From: Alexander Kanavin
The check needs to report dri location on the host machine,
so pkg-config binary needs to be capable of finding the needed
dri.pc file on the host, and therefore needs to know where
host .pc files are located.
This may not be the case when using pkg-config from
From: Benoît Mauduit
Previously, if "showSignature" is present in user gitconfig, parsing
of the timestamp will fail.
Ideally we should replace this command with a git plumbing command.
Signed-off-by: Benoît Mauduit
Signed-off-by: Alexandre Belloni
(cherry picked from commit
From: Saul Wold
The create_spdx code relies on patched code, if files are changed
or added during the do_configure phase they will be missed by the
create_spdx process. So we need to ensure files modifications/additions
happen in the do_patch phase.
Signed-off-by: Saul Wold
Signed-off-by:
From: Jan Kircher
Fixed an error when Bash's unbound variable protection is enabled (set -u) and
variable "LD_LIBRARY_PATH" does not exist.
Signed-off-by: Jan Kircher
Signed-off-by: Alexandre Belloni
Signed-off-by: Richard Purdie
(cherry picked from commit
From: Chen Qi
Fix typo in DESCRIPTION: and -> an.
Signed-off-by: Chen Qi
Signed-off-by: Alexandre Belloni
Signed-off-by: Richard Purdie
(cherry picked from commit 349e63045298054f9454025d793c67284fce750b)
Signed-off-by: Steve Sakoman
---
meta/recipes-support/libseccomp/libseccomp_2.5.3.bb
From: Chen Qi
In case of nodistro, dhcpcd gives us 'Bad system call'
error and exits. This is because there are syscalls that
should be allowed but not in privsep. Backport two patches
to fix this issue.
Signed-off-by: Chen Qi
Signed-off-by: Alexandre Belloni
Signed-off-by: Richard Purdie
From: Petr Kubizňák
In some scenarios (e.g. when "glib" removed from PACKAGECONFIG),
"${D}${bindir}" might not exist which caused `rmdir` to fail.
Signed-off-by: Petr Kubizňák
Signed-off-by: Alexandre Belloni
Signed-off-by: Richard Purdie
(cherry picked from commit
From: Khem Raj
tiff-native otherwise falsely detects webp if its installed on build
host. This ensures deterministic behavior regardless of host.
Signed-off-by: Khem Raj
Signed-off-by: Richard Purdie
(cherry picked from commit 718c44f282310b2ca85877fed706460ccc1eebea)
Signed-off-by: Steve
From: Sandeep Gundlupet Raju
Allow user to select the default DTB for FIT image when multiple
dtb's exists.
>From machine.conf or local.conf user can specify the default dtb
for FIT image as shown below.
FIT_CONF_DEFAULT_DTB = "board-default.dtb"
Also fallback to avaialable dtb when
From: Sandeep Gundlupet Raju
The dtb files must be before the dtbo files, otherwise the overlays may
not be applied correctly.
>From Bruce Ashfield:
We can split between dtbs and dtbos, they just need to be sorted
for reproducibility reasons.
Of course, this was only working by luck
From: Antonin Godard
To avoid working with undeterministic config files, remove all the
temporary files to start from scratch.
Signed-off-by: Richard Purdie
(cherry picked from commit 74cd440c4e3df0ed3b81cf5c60a3f92e0dd3fe6c)
Signed-off-by: Steve Sakoman
---
From: Antonin Godard
When compiling busybox a second time (e.g. with `compile -f`), busybox
can use an altered autoconf.h file for compiling, which can ultimately
produces different and unwanted binaries.
This can produce errors like this one:
ERROR: busybox-1.35.0-r0 do_package: Error
From: Alex Kiernan
This is already set in default-distrovars.inc and so this assignment
will almost never succeed. Rather than leaving it to confuse, set an
empty weak default.
Signed-off-by: Alex Kiernan
Signed-off-by: Alexandre Belloni
Signed-off-by: Richard Purdie
(cherry picked from
From: Pavel Zhukov
Backport fix from master to allow gcc to use proper linker path for
musl [Yocto #14977].
