From: Wang Mingyu
Changelog:
Implement OpenPGP using librpm API
0004-Set-gpgme-variables-with-pkg-config-not-with-cmake-m.patch
refreshed for 1.16.0
Signed-off-by: Wang Mingyu
---
...les-with-pkg-config-not-with-cmake-m.patch | 21 +++
.../{librepo_1.15.2.bb =>
On 9/2/23 00:53, Richard Purdie wrote:
On Fri, 2023-09-01 at 23:32 +, Michelle Lin wrote:
Currently, there is not a class to support the building of unified kernel
images. Adding a uki.bbclass to support the creation of UKIs. This class calls
the systemd Ukify tool, which will combine the
On Wed, 2023-09-06 at 23:27 +0200, Alexander Kanavin wrote:
> On Wed, 6 Sept 2023 at 22:53, Richard Purdie
> wrote:
> > That test/calls were fairly recently added:
> >
> >
On Wed, 6 Sept 2023 at 22:53, Richard Purdie
wrote:
> That test/calls were fairly recently added:
>
> https://git.yoctoproject.org/poky/commit/meta/lib/oeqa/selftest/cases/meta_ide.py?id=9b3fcb0d91648ae3b53ec8ffcb31fb6eac9209dd
>
> That test should probably call:
>
> bitbake("build-sysroots -c
I took the mdadm ptest enabling as I was told the tests were fine now.
They're not. Disable more of them as having intermittent issues.
Signed-off-by: Richard Purdie
---
meta/recipes-extended/mdadm/mdadm_4.2.bb | 5 +
1 file changed, 5 insertions(+)
diff --git
On Wed, 2023-09-06 at 22:28 +0200, Alexander Kanavin wrote:
> On Wed, 6 Sept 2023 at 22:13, Richard Purdie
> wrote:
> > Firstly, that recipe was a bit of a hack. In bygone times, we had a
> > shared sysroot and this was effectively creating it for the places we
> > hadn't converted to use recipe
On Wed, 6 Sept 2023 at 22:13, Richard Purdie
wrote:
> Firstly, that recipe was a bit of a hack. In bygone times, we had a
> shared sysroot and this was effectively creating it for the places we
> hadn't converted to use recipe specific sysroots. There should only be
> a small number of places it
On Wed, 2023-09-06 at 21:28 +0200, Alexander Kanavin wrote:
> On Wed, 6 Sept 2023 at 21:23, Richard Purdie
> wrote:
>
> > > do_clean[cleandirs] += "${STANDALONE_SYSROOT}
> > > ${STANDALONE_SYSROOT_NATIVE}"
> >
> > This doesn't just force ordering but means target will always now
> > trigger
On Wed, 6 Sept 2023 at 21:28, Alexander Kanavin via
lists.openembedded.org
wrote:
> > This doesn't just force ordering but means target will always now
> > trigger the native sysroot as a dependency. We don't want to do that...
>
> But I think we do. Target is using executables from native
On Wed, 6 Sept 2023 at 21:23, Richard Purdie
wrote:
> > do_clean[cleandirs] += "${STANDALONE_SYSROOT} ${STANDALONE_SYSROOT_NATIVE}"
>
> This doesn't just force ordering but means target will always now
> trigger the native sysroot as a dependency. We don't want to do that...
But I think we do.
On Wed, 2023-09-06 at 18:56 +0200, Alexander Kanavin wrote:
> Target task is using executables populated by the native task
> and as they run in parallel, races can occur.
>
> This was triggered by shadow recipe update which added depedendent libraries,
> and where half-populated native sysroot
On Wed, Sep 6, 2023 at 11:07 AM Ross Burton wrote:
> On 6 Sep 2023, at 18:30, Khem Raj wrote:
> >
> > On Wed, Sep 6, 2023 at 8:12 AM Ross Burton wrote:
> >>
> >> From: Ross Burton
> >>
> >> We have glibc 2.38 which added strlcpy(), so enable the use of it
> >> explicitly in the Meson cross
From: Ross Burton
Add explicit PACKAGECONFIGs for brotli,ntlm, and sysprof.
libsoup needs to be told where ntlm_auth will be on the target, so write
a cross file to do so.
Also explicitly disable more of the test suites as we don't build them
yet.
Signed-off-by: Ross Burton
---
From: Ross Burton
wayland-utils has optional libdrm support, so add a PACKAGECONFIG and
enable it.
