Re: [OE-core] [PATCH 11/27] meson: update 1.0.1 ->1.1.0

On 5/9/23 10:23 AM, Alexander Kanavin wrote: Rebase two patches. Signed-off-by: Alexander Kanavin --- ...for-clang-before-guessing-gcc-or-lcc.patch | 14 +++--- ...-not-manipulate-the-environment-when.patch | 48 +-- .../meson/{meson_1.0.1.bb => meson_1.1.0.bb} | 2 +- 3

[OE-core][kirkstone 15/15] update-alternatives.bbclass: fix old override syntax

From: Peter Bergin Function 'gen_updatealternativesvardeps' still used old override syntax when fetching variable flags. Update to use ':' instead to match recipe meta data. This was found by review and no real issue encountered but it is a bug that affects variable dependencies and can affect

[OE-core][kirkstone 14/15] kernel: improve initramfs bundle processing time

From: Bruce Ashfield This is a partial fix for bugzilla 15059 [https://bugzilla.yoctoproject.org/show_bug.cgi?id=15059] It has been noted by several people that when an initramfs is bundled: - a lot of the kernel is rebuilt - it takes a really long time When looking at the logs, the

[OE-core][kirkstone 13/15] oeqa/utils/metadata.py: Fix running oe-selftest running with no distro set

From: Thomas Roos This will use default values when no distribution is set. [YOCTO #15086] Signed-off-by: Thomas Roos Signed-off-by: Luca Ceresoli (cherry picked from commit 888fe63b46efceeff08dbe8c4f66fec33d06cb7a) Signed-off-by: Steve Sakoman --- meta/lib/oeqa/utils/metadata.py | 6

[OE-core][kirkstone 12/15] libpam: Fix the xtests/tst-pam_motd[1|3] failures

From: Zhixiong Chi Reproducer: 1.Enable the ptest of libpam and build the image. 2.Boot the rootfs with nfs, then run the following tests as root: cd /usr/share/Linux-PAM/xtests /usr/share/Linux-PAM/xtests# ./run-xtests.sh . tst-pam_motd1 /usr/share/Linux-PAM/xtests# ./run-xtests.sh .

[OE-core][kirkstone 08/15] linux-firmware: upgrade 20230210 -> 20230404

From: Dmitry Baryshkov The LICENCE.qat_firmware license file was updated to reflect Intel licensing (it removed a term regarding patent licenses). License-Update: additional files Signed-off-by: Dmitry Baryshkov Signed-off-by: Luca Ceresoli (cherry picked from commit

[OE-core][kirkstone 11/15] populate_sdk_ext.bbclass: set METADATA_REVISION with an DISTRO override

From: Martin Jansa * otherwise it ends '' inside esdk, because of parsing order: # $METADATA_REVISION [3 operations] # set /OE/build/test-D/conf/local.conf:43 # "f2da54ef432eac89b0f18eaad68e602b6990b5de" # immediate /OE/build/test-D/layers/poky/meta/classes/metadata_scm.bbclass:9

[OE-core][kirkstone 10/15] libarchive: Enable acls, xattr for native as well as target

From: Piotr Łobacz Libarchive is being used by OPKG package manager as default API for extracting tar files. This fix allows us to extract ipks packages with preserved ACLs and xattrs. Partially addresses [YOCTO #15091] [RP: Merge into main PACKAGECONFIG and tweak commit message]

[OE-core][kirkstone 09/15] kernel-devsrc: depend on python3-core instead of python3

From: "bkyleruss...@gmail.com" Avoids pulling in potential GPLv3 packages through python3-misc catch-all. python3-core is the intended minimal RDEPENDS for packages requiring python3 support. Other python3 module dependencies should be listed explicitly. Signed-off-by: Kyle Russell

[OE-core][kirkstone 07/15] xserver-xorg: upgrade 21.1.7 -> 21.1.8

From: Wang Mingyu This release contains the fix for CVE-2023-1393 in today's security advisory: https://lists.x.org/archives/xorg-announce/2023-March/003374.html Benno Schulenberg (1): xkbUtils: use existing symbol names instead of deleted deprecated ones Olivier Fourdan (2):

[OE-core][kirkstone 06/15] Revert "xserver-xorg: backport fix for CVE-2023-1393"

This reverts commit dc2c777cab0230fc54e078d20d872aaa9287a8b9. Fixed in subsequent version bump Signed-off-by: Steve Sakoman --- ...posite-Fix-use-after-free-of-the-COW.patch | 46 --- .../xorg-xserver/xserver-xorg_21.1.7.bb | 3 +- 2 files changed, 1 insertion(+), 48

