Re: [OE-core] [PATCH 1/6] cve-update-db-native: don't hardcode the database name

2019-11-18 Thread akuster808
On 11/18/19 8:46 AM, Ross Burton wrote: > Don't hardcode the database filename, there's a variable for this in > cve-check.bbclass. > > Signed-off-by: Ross Burton do you recommend these being backported ? - armin > --- > meta/recipes-core/meta/cve-update-db-native.bb | 4 ++-- > 1 file

Re: [OE-core] [PATCH v3 1/2] zstd: move recipe to oe-core from meta-oe

2019-11-18 Thread akuster808
On 11/18/19 4:19 AM, Richard Purdie wrote: > On Thu, 2019-11-14 at 15:47 +0100, Stefan Agner wrote: >> On 2019-11-08 10:14, Stefan Agner wrote: >>> From: Stefan Agner >>> >>> Zstd is a very fast compression algorithm and has gained quite some >>> popularity recently. An upcoming patch allows

[OE-core] Status of thud

2019-11-17 Thread akuster808
Hello, Now that thud has  release 2.6.4, I plan on  backporting and testing the  outstanding patches. Getting them into mainline should not be an issue. I have no idea if there are plans for a 2.6.5 or when it will switch to community support. I will have to wait for the Yocto Project TSC to

Re: [OE-core] [PATCH] bind: Whitelist CVE-2019-6470

2019-11-17 Thread akuster808
On 11/15/19 1:46 PM, Adrian Bunk wrote: > On Thu, Nov 14, 2019 at 07:18:28AM -0800, akuster808 wrote: >> >> On 11/14/19 4:51 AM, Adrian Bunk wrote: >>> On Thu, Nov 14, 2019 at 12:04:40PM +, Ross Burton wrote: >>>> On 13/11/2019 08:19, Adrian Bunk wrot

Re: [OE-core] [yocto] Yocto Project Status WW46'19

2019-11-14 Thread akuster808
Hello Stephen, On 11/12/19 7:47 AM, sjolley.yp...@gmail.com wrote: > > Current Dev Position: YP 3.1 M1  > > Next Deadline: YP 3.1 M1 build Dec. 2, 2019 > >   > > SWAT Team Rotation: > > * SWAT lead is currently: Anuj  > * SWAT team rotation: Anuj -> Chen on Nov. 15, 2019 > * SWAT team

Re: [OE-core] [PATCH] bind: Whitelist CVE-2019-6470

2019-11-14 Thread akuster808
On 11/14/19 4:51 AM, Adrian Bunk wrote: > On Thu, Nov 14, 2019 at 12:04:40PM +, Ross Burton wrote: >> On 13/11/2019 08:19, Adrian Bunk wrote: >>> +# Affects: Builds of dhcpd versions prior to version 4.4.1 when using BIND >>> versions 9.11.2 or later >>> +CVE_CHECK_WHITELIST +=

Re: [OE-core] [PATCH 04/20] OEQA: update ltp runtimes to use new structure

2019-11-13 Thread akuster808
On 11/13/19 5:53 PM, Mittal, Anuj wrote: > Hi Armin > > On Mon, 2019-11-11 at 20:33 -0800, Armin Kuster wrote: >> # LTP runtime tests >> @OETestDepends(['ssh.SSHTest.test_ssh']) >> @OEHasPackage(["ltp"]) >> @@ -111,8 +34,10 @@ class LtpTest(LtpTestBase): >>

[OE-core] OEDeM minutes clarification regarding stable branch update frequency

2019-11-13 Thread akuster808
Hello, Reading through the 2019 OEDeM minutes, I saw a statement regarding a more regular update frequency on the stable branches. Based on Richard's response I could not tell if it is regarding merge frequency  to mainline or more dot releases? Since I was not present at the meeting, can someone

Re: [OE-core] [PATCH 14/20] OEQA: move manual bash test to runtime

2019-11-12 Thread akuster808
On 11/12/19 5:33 PM, Mittal, Anuj wrote: > On Mon, 2019-11-11 at 20:33 -0800, Armin Kuster wrote: >> + >> +class Bsp(OESelftestTestCase): >> +def test_bash_installed(self): >> +""" >> +Summary:The purpose of this test case is to verify >> that bash >> +

Re: [OE-core] [PATCH] pseudo: Add statx support to fix fedora30 issues

2019-11-12 Thread akuster808
On 11/12/19 1:46 PM, Peter Kjellerstedt wrote: >> -Original Message- >> From: openembedded-core-boun...@lists.openembedded.org > boun...@lists.openembedded.org> On Behalf Of Richard Purdie >> Sent: den 7 november 2019 21:53 >> To: Seebs >> Cc: openembedded-core@lists.openembedded.org

Re: [OE-core] [PATCH 5/5] cve-update-db-native: don't refresh more than once an hour

2019-11-11 Thread akuster808
On 11/7/19 3:58 PM, Ross Burton wrote: > We already fetch the yearly CVE metadata and check that for updates before > downloading the full data, but we can speed up CVE checking further by only > checking the CVE metadata once an hour. > > Signed-off-by: Ross Burton > --- >

Re: [OE-core] [PATCH] sqlite3: Drop pic as we no longer need the sqlite3 static lib

2019-11-11 Thread akuster808
On 11/11/19 5:21 AM, Richard Purdie wrote: > This was added in: > https://git.openembedded.org/openembedded-core/commit/?id=6a58e12d19c539deac9e90679a68438497a42fa4 > but is no longer needed now pseudo doesn't use sqlite's static lib. > > Signed-off-by: Richard Purdie > --- >

Re: [OE-core] maintaining sumo (was Re: [PATCH][thud] cve-check: backport rewrite from master)