Signed-off-by: Ross Burton
---
meta/recipes-graphics/wayland/wayland-utils_1.1.0.bb | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta/recipes-graphics/wayland/wayland-utils_1.1.0.bb
From: Ross Burton
Add explicit PACKAGECONFIGs for brotli,ntlm, and sysprof.
libsoup needs to be told where ntlm_auth will be on the target, so write
a cross file to do so.
Signed-off-by: Ross Burton
---
.../libsoup/libsoup-2.4_2.74.3.bb | 18 +++---
1 file changed,
From: Ross Burton
Add a chafa PACKAGECONFIG so that we explicitly disable it, and update
the graphite PACKAGECONFIG to use the graphite2 option as the old name is
deprecated.
Signed-off-by: Ross Burton
---
meta/recipes-graphics/harfbuzz/harfbuzz_8.1.1.bb | 3 ++-
1 file changed, 2
From: Ross Burton
Pango has had an explicit option since 1.46.2
Signed-off-by: Ross Burton
---
meta/recipes-graphics/pango/pango_1.51.0.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-graphics/pango/pango_1.51.0.bb
From: Ross Burton
GLib has had an option to control libelf since 2.67.0, so use it.
Signed-off-by: Ross Burton
---
meta/recipes-core/glib-2.0/glib.inc | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/meta/recipes-core/glib-2.0/glib.inc
From: Ross Burton
Explicitly disable the tests and vapi support instead of relying on
defaults and missing dependencies.
Signed-off-by: Ross Burton
---
meta/recipes-gnome/libgudev/libgudev_237.bb | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/recipes-gnome/libgudev/libgudev_237.bb
On 6 Sep 2023, at 18:30, Khem Raj wrote:
>
> On Wed, Sep 6, 2023 at 8:12 AM Ross Burton wrote:
>>
>> From: Ross Burton
>>
>> We have glibc 2.38 which added strlcpy(), so enable the use of it
>> explicitly in the Meson cross file for when the target doesn't support
>> qemu-usermode (which
On Wed, Sep 6, 2023 at 8:12 AM Ross Burton wrote:
>
> From: Ross Burton
>
> We have glibc 2.38 which added strlcpy(), so enable the use of it
> explicitly in the Meson cross file for when the target doesn't support
> qemu-usermode (which will result in the default of not using it).
will this be
Target task is using executables populated by the native task
and as they run in parallel, races can occur.
This was triggered by shadow recipe update which added depedendent libraries,
and where half-populated native sysroot (dependent libraries missing)
was triggering useradd failures.
License-Update: formatting, spdx conversion
Drop:
0001-Disable-use-of-syslog-for-sysroot.patch
(issue fixed upstream)
0001-Fix-can-not-print-full-login.patch
0001-Overhaul-valid_field.patch
CVE-2023-29383.patch
(backports)
libbsd is a new native dependency, as otherwise glibc >= 2.38
is needed.
Signed-off-by: Alexander Kanavin
---
meta/recipes-support/gnutls/gnutls/arm_eabi.patch| 12 +++-
.../gnutls/{gnutls_3.8.0.bb => gnutls_3.8.1.bb} | 2 +-
2 files changed, 8 insertions(+), 6 deletions(-)
rename meta/recipes-support/gnutls/{gnutls_3.8.0.bb => gnutls_3.8.1.bb}
Latest shadow-native links with additional libraries;
I was unable to find a way to resolve those in setscene context
where tasks do not contain such dependencies.
Signed-off-by: Alexander Kanavin
---
meta/classes/useradd.bbclass | 8 +++-
1 file changed, 7 insertions(+), 1 deletion(-)
This results in executables from shadow-native, such as useradd, falling through
to host libraries instead of using native ones that they were linked with,
because the native libraries would not be installed because of this dependency
exclusion.
Until now that could be coincidentally fulfilled
Signed-off-by: Alexander Kanavin
---
...-a-custom-value-for-the-location-of-.patch | 4 +--
.../gnupg/gnupg/fix-ldap.patch| 34 +++
.../gnupg/gnupg/relocate.patch| 2 +-
.../gnupg/{gnupg_2.4.2.bb => gnupg_2.4.3.bb} | 3 +-
4 files changed, 39
Add patches to eudev to ensure compatibility with this version.
