[OE-core] [PATCH] cve-update-db-native: skip on empty cpe23Uri

Recently an entry in the NVD DB appeared that looks like that {'vulnerable': True, 'cpe_name': []}. As besides all the vulnerable flag no data is present we would get a KeyError exception on acccess. Use get method on dictionary and return if no meta data is present Signed-off-by: Konrad Weihmann

[OE-core] [PATCH] musl: Update to latest master

changelog [1] * aad50fcd fix regression in dl_iterate_phdr reporting of modules with no TLS * 0ea78a64 nscd: fall back gracefully on kernels without AF_UNIX support * 95a540e1 mallocng/aligned_alloc: check for malloc failure * 2c00f95c make epoll_[p]wait a cancellation point * 521b4d27 fix dl_iter

Re: [OE-core][hardknott][PATCH] nettle: fix CVE-2021-20305

On Wed, Apr 21, 2021 at 6:05 PM Anuj Mittal wrote: > Hi Trevor, > > On Wed, 2021-04-21 at 09:44 -0400, Trevor Gamblin wrote: > > Backport and combine multiple commits from 3.7.2 to address this CVE. > > > > I have taken the 3.7.2 upgrade for hardknott since the release notes > mention it's a bug

[OE-core] [PATCH 5/6] oeqa/manual/bsp-hw.json :remove Check_if_RTC_(Real_Time_Clock)_can_work_correctly manual test

From: Teoh Jay Shen Remove the Check_if_RTC_(Real_Time_Clock)_can_work_correctly test as it was replaced by the new automated runtime oeqa/runtime/cases/rtc.py. Signed-off-by: Teoh Jay Shen --- meta/lib/oeqa/manual/bsp-hw.json | 34 1 file changed, 34 deletion

[OE-core] [PATCH 6/6] oeqa/manual/bsp-hw.json : remove Test_if_usb_hid_device_works_well_after_resume_from_suspend_state manual test

From: Teoh Jay Shen Remove the Test_if_usb_hid_device_works_well_after_resume_from_suspend_state test as it was replaced by the new automated runtime oeqa/runtime/cases/usb_hid.py. Signed-off-by: Teoh Jay Shen --- meta/lib/oeqa/manual/bsp-hw.json | 30 -- 1 file c

[OE-core] [PATCH 4/6] oeqa/manual/bsp-hw.json : remove click_terminal_icon_on_X_desktop manual test

From: Teoh Jay Shen Remove the click_terminal_icon_on_X_desktop test as it was replaced by the new automated runtime oeqa/runtime/cases/terminal.py. Signed-off-by: Teoh Jay Shen --- meta/lib/oeqa/manual/bsp-hw.json | 22 -- 1 file changed, 22 deletions(-) diff --git a/met

[OE-core] [PATCH 3/6] oeqa/manual/bsp-hw.json : remove standby and Test_if_LAN_device_works_well_after_resume_from_suspend_state manual test

From: Teoh Jay Shen Remove standby and Test_if_LAN_device_works_well_after_resume_from_suspend_state test as they was replaced by the new automated runtime oeqa/runtime/cases/suspend.py. Signed-off-by: Teoh Jay Shen --- meta/lib/oeqa/manual/bsp-hw.json | 64

[OE-core] [PATCH 2/6] oeqa/manual/bsp-hw.json : remove ethernet_static_ip_set_in_connman and ethernet_get_IP_in_connman_via_DHCP manual test

From: Teoh Jay Shen Remove ethernet_static_ip_set_in_connman and ethernet_get_IP_in_connman_via_DHCP test as they was replaced by the new automated runtime oeqa/runtime/cases/ethernet_ip_connman.py. Signed-off-by: Teoh Jay Shen --- meta/lib/oeqa/manual/bsp-hw.json | 64 --

[OE-core] [PATCH 1/6] oeqa/manual/bsp-hw.json : remove boot_from_runlevel_3 and boot_from_runlevel_5 manual test

