From: Mingli Yu
Fix the build failure when debug build is enabled.
Add DEBUG_BUILD = "1" in conf/local.conf.
$ bitbake perl
| In function 'dynprep',
inlined from 'S_sortsv_flags_impl' at pp_sort.c:358:20,
inlined from 'sortsv_amagic_i_ncmp' at pp_sort.c:572:5:
| pp_sort.c:1232:1:
Source: https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git
MR: 117430
Type: Security Fix
Disposition: Backport from
https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/commit/?h=maint=ab51d587bb9b229b1fade1afd02e1574c1ba5c76
ChangeID: e6db00c6e8375a2e869fd2e4ead61ca9149eb8fa
Description:
From: Richard Purdie
When running CVE checks in CI we're usually not interested in warnings on the
console for any CVEs present. Add a configuration option CVE_CHECK_SHOW_WARNINGS
to allow this to be disabled (it is left enabled by default).
Signed-off-by: Richard Purdie
(cherry picked from
From: leimaohui
As product, sdk should do cve check as well as rootfs.
Signed-off-by: Lei Maohui
Signed-off-by: Luca Ceresoli
(cherry picked from commit cc17753935c5f9e08aaa6c5886f059303147c07b)
Signed-off-by: Steve Sakoman
---
meta/classes/cve-check.bbclass | 1 +
1 file changed, 1
From: Ernst Sjöstrand
Before this the rootfs manifest and the summary were identical.
We should separate the summary and rootfs manifest more clearly,
now the summary is for all CVEs and the rootfs manifest is only for
things in that image. This is even more useful if you build multiple
images.
From: Ernst Sjöstrand
Signed-off-by: Ernst Sjöstrand
Signed-off-by: Luca Ceresoli
Signed-off-by: Richard Purdie
(cherry picked from commit 5046d54df2c3057be2afa4143a2833183fca0d67)
Signed-off-by: Steve Sakoman
---
meta/classes/cve-check.bbclass | 34 +-
1
From: Dan Tran
ncurses 6.3 before patch 20220416 has an out-of-bounds read and
segmentation violation in convert_strings in tinfo/read_entry.c in the
terminfo library.
Backported from the link below, extracting only the relevant changes.
From: Richard Purdie
Address CVE-2022-1621, CVE-2022-1629, CVE-2022-1674, CVE-2022-1733,
CVE-2022-1735
CVE-2022-1769, CVE-2022-1771, CVE-2022-1785, CVE-2022-1796
Signed-off-by: Richard Purdie
(cherry picked from commit fafce97bd440150ac5c586b53b887ee70a5b66bd)
Signed-off-by: Steve Sakoman
From: Riyaz
Add patch for CVE issue: CVE-2022-29824
CVE-2022-29824
Link:
[https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab]
Dependent patch:
[https://gitlab.gnome.org/GNOME/libxml2/-/commit/b07251215ef48c70c6e56f7351406c47cfca4d5b]
Signed-off-by: Riyaz
From: Virendra Thakur
Add patch to fix CVE-2022-1475
Signed-off-by: Virendra Thakur
Signed-off-by: Steve Sakoman
---
.../ffmpeg/ffmpeg/CVE-2022-1475.patch | 36 +++
.../recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb | 1 +
2 files changed, 37 insertions(+)
create mode
From: Ranjitsinh Rathod
Add patch to fix CVE-2021-33657 issue for libsdl2
Link: https://security-tracker.debian.org/tracker/CVE-2021-33657
Signed-off-by: Ranjitsinh Rathod
Signed-off-by: Ranjitsinh Rathod
Signed-off-by: Steve Sakoman
---
.../libsdl2/libsdl2/CVE-2021-33657.patch | 38
From: Ranjitsinh Rathod
As per below debian link, CVE-2021-28966 affects Windows only
Link: https://security-tracker.debian.org/tracker/CVE-2021-28966
Signed-off-by: Ranjitsinh Rathod
Signed-off-by: Ranjitsinh Rathod
Signed-off-by: Steve Sakoman
---
meta/recipes-devtools/ruby/ruby_2.7.6.bb
From: Ranjitsinh Rathod
Upgrade ruby to 2.7.6
Link: https://www.ruby-lang.org/en/news/2022/04/12/ruby-2-7-6-released/
This includes CVE-2022-28739 security fix
Signed-off-by: Ranjitsinh Rathod
Signed-off-by: Ranjitsinh Rathod
Signed-off-by: Steve Sakoman
---
Please review this set of patches for dunfell and have comments back by end
of day Friday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3738
The following changes since commit add860e1a69f848097bbc511137a62d5746e5019:
On 6/1/2022 3:29 PM, Steve Sakoman wrote:
On Wed, Jun 1, 2022 at 12:27 PM Jeremy Puhlman wrote:
On 6/1/2022 3:15 PM, Richard Purdie wrote:
On Wed, 2022-06-01 at 16:55 -0400, Jeremy Puhlman wrote:
Sharing sstate cache binaries between two systems, one with libzstd installed
and the other
Sharing sstate cache binaries between two systems, one with libzstd installed
and the other without, leads to various gcc components being linked against
the system libzstd and failing to run on the system with out it installed.
