Re: [OE-core] [hardknott][PATCH v4] binutils: Fix CVE-2021-20197
Hi Anuj, Sent patches for review. 1.By splitting in to 3 patches. [hardknott][PATCH v3] binutils: Fix CVE-2021-20197: https://lists.openembedded.org/g/openembedded-core/message/153462 2.Cherry-pick of master branch [hardknott][PATCH v4] binutils: Fix CVE-2021-20197 https://lists.openembedded.org/g/openembedded-core/message/153809 Please let me know if you feel any more information needed in the patches. Regards, Vinay On Tue, Jul 13, 2021 at 7:19 PM Vinay Kumar via lists.openembedded.org wrote: > > Hi Anuj, > > This patch is a cherry-pick of > "f628b052f6c4a957472f2520adfb4b816ef83d95" from master branch. > > Regards, > Vinay > > On Tue, Jul 13, 2021 at 7:16 PM Vinay Kumar via lists.openembedded.org > wrote: > > > > Source: git://sourceware.org/git/binutils-gdb.git > > Tracking -- https://sourceware.org/bugzilla/show_bug.cgi?id=26945 > > > > Backported upstream commit d3edaa91d4cf7202ec14342410194841e2f67f12 to > > binutils-2.36 source along with commit id dependencies > > (8e03235147a9e774d3ba084e93c2da1aa94d1cec and > > 8b69e61d4be276bb862698aaafddc3e779d23c8f). > > > > Upstream-Status: Backport > > [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d3edaa91d4cf7202ec14342410194841e2f67f12] > > > > Signed-off-by: Vinay Kumar > > --- > > .../binutils/binutils-2.36.inc| 1 + > > .../binutils/binutils/CVE-2021-20197.patch| 388 ++ > > 2 files changed, 389 insertions(+) > > create mode 100644 > > meta/recipes-devtools/binutils/binutils/CVE-2021-20197.patch > > > > diff --git a/meta/recipes-devtools/binutils/binutils-2.36.inc > > b/meta/recipes-devtools/binutils/binutils-2.36.inc > > index 2968291889..6d0293b4bc 100644 > > --- a/meta/recipes-devtools/binutils/binutils-2.36.inc > > +++ b/meta/recipes-devtools/binutils/binutils-2.36.inc > > @@ -41,5 +41,6 @@ SRC_URI = "\ > > file://0014-Fix-rpath-in-libtool-when-sysroot-is-enabled.patch \ > > file://0015-sync-with-OE-libtool-changes.patch \ > > file://0016-Check-for-clang-before-checking-gcc-version.patch \ > > + file://CVE-2021-20197.patch \ > > " > > S = "${WORKDIR}/git" > > diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2021-20197.patch > > b/meta/recipes-devtools/binutils/binutils/CVE-2021-20197.patch > > new file mode 100644 > > index 00..d6117b65a4 > > --- /dev/null > > +++ b/meta/recipes-devtools/binutils/binutils/CVE-2021-20197.patch > > @@ -0,0 +1,388 @@ > > +From d3edaa91d4cf7202ec14342410194841e2f67f12 Mon Sep 17 00:00:00 2001 > > +From: Alan Modra > > +Date: Fri, 26 Feb 2021 11:30:32 +1030 > > +Subject: [PATCH] Reinstate various pieces backed out from smart_rename > > changes > > + > > +In the interests of a stable release various last minute smart_rename > > +patches were backed out of the 2.36 branch. The main reason to > > +reinstate some of those backed out changes here is to make necessary > > +followup fixes to commit 8e03235147a9 simple cherry-picks from > > +mainline. A secondary reason is that ar -M support isn't fixed for > > +pr26945 without this patch. > > + > > +PR 26945 > > +* ar.c: Don't include libbfd.h. > > +(write_archive): Replace xmalloc+strcpy