Signed-off-by: Lei Maohui
---
meta/recipes-support/gnutls/gnutls_3.7.4.bb | 17 +
1 file changed, 17 insertions(+)
diff --git a/meta/recipes-support/gnutls/gnutls_3.7.4.bb
b/meta/recipes-support/gnutls/gnutls_3.7.4.bb
index b34eb7f..5a34805 100644
---
What do those do_compile/do_install tweaks do, and why are they
necessary? Please explain, it seems like there might be a better way
to do this.
Alex
On Thu, 28 Apr 2022 at 09:34, leimaohui wrote:
>
> Signed-off-by: Lei Maohui
> ---
> meta/recipes-support/gnutls/gnutls_3.7.4.bb | 17
Hi,
Richard Purdie escreveu no dia quarta,
27/04/2022 à(s) 11:56:
> On Wed, 2022-04-27 at 11:37 +0100, Jose Quaresma wrote:
> > Hi,
> >
> > Richard Purdie escreveu no dia
> quarta,
> > 27/04/2022 à(s) 11:22:
> > > On Wed, 2022-04-27 at 08:47 +0200, Stefano Babic wrote:
> > >
> > >
> > >
> > >
On Wed, Apr 27, 2022 at 1:43 PM Ross Burton wrote:
> If a remote patch is compressed we need to have run the unpack task for
> the file to exist locally. Currently cve_check only depends on fetch so
> instead of erroring out, emit a warning that this file won't be scanned
> for CVE references.
On Wed, Apr 27, 2022 at 3:22 PM Ross Burton wrote:
> The only part of the cve-check task which needs files is the patch
> examination, and typically these patches are local so fetch isn't needed.
>
> Signed-off-by: Ross Burton
> ---
> meta/classes/cve-check.bbclass | 2 +-
> 1 file changed, 1
> On 28 Apr 2022, at 09:16, Marta Rybczynska wrote:
> A side-effect of this change is that we seem to not be downloading the NVD
> database
> anymore... This is probably not exactly what we want right now.
That’s unexpected, as the NVD fetch is in another recipe entirely.
Note that the NVD
RPi kernel has started building compressed kernel modules by default
starting 5.15, currenrly therefore meta-raspberrypi kernels are unable
to load kernel modules since kmod and kmod-native do not entertain xz
compressed modules. There is a fix proposed in meta-raspberrypi [1]
but the fix is
The gettext class is designed for use by applications with optional NLS
support: depending on the value of USE_NLS it will either depend on
gettext-minimal-native (just the autoconf macros) or gettext-native, and
will pass --enable-nls/--disable-nls as appropriate.
However, musl-locales
IMAGE_LINGUAS has a default value, "en-us en-gb" in
default-distrovars.inc and "de-de fr-fr en-gb" in image.bbclass. However,
poky-tiny sets USE_NLS=no so IMAGE_LINGUAS can't really be used in a tiny
context, and previously musl hasn't supported locales so this hasn't
been a problem.
However, now
Change the shell of all global static users other than root (which
retains /bin/sh) and sync (as /bin/sync is rather harmless) to
/sbin/nologin (as /usr/sbin/nologin does not exist in openembedded)
Upstream-Status: Backport
[https://launchpad.net/ubuntu/+source/base-passwd/3.5.30]
Signed-off-by:
> -Original Message-
> From: openembedded-core@lists.openembedded.org c...@lists.openembedded.org> On Behalf Of Jiaqing Zhao
> Sent: den 28 april 2022 11:50
> To: openembedded-core@lists.openembedded.org
> Cc: Jiaqing Zhao
> Subject: [OE-core] [PATCH v2] base-passwd: Disable shell for
Change the shell of all global static users other than root (which
retains /bin/sh) and sync (as /bin/sync is rather harmless) to
/sbin/nologin (as /usr/sbin/nologin does not exist in openembedded)
Upstream-Status: Backport
[https://launchpad.net/ubuntu/+source/base-passwd/3.5.30]
Signed-off-by:
sstate filename generation was changed a while ago and taskname has to be
passed into core functions for the correct filename to be generated. Update
find_siginfo to match those changes and pass in taskname via SSTATE_CURRTASK.
Thanks to Gregory Lumen for spotting.
