> On Mon, 15 Jan 2024 at 15:03, Jasper Orschulko
> > wrote:
> > >
> > > > Sadly it wouldn't. Auto-generated github archives are known to
> > > > be
> > > > non-deterministic, and we even have a qa check to ensure no
> >
Thanks, good to know! Well, that buries that idea then I guess... we
will have to somehow deal with the release tarballs then I guess.
On Mon, 2024-01-15 at 15:05 +0100, Alexander Kanavin wrote:
> On Mon, 15 Jan 2024 at 15:03, Jasper Orschulko
> wrote:
> >
> > > Sa
> Sadly it wouldn't. Auto-generated github archives are known to be
> non-deterministic, and we even have a qa check to ensure no recipe is
> using them. I didn't raise this point because my objections are on
> the
> principle of using release tarballs, not this technicality.
Ah ok, that is
Hi Etienne,
GitHub also provides tarballs for the unmodified source code,
e.g.:https://github.com/libexpat/libexpat/archive/refs/tags/R_2_5_0.tar.gz
This corresponds to the "Source Code" asset that Github automatically
adds to releases, see:
Hi Alex,
> Okay, I've read the README file in that repo, and if i understood it
> right, the process is:
> - run fossology
> - have a human inspect the output, and correct it on a file by file
> basis (tremendous waste of time and limited developer resources even
> when done the 'open source way'
Hi all,
The TL;DR:
If no one objects, I would like to put into motion that we gradually
move all oe-core recipes SRC_URIs from Github releases to git source
code (archives) for better source code traceability.
Reasoning follows:
---
Currently, there are (at least¹) 35 recipes in poky that
recipes.
This would allow for a quick adoption and flatten out the path for
making these variables required by default, in turn improving reporting
and security for openembedded products.
Cheers, Jasper
On Fri, 2023-08-25 at 09:57 -1000, Steve Sakoman wrote:
> On Fri, Aug 25, 2023 at 9:18
uot;matches" (1 CVE on Kernel vs. 300+), but after closer
inspection it turned out that was only due to an optional fuzzy
matching feature in dependencytrack and not because the results
actually improved. Sorry for the trouble.
Cheers, Jasper
On Fri, 2023-08-25 at 09:57 -1000, Steve Sakoman wrote:
>
h, while technically correct, makes a bad situation even worse.
Still, only a handful of recipes which happen to be of type
"application" and explicitly set the "vendor" attribute, had the chance
to successfully match some (but not all) CVE CPEs. False n
From: Jasper Orschulko
Use "*" (wildcard) instead of "a" (application)in cpe_id generation,
as the product is not necessarily of type application, e.g.
linux_kernel, which is of type "o" (operating system).
(From OE-Core rev: cae9528b002c06143bf048b991b9d7e939
From: Jasper Orschulko
Use "*" (wildcard) instead of "a" (application)in cpe_id generation,
as the product is not necessarily of type application, e.g.
linux_kernel, which is of type "o" (operating system).
(From OE-Core rev: cae9528b002c06143bf048b991b9d7e939
From: Jasper Orschulko
Use "*" (wildcard) instead of "a" (application)in cpe_id generation,
as the product is not necessarily of type application, e.g.
linux_kernel, which is of type "o" (operating system).
(From OE-Core rev: cae9528b002c06143bf048b991b9d7e939
Hi Luca,
thanks for the heads-up. That's curious, I assumed this would not be a
problem as my signing email address is the same as the from address?
(mbox) Adding cc: Jasper Orschulko from line
'From: Jasper Orschulko '
(body) Adding cc: Jasper Orschulko from line
'Signed-off-by: Jasper
Use "*" (wildcard) instead of "a" (application)in cpe_id generation,
as the product is not necessarily of type application, e.g.
linux_kernel, which is of type "o" (operating system).
