Re: [OE-core][kirkstone][PATCH] util-linux: Fix for CVE-2024-28085
On Sun, Mar 31, 2024 at 3:50 PM Vijay Anusuri wrote: > > Sure Randy. > > Issue introduced last year in util-linux v2.39. > > The offending commits are: > > * https://github.com/util-linux/util-linux/commit/8a7b8456d1dc0e7c >("write: correctly handle wide characters") > * https://github.com/util-linux/util-linux/commit/aa13246a1bf1be9e >("wall: use fputs_careful()") > > I have added offending commits as dependency patches. As vulnerable code is > not present, it's not affected. So, I want it to be ignored. Ok, ignored it is :-) Steve > > Thanks & Regards, > Vijay > > > On Sun, Mar 31, 2024 at 5:54 AM Randy MacLeod wrote: >> >> >> >> On Fri, Mar 29, 2024, 11:52 Vijay Anusuri via lists.openembedded.org >> wrote: >>> >>> Hi Steve, >>> >>> Please ignore this patch. >>> >>> Thanks & Regards, >>> Vijay >> >> >> >> Hi Vijay, >> >> I expect that's fine with Steve but in the future, it would be good if, when >> you ask for a patch to be ignored, you briefly explain why you'd like it to >> be ignored. >> >> Randy >> >> -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197672): https://lists.openembedded.org/g/openembedded-core/message/197672 Mute This Topic: https://lists.openembedded.org/mt/105213911/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [kirkstone][PATCH v2] tiff: fix CVE-2023-52356 CVE-2023-6277
From: Lee Chee Yang import patch from ubuntu to fix CVE-2023-52356 CVE-2023-6277 import from http://archive.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_4.3.0-6ubuntu0.8.debian.tar.xz Signed-off-by: Lee Chee Yang --- v2: fix Upstream-Status format .../libtiff/tiff/CVE-2023-52356.patch | 54 ++ .../libtiff/tiff/CVE-2023-6277-1.patch| 178 ++ .../libtiff/tiff/CVE-2023-6277-2.patch| 151 +++ .../libtiff/tiff/CVE-2023-6277-3.patch| 46 + .../libtiff/tiff/CVE-2023-6277-4.patch| 93 + meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 5 + 6 files changed, 527 insertions(+) create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-52356.patch create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-1.patch create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-2.patch create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-3.patch create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-4.patch diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2023-52356.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2023-52356.patch new file mode 100644 index 00..4eb7d79c8f --- /dev/null +++ b/meta/recipes-multimedia/libtiff/tiff/CVE-2023-52356.patch @@ -0,0 +1,54 @@ +CVE: CVE-2023-52356 +Upstream-Status: Backport [upstream : https://gitlab.com/libtiff/libtiff/-/commit/51558511bdbbcffdce534db21dbaf5d54b31638a +ubuntu : http://archive.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_4.3.0-6ubuntu0.8.debian.tar.xz ] +Signed-off-by: Lee Chee Yang + +[Ubuntu note: Backport of the following patch from upstream, with a few changes +to match the current version of the file in the present Ubuntu release: + . using TIFFErrorExt instead of TIFFErrorExtR (the latter did not exist yet); +-- Rodrigo Figueiredo Zaiden] + +Backport of: + +From 51558511bdbbcffdce534db21dbaf5d54b31638a Mon Sep 17 00:00:00 2001 +From: Even Rouault +Date: Tue, 31 Oct 2023 15:58:41 +0100 +Subject: [PATCH] TIFFReadRGBAStrip/TIFFReadRGBATile: add more validation of + col/row (fixes #622) + +--- + libtiff/tif_getimage.c | 15 +++ + 1 file changed, 15 insertions(+) + + +--- tiff-4.3.0.orig/libtiff/tif_getimage.c tiff-4.3.0/libtiff/tif_getimage.c +@@ -2942,6 +2942,13 @@ TIFFReadRGBAStripExt(TIFF* tif, uint32_t + } + + if (TIFFRGBAImageOK(tif, emsg) && TIFFRGBAImageBegin(&img, tif, stop_on_error, emsg)) { ++if (row >= img.height) ++{ ++TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), ++ "Invalid row passed to TIFFReadRGBAStrip()."); ++TIFFRGBAImageEnd(&img); ++return (0); ++} + + img.row_offset = row; + img.col_offset = 0; +@@ -3018,6 +3025,14 @@ TIFFReadRGBATileExt(TIFF* tif, uint32_t + return( 0 ); + } + ++if (col >= img.width || row >= img.height) ++{ ++TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), ++ "Invalid row/col passed to TIFFReadRGBATile()."); ++TIFFRGBAImageEnd(&img); ++return (0); ++} ++ + /* + * The TIFFRGBAImageGet() function doesn't allow us to get off the + * edge of the image, even to fill an otherwise valid tile. So we diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-1.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-1.patch new file mode 100644 index 00..453df897ac --- /dev/null +++ b/meta/recipes-multimedia/libtiff/tiff/CVE-2023-6277-1.patch @@ -0,0 +1,178 @@ +CVE: CVE-2023-6277 +Upstream-Status: Backport [upstream : https://gitlab.com/libtiff/libtiff/-/commit/5320c9d89c054fa805d037d84c57da874470b01a +ubuntu : http://archive.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_4.3.0-6ubuntu0.8.debian.tar.xz ] +Signed-off-by: Lee Chee Yang + +[Ubuntu note: Backport of the following patch from upstream, with a few changes +to match the current version of the file in the present Ubuntu release: + . using TIFFWarningExt instead of TIFFWarningExtR (the latter did not exist yet); + . calling _TIFFfree(data) instead of _TIFFfreeExt(tif, data) (the latter did not exist yet); +-- Rodrigo Figueiredo Zaiden] + +Backport of: + +From 5320c9d89c054fa805d037d84c57da874470b01a Mon Sep 17 00:00:00 2001 +From: Su Laus +Date: Tue, 31 Oct 2023 15:43:29 + +Subject: [PATCH] Prevent some out-of-memory attacks + +Some small fuzzer files fake large amounts of data and provoke out-of-memory situations. For non-compressed data content / tags, out-of-memory can be prevented by comparing with the file size. + +At image reading, data size of some tags / data structures (StripByteCounts, StripOffsets, StripArray, TIFF directory) is compared with file size to prevent provoked out-of-memory attacks. + +See issue https://gitlab.com/libtiff/libtiff/-/issues/614#note_1602683857 +--- + libtiff/tif_dirread.c | 92 ++- + 1 fil
Re: [OE-core][kirkstone][PATCH] util-linux: Fix for CVE-2024-28085