Signed-off-by: Alexander Kanavin
---
.../udev/eudev/0001-Export-dummies-for.patch | 82 +++
.../eudev/0002-Bump-udev-version-to-251.patch | 23 ++
meta/recipes-core/udev/eudev_3.2.12.bb| 4 +-
Drop patch and --disable-lang-python-test option (upstream fixed the issue).
Signed-off-by: Alexander Kanavin
---
.../0007-python-Add-variables-to-tests.patch | 52 ---
.../{gpgme_1.20.0.bb => gpgme_1.22.0.bb} | 4 +-
2 files changed, 1 insertion(+), 55 deletions(-)
Signed-off-by: Alexander Kanavin
---
.../{libpthread-stubs_0.4.bb => libpthread-stubs_0.5.bb} | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
rename meta/recipes-graphics/xorg-lib/{libpthread-stubs_0.4.bb =>
libpthread-stubs_0.5.bb} (73%)
diff --git
Drop backports.
Rebase
0001-Make-manpages-mulitlib-identical.patch
groff-not-search-fonts-on-build-host.patch
--without-doc has been removed upstream; replace
that with a dependency on groff-native and
substitution of groff executable from that.
Drop serial make; this was introduced in 2010
Drop backport.
Set gl_provider explicitly, as upstream changed the default to glvnd.
Signed-off-by: Alexander Kanavin
---
...1-Remove-deprecated-register-in-C-17.patch | 32 ---
.../mesa/{libglu_9.0.2.bb => libglu_9.0.3.bb} | 9 +++---
2 files changed, 5 insertions(+), 36
Rebase perl-configpm-switch.patch.
Add a patch to perl-cross to unbreak perl's line numbers printing.
Signed-off-by: Alexander Kanavin
---
...mt.sh-add-32-bit-integer-format-defi.patch | 28 +++
.../perl-cross/perlcross_1.5.bb | 1 +
.../perl/files/CVE-2023-31484.patch
Signed-off-by: Alexander Kanavin
---
...pi-Use-GNU-strerror_r-when-available.patch | 55 ---
...{libcgroup_3.0.0.bb => libcgroup_3.1.0.bb} | 8 +--
2 files changed, 4 insertions(+), 59 deletions(-)
delete mode 100644
Signed-off-by: Alexander Kanavin
---
...Makefile-check-the-file-if-patched-or-not.patch | 14 ++
.../{perlcross_1.4.1.bb => perlcross_1.5.bb} | 2 +-
2 files changed, 7 insertions(+), 9 deletions(-)
rename meta/recipes-devtools/perl-cross/{perlcross_1.4.1.bb =>
This significantly speeds up the build by default.
Signed-off-by: Alexander Kanavin
---
meta/recipes-connectivity/openssl/openssl_3.1.2.bb | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/meta/recipes-connectivity/openssl/openssl_3.1.2.bb
Drop autoconf-2.73.patch as upstream did update the gnulib.
Signed-off-by: Alexander Kanavin
---
.../gettext-0.21.1/autoconf-2.73.patch| 50 ---
...21.1.bb => gettext-minimal-native_0.22.bb} | 0
.../COPYING | 0
Drop backports. 0001-vpn-Adding-support-for-latest-pppd-2.5.0-release.patch
is partially dropped, as upstream hasn't included the newly added header
into the tarball (issue addressed after the release).
Signed-off-by: Alexander Kanavin
---
...ify-and-sanitize-packet-length-first.patch | 63
From: Yogita Urade
Integer Overflow vulnerability in mp_grow in libtom libtommath before
commit beba892bc0d4e4ded4d667ab1d2a94f4d75109a9, allows attackers to
execute arbitrary code and cause a denial of service (DoS).
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-36328
From: Ross Burton
It might be useful to grab screenshots from qemu-system-native (for
example, for QA purposes).
Signed-off-by: Ross Burton
---
meta/recipes-devtools/qemu/qemu-system-native_8.0.4.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git
From: Ross Burton
Instead of bitbake and grep, just use bitbake-getvar.
Signed-off-by: Ross Burton
---
scripts/oe-find-native-sysroot | 15 ++-
1 file changed, 2 insertions(+), 13 deletions(-)
diff --git a/scripts/oe-find-native-sysroot b/scripts/oe-find-native-sysroot
index
From: Ross Burton
We have glibc 2.38 which added strlcpy(), so enable the use of it
explicitly in the Meson cross file for when the target doesn't support
qemu-usermode (which will result in the default of not using it).
Signed-off-by: Ross Burton
---
Thanks!
