Re: [OE-core][PATCH] openssl: openssl: patch CVE-2024-2511
Looks like when 3.2.2 is released it will include this. So 3.2.2 should be
applied to scarthgap.
“master” will be moving to 3.3.0 soon for styhead
On Sat, Apr 13, 2024 at 3:50 PM Peter Marko via lists.openembedded.org
wrote:
> From: Peter Marko
>
> Patch:
> https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08
> News:
> https://github.com/openssl/openssl/commit/b7acb6731a96b073d6150465bd090e2052a595c2
>
> Signed-off-by: Peter Marko
> ---
> .../openssl/openssl/CVE-2024-2511.patch | 120 ++
> .../openssl/openssl_3.2.1.bb | 1 +
> 2 files changed, 121 insertions(+)
> create mode 100644
> meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch
>
> diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch
> b/meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch
> new file mode 100644
> index 00..8772f716d5
> --- /dev/null
> +++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch
> @@ -0,0 +1,120 @@
> +From e9d7083e241670332e0443da0f0d4ffb52829f08 Mon Sep 17 00:00:00 2001
> +From: Matt Caswell
> +Date: Tue, 5 Mar 2024 15:43:53 +
> +Subject: [PATCH] Fix unconstrained session cache growth in TLSv1.3
> +
> +In TLSv1.3 we create a new session object for each ticket that we send.
> +We do this by duplicating the original session. If SSL_OP_NO_TICKET is in
> +use then the new session will be added to the session cache. However, if
> +early data is not in use (and therefore anti-replay protection is being
> +used), then multiple threads could be resuming from the same session
> +simultaneously. If this happens and a problem occurs on one of the
> threads,
> +then the original session object could be marked as not_resumable. When we
> +duplicate the session object this not_resumable status gets copied into
> the
> +new session object. The new session object is then added to the session
> +cache even though it is not_resumable.
> +
> +Subsequently, another bug means that the session_id_length is set to 0 for
> +sessions that are marked as not_resumable - even though that session is
> +still in the cache. Once this happens the session can never be removed
> from
> +the cache. When that object gets to be the session cache tail object the
> +cache never shrinks again and grows indefinitely.
> +
> +CVE-2024-2511
> +
> +Reviewed-by: Neil Horman
> +Reviewed-by: Tomas Mraz
> +(Merged from https://github.com/openssl/openssl/pull/24043)
> +
> +CVE: CVE-2024-2511
> +Upstream-Status: Backport [
> https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08
> ]
> +Signed-off-by: Peter Marko
> +---
> + ssl/ssl_lib.c| 5 +++--
> + ssl/ssl_sess.c | 28 ++--
> + ssl/statem/statem_srvr.c | 5 ++---
> + 3 files changed, 27 insertions(+), 11 deletions(-)
> +
> +diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
> +index 4afb43bc86e54..c51529ddab5bb 100644
> +--- a/ssl/ssl_lib.c
> b/ssl/ssl_lib.c
> +@@ -4457,9 +4457,10 @@ void ssl_update_cache(SSL_CONNECTION *s, int mode)
> +
> + /*
> + * If the session_id_length is 0, we are not supposed to cache it,
> and it
> +- * would be rather hard to do anyway :-)
> ++ * would be rather hard to do anyway :-). Also if the session has
> already
> ++ * been marked as not_resumable we should not cache it for later
> reuse.
> + */
> +-if (s->session->session_id_length == 0)
> ++if (s->session->session_id_length == 0 || s->session->not_resumable)
> + return;
> +
> + /*
> +diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
> +index 3dcc4d81e5bc6..1fa6d17c46863 100644
> +--- a/ssl/ssl_sess.c
> b/ssl/ssl_sess.c
> +@@ -127,16 +127,11 @@ SSL_SESSION *SSL_SESSION_new(void)
> + return ss;
> + }
> +
> +-SSL_SESSION *SSL_SESSION_dup(const SSL_SESSION *src)
> +-{
> +-return ssl_session_dup(src, 1);
> +-}
> +-
> + /*
> + * Create a new SSL_SESSION and duplicate the contents of |src| into it.
