpcd_10.0.2.bb   |  1 +
 ...x-strlcpy-overflow-in-psp_ifname-239.patch | 33 +++
 2 files changed, 34 insertions(+)
 create mode 100644 
meta/recipes-connectivity/dhcpcd/files/0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch

diff --git a/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.2.bb 
b/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.2.bb
index 9dccc93713..0966edd1b8 100644
--- a/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.2.bb
+++ b/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.2.bb
@@ -15,6 +15,7 @@ SRC_URI = 
"git://github.com/NetworkConfiguration/dhcpcd;protocol=https;branch=ma
file://dhcpcd.service \
file://dhcpcd@.service \
file://0001-dhcpcd.8-Fix-conflict-error-when-enable-multilib.patch \
+   file://0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch \
"
 
 SRCREV = "d2fbde99cf2d0072016af9dfe6a77032a5a9fc30"
diff --git 
a/meta/recipes-connectivity/dhcpcd/files/0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch
 
b/meta/recipes-connectivity/dhcpcd/files/0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch
new file mode 100644
index 00..d4fb1737a6
--- /dev/null
+++ 
b/meta/recipes-connectivity/dhcpcd/files/0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch
@@ -0,0 +1,33 @@
+From 1bd8fc7d4b34f752a32709d277a897e5ad202d97 Mon Sep 17 00:00:00 2001
+From: Tobias Heider 
+Date: Tue, 15 Aug 2023 18:06:48 +0200
+Subject: [PATCH] privsep: fix strlcpy overflow in psp_ifname (#239)
+
+When running our Ubuntu tests with libc6 and strlcpy overflow checks
+enabled we found that the wrong size is passed to strlcpy resulting
+in a crash because of an overflow.
+
+Upstream-Status: Backport
+[https://github.com/NetworkConfiguration/dhcpcd/commit/1bd8fc7d4b34f752a32709d277a897e5ad202d97]
+
+Signed-off-by: Yi Zhao 
+---
+ src/privsep.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/privsep.c b/src/privsep.c
+index b11c0351..cfe54742 100644
+--- a/src/privsep.c
 b/src/privsep.c
+@@ -1200,7 +1200,7 @@ ps_newprocess(struct dhcpcd_ctx *ctx, struct ps_id *psid)
+ #endif
+ 
+   if (!(ctx->options & DHCPCD_MANAGER))
+-  strlcpy(psp->psp_ifname, ctx->ifv[0], sizeof(psp->psp_name));
++  strlcpy(psp->psp_ifname, ctx->ifv[0], sizeof(psp->psp_ifname));
+   TAILQ_INSERT_TAIL(>ps_processes, psp, next);
+   return psp;
+ }
+-- 
+2.25.1
+
-- 
2.25.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#186854): 
https://lists.openembedded.org/g/openembedded-core/message/186854
Mute This Topic: https://lists.openembedded.org/mt/101028803/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 1/2] dhcpcd: upgrade 10.0.1 -> 10.0.2

[Yi Zhao]

Changelog:
https://github.com/NetworkConfiguration/dhcpcd/releases/tag/v10.0.2

Signed-off-by: Yi Zhao 
---
 .../dhcpcd/{dhcpcd_10.0.1.bb => dhcpcd_10.0.2.bb}   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-connectivity/dhcpcd/{dhcpcd_10.0.1.bb => dhcpcd_10.0.2.bb} 
(97%)

diff --git a/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.1.bb 
b/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.2.bb
similarity index 97%
rename from meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.1.bb
rename to meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.2.bb
index de007a6e6c..9dccc93713 100644
--- a/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.1.bb
+++ b/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.2.bb
@@ -17,7 +17,7 @@ SRC_URI = 
"git://github.com/NetworkConfiguration/dhcpcd;protocol=https;branch=ma
file://0001-dhcpcd.8-Fix-conflict-error-when-enable-multilib.patch \
"
 