with xstrdup. > > +* arsup.c (temp_name, real_ofd): New static variables. > > +(ar_open): Use make_tempname and bfd_fdopenw. > > +(ar_save): Adjust to suit ar_open changes. > > +* objcopy.c: Don't include libbfd.h. > > +* rename.c: Rename and reorder variables. > > + > > +(cherry picked from commit 95b91a043aeaeb546d2fea556d84a2de1e917770) > > + > > +Upstream-Status: Backport > > [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d3edaa91d4cf7202ec14342410194841e2f67f12] > > +CVE: CVE-2021-20197 > > +Signed-off-by: Vinay Kumar > > +--- > > + binutils/ar.c | 6 +- > > + binutils/arsup.c | 37 > > + binutils/bucomm.h | 3 +- > > + binutils/objcopy.c | 9 +-- > > + binutils/rename.c | 148 +++-- > > + 5 files changed, 67 insertions(+), 136 deletions(-) > > + > > +diff --git a/binutils/ar.c b/binutils/ar.c > > +index 45a34e3a6cf..44df48c5c67 100644 > > +--- a/binutils/ar.c > > b/binutils/ar.c > > +@@ -25,7 +25,6 @@ > > + > > + #include "sysdep.h" > > + #include "bfd.h" > > +-#include "libbfd.h" > > + #include "libiberty.h" > > + #include "progress.h" > > + #include "getopt.h" > > +@@ -1255,8 +1254,7 @@ write_archive (bfd *iarch) > > + bfd *contents_head = iarch->archive_next; > > + int ofd = -1; > > + > > +- old_name = (char *) xmalloc (strlen (bfd_get_filename (iarch)) + 1); > > +- strcpy (old_name, bfd_get_filename (iarch)); > > ++ old_name = xstrdup (bfd_get_filename (iarch)); > > + new_name = make_tempname (old_name, &ofd); > > + > > + if (new_name == NULL) > > +@@ -1308,7 +1306,7 @@ write_archive (bfd *iarch) > > + /* We don't care if this fails; we might be creating the archive. */ > > + bfd_close (
[OE-core] [poky][master][PATCH] test_buildhistory: Add test to verify that LICENSE is added
From: Sana Kazi Added test case which uses BUILDHISTORY_EXPORT_RECIPE_VARIABLES and BUILDHISTORY_EXPORT_PACKAGE_VARIABLES to add LICENSE for glibc as a sample recipe to buildhistory and the test verifies that expected license value is written in latest file. Signed-off-by: Sana Kazi --- .../recipes-test/glibc/glibc_%.bbappend | 2 + .../oeqa/selftest/cases/test_buildhistory.py | 48 +++ 2 files changed, 50 insertions(+) create mode 100644 meta-selftest/recipes-test/glibc/glibc_%.bbappend create mode 100644 meta/lib/oeqa/selftest/cases/test_buildhistory.py diff --git a/meta-selftest/recipes-test/glibc/glibc_%.bbappend b/meta-selftest/recipes-test/glibc/glibc_%.bbappend new file mode 100644 index 00..205720982c --- /dev/null +++ b/meta-selftest/recipes-test/glibc/glibc_%.bbappend @@ -0,0 +1,2 @@ +# This bbappend is used to alter the recipe using the test_recipe.inc file created by tests. +include test_recipe.inc diff --git a/meta/lib/oeqa/selftest/cases/test_buildhistory.py b/meta/lib/oeqa/selftest/cases/test_buildhistory.py new file mode 100644 index 00..2f1bd54599 --- /dev/null +++ b/meta/lib/oeqa/selftest/cases/test_buildhistory.py @@ -0,0 +1,48 @@ +import unittest +from oeqa.selftest.case import OESelftestTestCase +from oeqa.selftest.cases.buildhistory import BuildhistoryBase +from oeqa.utils.commands import bitbake, get_bb_var + +class BuildhistoryTests(BuildhistoryBase): + +def