[OE-core] [kirkstone][PATCH] curl: CVE-2023-27534 SFTP path resolving discrepancy

Upstream-Status: Backport from https://github.com/curl/curl/commit/4e2b52b5f7a3bf50a0f1494155717b02cc1df6d6 Signed-off-by: Hitendra Prajapati --- .../curl/curl/CVE-2023-27534.patch| 122 ++ meta/recipes-support/curl/curl_7.82.0.bb | 1 + 2 files changed, 123

[OE-core] [PATCH] kernel-devsrc: depend on python3-core instead of python3

Avoids pulling in potential GPLv3 packages through python3-misc catch-all. python3-core is the intended minimal RDEPENDS for packages requiring python3 support. Other python3 module dependencies should be listed explicitly. Signed-off-by: Kyle Russell ---

Re: [OE-core] Reproducible build

Le mar. 11 avr. 2023, 18:41, Richard Purdie < richard.pur...@linuxfoundation.org> a écrit : > On Tue, 2023-04-11 at 17:27 +0200, Frédéric Martinsons wrote: > > Hello with the patch below: > > > > --- a/meta/lib/oeqa/selftest/cases/reproducible.py > > +++

Re: [OE-Core][PATCH] rust: Upgrade 1.68.1 -> 1.68.2

I confirm it didn't cause any particular issue to the autobuilders. On 11/04/2023 08:18:23+0100, Alex Kiernan wrote: > Cool, was just picking up the pieces to check it, but I'll leave it now! > > On Tue, 11 Apr 2023, 08:07 Khem Raj, wrote: > > > alright my builds for cargo on qemuriscv32/musl

Re: [OE-core] Reproducible build

On Tue, 2023-04-11 at 17:27 +0200, Frédéric Martinsons wrote: > Hello with the patch below: > > --- a/meta/lib/oeqa/selftest/cases/reproducible.py > +++ b/meta/lib/oeqa/selftest/cases/reproducible.py > @@ -134,9 +134,9 @@ class ReproducibleTests(OESelftestTestCase): >      max_report_size = 250 *

Re: [OE-core] [PATCH 1/7] ffmpeg: update 5.1.2 -> 6.0

On Tue, Apr 11, 2023 at 8:15 AM Alexander Kanavin wrote: > > This has been resolved by your 0.34.1 -> 0.35.1 update. > cool > Alex > > On Sat, 1 Apr 2023 at 20:57, Khem Raj wrote: > > > > I think mpv is failing to this upgrade, this issue talks about it > >

Re: [OE-core] Reproducible build

Hello with the patch below: --- a/meta/lib/oeqa/selftest/cases/reproducible.py +++ b/meta/lib/oeqa/selftest/cases/reproducible.py @@ -134,9 +134,9 @@ class ReproducibleTests(OESelftestTestCase): max_report_size = 250 * 1024 * 1024 # targets are the things we want to test the

Re: [OE-core] Reproducible build

Yes I already did that and manage to get the test last 30mn (see the other mail thread) Le mar. 11 avr. 2023, 16:52, Alexander Kanavin a écrit : > If you read the code for the test, you'll see a 'bitbake world' in it > somewhere :) Tweak that to build only the item you need. > > Alternatively,

Re: [OE-core] [PATCH 1/7] ffmpeg: update 5.1.2 -> 6.0

This has been resolved by your 0.34.1 -> 0.35.1 update. Alex On Sat, 1 Apr 2023 at 20:57, Khem Raj wrote: > > I think mpv is failing to this upgrade, this issue talks about it > https://github.com/mpv-player/mpv/issues/9803 > https://errors.yoctoproject.org/Errors/Details/699341/ > This is a

[OE-core] [PATCH v4 1/2] oeqa/utils/qemurunner: change the serial runner

[YOCTO #15021] Create a new runner run_serial_socket which usage matches the traditional ssh runner. Its return status is 0 when the command succeeded or 0 when it failed. If an error is encountered, it raises an Exception. The previous serial runner is maintained and marked as deprecated.