Sure Randy. Issue introduced last year in util-linux v2.39. The offending commits are: * https://github.com/util-linux/util-linux/commit/8a7b8456d1dc0e7c ("write: correctly handle wide characters") * https://github.com/util-linux/util-linux/commit/aa13246a1bf1be9e ("wall: use fputs_careful()") I have added offending commits as dependency patches. As vulnerable code is not present, it's not affected. So, I want it to be ignored. Thanks & Regards, Vijay On Sun, Mar 31, 2024 at 5:54 AM Randy MacLeod wrote: > > > On Fri, Mar 29, 2024, 11:52 Vijay Anusuri via lists.openembedded.org > wrote: > >> Hi Steve, >> >> Please ignore this patch. >> >> Thanks & Regards, >> Vijay >> > > > Hi Vijay, > > I expect that's fine with Steve but in the future, it would be good if, > when you ask for a patch to be ignored, you briefly explain why you'd like > it to be ignored. > > Randy > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197670): https://lists.openembedded.org/g/openembedded-core/message/197670 Mute This Topic: https://lists.openembedded.org/mt/105213911/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH v5 1/3] nfs-utils: clean up startup
This still fails on the AB: https://autobuilder.yoctoproject.org/typhoon/#/builders/23/builds/9115/steps/14/logs/stdio On 28/03/2024 19:24:10-0600, Dan McGregor wrote: > From: Daniel McGregor > > Change the sysvinit script to start at the S runlevel, this matches > Debian, and prevents systemd from generating a unit file for it. > Also have the nfsd systemd service request the nfsd kernel filesystem > mountpoint. This avoids startup failures in unpriviled containers > or other setups that don't support the filesystem. > > Signed-off-by: Daniel McGregor > --- > meta/recipes-connectivity/nfs-utils/nfs-utils/nfscommon | 4 ++-- > meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.4.bb | 9 - > 2 files changed, 6 insertions(+), 7 deletions(-) > > diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfscommon > b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfscommon > index 992267d5a16..4c1ad17c3c6 100644 > --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfscommon > +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfscommon > @@ -3,7 +3,7 @@ > # Provides: nfs-common > # Required-Start:$portmap hwclock > # Required-Stop: $portmap hwclock > -# Default-Start: 2 3 4 5 > +# Default-Start: S > # Default-Stop: 0 1 6 > # Short-Description: NFS support for both client and server > # Description: NFS is a popular protocol for file sharing across > @@ -20,7 +20,7 @@ > . /etc/init.d/functions > > test -x "$NFS_STATD" || NFS_STATD=/usr/sbin/rpc.statd > -test -z "$STATD_PID" && STATD_PID=/var/run/rpc.statd.pid > +test -z "$STATD_PID" && STATD_PID=/run/rpc.statd.pid > # > # The default state directory is /var/lib/nfs > test -n "$NFS_STATEDIR" || NFS_STATEDIR=/var/lib/nfs > diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.4.bb > b/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.4.bb > index 2f2644f9a83..527fcd609c1 100644 > --- a/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.4.bb > +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.4.bb > @@ -132,15 +132,14 @@ do_install:append () { > install -m 0644 ${WORKDIR}/nfs-server.service > ${D}${systemd_system_unitdir}/ > install -m 0644 ${WORKDIR}/nfs-mountd.service > ${D}${systemd_system_unitdir}/ > install -m 0644 ${WORKDIR}/nfs-statd.service > ${D}${systemd_system_unitdir}/ > + install -m 0644 ${WORKDIR}/proc-fs-nfsd.mount > ${D}${systemd_system_unitdir}/ > sed -i -e 's,@SBINDIR@,${sbindir},g' \ > -e 's,@SYSCONFDIR@,${sysconfdir},g' \ > -e 's,@HIGH_RLIMIT_NOFILE@,${HIGH_RLIMIT_NOFILE},g' \ > ${D}${systemd_system_unitdir}/*.service > - if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; > then > - install -m 0644 ${WORKDIR}/proc-fs-nfsd.mount > ${D}${systemd_system_unitdir}/ > - install -d ${D}${systemd_system_unitdir}/sysinit.target.wants/ > - ln -sf ../proc-fs-nfsd.mount > ${D}${systemd_system_unitdir}/sysinit.target.wants/proc-fs-nfsd.mount > - fi > + # Add compatibility symlinks for the sysvinit scripts > + ln -s nfs-server.service ${D}${systemd_system_unitdir}/nfsserver.service > + ln -s /dev/null ${D}${systemd_system_unitdir}/nfscommon.service > > # kernel code as of 3.8 hard-codes this path as a default > install -d ${D}/var/lib/nfs/v4recovery > -- > 2.41.0 > > > > -- Alexandre Belloni, co-owner and COO, Bootlin Embedded Linux and Kernel engineering https://bootlin.com -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197669): https://lists.openembedded.org/g/openembedded-core/message/197669 Mute This Topic: https://lists.openembedded.org/mt/105209254/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe-core][PATCH] epiphany: update 45.3 -> 46.0
46.0 - March 15, 2024 = * Improve keyboard navigation of address bar dropdown (#1726, Markus Göllnitz) * Add "Send Link by Email..." to context menu for links (#2037, Leon Marz) * Use selected text when middle clicking on New Tab button (#2159) 46.rc - February 29, 2024 === * Close security popover after selection (#2215) * Focus location entry on search hotkey (#2278) * Close page menu popover on print, search and fullscreen actions (#2283) * Forward key events directly to web view (#1915) (#2173) * Updated translations 46.beta - February 10, 2024 === * Fix a crash (#2021) * Allow closing pinned tabs (#2264) * Adjust labels to improve HIG compliance (!1431, Bart Gravendeel) * Support PKCS #11 smart card authentication (!1433) * Updated translations 46.alpha - January 5, 2024 == * Use web app manifest to get better app name and icon (#931) * Prevent websites from using certain Epiphany internal APIs (#1664) * Fix poor Firefox Sync error message when gnome-keyring is not installed (#1755) * Reduce adblock filter update interval on metered connections (#2152) * Rename Firefox Account to Mozilla Account (#2231) * Hide various context menu items when text is selected (#2258) * Remove Google Safe Browsing support due to terms of service changes (!335) * Hide developer context menu actions by default (!1392, Vitaly Dyachkov) * Update to highlight.js 11.9.0 (!1394) * Use AdwSpinRow in preferences dialog (Pig, !1411) * Many improvements to appstream metainfo (Sabri Ünal, !1398, !1399, !1414, !1422, !1425) * Updated translations Signed-off-by: Markus Volk --- .../epiphany/{epiphany_45.3.bb => epiphany_46.0.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-gnome/epiphany/{epiphany_45.3.bb => epiphany_46.0.bb} (94%) diff --git a/meta/recipes-gnome/epiphany/epiphany_45.3.bb b/meta/recipes-gnome/epiphany/epiphany_46.0.bb similarity index 94% rename from meta/recipes-gnome/epiphany/epiphany_45.3.bb rename to meta/recipes-gnome/epiphany/epiphany_46.0.bb index eec52e321a..9052fe170b 100644 --- a/meta/recipes-gnome/epiphany/epiphany_45.3.bb +++ b/meta/recipes-gnome/epiphany/epiphany_46.0.bb @@ -31,7 +31,7 @@ SRC_URI = "${GNOME_MIRROR}/${GNOMEBN}/${@oe.utils.trim_version("${PV}", 1)}/${GN file://migrator.patch \ file://distributor.patch \ " -SRC_URI[archive.sha256sum] = "6c302e9bdd66290cb0e26f62843cd4c435a4955abdbb4f151f07dc80495d6730" +SRC_URI[archive.sha256sum] = "f4348f2cf51c07c0c106d130172d4d23f2cd4068771e1de007b758ca2ade5660" # Developer mode enables debugging PACKAGECONFIG[developer-mode] = "-Ddeveloper_mode=true,-Ddeveloper_mode=false" -- 2.44.0 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197667): https://lists.openembedded.org/g/openembedded-core/message/197667 Mute This Topic: https://lists.openembedded.org/mt/105249440/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe-core][PATCH] webkitgtk: update 2.42.5 -> 2.44.0
