Re: [OE-core] [PATCH] libxml2: Upgrade 2.11.5 -> 2.12.5

On Fri, 2024-02-23 at 19:18 +, Simone Weiß wrote: > From: Simone Weiß > > Upgraded to address CVE-2024-25062 > > License-Update: hash.c was rewritten and now also has MIT license, > trio was totally removed, hence remove license checksum as well. > Files are not mentioned as exception in

Re: [OE-core] [PATCH] cve-check: Log if CVE_STATUS set but not reported for component

On Fri, 2024-02-23 at 22:52 +0100, Yoann CONGAL wrote: > Le ven. 23 févr. 2024 à 22:09, Simone Weiß a > écrit : > > From: Simone Weiß > > > > Log if the CVE_STATUS is set for a CVE, but the cve is not reported > > for a > > component. This should hopefully help to clean up not needed > >

Re: [OE-core] [PATCH] package_rpm: Fix backtrace on missing directory.

On 2/23/2024 1:20 PM, Alexander Kanavin wrote: Somewhere in the overall function the paths aren't formed correctly, but this patch is very much not a correct fix either, and should be marked as such. Is there a preferred way to do that? I mention in the commit message that is not the right

Re: [OE-core] [PATCH] cve-check: Log if CVE_STATUS set but not reported for component

Le ven. 23 févr. 2024 à 22:09, Simone Weiß a écrit : > From: Simone Weiß > > Log if the CVE_STATUS is set for a CVE, but the cve is not reported for a > component. This should hopefully help to clean up not needed CVE_STATUS > settings. > Thank you for taking the time to do this :-) >

[OE-core] [PATCH] meta: Remove some not needed CVE_STATUS

From: Simone Weiß CVE_STATUS was set for those components, but meanwhile databases are updated with corrected information, so setting the CVE_STATUS is not needed anymore. Signed-off-by: Simone Weiß --- meta/recipes-connectivity/openssl/openssl_3.2.1.bb | 2 --

Re: [OE-core] [PATCH] package_rpm: Fix backtrace on missing directory.

Somewhere in the overall function the paths aren't formed correctly, but this patch is very much not a correct fix either, and should be marked as such. If you can provide a minimal reproducer recipe, that would help; I can't say what is wrong otherwise. You might want to insert debugging

[OE-core] [PATCH] cve-check: Log if CVE_STATUS set but not reported for component

From: Simone Weiß Log if the CVE_STATUS is set for a CVE, but the cve is not reported for a component. This should hopefully help to clean up not needed CVE_STATUS settings. Signed-off-by: Simone Weiß --- meta/classes/cve-check.bbclass | 3 +++ 1 file changed, 3 insertions(+) diff --git

[OE-core] [PATCH] patchtest: Skip test for CVE_CHECK_IGNORE for older branches

From: Simone Weiß Skip the test for checking if CVE_CHECK_IGNORE is not used. It is deprecated now, but was not deprecated for kirkstone and dunfell. Skip it therefore if a patch is intended for those branches. Signed-off-by: Simone Weiß --- meta/lib/patchtest/tests/test_metadata.py | 6

[OE-core] [PATCH v3] patchtest: provide further guidance for failed testcases

From: Simone Weiß Cross-reference the wiki page on patchtest now that it is updated and contains more information how to address failed testcases. Adding it in patchtest only is enough as patchtest-send-result already points to the wikipage for failures. Signed-off-by: Simone Weiß --- v2:

Re: [OE-core] [PATCH] package_rpm: Fix backtrace on missing directory.

It says usr//usr in the comment, but when I ran on a clean build it started complaining about opt//opt as well. Its not really clear why it is looking for those directories, and I am sure this is not likely the correct solution, but I wanted to get it out here so someone who has kicked this area

[OE-core] [PATCH] package_rpm: Fix backtrace on missing directory.

