[OE-core][PATCH] gobject-introspection: fix default search path for girdir

When running g-ir-scanner, we get the following error: Couldn't find include 'GObject-2.0.gir' (search path: '['/usr/lib64', 'gir-1.0', '/usr/local/share/gir-1.0', '/usr/share/gir-1.0', '/usr/share/gir-1.0', '/usr/share/gir-1.0']') This is because g-ir-tool-template.in is not setting

Re: [OE-core] OpenEmbedded Happy Hour March 30 5pm/1700 UTC

Reminder, OpenEmbedded Happy Hour is tomorrow. See you all there. On Thu, Mar 24, 2022 at 06:41:58PM -0400, Denys Dmytriyenko wrote: > All, > > You are cordially invited to the next OpenEmbedded Happy Hour on March 30 > for Europe/Americas timezones @ 1700/5pm UTC (1pm ET / 10am PT): > >

Re: [OE-core] [PATCH] lttng-tools: Update to 2.13.6

Hello, New ptest failures after this: {'lttng-tools': ['kernel/test_callstack_11_-_Validate_userspace_callstack', 'kernel/test_userspace_probe_94_-_Enable_kernel_userspace_probe_event_for_session_test_userprobe_elf_cxx_function',

[OE-core][dunfell 7/7] xserver-xorg: update to 1.20.14

Fixes: CVE-2021-4008 CVE-2021-4009 CVE-2021-4010 CVE-2021-4011 Stable branch update: 97c5b (HEAD -> server-1.20-branch, tag: xorg-server-1.20.14, origin/server-1.20-branch) xserver 1.20.14 35b4681c7 render: Fix out of bounds access in SProcRenderCompositeGlyphs() 67425fcab Xext: Fix out of

[OE-core][dunfell 6/7] xserver-xorg: update to 1.20.13

Stable branch update: 86a72cb19 (tag: xorg-server-1.20.13) xserver 1.20.13 f85e4edba modesetting: unflip not possible when glamor is not set b03d7184b present: fallback get_crtc to return crtc belonging to screen with present extension Signed-off-by: Steve Sakoman ---

[OE-core][dunfell 5/7] xserver-xorg: update to 1.20.12

Stable branch update: b88ad0b34 (tag: xorg-server-1.20.12) xserver 1.20.12 8dea50223 Build xz tarballs instead of bzip2 b7adbac7d hw/dmx/config: Link directly with libdmxconfig.a e49738f0c xfree86: Fix NULL pointer dereference crash 9a59631a4 glx: Fix use after free in MakeCurrent 1fc0ca6e6

[OE-core][dunfell 4/7] xserver-xorg: update to 1.20.11

Fixes CVE-2021-3472 Stable branch update: 6b767cdf6 (tag: xorg-server-1.20.11) xserver 1.20.11 a1a1aa2c1 Fix XChangeFeedbackControl() request underflow 8890c44a7 xquartz: Remove a check for NSAppKitVersionNumber >= NSAppKitVersionNumber10_7 3c3680c36 xquartz: Don't include strndup.c any more

[OE-core][dunfell 3/7] xserver-xorg: update to 1.20.10

Remove CVE patches contained in this release. Stable branch update: bc111a2e6 (tag: xorg-server-1.20.10) xserver 1.20.10 06d1a032e Check SetMap request length carefully. 7ccb3b0ea Fix XkbSetDeviceInfo() and SetDeviceIndicators() heap overflows 440ed5948 present/wnmd: Translate update region to

[OE-core][dunfell 2/7] xserver-xorg: update to 1.20.9

Remove CVE patches contained in this release. Stable branch update: afb77415e (tag: xorg-server-1.20.9) xserver 1.20.9 705d72139 Fix XRecordRegisterClients() Integer underflow 5b384e767 Fix XkbSelectEvents() integer underflow eff3f6cdd Fix XIChangeHierarchy() integer underflow 1d3a1092c Correct