- add a PACKAGECONFIG for libbacktrace to avoid: | -- Could NOT find LibBacktrace (missing: LIBBACKTRACE_INCLUDE_DIR LIBBACKTRACE_LIBRARY) | CMake Error at Source/cmake/OptionsGTK.cmake:425 (message): | libbacktrace is required for USE_LIBBACKTRACE - while at it also add a PACKAGECONFIG for gamepad - remove submitted patch. Issue seems to be fixed. Not entirely sure about that, but there has been rework: [https://bugs.webkit.org/show_bug.cgi?id=267349] I also did a test build with oe-core/poky for qemuarm. It completed without error - There is an issue with creating the json files if CMAKE_EXPORT_COMPILE_COMMANDS is enabled. Disable this for now to fix the build: FAILED: CMakeFiles/RewriteCompileCommands DeveloperTools/compile_commands.json /home/flk/poky/build-hypr/tmp/work/corei7-64-poky-linux/webkitgtk/2.44.0/build/CMakeFiles/RewriteCompileCommands /home/flk/poky/build-hypr/tmp/work/corei7-64-poky-linux/webkitgtk/2.44.0/build/DeveloperTools/compile_commands.json cd /home/flk/poky/build-hypr/tmp/work/corei7-64-poky-linux/webkitgtk/2.44.0/build && /home/flk/poky/build-hypr/tmp/work/corei7-64-poky-linux/webkitgtk/2.44.0/recipe-sysroot-native/usr/bin/python3-native/python3 /home/flk/poky/build-hypr/tmp/work/corei7-64-poky-linux/webkitgtk/2.44.0/webkitgtk-2.44.0/Tools/Scripts/rewrite-compile-commands /home/flk/poky/build-hypr/tmp/work/corei7-64-poky-linux/webkitgtk/2.44.0/build/compile_commands.json /home/flk/poky/build-hypr/tmp/work/corei7-64-poky-linux/webkitgtk/2.44.0/build/DeveloperTools/compile_commands.json /home/flk/poky/build-hypr/tmp/work/corei7-64-poky-linux/webkitgtk/2.44.0/webkitgtk-2.44.0 /home/flk/poky/build-hypr/tmp/work/corei7-64-poky-linux/webkitgtk/2.44.0/build /home/flk/poky/build-hypr/tmp/work/corei7-64-poky-linux/webkitgtk/2.44.0/recipe-sysroot-native/usr/bin/python3-native/python3: can't open file '/home/flk/poky/build-hypr/tmp/work/corei7-64-poky-linux/webkitgtk/2.44.0/webkitgtk-2.44.0/Tools/Scripts/rewrite-compile-commands': [Errno 2] No such file or directory WebKitGTK 2.44.0 What's new in WebKitGTK 2.44.0? - Fix connection of UI and web process accessibility tree in GTK4. - Add BubblewrapLauncher sandbox directory for the gstreamer user registry cache directory. - Fix bug causing preferred language to not be passed to NetworkProcess if set in WebContext before creating WebView. - Do not use real time priority for the display link thread. - Use a shorter web process cache lifetime. - Fix several crashes and rendering issues. - Translation updates: German, Polish, Swedish, Turkish. WebKitGTK 2.43.4 What's new in WebKitGTK 2.43.4? - Remove key event reinjection in GTK4 to make keyboard shortcuts work in web sites. - Use the new GTK API to create a GdkTexture from a DMA-BUF buffer when available. - Fix rendering when GTK is using the vulkan renderer. - Fix gamepads detection by correctly handling focused window in GTK4. - Fix rendering after history navigation. - Write bwrapinfo.json to disk for xdg-desktop-portal. - Fixed several memory leaks in media backend. - Fix several crashes and rendering issues. WebKitGTK 2.43.3 What's new in WebKitGTK 2.43.3? - Show vblank monitor information in webkit://gpu. - Fallback to timer based vblank monitor if drmWaitVBlank fails. - Fix several memory leaks in media backend. - Fix several crashes and rendering issues. WebKitGTK 2.43.2 What's new in WebKitGTK 2.43.2? - Remove the X11 and WPE renderers. - Release unused buffers when the view is hidden. - Fix flickering while playing videos with DMA-BUF sink. - Do not special case the "sans" font family name. - Fix webkit_web_context_allow_tls_certificate_for_host() for IPv6 URIs produced by SoupURI. - Fix several crashes and rendering issues. WebKitGTK 2.43.1 What's new in WebKitGTK 2.43.1? - Improve vblank synchronization when rendering. - Improve DMA-BUF buffers handling for video frames. - Use the buffer format preferred by the driver in DMA-BUF renderer. - Do not block the compositing thread waiting for rendering threads. - Improve performance when scaling images in a canvas. - Fix several crashes and rendering Signed-off-by: Markus Volk --- ...44e17d258106617b0e6d783d073b188a2548.patch | 310 -- ...ebkitgtk_2.42.5.bb => webkitgtk_2.44.0.bb} | 7 +- 2 files changed, 4 insertions(+), 313 deletions(-) delete mode 100644 meta/recipes-sato/webkit/webkitgtk/0d3344e17d258106617b0e6d783d073b188a2548.patch rename meta/recipes-sato/webkit/{webkitgtk_2.42.5.bb => webkitgtk_2.44.0.bb} (96%) diff --git a/meta/recipes-sato/webkit/webkitgtk/0d3344e17d258106617b0e6d783d073b188a2548.patch b/meta/recipes-sato/webkit/webkitgtk/0d3344e17d258106617b0e6d783d073b188a2548.patch deleted file mode 100
[oe-core][PATCH] vte: update 0.74.2 -> 0.76.0