test_write_license_to_latest_recipe(self): +target = 'glibc' +recipe_variables = [] +self.write_recipeinc(target, 'BUILDHISTORY_EXPORT_RECIPE_VARIABLES += \"LICENSE\"') +self.run_buildhistory_operation(target) +add_buildhistory_config = 'PACKAGE_CLASSES = \"package_ipk\"' +self.append_config(add_buildhistory_config) +pkghistdir = get_bb_var('BUILDHISTORY_DIR') +PACKAGE_ARCH = get_bb_var('MULTIMACH_TARGET_SYS') +bitbake('-c package_write_ipk -f %s' % target) +infofile = "{}/packages/{}/{}/latest".format(pkghistdir, PACKAGE_ARCH, target) +expected = "LICENSE = GPLv2 & LGPLv2.1" +result = False +with open(infofile, "r") as f: +for line in f: +if line.strip() == expected: +result = True +break +if not result: +raise AssertionError("Expected License not found") + +def test_write_license_to_latest_package(self): +target = 'glibc' +recipe_variables = [] +self.write_recipeinc(target, 'BUILDHISTORY_EXPORT_PACKAGE_VARIABLES += \"LICENSE\"') +self.run_buildhistory_operation(target) +add_buildhistory_config = 'PACKAGE_CLASSES = \"package_ipk\"' +self.append_config(add_buildhistory_config) +bitbake('-c package_write_ipk -f %s' % target) +pkghistdir = get_bb_var('BUILDHISTORY_DIR') +PACKAGE_ARCH = get_bb_var('MULTIMACH_TARGET_SYS') +infofile = "{}/packages/{}/{}/{}-dbg/latest".format(pkghistdir, PACKAGE_ARCH, target, target) +expected = "LICENSE = GPLv2 & LGPLv2.1" +result = False +with open(infofile, "r") as f: +for line in f: +if line.strip() == expected: +result = True +break +if not result: +raise AssertionError("Expected License not found") -- 2.17.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#154136): https://lists.openembedded.org/g/openembedded-core/message/154136 Mute This Topic: https://lists.openembedded.org/mt/84451836/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [poky][master][PATCH] buildhistory.bbclass: Enable exporting more recipe and package data
From: Sana Kazi Used BUILDHISTORY_EXPORT_RECIPE_VARIABLES and BUILDHISTORY_EXPORT_PACKAGE_VARIABLES to export recipe and package data to the latest file of buildhistory and sorted it alphabetically. This makes extending data in buildhistory git tree simple and avoids patches to it for users who care about things like SRC_URI and like to track it in buildhistory git tree. Now we can add additional information as per our requirement to the buildhistory like LICENSE, SRC_URI AND MAINTAINER to the buildhistory by appending them in a recipe or distro specific conf file as follows: BUILDHISTORY_EXPORT_RECIPE_VARIABLES += "MAINTAINER" BUILDHISTORY_EXPORT_PACKAGE_VARIABLES += "MAINTAINER" Signed-off-by: Sana Kazi --- meta-poky/conf/distro/poky.conf | 3 + meta/classes/buildhistory.bbclass | 107 +++--- 2 files changed, 71 insertions(+), 39 deletions(-) diff --git a/meta-poky/conf/distro/poky.conf b/meta-poky/conf/distro/poky.conf index 522cc92f74..2280e95569 100644 --- a/meta-poky/conf/distro/poky.conf +++ b/meta-poky/conf/distro/poky.conf @@ -76,3 +76,6 @@ INHERIT += "reproducible_build" BB_SIGNATURE_HANDLER ?= "OEEquivHash" BB_HASHSERVE ??= "auto" + +BUILDHISTORY_EXPORT_RECIPE_VARIABLES ?= "PR PV PE LAYER DEPENDS PACKAGES LICENSE SRC_URI CONFIG" +BUILDHISTORY_EXPORT_PACKAGE_VARIABLES ?