[OE-core] [PATCH v4 2/2] oeqa/selftest: change deprecated usage of run_serial

Prefer the new function run_serial_socket. Change calls where the modification is easy. Signed-off-by: Louis Rannou --- meta/lib/oeqa/selftest/cases/debuginfod.py | 3 ++- meta/lib/oeqa/selftest/cases/gdbserver.py | 7 --- meta/lib/oeqa/selftest/cases/locales.py| 8

[OE-core] [PATCH v4 0/2] oeqa: Change the serial runner

The actual serial runner has a different usage compare to the ssh runner. The return status is different and failure are not raised as exceptions. Initially, I wanted to create a new run_serial_socket and modify the old run_serial to use the former. And there was a second patch that changed every

[OE-core] Yocto Project Status 11 April 2023 (WW15)

Current Dev Position: YP 4.2 M4 Next Deadline: 28th April 2023 YP 4.2 Release Next Team Meetings: * Bug Triage meeting Thursday April 13th 7:30 am PDT ( https://zoom.us/j/454367603?pwd=ZGxoa2ZXL3FkM3Y0bFd5aVpHVVZ6dz09)

Re: [OE-core] Reproducible build

If you read the code for the test, you'll see a 'bitbake world' in it somewhere :) Tweak that to build only the item you need. Alternatively, you can set up two separate build directories, and avoid selftest altogether for investigating and fixing the issue. Alex On Fri, 7 Apr 2023 at 17:21,

[OE-core][master][PATCH] tiff: Add fix for CVE-2022-4645

From: Pawan Badganchi Below patch fixes the CVE-2022-4645 as well. 0001-Revised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch Link: https://nvd.nist.gov/vuln/detail/CVE-2022-4645 Signed-off-by: Pawan Badganchi --- ...-of-TIFFTAG_INKNAMES-and-related-TIF.patch | 267 ++

[OE-core][kirkstone][PATCH] tiff: Add fix for CVE-2022-4645

From: Pawan Badganchi Below patch fixes the CVE-2022-4645 as well. 0001-Revised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch Link: https://nvd.nist.gov/vuln/detail/CVE-2022-4645 Signed-off-by: Pawan Badganchi --- ...evised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch | 5 +++--

Re: [OE-core] [PATCH V2] squashfs-tools: upgrade 4.5.1 -> 4.6.0

cluded in 4.6.0 > > Signed-off-by: Wang Mingyu Reproducible testing fails with this patch, even though I'm not sure exactly why in detail: Log: https://autobuilder.yoctoproject.org/typhoon/#/builders/117/builds/2692/steps/12/logs/stdio Diffoscope output: http://autobuilder.yocto.io/pub/repro-f

Re: [OE-core] [PATCH v2 4/9] oeqa/utils/qemurunner: support ignoring vt100 escape sequences

Right, but this information should be recorded in commit message, or the file itself. Alex On Mon, 3 Apr 2023 at 15:02, Enrico Jörns wrote: > > Hi Alex, > > Am Freitag, dem 31.03.2023 um 16:05 +0200 schrieb Alexander Kanavin: > > On Fri, 31 Mar 2023 at 12:40, Enrico Jorns wrote: > > >

Re: [OE-core] [PATCH v2 3/9] barebox: set default BAREBOX_CONFIG for qemu machines

On Mon, 3 Apr 2023 at 13:42, Enrico Jörns wrote: > > > +# set defaults for oe-core MACHINEs to allow building barebox > > > +BAREBOX_CONFIG:qemuarm = "vexpress_defconfig" > > > +BAREBOX_CONFIG:qemuarm64 = "qemu_virt64_defconfig" > > > +BAREBOX_CONFIG:qemux86-64 = "efi_defconfig" > > > > As all

Re: [OE-core] [PATCH 3/3] oeqa: print stderr in the AssertionError as well

Hello Luca, I'm sorry, I've updated the runcmd.RunCmdTests.test_result_assertion test case to pass with this change just to realize that: "stderr": subprocess.STDOUT in self.defaultopts does work and even the stderr output is ending in stdout, so this change isn't very useful (as I don't see any

Re: [OE-core] [PATCH 3/3] oeqa: print stderr in the AssertionError as well

Hello Martin, On Tue, 11 Apr 2023 11:03:48 +0200 "Martin Jansa" wrote: > Signed-off-by: Martin Jansa > --- > meta/lib/oeqa/utils/commands.py | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/meta/lib/oeqa/utils/commands.py b/meta/lib/oeqa/utils/commands.py > index