- add missing lz4 dependency - add PACKAGECONFIG for gtk+3 - if wayland and opengl are available, gtk4 will be used - for plain x11 it can be built with or without opengl depending on DISTRO_FEATURE Signed-off-by: Markus Volk --- meta/recipes-support/vte/{vte_0.74.2.bb => vte_0.76.0.bb} | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) rename meta/recipes-support/vte/{vte_0.74.2.bb => vte_0.76.0.bb} (87%) diff --git a/meta/recipes-support/vte/vte_0.74.2.bb b/meta/recipes-support/vte/vte_0.76.0.bb similarity index 87% rename from meta/recipes-support/vte/vte_0.74.2.bb rename to meta/recipes-support/vte/vte_0.76.0.bb index d8eafde2fb..701b7417e3 100644 --- a/meta/recipes-support/vte/vte_0.74.2.bb +++ b/meta/recipes-support/vte/vte_0.76.0.bb @@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = " \ file://COPYING.XTERM;md5=d7fc3a23c16c039afafe2e042030f057 \ " -DEPENDS = "glib-2.0 glib-2.0-native gtk+3 libpcre2 libxml2-native gperf-native icu" +DEPENDS = "glib-2.0 glib-2.0-native lz4 libpcre2 libxml2-native gperf-native icu" GIR_MESON_OPTION = 'gir' GIDOCGEN_MESON_OPTION = "docs" @@ -19,7 +19,7 @@ GIDOCGEN_MESON_OPTION = "docs" inherit gnomebase gi-docgen features_check upstream-version-is-even gobject-introspection systemd vala SRC_URI += "file://0001-Add-W_EXITCODE-macro-for-non-glibc-systems.patch" -SRC_URI[archive.sha256sum] = "a535fb2a98fea8a2449cd1a02cccf5190131dddff52e715afdace3feb536eae7" +SRC_URI[archive.sha256sum] = "bbce30b8f504370b12d6439c07a82993e97d7e9afe2dd367817cd58ff029ffda" ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}" @@ -29,9 +29,10 @@ EXTRA_OEMESON:append = " ${@bb.utils.contains('GI_DATA_ENABLED', 'False', '-Ddoc PACKAGECONFIG ??= " \ gnutls \ ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'opengl', 'gtk4', '', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'wayland opengl', 'gtk4', 'gtk3', d)} \ " PACKAGECONFIG[fribidi] = "-Dfribidi=true,-Dfribidi=false,fribidi" +PACKAGECONFIG[gtk3] = "-Dgtk3=true,-Dgtk3=false,gtk+3" PACKAGECONFIG[gtk4] = "-Dgtk4=true,-Dgtk4=false,gtk4" PACKAGECONFIG[gnutls] = "-Dgnutls=true,-Dgnutls=false,gnutls" PACKAGECONFIG[systemd] = "-D_systemd=true,-D_systemd=false,systemd" -- 2.44.0 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197665): https://lists.openembedded.org/g/openembedded-core/message/197665 Mute This Topic: https://lists.openembedded.org/mt/105249434/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe-core][PATCHv2] gtk+3: disable wayland without opengl
Wayland backend requires epoxy so it will pull in a requirement for opengl While doing some tests in building old stuff like matchbox-terminal with vte 0.76, I encountered an issue with building matchbox-terminal without opengl in DISTRO_FEATURES. Explicitly stating that the Wayland backend requires opengl fixes this problem and allows matchbox-terminal to be used without. Signed-off-by: Markus Volk --- meta/recipes-gnome/gtk+/gtk+3.inc | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/meta/recipes-gnome/gtk+/gtk+3.inc b/meta/recipes-gnome/gtk+/gtk+3.inc index 4a04c06432..e1603b43fc 100644 --- a/meta/recipes-gnome/gtk+/gtk+3.inc +++ b/meta/recipes-gnome/gtk+/gtk+3.inc @@ -33,7 +33,10 @@ GTKDOC_MESON_OPTION = 'gtk_doc' EXTRA_OEMESON = "-Dxinerama=no -Dtests=false" EXTRA_OEMESON:append:class-native = " -Ddemos=false -Dexamples=false" -PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'opengl wayland x11', d)}" +PACKAGECONFIG ??= " \ + ${@bb.utils.filter('DISTRO_FEATURES', 'opengl x11', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'opengl wayland', 'wayland', '', d)} \ +" PACKAGECONFIG:class-native = "${@bb.utils.filter('DISTRO_FEATURES', 'x11', d)}" PACKAGECONFIG:class-nativesdk = "${@bb.utils.filter('DISTRO_FEATURES', 'x11', d)}" -- 2.44.0 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197664): https://lists.openembedded.org/g/openembedded-core/message/197664 Mute This Topic: https://lists.openembedded.org/mt/105249272/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] OE-core CVE metrics for nanbield on Sun 31 Mar 2024 04:00:01 AM HST
Branch: nanbield New this week: 0 CVEs Removed this week: 0 CVEs Full list: Found 128 unpatched CVEs CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 * CVE-2021-3714 (CVSS3: 5.9 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3714 * CVE-2021-3864 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3864 * CVE-2022-0400 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0400 * CVE-2022-1247 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1247 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-36402 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36402 * CVE-2022-38096 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38096 * CVE-2022-4543 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4543 * CVE-2022-46456 (CVSS3: 6.1 MEDIUM): nasm:nasm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46456 * CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * CVE-2023-3019 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3019 * CVE-2023-3397 (CVSS3: 6.3 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3397 * CVE-2023-3640 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3640 * CVE-2023-39189 (CVSS3: 6.0 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39189 * CVE-2023-39192 (CVSS3: 6.0 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39192 * CVE-2023-39193 (CVSS3: 6.0 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39193 * CVE-2023-39928 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39928 * CVE-2023-4001 (CVSS3: 6.8 MEDIUM): grub:grub-efi:grub-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4001 * CVE-2023-4010 (CVSS3: 4.6 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4010 * CVE-2023-42363 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42363 * CVE-2023-42364 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42364 * CVE-2023-42365 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42365 * CVE-2023-42366 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42366 * CVE-2023-42753 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42753 * CVE-2023-42754 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42754 * CVE-2023-42756 (CVSS3: 4.7 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42756 * CVE-2023-4623 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4623 * CVE-2023-46407 (CVSS3: 5.5 MEDIUM): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-46407 * CVE-2023-46838 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-46838 * CVE-2023-47470 (CVSS3: 7.8 HIGH): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-47470 * CVE-2023-48795 (CVSS3: 5.9 MEDIUM): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48795 * CVE-2023-4921 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4921 * CVE-2023-49292 (CVSS3: 4.8 MEDIUM): go:go-binary-native:go-cross-core2-64:go-runtime https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-49292 * CVE-2023-50431 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-50431 * CVE-2023-5088 (CVSS3: 7.0 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5088 * CVE-2023-51384 (CVSS3: 5.5 MEDIUM): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51384 * CVE-2023-51385 (CVSS3: 6.5 MEDIUM): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51385 * CVE-2023-51767 (CVSS3: 7.0 HIGH): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51767 * CVE-2023-5178 (CVSS3: 9.8 CRITICAL): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5178 * CVE-2023-51780 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51780 * CVE-2023-51781 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51781 * CVE-2023-51782 (CVSS3: 7.0 HIGH): lin