> If
> + * ticket == 0 then no ticket information is duplicated, otherwise it is.
> + */
> +-SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket)
> ++static SSL_SESSION *ssl_session_dup_intern(const SSL_SESSION *src, int
> ticket)
> + {
> + SSL_SESSION *dest;
> +
> +@@ -265,6 +260,27 @@ SSL_SESSION *ssl_session_dup(const SSL_SESSION *src,
> int ticket)
> + return NULL;
> + }
> +
> ++SSL_SESSION *SSL_SESSION_dup(const SSL_SESSION *src)
> ++{
> ++return ssl_session_dup_intern(src, 1);
> ++}
> ++
> ++/*
> ++ * Used internally when duplicating a session which might be already
> shared.
> ++ * We will have resumed the original session. Subsequently we might have
> marked
> ++ * it as non-resumable (e.g. in another thread) - but this copy should
> be ok to
> ++ * resume from.
> ++ */
> ++SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket)
> ++{
> ++SSL_SESSION *sess = ssl_session_dup_intern(src, ticket);
> ++
> ++if (sess != NULL)
> ++
[OE-core][PATCH] openssl: openssl: patch CVE-2024-2511
From: Peter Marko
Patch:
https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08
News:
https://github.com/openssl/openssl/commit/b7acb6731a96b073d6150465bd090e2052a595c2
Signed-off-by: Peter Marko
---
.../openssl/openssl/CVE-2024-2511.patch | 120 ++
.../openssl/openssl_3.2.1.bb | 1 +
2 files changed, 121 insertions(+)
create mode 100644
meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch
b/meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch
new file mode 100644
index 00..8772f716d5
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch
@@ -0,0 +1,120 @@
+From e9d7083e241670332e0443da0f0d4ffb52829f08 Mon Sep 17 00:00:00 2001
+From: Matt Caswell
+Date: Tue, 5 Mar 2024 15:43:53 +
+Subject: [PATCH] Fix unconstrained session cache growth in TLSv1.3
+
+In TLSv1.3 we create a new session object for each ticket that we send.
+We do this by duplicating the original session. If SSL_OP_NO_TICKET is in
+use then the new session will be added to the session cache. However, if
+early data is not in use (and therefore anti-replay protection is being
+used), then multiple threads could be resuming from the same session
+simultaneously. If this happens and a problem occurs on one of the threads,
+then the original session object could be marked as not_resumable. When we
+duplicate the session object this not_resumable status gets copied into the
+new session object. The new session object is then added to the session
+cache even though it is not_resumable.
+
+Subsequently, another bug means that the session_id_length is set to 0 for
+sessions that are marked as not_resumable - even though that session is
+still in the cache. Once this happens the session can never be removed from
+the cache. When that object gets to be the session cache tail object the
+cache never shrinks again and grows indefinitely.
+
+CVE-2024-2511
+
+Reviewed-by: Neil Horman
+Reviewed-by: Tomas Mraz
+(Merged from https://github.com/openssl/openssl/pull/24043)
+
+CVE: CVE-2024-2511
+Upstream-Status: Backport
[https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08]
+Signed-off-by: Peter Marko
+---
+ ssl/ssl_lib.c| 5 +++--
+ ssl/ssl_sess.c | 28 ++--
+ ssl/statem/statem_srvr.c | 5 ++---
+ 3 files changed, 27 insertions(+), 11 deletions(-)
+
+diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
+index 4afb43bc86e54..c51529ddab5bb 100644
+--- a/ssl/ssl_lib.c
b/ssl/ssl_lib.c
+@@ -4457,9 +4457,10 @@ void ssl_update_cache(SSL_CONNECTION *s, int mode)
+
+ /*
+ * If the session_id_length is 0, we are not supposed to cache it, and it
+- * would be rather hard to do anyway :-)
++ * would be rather hard to do anyway :-). Also if the session has already
++ * been marked as not_resumable we should not cache it for later reuse.
