From: Changqing Li
Parallel compile maybe failed with error:
error: ../lib/strlcat.o: No such file or directory
Makefile:619: recipe for target 'syslogd' failed
remove previous patch, and backport lastest fix
for this problem
Signed-off-by: Changqing Li
---
Some native tools dependency issues were seen while building with
external GCC tool-set rather than source GCC tool-set. While building
with source tool-set these dependencies were implicitly met which is not
the case with external tool-set. So explicitly state these native tools
dependencies.
Hi,
Question about attr. I'm not familiar with it.
On a clean poky is it normal(not a bug?) to have deps such as
"attr.do_build" -> "linux-libc-headers.do_package_write_rpm"
"attr.do_build" -> "linux-yocto.do_deploy"
"attr.do_build" -> "linux-yocto.do_package_write_rpm"
How they are appear? I
On Sun, 2020-01-12 at 14:59 +0100, Carlos Rafael Giani wrote:
> * gstreamer1.0-plugins-common.inc
> The old gstreamer1.0-plugins.inc file, adapted for meson
> * gstreamer1.0-plugins-packaging.inc
> The old gst-plugins-package.inc file, adapted for meson
> * gstreamer1.0-ptest.inc
> Common
On Thu, 16 Jan 2020 at 22:00, Richard Purdie
wrote:
>
> On Thu, 2020-01-16 at 20:07 +, Paul Barker wrote:
> > Hey folks,
> >
> > I've started looking through patchtest & patchtest-oe in detail and
> > spotted that all the scripts, support code and test cases are
> > licensed
> > under GPLv2.
On Thu, 2020-01-16 at 20:07 +, Paul Barker wrote:
> Hey folks,
>
> I've started looking through patchtest & patchtest-oe in detail and
> spotted that all the scripts, support code and test cases are
> licensed
> under GPLv2. Is that ok given that we plan to copy this into
> openembedded-core
> TODO:
>
> * Right now, the class triggers a base environment change every time, which
> means BitBake always reparses every recipe. I guess this
> is because I'm modifying the datastore when I get bb.event.ConfigParsed and
> bb.event.MultiConfigParsed, in order to ensure
> REVRECORD_DATETIME
From: Trevor Gamblin
See bug https://bugzilla.yoctoproject.org/show_bug.cgi?id=13632
Autobuilder tests occasionally fail, reporting that a new logfile
could not be created. While this failure did occur multiple times, it
could not be manually reproduced. However, there are issues with the
Hey folks,
I've started looking through patchtest & patchtest-oe in detail and
spotted that all the scripts, support code and test cases are licensed
under GPLv2. Is that ok given that we plan to copy this into
openembedded-core (probably under meta/lib/oeqa)? Is there any
practical effect of
> > As mentioned in IRC, as I get deeper into it, I'll be going with approach
> > #3 after all :/. Hope to post a tinfoil script soon.
>
> That would be very much appreciated!
Here's a prototype bbclass:
https://gist.github.com/mostthingsweb/39e24b329de70c0212e5bf21a431e143. Please
give it a
On Tue, Jan 14, 2020 at 11:18:44PM +0100, Alexander Kanavin wrote:
> On Tue, 14 Jan 2020 at 21:10, Randy MacLeod
> wrote:
>
> > Oleg is getting started using Yocto so I'll reply on his behalf since
> > I asked him to update vim as his first commit.
> >
> > I'm not sure what you mean by 8.2. Are
From: Alexander Kanavin
The old URI returns 404, and has an invalid TLS certificate.
Signed-off-by: Alexander Kanavin
Signed-off-by: Richard Purdie
(cherry picked from commit 73ff6aba0a53ffc3ee0a5859a3ad4c8021be4de0)
Signed-off-by: Armin Kuster
---
meta/recipes-extended/sudo/sudo_1.8.27.bb
From: Ferry Toth
It looks like https://www.sudo.ws/download.html changed certificate
and directory structure. This breaks fetching sources.