2019-11-11 Thread akuster808
On 11/6/19 11:59 PM, mikko.rap...@bmw.de wrote: > Hi, > > On Wed, Nov 06, 2019 at 05:53:27PM +, Richard Purdie wrote: >> On Wed, 2019-11-06 at 16:06 +, mikko.rap...@bmw.de wrote: >>> Hi, >>> >>> On Wed, Nov 06, 2019 at 02:59:16PM +, Ryan Harkin wrote: Hi Ross/Richard,

Re: [OE-core] [warrior][PATCH] python3: Upgrade 3.7.4 -> 3.7.5

2019-11-10 Thread akuster808
On 11/5/19 1:44 PM, Adrian Bunk wrote: > 3.7.5 also includes the fixes for CVE-2019-16056 and CVE-2019-16935. I see a patch is being updated. Reason not noted in commit message. Also, do you have any issue if I backport the other py3 bugfixes in zeus? - Armin > > Signed-off-by: Adrian Bunk

Re: [OE-core] [warrior][PATCHv2 0/9] Backport relevant changes from Zeus

2019-11-10 Thread akuster808
On 11/5/19 2:08 PM, Peter Kjellerstedt wrote: > This patch set contains backports of our changes from Zeus that are > relevant for Warrior. > > PATCHv2: Add a backported patch from meson 0.50 to allow > _args and _link_args properties, e.g., > c_link_args, in meson.cross to be specified as

Re: [OE-core] [PATCH RFC CFH][sumo 00/47] CVE check backport

2019-11-07 Thread akuster808
On 11/7/19 7:03 AM, Richard Purdie wrote: > On Wed, 2019-11-06 at 13:46 -0800, akuster808 wrote: >> On 11/6/19 7:37 AM, Mikko Rapeli wrote: >> QA resources have been a donation from Intel and Windriver above >> their membership fees. I don't fee right asking them to run Q

Re: [OE-core] [PATCH RFC CFH][sumo 00/47] CVE check backport

2019-11-06 Thread akuster808
Hello Mikko; On 11/6/19 7:37 AM, Mikko Rapeli wrote: > Hi, > > Request for comments, call for help, LTS too? > > Yocto 2.5 sumo isn't actively maintained by the Yocto Project > anymore. But that does not mean that support for it > needs to stop. > > I use sumo and due to various reasons like BSP

Re: [OE-core] Yocto Project Status WW44’19

2019-10-29 Thread akuster808
On 10/29/19 5:12 PM, Stephen K Jolley wrote: > > Current Dev Position: YP 3.1 M1  > > Next Deadline: YP 3.1 M1 build Dec. 2, 2019 > I noticed there is no 3.0.1 schedule.  Can we try for early December? > > SWAT Team Rotation: > > * > > SWAT lead is currently: Amanda > > * > > SWAT

Re: [OE-core] [zeus 18/28] cmake.bbclass: add HOSTTOOLS_DIR to CMAKE_FIND_ROOT_PATH

2019-10-29 Thread akuster808
On 10/29/19 9:31 PM, Khem Raj wrote: > > > On Tue, Oct 29, 2019 at 9:19 AM Richard Purdie > > wrote: > > On Fri, 2019-10-25 at 23:49 -0700, Armin Kuster wrote: > > From: Michael Ho mailto:michael...@bmw.de>> > > > > The find_program

[OE-core] Stable warrior decision

2019-10-28 Thread akuster808
I decided to mark the qemu virgl issue on FC30 as a known issue as we saw it fail in 2.7.1. https://autobuilder.yocto.io/pub/releases/yocto-2.7.1.rc1/testresults/oe-selftest-fedora/testresults.json regards. Armin -- ___ Openembedded-core mailing

Re: [OE-core] qemu rebuild contamination

2019-10-27 Thread akuster808
On 10/27/19 12:26 PM, Khem Raj wrote: > > > On Sun, Oct 27, 2019 at 7:19 PM Richard Purdie > <mailto:richard.pur...@linuxfoundation.org>> wrote: > > On Sun, 2019-10-27 at 07:56 -0700, akuster808 wrote: > > > > On 10/27/19 2:57 AM, Richard P

Re: [OE-core] State of stable warrior in Core/bitbake/YP layers

2019-10-27 Thread akuster808
On 10/27/19 4:03 AM, Alexander Kanavin wrote: > On Sun, 27 Oct 2019 at 09:13, akuster808 <mailto:akuster...@gmail.com>> wrote: > > Of the past month the warrior stable branch has been plagued with a > build failure on FedoraCore30 regarding qemu virgl tests.

Re: [OE-core] qemu rebuild contamination

2019-10-27 Thread akuster808
On 10/27/19 2:57 AM, Richard Purdie wrote: > I've been trying to figure out why we get a weird build failure with > hash equivalence enabled. Armin has also been searching for an odd > issue with warrior and the qemu tests. I may have a lead. > > If you build a standard qemu: > > "bitbake

Re: [OE-core] [warrior][PATCH 0/8] Backport relevant changes from Zeus

2019-10-27 Thread akuster808
Peter, On 10/16/19 9:30 AM, Peter Kjellerstedt wrote: > This patch set contains backports of our changes from Zeus that are > relevant for Warrior. > > //Peter > > The following changes since commit 79a850a10a4b88a6d20d607b322542f947874323: > > conf/poky: add Fedora 30 and Opensuse Leap 15.1

[OE-core] State of stable warrior in Core/bitbake/YP layers

2019-10-27 Thread akuster808
Hello, Of the past month the warrior stable branch has been plagued with a build failure on FedoraCore30 regarding qemu virgl tests. This has caused the slip of the next dot release to occur after Thud's. https://bugzilla.yoctoproject.org/show_bug.cgi?id=13543 The error message was this:

Re: [OE-core] [PATCH] libcap-ng:upgrade 0.7.9 -> 0.7.10

2019-10-26 Thread akuster808
On 10/25/19 2:38 PM, Trevor Woerner wrote: > On Fri 2019-10-25 @ 01:24:51 PM, Trevor Woerner wrote: >> On Fri 2019-10-25 @ 07:37:34 AM, akuster808 wrote: >>> is someone going to send a patch? >> Yes, I'm working on that now. This looks like something that should be fixe

Re: [OE-core] [PATCH 1/1] openssl: make OPENSSL_ENGINES match install path

2019-10-25 Thread akuster808
On 10/25/19 1:16 PM, George McCollister wrote: > Can we get 59565fec0b3f3e24eb01c03b671913599cd3134d cherry-picked to > warrior now that this has landed in master? once it makes it into zeus mainline. Its staged @ https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/zeus-nmut 

Re: [OE-core] [thud][PATCH] systemd: Security fixes for CVE

2019-10-25 Thread akuster808
On 10/16/19 2:16 PM, Muminul Islam wrote: > CVE: CVE-2019-3842 CVE-2019-3843 CVE-2019-3844 > > Upstream-Status: Backport Warrior needs these fixes before thud mainline can be fixed. - armin > > Signed-off-by: Muminul Islam > --- > .../systemd/systemd/CVE-2019-3842.patch | 59 + >

Re: [OE-core] [thud][PATCH] curl: Security fix for CVE-2019-5481

2019-10-25 Thread akuster808
On 10/16/19 2:10 PM, Muminul Islam wrote: > CVE: CVE-2019-5481 > > Upstream-Status: Backport Warrior needs to be fixed before I can get this in mainline thud. - Armin > > Signed-off-by: Muminul Islam > --- > .../curl/curl/CVE-2019-5481.patch | 52 +++ >

Re: [OE-core] [zeus][PATCH v3] binutils: fix CVE-2019-17450

2019-10-25 Thread akuster808
On 10/25/19 5:22 AM, Trevor Gamblin wrote: > Backport upstream fix to zeus. > > Signed-off-by: Trevor Gamblin Does this affect Master? - armin > --- > .../binutils/binutils-2.32.inc| 1 + > .../binutils/binutils/CVE-2019-17450.patch| 99 +++ > 2 files

Re: [OE-core] [PATCH] libcap-ng:upgrade 0.7.9 -> 0.7.10

2019-10-25 Thread akuster808
On 10/25/19 6:44 AM, Trevor Woerner wrote: > On Fri 2019-10-25 @ 09:22:04 AM, Trevor Woerner wrote: >> On Thu 2019-10-24 @ 04:05:10 PM, Khem Raj wrote: >>> perhaps you need to add -pthread to LDFLAGS >> I'll set up a test build. > Yes, adding the following line fixes it: > >

Re: [OE-core] [PATCH] libcap-ng:upgrade 0.7.9 -> 0.7.10

2019-10-24 Thread akuster808
On 10/24/19 6:37 AM, Trevor Gamblin wrote: > > On 10/24/19 9:06 AM, Trevor Woerner wrote: > >> This upgrade caused my build to fail :-( >> Is anyone else seeing this? Me too but only on my older ubunto 16.04. we should bug this. If no one does by Friday night I will. - armin >> 22:47:40

Re: [OE-core] [PATCH] unfs3: fixed the issue that unfsd consumes 100% CPU

2019-10-23 Thread akuster808
On 10/23/19 7:33 PM, Haiqing Bai wrote: > The 'accept' function on the socket of unfsd daemon > is always in below error state: > accept(4, 0x7ffd5e6dddc0, [128]) = -1 EINVAL (Invalid argument) > accept(6, 0x7ffd5e6dddc0, [128]) = -1 EINVAL (Invalid argument) with backport to zeus? > > And

Re: [OE-core] [PATCH] systemtap: support usrmerge

2019-10-23 Thread akuster808
On 10/23/19 1:25 PM, Alessio Igor Bogani wrote: > Signed-off-by: Alessio Igor Bogani Thanks for the patch.  Could you comment on this open Yocto bug? https://bugzilla.yoctoproject.org/show_bug.cgi?id=4442 I think its fixed but would like someone who is using it to comment. - armin > --- >

Re: [OE-core] new meta-oe failures from master-next

2019-10-23 Thread akuster808
On 10/23/19 6:05 AM, Khem Raj wrote: > here is AB failure link > > https://autobuilder.yoctoproject.org/typhoon/#/builders/88/builds/56 Your builds are also archived on wiki https://wiki.yoctoproject.org/wiki/BuildLog > > On Wed, Oct 23, 2019 at 2:03 PM Khem Raj wrote: >> Hi Richard >> >>

Re: [OE-core] [PATCH] connman: mark connman-wait-online as SYSTEMD_PACKAGE

2019-10-21 Thread akuster808
On 10/21/19 3:46 AM, André Draszik wrote: > The connman-wait-online package currently isn't marked as > systemd-enabled package. This means it is impossible to > auto-enable the service during image creation or package > installation, as no preset files and no pkg_postinst() > snippet is being

Re: [OE-core] Help with intermittent autobuilder exposed bugs

2019-10-20 Thread akuster808
On 10/20/19 5:54 AM, Richard Purdie wrote: > We have a situation brewing on the autobuilder. Each run there are some > bugs which sometimes can appear. Law of averages says one or more of > the issues below will now appear as we have so many of them. The > project's standard processes aren't

Re: [OE-core] [zeus][PATCH] libgcrypt: fix CVE-2019-13627

2019-10-19 Thread akuster808
On 10/18/19 12:32 PM, Trevor Gamblin wrote: > Note that there are two patch files added for this fix. Queued up while we sort out the maintainer. https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/zeus-nmut > > Signed-off-by: Trevor Gamblin > --- >