+ */
+-if (s->session->session_id_length == 0)
++if (s->session->session_id_length == 0 || s->session->not_resumable)
+ return;
+
+ /*
+diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
+index 3dcc4d81e5bc6..1fa6d17c46863 100644
+--- a/ssl/ssl_sess.c
b/ssl/ssl_sess.c
+@@ -127,16 +127,11 @@ SSL_SESSION *SSL_SESSION_new(void)
+ return ss;
+ }
+
+-SSL_SESSION *SSL_SESSION_dup(const SSL_SESSION *src)
+-{
+-return ssl_session_dup(src, 1);
+-}
+-
+ /*
+ * Create a new SSL_SESSION and duplicate the contents of |src| into it. If
+ * ticket == 0 then no ticket information is duplicated, otherwise it is.
+ */
+-SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket)
++static SSL_SESSION *ssl_session_dup_intern(const SSL_SESSION *src, int ticket)
+ {
+ SSL_SESSION *dest;
+
+@@ -265,6 +260,27 @@ SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int
ticket)
+ return NULL;
+ }
+
++SSL_SESSION *SSL_SESSION_dup(const SSL_SESSION *src)
++{
++return ssl_session_dup_intern(src, 1);
++}
++
++/*
++ * Used internally when duplicating a session which might be already shared.
++ * We will have resumed the original session. Subsequently we might have
marked
++ * it as non-resumable (e.g. in another thread) - but this copy should be ok
to
++ * resume from.
++ */
++SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket)
++{
++SSL_SESSION *sess = ssl_session_dup_intern(src, ticket);
++
++if (sess != NULL)
++sess->not_resumable = 0;
++
++return sess;
++}
++
+ const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int
*len)
+ {
+ if (len)
+diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
+index 853af8c0aa9f9..d5f0ab091dacc 100644
+--- a/ssl/statem/statem_srvr.c
b/ssl/statem/statem_srvr.c
+@@ -2445,9 +2445,8 @@ CON_FUNC_RETURN
tls_construct_server_hello(SSL_CONNECTION *s, WPACKET *pkt)
+ * so the following won't overwrite an
[OE-core][kirkstone][PATCH] openssl: patch CVE-2024-2511
From: Peter Marko
Patch:
https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d
News:
https://github.com/openssl/openssl/commit/daee101e39073d4b65a68faeb2f2de5ad7b05c36
Signed-off-by: Peter Marko
---
.../openssl/openssl/CVE-2024-2511.patch | 122 ++
.../openssl/openssl_3.0.13.bb | 1 +
2 files changed, 123 insertions(+)
create mode 100644
meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch
b/meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch
new file mode 100644
index 00..8aea686205
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch
@@ -0,0 +1,122 @@
+From b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d Mon Sep 17 00:00:00 2001
+From: Matt Caswell
+Date: Tue, 5 Mar 2024 15:43:53 +
+Subject: [PATCH] Fix unconstrained session cache growth in TLSv1.3
+
+In TLSv1.3 we create a new session object for each ticket that we send.
+We do this by duplicating the original session. If SSL_OP_NO_TICKET is in
+use then the new session will be added to the session cache. However, if
+early data is not in use (and therefore anti-replay protection is being
+used), then multiple threads could be resuming from the same session
+simultaneously. If this happens and a problem occurs on one of the threads,
+then the original session object could be marked as not_resumable. When we
+duplicate the session object this not_resumable status gets copied into the
+new session object. The new session object is then added to the session
+cache even though it is not_resumable.
+
+Subsequently, another bug means that the session_id_length is set to 0 for
+sessions that are marked as not_resumable - even though that session is
+still in the cache. Once this happens the session can never be removed from
+the cache. When that object gets to be the session cache tail object the
+cache never shrinks again and grows indefinitely.