From: "Jeremy A. Puhlman" This seems to work around the following issue. The recipe in quesiton places all of its content in /opt, and we turn on license collection globally. Systemd is turned on so usrmerge is also on. I doubt this is the correct way to deal with this as it is not clear why it

Re: [OE-core] [PATCH v2] patchtest: provide further guidance for failed testcases

On 2024-02-23 15:17, Simone Weiß wrote: From: Simone Weiß Cross-reference the wiki page on patchtest now that it is updated and contains more information how to address failed testcases. Adding it in patchtest only is enough as patchtest-send-result already points to the wikipage for

[OE-core] [PATCH v2] patchtest: provide further guidance for failed testcases

From: Simone Weiß Cross-reference the wiki page on patchtest now that it is updated and contains more information how to address failed testcases. Adding it in patchtest only is enough as patchtest-send-result already points to the wikipage for failures. Signed-off-by: Simone Weiß --- v2:

[OE-core] [PATCH] libxml2: Upgrade 2.11.5 -> 2.12.5

From: Simone Weiß Upgraded to address CVE-2024-25062 License-Update: hash.c was rewritten and now also has MIT license, trio was totally removed, hence remove license checksum as well. Files are not mentioned as exception in overall license any more, therefore, checksum changed there as well.

Re: [OE-Core][PATCH v3 1/5] lib/oeqa: share get_json_result_dir helper

On 2/23/24 18:27, Richard Purdie wrote: > On Fri, 2024-02-23 at 16:16 +0100, Alexis Lothoré via > lists.openembedded.org wrote: >> From: Alexis Lothoré >> >> Multiple places in oeqa need to get the log output path, and redefine >> a >> small helper to accomplish this >> >> Define this helper in

Re: [OE-Core][PATCH v3 1/5] lib/oeqa: share get_json_result_dir helper

On Fri, 2024-02-23 at 16:16 +0100, Alexis Lothoré via lists.openembedded.org wrote: > From: Alexis Lothoré > > Multiple places in oeqa need to get the log output path, and redefine > a > small helper to accomplish this > > Define this helper in lib/oeqa/utils/__init__.py and import it >

Re: [OE-core] [kirkstone][PATCH 3/3] kernel: make LOCALVERSION consistent between recipes

On 2/22/2024 4:46 PM, Ryan Eatmon via lists.openembedded.org wrote: On 2/22/2024 3:56 PM, Bruce Ashfield wrote: On Thu, Feb 22, 2024 at 4:51 PM Ryan Eatmon via lists.openembedded.org wrote: On 2/22/2024 4:35 AM, Andreas Helbech Kleist wrote: From: Bruce Ashfield The initial fix for

Re: [OE-core][kirkstone][PATCH V2] nghttp2: fix CVE-2023-44487

On Thu, Feb 22, 2024 at 7:41 PM Zahir Hussain Sikkendar Basha wrote: > > Hi Steve, > > Apologies for the late reply. Can you please recheck the patch again? > Same patch works in our build without any Hunk failure issue, And also > confirmed that the patch changes are available in the source

[OE-Core][PATCH v3 0/5] testimage: add failed test post actions and fetch more data

Hello, this small series is related to some disk space issue observed by the SWAT team (see [1]) which eventually leads to tests failure. In order to help diagnose those issues, I propose to enrich the retrieved artifacts with some additional data, like disk usage on target and on host (in case

[OE-Core][PATCH v3 3/5] oeqa/utils/postactions: isolate directory creation in dedicated action

From: Alexis Lothoré In order to be able to create actions that could store new files during failed test post actions, we need to split artifacts directory creation from artifacts retrieval. Create a new dedicated action to create artifacts main directory so we can add actions creating files in

[OE-Core][PATCH v3 4/5] oeqa/utils/postactions: add target disk usage stat as post action

From: Alexis Lothoré In order to debug issues related to disk space (see [1]), add a failed tests post action to retrieve disk usage on the target. Rely on the test context object to run the corresponding command onto the target [1] https://bugzilla.yoctoproject.org/show_bug.cgi?id=15220

[OE-Core][PATCH v3 5/5] oeqa/utils/postactions: testimage: add host disk usage stat as post action

From: Alexis Lothoré Since the target under test can be a virtualized guest, when some tests fail because of disk usage (see [1]), also fetch disk usage statistics from host to allow checking whether a host disk space saturation could affect running tests. [1]

[OE-Core][PATCH v3 2/5] testimage: create a list of failed test post actions

From: Alexis Lothoré testimage is able to detect whenever a test run leads to some tests failing, and execute some actions in this case. The only action currently defined in such case is to retrieve artifacts from the target under test, as listed in TESTIMAGE_FAILED_QA_ARTIFACTS In order to be

[OE-Core][PATCH v3 1/5] lib/oeqa: share get_json_result_dir helper

From: Alexis Lothoré Multiple places in oeqa need to get the log output path, and redefine a small helper to accomplish this Define this helper in lib/oeqa/utils/__init__.py and import it wherever needed to allow using it. Signed-off-by: Alexis Lothoré --- There is one additional place

