On Fri, 1 Sept 2023 at 23:22, Richard Purdie
wrote:
> > > do_compile () {
> > > rust_runx install
> > > rust_runx install clippy
> > > rust_runx install rustfmt
> > > }
> > >
> > > rust_do_install() {
> > > cp -a ${B}/_install ${D}
> >
> > ?
> >
> >
> > [adding 'rustfmt' to
Acked-by: Alejandro Hernandez
On 9/1/23 17:32, Michelle Lin wrote:
Currently, there is not a class to support the building of unified kernel
images. Adding a uki.bbclass to support the creation of UKIs. This class calls
the systemd Ukify tool, which will combine the kernel/initrd/stub
This patch contains an example recipe, core-image-minimal-uki.bb, on how to use
the uki.bbclass. The recipe specifies the need for a config file to be passed to
SRC_URI if the UKI is to be signed. The config file simplifies the usage of the
class by allowing the user to organize, manage, and
Currently, there is not a class to support the building of unified kernel
images. Adding a uki.bbclass to support the creation of UKIs. This class calls
the systemd Ukify tool, which will combine the kernel/initrd/stub components to
build the UKI. To sign the UKI (i.e. SecureBoot, TPM PCR
On Fri, 2023-09-01 at 18:34 +0200, Enrico Scholz via
lists.openembedded.org wrote:
> Hello,
>
> rust recipe does
>
> > do_compile () {
> > }
> >
> > rust_do_install() {
> > rust_runx install
> > }
> >
> > rust_do_install:class-nativesdk() {
> > export PSEUDO_UNLOAD=1
> > rust_runx
Add in stable updates to glibc 2.38 to fix malloc bugs
Signed-off-by: Michael Halstead
---
meta/conf/distro/include/yocto-uninative.inc | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/meta/conf/distro/include/yocto-uninative.inc
Hello Enrico,
Le ven. 1 sept. 2023, 18:34, Enrico Scholz via lists.openembedded.org
a écrit :
> Hello,
>
> rust recipe does
>
> | do_compile () {
> | }
> |
> | rust_do_install() {
> | rust_runx install
> | }
> |
> | rust_do_install:class-nativesdk() {
> | export PSEUDO_UNLOAD=1
> |
> -Original Message-
> From: Richard Purdie
> Sent: den 30 augusti 2023 11:04
> To: Peter Kjellerstedt ;
> openembedded-core@lists.openembedded.org
> Subject: Re: [OE-core] [PATCH] base.bbclass: Do not fail during parsing if
> ${SRCREV} does not exist
>
> On Fri, 2023-08-25 at 19:16
Hello,
rust recipe does
| do_compile () {
| }
|
| rust_do_install() {
| rust_runx install
| }
|
| rust_do_install:class-nativesdk() {
| export PSEUDO_UNLOAD=1
| rust_runx install
| rust_runx install clippy
| rust_runx install rustfmt
What is the reason to run the
Pull in the following stable branch updates:
1aed90c9c8f8be9f68b58e96b6e4cd0fc08eb2b1 sysdeps: tst-bz21269: fix -Wreturn-type
ad9b8399537670a990572c4b0c4da5411e3b68cf sysdeps: tst-bz21269: handle ENOSYS &
skip appropriately
c8ecda6251dd4a0dfe074e0a6011211cadeef742 sysdeps: tst-bz21269: fix test
Fixes: be7da75827b4 ("weston: update 11.0.1 -> 12.0.1")
Signed-off-by: Ulrich Ölmann
---
meta/recipes-graphics/wayland/weston_12.0.1.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-graphics/wayland/weston_12.0.1.bb
From: Sakib Sajal
Upgrade to latest 1.20.x release [1]:
$ git log --oneline go1.20.6..go1.20.7 origin/release-branch.go1.20
adb775e309 (tag: go1.20.7, origin/release-branch.go1.20)
[release-branch.go1.20] go1.20.7
659f2a2207 [release-branch.go1.20] crypto/tls: restrict RSA keys in
From: Alexander Kanavin
(cherry picked from commit 7d5bb3a4690ef61a1fee21773b4717e829789e32)
Signed-off-by: Alexander Kanavin
Signed-off-by: Richard Purdie
Signed-off-by: Chee Yang Lee
---
.../0001-Don-t-search-system-for-headers-libraries.patch| 2 +-
From: Chee Yang Lee
upgrade include fix for CVE-2023-40217
Release notes:
https://docs.python.org/3/whatsnew/changelog.html#python-3-11-5-final
Signed-off-by: Chee Yang Lee
---
.../python/{python3_3.11.4.bb => python3_3.11.5.bb} | 2 +-
1 file changed, 1 insertion(+), 1
From: Alexander Kanavin
upgrade include fix for CVE-2023-24329
(cherry picked from commit f7f163ebe8c53de4314d04595c1fbcc7af2deccc )
Signed-off-by: Alexander Kanavin
Signed-off-by: Alexandre Belloni
Signed-off-by: Richard Purdie
Signed-off-by: Chee Yang Lee
---
Hi Peter,
It seems that cve-report.bbclass is already filtering out the CVEs based on the
vendor.