[OE-core] [PATCH] kernel-fitimage: Fix the default dtb config check

From: Arslan Ahmad The current check for default dtb image checks if the file exists and is not empty but appends a slash to the path due to which the file is never found. It also doesn't replace slash in filename with _ as done when populating the DTB variable. A better way to check the

[OE-core] [kirkstone][PATCH] curl: CVE-2023-27533 TELNET option IAC injection

Upstream-Status: Backport from https://github.com/curl/curl/commit/0c28ba2faae2d7da780a66d2446045a560192cdc && https://github.com/curl/curl/commit/538b1e79a6e7b0bb829ab4cecc828d32105d0684 Signed-off-by: Hitendra Prajapati --- .../curl/curl/CVE-2023-27533.patch| 208

[OE-core] [PATCH v4] migration-guides: update 4.2 migration and release notes

From: Michael Opdenacker Signed-off-by: Michael Opdenacker CC: Frederic Martinsons CC: Marta Rybczynska CC: Paul Eggleton CC: Alex Kiernan CC: Alexis Lothoré ` +for example. + +The ``cargo-update-recipe-crates`` utility +:yocto_git:`has been extended ` +to include such checksums. So, in

ODP: [OE-core] [PATCH] tar: extend numeric-owner to ACL entries

Hi Fabien, That was my intention to leave you as an author as you have found and fixed this issue  Btw. this patch saved my time for applying stupid solutions... Additionaly I have also created a bug report on that in ubuntu https://bugs.launchpad.net/ubuntu/+source/tar/+bug/2015539 BR Piotr

[OE-core] [PATCH 1/3] populate_sdk_ext.bbclass: set METADATA_REVISION with an DISTRO override

* otherwise it ends '' inside esdk, because of parsing order: # $METADATA_REVISION [3 operations] # set /OE/build/test-D/conf/local.conf:43 # "f2da54ef432eac89b0f18eaad68e602b6990b5de" # immediate /OE/build/test-D/layers/poky/meta/classes/metadata_scm.bbclass:9 #

[OE-core] [PATCH 2/3] populate_sdk_ext.bbclass: redirect stderr to stdout so that both end in LOGFILE

* this in the end doesn't help much, I was debugging warning (about base-files.do_install signature being different than expected) from: python3 $target_sdk_dir/ext-sdk-prepare.py $LOGFILE '${SDK_INSTALL_TARGETS}' this shows the warning on console, but it doesn't end in $LOGFILE, because

[OE-core] [PATCH 3/3] oeqa: print stderr in the AssertionError as well

Signed-off-by: Martin Jansa --- meta/lib/oeqa/utils/commands.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/lib/oeqa/utils/commands.py b/meta/lib/oeqa/utils/commands.py index c1f533802e..7b2f6ec124 100644 --- a/meta/lib/oeqa/utils/commands.py +++

Re: [OE-Core][PATCH] rust: Upgrade 1.68.1 -> 1.68.2

Cool, was just picking up the pieces to check it, but I'll leave it now! On Tue, 11 Apr 2023, 08:07 Khem Raj, wrote: > alright my builds for cargo on qemuriscv32/musl went ok so I guess its ok. > > On Mon, Apr 10, 2023 at 11:11 AM Khem Raj wrote: > > > > Thanks, I'll also check it out. I think

Re: [OE-core] [PATCH v3 2/2] oeqa/selftest: change deprecated usage of run_serial

On 09/04/2023 11:39, Alexandre Belloni wrote: Hello, This breaks the overlayfs tests: https://autobuilder.yoctoproject.org/typhoon/#builders/87/builds/5075/steps/14/logs/stdio https://autobuilder.yoctoproject.org/typhoon/#builders/86/builds/5036/steps/14/logs/stdio

Re: [OE-Core][PATCH] rust: Upgrade 1.68.1 -> 1.68.2

alright my builds for cargo on qemuriscv32/musl went ok so I guess its ok. On Mon, Apr 10, 2023 at 11:11 AM Khem Raj wrote: > > Thanks, I'll also check it out. I think the checksums for the musl > patch would need updating I think as the versions of these crates > might have changed. > > On Mon,