[OE-core][kirkstone 05/15] wpebackend-fdo: upgrade 1.14.0 -> 1.14.2

From: Wang Mingyu Changelog: == - Reverted a change introduced in 1.14.1 which introduced crashes both with WebKitGTK and WPE running under Wayland in some configurations. - Fix a crash caused by wrong assertion, which was typically triggered in debug builds when using the NVidia

[OE-core][kirkstone 04/15] linux-yocto: Exclude 121 CVEs already fixed upstream

From: Yoann Congal Exclude CVEs that are fixed in both current linux-yocto version v5.10.175 and v5.15.108. To get the commit fixing a CVE, I used the Debian kernel-sec repo [1]. [1]: https://salsa.debian.org/kernel-team/kernel-sec/-/commit/86d5040aee9275f9555458fcaf9cb43710dff398

[OE-core][kirkstone 03/15] libxml2: patch CVE-2023-28484 and CVE-2023-29469

From: Peter Marko Backports from: * https://gitlab.gnome.org/GNOME/libxml2/-/commit/e4f85f1bd2eb34d9b49da9154a4cc3a1bc284f68 * https://gitlab.gnome.org/GNOME/libxml2/-/commit/547edbf1cbdccd46b2e8ff322a456eaa5931c5df Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman ---

[OE-core][kirkstone 02/15] git: fix CVE-2023-25652

From: Archana Polampalli Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially

[OE-core][kirkstone 01/15] git: fix CVE-2023-29007

From: Archana Polampalli Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted `.gitmodules` file with submodule URLs that are longer than 1024 characters can used to exploit a bug in

[OE-core][kirkstone 00/15] Patch review

Please review this set of patches for kirkstone and have comments back by end of day Thursday. Passed a-full on autobuilder: https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5285 The following changes since commit 5fca673d8fe0ee97dc37ed2c9941696842cd667a: run-postinsts: Set

Re: [OE-core][PATCH] cve-check: add option to add additional patched CVEs

On 9/05/23 9:32 pm, Mikko Rapeli wrote: On Tue, May 09, 2023 at 09:02:59AM +, Ross Burton wrote: On 8 May 2023, at 09:57, Adrian Freihofer via lists.openembedded.org wrote: Is there any defined language that we can simply adopt? Since a lot of people talk about SPDX solving these issues

[OE-core][dunfell][PATCH] connman: Fix CVE-2023-28488 DoS in client.c

Avoid overwriting the read packet length after the initial test. Thus move all the length checks which depends on the total length first and do not use the total lenght from the IP packet afterwards. Fixes CVE-2023-28488 Reported by Polina Smirnova Signed-off-by: Ashish Sharma ---

[OE-core] [PATCH 27/27] gcr: consider all versions, not only x.even.y

For example 4.1 is stable: https://gitlab.gnome.org/GNOME/gcr/-/tags Signed-off-by: Alexander Kanavin --- meta/recipes-gnome/gcr/gcr_4.1.0.bb | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/meta/recipes-gnome/gcr/gcr_4.1.0.bb b/meta/recipes-gnome/gcr/gcr_4.1.0.bb index

[OE-core] [PATCH 21/27] libatomic-ops: update 7.6.14 -> 7.8.0

License-update: file relocated, formatting. Signed-off-by: Alexander Kanavin --- .../{libatomic-ops_7.6.14.bb => libatomic-ops_7.8.0.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta/recipes-support/libatomic-ops/{libatomic-ops_7.6.14.bb =>

[OE-core] [PATCH 26/27] createrepo-c: update 0.20.1 -> 0.21.1

Signed-off-by: Alexander Kanavin --- .../0001-include-rpm-rpmstring.h.patch| 9 +++-- ...arser.c-add-a-missing-parameter-name.patch | 39 +++ ...epo-c_0.20.1.bb => createrepo-c_0.21.1.bb} | 3 +- 3 files changed, 47 insertions(+), 4 deletions(-) create mode 100644

[OE-core] [PATCH 23/27] libgpg-error: update 1.46 -> 1.47

License-Update: copyright years Signed-off-by: Alexander Kanavin --- .../libgpg-error/libgpg-error/pkgconfig.patch | 59 ++- ...gpg-error_1.46.bb => libgpg-error_1.47.bb} | 4 +- 2 files changed, 45 insertions(+), 18 deletions(-) rename