Patchtest results for [oe-core][PATCH] gtk+3: disable wayland without opengl
Thank you for your submission. Patchtest identified one or more issues with the patch. Please see the log below for more information: --- Testing patch /home/patchtest/share/mboxes/gtk-3-disable-wayland-without-opengl.patch FAIL: test Signed-off-by presence: Mbox is missing Signed-off-by. Add it manually or with "git commit --amend -s" (test_mbox.TestMbox.test_signed_off_by_presence) PASS: test author valid (test_mbox.TestMbox.test_author_valid) PASS: test commit message presence (test_mbox.TestMbox.test_commit_message_presence) PASS: test max line length (test_metadata.TestMetadata.test_max_line_length) PASS: test mbox format (test_mbox.TestMbox.test_mbox_format) PASS: test non-AUH upgrade (test_mbox.TestMbox.test_non_auh_upgrade) PASS: test shortlog format (test_mbox.TestMbox.test_shortlog_format) PASS: test shortlog length (test_mbox.TestMbox.test_shortlog_length) SKIP: pretest pylint: No python related patches, skipping test (test_python_pylint.PyLint.pretest_pylint) SKIP: pretest src uri left files: No modified recipes, skipping pretest (test_metadata.TestMetadata.pretest_src_uri_left_files) SKIP: test CVE check ignore: No modified recipes or older target branch, skipping test (test_metadata.TestMetadata.test_cve_check_ignore) SKIP: test CVE tag format: No new CVE patches introduced (test_patch.TestPatch.test_cve_tag_format) SKIP: test Signed-off-by presence: No new CVE patches introduced (test_patch.TestPatch.test_signed_off_by_presence) SKIP: test Upstream-Status presence: No new CVE patches introduced (test_patch.TestPatch.test_upstream_status_presence_format) SKIP: test bugzilla entry format: No bug ID found (test_mbox.TestMbox.test_bugzilla_entry_format) SKIP: test lic files chksum modified not mentioned: No modified recipes, skipping test (test_metadata.TestMetadata.test_lic_files_chksum_modified_not_mentioned) SKIP: test lic files chksum presence: No added recipes, skipping test (test_metadata.TestMetadata.test_lic_files_chksum_presence) SKIP: test license presence: No added recipes, skipping test (test_metadata.TestMetadata.test_license_presence) SKIP: test pylint: No python related patches, skipping test (test_python_pylint.PyLint.test_pylint) SKIP: test series merge on head: Merge test is disabled for now (test_mbox.TestMbox.test_series_merge_on_head) SKIP: test src uri left files: No modified recipes, skipping pretest (test_metadata.TestMetadata.test_src_uri_left_files) SKIP: test summary presence: No added recipes, skipping test (test_metadata.TestMetadata.test_summary_presence) SKIP: test target mailing list: Series merged, no reason to check other mailing lists (test_mbox.TestMbox.test_target_mailing_list) --- Please address the issues identified and submit a new revision of the patch, or alternatively, reply to this email with an explanation of why the patch should be accepted. If you believe these results are due to an error in patchtest, please submit a bug at https://bugzilla.yoctoproject.org/ (use the 'Patchtest' category under 'Yocto Project Subprojects'). For more information on specific failures, see: https://wiki.yoctoproject.org/wiki/Patchtest. Thank you! -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197662): https://lists.openembedded.org/g/openembedded-core/message/197662 Mute This Topic: https://lists.openembedded.org/mt/105247838/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe-core][PATCH] gtk+3: disable wayland without opengl
Wayland backend requires epoxy so it will pull in a requirement for opengl While doing some tests in building old stuff like matchbox-terminal with vte 0.76, I encountered an issue with building matchbox-terminal without opengl in DISTRO_FEATURES. Explicitly stating that the Wayland backend requires opengl fixes this problem and allows matchbox-terminal to be used without. --- meta/recipes-gnome/gtk+/gtk+3.inc | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/meta/recipes-gnome/gtk+/gtk+3.inc b/meta/recipes-gnome/gtk+/gtk+3.inc index 4a04c06432..e1603b43fc 100644 --- a/meta/recipes-gnome/gtk+/gtk+3.inc +++ b/meta/recipes-gnome/gtk+/gtk+3.inc @@ -33,7 +33,10 @@ GTKDOC_MESON_OPTION = 'gtk_doc' EXTRA_OEMESON = "-Dxinerama=no -Dtests=false" EXTRA_OEMESON:append:class-native = " -Ddemos=false -Dexamples=false" -PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'opengl wayland x11', d)}" +PACKAGECONFIG ??= " \ + ${@bb.utils.filter('DISTRO_FEATURES', 'opengl x11', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'opengl wayland', 'wayland', '', d)} \ +" PACKAGECONFIG:class-native = "${@bb.utils.filter('DISTRO_FEATURES', 'x11', d)}" PACKAGECONFIG:class-nativesdk = "${@bb.utils.filter('DISTRO_FEATURES', 'x11', d)}" -- 2.44.0 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197661): https://lists.openembedded.org/g/openembedded-core/message/197661 Mute This Topic: https://lists.openembedded.org/mt/105247662/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] OE-core CVE metrics for kirkstone on Sun 31 Mar 2024 03:00:01 AM HST
