On Fri, Oct 20, 2023 at 4:18 PM Michael Opdenacker
wrote:
>
> Hi Marta
>
> On 20.10.23 at 10:36, Marta Rybczynska wrote:
> > Hello everyone,
> > We have a constant flow of work on pending CVEs. During my discussion
> > with multiple people, there is a common need for synchronization of
> > this
All,
You are cordially invited to the next OpenEmbedded Happy Hour on October 25
for Asia/Pacific timezones @ 2100/9pm UTC (5pm ET / 2pm PT):
https://www.openembedded.org/wiki/Calendar
https://www.openembedded.org/wiki/Happy_Hours
CVEs that are currently considered "Patched" are classified into the following
3 statuses:
1. "Patched" - means that a patch file that fixed the vulnerability has
been applied
2. "Not affected" - means that the package version (PV) is not affected by the
vulnerability
3. "Undecidable" -
Signed-off-by: Steve Sakoman
---
.../linux/cve-exclusion_5.4.inc | 207 +++---
1 file changed, 179 insertions(+), 28 deletions(-)
diff --git a/meta/recipes-kernel/linux/cve-exclusion_5.4.inc
b/meta/recipes-kernel/linux/cve-exclusion_5.4.inc
index
The pipe library is deprecated in Python 3.11 and will be removed in
Python 3.13. pipe.quote is just an import of shlex.quote anyway.
Clean up imports while we're at it.
Signed-off-by: Ola x Nilsson
Signed-off-by: Luca Ceresoli
(cherry picked from commit
From: Richard Purdie
Avoid a divide by zero traceback if unfortunate test counts are encountered.
Signed-off-by: Richard Purdie
(cherry picked from commit c5aeea53dfacb53dedb8445cb3523dc3a8cb6dca)
Signed-off-by: Steve Sakoman
---
scripts/lib/resulttool/report.py | 5 -
1 file changed, 4
From: Meenali Gupta
License-Update: additional firmwares
upgrade include fix for CVE-2023-20569 CVE-2022-40982 CVE-2023-20593
Changelog:
https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-20569
From: Siddharth Doshi
This includes CVE fix for CVE-2023-5535.
Signed-off-by: Siddharth Doshi
Signed-off-by: Steve Sakoman
---
meta/recipes-support/vim/vim.inc | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/meta/recipes-support/vim/vim.inc
Please review this set of patches for dunfell and have comments back by
end of day Thursday, October 26
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6098
with the exception of a known intermittent reproducibility issue with the
vim-common
From: Ashish Sharma
Upstream-Status: Backport from
[https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=d12f8998d2d086f0a6606589e5aedb7147e6f2f1]
CVE: CVE-2023-25588
Signed-off-by: Ashish Sharma
Signed-off-by: Steve Sakoman
---
.../binutils/binutils-2.34.inc| 1 +
On Tue, Oct 24, 2023 at 6:07 PM Khem Raj wrote:
>
> os.environ does not pass this down to runstrip() function and in
> strip_execs() its using STRIP bitbake variable to find the strip utility
> to use. Since there might be a trailing whitespace in KERNEL_STRIP
> remove that otherwise python is
os.environ does not pass this down to runstrip() function and in
strip_execs() its using STRIP bitbake variable to find the strip utility
to use. Since there might be a trailing whitespace in KERNEL_STRIP
remove that otherwise python is not able to launch it.
e.g.
FileNotFoundError: [Errno 2] No
From: Peter Marko
https://github.com/openssl/openssl/blob/openssl-3.0/NEWS.md#major-changes-between-openssl-3011-and-openssl-3012-24-oct-2023
Major changes between OpenSSL 3.0.11 and OpenSSL 3.0.12 [24 Oct 2023]
* Mitigate incorrect resize handling for symmetric cipher keys and IVs.
Disable the merge-on-head test until patchtest properly handles merging
of series subsets and accounts for patches that are rapidly merged (i.e.
before patchtest is run).
Signed-off-by: Trevor Gamblin
---
meta/lib/patchtest/tests/test_mbox_merge.py | 1 +
1 file changed, 1 insertion(+)
diff
From: Peter Marko
https://github.com/openssl/openssl/blob/openssl-3.1/NEWS.md#major-changes-between-openssl-313-and-openssl-314-24-oct-2023
Major changes between OpenSSL 3.1.3 and OpenSSL 3.1.4 [24 Oct 2023]
* Mitigate incorrect resize handling for symmetric cipher keys and IVs.
On Tue, Oct 24, 2023 at 5:49 AM Niko Mauno wrote:
>
> On 20.10.2023 19.34, Khem Raj wrote:
> > it seems you are quite sensitive to size, I wonder if opkg backend is
> > better suited for your usecase than rpm.
>
> Hi Khem, thanks for the idea. We used opkg a few years ago, however
> certain
Current Dev Position: YP 4.3 M4 (Feature Freeze)
Next Deadline: 2nd October 2023 YP 4.3 M4 build date
Next Team Meetings:
-
Bug Triage meeting Thursday October 26th 7:30 am PDT (
https://zoom.us/j/454367603?pwd=ZGxoa2ZXL3FkM3Y0bFd5aVpHVVZ6dz09)
-
Weekly Project Engineering Sync
Add basic support for PEP517 [1] for the 3 following backends that are
supported by bitbake:
- setuptools.build_meta
- poetry.core.masonry.api
- flit_core.buildapi
If a pyproject.toml file is found, use it to create the recipe,
otherwise fallback to the old setup.py method.
