Re: [OE-Core][PATCH v5 1/5] bitbake.conf: add acl and xattr distro native features support

Ok, this is odd. Can you tell me how can I reproduce this, step by step on my local machine? Because I have to admit that it is not happening for me… BR Piotr Wysyłane z aplikacji Outlook dla systemu iOS Od: Alexandre Belloni Wysłane:

[OE-core] [PATCH] wic: Add dependencies for erofs-utils

In order to build erofs filesystems, wic must have the erofs-utils package installed into its sysroot. Signed-off-by: Heiko Thole --- meta/classes/image_types_wic.bbclass | 2 +- meta/recipes-core/meta/wic-tools.bb | 2 +- scripts/lib/wic/misc.py | 1 + 3 files changed, 3

[OE-core][kirkstone][PATCH 1/1] libwebp: Fix CVE-2023-1999

There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to

Re: [OE-core] [mickledore][PATCH 0/1] Cherry pick commit from master to update webkitgtk to 2.40.2

On 7/14/23 15:15, Kai Kang wrote: From: Kai Kang Hi, I've discussed with webkitgtk maintainers about api compatable issues on https://lists.webkit.org/pipermail/webkit-gtk/2023-March/003887.html WebKitGTK 2.38.x is backwards compatible with 2.36.x, you can safely update without needing to

Re: [OE-core] [mickledore][PATCH] libx11: fix CVE-2023-3138

On 7/15/23 00:13, Steve Sakoman wrote: This is being handled with a stable branch version bump which is in the current test queue: "libx11: upgrade 1.8.5 -> 1.8.6" OK. Thanks. Kai Steve On Fri, Jul 14, 2023 at 5:05 AM Kai Kang wrote: From: Kai Kang CVE: CVE-2023-3138 Backport patch

Re: [OE-core] [PATCH] linux-yocto/6.1: fix intermittent x86 boot hangs

On Sun, Jul 16, 2023 at 3:35 PM Steve Sakoman wrote: > > On Wed, Jun 14, 2023 at 5:16 PM Bruce Ashfield > wrote: > > > > From: Bruce Ashfield > > > > The commit in question appeared as -stable backport in 6.1.28, which is > > where we started to see intermittent boot hangs on x86. > > > >

Re: ODP: [OE-Core][PATCH v5 1/5] bitbake.conf: add acl and xattr distro native features support

Hello, On 14/07/2023 10:14:50+, Piotr Łobacz wrote: > OK so, does any one have any thoughts regarding this patchset? This still fails on the autobuilder, most of the builds failed: https://autobuilder.yoctoproject.org/typhoon/#/builders/37/builds/7477/steps/11/logs/stdio ERROR:

[OE-core] [PATCH] python3-lxml: upgrade 4.9.2 -> 4.9.3

Signed-off-by: Khem Raj --- .../python/{python3-lxml_4.9.2.bb => python3-lxml_4.9.3.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-devtools/python/{python3-lxml_4.9.2.bb => python3-lxml_4.9.3.bb} (95%) diff --git

Re: [OE-core] [PATCH] linux-yocto/6.1: fix intermittent x86 boot hangs

On Wed, Jun 14, 2023 at 5:16 PM Bruce Ashfield wrote: > > From: Bruce Ashfield > > The commit in question appeared as -stable backport in 6.1.28, which is > where we started to see intermittent boot hangs on x86. > > Richard noted that others are seeing this is well, as can be seen in > this

Re: [OE-core] [PATCH 1/2] u-boot: Switch to nobranch=1

On Sun, Jul 16, 2023 at 07:19:56PM +0200, Alexander Kanavin wrote: > On Sun, 16 Jul 2023 at 17:03, Tom Rini wrote: > > Does bitbake have any infrastructure atm for dealing with signed tags? > > I'm fine with (for now, as LTS is a hope not a feature) keeping the > > branch portion. But if it was

Re: [OE-core] [PATCH 1/2] u-boot: Switch to nobranch=1

On Sun, 16 Jul 2023 at 17:03, Tom Rini wrote: > Does bitbake have any infrastructure atm for dealing with signed tags? > I'm fine with (for now, as LTS is a hope not a feature) keeping the > branch portion. But if it was possible to say it must be a tag signed > by X key, that would help a

Re: [OE-core] [PATCH 1/2] u-boot: Switch to nobranch=1

On Sun, Jul 16, 2023 at 08:12:42AM +0300, Alexander Kanavin wrote: > On Sun 16. Jul 2023 at 4.01, Marek Vasut wrote: > > > This protection is really weak, this check fails on every single > > possibly bogus commit which is already on any random branch, so what is > > the gain here really ? > >

[OE-core] OE-core CVE metrics for mickledore on Sun 16 Jul 2023 04:00:01 AM HST

Branch: mickledore New this week: 3 CVEs CVE-2023-2908 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2908 * CVE-2023-37453 (CVSS3: 4.6 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37453 * CVE-2023-37454 (CVSS3: 5.5 MEDIUM):

[OE-core] OE-core CVE metrics for kirkstone on Sun 16 Jul 2023 03:00:01 AM HST

Branch: kirkstone New this week: 1 CVEs CVE-2023-2908 (CVSS3: 5.5 MEDIUM): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2908 * Removed this week: 3 CVEs CVE-2023-2603 (CVSS3: 7.8 HIGH): libcap:libcap-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2603 *

[OE-core] OE-core CVE metrics for dunfell on Sun 16 Jul 2023 02:00:01 AM HST

Branch: dunfell New this week: 1 CVEs CVE-2023-2908 (CVSS3: N/A): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2908 * Removed this week: 6 CVEs CVE-2020-27749 (CVSS3: 6.7 MEDIUM): grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27749 *

Re: [OE-core] [PATCH v3] qemu: Add qemu-common package

Hello, This causes the following meta-mingw error on the AB: https://autobuilder.yoctoproject.org/typhoon/#/builders/89/builds/7501/steps/12/logs/stdio This is due to the added native-sdk dependency. On 10/07/2023 18:32:18+0800, Yu, Mingli wrote: > From: Mingli Yu > > We split the qemu

[OE-core] OE-core CVE metrics for master on Sun 16 Jul 2023 01:00:01 AM HST

Branch: master New this week: 2 CVEs CVE-2023-37453 (CVSS3: 4.6 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37453 * CVE-2023-37454 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37454 * Removed this week: 0 CVEs