Re: [OE-Core][PATCH v2 2/5] testimage: create a list of failed test post actions

On 2/23/24 15:42, Richard Purdie wrote: > On Fri, 2024-02-23 at 15:03 +0100, Alexis Lothoré via lists.openembedded.org > wrote: >> From: Alexis Lothoré >> >> testimage is able to detect whenever a test run leads to some tests >> failing, and execute some actions in this case. The only action

Re: [OE-Core][PATCH v2 2/5] testimage: create a list of failed test post actions

On Fri, 2024-02-23 at 15:03 +0100, Alexis Lothoré via lists.openembedded.org wrote: > From: Alexis Lothoré > > testimage is able to detect whenever a test run leads to some tests > failing, and execute some actions in this case. The only action currently > defined in such case is to retrieve

Re: [OE-Core][PATCH v2 1/5] lib/oeqa: share get_json_result_dir helper

On Fri, 2024-02-23 at 15:03 +0100, Alexis Lothoré via lists.openembedded.org wrote: > From: Alexis Lothoré > > Multiple places in oeqa need to get the log output path, and redefine a > small helper to accomplish this > > Define this helper in lib/oeqa/utils/__init__.py and import it wherever >

[OE-core] [PATCH] recipetool: Fix errors with meta-poky bbappend

When a new base-files bbappend was added to meta-poky, it causes selftest failures. Whilst this isn't ideal, workaround that issue for now since the append is being added for security visibility and changing the tests to support this more generically looks invasive. Signed-off-by: Richard Purdie

Re: [OE-core] [PATCH v2] kernel.bbclass: Set pkg-config variables for building modules

On Fri, Feb 23, 2024 at 3:05 AM Munehisa Kamata wrote: > > The pkg-config workaround has been applied for kernel image building, but > not for module building. So pkg-config variables are different between > do_compile and do_compile_kernelmodules tasks. It may unnecessary trigger > rebuilding of

[OE-Core][PATCH v2 0/5] testimage: add failed test post actions and fetch more data

Hello, this small series is related to some disk space issue observed by the SWAT team (see [1]) which eventually leads to tests failure. In order to help diagnose those issues, I propose to enrich the retrieved artifacts with some additional data, like disk usage on target and on host (in case

[OE-Core][PATCH v2 5/5] oeqa/utils/postactions: testimage: add host disk usage stat as post action

From: Alexis Lothoré Since the target under test can be a virtualized guest, when some tests fail because of disk usage (see [1]), also fetch disk usage statistics from host to allow checking whether a host disk space saturation could affect running tests. [1]

[OE-Core][PATCH v2 4/5] oeqa/utils/postactions: add target disk usage stat as post action

From: Alexis Lothoré In order to debug issues related to disk space (see [1]), add a failed tests post action to retrieve disk usage on the target. Rely on the test context object to run the corresponding command onto the target [1] https://bugzilla.yoctoproject.org/show_bug.cgi?id=15220

[OE-Core][PATCH v2 2/5] testimage: create a list of failed test post actions

From: Alexis Lothoré testimage is able to detect whenever a test run leads to some tests failing, and execute some actions in this case. The only action currently defined in such case is to retrieve artifacts from the target under test, as listed in TESTIMAGE_FAILED_QA_ARTIFACTS In order to be

[OE-Core][PATCH v2 3/5] oeqa/utils/postactions: isolate directory creation in dedicated action

From: Alexis Lothoré In order to be able to create actions that could store new files during failed test post actions, we need to split artifacts directory creation from artifacts retrieval. Create a new dedicated action to create artifacts main directory so we can add actions creating files in

[OE-Core][PATCH v2 1/5] lib/oeqa: share get_json_result_dir helper

From: Alexis Lothoré Multiple places in oeqa need to get the log output path, and redefine a small helper to accomplish this Define this helper in lib/oeqa/utils/__init__.py and import it wherever needed to allow using it. Signed-off-by: Alexis Lothoré --- There is one additional place

Re: [OE-core] [PATCH] devicetree.bbclass: fix do_fetch stage

On 24-02-23, Richard Purdie wrote: > On Fri, 2024-02-23 at 14:01 +0100, Marco Felsch wrote: > > On 24-02-23, Richard Purdie wrote: > > > On Fri, 2024-02-23 at 13:10 +0100, Marco Felsch wrote: > > > > The fetch stage should always start with a clean ${S} directory > > > > to > > > > not > > > > try

