[OE-core] [PATCH v2 0/1] oeqa/sdk: assimp.py -> cmake.py

* V2: - Fixed Ross' comments: 1) Keep -DCMAKE_VERBOSE_MAKEFILE:BOOL=ON 2) Avoid "/" in os.path.join() // Robert The following changes since commit 50154869b496cf63a4fae2c8278350fcf9a2591d: binutils: inherit pkgconfig to address libdebuginfod depdency (2021-09-11 22:36:27 +0100)

[OE-core] [PATCH v2 1/1] oeqa/sdk: assimp.py -> cmake.py

The downloaded non-free sources, now download expat-2.4.1.tar.bz2 to replace it, and also rename the test case to cmake.py since it is used for testing cmake. Signed-off-by: Robert Yang --- meta/lib/oeqa/sdk/cases/{assimp.py => cmake.py} | 10 +- 1 file changed, 5 insertions(+), 5

Re: [OE-core][hardknott][PATCH] cpio: fix CVE-2021-38185

It looks like this has introduced regressions and we'll need at least these two too: https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=dfc801c44a93bed7b3951905b188823d6a0432c8 https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=236684f6deb3178043fe72a8e2faca538fa2aae1 Thanks, Anuj On

Re: [OE-core][hardknott][PATCH] cpio: fix CVE-2021-38185

Just found that Ross has sent out a patch for CVE-2021-38185 and it has been merged in hardknott. So please ignore this patch. I'm also curious about how you spot such issue. By double checking the commit logs in cpio repo? Best Regards, Chen Qi On 09/13/2021 03:11 PM, Mittal, Anuj wrote:

Re: [OE-core][hardknott][PATCH] cpio: fix CVE-2021-38185

On Mon, 2021-09-13 at 16:33 +0800, Chen Qi wrote: > Just found that Ross has sent out a patch for CVE-2021-38185 and it has > been merged in hardknott. > So please ignore this patch. > > I'm also curious about how you spot such issue. By double checking the > commit logs in cpio repo? I had

[OE-core] [PATCH v2] wic/bootimg-efi: Add Unified Kernel Image option

"A unified kernel image is a single EFI PE executable combining an EFI stub loader, a kernel image, an initramfs image, and the kernel command line. [...] Images of this type have the advantage that all metadata and payload that makes up the boot entry is monopolized in a single PE file that can

[OE-core] [poky][dunfell][PATCH] libxcrypt: Add fix for CVE-2021-33560

From: Saloni Jain Add fix for below CVE: CVE-2021-33560 Link: [https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=patch;h=3462280f2e23e16adf3ed5176e0f2413d8861320] Signed-off-by: Saloni Jain --- .../libgcrypt/files/CVE-2021-33560.patch | 108 ++

Re: [OE-core] [PATCH] bitbake.conf: support persistent /var/tmp

On Mon, 2021-09-13 at 11:42 +0800, Changqing Li wrote: > ping > On 8/30/21 4:11 PM, Changqing Li wrote: >   > > On 8/6/21 9:21 AM, Changqing Li wrote: > >   > > > From: Changqing Li > > > > > > Steps: > > > 1. build out rootfs core-image-minimal-qemux86-64.tar.bz2 > > > 2. docker import

[OE-core] [poky][dunfell][PATCH] db: Whitelist CVEs

From: Saloni Jain Below CVE affects only Oracle Berkeley DB as per upstream. Hence, whitelisted them. 1. CVE-2015-2583 Link: https://security-tracker.debian.org/tracker/CVE-2015-2583 2. CVE-2015-2624 Link: https://security-tracker.debian.org/tracker/CVE-2015-2624 3. CVE-2015-2626 Link:

[OE-core] [dunfell][PATCH] iputils: Fix regression of arp table update

Backport a fix from iputils 20210202 to make arp table updating work again. Fixes: 77c5792aa5e7 ("iputils: fix various arping regressions") Signed-off-by: Visa Hankala --- ...ng-make-update-neighbours-work-again.patch | 79 +++ .../iputils/iputils_s20190709.bb | 1

Re: [OE-core] [yocto-security] OE-core CVE metrics for hardknott on Sun 12 Sep 2021 05:00:01 AM HST

On Mon, 2021-09-13 at 05:19 -1000, Steve Sakoman wrote: > On Sun, Sep 12, 2021 at 6:05 AM Steve Sakoman via > lists.openembedded.org > wrote: > > > > > > > > On Sun, Sep 12, 2021, 5:57 AM Richard Purdie > > wrote: > > > > > > On Sun, 2021-09-12 at 05:01 -1000, Steve Sakoman wrote: > > > >