[OE-core] [PATCH 25/27] gdb: enable python PACKAGECONFIG

This is required by latest valgrind ptests. Signed-off-by: Alexander Kanavin --- meta/recipes-devtools/gdb/gdb-common.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-devtools/gdb/gdb-common.inc b/meta/recipes-devtools/gdb/gdb-common.inc index

[OE-core] [PATCH 24/27] Remove usage of /var/volatile/tmp

From: Markus Volk Glib-2.0 uses ptest to ensure that /tmp is not a symlink. This commit tries to align tmpdir usage. The symlinks for /tmp and /var/tmp are replaced by directories and by default a tmpfs is mounted in /tmp. /var/volatile/tmp is removed. (From OE-Core rev:

[OE-core] [PATCH 20/27] gpgme: update 1.18.0 -> 1.20.0

Rebase patches. Signed-off-by: Alexander Kanavin --- ...e-gpgme.m4-use-gpgrt-config-with-.pc.patch | 40 +++-- .../gpgme/gpgme/0001-pkgconfig.patch | 81 ++- ...n-gpg-error-config-should-not-be-use.patch | 34 +++- .../0008-do-not-auto-check-var-PYTHON.patch |

[OE-core] [PATCH 22/27] libgcrypt: update 1.10.1 -> 1.10.2

Signed-off-by: Alexander Kanavin --- .../files/0001-libgcrypt-fix-m4-file-for-oe-core.patch | 6 +++--- ...pt-fix-building-error-with-O2-in-sysroot-path.patch | 10 +- .../{libgcrypt_1.10.1.bb => libgcrypt_1.10.2.bb} | 2 +- 3 files changed, 9 insertions(+), 9 deletions(-)

[OE-core] [PATCH 19/27] cryptodev: remove unneeded patch

With 1.13 version the needed rules are available directly upstream. This wasn't noticed in 1.12->1.13 patch rebase. I verified that installed files are exactly same with and without the patch. Signed-off-by: Alexander Kanavin --- .../cryptodev/cryptodev-tests_1.13.bb | 7 +-

[OE-core] [PATCH 17/27] librsvf: update 2.54.5 -> 2.56.0

Upstream no longer includes all the crates into tarballs, so use cargo_update_recipe_crates class to make a list for the crate:// fetcher. Signed-off-by: Alexander Kanavin --- meta/recipes-gnome/librsvg/librsvg-crates.inc | 594 ++ ...lib.rs-do-not-probe-into-harcoded-li.patch |

[OE-core] [PATCH 18/27] libva: update 2.16 -> 2.18

Signed-off-by: Alexander Kanavin --- .../{libva-initial_2.16.0.bb => libva-initial_2.18.0.bb} | 0 .../libva/{libva-utils_2.17.1.bb => libva-utils_2.18.2.bb}| 4 ++-- meta/recipes-graphics/libva/libva.inc | 2 +- .../libva/{libva_2.16.0.bb => libva_2.18.0.bb}

[OE-core] [PATCH 16/27] less: update 608 -> 633

Drop backport. License-update: copyright years. Signed-off-by: Alexander Kanavin --- .../less/files/CVE-2022-46663.patch | 28 --- .../less/{less_608.bb => less_633.bb} | 8 ++ 2 files changed, 3 insertions(+), 33 deletions(-) delete mode 100644

[OE-core] [PATCH 15/27] valgrind: update 3.20.0 -> 3.21.0

Drop patches merged upstream. Signed-off-by: Alexander Kanavin --- ...01-drd-tests-Include-missing-cstdint.patch | 34 -- ...efine-__THROW-if-not-already-defined.patch | 32 - ...inux-seg_override.c-add-missing-incl.patch | 30

[OE-core] [PATCH 14/27] rpm: update 4.18.0 -> 4.18.1

Drop: 0001-docs-do-not-build-manpages-requires-pandoc.patch (pandoc is now detected from $PATH) fifofix.patch (upstream fixed the issue) Signed-off-by: Alexander Kanavin --- ...olor-setting-for-mips64_n32-binaries.patch | 26 ++--- ...lib-rpm-as-the-installation-path-for.patch | 30

[OE-core] [PATCH 13/27] perl: update 5.36.0 -> 5.36.1

Drop gcc 12 patch, as upstream rejected it, and then (presumably) fixed gcc 12 issues differently. Signed-off-by: Alexander Kanavin --- .../files/0001-Fix-build-with-gcc-12.patch| 143 -- .../perl/files/perl-configpm-switch.patch | 2 +- .../perl/{perl_5.36.0.bb =>