It would make explicit Whitelisting/Ignoring these CVEs redundant and thus my 4
commits can be skipped.
Thanks for pointing it out!
Regards,
Dhairya Nagodra
> -Original Message-
> From:
heap out of bound read in builtin.c
Signed-off-by: Meenali Gupta
---
.../gawk/gawk/CVE-2023-4156.patch | 46 +++
meta/recipes-extended/gawk/gawk_5.1.1.bb | 1 +
2 files changed, 47 insertions(+)
create mode 100644
There is a stack overflow vulnerability in ash.c:6030 in busybox
vbefore 1.35. In the environment of Internet of Vehicles, this
vulnerability can be executed from command to arbitrary code execution.
Signed-off-by: Meenali Gupta
---
.../busybox/busybox/CVE-2022-48174.patch | 80
On 31 Aug 2023, at 10:16, Benjamin Bara via lists.openembedded.org
wrote:
>
> From: Benjamin Bara
>
> This commit should look for unsupported instructions depending on the
> active tune features. For now, it checks for vfpv3d16 and other non-neon
> machines, but it can be easily extended for
What's the reason for ignoring this CVE in all branches when CVE_PRODUCT =
"flex_project:flex" means it's not reported by cve-check?
Peter
-Original Message-
From: openembedded-core@lists.openembedded.org
On Behalf Of Dhairya Nagodra via
lists.openembedded.org
Sent: Friday, September
Hello,
This fails on the autobuilders:
https://autobuilder.yoctoproject.org/typhoon/#/builders/117/builds/3449/steps/12/logs/stdio
ERROR: Nothing RPROVIDES 'distcc' (but
/home/pokybuild/yocto-worker/reproducible/build/meta/recipes-core/packagegroups/packagegroup-self-hosted.bb,
New ptest failure:
https://autobuilder.yoctoproject.org/typhoon/#/builders/81/builds/5537/steps/12/logs/stdio
https://autobuilder.yoctoproject.org/typhoon/#/builders/82/builds/5354/steps/13/logs/stdio
'json-c': ['test_json_patch.test']
On 31/08/2023 10:31:56+0800, wangmy wrote:
> From: Wang
-Original Message-
From: openembedded-core@lists.openembedded.org
On Behalf Of Dhairya Nagodra via
lists.openembedded.org
Sent: Friday, September 1, 2023 6:08
To: openembedded-core@lists.openembedded.org
Cc: qi.c...@windriver.com; xe-linux-exter...@cisco.com; Dhairya Nagodra
Subject:
From: Soumya Sambu
Backport patch to fix CVE-2023-29491.
Signed-off-by: Soumya Sambu
---
.../ncurses/files/CVE-2023-29491.patch| 464 ++
.../ncurses/ncurses_6.3+20220423.bb | 1 +
2 files changed, 465 insertions(+)
create mode 100644
-Original Message-
From: openembedded-core@lists.openembedded.org
On Behalf Of Changqing Li via
lists.openembedded.org
Sent: Friday, September 1, 2023 11:02
To: openembedded-core@lists.openembedded.org
Subject: [OE-core] [PATCH] sqlite3: set CVE_STATUS for CVE-2023-36191
> From:
From: Changqing Li
The error is a bug. It has been fixed upstream. But it is not a
vulnerability. You may safely ignore the CVE.
Refer:
[1] https://www.sqlite.org/forum/forumpost/19f55ef73b
Signed-off-by: Changqing Li
---
meta/recipes-support/sqlite/sqlite3_3.42.0.bb | 2 ++
1 file changed,
Hi,
I have been trying Linux Kernel CVEs for a while now and found a weird part in
generate-cve-exclusions.py.
https://git.openembedded.org/openembedded-core/tree/meta/recipes-kernel/linux/generate-cve-exclusions.py#n64
>affected = data["affected_versions"]
>first_affected,
27 matches
Mail list logo