Re: [OE-core] [poky][dunfell][PATCH] libxcrypt: Add fix for CVE-2021-33560

Happy to help!   I really appreciate you taking time to express gratitude. Thanks & Regards, Saloni Jain From: Steve Sakoman Sent: Monday, September 13, 2021 9:03 PM To: Saloni Jain Cc: Patches and discussions about the oe-core layer ; Khem Raj ; Nisha

Re: [OE-core] [poky][dunfell][PATCH] db: Whitelist CVEs

Saloni, Thanks for the CVE cleanup. On 9/13/21 5:45 AM, Saloni Jain wrote: > From: Saloni Jain > > Below CVE affects only Oracle Berkeley DB as per upstream. > Hence, whitelisted them. This situation will happen more frequently than one thinks including with mariadb recipe.  I wounder if a

Re: [OE-core] [poky][dunfell][PATCH] libxcrypt: Add fix for CVE-2021-33560

On Mon, Sep 13, 2021 at 3:16 AM Saloni Jain wrote: > > From: Saloni Jain > > Add fix for below CVE: > CVE-2021-33560 Armin submitted a patch for this CVE last week: https://lists.openembedded.org/g/openembedded-core/message/155935 Thanks for helping with CVE's though, I appreciate the effort!

Re: [OE-core] [meta][dunfell][PATCH] rpm: Handle proper return value to avoid major issues and removing unnecessary code

Can someone please check this and confirm if this can go on dunfell? -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155984): https://lists.openembedded.org/g/openembedded-core/message/155984 Mute This Topic:

Re: [OE-core] [hardknott][PATCH] bitbake: server: Fix early parsing errors preventing zombie bitbake

Hi Anuj, > Thanks, this is the right way to request a backport. But since this is a > bitbake > change, should have been sent to the bitbake list. I had picked this though so > no need to re-send. Ah right. Thank you! Chris -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this

Re: [OE-core] [poky][dunfell][PATCH] db: Whitelist CVEs

On Mon, Sep 13, 2021 at 2:45 AM Saloni Jain wrote: > > From: Saloni Jain > > Below CVE affects only Oracle Berkeley DB as per upstream. > Hence, whitelisted them. I suspect that a cleaner solution might be to revert: db: update CVE_PRODUCT

Re: [OE-core] [poky][dunfell][PATCH] db: Whitelist CVEs

On Mon, Sep 13, 2021 at 4:56 AM Steve Sakoman via lists.openembedded.org wrote: > > On Mon, Sep 13, 2021 at 2:45 AM Saloni Jain wrote: > > > > From: Saloni Jain > > > > Below CVE affects only Oracle Berkeley DB as per upstream. > > Hence, whitelisted them. > > I suspect that a cleaner solution

Re: [OE-core] [yocto-security] OE-core CVE metrics for hardknott on Sun 12 Sep 2021 05:00:01 AM HST

On Sun, Sep 12, 2021 at 6:05 AM Steve Sakoman via lists.openembedded.org wrote: > > > > On Sun, Sep 12, 2021, 5:57 AM Richard Purdie > wrote: >> >> On Sun, 2021-09-12 at 05:01 -1000, Steve Sakoman wrote: >> > Branch: hardknott >> > >> > New this week: 0 CVEs >> > >> > Removed this week: 2 CVEs

[OE-core] [hardknott][PATCH] sqlite3: fix CVE-2021-36690

From: Changqing Li refer: https://nvd.nist.gov/vuln/detail/CVE-2021-36690 https://www.sqlite.org/forum/forumpost/718c0a8d17 https://sqlite.org/src/info/b1e0c22ec981cf5f Signed-off-by: Changqing Li --- .../sqlite/sqlite3/CVE-2021-36690.patch | 62 +++

[OE-core] busybox: rm and sed not available during upgrade

All, I have custom image based off core-image-minimal that is on the morty branch. I am working on upgrading the image up to the latest supported branch, one step at a time. I updated to the pyro branch and got an image to build. I am using opkg for a package manager. I test firmware

Re: [OE-core] [meta][dunfell][PATCH] rpm: Handle proper return value to avoid major issues and removing unnecessary code

On Wed, Sep 8, 2021 at 4:02 AM Ranjitsinh Rathod wrote: > > From: Ranjitsinh Rathod > > Change in 2 patch as below to avoid critical issues > 1) 0001-rpm-rpmio.c-restrict-virtual-memory-usage-if-limit-s.patch > Handled return values of getrlimit() and lzma_cputhreads() functions > to avoid

