[OE-core] [PATCH 2/2] python3: Fix do_create_manifest for python3-sqlite3

Some of the sqlite3 files ended up in python3-misc incorrectly, this is caused becuse we couldnt add the whole ${libdir}/python3/sqlite3 folder on the package because we also have another sqlite3-tests package that needs to include another folder from that directory. This patch not only fixes the

[OE-core] question about libgcrypt

Hi, I got the following error when building wireshark 2.4.5 during do_configure, .. | checking for libgcrypt-config... /yocto/work001/fnst/huangqy/upgrade/build/tmp/work/i586-poky-linux/wireshark/1_2.4.5-r0/recipe-sysroot/usr/bin/crossscripts/libgcrypt-config | checking for

Re: [OE-core] ✗ patchtest: failure for Upgrade 7 packages

On 2018年03月30日 15:44, Richard Purdie wrote: On Fri, 2018-03-30 at 15:26 +0800, Hongxu Jia wrote: On 2018年03月30日 15:05, Patchwork wrote: == Series Details == Series: Upgrade 7 packages Revision: 1 URL   : https://patchwork.openembedded.org/series/11622/ State : failure == Summary == Thank

Re: [OE-core] ✗ patchtest: failure for Upgrade 7 packages

On 2018年03月30日 15:05, Patchwork wrote: == Series Details == Series: Upgrade 7 packages Revision: 1 URL : https://patchwork.openembedded.org/series/11622/ State : failure == Summary == Thank you for submitting this patch series to OpenEmbedded Core. This is an automated response. Several

[OE-core] [PATCH V2 5/7] dhcp: 4.3.6 -> 4.4.1

1. Rebase 0004, 0007, 0010 2. Rework 0008 to support external bind 3. Drop backported 0011-Moved-the-call-to-isc_app_ctxstart-to-not-get-signal.patch License-Update: "ISC" -> "MPL-2.0" Signed-off-by: Hongxu Jia --- meta/recipes-connectivity/dhcp/dhcp.inc

[OE-core] [PATCH V2 4/7] libgpg-error: 1.27 -> 1.28

- Rebase pkgconfig.patch License-Update: copyright years Signed-off-by: Hongxu Jia --- .../libgpg-error/libgpg-error/pkgconfig.patch | 67 +- .../{libgpg-error_1.27.bb => libgpg-error_1.28.bb} | 6 +- 2 files changed, 44 insertions(+), 29

Re: [OE-core] [morty][PATCH] lib/oe/terminal.py: use an absolute path to execute oe-gnome-terminal-phonehome

On Wed, 2018-03-28 at 15:55 -0700, Andre McCurdy wrote: > On Fri, Mar 9, 2018 at 8:15 PM, Andre McCurdy > wrote: > > > > On Wed, Feb 21, 2018 at 1:40 PM, Andre McCurdy > > wrote: > > > > > > On Tue, Jan 23, 2018 at 12:16 PM, Andre McCurdy

[OE-core] [PATCH 1/2] python3: fix create_manifest to handle pycache folders

We have a couple of python modules that contain folders themselves, for that reason they also contain a __pycache__ folder inside those directories, since we include the whole folder in the manifest, the pycache directories end up with the files and not the cache files. This patch catches that

[OE-core] ✗ patchtest: failure for Upgrade 7 packages

== Series Details == Series: Upgrade 7 packages Revision: 1 URL : https://patchwork.openembedded.org/series/11622/ State : failure == Summary == Thank you for submitting this patch series to OpenEmbedded Core. This is an automated response. Several tests have been executed on the proposed

[OE-core] [PATCH 1/7] ncureses: 6.0+20171125 -> 6.1

1. Rebase 0001, 0002 2. Fix [already-stripped] QA Issue Since the following commit add, it strip executables which are installed by default. ... commit 087eaf92c621098927f3f98e3652411de48f8b6b Author: Sven Joachim Date: Sun Jan 21 08:01:41 2018 +0100 Import upstream patch

[OE-core] [PATCH 3/7] ghostscript: 9.21 -> 9.23

1. Drop backported patches - CVE-2017-7207.patch - CVE-2017-5951.patch - CVE-2017-7975.patch - CVE-2017-9216.patch - CVE-2017-9611.patch - CVE-2017-9612.patch - CVE-2017-9739.patch - CVE-2017-9726.patch - CVE-2017-9727.patch - CVE-2017-9835.patch - CVE-2017-11714.patch 2. Rebase to 9.23 -

[OE-core] [PATCH 5/7] dhcp: 4.3.6 -> 4.4.1

1. License-Update: ISC DHCP is now licensed under the Mozilla Public License, MPL 2.0. 2. Rebase 0004, 0007, 0010 3. Rework 0008 to support external bind 4. Drop backported 0011-Moved-the-call-to-isc_app_ctxstart-to-not-get-signal.patch Signed-off-by: Hongxu Jia