Some projects
In order to prepare the support for pyproject.toml (PEP517 [1]) enabled
projects, refactor the code and move setup.py specific code into a
specific class in order to allow sharing the PythonRecipeHandler class
No functionnal changes expected
[1]: https://peps.python.org/pep-0517/#source-tree
Add 3 tests to check the creation of PEP-517 project using the 3
backends supported by bitbake:
- setuptools.build_meta
- poetry.core.masonry.api
- flit_core.buildapi
Theses tests requires the tomllib python module, so skip theses tests
if module is not present. tomllib module is part of
By convention, all python recipes start with "python3-" so update
create_buildsys_python to do this
This rule doesn't apply for packages already starting with "python"
Update recipetool's selftest accordingly
Signed-off-by: Julien Stephan
---
meta/lib/oeqa/selftest/cases/recipetool.py |
Hello all,
This series adds basic support for PEP-517 in recipetool/devtool, plus somes
others fixes.
Recipetool/devtool selftest passed locally
Missing features:
- extra or optionnal dependencies are not handled
- version number for dependencies are not handled (issue already present
for the
Signed-off-by: Julien Stephan
---
meta/lib/oeqa/selftest/cases/devtool.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/lib/oeqa/selftest/cases/devtool.py
b/meta/lib/oeqa/selftest/cases/devtool.py
index c36b1efa78b..b5c488be8e8 100644
---
if user run devtool selftests with a local workspacelayer
the tests fail with various error such as:
- devtool.DevtoolAddTests.test_devtool_add just hangs
- devtool.DevtoolModifyTests.* fail with the following error:
ERROR: Found duplicated BBFILE_COLLECTIONS 'workspacelayer', check
Pull the actual email's subject line from the .mbox file and use that in
patchtest's test results response, so that it's clearer which patch it
is replying to.
Signed-off-by: Trevor Gamblin
---
scripts/patchtest-send-results | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff
On 20.10.2023 19.34, Khem Raj wrote:
> it seems you are quite sensitive to size, I wonder if opkg backend is
> better suited for your usecase than rpm.
Hi Khem, thanks for the idea. We used opkg a few years ago, however
certain technical reasons were in favor of rpm which we have used since.
Add a SECURITY.md file with hints for security researchers and other
parties who might report potential security vulnerabilities.
Signed-off-by: Richard Purdie
---
SECURITY.md | 13 +
1 file changed, 13 insertions(+)
create mode 100644 SECURITY.md
diff --git a/SECURITY.md
On Tue, 24 Oct 2023 at 06:12, qi...@fujitsu.com wrote:
>
> Hi,Alex
>
> As you said, it is not-that-elegant bit of code.
> But DATADIR is used as a part of CPPFLAGS for compiling c files in tests,
> such as libkeymap/libkeymap-test01.c, libkbdfile/libkbdfile-test13.c and
> others.
> sample:
>
>
Hello Alex,
On Mon, 23 Oct 2023 13:06:18 +0200
"Alexander Kanavin" wrote:
> Specifically, the test checks that everything needed for building
> standard oe-core images for x86_64 and arm64 is available from
> the cache (with minor exceptions). Going forward, a complete
> world check could be
On 24.10.2023 09:12, Vyacheslav Yurkov wrote:
Hey Lukas
On 24.10.2023 08:33, Lukas Funke wrote:
- I placed the correct URL into SRC_URI, but do_go_vendor still
failed with following stacktrace:
File:
'/home/uvv/projects/yocto-lorch-mapro/openembedded-core/meta/classes/go-vendor.bbclass',
On 24.10.2023 08:19, Lukas Funke wrote:
- Could please clarify where does the version from go.mod hide? Is
it taken directly from go.mod? I'm trying to understand what should
be the workflow when a module version should be bumped up in the
go.mod. Will that be reflected in the recipe in
Hey Lukas
On 24.10.2023 08:33, Lukas Funke wrote:
- I placed the correct URL into SRC_URI, but do_go_vendor still
failed with following stacktrace:
File:
'/home/uvv/projects/yocto-lorch-mapro/openembedded-core/meta/classes/go-vendor.bbclass',
lineno: 86, function: do_go_vendor
On 23.10.2023 20:06, Vyacheslav Yurkov wrote:
On 23.10.2023 14:18, Lukas Funke wrote:
Hi Slava,
On 22.10.2023 20:34, Vyacheslav Yurkov wrote:
Hey Lukas,
Thanks a lot for the patch. A few questions/comments from my initial
test below.
- I tried it with a go-based backend I have by providing
Hi Slava,
On 23.10.2023 19:05, Vyacheslav Yurkov wrote:
On 23.10.2023 14:18, Lukas Funke wrote:
Hi Slava,
On 22.10.2023 20:34, Vyacheslav Yurkov wrote:
Hey Lukas,
Thanks a lot for the patch. A few questions/comments from my initial
test below.
- I tried it with a go-based backend I have
34 matches
Mail list logo
