Also remove the warning than doesn't make sense as the code will generate
an exception and bitbake will abort.
Before:
| WARNING: core-image-minimal-initramfs-1.0-r0 do_image_complete: KeyError in .
| Exception: Exception: KeyError: 'getpwuid(): uid not found: x'
| Path . is owned by uid
On Sun, 2023-10-08 at 09:23 +0100, Richard Purdie via
lists.openembedded.org wrote:
> On Sat, 2023-10-07 at 23:05 +0100, Richard Purdie via
> lists.openembedded.org wrote:
> > I thought I'd summarise where things are at with the 6.5 kernel.
> >
> > We've fixed:
> > * the ARM LTP OOM lockup
This will enable us to build and run rust programs on the sdk host.
% cargo run --target x86_64-oesdk-linux-gnu -vv
Fresh hello v0.1.0 (~/development/hello)
Finished dev [unoptimized + debuginfo] target(s) in 0.02s
Running
Avoid setting sdk-wide RUSTFLAGS as these flags only are valid when
building for target.
This will enable building for different targets with different
RUSTFLAGS.
Signed-off-by: Sean Nyekjaer
---
meta/recipes-devtools/rust/rust-cross-canadian.inc | 4 +++-
1 file changed, 3 insertions(+), 1
Add a QA test to the SDK to test that a basic cargo build works for the
SDK host.
Signed-off-by: Sean Nyekjaer
---
Changes since v1:
- use SDK_SYS for compiling for SDK Host
meta/lib/oeqa/sdk/cases/rust.py | 22 ++
1 file changed, 22 insertions(+)
diff --git
Upgrade to latest 1.20.x release [1]:
$ git log --oneline go1.20.7..go1.20.8
d5b8518043 (tag: go1.20.8) [release-branch.go1.20] go1.20.8
2070531d2f [release-branch.go1.20] html/template: properly handle special tags
within the script context
023b542edf [release-branch.go1.20] html/template:
On Mon, 2023-10-09 at 18:31 +0200, Marek Vasut wrote:
> Configure with "--disable-root-environ" to disallow loading of
> custom terminfo entries in setuid/setgid programs, mitigating the
> impact of CVE-2023-29491.
>
> This is taken from debian:
>
-Original Message-
From: openembedded-core@lists.openembedded.org
On Behalf Of Richard Purdie via
lists.openembedded.org
Sent: Monday, October 9, 2023 18:44
To: Marek Vasut ; st...@sakoman.com;
openembedded-core@lists.openembedded.org
Cc: Alexandre Belloni
Subject: Re: [OE-core]
-Original Message-
From: Marek Vasut
Sent: Monday, October 9, 2023 18:57
To: Marko, Peter (ADV D EU SK BFS1) ;
richard.pur...@linuxfoundation.org
Cc: Alexandre Belloni ; st...@sakoman.com;
openembedded-core@lists.openembedded.org
Subject: Re: [OE-core] [PATCH] ncurses: Mitigate
Some of the packages require versioned providers
(DEPENDS: perl (>= 5.38) is an example and for such packages
do_populate_sdk fails because dummy packages provided unversioned
packages (PROVIDES: perl) which doesn't meet the version requirement.
Specify 999.9-r9 version for such provides to work
Two tests to cover both installing package with IMAGE_INSTALL as
well as installing versioned dependencies of the package (using perl (>=
5.XX).
Related: [Yocto #13338] [Yocto #14995] [Yocto #14066]
Signed-off-by: Pavel Zhukov
---
.../testsdk-perldepends.bb| 16
if packages is provided by dummysdk and in the same time marked for
installation with IMAGE_INSTALL it causes conflict in apt because virtual
providers are
not taken into account if package is asked to be installed explicitly.
Filter such packages from provides/conflicts to workaround this
dpkg and apt seem to handle versioned provides correctly now [1] so this
workaround is not needed anymore.
This fixes [Yocto #14995] for package_deb.
[1]
https://www.debian.org/doc/debian-policy/ch-relationships.html#virtual-packages-provides
Signed-off-by: Pavel Zhukov
---
Pick fix for CVE-2023-4156 from ubuntu 20.04
A heap out-of-bounds read flaw was found in builtin.c in the gawk
package. This issue may lead to a crash and could be used to read
sensitive information.
https://nvd.nist.gov/vuln/detail/CVE-2023-4156
https://packages.ubuntu.com/source/focal/gawk
Configure with "--disable-root-environ" to disallow loading of
custom terminfo entries in setuid/setgid programs, mitigating the
impact of CVE-2023-29491.