[OE-core] [PATCH 0/7] Upgrade 7 packages

The following changes since commit afd8490dcbd2755f1ed924ea6357ab922ed1f481: meta-yocto-bsp: introduce v4.14 kernel for non-x86 BSPs (2018-03-30 00:31:39 +0100) are available in the git repository at: git://git.openembedded.org/openembedded-core-contrib hongxu/upgrade-20180330 http

[OE-core] [PATCH 4/7] libgpg-error: 1.27 -> 1.28

1. License-Update: update years from 2003-2004 to 2001-2018, and add a new line 'SPDX-License-Identifier: LGPL-2.1+' 2. Rebase pkgconfig.patch -> 0001-support-pkgconfig.patch Signed-off-by: Hongxu Jia --- ...kgconfig.patch => 0001-support-pkgconfig.patch} | 67

[OE-core] [PATCH 2/7] bash: 4.4.12 -> 4.4.18

- Drop bash-memleak-bug-fix-for-builtin-command-read.patch which has been accepted since 4.4.17 Signed-off-by: Hongxu Jia --- ...-memleak-bug-fix-for-builtin-command-read.patch | 35 -- .../bash/{bash_4.4.12.bb => bash_4.4.18.bb}| 6 ++--

Re: [OE-core] ✗ patchtest: failure for Upgrade 7 packages

On Fri, 2018-03-30 at 15:26 +0800, Hongxu Jia wrote: > On 2018年03月30日 15:05, Patchwork wrote: > > > > == Series Details == > > > > Series: Upgrade 7 packages > > Revision: 1 > > URL   : https://patchwork.openembedded.org/series/11622/ > > State : failure > > > > == Summary == > > > > > >

[OE-core] [PATCH V2 3/7] ghostscript: 9.21 -> 9.23

1. Drop backported patches - CVE-2017-7207.patch - CVE-2017-5951.patch - CVE-2017-7975.patch - CVE-2017-9216.patch - CVE-2017-9611.patch - CVE-2017-9612.patch - CVE-2017-9739.patch - CVE-2017-9726.patch - CVE-2017-9727.patch - CVE-2017-9835.patch - CVE-2017-11714.patch 2. Rebase to 9.23 -

Re: [OE-core] question about libgcrypt

Hi Ruoqin, On 03/30/2018 06:10 PM, Zheng, Ruoqin wrote: > Hi, > > I got the following error when building wireshark 2.4.5 during do_configure, > .. > | checking for libgcrypt-config... >

[OE-core] [PATCH 6/7] gnupg: upgrade 2.2.4 -> 2.2.5

Signed-off-by: Hongxu Jia --- ...0001-configure.ac-use-a-custom-value-for-the-location-of-.patch | 7 --- meta/recipes-support/gnupg/{gnupg_2.2.4.bb => gnupg_2.2.5.bb} | 4 ++-- 2 files changed, 6 insertions(+), 5 deletions(-) rename

[OE-core] [PATCH 7/7] man-db: upgrade 2.8.1 -> 2.8.2

Signed-off-by: Hongxu Jia --- meta/recipes-extended/man-db/{man-db_2.8.1.bb => man-db_2.8.2.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta/recipes-extended/man-db/{man-db_2.8.1.bb => man-db_2.8.2.bb} (90%) diff --git

Re: [OE-core] [PATCH 0/3] Package upgrades

On Thu, 2018-03-29 at 18:41 -0400, Denys Dmytriyenko wrote: > Ping. It's been 10 days - are there any issues with these updates? We're past feature freeze at this point and M3 was built (finally, and late). During stabilisation we're only taking upgrades "with a good reason". Security fixes, bug

Re: [OE-core] [PATCH] python3: consolidate sqlite3 files

Hey Ross, I just sent you a patch that goes on top of this that fixes things. Thanks Alejandro -Original Message- From: openembedded-core-boun...@lists.openembedded.org [mailto:openembedded-core-boun...@lists.openembedded.org] On Behalf Of Alejandro Enedino Hernandez Samaniego Sent:

Re: [OE-core] Question about one oe-core commit

ping. // Hongzhi On 2018年03月28日 17:18, Hongzhi, Song wrote: Hi, Khem oe-core upstream commit e6c1765a05c1321f08f3d1fb521dfe6b07bc8e92 You drop mount propagation patch, it only happens with libseccomp, OE doesn't enable it. I don't understand why 'it only happens with libseccomp'. Could

Re: [OE-core] [PATCH] uninative: add variables to the whitelist so that it does not re-triger recipe parsing

> > > On Fri, Mar 16, 2018 at 10:31 AM Cuero Bugot > > > wrote: > > > When uninative is activated (poky's default) internal datastore > > > variables are modified (NATIVELSBSTRING and SSTATEPOSTUNPACKFUNCS) > > > to enable uninative support. This is happening

[OE-core] ✗ patchtest: failure for autoconf-archive: update to version to 2018.03.13

== Series Details == Series: autoconf-archive: update to version to 2018.03.13 Revision: 1 URL : https://patchwork.openembedded.org/series/11625/ State : failure == Summary == Thank you for submitting this patch series to OpenEmbedded Core. This is an automated response. Several tests have