Make zstd-native from our system available.
Signed-off-by: Jeremy
On Wed, Jun 1, 2022 at 12:27 PM Jeremy Puhlman wrote:
>
>
>
> On 6/1/2022 3:15 PM, Richard Purdie wrote:
> > On Wed, 2022-06-01 at 16:55 -0400, Jeremy Puhlman wrote:
> >> Sharing sstate cache binaries between two systems, one with libzstd
> >> installed
> >> and the other without, leads to
On 6/1/2022 3:15 PM, Richard Purdie wrote:
On Wed, 2022-06-01 at 16:55 -0400, Jeremy Puhlman wrote:
Sharing sstate cache binaries between two systems, one with libzstd installed
and the other without, leads to various gcc components being linked against
the system libzstd and failing to run
On Wed, 2022-06-01 at 16:55 -0400, Jeremy Puhlman wrote:
> Sharing sstate cache binaries between two systems, one with libzstd installed
> and the other without, leads to various gcc components being linked against
> the system libzstd and failing to run on the system with out it installed.
>
>
Sharing sstate cache binaries between two systems, one with libzstd installed
and the other without, leads to various gcc components being linked against
the system libzstd and failing to run on the system with out it installed.
Make zstd-native from our system available.
Signed-off-by: Jeremy
On Wed, 2022-06-01 at 07:01 -1000, Steve Sakoman wrote:
> On Wed, Jun 1, 2022 at 6:32 AM Richard Purdie
> wrote:
> >
> > On Wed, 2022-06-01 at 06:21 -1000, Steve Sakoman wrote:
> > > On Wed, Jun 1, 2022 at 6:10 AM Richard Purdie
> > > wrote:
> > > >
> > > > On Wed, 2022-06-01 at 05:29 -1000,
From: Vyacheslav Yurkov
OverlayFS systemd helper unit might require more pre-processing
commands. It gets more complicated to embed them in a unit file, because
systemd shell subset is limited and might require additional escaping.
Move the command to a separate script, thus simplifying systemd
From: Vyacheslav Yurkov
Permission model of overlayfs uses permissions/ownership from the upper
layer after mounting. Fix up UID/GID of the upper layer, when lower
layer already uses something custom.
Signed-off-by: Vyacheslav Yurkov
---
meta/files/overlayfs-create-dirs.sh | 3 +++
1 file
There is a race were the bb_unihashes.dat file may end up zero sized due to
concurrent builds. Use recently added API within bitbake to copy the file
safely. Also use the opportunity to remove hardcoded filepaths internal to
bitbake from OE-Core.