-SRCREV = "5d9bf80c26b4b7dc9d8aa175d96d5a24e75b4d48"
+SRCREV = "d2fbde99cf2d0072016af9dfe6a77032a5a9fc30"
 S = "${WORKDIR}/git"
 
 inherit pkgconfig autotools-brokensep systemd useradd
-- 
2.25.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#186853): 
https://lists.openembedded.org/g/openembedded-core/message/186853
Mute This Topic: https://lists.openembedded.org/mt/101028802/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][dunfell][PATCH] inetutils: Backport fix for CVE-2023-40303

[Vijay Anusuri via lists.openembedded.org]

From: Vijay Anusuri 

Upstream-commit: 
https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=e4e65c03f4c11292a3e40ef72ca3f194c8bffdd6
& 
https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=9122999252c7e21eb7774de11d539748e7bdf46d

Signed-off-by: Vijay Anusuri 
---
 ...tpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch | 283 ++
 ...03-Indent-changes-in-previous-commit.patch | 254 
 .../inetutils/inetutils_1.9.4.bb  |   2 +
 3 files changed, 539 insertions(+)
 create mode 100644 
meta/recipes-connectivity/inetutils/inetutils/0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch
 create mode 100644 
meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch

diff --git 
a/meta/recipes-connectivity/inetutils/inetutils/0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch
 
b/meta/recipes-connectivity/inetutils/inetutils/0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch
new file mode 100644
index 00..aea07bd803
--- /dev/null
+++ 
b/meta/recipes-connectivity/inetutils/inetutils/0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch
@@ -0,0 +1,283 @@
+From 703418fe9d2e3b1e8d594df5788d8001a8116265 Mon Sep 17 00:00:00 2001
+From: Jeffrey Bencteux 
+Date: Fri, 30 Jun 2023 19:02:45 +0200
+Subject: [PATCH] CVE-2023-40303: ftpd,rcp,rlogin,rsh,rshd,uucpd: fix: check
+ set*id() return values
+
+Several setuid(), setgid(), seteuid() and setguid() return values
+were not checked in ftpd/rcp/rlogin/rsh/rshd/uucpd code potentially
+leading to potential security issues.
+
+CVE: CVE-2023-40303
+Upstream-Status: Backport 
[https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=e4e65c03f4c11292a3e40ef72ca3f194c8bffdd6]
+Signed-off-by: Jeffrey Bencteux 
+Signed-off-by: Simon Josefsson 
+Signed-off-by: Khem Raj 
+Signed-off-by: Vijay Anusuri 
+---
+ ftpd/ftpd.c  | 10 +++---
+ src/rcp.c| 39 +--
+ src/rlogin.c | 11 +--
+ src/rsh.c| 25 +
+ src/rshd.c   | 20 +---
+ src/uucpd.c  | 15 +--
+ 6 files changed, 100 insertions(+), 20 deletions(-)
+
+diff --git a/ftpd/ftpd.c b/ftpd/ftpd.c
+index 5db88d0..b52b122 100644
+--- a/ftpd/ftpd.c
 b/ftpd/ftpd.c
+@@ -862,7 +862,9 @@ end_login (struct credentials *pcred)
+   char *remotehost = pcred->remotehost;
+   int atype = pcred->auth_type;
+ 
+-  seteuid ((uid_t) 0);
++  if (seteuid ((uid_t) 0) == -1)
++_exit (EXIT_FAILURE);
++
+   if (pcred->logged_in)
+ {
+   logwtmp_keep_open (ttyline, "", "");
+@@ -1151,7 +1153,8 @@ getdatasock (const char *mode)
+ 
+   if (data >= 0)
+ return fdopen (data, mode);
+-  seteuid ((uid_t) 0);
++  if (seteuid ((uid_t) 0) == -1)
++_exit (EXIT_FAILURE);
+   s = socket (ctrl_addr.ss_family, SOCK_STREAM, 0);
+   if (s < 0)
+ goto bad;
+@@ -1978,7 +1981,8 @@ passive (int epsv, int af)
+   else/* !AF_INET6 */
+ ((struct sockaddr_in *) _addr)->sin_port = 0;
+ 
+-  seteuid ((uid_t) 0);
++  if (seteuid ((uid_t) 0) == -1)
++_exit (EXIT_FAILURE);
+   if (bind (pdata, (struct sockaddr *) _addr, pasv_addrlen) < 0)
+ {
+   if (seteuid ((uid_t) cred.uid))
+diff --git a/src/rcp.c b/src/rcp.c
+index bafa35f..366295c 100644
+--- a/src/rcp.c
 b/src/rcp.c
+@@ -347,14 +347,23 @@ main (int argc, char *argv[])
+   if (from_option)
+ { /* Follow "protocol", send data. */
+   response ();
+-  setuid (userid);
++
++  if (setuid (userid) == -1)
++  {
++error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() 
failed)");
++  }
++
+   source (argc, argv);
+   exit (errs);
+ }
+ 
+   if (to_option)
+ { /* Receive data. */
+-  setuid (userid);
++  if (setuid (userid) == -1)
++  {
++error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() 
failed)");
++  }
++
+   sink (argc, argv);
+   exit (errs);
+ }
+@@ -539,7 +548,11 @@ toremote (char *targ, int argc, char *argv[])
+ if (response () < 0)
+   exit (EXIT_FAILURE);
+ free (bp);
+-setuid (userid);
++
++if (setuid (userid) == -1)
++  {
++error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() 
failed)");
++  }
+   }
+ source (1, argv + i);
+ close (rem);
+@@ -634,7 +647,12 @@ tolocal (int argc, char *argv[])
+ ++errs;
+ continue;
+   }
+-  seteuid (userid);
++
++  if (seteuid (userid) == -1)
++  {
++error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() 
failed)");
++  }
++
+ #if defined IP_TOS && defined IPPROTO_IP && defined IPTOS_THROUGHPUT
+   sslen = sizeof (ss);
+   (void) getpeername (rem, (struct sockaddr *) , );
+@@ -647,7 +665,12 @@ tolocal (int argc, char *argv[])
+ #endif
+   vect[0] = target;
+  