= "PE PV PR PKG PKGE PKGV PKGR RPROVIDES RDEPENDS RRECOMMENDS RSUGGESTS RREPLACES RCONFLICTS PKGSIZE FILES FILELIST" diff --git a/meta/classes/buildhistory.bbclass b/meta/classes/buildhistory.bbclass index 55b12d7893..9b1542643e 100644 --- a/meta/classes/buildhistory.bbclass +++ b/meta/classes/buildhistory.bbclass @@ -220,7 +220,6 @@ python buildhistory_emit_pkghistory() { pv = d.getVar('PV') pr = d.getVar('PR') layer = bb.utils.get_file_layer(d.getVar('FILE'), d) -license = d.getVar('LICENSE') pkgdata_dir = d.getVar('PKGDATA_DIR') packages = "" @@ -258,12 +257,11 @@ python buildhistory_emit_pkghistory() { rcpinfo.pe = pe rcpinfo.pv = pv rcpinfo.pr = pr -rcpinfo.depends = sortlist(oe.utils.squashspaces(d.getVar('DEPENDS') or "")) rcpinfo.packages = packages rcpinfo.layer = layer -rcpinfo.license = license rcpinfo.config = sortlist(oe.utils.squashspaces(d.getVar('PACKAGECONFIG') or "")) -rcpinfo.src_uri = oe.utils.squashspaces(d.getVar('SRC_URI') or "") +export_recipe_variables = d.getVar('BUILDHISTORY_EXPORT_RECIPE_VARIABLES') or '' +rcpinfo.export_recipe_variables = export_recipe_variables write_recipehistory(rcpinfo, d) bb.build.exec_func("read_subpackage_metadata", d) @@ -317,6 +315,9 @@ python buildhistory_emit_pkghistory() { pkginfo.size = int(localdata.getVar('PKGSIZE') or '0') +export_package_variables = d.getVar('BUILDHISTORY_EXPORT_PACKAGE_VARIABLES') or '' +pkginfo.export_package_variables = export_package_variables + write_pkghistory(pkginfo, d) # Create files-in-.txt files containing a list of files of each recipe's package @@ -365,17 +366,22 @@ def write_recipehistory(rcpinfo, d): pkghistdir = d.getVar('BUILDHISTORY_DIR_PACKAGE') infofile = os.path.join(pkghistdir, "latest") +export_recipe_variables = set(rcpinfo.export_recipe_variables.split()) +ret = [] with open(infofile, "w") as f: -if rcpinfo.pe != "0": -f.write(u"PE = %s\n" % rcpinfo.pe) -f.write(u"PV = %s\n" % rcpinfo.pv) -f.write(u"PR = %s\n" % rcpinfo.pr) -f.write(u"DEPENDS = %s\n" % rcpinfo.depends) -f.write(u"PACKAGES = %s\n" % rcpinfo.packages) -f.write(u"LAYER = %s\n" % rcpinfo.layer) -f.write(u"LICENSE = %s\n" % rcpinfo.license) -f.write(u"CONFIG = %s\n" % rcpinfo.config) -f.write(u"SRC_URI = %s\n" % rcpinfo.src_uri) +for var in export_recipe_variables: +if var == "PE": +if rcpinfo.pe != "0": +ret.append("%s = %s" % (var, rcpinfo.pe)) +elif var == "LAYER": +ret.append("%s = %s" % (var, rcpinfo.layer)) +elif var == "CONFIG": +ret.append("%s = %s" % (var, rcpinfo.config)) +else: +ret.append("%s = %s" % (var," ".join((str(d.getVar(var)).split() +ret.sort() +for element in ret: +f.write(element + "\n") write_latest_srcrev(d, pkghistdir) @@ -389,32 +395,55 @@ def write_pkghistory(pkginfo, d): bb.utils.mkdirhier(pkgpath) infofile = os.path.join(pkgpath, "latest") +export_package_variables = set(pkginfo.export_package_variables.split()) +ret = [] with open(infofile, "w") as f: -if pkginfo.pe != "0": -f.write(u"PE = %s\n" % pkginfo.pe) -f.write(u"PV = %s\n" % pkginfo.pv) -f.write(u"PR = %s\n" % pkginfo.pr) - -if pkginfo.pkg != pkginfo.name: -f.write(u"PKG = %s\n" % pkginfo.pkg) -if pkginfo.