Signed-off-by: Ferry Toth
Signed-off-by: Ross Burton
Signed-off-by: Armin Kuster
(cherry picked from commit f02e9f46ce54fed3c7ddfad7d1003a2fb7ba3a67)
From: Niko Mauno
Switch to recently released version 1.1 of NVD CVE JSON feed, as in
https://nvd.nist.gov/General/News/JSON-1-1-Vulnerability-Feed-Release
it is mentioned that
Due to changes required to support CVSS v3.1 scoring, the JSON
vulnerability feeds must be modified. This will
From: Oleksandr Kravchuk
rpm5.org has been down for about a year now. Use linuxfromscratch.org
as an alternative reliable source instead.
Signed-off-by: Oleksandr Kravchuk
Signed-off-by: Richard Purdie
(cherry picked from commit d9224014da9a512b1b8837e4e7a736d465c97be3)
Signed-off-by: Armin
Fixes:
WARNING: stress-1.0.4-r0 do_fetch: Failed to fetch URL
http://people.seas.harvard.edu/~apw/stress/stress-1.0.4.tar.gz, attempting
MIRRORS if available
Signed-off-by: Armin Kuster
---
meta/recipes-extended/stress/stress_1.0.4.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
From: Ross Burton
Don't hardcode the database filename, there's a variable for this in
cve-check.bbclass.
(From OE-Core rev: 0d188a9dc4ae64c64cd661e9d9c3841e86f226ab)
Signed-off-by: Ross Burton
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
From: Ross Burton
Remove obsolete Python 2 code, and use convenience methods for neatness.
(From OE-Core rev: f19253cc9e70c974a8e21a142086c13d7cde04ff)
Signed-off-by: Ross Burton
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
meta/classes/cve-check.bbclass | 18
From: Ross Burton
A previous optimisation was premature and resulted in false-negatives in the
report.
Rewrite the checking algorithm to first get the list of potential CVEs by
vendor:product, then iterate through every matching CPE for that CVE to
determine if the bounds match or not. By
From: Ross Burton
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
meta/classes/cve-check.bbclass | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index f87bcc9dc6..1c8b2223a2 100644
---
From: Ross Burton
This code used to construct a single SQL statement that fetched the NVD data for
every CVE requested. For recipes such as the kernel where there are over 2000
CVEs to report this can hit the variable count limit and the query fails with
"sqlite3.OperationalError: too many SQL
From: Ross Burton
We already fetch the yearly CVE metadata and check that for updates before
downloading the full data, but we can speed up CVE checking further by only
checking the CVE metadata once an hour.
(From OE-Core rev: 50d898fd360c58fe85460517d965f62b7654771a)
Signed-off-by: Ross
From: Ross Burton
Create an index on the PRODUCTS table which contains a row for each CPE,
drastically increasing the performance of lookups for a specific CVE.
(From OE-Core rev: b4048b05b3a00d85c40d09961f846eadcebd812e)
Signed-off-by: Ross Burton
Signed-off-by: Richard Purdie
From: Ross Burton
urllib handles adding proxy handlers if the proxies are set in the environment,
so call bb.utils.export_proxies() to do that and remove the manual setup.
(From OE-Core rev: 6b73004668b3b71c9c38814b79fbb58c893ed434)
Signed-off-by: Ross Burton
Signed-off-by: Richard Purdie
From: Ross Burton
The patch scanner works with patch files in the layer, not in the workdir, so it
doesn't need to unpack.
(From OE-Core rev: 2cba6ada970deb5156e1ba0182f4f372851e3c17)
Signed-off-by: Ross Burton
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
From: Khem Raj
install_locales() here is actually operating on nativesdk and only glibc
is the default library for nativesdk, since thats what most of
desktop/server distros use, therefore bailing out based on TCLIBC is not
needed here, since nativesdk-glibc would be required for all non-glibc
From: Zang Ruochen
-libpcap/0001-pcap-usb-linux.c-add-missing-limits.h-for-musl-syste.patch
Removed since this is included in 1.9.1.