Re: [OE-core] [thud][PATCH] Revert "OpkgPM: use --add-ignore-recommends to process BAD_RECOMMENDATIONS"

2019-10-18 Thread akuster808
On 10/18/19 10:58 AM, Alejandro Del Castillo wrote: > > On 10/17/19 3:01 PM, Denys Dmytriyenko wrote: >> On Thu, Oct 17, 2019 at 12:21:11PM -0700, akuster808 wrote: >>> On 10/17/19 11:42 AM, Denys Dmytriyenko wrote: >>>> Thank you for this revert! I've been pul

Re: [OE-core] [thud][PATCH] Revert "OpkgPM: use --add-ignore-recommends to process BAD_RECOMMENDATIONS"

2019-10-17 Thread akuster808
On 10/17/19 11:42 AM, Denys Dmytriyenko wrote: > Thank you for this revert! I've been pulling my hair out past couple days > figuring out why BAD_RECOMMENDATIONS stopped working for us. This fixed it. > What I find curious is that the offending commit has been in thud since July 29th and we

Re: [OE-core] [warrior][PATCH 7/8] devtool: finish: Add suppport for the --no-clean option

2019-10-16 Thread akuster808
On 10/16/19 9:30 AM, Peter Kjellerstedt wrote: > From: Peter Kjellerstedt > > This works just like the already existing --no-clean option to the > `devtool reset` command. what problem is this solving in warrior? -a rmin > > Signed-off-by: Peter Kjellerstedt > Signed-off-by: Richard Purdie >

Re: [OE-core] [warrior][PATCH 1/8] meson.bbclass: Remove the MESON_*_ARGS variables

2019-10-16 Thread akuster808
On 10/16/19 9:30 AM, Peter Kjellerstedt wrote: > From: Peter Kjellerstedt > > The options in ${HOST_CC_ARCH}${TOOLCHAIN_OPTIONS} are already passed > via ${CC}/${CXX} and there is no reason to pass them a second time. Thus > we can remove MESON_TOOLCHAIN_ARGS. And when it is removed, the other

Re: [OE-core] [thud][PATCH v2] sqlite3: CVE fix

2019-10-15 Thread akuster808
On 10/14/19 1:22 PM, shuag...@gmail.com wrote: > From: Shubham Agrawal > > CVE:CVE-2019-161680 Does not match patch name. > Status: Backport > > whitelist as changes already there due to previous patches in upstream > CVE:CVE-2018-20346 > Status: Backported > > Sign off: Shubham

Re: [OE-core] [thud][PATCH] kernel.bbclass: fix installation of modules signing certificates

2019-10-12 Thread akuster808
On 10/11/19 1:15 AM, Nicolas Dechesne wrote: > From: Dmitry Eremin-Solenikov > > If one has provided external key/certificate for modules signing, Kbuild > will skip creating signing_key.pem and will write only signing_key.x509 > certificate. Thus we have to check for .x509 file existence

Re: [OE-core] [warrior][PATCH] kernel.bbclass: fix installation of modules signing certificates

2019-10-12 Thread akuster808
On 10/11/19 1:16 AM, Nicolas Dechesne wrote: > From: Dmitry Eremin-Solenikov > > If one has provided external key/certificate for modules signing, Kbuild > will skip creating signing_key.pem and will write only signing_key.x509 > certificate. Thus we have to check for .x509 file existence

Re: [OE-core] [PATCH 10/19] gtk-doc: upgrade 1.31 -> 1.32

2019-10-11 Thread akuster808
On 10/11/19 4:47 AM, Alexander Kanavin wrote: > Signed-off-by: Alexander Kanavin > --- > meta/recipes-gnome/gtk-doc/files/pkg-config-native.patch | 2 +- > .../gtk-doc/{gtk-doc_1.31.bb => gtk-doc_1.32.bb} | 4 ++-- > 2 files changed, 3 insertions(+), 3 deletions(-) > rename

Re: [OE-core] [PATCH] uninative: check .done file instead of tarball

2019-10-11 Thread akuster808
On 10/11/19 2:06 AM, Stefan Agner wrote: > From: Stefan Agner > > In case multiple builds share UNINATIVE_DLDIR's location, one build > might be in the process of downloading the tarball while another is > just checking whether the tarball exists. Check for the done file > instead and rely on

Re: [OE-core] [PATCH RESEND] gdb: Bump from 8.3 to 8.3.1

2019-10-08 Thread akuster808
On 10/8/19 8:50 AM, Alistair Francis wrote: > Signed-off-by: Alistair Francis > --- > .../gdb/{gdb-8.3.inc => gdb-8.3.1.inc}| 5 +- > ...ian_8.3.bb => gdb-cross-canadian_8.3.1.bb} | 0 > .../{gdb-cross_8.3.bb => gdb-cross_8.3.1.bb} | 0 > .../gdb/gdb/CVE-2017-9778.patch

[OE-core] stable branch status

2019-10-07 Thread akuster808
Hello, Over the weekend I ran into build issues on some hosts in the YP AB. Some of these issue are do to host glibc 2.30.  Warrior is less affected than thud. This might add a delay in getting the current queued patches merged to mainline. If you sent patches for backport, you can see

Re: [OE-core] [thud][PATCH] sqlite3: CVE-2019-8457.patch fix Backport from 3.28.0 Sign off: Shubham Agrawal

2019-10-06 Thread akuster808
On 10/1/19 11:12 AM, shuag...@gmail.com wrote: > From: Shubham Agrawal I cleaned up the patch to conform to the patch guide. see https://git.openembedded.org/openembedded-core-contrib/commit/?h=stable/thud-nmut=c0c66d213b4b6deb0a5e9a688810d2e9674d3ecf   as an example of what was meant. -