[YOCTO #14774]
This is a minor feature and bugfix release. Changes include:
* curl: add %header{name} experimental support in -w handling
* curl: add %{header_json} experimental support in -w handling
* curl: add --no-clobber
* curl: add --remove-on-error
* header api: add curl_easy_header and
On Thu, 28 Apr 2022, at 07:26, Khem Raj wrote:
> RPi kernel has started building compressed kernel modules by default
> starting 5.15, currenrly therefore meta-raspberrypi kernels are unable
> to load kernel modules since kmod and kmod-native do not entertain xz
> compressed modules. There is a
From: Bruce Ashfield
Integrating the following commit(s) to linux-yocto/.:
bddb0e4921f base.cfg: enable kernel crypto userspace API
Signed-off-by: Alexander Kanavin
Signed-off-by: Bruce Ashfield
---
meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb | 2 +-
From: Bruce Ashfield
Updating linux-yocto/5.10 to the latest korg -stable release that comprises
the following commits:
1052f9bce629 Linux 5.10.112
5c62d3bf1410 ax25: Fix UAF bugs in ax25 timers
f934fa478dd1 ax25: Fix NULL pointer dereferences in ax25 timers
145ea8d213e8 ax25:
From: Bruce Ashfield
Updating linux-yocto/5.15 to the latest korg -stable release that comprises
the following commits:
06f50ca83ace Linux 5.15.33
541b7456fc4d PCI: xgene: Revert "PCI: xgene: Use inbound resources for
setup"
39fd0cc079c9 coredump: Use the vma snapshot in
From: Bruce Ashfield
Updating linux-yocto/5.15 to the latest korg -stable release that comprises
the following commits:
81d8d30c35ed Linux 5.15.35
85f25bb9a005 ax25: Fix UAF bugs in ax25 timers
43c107021d91 ax25: Fix NULL pointer dereferences in ax25 timers
da6509fba636 ax25:
From: Bruce Ashfield
Richard,
This is mainly a resend of the pull request that I sent just before
the release builds.
At that time, there was a ppc boot issue, which I've fixed. There was
also a ptest warning, which I couldn't reproduce, so let's see if it
pops back up on the AB.
There is
From: Bruce Ashfield
Integrating the following commit(s) to linux-yocto/5.15:
7ba4cb36fd4f rcu: Avoid alloc_pages() when recording stack
f78574dee71e kasan: test: silence intentional read overflow warnings
d313cb89b6b1 kasan: arm64: fix pcpu_page_first_chunk crash with
From: Bruce Ashfield
Integrating the following commit(s) to linux-yocto/.:
20dcef87913 versatile: restore explicit CONFIG_ARM
8e63ec2fc66 qemuarm64: cleanup for tiny enablement
fa720c009a8 arm-versatile-926ejs: reorg for tiny and preempt-rt
7febff689a8 qemuarma15: fix tiny and
From: Bruce Ashfield
Updating linux-yocto/5.10 to the latest korg -stable release that comprises
the following commits:
3238bffaf992 Linux 5.10.110
cf342cbfb37f PCI: xgene: Revert "PCI: xgene: Use inbound resources for
setup"
a25864c5bc20 arm64: Do not defer reserve_crashkernel()
From: Bruce Ashfield
The 5.15-stable series pulled in the following commit:
commit c894ac44786cfed383a6c6b20c1bfb12eb96018a
Author: Thomas Zimmermann
Date: Tue Jan 25 10:12:18 2022 +0100
fbdev: Hot-unplug firmware fb devices on forced removal
commit
From: Bruce Ashfield
In situations where a buid needs to be reproducible, it is
sometimes desireable to use a patches author date, versus the
time when it is applied. This generates a consistent hash
between different patch applications.
We leverage the existing KERNEL_DEBUG_TIMESTAMPS to
From: Bruce Ashfield
Integrating the following commit(s) to linux-yocto/.:
645b337371e base.cfg: enable kernel crypto userspace API
Signed-off-by: Alexander Kanavin
Signed-off-by: Bruce Ashfield
---
meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb | 2 +-
From: Bruce Ashfield
Integrating the following commit(s) to linux-yocto/5.15:
07a63f760793 netfilter: conntrack: avoid useless indirection during
conntrack destruction
Signed-off-by: Bruce Ashfield
---
.../linux/linux-yocto-rt_5.15.bb | 4 ++--
From: Bruce Ashfield
Integrating the following commit(s) to linux-yocto/5.15:
5df6d1b00f95 jbd2: fix use-after-free of transaction_t race
2d83e8196487 jbd2: refactor wait logic for transaction updates into a
common function
Signed-off-by: Bruce Ashfield
---
From: Bruce Ashfield
gcc12 generates some warnings with arch/powerpc, and we know that
these warnings are understood/non-fatal at runtime.
This fragment allows testing to continue, while upstream powerpc
looks at removing warnings.
We only enable it for 5.10/5.15 standard kernels for now,
From: Bruce Ashfield
Integrating the following commit(s) to linux-yocto/5.15:
4eba9348d3e2 Revert "Revert "fbdev: Hot-unplug firmware fb devices on
forced removal""
The revert of commit [fbdev: Hot-unplug firmware fb devices on forced
removal] was done to fix powerpc fbdev issues.
