CVE-2021-40491:
The ftp client in GNU Inetutils before 2.2 does not validate addresses
returned by PASV/LSPV responses to make sure they match the server
address. This is similar to CVE-2020-8284 for curl.
References:
https://nvd.nist.gov/vuln/detail/CVE-2021-40491
Patch from:
https://git.savanna
On Fri, 2021-09-24 at 17:00 +0100, Tom Pollard wrote:
> curl 7.77.0 made the tls backend configuration explicit. openssl
> is now a specific option replacing the default `--with-ssl`, and
> `--without-ssl` is required to build without any tls, overriding any
> other tls config. Adding 'without-ssl`
The recipe can't be built for riscv32 so exclude it alongside riscv64.
Signed-off-by: Richard Purdie
---
.../packagegroups/packagegroup-core-tools-profile.bb | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/recipes-core/packagegroups/packagegroup-core-tools-profile.bb
b/meta
Signed-off-by: Richard Purdie
---
meta/lib/oeqa/utils/buildproject.py | 3 +++
meta/lib/oeqa/utils/targetbuild.py | 4 +++-
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/meta/lib/oeqa/utils/buildproject.py
b/meta/lib/oeqa/utils/buildproject.py
index e6d80cc8dc1..dfb96618680 1006
The go tests leave readonly files and directories behind.
Fix this to allow cleanup.
[YOCTO #14575]
Signed-off-by: Richard Purdie
---
meta/lib/oeqa/selftest/cases/gotoolchain.py | 4
1 file changed, 4 insertions(+)
diff --git a/meta/lib/oeqa/selftest/cases/gotoolchain.py
b/meta/lib/oeqa/
On Sat, Sep 25, 2021 at 10:10 AM Markus Volk wrote:
>
> wic fstab-update creates invalid entries for partitons that are not supposed
> to
> be mounted from userspace e.g u-boot partitions.
>
> The following lines were added to fstab on a rock-pi-4:
> /dev/mmcblk1p1 loader1 vfat defaults 0 0
> /de
wic fstab-update creates invalid entries for partitons that are not supposed to
be mounted from userspace eg u-boot partitions.
The following lines were added to fstab on a rock-pi-4:
/dev/mmcblk1p1 loader1 vfat defaults 0 0
/dev/mmcblk1p2 reserved1 vfat defaults 0 0
/dev/mmcblk1p3 reserved2 vfat
On 2021. 09. 25. 11:18, Richard Purdie wrote:
On Sat, 2021-09-25 at 10:48 +0200, Zoltan Boszormenyi via lists.openembedded.org
wrote:
On 2021. 09. 24. 19:17, Mark Hatle wrote:
On 9/24/21 9:02 AM, Zoltan Boszormenyi via lists.openembedded.org wrote:
Hi,
I have a special package that creates
wic fstab-update creates invalid entries for partitons that are not supposed to
be mounted from userspace e.g u-boot partitions.
The following lines were added to fstab on a rock-pi-4:
/dev/mmcblk1p1 loader1 vfat defaults 0 0
/dev/mmcblk1p2 reserved1 vfat defaults 0 0
/dev/mmcblk1p3 reserved2 vfat
On 9/23/21 8:45 AM, Steve Sakoman wrote:
> On Fri, Sep 10, 2021 at 5:00 AM Armin Kuster wrote:
>> From: Armin Kuster
>>
>> Source: https://gitlab.gnome.org/GNOME/glib
>> MR: 108788, 108795, 109707
>> Type: Security Fix https://gitlab.gnome.org/GNOME/glib branch glic-2-66
>> Disposition: Backpor
On 9/25/21 2:35 AM, Richard Purdie wrote:
We have some challenges in ensuring the pseudo database is flushed to disk
in things like docker containers since the processes can be killed with no
warning at container termination. Rightly or wrongly, we need to handle this
better.
There is no curre
Commit 29daffc2410f06f36b779d5bf1fd1ef6e900ca8f added an
anonymous python function to append the site file dependencies
for do_configure. This causes any recipe that inherits allarch
after autotools to end up with a different set of file checksums
for each machine, since the anonymous python would
After the recent site files dependency changes, my automated yocto-check-layer
runs started failing the test_machine_signatures check with a bunch of
allarch recipes unexpectedly getting different signatures:
AssertionError: The machines have conflicting signatures for some shared tasks:
allarc
Pulls in:
pseudo_db: Flush DB if there is a shutdown request
fcntl: Add support for fcntl F_GETPIPE_SZ and F_SETPIPE_SZ (test fix)
Signed-off-by: Richard Purdie
---
meta/recipes-devtools/pseudo/pseudo_git.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-dev
sys.exit will cause finally statements and other code to run at exit. Since
we're using os.fork() here, os._exit() is apprioriate in this codepath.
Signed-off-by: Richard Purdie
---
meta/lib/oeqa/utils/qemurunner.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/lib/oeq
We have some challenges in ensuring the pseudo database is flushed to disk
in things like docker containers since the processes can be killed with no
warning at container termination. Rightly or wrongly, we need to handle this
better.
There is no current way to flush the DB but there is a shutdoen
On Sat, 2021-09-25 at 10:48 +0200, Zoltan Boszormenyi via lists.openembedded.org
wrote:
> On 2021. 09. 24. 19:17, Mark Hatle wrote:
> >
> >
> > On 9/24/21 9:02 AM, Zoltan Boszormenyi via lists.openembedded.org wrote:
> > > Hi,
> > >
> > > I have a special package that creates users and groups
>
On 2021. 09. 24. 19:17, Mark Hatle wrote:
On 9/24/21 9:02 AM, Zoltan Boszormenyi via lists.openembedded.org wrote:
Hi,
I have a special package that creates users and groups
via inherit useradd. This package doesn't depend on any
others but it is depended on, both via DEPENDS and RDEPENDS
by
18 matches
Mail list logo