[OE-core][dunfell 1/7] util-linux: fix CVE-2022-0563

A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from

[OE-core][dunfell 0/7] Patch review

Please review this set of patches for dunfell and have comments back by end of day Thursday. Passed a-full on autobuilder: https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3445 The following changes since commit da5cba5ec56cc437ede46d8aa71219a2a34cbe9e:

[OE-core] [PATCH v3 4/4] go-target: Pass -trimpath to go linker

This is for improving reproducibility to trim absolute paths as these recipes do not inherit go bbclass where it would be set automatically Signed-off-by: Khem Raj --- meta/recipes-devtools/go/go-target.inc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git

[OE-core] [PATCH v3 2/4] go: Drop GOBUILDMODE

This is local invention which is no longer needed, pie-mode works good now a days to build go for target Signed-off-by: Khem Raj --- meta/recipes-devtools/go/go-1.18.inc | 1 - ...008-use-GOBUILDMODE-to-set-buildmode.patch | 42 --- meta/recipes-devtools/go/go_1.18.bb

[OE-core] [PATCH v3 3/4] go: Disable pie in cgo for mips

This overcomes the linking errors e.g. | /usr/lib/go/src/cmd/go/internal/base/base.go:110:(.text+0x60fef8): relocation R_MIPS_26 against `a local symbol' cannot be used when making a shared object; recompile with -fPIC | /usr/lib/go/src/cmd/go/internal/base/base.go:110:(.text+0x60ff0c):

[OE-core] [PATCH v3 1/4] go: Upgrade to 1.18

1.18 is a major release brings in long awaited new features e.g. generics, fuzzing Detailed list is here [1] Drop patches to manipulate multiword CC/CXX as go has fixed it differently [2] Drop cgo portion of patch to hack hash generation logic either we should find a way to not use it or redo

[OE-core][dunfell 00/10] Pull request (cover letter only)

The following changes since commit 71015408c60ddf2e9af00cc8574815971e1b689d: oeqa/selftest/tinfoil: Improve tinfoil event test debugging (2022-03-21 04:17:02 -1000) are available in the Git repository at: git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next

Re: [OE-core] [PATCH] libsdl2: Disable libunwind dependency in native builds

Is this specific to some particular host setup? If so, it needs to be said in the commit message, so we know when it is safe to drop this patch. Alex On Tue, 29 Mar 2022 at 09:52, Carlos Rafael Giani via lists.openembedded.org wrote: > > libunwind-native currently cannot be added to the

Re: [OE-core] [PATCH][dunfell] zlib: backport the fix for CVE-2018-25032

On Tue, Mar 29, 2022 at 3:07 AM Ross Burton wrote: > > Signed-off-by: Ross Burton > --- > .../zlib/zlib/CVE-2018-25032.patch| 347 ++ This breaks dunfell meta-intel: ERROR: Applying patch 'CVE-2018-25032.patch' on target directory

[OE-core] [PATCH] lttng-tools: Update to 2.13.6

Signed-off-by: Peter Kjellerstedt --- .../lttng/{lttng-tools_2.13.4.bb => lttng-tools_2.13.6.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-kernel/lttng/{lttng-tools_2.13.4.bb => lttng-tools_2.13.6.bb} (98%) diff --git

[OE-core] Yocto Project Status WW132`22

Current Dev Position: YP 3.5 M4 Next Deadline: 4th April. 2022 YP 3.5 M4 build Next Team Meetings: * Bug Triage meeting Thursday Mar. 31st 7:30 am PDT ( https://zoom.us/j/454367603?pwd=ZGxoa2ZXL3FkM3Y0bFd5aVpHVVZ6dz09)

[OE-core] [RFC PATCH] zlib: remove historical movement of libz.so to /lib

Historically there's been a split between /lib for early boot and /usr/lib for everything else, but with modern systems this split is meaningless and incomplete. If a minimal system for early boot is needed, it should be a full minimal system in a initramfs. Signed-off-by: Ross Burton ---