Fixes:
| qemu-arm: Could not open '/lib/ld-musl-armhf.so.1': No such file or directory
Signed-off-by: Pavel Zhukov
Signed-off-by: Steve Sakoman
---
From: Randy MacLeod
Includes fixes for:
https://nvd.nist.gov/vuln/detail/CVE-2023-0049
https://nvd.nist.gov/vuln/detail/CVE-2023-0051
https://nvd.nist.gov/vuln/detail/CVE-2023-0054
https://nvd.nist.gov/vuln/detail/CVE-2023-0288
Signed-off-by: Randy MacLeod
Signed-off-by: Luca
From: Bruce Ashfield
Updating to the latest korg -stable release that comprises
the following commits:
d68f50bfb00f Linux 5.15.84
972707bae3d7 net: fec: properly guard irq coalesce setup
289721fe0993 ASoC: ops: Correct bounds check for second channel on SX
controls
From: Bruce Ashfield
Integrating the following commit(s) to linux-yocto/5.15:
f100c753aa1f powerpc: Fix reschedule bug in KUAP-unlocked user copy
Signed-off-by: Bruce Ashfield
Signed-off-by: Richard Purdie
(cherry picked from commit b457e6976e9e64a737517f9d9142ab290cdce214)
From: Bruce Ashfield
Integrating the following commit(s) to linux-yocto/5.15:
da5513f30187 libbpf: Fix build warning on ref_ctr_off
Signed-off-by: Bruce Ashfield
Signed-off-by: Richard Purdie
(cherry picked from commit eb75d561256c794baf6c89c1975967343145da87)
Signed-off-by: Steve
From: Bruce Ashfield
Integrating the following commit(s) to linux-yocto/5.15:
4c5a089621a8 perf python: Account for multiple words in CC
Signed-off-by: Bruce Ashfield
Signed-off-by: Richard Purdie
(cherry picked from commit 1cf78a856beb42a2d68e6c49bfdbc33fea68ebb5)
Signed-off-by: Steve
From: Bruce Ashfield
Integrating the following commit(s) to linux-yocto/5.15:
1c5699ee85d4 fs: move S_ISGID stripping into the vfs_*() helpers
838f5d0701d8 fs: add mode_strip_sgid() helper
d97172683641 squashfs: provide backing_dev_info in order to disable
read-ahead
From: Alexander Kanavin
Signed-off-by: Alexander Kanavin
Signed-off-by: Alexandre Belloni
Signed-off-by: Richard Purdie
(cherry picked from commit c37ec8b2d91605d6eb5228f0a447fb83f111edc3)
Signed-off-by: Steve Sakoman
---
.../xwayland/{xwayland_22.1.5.bb => xwayland_22.1.7.bb} | 2
From: Alexander Kanavin
Signed-off-by: Alexander Kanavin
Signed-off-by: Alexandre Belloni
Signed-off-by: Richard Purdie
(cherry picked from commit 009e8d6a292690a0c355d12be2368a9677c701f5)
Signed-off-by: Steve Sakoman
---
...possible-memleaks-in-XkbGetKbdByName.patch | 63
From: Alexander Kanavin
License-Update: additional files
Signed-off-by: Alexander Kanavin
Signed-off-by: Alexandre Belloni
Signed-off-by: Richard Purdie
(cherry picked from commit 15f3a9f6c4406ddc00f7dc0ca7e1beafe9c71a9f)
Signed-off-by: Steve Sakoman
---
...{linux-firmware_20221109.bb =>
Prepare for stable version bump which includes this fix
This reverts commit e4cb0bf273ea556db91699594046a47514c8583c.
---
...overflow-in-the-CRL-signature-parser.patch | 72 ---
meta/recipes-support/libksba/libksba_1.6.2.bb | 3 +-
2 files changed, 1 insertion(+), 74
From: Alexander Kanavin
Noteworthy changes in version 1.6.3 (2022-12-06)
Fix another integer overflow in the CRL parser. [T6284,CVE-2022-47629]
Signed-off-by: Alexander Kanavin
Signed-off-by: Alexandre Belloni
Signed-off-by: Richard Purdie
(cherry picked from commit
From: Ross Burton
We get random SSL failures when fetching the CVE database, and it's
notable that the NVD server is behind a DNS round-robin or geographically
diverse servers.