+
+CVE-2024-2511
+
+Reviewed-by: Neil Horman
+Reviewed-by: Tomas Mraz
+(Merged from https://github.com/openssl/openssl/pull/24044)
+
+(cherry picked from commit 7e4d731b1c07201ad9374c1cd9ac5263bdf35bce)
+
+CVE: CVE-2024-2511
+Upstream-Status: Backport
[https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d]
+Signed-off-by: Peter Marko
+---
+ ssl/ssl_lib.c| 5 +++--
+ ssl/ssl_sess.c | 28 ++--
+ ssl/statem/statem_srvr.c | 5 ++---
+ 3 files changed, 27 insertions(+), 11 deletions(-)
+
+diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
+index 2c8479eb5fc69..eed649c6fdee9 100644
+--- a/ssl/ssl_lib.c
b/ssl/ssl_lib.c
+@@ -3736,9 +3736,10 @@ void ssl_update_cache(SSL *s, int mode)
+
+ /*
+ * If the session_id_length is 0, we are not supposed to cache it, and it
+- * would be rather hard to do anyway :-)
++ * would be rather hard to do anyway :-). Also if the session has already
++ * been marked as not_resumable we should not cache it for later reuse.
+ */
+-if (s->session->session_id_length == 0)
++if (s->session->session_id_length == 0 || s->session->not_resumable)
+ return;
+
+ /*
+diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
+index d836b33ed0e81..75adbd9e52b40 100644
+--- a/ssl/ssl_sess.c
b/ssl/ssl_sess.c
+@@ -152,16 +152,11 @@ SSL_SESSION *SSL_SESSION_new(void)
+ return ss;
+ }
+
+-SSL_SESSION *SSL_SESSION_dup(const SSL_SESSION *src)
+-{
+-return ssl_session_dup(src, 1);
+-}
+-
+ /*
+ * Create a new SSL_SESSION and duplicate the contents of |src| into it. If
+ * ticket == 0 then no ticket information is duplicated, otherwise it is.
+ */
+-SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket)
++static SSL_SESSION *ssl_session_dup_intern(const SSL_SESSION *src, int ticket)
+ {
+ SSL_SESSION *dest;
+
+@@ -285,6 +280,27 @@ SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int
ticket)
+ return NULL;
+ }
+
++SSL_SESSION *SSL_SESSION_dup(const SSL_SESSION *src)
++{
++return ssl_session_dup_intern(src, 1);
++}
++
++/*
++ * Used internally when duplicating a session which might be already shared.
++ * We will have resumed the original session. Subsequently we might have
marked
++ * it as non-resumable (e.g. in another thread) - but this copy should be ok
to
++ * resume from.
++ */
++SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket)
++{
++SSL_SESSION *sess = ssl_session_dup_intern(src, ticket);
++
++if (sess != NULL)
++sess->not_resumable = 0;
++
++return sess;
++}
++
+ const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int
*len)
+ {
+ if (len)
+diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
+index a9e67f9d32a77..6c942e6bcec29 100644
+--- a/ssl/statem/statem_srvr.c
b/ssl/statem/statem_srvr.c
+@@ -2338,9 +2338,8 @@ int tls_construct_server_hello(SSL *s, WPACKET *pkt)
+ *
Re: [OE-core] [PATCH 10/33] gnutls: upgrade 3.8.4 -> 3.8.5
On Fri, 2024-04-12 at 16:39 +0200, Alexandre Belloni wrote:
> On 11/04/2024 19:41:09+, Simone Weiß wrote:
> > On Wed, 2024-04-10 at 02:45 +0200, Alexandre Belloni via
> > lists.openembedded.org wrote:
> > > Failed ptests:
> > > {'gnutls': ['alerts',
> > > 'cert-status',
> > > 'ciphersuite-name',
> > > 'dtls-etm',
> > > 'dtls10-cert-key-exchange',