[OE-core] [PATCH] zlib: upgrade to 1.2.12

First upstream release since 2017! - Fix a deflate bug when using the Z_FIXED strategy that can result in out-of-bound accesses. - Fix a deflate bug when the window is full in deflate_stored(). - Speed up CRC-32 computations by a factor of 1.5 to 3. - Use the hardware CRC-32 instruction on ARMv8

[OE-core] [PATCH][honister] zlib: backport the fix for CVE-2018-25032

Signed-off-by: Ross Burton --- .../zlib/zlib/CVE-2018-25032.patch| 347 ++ meta/recipes-core/zlib/zlib_1.2.11.bb | 1 + 2 files changed, 348 insertions(+) create mode 100644 meta/recipes-core/zlib/zlib/CVE-2018-25032.patch diff --git

[OE-core] [PATCH][dunfell] zlib: backport the fix for CVE-2018-25032

Signed-off-by: Ross Burton --- .../zlib/zlib/CVE-2018-25032.patch| 347 ++ meta/recipes-core/zlib/zlib_1.2.11.bb | 1 + 2 files changed, 348 insertions(+) create mode 100644 meta/recipes-core/zlib/zlib/CVE-2018-25032.patch diff --git

[OE-core] [PATCH][gatesgarth] zlib: backport the fix for CVE-2018-25032

Signed-off-by: Ross Burton --- .../zlib/zlib/CVE-2018-25032.patch| 347 ++ meta/recipes-core/zlib/zlib_1.2.11.bb | 1 + 2 files changed, 348 insertions(+) create mode 100644 meta/recipes-core/zlib/zlib/CVE-2018-25032.patch diff --git

[OE-core] [PATCH] zlib: backport the fix for CVE-2018-25032

Signed-off-by: Ross Burton --- .../zlib/zlib/CVE-2018-25032.patch| 347 ++ meta/recipes-core/zlib/zlib_1.2.11.bb | 1 + 2 files changed, 348 insertions(+) create mode 100644 meta/recipes-core/zlib/zlib/CVE-2018-25032.patch diff --git

[OE-core] [PATCH][hardknott] zlib: backport the fix for CVE-2018-25032

Signed-off-by: Ross Burton --- .../zlib/zlib/CVE-2018-25032.patch| 347 ++ meta/recipes-core/zlib/zlib_1.2.11.bb | 1 + 2 files changed, 348 insertions(+) create mode 100644 meta/recipes-core/zlib/zlib/CVE-2018-25032.patch diff --git

[OE-core][PATCH v3 2/2] cve-check: add coverage statistics on recipes with/without CVEs

Until now the CVE checker was giving information about CVEs found for a product (or more products) contained in a recipe. However, there was no easy way to find out which products or recipes have no CVEs. Having no reported CVEs might mean there are simply none, but can also mean a product name

[OE-core][PATCH v3 1/2] cve-check: add json format

Add an option to output the CVE check in a JSON-based format. This format is easier to parse in software than the original text-based one and allows post-processing by other tools. Output formats are now handed by CVE_CHECK_FORMAT_TEXT and CVE_CHECK_FORMAT_JSON. Both of them are enabled by

Re: [OE-core] Which vendors maintain SDIO WiFi in mainline stable kernel

Hi Jupiter, On Tue, Mar 29, 2022 at 3:16 AM JH wrote: > > Hi, > > I could not understand why so many large WiFi chip vendors retreat to > stop maintaining WiFi SDIO chips to mainline Linux kernel, and to > settle it's chip support to out of the tree, use its own SDK and > proprietary kernel tree

Re: [OE-core] Which vendors maintain SDIO WiFi in mainline stable kernel

Hi Jupiter, On 3/29/22 07:16, JH wrote: Hi, I could not understand why so many large WiFi chip vendors retreat to stop maintaining WiFi SDIO chips to mainline Linux kernel, and to settle it's chip support to out of the tree, use its own SDK and proprietary kernel tree to source.codeaurora.org