Re: [OE-core] [PATCH 3/3] libx11-compose-data: add CVE_PRODUCT

[Ross Burton]

On 28 Aug 2023, at 08:18, Emil Kronborg Andersen  wrote:
> No, you are right. However, I think it would make sense to include 
> CVE_PRODUCT​ in xorg-lib-common.inc​ instead. What do you think?

That’s definitely wrong, as most of the X11 libraries use that file.

Ross
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#186851): 
https://lists.openembedded.org/g/openembedded-core/message/186851
Mute This Topic: https://lists.openembedded.org/mt/100935314/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][PATCH] uninative.bbclass: sync to use UNINATIVE_STAGING_DIR

[Chen Qi via lists.openembedded.org]

From: Chen Qi 

All other places in this bbclass are using ${UNINATIVE_STAGING_DIR}-uninative,
we should sync to use that too, although UNINATIVE_STAGING_DIR's default
value is STAGING_DIR.

Signed-off-by: Chen Qi 
---
 meta/classes-global/uninative.bbclass | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/classes-global/uninative.bbclass 
b/meta/classes-global/uninative.bbclass
index 366f7ac793..9630726f33 100644
--- a/meta/classes-global/uninative.bbclass
+++ b/meta/classes-global/uninative.bbclass
@@ -146,7 +146,7 @@ def enable_uninative(d):
 d.appendVar("BUILD_LDFLAGS", " -Wl,--allow-shlib-undefined 
-Wl,--dynamic-linker=${UNINATIVE_LOADER}")
 d.appendVarFlag("BUILD_LDFLAGS", "vardepvalueexclude", "| 
-Wl,--allow-shlib-undefined -Wl,--dynamic-linker=${UNINATIVE_LOADER}")
 d.appendVarFlag("BUILD_LDFLAGS", "vardepsexclude", "UNINATIVE_LOADER")
-d.prependVar("PATH", 
"${STAGING_DIR}-uninative/${BUILD_ARCH}-linux${bindir_native}:")
+d.prependVar("PATH", 
"${UNINATIVE_STAGING_DIR}-uninative/${BUILD_ARCH}-linux${bindir_native}:")
 
 python uninative_changeinterp () {
 import subprocess
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#186850): 
https://lists.openembedded.org/g/openembedded-core/message/186850
Mute This Topic: https://lists.openembedded.org/mt/101026853/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-