Bump the minimum bitbake version to match the API
On Wed, Jun 1, 2022 at 6:32 AM Richard Purdie
wrote:
>
> On Wed, 2022-06-01 at 06:21 -1000, Steve Sakoman wrote:
> > On Wed, Jun 1, 2022 at 6:10 AM Richard Purdie
> > wrote:
> > >
> > > On Wed, 2022-06-01 at 05:29 -1000, Steve Sakoman wrote:
> > >
> > >
> > > Keep in mind that the test uses
On Wed, Jun 1, 2022 at 5:14 PM Marcel Ziswiler wrote:
>
> On Wed, 2022-06-01 at 15:48 +0200, Luca Ceresoli wrote:
> > Hi Marcel,
> >
> > On Tue, 31 May 2022 23:32:06 +0200
> > "Marcel Ziswiler" wrote:
> >
> > > From: Peter Bergin
> > >
> > > In order to enable configuration option aaf (AVTP
On Wed, 2022-06-01 at 06:21 -1000, Steve Sakoman wrote:
> On Wed, Jun 1, 2022 at 6:10 AM Richard Purdie
> wrote:
> >
> > On Wed, 2022-06-01 at 05:29 -1000, Steve Sakoman wrote:
> >
> >
> > Keep in mind that the test uses sstate to compare against so even that
> > isn't a guarantee of
does it use objdump from host ?
On Wed, Jun 1, 2022 at 9:21 AM Steve Sakoman wrote:
>
> On Wed, Jun 1, 2022 at 6:10 AM Richard Purdie
> wrote:
> >
> > On Wed, 2022-06-01 at 05:29 -1000, Steve Sakoman wrote:
> > > On Wed, Jun 1, 2022 at 12:10 AM Martin Jansa
> > > wrote:
> > > >
> > > > As
On Wed, Jun 1, 2022 at 6:10 AM Richard Purdie
wrote:
>
> On Wed, 2022-06-01 at 05:29 -1000, Steve Sakoman wrote:
> > On Wed, Jun 1, 2022 at 12:10 AM Martin Jansa wrote:
> > >
> > > As discussed on IRC yesterday I've tried to reproduce this failure
> > > locally and it works fine with poky
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *alsa-utils* to *1.2.7* has
Failed(do_compile).
Detailed error information:
do_compile failed
Next steps:
- apply the patch: git am 0001-alsa-utils-upgrade-1.2.6-1.2.7.patch
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *pulseaudio* to *16.0* has
Failed (devtool error).
Detailed error information:
Running 'devtool upgrade' for recipe pulseaudio failed.
NOTE: Starting bitbake server...
NOTE:
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *gnutls* to *3.7.6* has
Succeeded.
Next steps:
- apply the patch: git am 0001-gnutls-upgrade-3.7.5-3.7.6.patch
- check the changes to upstream patches and summarize them in
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *tiff* to *4.4.0* has Failed
(devtool error).
Detailed error information:
Running 'devtool upgrade' for recipe tiff failed.
NOTE: Starting bitbake server...
NOTE: Reconnecting to
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *sysstat* to *12.6.0* has
Succeeded.
Next steps:
- apply the patch: git am 0001-sysstat-upgrade-12.4.5-12.6.0.patch
- check the changes to upstream patches and summarize
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *alsa-ucm-conf* to *1.2.7* has
Succeeded.
Next steps:
- apply the patch: git am 0001-alsa-ucm-conf-upgrade-1.2.6.3-1.2.7.patch
- check the changes to upstream patches and
Recipe upgrade statistics:
* Succeeded: 20
glib-2.0, 2.72.2, Anuj Mittal
dnf, 4.13.0, Alexander Kanavin
python3-dtschema, 2022.5, Bruce Ashfield
python3-numpy, 1.22.4, Oleksandr Kravchuk
python3-pip, 22.1.2, Zang Ruochen
python3-sphinx,
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *wayland* to *1.20.91* has
Failed (devtool error).
Detailed error information:
The following devtool command failed: upgrade wayland -V 1.20.91
NOTE: Starting bitbake server...
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *xwayland* to *22.1.2* has
Succeeded.
Next steps:
- apply the patch: git am 0001-xwayland-upgrade-22.1.1-22.1.2.patch
- check the changes to upstream patches and summarize
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *diffoscope* to *214* has
Succeeded.
Next steps:
- apply the patch: git am 0001-diffoscope-upgrade-212-214.patch
- check the changes to upstream patches and summarize them
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *alsa-lib* to *1.2.7* has
Succeeded.
Next steps:
- apply the patch: git am 0001-alsa-lib-upgrade-1.2.6.1-1.2.7.patch
- check the changes to upstream patches and summarize
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *sysklogd* to *2.4.0* has
Succeeded.
Next steps:
- apply the patch: git am 0001-sysklogd-upgrade-2.3.0-2.4.0.patch
- check the changes to upstream patches and summarize them
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *procps* to *4.0.0* has Failed
(devtool error).