Signed-off-by: Jasper Orschulko
---
meta/lib/oe/cve_check.py | 2 +-
1 file chang
Signed-off-by: Jasper Orschulko
---
meta/recipes-devtools/repo/{repo_2.22.bb => repo_2.23.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-devtools/repo/{repo_2.22.bb => repo_2.23.bb} (95%)
diff --git a/meta/recipes-devtools/repo/repo_2.22.bb
b/meta/r
search for
those reveals that they actually are used in other (older?) projects.
So I'm not quite sure how many other users might be affected by this.
Maybe we actually SHOULD keep supporting them for the LTS branch, just
in case?
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel. +49 30
ES",
as described in the cmake docs:
https://cmake.org/cmake/help/v3.16/module/FindGTest.html#result-variables
So all good here! :)
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel. +49 30 58 58 14 265
Fax +49 30 58 58 14 999
jasper.orschu...@iris-sensing.com
• • • • • • • • •
to `testing::*
Can someone confirm this issue? Feel free to reach out for further
details.
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel. +49 30 58 58 14 265
Fax +49 30 58 58 14 999
jasper.orschu...@iris-sensing.com
• • • • • • • • • • • • • • • • • • • • • • • • • •
iris-GmbH
From: Jasper Orschulko
Using a task instead of a version specific patch for setting the repo
revision within the source code. This drastically decreases the
maintenance burden and easier usage of the OE update helper.
Signed-off-by: Jasper Orschulko
---
.../0001-Set-REPO_REV-to-v2.17.3.patch
From: Jasper Orschulko
Signed-off-by: Jasper Orschulko
---
meta/recipes-devtools/repo/{repo_2.17.3.bb => repo_2.18.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-devtools/repo/{repo_2.17.3.bb => repo_2.18.bb} (95%)
diff --git a/meta/recipes-devtool
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
In regards to automatic update patch generation this actually is pretty
useful. I think I'll throw an extra patch on top to integrate this
suggestion.
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel. +49 30 58 58 14 265
Fax +49 30 58
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Sorry about that. Seems I got sloppy during one of the patch revisions
and accidently formatted one of the patches from the wrong repo
revision.
Should now work with v7 on the ML.
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel. +49
From: Jasper Orschulko
Add a recipe for repo 2.17.3, prerequisite for the repo fetcher.
Signed-off-by: Jasper Orschulko
---
meta/conf/distro/include/maintainers.inc | 1 +
.../0001-Set-REPO_REV-to-v2.17.3.patch| 35 +++
.../repo/repo/0001-python3-shebang.patch
From: Jasper Orschulko
Add repo-native as prerequisite for the repo fetcher.
Signed-off-by: Jasper Orschulko
---
meta/classes/base.bbclass | 4
1 file changed, 4 insertions(+)
diff --git a/meta/classes/base.bbclass b/meta/classes/base.bbclass
index a65fcc6c1d..b709777f24 100644
From: Jasper Orschulko
Add repo-native as prerequisite for the repo fetcher.
Signed-off-by: Jasper Orschulko
---
meta/classes/base.bbclass | 4
1 file changed, 4 insertions(+)
diff --git a/meta/classes/base.bbclass b/meta/classes/base.bbclass
index a65fcc6c1d..b709777f24 100644
From: Jasper Orschulko
Add a recipe for repo 2.17.3, prerequisite for the repo fetcher.
Signed-off-by: Jasper Orschulko
---
meta/conf/distro/include/maintainers.inc | 1 +
.../0001-Set-REPO_REV-to-v2.17.3.patch| 35 +++
.../repo/repo/0001-python3-shebang.patch
s shouldn't be a major issue.
What are your thoughts on this?
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel. +49 30 58 58 14 265
Fax +49 30 58 58 14 999
jasper.orschu...@iris-sensing.com
• • • • • • • • • • • • • • • • • • • • • • • • • •
iris-GmbH
infrared & intelligent sensors
Sch
> Yeah... was thinking about that as well. Wasn't sure though if this
> would be considered bad practise. What do the others think about
> this?
Some feedback on this would be appreciated. Thanks!
- --
With best regards
Jasper Orschulko
DevOps Engine
he fetcher.
These will follow soon.