Re: [OE-core] [thud][PATCH v5] gcc: Security fix for CVE:

2019-10-06 Thread akuster808
On 9/19/19 8:07 PM, Muminul Islam wrote: > Signed-off-by: Muminul Islam > --- > meta/recipes-devtools/gcc/gcc-8.2.inc | 3 + > .../gcc/gcc-8.2/CVE-2019-15847_p1.patch | 223 ++ > .../gcc/gcc-8.2/CVE-2019-15847_p2.patch | 47 >

Re: [OE-core] [warrior][PATCH] systemd: Expose resolv-conf alternative only when resolved is built

2019-10-06 Thread akuster808
On 10/4/19 12:47 AM, Alexandre Bard wrote: > When systemd is built without internal resolver, it does not make > sense to expose it as a resolv-conf alternative and can even break > images where this alternative would be chosen, because of an > invalid symlink. Does Master have this issue? -

Re: [OE-core] [warrior] 0/8] Patch review

2019-10-06 Thread akuster808
On 10/6/19 9:38 AM, Martin Jansa wrote: > Can you please add: > http://git.openembedded.org/openembedded-core/commit/?id=f7a470531d4bcc2888cbb9a7b197b86174f3aba2 > > it does apply cleanly in warrior. queued up. thanks > > Thanks > > On Sun, Oct 6, 2019 at 5:24 PM Armin Kuster

Re: [OE-core] [warrior][PATCH] qemu: Fix CVE-2019-8934

2019-10-05 Thread akuster808
On 9/25/19 10:05 AM, msft.dant...@gmail.com wrote: > From: Dan Tran > > Signed-off-by: Dan Tran > --- > meta/recipes-devtools/qemu/qemu.inc | 3 +- > .../qemu/qemu/CVE-2019-8934.patch | 215 ++ > 2 files changed, 217 insertions(+), 1 deletion(-) >

[OE-core] Patchwork and stable branches

2019-10-05 Thread akuster808
My apologies for cross posting. I have noticed some behavior I was not expecting with OE's Patchwork in that it is hiding patches.  I don't know if this is by design or a bug in our Patchwork. When a series of patches are submitted to the mailing list and are same fix but against different

Re: [OE-core] [thud][PATCH v2] libsolv: Security fix for CVEs:

2019-10-05 Thread akuster808
On 10/3/19 1:43 PM, Muminul Islam wrote: > Signed-off-by: Muminul Islam > --- > ...0003-Fix-Dereference-of-null-pointer.patch | 26 +++ > .../0004-Fix-Add-va_end-before-return.patch | 28 > .../libsolv/0005-Fix-Memory-leaks.patch | 151 ++ >

Re: [OE-core] 3.0 release notes / migration guide

2019-10-02 Thread akuster808
On 10/2/19 3:57 PM, Paul Eggleton wrote: > On Thursday, 3 October 2019 11:44:53 AM NZDT akuster808 wrote: >> On 10/2/19 3:20 PM, Paul Eggleton wrote: >>> So it's that time again - we need to start building up the raw material for >>> the release notes and migration

Re: [OE-core] 3.0 release notes / migration guide

2019-10-02 Thread akuster808
Paul, On 10/2/19 3:20 PM, Paul Eggleton wrote: > Hi folks > > So it's that time again - we need to start building up the raw material for > the release notes and migration guide for the upcoming 3.0 release, and I'd > like to request some help with some parts of it - read on for details. > >

Re: [OE-core] [warrior][PATCH] python: update to 3.7.3

2019-10-01 Thread akuster808
On 10/1/19 12:58 PM, Adrian Bunk wrote: > From: Alexander Kanavin > > License-update: copyright years is this a bugfix only? its not mentioned. - armin > > Signed-off-by: Alexander Kanavin > Signed-off-by: Richard Purdie > [ Backported patches removed. ] > Signed-off-by: Adrian Bunk > ---

Re: [OE-core] [warrior][PATCH] kernel-uboot: compress arm64 kernels

2019-09-26 Thread akuster808
On 9/25/19 2:32 AM, Bedel, Alban wrote: > On Wed, 2019-09-25 at 08:49 +, Bonnans, Laurent wrote: >> On 9/25/19 2:23 AM, akuster808 wrote: >> >>> On 9/24/19 12:23 AM, Bedel, Alban wrote: >>>> On Tue, 2019-09-03 at 09:41 +, Bedel, Alban wrote: >>&g

Re: [OE-core] [oe-core][PATCH] unzip: Fix CVE-2019-13232

2019-09-26 Thread akuster808
Dan, On 9/26/19 4:11 PM, msft.dant...@gmail.com wrote: > From: Dan Tran > > Signed-off-by: Dan Tran > --- > .../unzip/unzip/CVE-2019-13232_p1.patch | 33 ++ > .../unzip/unzip/CVE-2019-13232_p2.patch | 356 ++ > .../unzip/unzip/CVE-2019-13232_p3.patch | 121

Re: [OE-core] Yocto Project Status WW39’19

2019-09-25 Thread akuster808
On 9/24/19 6:50 PM, ChenQi wrote: > On 09/24/2019 10:50 PM, Stephen K Jolley wrote: >> >> Current Dev Position: YP 2.8 M4 Feature Freeze >> >> Next Deadline: YP 3.0 Final Release 25th Oct >> >> >> SWAT Team Rotation: >> >> * >> >> SWAT lead is currently: Amanda  >> >> * >> >> SWAT team

Re: [OE-core] [warrior][ 25/50] boost: Fix build and enable context and coroutines on aarch64

