[OE-core] [PATCH] classextend.py: don't extend file for file dependency
From: Changqing Li
Fix error like:
lib32-e2fsprogs-1.45.3-r0 do_package_qa: QA Issue: /usr/sbin/e2scrub_all
contained in package lib32-e2fsprogs-e2scrub requires /bin/bash,
but no providers found in RDEPENDS_lib32-e2fsprogs-e2scrub
For some lib32 packages(eg: lib32-bash, lib32-sed) which probvides files,
extend is not needed
Eg: RPROVIDES of lib32-bash expects to have /bin/bash, with original
extend, it will become lib32-/bin/bash, then will cause above error
Fix by don't extend file dependency, and skip multilib check for file dependency
in do_package_qa to avoid error like:
WARNING: lib32-bash-5.0-r0 do_package: QA Issue: lib32-bash package lib32-bash
- suspicious values '/bin/bash /bin/sh' in RPROVIDES [multilib]
Signed-off-by: Changqing Li
---
meta/classes/multilib.bbclass | 2 +-
meta/lib/oe/classextend.py| 2 ++
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/meta/classes/multilib.bbclass b/meta/classes/multilib.bbclass
index d625bd5..1a9295d 100644
--- a/meta/classes/multilib.bbclass
+++ b/meta/classes/multilib.bbclass
@@ -187,7 +187,7 @@ python do_package_qa_multilib() {
if (not i.startswith('kernel-module')) and (not
i.startswith(mlprefix)) and \
(not 'cross-canadian' in i) and (not
i.startswith("nativesdk-")) and \
(not i.startswith("rtld")) and (not
i.startswith('kernel-vmlinux')) \
-and (not i.startswith("kernel-image")):
+and (not i.startswith("kernel-image")) and (not
i.startswith("/")):
candidates.append(i)
if len(candidates) > 0:
msg = "%s package %s - suspicious values '%s' in %s" \
diff --git a/meta/lib/oe/classextend.py b/meta/lib/oe/classextend.py
index e25122e..f02fbe9 100644
--- a/meta/lib/oe/classextend.py
+++ b/meta/lib/oe/classextend.py
@@ -24,6 +24,8 @@ class ClassExtender(object):
if not subs.startswith(self.extname):
return "virtual/" + self.extname + "-" + subs
return name
+if name.startswith("/"):
+return name
if not name.startswith(self.extname):
return self.extname + "-" + name
return name
--
2.7.4
--
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] ✗ patchtest: failure for grub does not require freetype
== Series Details == Series: grub does not require freetype Revision: 1 URL : https://patchwork.openembedded.org/series/19959/ State : failure == Summary == Thank you for submitting this patch series to OpenEmbedded Core. This is an automated response. Several tests have been executed on the proposed series by patchtest resulting in the following failures: * Patchgrub does not require freetype Issue Shortlog does not follow expected format [test_shortlog_format] Suggested fixCommit shortlog (first line of commit message) should follow the format ": " * Patchgrub does not require freetype Issue Patch is missing Signed-off-by [test_signed_off_by_presence] Suggested fixSign off the patch (either manually or with "git commit --amend -s") If you believe any of these test results are incorrect, please reply to the mailing list (openembedded-core@lists.openembedded.org) raising your concerns. Otherwise we would appreciate you correcting the issues and submitting a new version of the patchset if applicable. Please ensure you add/increment the version number when sending the new version (i.e. [PATCH] -> [PATCH v2] -> [PATCH v3] -> ...). --- Guidelines: https://www.openembedded.org/wiki/Commit_Patch_Message_Guidelines Test framework: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest Test suite: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest-oe -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH] grub does not require freetype
Freetype is only needed for the grub-mkfont utility, but that is
disabled at configure time by passing --disable-grub-mkfont.