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel. +49 30 58 58 14 265
Fax +49 30 58 58 14 999
jasper.orschu...@iris-sensing.com
• • • • • • • • • • • • • • • • • • • • • • • • • •
iris-GmbH
infrared & intelligent sensors
Schnellerstraße 1-5 | 12439
to
a fixed revision but one or more repositories within the manifest
reference a dynamic refspec. This is done to ensure the reproducibility
of a version-pinned recipe.
Signed-off-by: Jasper Orschulko
---
lib/bb/fetch2/repo.py | 259 +-
1 file changed, 230
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi Alex,
thanks for your input. You are absolutely correct, this currently does
not work. We'll look into this.
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel. +49 30 58 58 14 265
Fax +49 30 58 58 14 999
jasper.orschu...@iris
away, you can do an offline build.
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel. +49 30 58 58 14 265
Fax +49 30 58 58 14 999
jasper.orschu...@iris-sensing.com
• • • • • • • • • • • • • • • • • • • • • • • • • •
iris-GmbH
infrared & intelligent sensors
Schnellerstraße 1-5 | 1
to
a fixed revision but one or more repositories within the manifest
reference a dynamic refspec. This is done to ensure the reproducibility
of a version-pinned recipe.
Signed-off-by: Jasper Orschulko
---
lib/bb/fetch2/repo.py | 259 +-
1 file changed, 230
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
> Remove " \n".
done in v6.
> You can remove "m 0755" as that is the default for install.
whoops, that sneaked back in as I was addressing Khem's comment :)
- --
With best regards
Jasper Orschulko
DevOps Engineer
Te
>
> RDEPENDS:${PN} = "python3 git"
will be fixed in v6.
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel. +49 30 58 58 14 265
Fax +49 30 58 58 14 999
jasper.orschu...@iris-sensing.com
• • • • • • • • • • • • • • • • • • • • • • • • • •
iris-GmbH
infrared &
an offline build.
You can try this for yourself, if you like:
1) clone https://github.com/Jasper-Ben/demo-kas
2) (with docker and docker-compose installed) run `make offline-build`
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel. +49 30 58 58 14 265
Fax +49 30 58 58 14 999
epo as basis for the repo init: `repo init -u
$metalayer-repo -m $path-to-manifest-file`. Not pretty, but it works.
So if cloning within the parser is a dealbreaker for you, this option
might be worth looking into.
- --
With best regards
Jasper Orschulko
DevOps Engineer
e enduser
installing repo on a target is still able to override the default
REPO_REV by setting the environment variable.
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel. +49 30 58 58 14 265
Fax +49 30 58 58 14 999
jasper.orschu...@iris-se
From: Jasper Orschulko
Add git-native and repo-native as prerequisite for the repo fetcher.
Signed-off-by: Jasper Orschulko
---
meta/classes/base.bbclass | 5 +
1 file changed, 5 insertions(+)
diff --git a/meta/classes/base.bbclass b/meta/classes/base.bbclass
index a65fcc6c1d..3298bd1952
From: Jasper Orschulko
Add a recipe for repo 2.17.3, prerequisite for the repo fetcher.
Signed-off-by: Jasper Orschulko
---
meta/conf/distro/include/maintainers.inc | 1 +
.../0001-Set-REPO_REV-to-v2.17.3.patch| 35 +++
.../repo/repo/0001-python3-shebang.patch
ed, 2021-11-10 at 23:55 +, Peter Kjellerstedt wrote:
> > -Original Message-
> > From: bitbake-de...@lists.openembedded.org > de...@lists.openembedded.org> On Behalf Of Jasper Orschulko
> > Sent: den 9 november 2021 12:26
> > To: richard.pur...@linuxfoundati
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Unless there are any more comments, I believe this patch series should
be mergable now.
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel. +49 30 58 58 14 265
Fax +49 30 58 58 14 999
jasper.orschu...@iris-sensing.com
From: Jasper Orschulko
Add git-native and repo-native as prerequisite for the repo fetcher.