2019-09-24 Thread akuster808
On 9/23/19 8:37 PM, Andre McCurdy wrote: > On Mon, Sep 23, 2019 at 7:52 PM Armin Kuster wrote: >> From: "Bedel, Alban" >> >> Like for ARM bjam need some hints about the ABI to properly build on >> aarch64. While at it also enable context and coroutine as these are >> supported on aarch64. >

Re: [OE-core] [warrior][PATCH] kernel-uboot: compress arm64 kernels

2019-09-24 Thread akuster808
On 9/24/19 12:23 AM, Bedel, Alban wrote: > On Tue, 2019-09-03 at 09:41 +, Bedel, Alban wrote: >> On Wed, 2019-07-31 at 13:53 +, Bedel, Alban wrote: >>> AArch64 images are not self-decompressing, thus usually much >>> larger. >>> Boot times can be reduced by compressing them in FIT and

Re: [OE-core] [thud][PATCH] qemu: Fix 4 CVEs

2019-09-23 Thread akuster808
On 9/20/19 11:46 AM, msft.dant...@gmail.com wrote: > From: Dan Tran > > Fixes CVE-2018-18954, CVE-2019-3812, CVE-2019-6778, and CVE-2019-8934. > Also deleted duplicated patch and cleanup. Some of these CVE's are not fixed in Warrior. I will need Warrior fixed prior to accepting this patch.

Re: [OE-core] [”OE-core][thud][PATCH”] elfutils: CVE fix for elfutils

2019-09-23 Thread akuster808
On 9/23/19 2:14 PM, shuag...@gmail.com wrote: > From: Shubham Agrawal > > CVE: CVE-2019-7664.patch > CVE: CVE-2019-7665.patch This is the third email patch on the same issues. Are they different? regards, Armin > > Sign off: Shubham Agrawal > --- >

Re: [OE-core] [thud][PATCH v2] libgpg-error: Fix build with gawk 5.x

2019-09-19 Thread akuster808
On 9/19/19 6:41 AM, Sean Nyekjaer wrote: > > > On 09/09/2019 20.29, Sean Nyekjaer wrote: >> Based on poky master, but for version 1.32 >> >> Signed-off-by: Sean Nyekjaer >> --- >>   .../libgpg-error-1.32-gawk5-support.patch | 161 ++ >>   .../libgpg-error/libgpg-error_1.32.bb 

Re: [OE-core] [PATCH] libmpc: Remove dead UPSTREAM_CHECK_URI

2019-09-18 Thread akuster808
On 9/18/19 11:28 AM, Adrian Bunk wrote: > Signed-off-by: Adrian Bunk > --- > meta/recipes-support/libmpc/libmpc_1.1.0.bb | 2 -- > 1 file changed, 2 deletions(-) > > diff --git a/meta/recipes-support/libmpc/libmpc_1.1.0.bb > b/meta/recipes-support/libmpc/libmpc_1.1.0.bb > index

Re: [OE-core] [thud][PATCH v2] gcc: CVE fix for gcc

2019-09-17 Thread akuster808
On 9/16/19 10:31 PM, mikko.rap...@bmw.de wrote: > On Mon, Sep 16, 2019 at 08:37:28PM +, Muminul Islam wrote: >> Signed-off-by: Muminul Islam >> --- >> meta/recipes-devtools/gcc/gcc-8.2.inc | 2 + >> .../gcc/gcc/0042-CVE-2019-15847_1.patch | 570 >>

Re: [OE-core] [thud][PATCH v2] gcc: CVE fix for gcc

2019-09-17 Thread akuster808
On 9/16/19 1:37 PM, Muminul Islam wrote: > Signed-off-by: Muminul Islam > --- > meta/recipes-devtools/gcc/gcc-8.2.inc | 2 + > .../gcc/gcc/0042-CVE-2019-15847_1.patch | 570 > .../gcc/gcc/0043-CVE-2019-15847_2.patch | 640 ++ > 3 files

Re: [OE-core] [thud][PATCH] gcc: CVE fix

2019-09-16 Thread akuster808
On 9/16/19 10:53 AM, Muminul Islam wrote: > Signed-off-by: Muminul Islam > --- > .../gcc/gcc/CVE-2019-15847.patch | 642 ++ > meta/recipes-devtools/gcc/gcc_8.2.bb | 4 + > 2 files changed, 646 insertions(+) Is there a master and warrior fix in the OE

Re: [OE-core] [PATCH v3] systemd: upgrade to 243

2019-09-14 Thread akuster808
On 9/13/19 4:26 PM, Scott Murray wrote: > PATCH REBASED: > == > 0001-binfmt-Don-t-install-dependency-links-at-install-tim.patch > 0001-do-not-disable-buffer-in-writing-files.patch > 0002-use-lnr-wrapper-instead-of-looking-for-relative-opti.patch >

Re: [OE-core] [PATCH v3] systemd: upgrade to 243

2019-09-13 Thread akuster808
On 9/13/19 4:26 PM, Scott Murray wrote: > PATCH REBASED: > == > 0001-binfmt-Don-t-install-dependency-links-at-install-tim.patch > 0001-do-not-disable-buffer-in-writing-files.patch > 0002-use-lnr-wrapper-instead-of-looking-for-relative-opti.patch >

Re: [OE-core] [PATCH v2] systemd: upgrade to 243

2019-09-13 Thread akuster808
On 9/13/19 3:28 PM, Scott Murray wrote: > On Sat, 14 Sep 2019, Adrian Bunk wrote: > >> On Fri, Sep 13, 2019 at 05:58:09PM -0400, Scott Murray wrote: >>> ... >>> --- /dev/null >>> +++ >>> b/meta/recipes-core/systemd/systemd/0002-src-login-brightness.c-include-wait.h.patch >>> @@ -0,0 +1,25 @@