---
meta/recipes-bsp/grub/grub-efi_2.04.bb | 2 +-
meta/recipes-bsp/grub/grub_2.04.bb | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/meta/recipes-bsp/grub/grub-efi_2.04.bb
b/meta/recipes-bsp/grub/grub-efi_2.04.bb
index aaa198ea23..e3a8bf39ab 100644
--- a/meta/recipes-bsp/grub/grub-efi_2.04.bb
+++ b/meta/recipes-bsp/grub/grub-efi_2.04.bb
@@ -3,7 +3,7 @@ require grub2.inc
GRUBPLATFORM = "efi"
DEPENDS_append_class-target = " grub-efi-native"
-RDEPENDS_${PN}_class-target = "diffutils freetype grub-common
virtual/grub-bootconf"
+RDEPENDS_${PN}_class-target = "diffutils grub-common virtual/grub-bootconf"
SRC_URI += " \
file://cfg \
diff --git a/meta/recipes-bsp/grub/grub_2.04.bb
b/meta/recipes-bsp/grub/grub_2.04.bb
index 1d1a45670c..3166d1f2fb 100644
--- a/meta/recipes-bsp/grub/grub_2.04.bb
+++ b/meta/recipes-bsp/grub/grub_2.04.bb
@@ -1,7 +1,7 @@
require grub2.inc
RDEPENDS_${PN}-common += "${PN}-editenv"
-RDEPENDS_${PN} += "diffutils freetype ${PN}-common"
+RDEPENDS_${PN} += "diffutils ${PN}-common"
RPROVIDES_${PN}-editenv += "${PN}-efi-editenv"
--
2.20.1
--
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core
Re: [OE-core] [PATCH]] curl: update to 7.66.0
I think double ]] will leave a ] in commit message. Please resend with
this addressed
On Fri, Sep 13, 2019 at 12:16 PM Oleksandr Kravchuk
wrote:
>
> Signed-off-by: Oleksandr Kravchuk
> ---
> meta/recipes-support/curl/{curl_7.65.3.bb => curl_7.66.0.bb} | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
> rename meta/recipes-support/curl/{curl_7.65.3.bb => curl_7.66.0.bb} (95%)
>
> diff --git a/meta/recipes-support/curl/curl_7.65.3.bb
> b/meta/recipes-support/curl/curl_7.66.0.bb
> similarity index 95%
> rename from meta/recipes-support/curl/curl_7.65.3.bb
> rename to meta/recipes-support/curl/curl_7.66.0.bb
> index 96f90fb8ba..d1975f2460 100644
> --- a/meta/recipes-support/curl/curl_7.65.3.bb
> +++ b/meta/recipes-support/curl/curl_7.66.0.bb
> @@ -9,8 +9,8 @@ SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \
> file://0001-replace-krb5-config-with-pkg-config.patch \
> "
>
> -SRC_URI[md5sum] = "bdd220d018c23e7f9ee82894e62a70bc"
> -SRC_URI[sha256sum] =
> "0a855e83be482d7bc9ea00e05bdb1551a44966076762f9650959179c89fce509"
> +SRC_URI[md5sum] = "c238aa394e3aa47ca4fcb0491774149f"
> +SRC_URI[sha256sum] =
> "6618234e0235c420a21f4cb4c2dd0badde76e6139668739085a70c4e2fe7a141"
>
> CVE_PRODUCT = "curl libcurl"
> inherit autotools pkgconfig binconfig multilib_header
> --
> 2.17.1
>
> --
> ___
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
--
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core
Re: [OE-core] [PATCH v3] systemd: upgrade to 243
On Sat, 2019-09-14 at 08:00 -0700, akuster808 wrote: > > On 9/13/19 4:26 PM, Scott Murray wrote: > > PATCH REBASED: > > == > > 0001-binfmt-Don-t-install-dependency-links-at-install-tim.patch > > 0001-do-not-disable-buffer-in-writing-files.patch > > 0002-use-lnr-wrapper-instead-of-looking-for-relative-opti.patch > > 0004-add-fallback-parse_printf_format-implementation.patch > > 0004-rules-whitelist-hd-devices.patch > > 0005-rules-watch-metadata-changes-in-ide-devices.patch > > 0005-src-basic-missing.h-check-for-missing-strndupa.patch > > 0006-Include-netinet-if_ether.h.patch > > 0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not.patch > > 0017-Do-not-disable-buffering-when-writing-to-oom_score_a.patch > > > > PATCH DROPPED: > > == > > 0001-Replace-the-legacy-ULONG_LONG_MAX-with-the-C99-ULLON.patch > > 0001-src-udev-udev-event.c-must-include-sys-wait.h.patch > > 0023-socket-util.h-include-string.h.patch > > 0025-fs-utilh-add-missing-sys-stat-include.patch > > > > PATCH ADDED: > > > > 0002-src-login-brightness.c-include-sys-wait.h.patch > > 0003-src-basic-copy.c-include-signal.h.patch > > 0004-src-shared-cpu-set-util.h-add-__cpu_mask-definition.patch > > > > Also applied libc-glibc over-ride to pkg_postinst and pkg_prerm > > function > > definitions, as musl does not provide nsswitch.conf. > > This update did not introduce any new issues. We had hoped it might > address the mips-alt systmed timeouts we are seeing but it did not. > > Hopefully this is a data point for Richard when he gets back. Its a good data point thanks! Cheers, Richard -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [warrior][v2][PATCH] Curl: Security fix for CVE-2019-5482