Detailed error information:
Running 'devtool upgrade' for recipe procps failed.
NOTE: Starting bitbake server...
WARNING: Host
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *libxkbcommon* to *1.4.1* has
Succeeded.
Next steps:
- apply the patch: git am 0001-libxkbcommon-upgrade-1.4.0-1.4.1.patch
- check the changes to upstream patches and
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *perl* to *5.36.0* has
Failed(do_compile).
Detailed error information:
do_compile failed
Next steps:
- apply the patch: git am 0001-perl-upgrade-5.34.1-5.36.0.patch
-
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *libstd-rs* to *1.61.0* has
Failed (devtool error).
Detailed error information:
The following devtool command failed: finish -f libstd-rs
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *python3-pip* to *22.1.2* has
Succeeded.
Next steps:
- apply the patch: git am 0001-python3-pip-upgrade-22.1.1-22.1.2.patch
- check the changes to upstream patches and
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *python3-sphinx* to *5.0.0*
has Succeeded.
Next steps:
- apply the patch: git am 0001-python3-sphinx-upgrade-4.5.0-5.0.0.patch
- check the changes to upstream patches and
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *python3-psutil* to *5.9.1*
has Failed (devtool error).
Detailed error information:
Running 'devtool upgrade' for recipe python3-psutil failed.
NOTE: Starting bitbake server...
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *vulkan-samples* to
*fa909d508e8b5ef817b0c68b91034c13a6b4bc15* has Failed(other errors).
Detailed error information:
'MACHINE=qemux86 bitbake vulkan-samples' failed
WARNING: Host
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *rust-llvm* to *1.61.0* has
Failed (devtool error).
Detailed error information:
The following devtool command failed: finish -f rust-llvm
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *cmake* to *3.23.2* has
Failed(do_compile).
Detailed error information:
do_compile failed
Next steps:
- apply the patch: git am 0001-cmake-upgrade-3.23.1-3.23.2.patch
-
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *gnu-config* to
*02ba26b218d3d3db6c56e014655faf463cefa983* has Failed (devtool error).
Detailed error information:
The following devtool command failed: upgrade gnu-config -S
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *llvm* to *14.0.4* has Failed
(devtool error).
Detailed error information:
The following devtool command failed: finish -f llvm
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *systemd-boot* to *251.1* has
Failed (devtool error).
Detailed error information:
Running 'devtool upgrade' for recipe systemd-boot failed.
NOTE: Starting bitbake server...
NOTE:
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *python3-dtschema* to *2022.5*
has Succeeded.
Next steps:
- apply the patch: git am 0001-python3-dtschema-upgrade-2022.4-2022.5.patch
- check the changes to upstream patches
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *systemd* to *251.1* has
Failed (devtool error).
Detailed error information:
Running 'devtool upgrade' for recipe systemd failed.
NOTE: Starting bitbake server...
NOTE:
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *python3-numpy* to *1.22.4*
has Succeeded.
Next steps:
- apply the patch: git am 0001-python3-numpy-upgrade-1.22.3-1.22.4.patch
- check the changes to upstream patches and
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *seatd* to *0.7.0* has Failed
(devtool error).
Detailed error information:
Running 'devtool upgrade' for recipe seatd failed.
NOTE: Starting bitbake server...
NOTE: Reconnecting to
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *btrfs-tools* to *5.18* has
Failed (devtool error).
Detailed error information:
Running 'devtool upgrade' for recipe btrfs-tools failed.
NOTE: Starting bitbake server...
NOTE:
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *glib-2.0* to *2.72.2* has
Succeeded.
Next steps:
- apply the patch: git am 0001-glib-2.0-upgrade-2.72.1-2.72.2.patch
- check the changes to upstream patches and summarize
Hello,
this email is a notification from the Auto Upgrade Helper
that the automatic attempt to upgrade the recipe *ovmf* to *edk2-stable202205*
has Failed(do_compile).