Alex
On Wed, 6 Sept 2023 at 16:29, Mikko Rapeli wrote:
>
> When tests fail, capture the sshd and ssh client logs from
> the failing test run. These are needed to investigate
> the root cause.
>
> Reference: https://bugzilla.yoctoproject.org/show_bug.cgi?id=15178
>
> Signed-off-by: Mikko
When tests fail, capture the sshd and ssh client logs from
the failing test run. These are needed to investigate
the root cause.
Reference: https://bugzilla.yoctoproject.org/show_bug.cgi?id=15178
Signed-off-by: Mikko Rapeli
---
...ss-Makefile-print-logs-if-test-fails.patch | 34
Please submit upstream at the same time you submit here.
With openssh it's not complicated: https://github.com/openssh/openssh-portable
Alex
On Wed, 6 Sept 2023 at 15:23, Mikko Rapeli wrote:
>
> When tests fail, capture the sshd and ssh client logs from
> the failing test run. These are
When tests fail, capture the sshd and ssh client logs from
the failing test run. These are needed to investigate
the root cause.
Reference: https://bugzilla.yoctoproject.org/show_bug.cgi?id=15178
Signed-off-by: Mikko Rapeli
---
...ss-Makefile-print-logs-if-test-fails.patch | 34
On Wed, Sep 6, 2023 at 3:04 AM Steve Sakoman via
lists.openembedded.org
wrote:
>
> Hi Deepthi,
>
> Thanks for helping with CVEs.
>
> In the future when you submit multiple patches for the same recipe
> please do so as a patch series. That way I'll know what the intended
> ordering is without
On 6 Sep 2023, at 13:56, Bruce Ashfield wrote:
>
> On Wed, Sep 6, 2023 at 8:39 AM Ross Burton wrote:
>>
>> On 5 Sep 2023, at 15:37, Bruce Ashfield via lists.openembedded.org
>> wrote:
>>>
>>> From: Bruce Ashfield
>>>
>>> Richard,
>>>
>>> Here's the next round of -stable and configuration
Hi Deepthi,
Thanks for helping with CVEs.
In the future when you submit multiple patches for the same recipe
please do so as a patch series. That way I'll know what the intended
ordering is without having to examine the patch content.
Thanks,
Steve
On Tue, Sep 5, 2023 at 11:46 PM wrote:
>
>
On Wed, Sep 6, 2023 at 8:39 AM Ross Burton wrote:
>
> On 5 Sep 2023, at 15:37, Bruce Ashfield via lists.openembedded.org
> wrote:
> >
> > From: Bruce Ashfield
> >
> > Richard,
> >
> > Here's the next round of -stable and configuration changes.
> >
> > I also ran into a build issue with 6.4+ on
From: Changqing Li
Fix an issue with early log messages being lost when running in systemd.
Signed-off-by: Changqing Li
Signed-off-by: Steve Sakoman
---
...KillMode-process-is-not-recommended-.patch | 33
...-messages-lost-when-running-in-syste.patch | 75 +++
From: Abe Kohandel
Depending on the host gcc version, libdnf fails to compile due to
missing cstdint inclusions. These issue have already been addressed
upstream, add the patches to resolve this for older versions of the
library.
These commits are taken directly from the libdnf project at
From: Martin Jansa
* LDFLAGS += "-fuse-ld=bfd" in the recipe doesn't work and
it still fails to build with ld-is-gold in DISTRO_FEATURES
removal of this line sent to master in:
https://lists.openembedded.org/g/openembedded-core/message/185167
* the most important ones are the 1st which
From: Chee Yang Lee
Release date: 2023-08-24
Security
gh-108310: Fixed an issue where instances of ssl.SSLSocket were
vulnerable to a bypass of the TLS handshake and included protections
(like certificate verification) and treating sent unencrypted data as if
it were post-handshake TLS
From: Archana Polampalli
A Segmentation Fault issue discovered in in ieee_segment function in outieee.c
in nasm 2.14.03 and 2.15 allows remote attackers to cause a denial of service
via crafted assembly file.
References:
https://nvd.nist.gov/vuln/detail/CVE-2020-21528
Upstream patches:
From: Chee Yang Lee
ignore changes to FILE_RCSID part.