[OE-core] [PATCH] libubootenv: Drop defulat-env RRECOMENDS
The link back to uboot's env is causing a ton of pain since it is making this recipe machine specific. Some machines may use uboot, some may not but you really want an architecture/machine neutral library. Revert this part of the 0.3 upgrade (OE-Core rev: 02d55cd35aac15095fc44f0cf8f9e7a71638f485) so that we don't need some of the horrible workarounds being seen in other layers. If a given machine uses u-boot, the env can be pulled in by the machine directly. Signed-off-by: Richard Purdie --- meta/recipes-bsp/u-boot/libubootenv_0.3.2.bb | 4 1 file changed, 4 deletions(-) diff --git a/meta/recipes-bsp/u-boot/libubootenv_0.3.2.bb b/meta/recipes-bsp/u-boot/libubootenv_0.3.2.bb index 306296922c3..488a9df7920 100644 --- a/meta/recipes-bsp/u-boot/libubootenv_0.3.2.bb +++ b/meta/recipes-bsp/u-boot/libubootenv_0.3.2.bb @@ -23,8 +23,4 @@ DEPENDS = "zlib" PROVIDES += "u-boot-fw-utils" RPROVIDES_${PN}-bin += "u-boot-fw-utils" -PACKAGE_ARCH = "${MACHINE_ARCH}" - -RRECOMMENDS_${PN}-bin_append_class-target = " u-boot-default-env" - BBCLASSEXTEND = "native" -- 2.30.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#154134): https://lists.openembedded.org/g/openembedded-core/message/154134 Mute This Topic: https://lists.openembedded.org/mt/84440693/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] init-manager-systemd: define weak dev manager
For a full systemd distro, also add a weak assignment for systemd as the dev manager. Signed-off-by: Vivien Didelot --- meta/conf/distro/include/init-manager-systemd.inc | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/conf/distro/include/init-manager-systemd.inc b/meta/conf/distro/include/init-manager-systemd.inc index 1558b85250..4bd950a9aa 100644 --- a/meta/conf/distro/include/init-manager-systemd.inc +++ b/meta/conf/distro/include/init-manager-systemd.inc @@ -4,3 +4,4 @@ DISTRO_FEATURES_BACKFILL_CONSIDERED_append = " sysvinit" VIRTUAL-RUNTIME_init_manager ??= "systemd" VIRTUAL-RUNTIME_initscripts ??= "systemd-compat-units" VIRTUAL-RUNTIME_login_manager ??= "shadow-base" +VIRTUAL-RUNTIME_dev_manager ??= "systemd" -- 2.32.0 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#154133): https://lists.openembedded.org/g/openembedded-core/message/154133 Mute This Topic: https://lists.openembedded.org/mt/84439903/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] OE-core CVE metrics for hardknott on Sun 25 Jul 2021 05:00:01 AM HST
Branch: hardknott New this week: 0 CVEs Removed this week: 5 CVEs CVE-2021-22897: curl:curl-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-22897 * CVE-2021-22898: curl:curl-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-22898 * CVE-2021-31525: go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31525 * CVE-2021-33194: go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33194 * CVE-2021-33477: rxvt-unicode https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33477 * Full list: Found 26 unpatched CVEs CVE-2013-0340: expat:expat-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0340 * CVE-2019-12067: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-12067 * CVE-2019-6293: flex:flex-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6293 * CVE-2019-6470: bind https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6470 * CVE-2020-27748: xdg-utils https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27748 * CVE-2020-29623: webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29623 * CVE-2020-35503: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35503 * CVE-2021-0129: bluez5 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-0129 * CVE-2021-1765: webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1765 * CVE-2021-1789: webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1789 * CVE-2021-1799: webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1799 * CVE-2021-1801: webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1801 * CVE-2021-1870: webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1870 * CVE-2021-20196: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20196 * CVE-2021-20255: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20255 * CVE-2021-22901: curl:curl-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-22901 * CVE-2021-31879: wget https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31879 * CVE-2021-33574: glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33574 * CVE-2021-3445: libdnf https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3445 * CVE-2021-3507: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3507 * CVE-2021-3527: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3527 * CVE-2021-35331: tcl:tcl-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35331 * CVE-2021-3544: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3544 * CVE-2021-3545: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3545 * CVE-2021-3546: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3546 * CVE-2021-36217: avahi https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-36217 * -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#154132): https://lists.openembedded.org/g/openembedded-core/message/154132 Mute This Topic: https://lists.openembedded.org/mt/84439200/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] OE-core CVE metrics for dunfell on Sun 25 Jul 2021 04:30:01 AM HST
Branch: dunfell New this week: 0 CVEs Removed this week: 1 CVEs CVE-2021-3588: bluez5 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3588 * Full list: Found 79 unpatched CVEs CVE-2018-21232: re2c:re2c-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-21232 * CVE-2019-12067: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-12067 * CVE-2019-6293: flex:flex-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6293 * CVE-2020-12829: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-12829 * CVE-2020-13253: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-13253 * CVE-2020-13754: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-13754 * CVE-2020-13791: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-13791 * CVE-2020-14372: grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-14372 * CVE-2020-15469: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15469 * CVE-2020-15705: grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15705 * CVE-2020-15859: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15859 * CVE-2020-15900: ghostscript-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15900 * CVE-2020-16590: binutils:binutils-cross-testsuite:binutils-cross-x86_64:binutils-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-16590 * CVE-2020-16591: binutils:binutils-cross-testsuite:binutils-cross-x86_64:binutils-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-16591 * CVE-2020-16593: binutils:binutils-cross-testsuite:binutils-cross-x86_64:binutils-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-16593 * CVE-2020-16599: binutils:binutils-cross-testsuite:binutils-cross-x86_64:binutils-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-16599 * CVE-2020-17380: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17380 * CVE-2020-25632: grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25632 * CVE-2020-25647: grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25647 * CVE-2020-25742: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25742 * CVE-2020-25743: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25743 * CVE-2020-27661: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27661 * CVE-2020-27748: xdg-utils https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27748 * CVE-2020-27749: grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27749 * CVE-2020-27779: grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27779 * CVE-2020-27821: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27821 * CVE-2020-29510: go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29510 * CVE-2020-29623: webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29623 * CVE-2020-35503: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35503 * CVE-2020-35504: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35504 * CVE-2020-35505: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35505 * CVE-2020-35506: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35506 * CVE-2020-3810: apt https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-3810 * CVE-2021-0129: bluez5 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-0129 * CVE-2021-1765: webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1765 * CVE-2021-1789: webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1789 * CVE-2021-1799: webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1799 * CVE-2021-1801: webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1801 * CVE-2021-1870: webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1870 * CVE-2021-20181: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20181 * CVE-2021-20221: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20221 * CVE-2021-20225: grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20225 * CVE-2021-20233: grub:grub-efi:grub-efi-na
[OE-core] [PATCH v2] u-boot_2021.07: set UBOOT_MACHINE for qemumips and qemumips64
From: Kai Kang It fails to build u-boot 2021.07 for qemumips and qemumips64: | *** Can't find default configuration "arch/../configs/qemu_mips64_defconfig"! According to https://source.denx.de/u-boot/u-boot/-/commit/5308a71 set UBOOT_MACHINE with malta defconfigs for qemumips and qemumips64. Signed-off-by: Kai Kang --- meta/conf/machine/qemumips.conf | 2 +- meta/conf/machine/qemumips64.conf | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/meta/conf/machine/qemumips.conf b/meta/conf/machine/qemumips.conf index 1373e4cba0..9b602fcd1f 100644 --- a/meta/conf/machine/qemumips.conf +++ b/meta/conf/machine/qemumips.conf @@ -9,7 +9,7 @@ require conf/machine/include/qemuboot-mips.inc KERNEL_IMAGETYPE = "vmlinux" KERNEL_ALT_IMAGETYPE = "vmlinux.bin" -UBOOT_MACHINE ?= "qemu_mips_defconfig" +UBOOT_MACHINE ?= "malta_defconfig" SERIAL_CONSOLES ?= "115200;ttyS0 115200;ttyS1" diff --git a/meta/conf/machine/qemumips64.conf b/meta/conf/machine/qemumips64.conf index 1e77486491..b37d78989b 100644 --- a/meta/conf/machine/qemumips64.conf +++ b/meta/conf/machine/qemumips64.conf @@ -11,7 +11,7 @@ QB_CPU = "-cpu MIPS64R2-generic" KERNEL_IMAGETYPE = "vmlinux" KERNEL_ALT_IMAGETYPE = "vmlinux.bin" -UBOOT_MACHINE ?= "qemu_mips64_defconfig" +UBOOT_MACHINE ?= "malta64_defconfig" SERIAL_CONSOLES ?= "115200;ttyS0 115200;ttyS1" -- 2.17.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#154130): https://lists.openembedded.org/g/openembedded-core/message/154130 Mute This Topic: https://lists.openembedded.org/mt/84438565/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [AUH] meson: upgrading to 0.59.0 FAILED
The latest round of upgrade helper emails didn't make it to oe-core list (but I did get ones that were also CCd to me directly) - can you please check? Here's the log: https://autobuilder.yoctoproject.org/typhoon/#/builders/112/builds/37/steps/11/logs/stdio Alex On Sun, 25 Jul 2021 at 14:28, wrote: > Hello, > > this email is a notification from the Auto Upgrade Helper > that the automatic attempt to upgrade the recipe *meson* to *0.59.0* has > Failed (devtool error). > > Detailed error information: > > Running 'devtool upgrade' for recipe meson failed. > NOTE: Starting bitbake server... > NOTE: Reconnecting to bitbake server... > NOTE: Retrying server connection (#1)... > Loading cache...done. > Loaded 1459 entries from dependency cache. > INFO: Extracting current version source... > Removing 1 recipes from the x86_64 sysroot...done. > NOTE: Resolving any missing task queue dependencies > > Build Configuration: > BB_VERSION = "1.51.0" > BUILD_SYS= "x86_64-linux" > NATIVELSBSTRING = "universal" > TARGET_SYS = "x86_64-poky-linux" > MACHINE = "qemux86-64" > DISTRO = "poky" > DISTRO_VERSION = > "3.3+snapshot-0421d4df954a35ad0176a12db1060e52115b14b1" > TUNE_FEATURES= "m64 core2" > TARGET_FPU = "" > meta > meta-poky > meta-yocto-bsp = > "tmp-auh-upgrades:0421d4df954a35ad0176a12db1060e52115b14b1" > workspace= "master:982f98f721af11b5698be8fe959058823d1de0d3" > > Initialising tasks...done. > Sstate summary: Wanted 0 Local 0 Network 0 Missed 0 Current 20 (0% match, > 100% complete) > NOTE: Executing Tasks > NOTE: Tasks Summary: Attempted 93 tasks of which 90 didn't need to be > rerun and all succeeded. > NOTE: Writing buildhistory > NOTE: Writing buildhistory took: 1 seconds > INFO: Extracting upgraded version source... > INFO: Fetching > https://github.com/mesonbuild/meson/releases/download/0.59.0/meson-0.59.0.tar.gz. > .. > Loading cache...done. > Loaded 1459 entries from dependency cache. > Parsing recipes...done. > Parsing of 822 .bb files complete (820 cached, 2 parsed). 