Detailed error information:
do_compile failed
Next steps:
- apply the patch: git am
On Wed, 2022-06-01 at 05:29 -1000, Steve Sakoman wrote:
> On Wed, Jun 1, 2022 at 12:10 AM Martin Jansa wrote:
> >
> > As discussed on IRC yesterday I've tried to reproduce this failure locally
> > and it works fine with poky master cee443ae75f (last commit in master
> > before the upgrade to
On Tue, May 31, 2022 at 11:01 PM Riyaz Ahmed Khan wrote:
>
> From: Riyaz Khan
>
> Add patches for CVE issues: CVE-2022-27781 CVE-2022-27782
>
> CVE-2022-27781
> Link:
> [https://github.com/curl/curl/commit/5c7da89d404bf59c8dd82a001119a16d18365917]
Unfortunately, this is still failing:
ERROR:
On Wed, Jun 1, 2022 at 12:10 AM Martin Jansa wrote:
>
> As discussed on IRC yesterday I've tried to reproduce this failure locally
> and it works fine with poky master cee443ae75f (last commit in master before
> the upgrade to 12.1)
> 2022-06-01 09:46:37,051 - oe-selftest - INFO - RESULTS -
>
On Wed, 2022-06-01 at 17:05 +0200, Luca Ceresoli wrote:
> Hi Marcel,
>
> On Wed, 1 Jun 2022 15:48:15 +0200
> "Luca Ceresoli via lists.openembedded.org"
> wrote:
>
> > Hi Marcel,
> >
> > On Tue, 31 May 2022 23:32:06 +0200
> > "Marcel Ziswiler" wrote:
> >
> > > From: Peter Bergin
> > >
> > >
On Wed, Jun 1, 2022 at 5:09 AM Steve Sakoman via
lists.openembedded.org
wrote:
>
> On Wed, Jun 1, 2022 at 12:53 AM omkar wrote:
> >
> > From: Richard Purdie
> >
> > We have libxml2 2.9.14 and we don't link statically against libxml2 anyway
> > so the CVE doesn't apply to libxslt.
>
> dunfell
On Wed, 2022-06-01 at 15:48 +0200, Luca Ceresoli wrote:
> Hi Marcel,
>
> On Tue, 31 May 2022 23:32:06 +0200
> "Marcel Ziswiler" wrote:
>
> > From: Peter Bergin
> >
> > In order to enable configuration option aaf (AVTP Audio Format)
> > used for AVB the library libavtp is a dependency but no
Hi Luca,
i've sent a patch that should hopefully fix your issue
Am 01.06.22 um 17:00 schrieb Luca Ceresoli:
Hi Markus,
On Tue, 31 May 2022 21:06:17 +0200
"Markus Volk" wrote:
Signed-off-by: Markus Volk
I applied patches 1 to 3 of this series to my testing branch and got
these failures:
---
meta/recipes-graphics/xorg-font/xorg-font-common.inc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-graphics/xorg-font/xorg-font-common.inc
b/meta/recipes-graphics/xorg-font/xorg-font-common.inc
index 2df23efed4..f552bb0076 100644
---
On Wed, Jun 1, 2022 at 12:53 AM omkar wrote:
>
> From: Richard Purdie
>
> We have libxml2 2.9.14 and we don't link statically against libxml2 anyway
> so the CVE doesn't apply to libxslt.
dunfell libxml2 is version 2.9.10!