Signed-off-by: Chee Yang Lee
Signed-off-by: Steve Sakoman
---
.../file/file/CVE-2022-48554.patch| 35 +++
meta/recipes-devtools/file/file_5.41.bb | 4 ++-
2 files changed, 38 insertions(+), 1
From: Chee Yang Lee
Signed-off-by: Chee Yang Lee
Signed-off-by: Steve Sakoman
---
.../libssh2/libssh2/CVE-2020-22218.patch | 34 +++
.../recipes-support/libssh2/libssh2_1.10.0.bb | 1 +
2 files changed, 35 insertions(+)
create mode 100644
From: Kai Kang
Backport and rebase patch to fix CVE-2023-23529.
CVE: CVE-2023-23529
Signed-off-by: Kai Kang
Signed-off-by: Steve Sakoman
---
.../webkit/webkitgtk/CVE-2023-23529.patch | 65 +++
meta/recipes-sato/webkit/webkitgtk_2.36.8.bb | 1 +
2 files changed, 66
From: Meenali Gupta
There is a stack overflow vulnerability in ash.c:6030 in busybox
vbefore 1.35. In the environment of Internet of Vehicles, this
vulnerability can be executed from command to arbitrary code execution.
Signed-off-by: Meenali Gupta
Signed-off-by: Steve Sakoman
---
From: Vijay Anusuri
Upstream-commit:
https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=e4e65c03f4c11292a3e40ef72ca3f194c8bffdd6
&
https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=9122999252c7e21eb7774de11d539748e7bdf46d
Signed-off-by: Vijay Anusuri
Signed-off-by: Steve
From: Soumya Sambu
Backport patch to fix CVE-2023-29491.
Signed-off-by: Soumya Sambu
Signed-off-by: Steve Sakoman
---
.../ncurses/files/CVE-2023-29491.patch| 464 ++
.../ncurses/ncurses_6.3+20220423.bb | 1 +
2 files changed, 465 insertions(+)
create mode
From: Adrian Freihofer
This is a read past end of buffer issue in the json_parse test app,
which can happened with malformed json data. It's not an issue with the
library itself. For what ever reason this CVE has a base score of 9.8.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2021-32292
From: Hitendra Prajapati
Upstream-Status: Backport from
https://gitlab.com/libtiff/libtiff/-/commit/b0e1c25dd1d065200c8d8f59ad0afe014861a1b9
Signed-off-by: Hitendra Prajapati
Signed-off-by: Steve Sakoman
---
.../libtiff/tiff/CVE-2023-26966.patch | 35 +++
From: Hitendra Prajapati
Backport fixes for:
* CVE-2023-2908 - Upstream-Status: Backport from
https://gitlab.com/libtiff/libtiff/-/commit/9bd48f0dbd64fb94dc2b5b05238fde0bfdd4ff3f
* CVE-2023-3316 - Upstream-Status: Backport from
Please review this set of changes for kirkstone and have comments back by
end of day Friday, September 8.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5835
The following changes since commit 8ceaeff90023e51c7e874464f026b30d24035bda:
On 5 Sep 2023, at 15:37, Bruce Ashfield via lists.openembedded.org
wrote:
>
> From: Bruce Ashfield
>
> Richard,
>
> Here's the next round of -stable and configuration changes.
>
> I also ran into a build issue with 6.4+ on one of my builders
> due to a gzip mismatch with zlib versions. So
On 6 Sep 2023, at 02:53, Yuta Hayama wrote:
>
> Hi,
>
> On 2023/09/05 20:14, Ross Burton wrote:
>> On 5 Sep 2023, at 08:29, Yuta Hayama wrote:
>>>
>>> affected_versions in kernel_cves.json does not mean "first affected version
>>> to last affected version" but actually "first affected version
From: Narpat Mali
CVE-2022-40896:
A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments
through 2.15.0 via SmithyLexer.
The CVE issue is fixed by 3 different commits between the releases 2.14.0
(for Smithy lexer), 2.15.0 (for SQL+Jinja lexers) and 2.15.1 (for Java
properties) as
Upstream-Status: Backport from
[https://gitlab.com/qemu-project/qemu/-/commit/9d38a8434721a6479fe03fb5afb150ca793d3980]
CVE: CVE-2023-3180
Signed-off-by: Ashish Sharma
---
meta/recipes-devtools/qemu/qemu.inc | 1 +
.../qemu/qemu/CVE-2023-3180.patch | 49
From: Yang Xu
If PYTHONDONTWRITEBYTECODE set to 1, do_install:append will fail because
no .pyc is removed.
Add -f flag to prevent command fail.