Signed-off-by: Zang Ruochen
Signed-off-by: Richard Purdie
[CVE-2018-16301 CVE-2019-15161 CVE-2019-15162 CVE-2019-15163 CVE-2019-15164
CVE-2019-15165]
From: Ross Burton
CVEs that are whitelisted or were not vulnerable when there are version
comparisons were not included in the report, so alter the logic to ensure that
all relevant CVEs are in the report for completeness.
(From OE-Core rev: 98256ff05fcfe9d5ccad360582c36eafb577c264)
From: Chen Qi
Signed-off-by: Chen Qi
Signed-off-by: Richard Purdie
Signed-off-by: Adrian Bunk
Signed-off-by: Armin Kuster
---
meta/recipes-sato/webkit/webkitgtk_2.22.7.bb | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/recipes-sato/webkit/webkitgtk_2.22.7.bb
From: Ross Burton
This CVE is about race conditions in 'ps' which make it unsuitable for security
audits. As these race conditions are unavoidable ps shouldn't be used for
security auditing, so this isn't a valid CVE.
Signed-off-by: Ross Burton
Signed-off-by: Richard Purdie
Signed-off-by:
From: Ross Burton
This is a memory leak that nobody else can replicate and has been rejected by
upstream.
Signed-off-by: Ross Burton
Signed-off-by: Richard Purdie
Signed-off-by: Adrian Bunk
Signed-off-by: Armin Kuster
---
meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb | 3 +++
1
From: Chen Qi
Signed-off-by: Chen Qi
Signed-off-by: Richard Purdie
Signed-off-by: Adrian Bunk
Signed-off-by: Armin Kuster
---
meta/recipes-graphics/xorg-lib/libxfont2_2.0.3.bb | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/recipes-graphics/xorg-lib/libxfont2_2.0.3.bb
From: Ross Burton
Signed-off-by: Ross Burton
Signed-off-by: Richard Purdie
Signed-off-by: Adrian Bunk
Signed-off-by: Armin Kuster
---
meta/recipes-extended/pam/libpam_1.3.0.bb | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/recipes-extended/pam/libpam_1.3.0.bb
From: Ross Burton
There's a Jenkins plugin for Subversion.
Signed-off-by: Ross Burton
Signed-off-by: Richard Purdie
Signed-off-by: Adrian Bunk
Signed-off-by: Armin Kuster
---
meta/recipes-devtools/subversion/subversion_1.11.1.bb | 2 ++
1 file changed, 2 insertions(+)
diff --git
From: Ross Burton
Signed-off-by: Ross Burton
Signed-off-by: Richard Purdie
Signed-off-by: Adrian Bunk
Signed-off-by: Armin Kuster
---
meta/recipes-extended/ed/ed_1.15.bb | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/recipes-extended/ed/ed_1.15.bb
From: Ross Burton
There are many projects called Flex and they have CVEs, so also set the vendor
to remove these false positives.
Signed-off-by: Ross Burton
Signed-off-by: Richard Purdie
Signed-off-by: Adrian Bunk
Signed-off-by: Armin Kuster
---
meta/recipes-devtools/flex/flex_2.6.0.bb | 3
From: Ross Burton
There's a Jenkins plugin for Git.
Signed-off-by: Ross Burton
Signed-off-by: Richard Purdie
Signed-off-by: Adrian Bunk
Signed-off-by: Armin Kuster
---
meta/recipes-devtools/git/git.inc | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/recipes-devtools/git/git.inc
From: Ross Burton
There's a Boost module for Drupal.
Signed-off-by: Ross Burton
Signed-off-by: Richard Purdie
Signed-off-by: Adrian Bunk
Signed-off-by: Armin Kuster
---
meta/recipes-support/boost/boost.inc | 2 ++
1 file changed, 2 insertions(+)
diff --git
From: Alexander Kanavin
Drop backports, rebase a couple of patches.