Steve
> (From OE-Core rev: c6315d8a2a1429a0fb7563b1d6352ceee7bc222c)
>
Hi Marcel,
On Wed, 1 Jun 2022 15:48:15 +0200
"Luca Ceresoli via lists.openembedded.org"
wrote:
> Hi Marcel,
>
> On Tue, 31 May 2022 23:32:06 +0200
> "Marcel Ziswiler" wrote:
>
> > From: Peter Bergin
> >
> > In order to enable configuration option aaf (AVTP Audio Format)
> > used for AVB
On Wed, Jun 1, 2022 at 12:53 AM omkar wrote:
>
> From: Markus Volk
>
> Security
>
> [CVE-2021-30560] Fix use-after-free in xsltApplyTemplates
> Fix memory leak in xsltDocumentElem (David King)
> Fix memory leak in xsltCompileIdKeyPattern (David King)
> Fix double-free with stylesheets containing
Hi Markus,
On Tue, 31 May 2022 21:06:17 +0200
"Markus Volk" wrote:
> Signed-off-by: Markus Volk
I applied patches 1 to 3 of this series to my testing branch and got
these failures:
stdio: ERROR: Nothing PROVIDES 'font-util' (but
On Tue, May 31, 2022 at 7:54 PM Hitendra Prajapati
wrote:
>
> Source: https://github.com/PCRE2Project/pcre2
> MR: 118031
> Type: Security Fix
> Disposition: Backport from
> https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0
> ChangeID:
On Tue, May 31, 2022 at 7:34 PM Hitendra Prajapati
wrote:
>
> Source: https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git
> MR: 117430
> Type: Security Fix
> Disposition: Backport from
>
Hi Marcel,
On Tue, 31 May 2022 23:32:06 +0200
"Marcel Ziswiler" wrote:
> From: Peter Bergin
>
> In order to enable configuration option aaf (AVTP Audio Format)
> used for AVB the library libavtp is a dependency but no recipe for
> this library was present. aaf support for alsa-plugins was
>
From: Riyaz
Add patch for CVE issue: CVE-2022-29824
CVE-2022-29824
Link:
[https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab]
Dependent patch:
[https://gitlab.gnome.org/GNOME/libxml2/-/commit/b07251215ef48c70c6e56f7351406c47cfca4d5b]
Signed-off-by: Riyaz
On Wed, 2022-06-01 at 12:52 +0200, Peter Bergin wrote:
> On 2022-06-01 11:43, Alexander Kanavin wrote:
> > I'm not sure what the dilemma is, inspecting the repo shows that
> > there's a standard 0.2.0 tag pointing to a commit in the master
> > branch. You can look at pretty much any other recipe
In some cases it is useful to be able to test the snapshot of
linux-firmware (e.g. to test if the updated firmware works on the
particular hardware). Allow building the linux-firmware snapshots.
To switch to the most recent branch, add the following lines to the
local.conf file:
From: Richard Purdie
We have libxml2 2.9.14 and we don't link statically against libxml2 anyway
so the CVE doesn't apply to libxslt.
(From OE-Core rev: c6315d8a2a1429a0fb7563b1d6352ceee7bc222c)
Signed-off-by: Richard Purdie
(cherry picked from commit ad63694e6df4f284879f7220962a821f97928eb0)
From: Markus Volk
Security
[CVE-2021-30560] Fix use-after-free in xsltApplyTemplates
Fix memory leak in xsltDocumentElem (David King)
Fix memory leak in xsltCompileIdKeyPattern (David King)
Fix double-free with stylesheets containing entity nodes
Fixed regressions
Fix performance regression
On 2022-06-01 11:43, Alexander Kanavin wrote:
I'm not sure what the dilemma is, inspecting the repo shows that
there's a standard 0.2.0 tag pointing to a commit in the master
branch. You can look at pretty much any other recipe fetching from
git.
https://github.com/Avnu/libavtp/tags
Agree.
My
I'm not sure what the dilemma is, inspecting the repo shows that
there's a standard 0.2.0 tag pointing to a commit in the master
branch. You can look at pretty much any other recipe fetching from
git.
https://github.com/Avnu/libavtp/tags
Alex
On Wed, 1 Jun 2022 at 10:34, Marcel Ziswiler wrote:
From: Riyaz Khan
Add patches for CVE issues: CVE-2022-27781 CVE-2022-27782
CVE-2022-27781
Link:
[https://github.com/curl/curl/commit/5c7da89d404bf59c8dd82a001119a16d18365917]
CVE-2022-27782
Link:
[https://github.com/curl/curl/commit/1645e9b44505abd5cbaf65da5282c3f33b5924a5]
Signed-off-by:
From: Riyaz Khan
Add patches for CVE issues: CVE-2022-27781 CVE-2022-27782
CVE-2022-27781
Link:
[https://github.com/curl/curl/commit/5c7da89d404bf59c8dd82a001119a16d18365917]
CVE-2022-27782
Link:
[https://github.com/curl/curl/commit/1645e9b44505abd5cbaf65da5282c3f33b5924a5]
Change-Id:
On Wed, 2022-06-01 at 10:22 +0200, Alexander Kanavin wrote:
> As long as the dependency is optional and controlled via PACKAGECONFIG
> and off by default, the recipe does not have to be in core, and we
> have plenty of examples of similar arrangements.