Signed-off-by: Jasper Orschulko
---
meta/classes/base.bbclass | 5 +
1 file changed, 5 insertions(+)
diff --git a/meta/classes/base.bbclass b/meta/classes/base.bbclass
index a65fcc6c1d..3298bd1952
From: Jasper Orschulko
Add a recipe for repo 2.17.3, prerequisite for the repo fetcher.
Signed-off-by: Jasper Orschulko
---
meta/conf/distro/include/maintainers.inc | 1 +
.../0001-Set-REPO_REV-to-v2.17.3.patch| 34 +++
.../repo/repo/0001-python3-shebang.patch
Jasper Orschulko
DevOps Engineer
Tel. +49 30 58 58 14 265
Fax +49 30 58 58 14 999
jasper.orschu...@iris-sensing.com
• • • • • • • • • • • • • • • • • • • • • • • • • •
iris-GmbH
infrared & intelligent sensors
Schnellerstraße 1-5 | 12439 Berlin
https://iris-sensing.com/
On Mon, 2021-11-08 a
lass containing a repo fetcher, we will
clone 10 identical manifest repos. We'll work on improving this.
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel. +49 30 58 58 14 265
Fax +49 30 58 58 14 999
jasper.orschu...@iris-sensing.com
• • • • • • • • • • • • • • • • • • • • • • • • • •
iris
of the fetcher as it is the only
> way
> to track all of it's corner cases, it still doesn't give entire
> coverage
> though sadly.
We are currently still missing any tests for the new fetcher. We will
add them in the course of the next days. Meanwhile, I have prepared a
demo en
to suggestions! :)
> injecting SRCREV after unpack will be better imo
I am not sure I completely understand what you are saying here. Are you
saying, that the SRCREV in the recipe should be set somewhere else?
Cheers!
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel. +49 30 58 58 14 265
Fax
From: Jasper Orschulko
Add a recipe for repo 2.17.3, prerequisite for the repo fetcher.
Signed-off-by: Jasper Orschulko
---
meta/conf/distro/include/maintainers.inc | 1 +
.../0001-Set-REPO_REV-to-v2.17.3.patch| 34 +++
.../repo/repo/0001-python3-shebang.patch
From: Jasper Orschulko
Add git-native and repo-native as prerequisite for the repo fetcher.
Signed-off-by: Jasper Orschulko
---
meta/classes/base.bbclass | 5 +
1 file changed, 5 insertions(+)
diff --git a/meta/classes/base.bbclass b/meta/classes/base.bbclass
index a65fcc6c1d..3298bd1952
-manual/mega-manual.html.
However, this does not extend to the "latest" page, which is just a
source for confusion. Is there any chance we could change that?
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel. +49 30 58 58 14 265
Fax +49 30 58 58 14 999
jasper.orschu...@iris-s
roach
this issue, but none of them seem straight forward nor pretty. Bitbake
as it is is just fundamentally not good at handling highly dynamic
configurations. The combination with KAS somewhat defuses the
situation, but there are still some situations where there is no easy
answer.
- --
With best rega
improving the yocto tooling :)
Why reinvent the wheel, when you can reuse whats already there? You wouldn't
reinvent git just for yocto, would you?
Best regards,
Jasper
On 5 November 2021 18:46:27 CET, Alexander Kanavin
wrote:
>On Fri, 5 Nov 2021 at 16:24, Jasper Orschulko <
>jas
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi Peter,
> Change to RDEPENDS:${PN} and move it to between do_install() and
> BBCLASSEXTEND.
What does this do? The Yocto manual only mentions RDEPENDS_${PN}.
ack to the rest.
- --
With best regards
Jasper Orschulko
DevOps Engineer
Te
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
SHA rev set in v2 of the patch series :)
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel. +49 30 58 58 14 265
Fax +49 30 58 58 14 999
jasper.orschu...@iris-sensing.com
• • • • • • • • • • • • • • • • • • • • • • • • • •
iris-GmbH
From: Jasper Orschulko
Add git-native and repo-native as prerequisite for the repo fetcher.