Signed-off-by: Yang Xu
---
meta/recipes-devtools/meson/meson_1.1.1.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git
Hi Chee Yang,
Sorry for missing out the patch file.
I have sent a separate mail that contains patch as :-
https://lists.openembedded.org/g/openembedded-core/message/187288
[kirkstone][PATCH V2] binutils: Fix CVE-2022-47008
Thanks,
Deepthi
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages
Signed-off-by: Deepthi Hemraj
---
.../binutils/binutils-2.38.inc| 1 +
.../binutils/0028-CVE-2022-47011.patch| 35 +++
2 files changed, 36 insertions(+)
create mode 100644
meta/recipes-devtools/binutils/binutils/0028-CVE-2022-47011.patch
diff --git
Signed-off-by: Deepthi Hemraj
---
.../binutils/binutils-2.38.inc| 1 +
.../binutils/0027-CVE-2022-47008.patch| 67 +++
2 files changed, 68 insertions(+)
create mode 100644
meta/recipes-devtools/binutils/binutils/0027-CVE-2022-47008.patch
diff --git
ooopps...my bad.
I just checked in
https://autobuilder.yocto.io/pub/non-release/patchmetrics/cve-status-kirkstone.txt
(
https://autobuilder.yocto.io/pub/non-release/patchmetrics/cve-status-kirkstone.txt
) and submitted a patch without checking if its already submitted or not.
Thanks for the
Hi Siddharth,
CVE-2023-40303 patch for kirkstone already submitted and landed in
kirkstone-nut.
https://git.openembedded.org/openembedded-core-contrib/commit/?h=stable/kirkstone-nut=2d2fc8e2b0eaa20f6bf8cfc0d1acd908f3dac2ec
Thanks & Regards,
Vjay
On Wed, Sep 6, 2023 at 1:45 PM Siddharth via
From: Siddharth Doshi
Upstream-Status: Backport from
[https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=e4e65c03f4c11292a3e40ef72ca3f194c8bffdd6]
CVE: CVE-2023-40303
Signed-off-by: Siddharth Doshi
---
.../inetutils/inetutils/CVE-2023-40303.patch | 283 ++
On Wed, 6 Sept 2023 at 08:56, wangmy wrote:
> 0004-Set-gpgme-variables-with-pkg-config-not-with-cmake-m.patch
> removed since it's included in 1.16.0
> -From 25113b34bc1aae377d7bf447e69528783e2c177e Mon Sep 17 00:00:00 2001
> -From: Alexander Kanavin
> -Date: Fri, 30 Dec 2016 18:23:27 +0200
>
From: Shubham Kulkarni
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an
insufficiently trustworthy search path, leading to remote code
execution if an agent is forwarded to an attacker-controlled system.
(Code in /usr/lib is not necessarily safe for loading into ssh-agent.)
NOTE:
> -Original Message-
> From: openembedded-core@lists.openembedded.org c...@lists.openembedded.org> On Behalf Of Hemraj, Deepthi via
> lists.openembedded.org
> Sent: Wednesday, September 6, 2023 3:32 PM
> To: openembedded-core@lists.openembedded.org
> Cc: randy.macl...@windriver.com;
Signed-off-by: Deepthi Hemraj
---
meta/recipes-devtools/binutils/binutils-2.38.inc | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc
b/meta/recipes-devtools/binutils/binutils-2.38.inc
index 5c3ff3d93a..aa77263c66 100644
---
Signed-off-by: Deepthi Hemraj
---
meta/recipes-devtools/binutils/binutils-2.38.inc | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc
b/meta/recipes-devtools/binutils/binutils-2.38.inc
index 5c3ff3d93a..9bcf7ad4f5 100644
---
Dnia środa, 23 sierpnia 2023 03:00:59 CEST Khem Raj pisze:
> On Tue, Aug 22, 2023 at 5:25 PM Khem Raj wrote:
> > OK I have narrowed down the problem a bit more
> >
> > It seems to trigger with poky master + this patch series on archlinux
> > build host ( it has glibc 2.38 natively ) . It works
From: Wang Mingyu
Changelog:
Implement OpenPGP using librpm API
0004-Set-gpgme-variables-with-pkg-config-not-with-cmake-m.patch
removed since it's included in 1.16.0
Signed-off-by: Wang Mingyu
---
...les-with-pkg-config-not-with-cmake-m.patch | 27 ---
.../{librepo_1.15.2.bb
83 matches
Mail list logo