On a hunch that there is one misconfigured server, dump the IP that we
connected to.
Signed-off-by: Ross Burton
From: He Zhe
Signed-off-by: He Zhe
Signed-off-by: Steve Sakoman
---
.../lttng/{lttng-modules_2.13.7.bb => lttng-modules_2.13.8.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-kernel/lttng/{lttng-modules_2.13.7.bb =>
lttng-modules_2.13.8.bb} (94%)
diff --git
From: Quentin Schulz
CVE-2019-6461 and CVE-2019-6462 are fixed, but the reporting is
incorrect as the patch for CVE-2019-6461 is actually for CVE-2019-6462
and vice-versa.
This swaps both files and edit the CVE field to report the correct
identifier.
Cc: Quentin Schulz
Signed-off-by: Quentin
From: Jermain Horsman
When building an image cve_check_write_rootfs_manifest() would sometimes fail
with a FileNotFoundError when writing the manifest.cve due to the parent
directory (DEPLOY_DIR_IMAGE) not (yet) existing.
The image task will provide the manifest in the deploy directory
From: Marta Rybczynska
The database update has been done on the original file. In case of
network connection issues, temporary outage of the NVD server or
a similar situation, the function could exit with incomplete data
in the database. This patch solves the issue by performing the update
on a
From: Narpat Mali
avformat/nutdec: Add check for avformat_new_stream
Check for failure of avformat_new_stream() and propagate
the error code.
Signed-off-by: Narpat Mali
Signed-off-by: Steve Sakoman
---
...ec-Add-check-for-avformat_new_stream.patch | 67 +++
From: Hitendra Prajapati
Upstream-Status: Backport from
https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27
Signed-off-by: Hitendra Prajapati
Signed-off-by: Steve Sakoman
---
meta/recipes-devtools/go/go-1.17.13.inc | 1 +
.../go/go-1.18/CVE-2022-41717.patch
Please review this set of patches for kirkstone and have comments back by
end of day Tuesday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4815
The following changes since commit 34de16fd86775c0f2ede1670fec90217e4d11776:
gtk-icon-cache: Fix
On Sun, 2023-01-22 at 12:46 +, Peter Kjellerstedt wrote:
> > -Original Message-
> > From: openembedded-core@lists.openembedded.org > c...@lists.openembedded.org> On Behalf Of Richard Purdie
> > Sent: den 21 januari 2023 00:01
> > To: Alexander Kanavin ; Bruce Ashfield
> >
> > Cc:
Branch: langdale
New this week: 3 CVEs
CVE-2020-10735 (CVSS3: 7.5 HIGH): python3:python3-native
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-10735 *
CVE-2022-3515 (CVSS3: 9.8 CRITICAL): gnupg:gnupg-native:libksba:libksba-native
Branch: kirkstone
New this week: 2 CVEs
CVE-2022-3515 (CVSS3: 9.8 CRITICAL): gnupg:gnupg-native:libksba:libksba-native
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3515 *
CVE-2023-0288 (CVSS3: 7.8 HIGH): vim
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0288 *
Removed
> -Original Message-
> From: openembedded-core@lists.openembedded.org c...@lists.openembedded.org> On Behalf Of Richard Purdie
> Sent: den 21 januari 2023 00:01
> To: Alexander Kanavin ; Bruce Ashfield
>
> Cc: Ross Burton ; OE-core c...@lists.openembedded.org>
> Subject: Re: [OE-core]
Branch: dunfell
New this week: 2 CVEs
CVE-2022-3515 (CVSS3: 9.8 CRITICAL): gnupg:gnupg-native:libksba:libksba-native
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3515 *
CVE-2023-0288 (CVSS3: 7.8 HIGH): vim
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0288 *
Removed
Branch: master
New this week: 0 CVEs
Removed this week: 3 CVEs
CVE-2023-0049 (CVSS3: 7.8 HIGH): vim
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0049 *
CVE-2023-0051 (CVSS3: 7.8 HIGH): vim
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0051 *
CVE-2023-0054 (CVSS3: 7.8
39 matches
Mail list logo