> > > 'dtls12-cert-key-exchange',
> > > 'keylog-env',
> > > 'mini-chain-unsorted',
> > > 'mini-record-failure',
> > > 'mini-overhead',
> > > 'mini-record',
> > > 'mini-record-2',
> > > 'record-retvals',
> > > 'rehandshake-switch-cert',
> > > 'rehandshake-switch-cert-allow',
> > > 'rehandshake-switch-cert-client',
> > > 'rehandshake-switch-cert-client-allow',
> > > 'rsa-encrypt-decrypt',
> > > 'rsa-psk',
> > > 'rsa-psk-cb',
> > > 'rsaes-pkcs1-v1_5',
> > > 'tls-etm',
> > > 'tls-force-etm',
> > > 'tls-neg-ext4-key',
> > > 'tls10-cert-key-exchange',
> > > 'tls11-cert-key-exchange',
> > > 'tls10-server-kx-neg',
> > > 'tls12-anon-upgrade',
> > > 'tls12-cert-key-exchange',
> > > 'tls11-server-kx-neg',
> > > 'tls12-server-kx-neg',
> > > 'tls13-cert-key-exchange',
> > > 'tls13-server-kx-neg',
> > > 'version-checks']}
> > >
> > >
> > Hi,
> >
> > is there a autobuilder link to this? I tried it locally and all was
> > fine.
> > Would like to check it just to see if I can spot a difference. Or do
> > you
> > (Wang Mingyu) already check at the moment?
>
> https://autobuilder.yoctoproject.org/typhoon/#/builders/81/builds/6489/steps/12/logs/stdio
>
> https://autobuilder.yocto.io/pub/non-release/20240409-25/testresults/qemux86-64-ptest/gnutls.log
Looks like at least some might be fixable with
https://gitlab.com/gnutls/gnutls/-/merge_requests/1830
I will take a further look
>
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#198201):
https://lists.openembedded.org/g/openembedded-core/message/198201
Mute This Topic: https://lists.openembedded.org/mt/105417636/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH 1/2] python3-websockets: Import from meta-python
On Sat, Apr 13, 2024 at 4:38 AM Richard Purdie < richard.pur...@linuxfoundation.org> wrote: > On Fri, 2024-04-12 at 07:05 -0700, Khem Raj wrote: > > we need a patch to remove it from meta-python at same time > > I was testing this was all we needed and went to create one now I've > confirmed that but I see you have one in master-next. Let me know if > you need anything. I think we are fine for now with that > > Cheers, > > Richard > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198200): https://lists.openembedded.org/g/openembedded-core/message/198200 Mute This Topic: https://lists.openembedded.org/mt/105480053/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core][PATCH 2/3] kbd: remove non-free Agafari fonts
> -Original Message-
> From: openembedded-core@lists.openembedded.org c...@lists.openembedded.org> On Behalf Of Richard Purdie
> Sent: den 13 april 2024 12:47
> To: peter.ma...@siemens.com; Khem Raj
> Cc: openembedded-core@lists.openembedded.org
> Subject: Re: [OE-core][PATCH 2/3] kbd: remove non-free Agafari fonts
>
> On Sat, 2024-04-13 at 06:31 +, Peter Marko via
> lists.openembedded.org wrote:
> > That surprises me but fine.
> > I'm sending a v2 moving the file removal to the recipe.
> > But you could also hand-craft the patch again locally.
>
> Since time is against me, I did create a hybrid patch:
>
> https://git.yoctoproject.org/poky/commit/?h=master-next=03b9028fe6f76da4b19c62eca102caccaf66c1b4
>
> Let me know if anyone isn't happy with this. I'm happy to take other
> patches.