Re: [OE-core] [PATCH v2 1/4] go: Upgrade to 1.18

Hi Khem, I think I applied that correctly but this failed to build: https://autobuilder.yoctoproject.org/typhoon/#/builders/64/builds/4965/steps/11/logs/stdio On 28/03/2022 11:07:04-0700, Khem Raj wrote: > 1.18 is a major release brings in long awaited new features e.g. > generics, fuzzing > >

[OE-core] [hardknott][PATCH] python3-numpy: fix CVE-2021-41496

From: Mingli Yu Backport patch [1] to fix CVE-2021-41496. [1] https://github.com/numpy/numpy/commit/271010f1037150e95017f803f4214b8861e528f2 Signed-off-by: Mingli Yu --- .../python-numpy/files/CVE-2021-41496.patch | 64 +++ .../python-numpy/python3-numpy_1.20.1.bb |

Re: [OE-core] [PATCH] libsdl2: Disable libunwind dependency in native builds

I wish to emphasize that this is meant as a plan B in case the libunwind problem cannot be fixed in time for the Kirkstone release. Plan A would be a fixed libunwind. On 29.03.22 09:51, Carlos Rafael Giani via lists.openembedded.org wrote: libunwind-native currently cannot be added to the

[OE-core] [PATCH] libsdl2: Disable libunwind dependency in native builds

libunwind-native currently cannot be added to the class-native DEPENDS due to the following problem: https://autobuilder.yoctoproject.org/typhoon/#/builders/91/builds/5624/steps/12/logs/stdio And without libunwind-native, libsdl2-native config fails errors like: | -- Checking for one of the

[OE-core] Including kernel-devsrc to the SDK while using INCOMPATIBLE_LICENSE

Hi, I am trying to add the kernel-devsrc to the SDK by using TOOLCHAIN_TARGET_TASK_append = "kernel-devsrc" My problem is that we are trying to prevent GPLv3 packages by setting INCOMPATIBLE_LICENSE = "GPL-3.0" This resulting in an issue because the kernel-devsrc depend on GPLv3 packages

Re: [OE-core] Which vendors maintain SDIO WiFi in mainline stable kernel

Hi Jupiter, I cannot help you on the specific chip you ask, but responding to the second part of your question I have quite good experience with Microchip WILC1000/3000 on SDIO which, after a part separate repo and then staging, is now in mailine from quite some time:

[OE-core][PATCH v2] cve-check: add json format

Add an option to output the CVE check in a JSON-based format. This format is easier to parse in software than the original text-based one and allows post-processing by other tools. Output formats are now handed by CVE_CHECK_FORMAT_TEXT and CVE_CHECK_FORMAT_JSON. Both of them are enabled by

[OE-core] Which vendors maintain SDIO WiFi in mainline stable kernel

Hi, I could not understand why so many large WiFi chip vendors retreat to stop maintaining WiFi SDIO chips to mainline Linux kernel, and to settle it's chip support to out of the tree, use its own SDK and proprietary kernel tree to source.codeaurora.org or private repository which are not

[OE-core] [hardknott][PATCH] epiphany: fix CVEs

From: Mingli Yu Backport patch [1] to fix below CVEs: - CVE-2021-45085 - CVE-2021-45086 - CVE-2021-45087 - CVE-2021-45088 [1] https://sources.debian.org/data/main/e/epiphany-browser/3.38.2-1+deb11u2/debian/patches/encode-untrusted-data.patch Signed-off-by: Mingli Yu ---

Re: [OE-core] [meta-oe][PATCH v2] graphviz: add pkg_postinst script

On 3/29/22 1:48 PM, kai wrote: From: Kai Kang It needs to run `dot -c` first before call 'dot' command, otherwise it fails with: | Format: "png" not recognized. No formats found. | Perhaps "dot -c" needs to be run (with installer's privileges) to register the plugins? Signed-off-by: Kai