This is taken from debian:
https://salsa.debian.org/debian/ncurses/-/commit/1c530aad772f7aeef039b8780d51cd09bd5a08ac
Signed-off-by: Marek
Hi Marek,
Could you please describe why you add this configuration in kirkstone branch?
This CVE is already patched:
https://git.openembedded.org/openembedded-core/tree/meta/recipes-core/ncurses/files/CVE-2023-29491.patch?h=kirkstone
Peter
-Original Message-
From:
Replace the original "Wrong CRC with ASCII CRC for large files"
patch with upstream backport, and add additional fix on top of
the same problem which upstream detected and fixed.
Signed-off-by: Marek Vasut
---
...g-CRC-with-ASCII-CRC-for-large-files.patch | 39 ---
There is a stack overflow vulnerability in ash.c:6030 in busybox before
1.35. In the environment of Internet of Vehicles, this vulnerability can
be executed from command to arbitrary code execution.
https://nvd.nist.gov/vuln/detail/CVE-2022-48174
CVE: CVE-2022-48174
Signed-off-by: Marek Vasut
Configure with "--disable-root-environ" to disallow loading of
custom terminfo entries in setuid/setgid programs, mitigating the
impact of CVE-2023-29491.
This is taken from debian:
https://salsa.debian.org/debian/ncurses/-/commit/1c530aad772f7aeef039b8780d51cd09bd5a08ac
Signed-off-by: Marek
On Tue, 2023-09-26 at 16:25 +0800, wangmy wrote:
> From: Wang Mingyu
>
> License-Update: Rely on external copy of iso8601
>
> Changelog:
> ==
> * Subunit now has a dependency on an external iso8601
> module rather than shipping its own.
I checked and the code does now import iso8601
Configure with "--disable-root-environ" to disallow loading of
custom terminfo entries in setuid/setgid programs, mitigating the
impact of CVE-2023-29491.
This is taken from debian:
https://salsa.debian.org/debian/ncurses/-/commit/1c530aad772f7aeef039b8780d51cd09bd5a08ac
Signed-off-by: Marek
Upgrade to latest 1.20.x release [1]:
$ git log --oneline go1.20.7..go1.20.8
d5b8518043 (tag: go1.20.8) [release-branch.go1.20] go1.20.8
2070531d2f [release-branch.go1.20] html/template: properly handle special tags
within the script context
023b542edf [release-branch.go1.20] html/template:
Upgrade to latest 1.20.x release [1]:
$ git log --oneline go1.20.8..go1.20.9
68f9a6e2ad (tag: go1.20.9) [release-branch.go1.20] go1.20.9
31d5b604ac [release-branch.go1.20] cmd/compile: use absolute file name in isCgo
check
83dce45959 [release-branch.go1.20] cmd/link: suppress -bind_at_load
> FYI I also sent a patch to fix this issue the day just before you :) You can
> find it
> here:
> https://lists.op/
> enembedded.org%2Fg%2Fopenembedded-
> core%2Fmessage%2F188767=05%7C01%7Cchris.laplante%40agilent.com
> %7C34ce8f731f6f4590172108dbc89c6739%7Ca9c0bc098b46420693512ba12fb
>
We're struggling with the 6.5 kernel as the serial port getty doesn't appears
sometimes
leading to failures in CI. Add a workaround of sending some newlines as a way of
unblocking the kernel/release issues whilst we try and work out how to get to
the bottom
of the issue.
Signed-off-by: Richard
This disables Nagle's algorithm for our tcp serial connections which may
be causing data transfer issues.
Signed-off-by: Richard Purdie
---
meta/conf/machine/include/loongarch/qemuloongarch.inc | 2 +-
meta/conf/machine/include/riscv/qemuriscv.inc | 2 +-
meta/conf/machine/qemuarm.conf
On 10/9/23 18:47, Marko, Peter wrote:
Hi Marek,
Could you please describe why you add this configuration in kirkstone branch?
This CVE is already patched:
https://git.openembedded.org/openembedded-core/tree/meta/recipes-core/ncurses/files/CVE-2023-29491.patch?h=kirkstone
Peter
-Original
On 10/9/23 18:51, Marko, Peter wrote:
-Original Message-
From: openembedded-core@lists.openembedded.org
On Behalf Of Richard Purdie via
lists.openembedded.org
Sent: Monday, October 9, 2023 18:44
To: Marek Vasut ; st...@sakoman.com;
openembedded-core@lists.openembedded.org
Cc:
On Mon, Oct 9, 2023 at 6:27 AM Marek Vasut wrote:
>
> Pick fix for CVE-2023-4156 from ubuntu 20.04
>
> A heap out-of-bounds read flaw was found in builtin.c in the gawk
> package. This issue may lead to a crash and could be used to read
> sensitive information.