Re: [OE-core] [PATCH v2] curl: update to 7.66.0

2019-09-13 Thread akuster808
On 9/13/19 12:17 PM, Oleksandr Kravchuk wrote: > Signed-off-by: Oleksandr Kravchuk What is in Version 2? > --- > meta/recipes-support/curl/{curl_7.65.3.bb => curl_7.66.0.bb} | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > rename meta/recipes-support/curl/{curl_7.65.3.bb =>

Re: [OE-core] [PATCHv2] timezone:upgrade 2019b -> 2019c

2019-09-12 Thread akuster808
On 9/12/19 7:28 AM, Adrian Bunk wrote: > On Thu, Sep 12, 2019 at 07:10:08AM -0700, akuster808 wrote: >> >> On 9/11/19 11:52 PM, Zang Ruochen wrote: >>> -tzdata : upgrade from 2019b to 2019c. >>> >>> -tzcode-native : upgrade from 2019b to 2019c. >&

Re: [OE-core] [PATCHv2] timezone:upgrade 2019b -> 2019c

2019-09-12 Thread akuster808
On 9/11/19 11:52 PM, Zang Ruochen wrote: > -tzdata : upgrade from 2019b to 2019c. > > -tzcode-native : upgrade from 2019b to 2019c. > > -tzdata.bb and tzcode-native.bb require timezone.inc. Not exactly what I had in mind.  When there is a TZ update they send out what changed any why.  It looks

Re: [OE-core] [PATCH] timezone:upgrade 2019b -> 2019c

2019-09-12 Thread akuster808
On 9/11/19 6:29 PM, Zang Ruochen wrote: > Signed-off-by: Zang Ruochen What is in the update? - Armin > --- > meta/recipes-extended/timezone/timezone.inc | 10 +- > 1 file changed, 5 insertions(+), 5 deletions(-) > > diff --git a/meta/recipes-extended/timezone/timezone.inc >

Re: [OE-core] [thud][PATCH] python3: Fix CVEs

2019-09-10 Thread akuster808
Dan, On 9/10/19 4:45 PM, msft.dant...@gmail.com wrote: > From: Dan Tran > > Fixes CVE-2018-14647, CVE-2018-20406, CVE-2018-20852, CVE-2019-9636, > CVE-2019-9740, and CVE-2019-9747. > --- > .../python/python3/CVE-2018-14647.patch| 95 + >

Re: [OE-core] [thud] binutils: Fix 4 CVEs

2019-09-09 Thread akuster808
On 9/9/19 10:31 AM, msft.dant...@gmail.com wrote: > From: Dan Tran > > Fixes CVE-2018-20623, CVE-2018-20651, CVE-2018-20-671, and > CVE-2018-1000876 for binutils 2.31.1. thanks. in thud test stagging.( contrib: stable/thud-nmut ) - armin > > Signed-off-by: Dan Tran > --- >

Re: [OE-core] [warrior][PATCH] libgpg-error: Fix build with gawk 5.x

2019-09-09 Thread akuster808
On 9/8/19 10:31 AM, Sean Nyekjaer wrote: > Based on poky master, but for version 1.35 thanks. can you include the patch fixup in master too?

Re: [OE-core] [warrior 18/43] systemd: Backport OpenSSL BUF_MEM fix

2019-09-04 Thread akuster808
On 9/4/19 4:56 AM, Adrian Bunk wrote: > Please drop this one, see > https://github.com/systemd/systemd/pull/12802 got it. Dropped. Thanks, Armin > > cu > Adrian > -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org

Re: [OE-core] OEDEM 2019

2019-09-03 Thread akuster808
On 9/3/19 8:37 AM, Ruslan Bilovol wrote: > Hi Philip, > > I can see now this event in the list of ELCE co-located events. > Is day 2 track track 2 (Yocto Project and OE maintainers meeting) > restricted to attend to mainatainers only, or regular OE developers > can also join? Anyone can signup. 

Re: [OE-core] Summary of M3 status

2019-09-03 Thread akuster808
On 9/3/19 5:39 AM, Bruce Ashfield wrote: > On Tue, Sep 3, 2019 at 4:10 AM Richard Purdie > wrote: >> I'm going to summarise the current state as it will help people see the >> set of issues we have. We have three issues blocking the current patch >> queue and kernel uprev, spread over four

Re: [OE-core] Summary of M3 status

2019-09-03 Thread akuster808
On 9/3/19 8:36 AM, Bruce Ashfield wrote: > On Tue, Sep 3, 2019 at 11:15 AM Bruce Ashfield > wrote: >> On Tue, Sep 3, 2019 at 11:09 AM akuster808 wrote: >>> >>> >>> On 9/3/19 1:10 AM, Richard Purdie wrote: >>>> I'm going to summarise the cu

Re: [OE-core] Summary of M3 status

2019-09-03 Thread akuster808
On 9/3/19 1:10 AM, Richard Purdie wrote: > I'm going to summarise the current state as it will help people see the > set of issues we have. We have three issues blocking the current patch > queue and kernel uprev, spread over four machines and five autobuilder > targets: > > qemumips64: > >

Re: [OE-core] [PATCH] gcc-9.2: Security fix for CVE-2019-14250

2019-09-02 Thread akuster808
On 9/2/19 5:40 AM, Adrian Bunk wrote: > On Sun, Sep 01, 2019 at 10:07:13AM -0700, akuster808 wrote: >> >> On 9/1/19 7:05 AM, Adrian Bunk wrote: >>> thud and zeus are providing 2 gcc versions each that need fixing. >> That is a true statement. What are you expect

Re: [OE-core] qemu-native fix for latest kernel update

2019-09-02 Thread akuster808
Benjamin, On 9/2/19 8:09 AM, Benjamin Esquivel wrote: > qemu-native fix for latest kernel update > > Thanks Armin for sending the fix for the latest kernel updates, my > build strangely started failing about a week or 2 ago after the latest > dnf update. > Glad it fixed your issue. Thanks for