Signed-off-by: Jasper Orschulko
---
meta/classes/base.bbclass | 5 +
1 file changed, 5 insertions(+)
diff --git a/meta/classes/base.bbclass b/meta/classes/base.bbclass
index a65fcc6c1d..3298bd1952
From: Jasper Orschulko
Add a recipe for repo, prerequisite for the repo fetcher.
Signed-off-by: Jasper Orschulko
---
.../repo/files/0001-python3-shebang.patch | 21
.../0001-Set-REPO_REV-to-v2.17.3.patch| 33 +++
meta/recipes-devtools/repo/repo.inc
hin the meta layer and proceed with the release process. So no more
manually maintaining the component versioning within the yocto recipes.
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel. +49 30 58 58 14 265
Fax +49 30 58 58 14 999
jasper.orschu...@iris-sensing.
; for
> a
> SHA revision, as I wouldn't bet my life on google not
> deleting/removing
> tags from their repos - and unpleasantly we wouldn't even notice that
> easily
Fair point, will do!
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel. +49 30 58 58 14 265
Fax +49 30 58
s with any network access.
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel. +49 30 58 58 14 265
Fax +49 30 58 58 14 999
jasper.orschu...@iris-sensing.com
• • • • • • • • • • • • • • • • • • • • • • • • • •
iris-GmbH
infrared & intelligent sensors
Schnellerstraße 1-5 | 12439
on this.
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel. +49 30 58 58 14 265
Fax +49 30 58 58 14 999
jasper.orschu...@iris-sensing.com
• • • • • • • • • • • • • • • • • • • • • • • • • •
iris-GmbH
infrared & intelligent sensors
Schnellerstraße 1-5 | 12439 Berlin
https://iris-sensing
From: Jasper Orschulko
Add git-native and repo-native as prerequisite for the repo fetcher.
Signed-off-by: Jasper Orschulko
---
meta/classes/base.bbclass | 5 +
1 file changed, 5 insertions(+)
diff --git a/meta/classes/base.bbclass b/meta/classes/base.bbclass
index a65fcc6c1d..3298bd1952
From: Jasper Orschulko
Add a recipe for repo, prerequisite for the repo fetcher.
Signed-off-by: Jasper Orschulko
---
.../repo/files/0001-python3-shebang.patch | 21
.../0001-Set-REPO_REV-to-v2.17.3.patch| 33 +++
meta/recipes-devtools/repo/repo.inc
From: Martin Koppehel
Setting latest_revision contained a race condition, where it would be
set to an empty string, if the hash calculation function would take to
long.
Signed-off-by: Jasper Orschulko
---
lib/bb/fetch2/__init__.py | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff
to
a fixed revision but one or more repositories within the manifest
reference a dynamic refspec. This is done to ensure the reproducibility
of a version-pinned recipe.
Signed-off-by: Jasper Orschulko
---
lib/bb/fetch2/repo.py | 226 --
1 file changed, 198
a terminal control sequence) it can lead to the
emission of extra X protocol requests to the X server.
Signed-off-by: Jasper Orschulko
---
.../xorg-lib/libx11/CVE-2021-31535.patch | 333 ++
.../recipes-graphics/xorg-lib/libx11_1.6.9.bb | 1 +
2 files changed, 334 insertions
Obviously, patch files in patch files still confuse me... :D v3 on it's way!
On 22 June 2021 16:30:40 CEST, Steve Sakoman wrote:
>On Tue, Jun 22, 2021 at 2:09 AM Jasper Orschulko via
>lists.openembedded.org
>wrote:
>>
>> https://lists.x.org/archives/xorg-announce
a terminal control sequence) it can lead to the
emission of extra X protocol requests to the X server.
Upstream-Status: Backport
[https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/8d2e02ae650f00c4a53deb625211a0527126c605]
CVE: CVE-2021-31535
Signed-off-by: Jasper Orschulko
---
.../xorg-lib
a terminal control sequence) it can lead to the
emission of extra X protocol requests to the X server.