This is the second last release of py 2.x; upstream support ends on
1 January 2020, there will be one final 2.x afterwards.
Note that the only thing that still needs python 2.x in oe-core is
u-boot; when the next u-boot update
From: Anuj Mittal
Differentiate it from openssl gem for Ruby.
Signed-off-by: Anuj Mittal
Signed-off-by: Richard Purdie
Signed-off-by: Adrian Bunk
Signed-off-by: Armin Kuster
---
meta/recipes-connectivity/openssl/openssl_1.1.1b.bb | 2 ++
1 file changed, 2 insertions(+)
diff --git
From: Kai Kang
Backport patches to fix CVE-2019-6471 and CVE-2018-5743 for bind.
CVE-2019-6471 is fixed by 0001-bind-fix-CVE-2019-6471.patch and the
other 6 patches are for CVE-2018-5743. And backport one more patch to
fix compile error on arm caused by these 6 commits.
(From OE-Core rev:
From: Anuj Mittal
Signed-off-by: Anuj Mittal
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
meta/recipes-devtools/python/python.inc | 1 +
.../python/python/CVE-2018-20852.patch| 123 ++
2 files changed, 124 insertions(+)
create mode 100644
From: Chen Qi
(From OE-Core rev: 1a7593bcdaf8a8cf15259aee8a0e2686247f2987)
Signed-off-by: Chen Qi
Signed-off-by: Richard Purdie
Signed-off-by: Anuj Mittal
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
...cape-the-server-title-of-DocXMLRPCSe.patch | 101 ++
Please consider this series for the next warrior release.
The following changes since commit 0a1b1e88b936177344392e185fbd077622d88b3e:
file: fix CVE-2019-18218 (2019-11-11 20:49:54 -0800)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib
On Thu, Jan 16, 2020 at 5:13 AM Adrian Bunk wrote:
>
> On Wed, Jan 15, 2020 at 08:46:09PM -0800, Khem Raj wrote:
> > Clang detects that getcwd is being re-declared and signatures don't
> > match, simple solution is to let clang use overloadable attribute
> >...
> > +Fixes
> > +dcigettext.c:147:7:
Changes to packages/core2-64-poky-linux/gstreamer1.0 (sysroot):
/usr/share/bash-completion/helpers/gst was removed
/usr/share/bash-completion/helpers was removed
/usr/share/bash-completion/completions/gst-launch-1.0 was removed
/usr/share/bash-completion/completions was removed
Bash
Changes to images/qemux86_64/glibc/core-image-sato
(installed-package-names.txt):
gstreamer1.0-plugins-good-monoscope was added
gstreamer1.0-plugins-good-oss4 was added
These were not being built with autotools. Do we want them to be
enabled out of the box and do we want PACKAGECONFIGs
Ping...
On 2020/1/2 18:53, Junling Zheng wrote:
> The stack protector flag is a compile option, not a link option, so
> remove it from LDFLAGS.
>
> Signed-off-by: Junling Zheng
> ---
> meta/conf/distro/include/security_flags.inc | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
>
On Wed, Jan 15, 2020 at 08:46:09PM -0800, Khem Raj wrote:
> Clang detects that getcwd is being re-declared and signatures don't
> match, simple solution is to let clang use overloadable attribute
>...
> +Fixes
> +dcigettext.c:147:7: error: redeclaration of 'getcwd' must have the
> 'overloadable'
Hi Paul
It looks interesting, I guess I can use your code and extend it to
support complete file system instead of just a file. Will come back to
the list with a patch in case someone else finds it useful
Thanks
On Wed, Jan 15, 2020 at 2:53 PM Paul Barker wrote:
>
> On Wed, 15 Jan 2020 at
50 matches
Mail list logo