Branch: kirkstone New this week: 0 CVEs Removed this week: 1 CVEs CVE-2023-52426 (CVSS3: 5.5 MEDIUM): expat:expat-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52426 * Full list: Found 43 unpatched CVEs CVE-2021-35937 (CVSS3: 6.4 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35937 * CVE-2021-35938 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35938 * CVE-2021-35939 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35939 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-3515 (CVSS3: 9.8 CRITICAL): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3515 * CVE-2022-36648 (CVSS3: 10.0 CRITICAL): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36648 * CVE-2022-3872 (CVSS3: 8.6 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3872 * CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * CVE-2023-24532 (CVSS3: 5.3 MEDIUM): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24532 * CVE-2023-27043 (CVSS3: 5.3 MEDIUM): python3:python3-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27043 * CVE-2023-2731 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2731 * CVE-2023-28198 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-28198 * CVE-2023-29403 (CVSS3: 7.8 HIGH): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29403 * CVE-2023-3019 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3019 * CVE-2023-3164 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3164 * CVE-2023-32370 (CVSS3: 5.3 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-32370 * CVE-2023-37769 (CVSS3: 6.5 MEDIUM): pixman:pixman-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37769 * CVE-2023-39323 (CVSS3: 8.1 HIGH): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39323 * CVE-2023-4001 (CVSS3: 6.8 MEDIUM): grub:grub-efi:grub-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4001 * CVE-2023-40397 (CVSS3: 9.8 CRITICAL): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40397 * CVE-2023-44487 (CVSS3: 7.5 HIGH): go:nghttp2 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-44487 * CVE-2023-45803 (CVSS3: 4.2 MEDIUM): python3-urllib3 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45803 * CVE-2023-46407 (CVSS3: 5.5 MEDIUM): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-46407 * CVE-2023-47100 (CVSS3: 9.8 CRITICAL): perl:perl-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-47100 * CVE-2023-47470 (CVSS3: 7.8 HIGH): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-47470 * CVE-2023-48795 (CVSS3: 5.9 MEDIUM): libssh2:libssh2-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-48795 * CVE-2023-49292 (CVSS3: 4.8 MEDIUM): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-49292 * CVE-2023-51767 (CVSS3: 7.0 HIGH): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51767 * CVE-2023-52355 (CVSS3: 7.5 HIGH): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52355 * CVE-2023-52356 (CVSS3: 7.5 HIGH): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52356 * CVE-2023-52425 (CVSS3: 7.5 HIGH): expat:expat-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52425 * CVE-2023-5380 (CVSS3: 4.7 MEDIUM): xwayland https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5380 * CVE-2023-5574 (CVSS3: 7.0 HIGH): xserver-xorg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5574 * CVE-2023-6277 (CVSS3: 6.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6277 * CVE-2023-6683 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6683 * CVE-2023-6816 (CVSS3: 9.8 CRITICAL): xwayland https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6816 * CVE-2023-7216 (CVSS3: 5.3 MEDIUM): cpio https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-7216 * CVE-2024-0408 (CVSS3: 5.5 MEDIUM): xwayland https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-0408 * CVE-2024-0409 (CVSS3: 7.8 HIGH): xwayland https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-0409 * CVE-2024-1048 (CVSS3: 3.3 LOW): grub:grub-efi:grub-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-1048 * CVE-2024-22860 (CVSS3: 9.8 CRITICAL): ffmpeg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-22860 * CVE-202
[OE-core] OE-core CVE metrics for dunfell on Sun 31 Mar 2024 02:00:01 AM HST
Branch: dunfell New this week: 0 CVEs Removed this week: 1 CVEs CVE-2024-25062 (CVSS3: 7.5 HIGH): libxml2:libxml2-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-25062 * Full list: Found 109 unpatched CVEs CVE-2020-15705 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15705 * CVE-2020-25742 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25742 * CVE-2020-25743 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25743 * CVE-2020-27918 (CVSS3: 7.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27918 * CVE-2020-29623 (CVSS3: 3.3 LOW): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29623 * CVE-2020-35503 (CVSS3: 6.0 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35503 * CVE-2020-35506 (CVSS3: 6.7 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35506 * CVE-2020-9948 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9948 * CVE-2020-9951 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9951 * CVE-2020-9952 (CVSS3: 7.1 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9952 * CVE-2021-1765 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1765 * CVE-2021-1789 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1789 * CVE-2021-1799 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1799 * CVE-2021-1801 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1801 * CVE-2021-1870 (CVSS3: 9.8 CRITICAL): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1870 * CVE-2021-27097 (CVSS3: 7.8 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27097 * CVE-2021-27138 (CVSS3: 7.8 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27138 * CVE-2021-31879 (CVSS3: 6.1 MEDIUM): wget https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31879 * CVE-2021-3418 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3418 * CVE-2021-3445 (CVSS3: 7.5 HIGH): libdnf https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3445 * CVE-2021-35937 (CVSS3: 6.4 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35937 * CVE-2021-35938 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35938 * CVE-2021-35939 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35939 * CVE-2021-3611 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3611 * CVE-2021-42762 (CVSS3: 5.3 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42762 * CVE-2021-45085 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45085 * CVE-2021-45086 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45086 * CVE-2021-45087 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45087 * CVE-2021-45088 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45088 * CVE-2021-45481 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45481 * CVE-2021-45482 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45482 * CVE-2021-45483 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45483 * CVE-2022-0358 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0358 * CVE-2022-2294 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2294 * CVE-2022-2347 (CVSS3: 7.1 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2347 * CVE-2022-23773 (CVSS3: 7.5 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23773 * CVE-2022-24765 (CVSS3: 7.8 HIGH): git https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24765 * CVE-2022-2953 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2953 * CVE-2022-2962 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2962 * CVE-2022-30293 (CVSS3: 7.5 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30293 * CVE-2022-30767 (CVSS3: 9.8 CRITICAL): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30767 *