Upstream-Status: Backported
[https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/8d2e02ae650f00c4a53deb625211a0527126c605]
CVE: CVE-2021-31535
Signed-off-by: Jasper Orschulko
---
.../xorg-lib
use-after-free. The greatest impact
>from this flaw is to confidentiality, integrity, and availability.
>>
>> Upstream-Status: Backport [from fedora:
>> https://bugzilla.redhat.com/show_bug.cgi?id=1954243]
>>
>> Signed-off-by: Jasper Orschulko
>> ---
>>
: Backport [from fedora:
https://bugzilla.redhat.com/show_bug.cgi?id=1954243]
Signed-off-by: Jasper Orschulko
---
.../libxml/libxml2/CVE-2021-3518.patch| 108 ++
meta/recipes-core/libxml/libxml2_2.9.10.bb| 1 +
2 files changed, 109 insertions(+)
create mode 100644 meta
: Backport [from fedora:
https://bugzilla.redhat.com/show_bug.cgi?id=1954243]
Signed-off-by: Jasper Orschulko
---
.../libxml/libxml2/CVE-2021-3518.patch| 108 ++
meta/recipes-core/libxml/libxml2_2.9.10.bb| 1 +
2 files changed, 109 insertions(+)
create mode 100644 meta
due to renaming of the
source archive
Signed-off-by: Jasper Orschulko
Upstream-Status: Submitted
[https://lists.openembedded.org/g/openembedded-core/message/153030?p=,,,20,0,0,0::Created,,Jasper,20,2,0,83581993]
---
.../expat/expat/CVE-2013-0340.patch | 1758 +
.../expat/ex
due to renaming of the
source archive
Signed-off-by: Jasper Orschulko
Upstream-Status: Submitted
[https://lists.openembedded.org/g/openembedded-core/message/153030?p=,,,20,0,0,0::Created,,Jasper,20,2,0,83581993
]
---
.../expat/expat/CVE-2013-0340.patch | 1758 +
.../expat/ex
). While removing a non-existing
file does no harm, I will provide a new patch tomorrow without this
task, for tidiness' sake. ;)
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel. +49 30 58 58 14 265
Fax +49 30 58 58 14 999
jasper.orschu...@iris-sensing.com
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Revision of the the patch file. Please verify. :)
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel. +49 30 58 58 14 265
Fax +49 30 58 58 14 999
jasper.orschu...@iris-sensing.com
due to renaming of the
source archive
Signed-off-by: Jasper Orschulko
---
.../expat/expat/CVE-2013-0340.patch | 1758 +
.../expat/expat/libtool-tag.patch | 41 +-
meta/recipes-core/expat/expat_2.2.9.bb| 10 +-
3 files changed, 1783 insertions(+),
? :)
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel. +49 30 58 58 14 265
Fax +49 30 58 58 14 999
jasper.orschu...@iris-sensing.com
• • • • • • • • • • • • • • • • • • • • • • • • • •
iris-GmbH
infrared & intelligent sensors
Ostendstraße 1-14 | 12459 Berlin
https://iris-sensing
as SRC_URI, as the expat
project is currently moving away from sourceforge towards github. Also,
we would not be affected by random archive renaming ;) What do you
think?
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel. +49 30 58 58 14 265
Fax +49 30 58 58 14 999
jasper.orschu...@iris-s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
P.S.: I am not too familiar with expat, this particular CVE, not with
the practise of backporting security patches, so someone(TM) should
definitely take a closer look at this first.
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel
eam.
Additionally, the SRC_URI had to be adjusted due to renaming of the
source archive
Signed-off-by: Jasper Orschulko
- ---
...expat-Backport-fix-for-CVE-2013-0340.patch | 1758 +
meta/recipes-core/expat/expat_2.2.9.bb|3 +-
2 files changed, 1760 insertions(+), 1 delet
and backport security fixes (which seems sensible
for the dunfell LTS branch)
2. update the recipes to use 2.4.1
- --
With best regards
Jasper Orschulko
DevOps Engineer
Tel. +49 30 58 58 14 265
Fax +49 30 58 58 14 999
jasper.orschu...@iris-sensing.com
82 matches
Mail list logo