Re: [OE-core] [PATCH] linux-yocto_4.14.bb: fix for deterministic srcversion

I have also tested it with git linux, about v16-rc1 (581e400ff935d34d95811258586128bf11baef15 to be exact) . I agree there should be a better way than SRC_URI. The patched code is, I believe, pretty ancient so the problem has been around for a long time. --

Re: [OE-core] [PATCH] linux-yocto_4.14.bb: fix for deterministic srcversion

On Fri, Mar 30, 2018 at 1:51 PM, Juro Bystricky wrote: > "srcversion" field inserted into module modinfo section contains a > sum of the source files which made it. However, this field can > be incorrect. Building the same module can end up having inconsistent >

[OE-core] ✗ patchtest: failure for linux-yocto_4.14.bb: fix for deterministic srcversion

== Series Details == Series: linux-yocto_4.14.bb: fix for deterministic srcversion Revision: 1 URL : https://patchwork.openembedded.org/series/11626/ State : failure == Summary == Thank you for submitting this patch series to OpenEmbedded Core. This is an automated response. Several tests

[OE-core] [PATCH] autoconf-archive: update to version to 2018.03.13

2016.09.16 -> 2018.03.13 s/http/https/ in the license requires md5sum update. Signed-off-by: Brad Bishop --- ...utoconf-archive_2016.09.16.bb => autoconf-archive_2018.03.13.bb} | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) rename

Re: [OE-core] [PATCH] linux-yocto_4.14.bb: fix for deterministic srcversion

On Fri, Mar 30, 2018 at 4:51 PM, Juro Bystricky wrote: > "srcversion" field inserted into module modinfo section contains a > sum of the source files which made it. However, this field can > be incorrect. Building the same module can end up having inconsistent >

[OE-core] [PATCH] linux-yocto_4.14.bb: fix for deterministic srcversion

"srcversion" field inserted into module modinfo section contains a sum of the source files which made it. However, this field can be incorrect. Building the same module can end up having inconsistent srcversion field eventhough the sources remain the same. This basically negates the whole purpose

Re: [OE-core] [PATCH] linux-yocto_4.14.bb: fix for deterministic srcversion

On Fri, Mar 30, 2018 at 7:16 PM, Khem Raj wrote: > On Fri, Mar 30, 2018 at 1:51 PM, Juro Bystricky > wrote: >> "srcversion" field inserted into module modinfo section contains a >> sum of the source files which made it. However, this field can >> be

[OE-core] [rocko][pyro][PATCH 1/3] libvorbis: CVE-2017-14633

In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbis_analysis(). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14633

[OE-core] [rocko][pyro][PATCH 2/3] libvorbis: CVE-2017-14632

Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14632 Signed-off-by: Tanu

[OE-core] [rocko][pyro][PATCH 3/3] libvorbis: CVE-2018-5146

Prevent out-of-bounds write in codebook decoding. The bug could allow code execution from a specially crafted Ogg Vorbis file. References: https://www.debian.org/security/2018/dsa-4140 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5146 Signed-off-by: Tanu Kaskinen ---

[OE-core] [rocko][pyro][PATCH 0/3] libvorbis security fixes

Here are some libvorbis CVE fixes cherry-picked from master. The bugs affect at least rocko, pyro and morty, I haven't checked older stable branches. I don't know in which libvorbis version the bugs were introduced. These patches apply to rocko and pyro. The patches don't apply cleanly to morty,

Re: [OE-core] [PATCH][RFC] pseudo: intercept syscall() and return ENOTSUP for renameat2

On Wed, Mar 28, 2018 at 2:15 AM, Burton, Ross wrote: > With this patch I was getting occasional failures of the pseudo-using > bitbake-worker, so its not quite ready, but Peter is working on a > better form anyway. The "better form" seems to have been committed to the

Re: [OE-core] [PATCH][RFC] pseudo: intercept syscall() and return ENOTSUP for renameat2

On Fri, 30 Mar 2018 21:15:18 -0700 Andre McCurdy wrote: > Arguments passed by the caller will be put on the stack before any > stack frame is created by the callee. You can argue about which way a > stack grows (up or down) but however you define it, reading past the > end of

[OE-core] [morty][PATCH 3/3] libvorbis: CVE-2018-5146

Prevent out-of-bounds write in codebook decoding. The bug could allow code execution from a specially crafted Ogg Vorbis file. References: https://www.debian.org/security/2018/dsa-4140 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5146 Signed-off-by: Tanu Kaskinen ---

[OE-core] [morty][PATCH 0/3] libvorbis security fixes

Here are some libvorbis CVE fixes cherry-picked from master. The bugs affect at least rocko, pyro and morty, I haven't checked older stable branches. I don't know in which libvorbis version the bugs were introduced. These patches apply to morty. I have sent the rocko and pyro patches separately.

[OE-core] [morty][PATCH 2/3] libvorbis: CVE-2017-14632

Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14632 Signed-off-by: Tanu

[OE-core] [morty][PATCH 1/3] libvorbis: CVE-2017-14633

In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbis_analysis(). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14633