From: Bruce Ashfield
Updating linux-yocto/5.15 to the latest korg -stable release that comprises
the following commits:
45451e8015a9 Linux 5.15.36
bb906d15a99e arm64: dts: qcom: add IPA qcom,qmp property
1ea01e64632f block/compat_ioctl: fix range check in BLKGETSIZE
6a3c609feb11
On Thu, Apr 28, 2022 at 11:17 AM Ross Burton wrote:
>
>
> > On 28 Apr 2022, at 09:16, Marta Rybczynska wrote:
> > A side-effect of this change is that we seem to not be downloading the
> NVD database
> > anymore... This is probably not exactly what we want right now.
>
>
> That’s unexpected, as
From: Steve Sakoman
Use of those tools was removed in b5c131006e3fad0a15e6cdf81f71dc1e96647028
perf-build-test/report: Drop phantomjs and html email reports support
Signed-off-by: Steve Sakoman
Signed-off-by: Richard Purdie
---
scripts/contrib/oe-build-perf-report-email.py | 13 -
On Tue, 2022-04-19 at 10:46 +0100, Jose Quaresma wrote:
> The python set() is not thread safe and we use it on the ThreadedPool.
> With this LockedSet python class we can call the 'add' and 'remove'
> safely inside the ThreadedPool.
>
> This piece of code is taken from the stackoverflow
>
From: Ross Burton
The keep alive timeout is excessively long at 83 minutes (5000 seconds),
reduce this to 10 minutes: this should be long enough that it rarely
triggers in normal builds, but when it does it has useful information.
Signed-off-by: Ross Burton
Signed-off-by: Alexandre Belloni
From: Ross Burton
In interactive bitbake sessions it is obvious what tasks are running
when one of them hangs or otherwise takes a long time. However, in
non-interactive sessions (such as automated builds) bitbake just prints
a message saying that it is "still alive" with no clues as to what
On Thu, Apr 28, 2022 at 7:04 AM Khem Raj wrote:
>
> On Thu, Apr 28, 2022 at 9:22 AM Steve Sakoman wrote:
> >
> > This appears to be a security/bug fix release. Do you think it is
> > suitable for kirkstone?
> >
>
> I think so.
Ah, my bad! Kirkstone is at version 17.8. I was confused by
On Thu, Apr 28, 2022 at 4:27 AM Andrei Gherzan wrote:
>
> On Thu, 28 Apr 2022, at 07:26, Khem Raj wrote:
> > RPi kernel has started building compressed kernel modules by default
> > starting 5.15, currenrly therefore meta-raspberrypi kernels are unable
> > to load kernel modules since kmod and
I haven't seen this patch hit master or master-next yet. Were there
issues with it?
Just want to make sure I don't miss anything requested for kirkstone.
Steve
On Thu, Apr 21, 2022 at 11:11 AM Peter Kjellerstedt
wrote:
>
> If, e.g., license-file-missing is added to ERROR_QA, then the build
>
On Thu, Apr 28, 2022 at 9:22 AM Steve Sakoman wrote:
>
> This appears to be a security/bug fix release. Do you think it is
> suitable for kirkstone?
>
I think so.
> Steve
>
> On Tue, Apr 26, 2022 at 10:40 PM Alexander Kanavin
> wrote:
> >
> > Do not version patch directories; we carry only
The following changes since commit d2ba3b8850d461bc7b773240cdf15b22b31a3f9e:
lua: fix CVE-2022-28805 (2022-04-19 14:02:08 +0100)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/kirkstone-next
This appears to be a security/bug fix release. Do you think it is
suitable for kirkstone?
Steve
On Tue, Apr 26, 2022 at 10:40 PM Alexander Kanavin
wrote:
>
> Do not version patch directories; we carry only one version of go.
>
> Signed-off-by: Alexander Kanavin
> ---
>
These files appear to have been first commented out from do_install in
14cba802f2dd ("udev: Add 141") and then removed completely in
54daad852fc3 ("udev: remove commented code from init script (no code
changes)").
Signed-off-by: Alex Kiernan
Signed-off-by: Alex Kiernan
---
- Ursprüngliche Mail -
> Von: "Sean Anderson"
> In order to build erofs filesystems, wic must have the erofs-utils
> package installed into its sysroot.
>
> Fixes: 30375ce97 ("Add support for erofs filesystems")
> Signed-off-by: Sean Anderson
Reviewed-by: Richard Weinberger
Thanks,
On Thu, Apr 28, 2022 at 11:00 AM Steve Sakoman wrote:
>
> On Thu, Apr 28, 2022 at 7:04 AM Khem Raj wrote:
> >
> > On Thu, Apr 28, 2022 at 9:22 AM Steve Sakoman wrote:
> > >
> > > This appears to be a security/bug fix release. Do you think it is
> > > suitable for kirkstone?