1460 targets, 35 > skipped, 0 masked, 0 errors. > NOTE: Resolving any missing task queue dependencies > > Build Configuration: > BB_VERSION = "1.51.0" > BUILD_SYS= "x86_64-linux" > NATIVELSBSTRING = "universal" > TARGET_SYS = "x86_64-poky-linux" > MACHINE = "qemux86-64" > DISTRO = "poky" > DISTRO_VERSION = > "3.3+snapshot-0421d4df954a35ad0176a12db1060e52115b14b1" > TUNE_FEATURES= "m64 core2" > TARGET_FPU = "" > meta > meta-poky > meta-yocto-bsp = > "tmp-auh-upgrades:0421d4df954a35ad0176a12db1060e52115b14b1" > workspace= "master:982f98f721af11b5698be8fe959058823d1de0d3" > > Initialising tasks...done. > Sstate summary: Wanted 0 Local 0 Network 0 Missed 0 Current 0 (0% match, > 0% complete) > NOTE: No setscene tasks > NOTE: Executing Tasks > NOTE: Tasks Summary: Attempted 2 tasks of which 0 didn't need to be rerun > and all succeeded. > NOTE: Writing buildhistory > NOTE: Writing buildhistory took: 1 seconds > DEBUG 5 [Errno 25] Inappropriate ioctl for device > Adding changed files: 0% | | ETA: > --:--:-- > Adding changed files: 0% | | ETA: > --:--:-- > Adding changed files: 15% |# | ETA: > 0:00:00 > Adding changed files: 30% |## | ETA: > 0:00:00 > Adding changed files: 45% || ETA: > 0:00:00 > Adding changed files: 60% |# | ETA: > 0:00:00 > Adding changed files: 75% |### | ETA: > 0:00:00 > Adding changed files: 90% || ETA: > 0:00:00 > Adding changed files: 100% || Time: > 0:00:00 > INFO: Rebasing devtool onto c5d7d02bfafd0664a2d3e9c304d3aedf2b771bda > WARNING: Command 'git rebase c5d7d02bfafd0664a2d3e9c304d3aedf2b771bda' > failed: > Rebasing (1/8) > Rebasing (2/8) > error: could not apply 7f3dc56... native_bindir > Resolve all conflicts manually, mark them as resolved with > "git add/rm ", then run "git rebase --continue". > You can instead skip this commit: run "git rebase --skip". > To abort and get back to the state before "git rebase", run "git rebase > --abort". > Could not apply 7f3dc56... native_bindir > Auto-merging mesonbuild/dependencies/base.py > CONFLICT (content): Merge conflict in mesonbuild/dependencies/base.py > > You will need to resolve conflicts in order to complete the upgrade. > INFO: Upgraded source extracted to > /home/pokybuild/yocto-worker/auh/build/build/build/workspace/sources/meson > INFO: New recipe is > /home/pokybuild/yocto-worker/auh/build/build/build/workspace/recipes/meson/ > meson_0.59.0.bb > > > > > Please review the attached files for further information and build/update > failures. >
[OE-core] OE-core CVE metrics for master on Sun 25 Jul 2021 04:00:01 AM HST
Branch: master New this week: 0 CVEs Removed this week: 1 CVEs CVE-2021-36217: avahi https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-36217 * Full list: Found 9 unpatched CVEs CVE-2019-12067: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-12067 * CVE-2019-6293: flex:flex-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6293 * CVE-2020-27748: xdg-utils https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27748 * CVE-2020-35503: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35503 * CVE-2021-20255: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20255 * CVE-2021-31879: wget https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31879 * CVE-2021-33574: glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33574 * CVE-2021-3507: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3507 * CVE-2021-35331: tcl:tcl-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35331 * -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#154128): https://lists.openembedded.org/g/openembedded-core/message/154128 Mute This Topic: https://lists.openembedded.org/mt/84438205/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-