From: Armin Kuster
Source: curl.org
MR: 99905
Type: Security Fix
Disposition: Backport from
https://github.com/curl/curl/commit/facb0e4662415b5f28163e853dc6742ac5fafb3d
ChangeID: e0c807da8937f687a4b2e28eaa6b4b5a51845bc5
Description:
Fixes CVE-2019-5482
- Affected versions: libcurl >= 7.19.4 to and including 7.65.3
- Not affected versions: libcurl < 7.19.4
Signed-off-by: Armin Kuster
---
meta/recipes-support/curl/curl/CVE-2019-5482.patch | 65 ++
meta/recipes-support/curl/curl_7.64.1.bb | 1 +
2 files changed, 66 insertions(+)
create mode 100644 meta/recipes-support/curl/curl/CVE-2019-5482.patch
diff --git a/meta/recipes-support/curl/curl/CVE-2019-5482.patch
b/meta/recipes-support/curl/curl/CVE-2019-5482.patch
new file mode 100644
index 000..30122d1
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2019-5482.patch
@@ -0,0 +1,65 @@
+From facb0e4662415b5f28163e853dc6742ac5fafb3d Mon Sep 17 00:00:00 2001
+From: Thomas Vegas <>
+Date: Sat, 31 Aug 2019 17:30:51 +0200
+Subject: [PATCH] tftp: Alloc maximum blksize, and use default unless OACK is
+ received
+
+Fixes potential buffer overflow from 'recvfrom()', should the server
+return an OACK without blksize.
+
+Bug: https://curl.haxx.se/docs/CVE-2019-5482.html
+CVE-2019-5482
+
+Upstream-Status: Backport
+CVE: CVE-2019-5482
+
+Signed-off-by: Armin Kuster
+
+---
+ lib/tftp.c | 12 +---
+ 1 file changed, 9 insertions(+), 3 deletions(-)
+
+Index: curl-7.64.1/lib/tftp.c
+===
+--- curl-7.64.1.orig/lib/tftp.c
curl-7.64.1/lib/tftp.c
+@@ -973,6 +973,7 @@ static CURLcode tftp_connect(struct conn
+ {
+ tftp_state_data_t *state;
+ int blksize;
++ int need_blksize;
+
+ blksize = TFTP_BLKSIZE_DEFAULT;
+
+@@ -987,15 +988,20 @@ static CURLcode tftp_connect(struct conn
+ return CURLE_TFTP_ILLEGAL;
+ }
+
++ need_blksize = blksize;
++ /* default size is the fallback when no OACK is received */
++ if(need_blksize < TFTP_BLKSIZE_DEFAULT)
++need_blksize = TFTP_BLKSIZE_DEFAULT;
++
+ if(!state->rpacket.data) {
+-state->rpacket.data = calloc(1, blksize + 2 + 2);
++state->rpacket.data = calloc(1, need_blksize + 2 + 2);
+
+ if(!state->rpacket.data)
+ return CURLE_OUT_OF_MEMORY;
+ }
+
+ if(!state->spacket.data) {
+-state->spacket.data = calloc(1, blksize + 2 + 2);
++state->spacket.data = calloc(1, need_blksize + 2 + 2);
+
+ if(!state->spacket.data)
+ return CURLE_OUT_OF_MEMORY;
+@@ -1009,7 +1015,7 @@ static CURLcode tftp_connect(struct conn
+ state->sockfd = state->conn->sock[FIRSTSOCKET];
+ state->state = TFTP_STATE_START;
+ state->error = TFTP_ERR_NONE;
+- state->blksize = blksize;
++ state->blksize = TFTP_BLKSIZE_DEFAULT; /* Unless updated by OACK response */
+ state->requested_blksize = blksize;
+
+ ((struct sockaddr *)>local_addr)->sa_family =
diff --git a/meta/recipes-support/curl/curl_7.64.1.bb
b/meta/recipes-support/curl/curl_7.64.1.bb
index 00c8c5a..151d74a 100644
--- a/meta/recipes-support/curl/curl_7.64.1.bb
+++ b/meta/recipes-support/curl/curl_7.64.1.bb
@@ -9,6 +9,7 @@ SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \
file://0001-replace-krb5-config-with-pkg-config.patch \
file://CVE-2019-5435.patch \
file://CVE-2019-5436.patch \
+ file://CVE-2019-5482.patch \
"
SRC_URI[md5sum] = "790c101927845208a9d7e8c429ddd1b2"
--
2.7.4
--
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core