[OE-core] OE-core CVE metrics for master on Sun 31 Mar 2024 01:00:01 AM HST
Branch: master New this week: 0 CVEs Removed this week: 0 CVEs Full list: Found 37 unpatched CVEs CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 * CVE-2021-3714 (CVSS3: 5.9 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3714 * CVE-2021-3864 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3864 * CVE-2022-0400 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0400 * CVE-2022-1247 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1247 * CVE-2022-3219 (CVSS3: 3.3 LOW): gnupg:gnupg-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-38096 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38096 * CVE-2022-4543 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4543 * CVE-2022-46456 (CVSS3: 6.1 MEDIUM): nasm:nasm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46456 * CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 * CVE-2023-3397 (CVSS3: 6.3 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3397 * CVE-2023-3640 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3640 * CVE-2023-4010 (CVSS3: 4.6 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4010 * CVE-2023-42363 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42363 * CVE-2023-42364 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42364 * CVE-2023-42365 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42365 * CVE-2023-42366 (CVSS3: 5.5 MEDIUM): busybox https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-42366 * CVE-2023-51767 (CVSS3: 7.0 HIGH): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51767 * CVE-2023-6238 (CVSS3: 6.7 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6238 * CVE-2023-6240 (CVSS3: 6.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6240 * CVE-2023-6270 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6270 * CVE-2023-6356 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6356 * CVE-2023-6535 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6535 * CVE-2023-6536 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6536 * CVE-2023-7042 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-7042 * CVE-2023-7216 (CVSS3: 5.3 MEDIUM): cpio https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-7216 * CVE-2024-0841 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-0841 * CVE-2024-21803 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-21803 * CVE-2024-23307 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-23307 * CVE-2024-23848 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-23848 * CVE-2024-24857 (CVSS3: 6.8 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24857 * CVE-2024-24858 (CVSS3: 5.3 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24858 * CVE-2024-24859 (CVSS3: 4.8 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24859 * CVE-2024-24861 (CVSS3: 6.3 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24861 * CVE-2024-24864 (CVSS3: 4.7 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24864 * CVE-2024-25739 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-25739 * CVE-2024-25740 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-25740 * Summary of CVE counts by recipe: linux-yocto: 28 busybox: 4 cpio: 1 gnupg:gnupg-native: 1 nasm:nasm-native: 1 openssh: 1 qemu:qemu-native:qemu-system-native: 1 For further information see: https://autobuilder.yocto.io/pub/non-release/patchmetrics/ -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197658): https://lists.openembedded.org/g/openembedded-core/message/197658 Mute This Topic: https://lists.openembedded.org/mt/105245840/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH 2/3] valgrind: Re-enable fixed test cases
yeah drop it for now. I need to check x86 results with gcc On Sun, Mar 31, 2024 at 1:24 AM Alexandre Belloni wrote: > > On 30/03/2024 08:31:10+, Richard Purdie wrote: > > On Thu, 2024-03-28 at 22:50 -0700, Khem Raj wrote: > > > These tests have been fixed in prior to 3.22 release > > > > > > Signed-off-by: Khem Raj > > > --- > > > meta/recipes-devtools/valgrind/valgrind_3.22.0.bb | 6 -- > > > 1 file changed, 6 deletions(-) > > > > https://autobuilder.yoctoproject.org/typhoon/#/builders/81/builds/6452/steps/13/logs/stdio > > https://autobuilder.yoctoproject.org/typhoon/#/builders/82/builds/6257/steps/13/logs/stdio > > > > Failed ptests: > > {'valgrind': ['memcheck/tests/leak_cpp_interior', > > 'drd/tests/pth_mutex_signal']} > > > > so they're not fixed. > > > > Failed test details... > drd/tests/pth_mutex_signal.stderr.diff > > --- pth_mutex_signal.stderr.exp > +++ pth_mutex_signal.stderr.out > @@ -2,14 +2,34 @@ > mutex initialized > thread attributes initialized > thread created > -sleeping > -signalling > -sleeping > -nullHandler running > -unlocking > -contender locked mutex > -contender unlocking mutex > -contender unlocked mutex > -joining thread > > -ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0) > +Process terminating with default action of signal 6 (SIGABRT) > + at 0x: __pthread_kill_implementation (pthread_kill.c:?) > + by 0x: raise (raise.c:?) > + by 0x: abort (abort.c:?) > + by 0x: __libc_message_impl.cold (libc_fatal.c:?) > + by 0x: __libc_fatal (libc_fatal.c:?) > + by 0x: futex_fatal_error (futex-internal.h:87) > + by 0x: __futex_lock_pi64 (futex-internal.c:203) > + by 0x: __pthread_mutex_lock_full (pthread_mutex_lock.c:?) > + by 0x: pthread_mutex_lock (drd_pthread_intercepts.c:?) > + by 0x: contender_start (pth_mutex_signal.c:?) > + by 0x: vgDrd_thread_wrapper (drd_pthread_intercepts.c:?) > + by 0x: start_thread > + by 0x: clone (in /...libc...) > +Thread 2: > +Destroying locked mutex: mutex 0x, recursion count 1, owner 1. > + at 0x: __libc_write (write.c:?) > + by 0x: write (write.c:?) > + by 0x: _IO_file_write@@GLIBC_2.2.5 (fileops.c:?) > + by 0x: new_do_write (fileops.c:?) > + by 0x: _IO_new_file_xsputn (fileops.c:?) > + by 0x: _IO_file_xsputn@@GLIBC_2.2.5 (fileops.c:?) > + by 0x: fwrite (iofwrite.c:?) > + by 0x: main (pth_mutex_signal.c:?) > +mutex 0x was first observed at: > + at 0x: pthread_mutex_init (drd_pthread_intercepts.c:?) > + by 0x: main (pth_mutex_signal.c:?) > + > + > +ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0) > > Failed test details... > memcheck/tests/leak_cpp_interior.stderr.diff > > --- leak_cpp_interior.stderr.exp > +++ leak_cpp_interior.stderr.out > @@ -1,4 +1,7 @@ > > +Conditional jump or move depends on uninitialised value(s) > + ... > + > valgrind output will go to log > VALGRIND_DO_LEAK_CHECK > x bytes in 1 blocks are definitely lost in loss record ... of ... > @@ -35,10 +38,10 @@ > LEAK SUMMARY: > definitely lost: x (+0) bytes in 1 (+0) blocks > indirectly lost: 0 (+0) bytes in 0 (+0) blocks > - possibly lost: x (-x) bytes in 5 (+1) blocks > - still reachable: x (+x) bytes in 3 (-1) blocks > + possibly lost: x (-x) bytes in 4 (+0) blocks > + still reachable: x (+x) bytes in 4 (+0) blocks >of which reachable via heuristic: > -newarray : x (+x) bytes in 1 (+1) blocks > +newarray : x (+x) bytes in 2 (+2) blocks > multipleinheritance: 0 (-x) bytes in 0 (-2) blocks > To see details of leaked memory, give 'full' arg to leak_check > > @@ -46,11 +49,11 @@ > LEAK SUMMARY: > definitely lost: x (+0) bytes in 1 (+0) blocks > indirectly lost: 0 (+0) bytes in 0 (+0) blocks > - possibly lost: x (-x) bytes in 5 (+0) blocks > - still reachable: x (+x) bytes in 3 (+0) blocks > + possibly lost: x (+x) bytes in 5 (+1) blocks > + still reachable: x (-x) bytes in 3 (-1) blocks >of which reachable via heuristic: > length64 : x (+x) bytes in 1 (+1) blocks > -newarray : 0 (-x) bytes in 0 (-1) blocks > +newarray : 0 (-x) bytes in 0 (-2) blocks > To see details of leaked memory, give 'full' arg to leak_check > > leak_check summary heuristics stdstring > @@ -133,5 +136,6 @@ > > All heap blocks were freed -- no leaks are possible > > +Use --track-origins=yes to see where uninitialised values come from > > > > -- > Alexandre Belloni, co-owner and COO, Bootlin > Embedded Linux and Kernel engineering > https://bootlin.com -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to thi
Re: [OE-core] [PATCH 2/3] valgrind: Re-enable fixed test cases
On 30/03/2024 08:31:10+, Richard Purdie wrote: > On Thu, 2024-03-28 at 22:50 -0700, Khem Raj wrote: > > These tests have been fixed in prior to 3.22 release > > > > Signed-off-by: Khem Raj > > --- > > meta/recipes-devtools/valgrind/valgrind_3.22.0.bb | 6 -- > > 1 file changed, 6 deletions(-) > > https://autobuilder.yoctoproject.org/typhoon/#/builders/81/builds/6452/steps/13/logs/stdio > https://autobuilder.yoctoproject.org/typhoon/#/builders/82/builds/6257/steps/13/logs/stdio > > Failed ptests: > {'valgrind': ['memcheck/tests/leak_cpp_interior', > 'drd/tests/pth_mutex_signal']} > > so they're not fixed. > Failed test details... drd/tests/pth_mutex_signal.stderr.diff --- pth_mutex_signal.stderr.exp +++ pth_mutex_signal.stderr.out @@ -2,14 +2,34 @@ mutex initialized thread attributes initialized thread created -sleeping -signalling -sleeping -nullHandler running -unlocking -contender locked mutex -contender unlocking mutex -contender unlocked mutex -joining thread -ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0) +Process terminating with default action of signal 6 (SIGABRT) + at 0x: __pthread_kill_implementation (pthread_kill.c:?) + by 0x: raise (raise.c:?) + by 0x: abort (abort.c:?) + by 0x: __libc_message_impl.cold (libc_fatal.c:?) + by 0x: __libc_fatal (libc_fatal.c:?) + by 0x: futex_fatal_error (futex-internal.h:87) + by 0x: __futex_lock_pi64 (futex-internal.c:203) + by 0x: __pthread_mutex_lock_full (pthread_mutex_lock.c:?) + by 0x: pthread_mutex_lock (drd_pthread_intercepts.c:?) + by 0x: contender_start (pth_mutex_signal.c:?) + by 0x: vgDrd_thread_wrapper (drd_pthread_intercepts.c:?) + by 0x: start_thread + by 0x: clone (in /...libc...) +Thread 2: +Destroying locked mutex: mutex 0x, recursion count 1, owner 1. + at 0x: __libc_write (write.c:?) + by 0x: write (write.c:?) + by 0x: _IO_file_write@@GLIBC_2.2.5 (fileops.c:?) + by 0x: new_do_write (fileops.c:?) + by 0x: _IO_new_file_xsputn (fileops.c:?) + by 0x: _IO_file_xsputn@@GLIBC_2.2.5 (fileops.c:?) + by 0x: fwrite (iofwrite.c:?) + by 0x: main (pth_mutex_signal.c:?) +mutex 0x was first observed at: + at 0x: pthread_mutex_init (drd_pthread_intercepts.c:?) + by 0x: main (pth_mutex_signal.c:?) + + +ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0) Failed test details... memcheck/tests/leak_cpp_interior.stderr.diff --- leak_cpp_interior.stderr.exp +++ leak_cpp_interior.stderr.out @@ -1,4 +1,7 @@ +Conditional jump or move depends on uninitialised value(s) + ... + valgrind output will go to log VALGRIND_DO_LEAK_CHECK x bytes in 1 blocks are definitely lost in loss record ... of ... @@ -35,10 +38,10 @@ LEAK SUMMARY: definitely lost: x (+0) bytes in 1 (+0) blocks indirectly lost: 0 (+0) bytes in 0 (+0) blocks - possibly lost: x (-x) bytes in 5 (+1) blocks - still reachable: x (+x) bytes in 3 (-1) blocks + possibly lost: x (-x) bytes in 4 (+0) blocks + still reachable: x (+x) bytes in 4 (+0) blocks of which reachable via heuristic: -newarray : x (+x) bytes in 1 (+1) blocks +newarray : x (+x) bytes in 2 (+2) blocks multipleinheritance: 0 (-x) bytes in 0 (-2) blocks To see details of leaked memory, give 'full' arg to leak_check @@ -46,11 +49,11 @@ LEAK SUMMARY: definitely lost: x (+0) bytes in 1 (+0) blocks indirectly lost: 0 (+0) bytes in 0 (+0) blocks - possibly lost: x (-x) bytes in 5 (+0) blocks - still reachable: x (+x) bytes in 3 (+0) blocks + possibly lost: x (+x) bytes in 5 (+1) blocks + still reachable: x (-x) bytes in 3 (-1) blocks of which reachable via heuristic: length64 : x (+x) bytes in 1 (+1) blocks -newarray : 0 (-x) bytes in 0 (-1) blocks +newarray : 0 (-x) bytes in 0 (-2) blocks To see details of leaked memory, give 'full' arg to leak_check leak_check summary heuristics stdstring @@ -133,5 +136,6 @@ All heap blocks were freed -- no leaks are possible +Use --track-origins=yes to see where uninitialised values come from -- Alexandre Belloni, co-owner and COO, Bootlin Embedded Linux and Kernel engineering https://bootlin.com -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197656): https://lists.openembedded.org/g/openembedded-core/message/197656 Mute This Topic: https://lists.openembedded.org/mt/105211846/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-