[OE-core] how to manually discard some SDK content before bundling up the SDK?

another off-the-wall question but i want to delete some content from a standard SDK (sysroots/cortex.../usr/src) before creating the final .sh script but, because of the slightly weird way this SDK is bring created via "bitbake -c populate_sdk ...", i have little control of most of the

Re: [OE-core] [yocto-security] OE-core CVE metrics for hardknott on Sun 12 Sep 2021 05:00:01 AM HST

On Mon, Sep 13, 2021 at 7:01 AM Richard Purdie wrote: > > On Mon, 2021-09-13 at 05:19 -1000, Steve Sakoman wrote: > > On Sun, Sep 12, 2021 at 6:05 AM Steve Sakoman via > > lists.openembedded.org > > wrote: > > > > > > > > > > > > On Sun, Sep 12, 2021, 5:57 AM Richard Purdie > > > wrote: > > >

[OE-core] [PATCH 2/4] Rust cross testing file

The file is main entry point for rust oe-selftest. It configures, compiles and runs the test suite framework. It implements the above using the following functions: setup_cargo_environment(): Build bootstrap and some early stage tools. do_rust_setup_snapshot(): Install the snapshot version of

[OE-core] [PATCH 1/4] Rust oe-selftest script

The file builds remote-test-server and executes rust testing remotely using background ssh. It adds the necessary test environment and variables to run the rust oe-selftest. Print the results in case of failure of runCmd(). Signed-off-by: Pgowda --- meta/lib/oeqa/selftest/cases/rust.py | 54

[OE-core] [PATCH 4/4] Modify target cpu for powerpc to "7400"

During rust testing, some ui test failed due to following message. 'powerpc' is not a recognized processor for this target in rust Hence the target cpu was renamed to "7400" in "llvm_cpu" as per default tune for qemuppc. Signed-off-by: Pgowda --- meta/recipes-devtools/rust/rust-common.inc | 2

[OE-core] [PATCH 3/4] Rust oe-selftest file

Add file for rust oe-selftest Signed-off-by: Pgowda --- meta/recipes-devtools/rust/rust-testsuite_1.54.0.bb | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 meta/recipes-devtools/rust/rust-testsuite_1.54.0.bb diff --git a/meta/recipes-devtools/rust/rust-testsuite_1.54.0.bb

[OE-core] Release tagging scheme

Hello, I don't recall if we discussed changing the release tagging scheme. I noticed hardknott is now following the Yocto version scheme.  (eg: hardknott-3.3.2 & yocto-3.3.2

Re: [OE-core] [PATCH 4/4] Modify target cpu for powerpc to "7400"

On Mon, Sep 13, 2021 at 10:35 AM Pgowda wrote: > > During rust testing, some ui test failed due to following message. > 'powerpc' is not a recognized processor for this target in rust > > Hence the target cpu was renamed to "7400" in "llvm_cpu" as per > default tune for qemuppc. > >

Re: [OE-core] [meta][dunfell][PATCH] rpm: Handle proper return value to avoid major issues and removing unnecessary code

[Edited Message Follows] On Mon, Sep 13, 2021 at 11:34 AM, Steve Sakoman wrote: > > RPMSIGTAG_FILESIGNATURELENGTH Hi, Steve and Ranjitsinh, Sorry for the late response. I know that the RPMSIGTAG_FILESIGNATURES and RPMSIGTAG_FILESIGNATURELENGTH are defined in the original commit, but are not

Re: [OE-core][hardknott][PATCH] cpio: fix CVE-2021-38185

On Mon, 2021-09-13 at 11:55 +0100, Richard Purdie wrote: > On Mon, 2021-09-13 at 16:33 +0800, Chen Qi wrote: > > Just found that Ross has sent out a patch for CVE-2021-38185 and it > > has > > been merged in hardknott. > > So please ignore this patch. > > > > I'm also curious about how you spot

[OE-core] Yocto Project Newcomer & Unassigned Bugs - Help Needed

All, The triage team is starting to try and collect up and classify bugs which a newcomer to the project would be able to work on in a way which means people can find them. They're being listed on the triage page under the appropriate heading:

Re: [OE-core] [meta][dunfell][PATCH] rpm: Handle proper return value to avoid major issues and removing unnecessary code

On Mon, Sep 13, 2021 at 11:34 AM, Steve Sakoman wrote: > > RPMSIGTAG_FILESIGNATURELENGTH Sorry for the late reponse. I know that the RPMSIGTAG_FILESIGNATURES and RPMSIGTAG_FILESIGNATURELENGTH are defined in the original commit, but are not used. I left it with the author`s intent. If the build