> > >
> >
> > I
On Thu, Apr 28, 2022 at 9:48 AM Bruce Ashfield via
lists.openembedded.org
wrote:
>
> From: Bruce Ashfield
>
> Richard,
>
> This is mainly a resend of the pull request that I sent just before
> the release builds.
>
> At that time, there was a ppc boot issue, which I've fixed. There was
> also a
This patch is in master-next, but not yet master. I decided to run
the dunfell review process in parallel with master. I will wait till
the patch hits master before sending a pull request (and will add the
cherry-pick notation)
Steve
On Thu, Apr 28, 2022 at 11:47 AM Steve Sakoman via
Please review this set of patches for dunfell and have comments back by end of
day Monday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3587
The following changes since commit 8e81d38048c953d0823abf04d5b2506cd988f0bb:
build-appliance-image:
From: sana kazi
Fix CVE-2022-0891 for tiff
Link:
https://sources.debian.org/src/tiff/4.1.0+git191117-2%7Edeb10u4/debian/patches/CVE-2022-0891.patch/
Signed-off-by: Sana Kazi
Signed-off-by: Sana Kazi
Signed-off-by: Steve Sakoman
---
.../libtiff/files/CVE-2022-0891.patch | 217
From: Ross Burton
There's no need to specify an ancient GCC version here as Boost will
probe it.
Signed-off-by: Ross Burton
Signed-off-by: Richard Purdie
Signed-off-by: Tim Orling
Signed-off-by: Steve Sakoman
---
meta/recipes-support/boost/boost.inc | 2 +-
1 file changed, 1 insertion(+),
From: Dmitry Baryshkov
According to the WHENCE file, some a3k firmware files are licensed
under the special ar3k license, while others are licensed under the more
generic Atheros license. Document this by adding extending the
LICENSE_${PN}-ar3k and depending on both of them.
Signed-off-by:
From: Marta Rybczynska
Backport to dunfell from master df567de36ae5964bee433ebb97e8bf702034994a
Add an option to output the CVE check in a JSON-based format.
This format is easier to parse in software than the original
text-based one and allows post-processing by other tools.
Output formats
Use of those tools was removed in b5c131006e3fad0a15e6cdf81f71dc1e96647028
perf-build-test/report: Drop phantomjs and html email reports support
Signed-off-by: Steve Sakoman
---
scripts/contrib/oe-build-perf-report-email.py | 13 -
1 file changed, 13 deletions(-)
diff --git
From: Richard Purdie
phantomjs isn't reliable and we've moved to sharing the reports via a webserver.
Update the scripts to more match those being used in the autobuilder helper
where the html email support was removed.
Signed-off-by: Richard Purdie
(cherry picked from commit
The GO_WORKDIR is used only in go-mod.bbclass. As this recipe does
not inherit go-mod.bbclass, this variable is useless here.
This go-helloworld recipe was made to inherit go-mod.bbclass and build
in module-aware mode. However, it was found that we need to build go
recipes in GOPATH mode in order
From: Rahul Kumar
The tarball (neard-0.16.tar.xz) fetched by the recipe is incomplete.
Few plugins (e.g. tizen) and tests scripts (e.g. Test-channel, test-see,
neard-ui.py, ndef-agent etc) are missing.
Since neard did not release latest tarballs, so as per community
recommendation switching the
lgtm, thanks for fixing it
On Thu, Apr 28, 2022 at 7:23 PM Chen Qi wrote:
>
> The GO_WORKDIR is used only in go-mod.bbclass. As this recipe does
> not inherit go-mod.bbclass, this variable is useless here.
>
> This go-helloworld recipe was made to inherit go-mod.bbclass and build
> in
On 2022-04-28 21:34, Peter Kjellerstedt wrote:
>> -Original Message-
>> From: openembedded-core@lists.openembedded.org > c...@lists.openembedded.org> On Behalf Of Jiaqing Zhao
>> Sent: den 28 april 2022 11:50
>> To: openembedded-core@lists.openembedded.org
>> Cc: Jiaqing Zhao
>> Subject:
Hi, Alex
> What do those do_compile/do_install tweaks do, and why are they necessary?
> Please explain, it seems like there might be a better way to do this.
Sorry, It seems that I should add an explain in commit message.
I found that if enable fips, a binary build for target will be executed in
Hi All,
This is the full report for yocto-3.1.16.rc1:
https://git.yoctoproject.org/cgit/cgit.cgi/yocto-testresults-contrib/tree/?h=intel-yocto-testresults
=== Summary
No high milestone defects.
No new issue found.
Thanks,
Jay
> -Original Message-
> From:
60 matches
Mail list logo