>
>
Hi linux-serial and Greg,
Yocto Linux distro maintainer Richard Purdie is seeing a regression or behavior
change after updating kernel from 6.4 to 6.5. Yocto runs a lot of automated
tests with qemu
where a python test framework configures and spawns qemu (version 8.1) with two
serial ports and
Le sam. 7 oct. 2023 à 19:47, Chris Laplante via lists.openembedded.org
a écrit :
>
> The tests will fail anyway (since you will have two 'workspacelayer'
> layers), so might as well make it fail faster and be clear.
>
Hi Chris,
FYI I also sent a patch to fix this issue the day just before you
On 10/9/23 19:29, Steve Sakoman wrote:
On Mon, Oct 9, 2023 at 6:27 AM Marek Vasut wrote:
Pick fix for CVE-2023-4156 from ubuntu 20.04
A heap out-of-bounds read flaw was found in builtin.c in the gawk
package. This issue may lead to a crash and could be used to read
sensitive information.
On 10/9/23 18:44, Richard Purdie wrote:
On Mon, 2023-10-09 at 18:31 +0200, Marek Vasut wrote:
Configure with "--disable-root-environ" to disallow loading of
custom terminfo entries in setuid/setgid programs, mitigating the
impact of CVE-2023-29491.
This is taken from debian:
On 05.10.23 23:14, Khem Raj wrote:
On Thu, Oct 5, 2023 at 12:27 PM Richard Purdie
wrote:
On Thu, 2023-10-05 at 21:22 +0200, Andreas Cord-Landwehr wrote:
On 04.10.23 20:42, Richard Purdie wrote:
On Wed, 2023-10-04 at 20:19 +0200, Andreas Cord-Landwehr wrote:
On 04.10.23 20:10, Khem Raj
-Original Message-
From: Marek Vasut
Sent: Monday, October 9, 2023 21:28
To: Marko, Peter (ADV D EU SK BFS1) ;
richard.pur...@linuxfoundation.org
Cc: Alexandre Belloni ; st...@sakoman.com;
openembedded-core@lists.openembedded.org
Subject: Re: [OE-core] [PATCH] ncurses: Mitigate
-Original Message-
From: Vincent Prince
Sent: Monday, October 9, 2023 21:09
To: Marko, Peter (ADV D EU SK BFS1)
Cc: openembedded-core@lists.openembedded.org
Subject: Re: [OE-core][kirkstone][PATCH] glibc: Update to latest on stable 2.35
branch
> Hello,
>
> I have a small question
Hello,
I have a small question concerning glibc source handling.
I have a machine connected to the Internet that runs
bitbake -k -f --runall=fetch universe
and another offline machine that uses the previous fetch as a source mirror.
When I bitbake my image, it fails to use this with
ERROR:
Sorry I didn't catch this earlier, but I stopped reviewing after
noticing the Signed-off-by omission.
There was already a patch submitted for this CVE:
https://lists.openembedded.org/g/openembedded-core/message/188624
Steve
On Mon, Oct 9, 2023 at 9:19 AM Marek Vasut wrote:
>
> Pick fix for
Pick fix for CVE-2023-4156 from ubuntu 20.04
A heap out-of-bounds read flaw was found in builtin.c in the gawk
package. This issue may lead to a crash and could be used to read
sensitive information.
https://nvd.nist.gov/vuln/detail/CVE-2023-4156
Upstream commit:
On 10/9/23 19:27, Marko, Peter wrote:
-Original Message-
From: Marek Vasut
Sent: Monday, October 9, 2023 18:57
To: Marko, Peter (ADV D EU SK BFS1) ;
richard.pur...@linuxfoundation.org
Cc: Alexandre Belloni ; st...@sakoman.com;
openembedded-core@lists.openembedded.org
Subject: Re:
On 10/9/23 23:15, Steve Sakoman wrote:
Sorry I didn't catch this earlier, but I stopped reviewing after
noticing the Signed-off-by omission.
What Signed-off-by omission ?
There was already a patch submitted for this CVE:
https://lists.openembedded.org/g/openembedded-core/message/188624
OK
On Mon, Oct 9, 2023, 11:37 AM Marek Vasut wrote:
> On 10/9/23 23:15, Steve Sakoman wrote:
> > Sorry I didn't catch this earlier, but I stopped reviewing after
> > noticing the Signed-off-by omission.
>
> What Signed-off-by omission ?
>
Sorry, I meant the Upstream-Status omission in the first
42 matches
Mail list logo