[OE-core] [PATCH 12/27] perlcross: update 1.4 -> 1.4.1

Signed-off-by: Alexander Kanavin --- ...h-Add-_GNU_SOURCE-define-and-functio.patch | 485 -- .../{perlcross_1.4.bb => perlcross_1.4.1.bb} | 3 +- 2 files changed, 1 insertion(+), 487 deletions(-) delete mode 100644

[OE-core] [PATCH 11/27] meson: update 1.0.1 ->1.1.0

Rebase two patches. Signed-off-by: Alexander Kanavin --- ...for-clang-before-guessing-gcc-or-lcc.patch | 14 +++--- ...-not-manipulate-the-environment-when.patch | 48 +-- .../meson/{meson_1.0.1.bb => meson_1.1.0.bb} | 2 +- 3 files changed, 31 insertions(+), 33 deletions(-)

[OE-core] [PATCH 10/27] llvm: update 15.0.7 -> 16.0.3

Signed-off-by: Alexander Kanavin --- meta/conf/distro/include/tcmode-default.inc | 2 +- ...e-64bit-off_t-on-32bit-glibc-systems.patch | 79 --- meta/recipes-devtools/llvm/llvm_git.bb| 5 +- 3 files changed, 3 insertions(+), 83 deletions(-) delete mode 100644

[OE-core] [PATCH 08/27] elfutils: update 0.188 -> 0.189

Drop backports, rebase musl patches. Signed-off-by: Alexander Kanavin --- .../{elfutils_0.188.bb => elfutils_0.189.bb} | 5 +- ...od-Fix-usage-of-deprecated-CURLINFO_.patch | 49 --- ...t-Use-CURLOPT_PROTOCOLS_STR-for-libc.patch | 34 --- .../elfutils/files/0003-musl-utils.patch

[OE-core] [PATCH 09/27] erofs-utils: update 1.5 -> 1.6

Drop patches merged upstream. --enable-largefile is no longer necessary, as compiler options are being passed in explicitly. Signed-off-by: Alexander Kanavin --- .../0001-configure-use-AC_SYS_LARGEFILE.patch | 43 --- ...eplace-l-stat64-by-equivalent-l-stat.patch | 109 --

[OE-core] [PATCH 02/27] insane.bbclass: add a RECIPE_MAINTAINER check (oe-core recipes only)

Absent maintainer entries are as well a frequent source of friction, as they are checked only in selftest, and so aren't revealed until autobuilder runs. The selftest is retained as it also checks for obsolete entries in maintainers.inc (not possible to do in insane class). Signed-off-by:

[OE-core] [PATCH 06/27] ovmf: update 202211 -> 202302

Signed-off-by: Alexander Kanavin --- .../ovmf/ovmf/0005-debug-prefix-map.patch | 44 +-- meta/recipes-core/ovmf/ovmf_git.bb| 4 +- 2 files changed, 24 insertions(+), 24 deletions(-) diff --git a/meta/recipes-core/ovmf/ovmf/0005-debug-prefix-map.patch

[OE-core] [PATCH 07/27] btrfs-tools: update 6.1.3 -> 6.3

Drop patch, as upstream fixed the issue separately. Signed-off-by: Alexander Kanavin --- ...-ftruncate-stat-instead-of-64bit-equ.patch | 903 -- ...trfs-tools_6.1.3.bb => btrfs-tools_6.3.bb} | 3 +- 2 files changed, 1 insertion(+), 905 deletions(-) delete mode 100644

[OE-core] [PATCH 03/27] apmd: remove recipe and apm MACHINE_FEATURE

APM has been obsolete for a very long time, and debian no longer packages it or carries the source tarball. Signed-off-by: Alexander Kanavin --- .../conf/distro/include/default-providers.inc | 1 - meta/conf/distro/include/maintainers.inc | 1 - meta/recipes-bsp/apmd/apmd/apmd.service

[OE-core] [PATCH 05/27] ppp: upgrade 2.4.9 -> 2.5.0

Convert the build from handcrafted makefiles to autotools; this makes all custom tweaks in the recipe unnecessary, and allows removing all patches. Signed-off-by: Alexander Kanavin --- ...1-ppp-fix-build-against-5.15-headers.patch | 36 -- .../ppp/ppp/CVE-2022-4603.patch