Understood and agreed. Let me move it.
Hi Quentin
On Wed, 2022-06-01 at 10:13 +0200, Quentin Schulz wrote:
> Marcel, Peter,
>
> On 5/31/22 23:32, Marcel Ziswiler wrote:
> > From: Peter Bergin
> >
[snip]
> > +
> > +SRC_URI =
> > "git://github.com/Avnu/libavtp.git;branch=v${PV};protocol=https;nobranch=1"
>
> We don't have a
As long as the dependency is optional and controlled via PACKAGECONFIG
and off by default, the recipe does not have to be in core, and we
have plenty of examples of similar arrangements.
Alex
On Wed, 1 Jun 2022 at 10:05, Marcel Ziswiler wrote:
>
> On Wed, 2022-06-01 at 09:30 +0200, Alexander
Marcel, Peter,
On 5/31/22 23:32, Marcel Ziswiler wrote:
From: Peter Bergin
In order to enable configuration option aaf (AVTP Audio Format)
used for AVB the library libavtp is a dependency but no recipe for
this library was present. aaf support for alsa-plugins was
introduced in
On Wed, 2022-06-01 at 09:30 +0200, Alexander Kanavin wrote:
> This should go to meta-oe I think. Does it have to be in core, and if so why?
Good question. However, alsa-plugins (and gstreamer1.0-plugins-bad for that
matter) also live there and may
depend on it.
> Alex
Cheers
Marcel
> On Tue,
Could you send this one for kirkstone too?
You just need to change qemu.inc diff in theory.
Thanks,
Davide
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#166361):
https://lists.openembedded.org/g/openembedded-core/message/166361
Mute This Topic:
That is debian-specific versioning, but upstream has its releases here:
https://ftp.gnu.org/pub/gnu/ncurses/
On top of that there are patches, each numbered with a date, but
they're not releases:
https://salsa.debian.org/debian/ncurses/-/commits/upstream/6.3+20220423
Alex
On Wed, 1 Jun 2022 at
Are you sure that this is a development snapshot?
I took this branch
https://salsa.debian.org/debian/ncurses/-/tree/upstream/6.3+20220423
Sorry I'm not that familiar with ncurses version naming scheme.
Davide
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply
This should go to meta-oe I think. Does it have to be in core, and if so why?
Alex
On Tue, 31 May 2022 at 23:32, Marcel Ziswiler wrote:
>
> From: Peter Bergin
>
> In order to enable configuration option aaf (AVTP Audio Format)
> used for AVB the library libavtp is a dependency but no recipe
This is effectively updating to a development snapshot, would it be
better to backport just the CVE fix like was just sent for dunfell?
Alex
On Tue, 31 May 2022 at 16:16, Davide Gardenal wrote:
>
> CVE: CVE-2022-29458
>
> Signed-off-by: Davide Gardenal
> ---
>
Hi Sean,
Il giorno Tue, 31 May 2022 11:10:52 -0400
"Sean Anderson via lists.openembedded.org"
ha scritto:
As you can see from the above line, your e-mails appear as coming from
an inappropriate address. This is not your fault, it's a mangling done
by mail servers, but it makes applying patches
Backport from
https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0
CVE-2022-1587 pcre2: Out-of-bounds read in get_recurse_data_length in
pcre2_jit_compile.c.
Signed-off-by: Hitendra Prajapati
---
.../libpcre/libpcre2/CVE-2022-1587.patch | 659
Hi Sean,
Il giorno Tue, 31 May 2022 11:10:52 -0400
"Sean Anderson via lists.openembedded.org"
ha scritto:
> With CONFIG_MODULE_COMPRESS_ZSTD enabled, kernel modules will have a
> .ko.zst extension. This fixes depmod not being run.
>
> Fixes: 1b696a45ddb ("rootfs.py: Add check for kernel
Backport from
https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0
CVE-2022-1587 pcre2: Out-of-bounds read in get_recurse_data_length in
pcre2_jit_compile.c.
Signed-off-by: Hitendra Prajapati
---
.../libpcre/libpcre2/CVE-2022-1587.patch | 659
99 matches
Mail list logo