>
> Cheers,
>
> Richard
The do_configure:prepend() looks wrong:
+do_configure:prepend() {
+rm -rf ${S}/${S}/data/consolefonts/Agafari-1*
+}
I assume that should be:
+do_configure:prepend() {
+ rm -rf ${S}/data/consolefonts/Agafari-1*
+}
//Peter
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#198199):
https://lists.openembedded.org/g/openembedded-core/message/198199
Mute This Topic: https://lists.openembedded.org/mt/105486424/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH 1/2] python3-websockets: Import from meta-python
On Fri, 2024-04-12 at 07:05 -0700, Khem Raj wrote: > we need a patch to remove it from meta-python at same time I was testing this was all we needed and went to create one now I've confirmed that but I see you have one in master-next. Let me know if you need anything. Cheers, Richard -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198198): https://lists.openembedded.org/g/openembedded-core/message/198198 Mute This Topic: https://lists.openembedded.org/mt/105480053/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] Patchtest results for [PATCH 1/3] python3-testtools: Fix build problems from incorrect build backend
Thank you for your submission. Patchtest identified one or more issues with the patch. Please see the log below for more information: --- Testing patch /home/patchtest/share/mboxes/1-3-python3-testtools-Fix-build-problems-from-incorrect-build-backend.patch FAIL: test lic files chksum modified not mentioned: LIC_FILES_CHKSUM changed without "License-Update:" tag and description in commit message (test_metadata.TestMetadata.test_lic_files_chksum_modified_not_mentioned) PASS: pretest src uri left files (test_metadata.TestMetadata.pretest_src_uri_left_files) PASS: test CVE check ignore (test_metadata.TestMetadata.test_cve_check_ignore) PASS: test Signed-off-by presence (test_mbox.TestMbox.test_signed_off_by_presence) PASS: test author valid (test_mbox.TestMbox.test_author_valid) PASS: test commit message presence (test_mbox.TestMbox.test_commit_message_presence) PASS: test max line length (test_metadata.TestMetadata.test_max_line_length) PASS: test mbox format (test_mbox.TestMbox.test_mbox_format) PASS: test non-AUH upgrade (test_mbox.TestMbox.test_non_auh_upgrade) PASS: test shortlog format (test_mbox.TestMbox.test_shortlog_format) PASS: test shortlog length (test_mbox.TestMbox.test_shortlog_length) PASS: test src uri left files (test_metadata.TestMetadata.test_src_uri_left_files) SKIP: pretest pylint: No python related patches, skipping test (test_python_pylint.PyLint.pretest_pylint) SKIP: test CVE tag format: No new CVE patches introduced (test_patch.TestPatch.test_cve_tag_format) SKIP: test Signed-off-by presence: No new CVE patches introduced (test_patch.TestPatch.test_signed_off_by_presence) SKIP: test Upstream-Status presence: No new CVE patches introduced (test_patch.TestPatch.test_upstream_status_presence_format) SKIP: test bugzilla entry format: No bug ID found (test_mbox.TestMbox.test_bugzilla_entry_format) SKIP: test lic files chksum presence: No added recipes, skipping test (test_metadata.TestMetadata.test_lic_files_chksum_presence) SKIP: test license presence: No added recipes, skipping test (test_metadata.TestMetadata.test_license_presence) SKIP: test pylint: No python related patches, skipping test (test_python_pylint.PyLint.test_pylint) SKIP: test series merge on head: Merge test is disabled for now (test_mbox.TestMbox.test_series_merge_on_head) SKIP: test summary presence: No added recipes, skipping test (test_metadata.TestMetadata.test_summary_presence) SKIP: test target mailing list: Series merged, no reason to check other mailing lists (test_mbox.TestMbox.test_target_mailing_list) --- Please address the issues identified and submit a new revision of the patch, or alternatively, reply to this email with an explanation of why the patch should be accepted. If you believe these results are due to an error in patchtest, please submit a bug at https://bugzilla.yoctoproject.org/ (use the 'Patchtest' category under 'Yocto Project Subprojects'). For more information on specific failures, see: https://wiki.yoctoproject.org/wiki/Patchtest. Thank you! -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198197): https://lists.openembedded.org/g/openembedded-core/message/198197 Mute This Topic: https://lists.openembedded.org/mt/105498877/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 1/3] python3-testtools: Fix build problems from incorrect build backend
testtools uses the hatchling backend so:
* merge the inc back into the recipe
* drop setuptools
* use the hatchling backend
* add the needed vcs dependency
* drop the now unneeded python3-pbr dependency
This means the submodules are included in packaging, fixing build failures
and the verison in the wheel is no longer 0.0.0
Prior to this fix, testtools in buildtools tarball was completely
broken.