Re: [OE-core] [PATCH] devicetree.bbclass: fix do_fetch stage

On 24-02-23, Marco Felsch wrote: > On 24-02-23, Richard Purdie wrote: > > On Fri, 2024-02-23 at 13:10 +0100, Marco Felsch wrote: > > > The fetch stage should always start with a clean ${S} directory to > > > not > > > try to compile leftovers from previous builds. > > > > > > Signed-off-by: Marco

Re: [OE-core] [PATCH] devicetree.bbclass: fix do_fetch stage

On Fri, 2024-02-23 at 14:01 +0100, Marco Felsch wrote: > On 24-02-23, Richard Purdie wrote: > > On Fri, 2024-02-23 at 13:10 +0100, Marco Felsch wrote: > > > The fetch stage should always start with a clean ${S} directory > > > to > > > not > > > try to compile leftovers from previous builds. > > >

[OE-core] [PATCH v2 0/2] lib/oe/package: fix LOCALE_PATHS scan to create locale packages

Hi, The main patch of the series ensures only the subdirectories of paths added to LOCALE_PATHS are scanned to construct the locale packages. Without the check, the CUPS recipe creates packages such as cups-locale-add-class.tmpl because of file /usr/share/cups/templates/add-class.tmpl

[OE-core] [PATCH v2 1/2] glibc-locale: add an explicit dedicated package for locale.alias file

Until now, ${datadir}/locale/locale.alias file were automatically added to a weird glibc-locale-locale.alias package by split_locales() during do_package task. Create an explicit package name in recipe for this file. Signed-off-by: Jonathan GUILLOT --- meta/recipes-core/glibc/glibc-locale.inc |

[OE-core] [PATCH v2 2/2] lib/oe/package: fix LOCALE_PATHS scan to create locale packages

split_locales() must only check subdirectories in paths added to LOCALE_PATHS to avoid creating weird packages based on filenames also present in paths. Without such a filter, cups recipe adding ${datadir}/cups/templates to LOCALE_PATHS creates the following incorrect packages: -

[OE-core] [PATCH v3 3/3] creategroup*: Remove coreutils-native as a DEPENDS

There isn't any reason for coreutils-native as a DEPENDS, so remove it to speed up tests. Signed-off-by: Eilís 'pidge' Ní Fhlannagáin --- meta-selftest/recipes-test/selftest-users/creategroup1.bb | 2 -- meta-selftest/recipes-test/selftest-users/creategroup2.bb | 1 - 2 files changed, 3

[OE-core] [PATCH v3 0/3] Useradd postinstall fixes and tests

These commits fix #13904 and #15084, adds a test for it and adds a minor fix for the creategroup tests Eilís 'pidge' Ní Fhlannagáin (2): selftest-users: Convoluted selftest for USERADD_DEPENDS creategroup*: Remove coreutils-native as a DEPENDS Piotr Łobacz (1): useradd.bbclass: Fix order

[OE-core] [PATCH v3 2/3] selftest-users: Convoluted selftest for USERADD_DEPENDS

This adds a test for 13904's fix by creating a convoluted set of recipes with USERADD_DEPENDS in non-alpha order. Signed-off-by: Eilís 'pidge' Ní Fhlannagáin --- .../selftest-users/acreategroup.bb| 32 .../selftest-users/bcreategroup.bb| 37

[OE-core] [PATCH v3 1/3] useradd.bbclass: Fix order of postinst-useradd-*

From: Piotr Łobacz postinst-useradd-* haven't been running in order of dependency. This patch is reworked from Piotr Łobacz's patch and fixes: https://bugzilla.yoctoproject.org/show_bug.cgi?id=15084 https://bugzilla.yoctoproject.org/show_bug.cgi?id=13904 basepasswd_sysroot_postinst in

Re: [OE-core] [PATCH] devicetree.bbclass: fix do_fetch stage

On 24-02-23, Richard Purdie wrote: > On Fri, 2024-02-23 at 13:10 +0100, Marco Felsch wrote: > > The fetch stage should always start with a clean ${S} directory to > > not > > try to compile leftovers from previous builds. > > > > Signed-off-by: Marco Felsch > > --- > >  