[OE-core] [PATCH 04/27] glib-2.0: upgrade 2.74.6 -> 2.76.2

Drop backports. Refactor relocate-modules.patch; upstream has implemented the same logic, but made it os x only - we can simply drop those ifdef guards: https://gitlab.gnome.org/GNOME/glib/-/commit/af83c6571e47d06468b8162dd29ad57bcf4967a8 Signed-off-by: Alexander Kanavin ---

[OE-core] [PATCH 01/27] insane.bbclass: add a SUMMARY/HOMEPAGE check (oe-core recipes only)

This was done in a selftest, but that is too late and creates friction in integration as errors are not seen until autobuilder fails. Bonus fix: SUMMARY check wasn't even working, as in the absence of one set in the recipe there is a default value set from bitbake.conf. I left DESCRIPTION check

Re: [OE-core][Patch v2 1/3] libtraceevent: import from meta-openembedded

Hi Max, This also needs an entry on meta/conf/distro/include/maintainers.inc Jose Max Krummenacher escreveu no dia terça, 9/05/2023 à(s) 17:13: > From: Max Krummenacher > > Import from meta-openembedded at commit d250a0dc0 ("libtraceevent: > upgrade 1.7.1 -> 1.7.2"). > Starting with kernel

Re: [OE-core] python3-requests broken after urlib3 update

Thanks, this was the reason why I was seeing regressions in meta-python ptests for python3-requests-toolbelt, I have sent a patch to upgrade python3-requests to 2.30 but that doesn't fix the problem for recipes which are not yet ported to use urllib 2.0 - see

[OE-core] [PATCH] python3-requests: Upgrade to 2.30.0

Adds supports for urllib3 2.0 and might break urllib3 1.x [1] [1] https://github.com/psf/requests/releases/tag/v2.30.0 Signed-off-by: Khem Raj --- .../{python3-requests_2.28.2.bb => python3-requests_2.30.0.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename

[OE-core][Patch v2 3/3] perf: add libtraceevent packageconfig

From: Max Krummenacher With kernel 6.4-rc1 commit 6898e60f709b ("perf build: If libtraceevent isn't present error the build") having libtraceevent is a required dependency unless building it with 'NO_LIBTRACEEVENT=1'. Older kernels did build libtraceevent as provided by the kernel sources.

[OE-core][Patch v2 2/3] perf: make pkg-config available

From: Max Krummenacher Fixup the to be called pkg-config as $(CROSS_COMPILE)pkg-config doesn't exist. With kernels < 6.4 pkg-config is only used for the gtk+-2.0 integration which is disabled in the OE config. Thus the issue wasn't exposed so far. With kernel 6.4 pkg-config is additionally used

[OE-core][Patch v2 1/3] libtraceevent: import from meta-openembedded

From: Max Krummenacher Import from meta-openembedded at commit d250a0dc0 ("libtraceevent: upgrade 1.7.1 -> 1.7.2"). Starting with kernel 6.4 libtraceevent is a dependency of perf. While one can still build perf without it by opting out one would loose its functionality compared with building

[OE-core][Patch v2 0/3] perf: add libtraceevent packageconfig

From: Max Krummenacher With kernel 6.4-rc1 commit 6898e60f709b ("perf build: If libtraceevent isn't present error the build") having libtraceevent is a required dependency unless building it with 'NO_LIBTRACEEVENT=1'. Changes in V2 - add a patch importing libtraceevent from meta-openembedded -

[OE-core] python3-requests broken after urlib3 update

FYI: https://git.yoctoproject.org/poky/commit/meta/recipes-devtools/python?h=master-next=4641605c794db6648311b931fb3a36fe9e5dea56 breaks building python3-requests (as of version 2.28.2 in master). > recipe-sysroot-native/usr/bin/python3-native/python3', '-m', 'pip',

[OE-core] [PATCH v8] python3-calver: Add recipe

calver is "a setuptools extension for automatically defining your Python package version as a calendar version." It is required for python3-trove-classifiers (another new recipe), which in turn is required for the upgrade of python3-hatchling from 1.13.0 to work. Signed-off-by: Trevor Gamblin

[OE-core] [PATCH v7] python3-calver: Add recipe

calver is "a setuptools extension for automatically defining your Python package version as a calendar version." It is required for python3-trove-classifiers (another new recipe), which in turn is required for the upgrade of python3-hatchling from 1.13.0 to work. Signed-off-by: Trevor Gamblin