Re: [OE-core] [PATCH] gcc-9.2: Security fix for CVE-2019-14250

2019-09-02 Thread akuster808
On 9/2/19 5:40 AM, Adrian Bunk wrote: > On Sun, Sep 01, 2019 at 10:07:13AM -0700, akuster808 wrote: >> >> On 9/1/19 7:05 AM, Adrian Bunk wrote: >>> thud and zeus are providing 2 gcc versions each that need fixing. >> That is a true statement. What are you expect

Re: [OE-core] [PATCH] gcc-9.2: Security fix for CVE-2019-14250

2019-09-01 Thread akuster808
On 9/1/19 7:05 AM, Adrian Bunk wrote: > thud and zeus are providing 2 gcc versions each that need fixing. That is a true statement. What are you expecting? - armin > > cu > Adrian > -- ___ Openembedded-core mailing list

Re: [OE-core] [PATCH] Remove LSB support

2019-08-25 Thread akuster808
On 8/25/19 10:21 AM, Adrian Bunk wrote: > The only part with some (marginal) usage is lsb_release, > which is split from the lsb package into an own lsb-release > package. Thank you for doing this work. There was talk about creating a layer for those folks needing lsb support. This helps

Re: [OE-core] [PATCH v3] oeqa/kerneldevelopment: Able to apply a single patch to the Linux kernel source

2019-08-23 Thread akuster808
On 8/22/19 7:29 PM, mazliana.moha...@intel.com wrote: > From: Mazliana > > Purpose of kernel development is basically to customize our > own recipes kernel by reused existing recipes. >   > This is an initiative of automating manual kernel development > test cases. Applying a single patch to

Re: [OE-core] [warrior][PATCH 2/3] patch: fix CVE-2019-13638

2019-08-20 Thread akuster808
On 8/20/19 6:58 PM, Anuj Mittal wrote: > From: Trevor Gamblin > > (From OE-Core rev: b59b1222b3f73f982286222a583de09c661dc781) > > Signed-off-by: Trevor Gamblin > Signed-off-by: Richard Purdie never mind that was 636. - armin > ...-directly-instead-of-using-the-shell.patch | 44

Re: [OE-core] [warrior][PATCH 2/3] patch: fix CVE-2019-13638

2019-08-20 Thread akuster808
On 8/20/19 6:58 PM, Anuj Mittal wrote: > From: Trevor Gamblin > > (From OE-Core rev: b59b1222b3f73f982286222a583de09c661dc781) > > Signed-off-by: Trevor Gamblin > Signed-off-by: Richard Purdie this one is already stagged in warrior-nmut

Re: [OE-core] [warrior][PATCH] bitbake.conf: add git-lfs to HOSTTOOLS_NONFATAL

2019-08-15 Thread akuster808
On 8/15/19 2:31 PM, Andre McCurdy wrote: > On Thu, Aug 15, 2019 at 2:09 PM Richard Purdie > wrote: >> On Thu, 2019-08-15 at 09:23 +0200, Martin Jansa wrote: >>> NAK >>> >>> Yes, the first part was merged in warrior and is correct. >>> >>> But this second part isn't good (you don't want git-lfs

Re: [OE-core] [PATCH] libffi: Upgrade to 3.3-rc0

2019-08-14 Thread akuster808
On 8/14/19 3:29 PM, Khem Raj wrote: > libffi 3.1 release has been a bit aged and new architectures, compilers > have since been come on stage to compile it, we have been carrying > patches, but its better to use the latest 3.3 rc0 which has lot of these > issues handled and is in good shape.

Re: [OE-core] [thud][PATCH v2 1/4] curl: fix CVE-2018-16890 CVE-2019-3822 CVE-2019-3823

2019-08-14 Thread akuster808
On 8/13/19 4:25 PM, Kevin Weng via Openembedded-core wrote: > Signed-off-by: Kevin Weng > --- > .../curl/curl/CVE-2018-16890.patch| 50 + > .../curl/curl/CVE-2019-3822.patch | 47 > .../curl/curl/CVE-2019-3823.patch | 55

Re: [OE-core] [warrior][PATCH 01/11] binutils: fix CVE-2019-12972 CVE-2019-9071

2019-08-10 Thread akuster808
On 8/4/19 4:03 PM, Mittal, Anuj wrote: > Ping. Can this series be merged please? Working on them. > > On Thu, 2019-07-25 at 12:02 +0800, Anuj Mittal wrote: >> (From OE-Core rev: 093f0914f261a27d58ecba9c1e9d3b78a35af012) >> >> Signed-off-by: Anuj Mittal >> Signed-off-by: Richard Purdie >> ---

Re: [OE-core] [warrior][PATCH] qemu: fix CVE-2018-20815

2019-08-10 Thread akuster808
On 7/29/19 12:41 AM, Naveen Saini wrote: > Signed-off-by: Naveen Saini > --- > meta/recipes-devtools/qemu/qemu.inc | 1 + > .../qemu/qemu/CVE-2018-20815.patch| 39 +++ > 2 files changed, 40 insertions(+) This is causing build failures, see

Re: [OE-core] [PATCH] musl: Update to master tip

2019-08-06 Thread akuster808
Khem, do you know if this update includes  CVE-2019-14697? Fix: https://git.musl-libc.org/cgit/musl/patch/?id=f3ed8bfe8a82af1870ddc8696ed4cc1d5aa6b441 or https://git.musl-libc.org/cgit/musl/patch/?id=f3ed8bfe8a82af1870ddc8696ed4cc1d5aa6b441

  1   2   3   4   5   6   7   8   9   >