Re: [OE-core] [PATCH] devicetree.bbclass: fix do_fetch stage

On Fri, 2024-02-23 at 13:10 +0100, Marco Felsch wrote: > The fetch stage should always start with a clean ${S} directory to > not > try to compile leftovers from previous builds. > > Signed-off-by: Marco Felsch > --- >  meta/classes-recipe/devicetree.bbclass | 2 ++ >  1 file changed, 2

[OE-core] [PATCH] devicetree.bbclass: fix do_fetch stage

The fetch stage should always start with a clean ${S} directory to not try to compile leftovers from previous builds. Signed-off-by: Marco Felsch --- meta/classes-recipe/devicetree.bbclass | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/classes-recipe/devicetree.bbclass

Re: [OE-core] [PATCH v2 1/3] useradd.bbclass: Fix order of postinst-useradd-*

On Fri, 2024-02-23 at 11:16 +, Eilís 'pidge' Ní Fhlannagáin wrote: > From: Piotr Łobacz > > postinst-useradd-* haven't been running in order of dependency. > > This patch is reworked from Piotr Łobacz's patch and fixes: > > https://bugzilla.yoctoproject.org/show_bug.cgi?id=15084 >

[OE-core] [RFC PATCH 10/10] scripts/oe-replicate-build: add a script that packages and replicates a yocto build elsewhere

This scripts takes an existing, active yocto build, and puts pieces of it into a bundle directory, which is then placed in a tarball, and that goes into a self-extracting shell archive. This allows moving the bundle to another machine, or placing it on a network server for downloads. It's like

[OE-core] [RFC PATCH 09/10] selftest/sstatetests: move exception list for cache objects to the parent class

This is useful not just in cdn/local cache tests, but also in the build bundle test, and so should be applied by default. Signed-off-by: Alexander Kanavin --- meta/lib/oeqa/selftest/cases/sstatetests.py | 26 ++--- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git

[OE-core] [RFC PATCH 07/10] sstatesig/dump_sigs: allow setting output directory explicitly from command line option

The default (current directory) is unfortunately non-deterministic, as the operation is performed from bitbake-server and not from bitbake process directly. If the server was started in a different directory it will write the files there, and not where bitbake command requesting those files was

[OE-core] [RFC PATCH 08/10] selftest/sstatetests: separate sstate presence check into its own class

This allows reusing the check function in tests other than CDN/local mirror ones, such as sstate bundle testing. Signed-off-by: Alexander Kanavin --- meta/lib/oeqa/selftest/cases/sstatetests.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git

[OE-core] [RFC PATCH 06/10] lib/oe/sstatesig.py: add an option to make a unihash cache copy

This is already performed in eSDK creation; the change allows also making a copy with a standalone 'bitbake -S unihash-cache-copy targets...' command, which is useful for replicating builds on a different build host (simply coping sstate objects is not enough if they need to be discovered through

[OE-core] [RFC PATCH 05/10] bblayers/setupwriters/oe-local-copy: add a 'local copy' plugin for bitbake-layers create-layer-setup

This plugin copies all currently configured layer respositories into a dedicated location on local disk. This is useful for entirely offline layer replication, when the layers are packed and then unpacked from an archive, rather than fetched from git (there can be situations where fetching from

[OE-core] [RFC PATCH 03/10] bblayers/makesetup: include local repository paths in discovered layer repo data

This can be useful when the caller needs to know where the repos actually are on local disk (for example to make a local copy of them or obtain additional information about them). This field however should be removed from the json output in oe-setup-layers plugin, as it is host-specific and not

[OE-core] [RFC PATCH 01/10] scripts/oe-setup-build: write a build environment initialization one-liner into the build directory

This allows avoiding having to know where oe-init-build-env is relative to the build directory; that information is contained in the one liner and then it's possible to simply use that: . /path/to/build/init-build-env This will particularly help with initializing builds in unpacked build

[OE-core] [RFC PATCH 04/10] bblayers/makesetup: move check for existence of git remotes to oe-setup-layers plugin

This helps when making a local copy of all the layers: it's fine to not have any remotes configured in that case. Also correct the mistake in accessing 'contains_this_file' property: it may not necessarily exist, and if so, it should default to False. Signed-off-by: Alexander Kanavin ---

[OE-core] [RFC PATCH 02/10] bblayers/makesetup: raise exceptions when errors happen