Signed-off-by: Richard Purdie
---
.../python/python-testtools.inc | 27 ---
.../python/python3-testtools_2.7.1.bb | 21 +--
2 files changed, 19 insertions(+), 29 deletions(-)
delete mode 100644 meta/recipes-devtools/python/python-testtools.inc
diff --git a/meta/recipes-devtools/python/python-testtools.inc
b/meta/recipes-devtools/python/python-testtools.inc
deleted file mode 100644
index e9dd97ec1c1..000
--- a/meta/recipes-devtools/python/python-testtools.inc
+++ /dev/null
@@ -1,27 +0,0 @@
-SUMMARY = "Extensions to the Python standard library unit testing framework"
-HOMEPAGE = "https://pypi.org/project/testtools/;
-SECTION = "devel/python"
-LICENSE = "Apache-2.0"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=e2c9d3e8ba7141c83bfef190e0b9379a"
-
-inherit pypi
-
-SRC_URI[sha256sum] =
"df6de96010e29ee21f637a147eabf30d50b25e3841dd1d68f93ee89ce77e366c"
-
-DEPENDS += " \
-python3-pbr \
-"
-
-# Satisfy setup.py 'setup_requires'
-DEPENDS += " \
-python3-pbr-native \
-"
-
-RDEPENDS:${PN} += "\
-python3-doctest \
-python3-extras \
-python3-pbr \
-python3-six \
-"
-
-BBCLASSEXTEND = "nativesdk"
diff --git a/meta/recipes-devtools/python/python3-testtools_2.7.1.bb
b/meta/recipes-devtools/python/python3-testtools_2.7.1.bb
index 79e46a02de7..cc7e0556326 100644
--- a/meta/recipes-devtools/python/python3-testtools_2.7.1.bb
+++ b/meta/recipes-devtools/python/python3-testtools_2.7.1.bb
@@ -1,3 +1,20 @@
-inherit setuptools3
-require python-testtools.inc
+SUMMARY = "Extensions to the Python standard library unit testing framework"
+HOMEPAGE = "https://pypi.org/project/testtools/;
+SECTION = "devel/python"
+LICENSE = "Apache-2.0"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=e2c9d3e8ba7141c83bfef190e0b9379a"
+
+DEPENDS += "python3-hatch-vcs-native"
+
+inherit pypi python_hatchling
+
+SRC_URI[sha256sum] =
"df6de96010e29ee21f637a147eabf30d50b25e3841dd1d68f93ee89ce77e366c"
+
+RDEPENDS:${PN} += "\
+python3-doctest \
+python3-extras \
+python3-six \
+"
+
+BBCLASSEXTEND = "nativesdk"
--
2.40.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#198194):
https://lists.openembedded.org/g/openembedded-core/message/198194
Mute This Topic: https://lists.openembedded.org/mt/105498752/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 3/3] abi_version/sstate: Switch to a new version for the upcoming release
In testing websocket hashequivalence, corrupted sstate was injected into the autobuilder extensively. With the new release/LTS, being able to clearly differentiate between old and new sstate is probably desireable anyway so bump the appropriate versions. Signed-off-by: Richard Purdie --- meta/classes-global/sstate.bbclass | 2 +- meta/conf/abi_version.conf | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/meta/classes-global/sstate.bbclass b/meta/classes-global/sstate.bbclass index 96655ff24ff..04539bbb99a 100644 --- a/meta/classes-global/sstate.bbclass +++ b/meta/classes-global/sstate.bbclass @@ -4,7 +4,7 @@ # SPDX-License-Identifier: MIT # -SSTATE_VERSION = "11" +SSTATE_VERSION = "12" SSTATE_ZSTD_CLEVEL ??= "8" diff --git a/meta/conf/abi_version.conf b/meta/conf/abi_version.conf index b6643ea60b3..13c2c45b42a 100644 --- a/meta/conf/abi_version.conf +++ b/meta/conf/abi_version.conf @@ -12,4 +12,4 @@ OELAYOUT_ABI = "15" # a reset of the equivalence, for example when reproducibility issues break the # existing match data. Distros can also append to this value for the same effect. # -HASHEQUIV_HASH_VERSION = "15" +HASHEQUIV_HASH_VERSION = "16" -- 2.40.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198196): https://lists.openembedded.org/g/openembedded-core/message/198196 Mute This Topic: https://lists.openembedded.org/mt/105498754/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 2/3] buildtools-tarball: Add python3-setuptools