[OE-core] [PATCH v6] python3-calver: Add recipe

calver is "a setuptools extension for automatically defining your Python package version as a calendar version." It is required for python3-trove-classifiers (another new recipe), which in turn is required for the upgrade of python3-hatchling from 1.13.0 to work. Signed-off-by: Trevor Gamblin

Re: [OE-core] [PATCH] cve-update-nvd2-native: new CVE database fetcher

On Wed, Apr 5, 2023 at 8:44 PM Steve Sakoman wrote: > On Wed, Apr 5, 2023 at 8:43 AM Marta Rybczynska > wrote: > > > > > > > > On Wed, Apr 5, 2023 at 5:55 PM Steve Sakoman wrote: > >> > >> Hi Marta, > >> > >> Is this safe to backport to the stable branches, or should I let it > >> "age" in

[OE-core] Yocto Project Status 9 May 2023 (WW19)

Current Dev Position: YP 4.3 M1 Next Deadline: 5th June 2023 YP 4.3 M1 build date Next Team Meetings: * Bug Triage meeting Thursday May 11th 7:30 am PDT (

Re: [OE-core][PATCH v4] devicetree.bbclass: Allow selection of dts files to build

On 05.05.23 at 13:10, Richard Purdie wrote: On Fri, 2023-05-05 at 10:59 +, Petr Kubizňák - 2N wrote: Thanks for accepting the patch. I can for sure send a doc patch, just want to make sure it is desired since the glossary does not list any DT_* variable at the moment, and the devicetree

[oe-core][mickledore][PATCH 1/1] git: fix CVE-2023-29007

Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted `.gitmodules` file with submodule URLs that are longer than 1024 characters can used to exploit a bug in

[oe-core][mickledore][PATCH 1/1] git: fix CVE-2023-25652

Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents

Re: [OE-core] [PATCH v4 1/2] oeqa/utils/qemurunner: change the serial runner

On 05/05/2023 12:50, Richard Purdie wrote: On Fri, 2023-05-05 at 10:32 +, Ross Burton wrote: On 11 Apr 2023, at 16:05, Louis Rannou via lists.openembedded.org wrote: Create a new runner run_serial_socket which usage matches the traditional ssh runner. Its return status is 0 when the

Re: [OE-core][PATCH] cve-check: add option to add additional patched CVEs

Hi, On Tue, May 09, 2023 at 09:02:59AM +, Ross Burton wrote: > On 8 May 2023, at 09:57, Adrian Freihofer via lists.openembedded.org > wrote: > > The patch from Andrej tries to solves a real issue: The CVE checker > > distinguishes between two types of patches. Ignored (= not applicable) > >

Re: [OE-core][PATCH] cve-check: add option to add additional patched CVEs

On Tue, 2023-05-09 at 09:02 +, Ross Burton wrote: > On 8 May 2023, at 09:57, Adrian Freihofer via lists.openembedded.org > wrote: > > The patch from Andrej tries to solves a real issue: The CVE checker > > distinguishes between two types of patches. Ignored (= not applicable) > > and

Re: [OE-core][PATCH] cve-check: add option to add additional patched CVEs

On 8 May 2023, at 09:57, Adrian Freihofer via lists.openembedded.org wrote: > The patch from Andrej tries to solves a real issue: The CVE checker > distinguishes between two types of patches. Ignored (= not applicable) > and patched. Patching is only supported by adding a real patch file to >

Re: [OE-core][PATCH] cve-check: add option to add additional patched CVEs

Hi Andrej, On 05.05.23 at 13:18, Andrej Valek via lists.openembedded.org wrote: CVE_CHECK_PATCHED - should contains an additional CVEs which have been fixed and shouldn't be mark as vulnerable nor ignored. Signed-off-by: Andrej Valek --- meta/classes/cve-check.bbclass | 8 1 file

Re: [OE-core][PATCH v5] python3-calver: Add recipe

On Fri, 2023-05-05 at 14:51 -0400, Trevor Gamblin wrote: > calver is "a setuptools extension for automatically defining your Python > package version as a calendar version." It is required for > python3-trove-classifiers (another new recipe), which in turn is > required for the upgrade of

[OE-core][mickledore][PATCH] libpam: Fix the xtests/tst-pam_motd[1|3] failures

Reproducer: 1.Enable the ptest of libpam and build the image. 2.Boot the rootfs with nfs, then run the following tests as root: cd /usr/share/Linux-PAM/xtests /usr/share/Linux-PAM/xtests# ./run-xtests.sh . tst-pam_motd1 /usr/share/Linux-PAM/xtests# ./run-xtests.sh . tst-pam_motd3 After