Otherwise the calling code can only issue a generic, unhelpful erorr message, and it's difficult to tell what went wrong if logger.error output is obscured or redirected. Signed-off-by: Alexander Kanavin --- meta/lib/bblayers/makesetup.py | 10 ++ 1 file changed, 6 insertions(+), 4

[OE-core][PATCH] go: update 1.20.13 -> 1.20.14

Upgrade to latest 1.20.x release [1]: $ git log --oneline go1.20.13..go1.20.14 90a870f1dc (tag: go1.20.14, origin/release-branch.go1.20) [release-branch.go1.20] go1.20.14 a2f4a5a6e7 [release-branch.go1.20] Revert "crypto/internal/boring: upgrade module to fips-20220613" +1 746a072791

[OE-core] [PATCH v2 2/3] selftest-users: Convoluted selftest for USERADD_DEPENDS

This adds a test for 13904's fix by creating a convoluted set of recipes with USERADD_DEPENDS in non-alpha order. Signed-off-by: Eilís 'pidge' Ní Fhlannagáin --- .../selftest-users/acreategroup.bb| 32 .../selftest-users/bcreategroup.bb| 37

[OE-core] [PATCH v2 3/3] creategroup*: Remove coreutils-native as a DEPENDS

There isn't any reason for coreutils-native as a DEPENDS, so remove it to speed up tests. Signed-off-by: Eilís 'pidge' Ní Fhlannagáin --- meta-selftest/recipes-test/selftest-users/creategroup1.bb | 2 -- meta-selftest/recipes-test/selftest-users/creategroup2.bb | 1 - 2 files changed, 3

[OE-core] [PATCH v2 1/3] useradd.bbclass: Fix order of postinst-useradd-*

From: Piotr Łobacz postinst-useradd-* haven't been running in order of dependency. This patch is reworked from Piotr Łobacz's patch and fixes: https://bugzilla.yoctoproject.org/show_bug.cgi?id=15084 https://bugzilla.yoctoproject.org/show_bug.cgi?id=13904 basepasswd_sysroot_postinst in

[OE-core] [PATCH v2 0/3] Useradd postinstall fixes and tests

These commits fix #13904 and #15084, adds a test for it and adds a minor fix for the creategroup tests Eilís 'pidge' Ní Fhlannagáin (2): selftest-users: Convoluted selftest for USERADD_DEPENDS creategroup*: Remove coreutils-native as a DEPENDS Piotr Łobacz (1): useradd.bbclass: Fix order

Re: [OE-core] [PATCH 1/3] useradd.bbclass: Fix order of postinst-useradd-*

Dnia piątek, 23 lutego 2024 10:36:27 CET Chen Qi via lists.openembedded.org pisze: > 1. I can see what this patch mainly does is ensuring groups first, then > user, then groupmems. But the current useradd_preinst, which is called > by useradd_sysroot has already ensured this. Is that not working?

Re: [OE-core] [PATCH 1/3] useradd.bbclass: Fix order of postinst-useradd-*

1. I can see what this patch mainly does is ensuring groups first, then user, then groupmems. But the current useradd_preinst, which is called by useradd_sysroot has already ensured this. Is that not working? 2. You're using bb.warn as a method of outputting debugging information, which I

Re: [OE-core] [PATCH 1/3] useradd.bbclass: Fix order of postinst-useradd-*

Although I did notice the rest of the file uses this syntax, and I do not believe there are any guidelines specific to this (that I am aware of), I did want to comment on this. > + if test "x$1" = "xgroup"; then > + if test "x$1" = "xuser"; then > + if test "x$1" = "xgroupmems";

Re: [OE-Core][dunfell][PATCH] gnutls: Backport of CVE-2024-0567

Hi Anuj, I didn't checked after applying patch if the crash went away or not. Thanks, Best Regards, Ranjitsinh Rathod Technical Leader | | KPIT Technologies Ltd. Cellphone: +91-84606 92403 __ KPIT | Follow us on

Re: [OE-Core][dunfell][PATCH] gnutls: Backport of CVE-2024-0567

Hi On Fri, 2024-02-23 at 13:42 +0530, Ranjitsinh Rathod wrote: > From: Ranjitsinh Rathod > > A vulnerability was found in GnuTLS, where a cockpit (which uses > gnuTLS) > rejects a certificate chain with distributed trust. This issue occurs > when validating a certificate chain with

[OE-Core][dunfell][PATCH] gnutls: Backport of CVE-2024-0567

From: Ranjitsinh Rathod A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or