After the dependency on setuptools was dropped from python3-testtools, this exposed eSDK dependencies in devtool and recipetool on python3-setuptools. Add this to buildtools to fix build failures after the testtools fixes. Signed-off-by: Richard Purdie --- meta/recipes-core/meta/buildtools-tarball.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-core/meta/buildtools-tarball.bb b/meta/recipes-core/meta/buildtools-tarball.bb index a5f6bb7aac9..dc075763e6c 100644 --- a/meta/recipes-core/meta/buildtools-tarball.bb +++ b/meta/recipes-core/meta/buildtools-tarball.bb @@ -11,6 +11,7 @@ TOOLCHAIN_HOST_TASK ?= "\ nativesdk-python3-git \ nativesdk-python3-jinja2 \ nativesdk-python3-testtools \ +nativesdk-python3-setuptools \ nativesdk-python3-subunit \ nativesdk-python3-pyyaml \ nativesdk-python3-websockets \ -- 2.40.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198195): https://lists.openembedded.org/g/openembedded-core/message/198195 Mute This Topic: https://lists.openembedded.org/mt/105498753/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core][PATCH 2/3] kbd: remove non-free Agafari fonts
On Sat, 2024-04-13 at 06:31 +, Peter Marko via lists.openembedded.org wrote: > That surprises me but fine. > I'm sending a v2 moving the file removal to the recipe. > But you could also hand-craft the patch again locally. Since time is against me, I did create a hybrid patch: https://git.yoctoproject.org/poky/commit/?h=master-next=03b9028fe6f76da4b19c62eca102caccaf66c1b4 Let me know if anyone isn't happy with this. I'm happy to take other patches. Cheers, Richard -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#198193): https://lists.openembedded.org/g/openembedded-core/message/198193 Mute This Topic: https://lists.openembedded.org/mt/105486424/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core][PATCH 2/3] kbd: remove non-free Agafari fonts
That surprises me but fine.
I'm sending a v2 moving the file removal to the recipe.
But you could also hand-craft the patch again locally.
Peter
-Original Message-
From: Khem Raj
Sent: Saturday, April 13, 2024 2:26
To: Marko, Peter (ADV D EU SK BFS1)
Cc: openembedded-core@lists.openembedded.org
Subject: Re: [OE-core][PATCH 2/3] kbd: remove non-free Agafari fonts
> On Fri, Apr 12, 2024 at 10:02 AM Peter Marko via lists.openembedded.org
> wrote:
> >
> > I know that binary patches are problematic over mailing list.
> > Here the patch as zipped attachment just in case.
> >
>
> This does not help either, This patch is deleting files so why not just do
> the delete operation in do_compile:prepend
>
> rm -rf ${S}/data/consolefonts/Agafari-1*
>
> until the mentioned patch is part of a future kbd release.
>
> > Peter
> >
> >
> >
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#198192):
https://lists.openembedded.org/g/openembedded-core/message/198192
Mute This Topic: https://lists.openembedded.org/mt/105486424/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