From: Teoh Jay Shen Remove boot_from_runlevel_3 and boot_from_runlevel_5 test as they was replaced by the new automated runtime oeqa/runtime/cases/runlevel.py. Signed-off-by: Teoh Jay Shen --- meta/lib/oeqa/manual/bsp-hw.json | 64 1 file changed, 64 deletions

Re: [OE-core][hardknott][PATCH] nettle: fix CVE-2021-20305

Hi Trevor, On Wed, 2021-04-21 at 09:44 -0400, Trevor Gamblin wrote: > Backport and combine multiple commits from 3.7.2 to address this CVE. > I have taken the 3.7.2 upgrade for hardknott since the release notes mention it's a bug fix release. https://github.com/gnutls/nettle/commit/7a5f86321f4

Re: [OE-core] Maintainer for hardknott needed

On Thu, 2021-04-15 at 22:04 +0100, Richard Purdie via lists.openembedded.org wrote: > With the release of hardknott, we're in need of a maintainer for the > hardknott  > stable branch which would be maintained for around the next 7-8 months until > our April release next year. > > If interested

Re: [OE-core] standard for names for local source mirror tarballs for git-based recipes?

On Wed, Apr 21, 2021 at 07:44:45AM -0400, Robert P. J. Day wrote: > > based on my recommendation, colleague created a local source mirror > to start collecting tarballs so as to minimize amount of downloading > for various builds. names of tarballs that correspond to fixed > (versioned) tarballs

[OE-core] [PATCH] weston: Drop loading xwayland.so module

This module is no longer installed by x11 instead it uses a stand along server for xwayland, as a result when xwayland is enabled in packageconfig in weston then it fails to load xwayland.so during runtime Fixes [21:07:12.-100663296] Old Xwayland module loading detected: Please use --xwayland co

Re: [OE-core] [PATCH] elfutils: Make 64bit time_t fix generic

Thanks Khem. Alex On Wed, 21 Apr 2021 at 21:28, Khem Raj wrote: > Apply it always since more than x32 needs it > > Signed-off-by: Khem Raj > --- > .../elfutils/elfutils_0.183.bb| 4 +-- > ...infod-client.c-correct-string-format.patch | 32 +-- > 2 files change

Re: [OE-core] [PATCH] Use shutil.move when os.rename fails

Separate patches for bitbake and oe-core, as requested I've assumed each will be applied to the master-next branch on top of the previous patch. Thanks, Devendra > On 21 Apr 2021, at 16:21, Richard Purdie > wrote: > > On Wed, 2021-04-21 at 16:15 -0300, Devendra Tewari wrote: >> That's a ne

[OE-core] OpenEmbedded Happy Hour April 28 9pm/2100 UTC

Hi, Please join us for the upcoming OpenEmbedded Happy Hour on April 28 for Asia/Pacific timezones @ 2100/9pm UTC (5pm EDT): https://www.openembedded.org/wiki/Calendar https://www.timeanddate.com/worldclock/fixedtime.html?msg=OpenEmbedded+Happy+Hour+April+28&iso=20210428T21 -- Regards, Denys D

[OE-core] [PATCH] elfutils: Make 64bit time_t fix generic

Apply it always since more than x32 needs it Signed-off-by: Khem Raj --- .../elfutils/elfutils_0.183.bb| 4 +-- ...infod-client.c-correct-string-format.patch | 32 +-- 2 files changed, 24 insertions(+), 12 deletions(-) diff --git a/meta/recipes-devtools/elfutils

Re: [OE-core] [PATCH] Use shutil.move when os.rename fails

On Wed, 2021-04-21 at 16:15 -0300, Devendra Tewari wrote: > That's a neat idea - if the exception handler catches OSError with error > number  > 18 (Invalid cross-device link) in os.rename, it should attempt shutil.move,  > otherwise it should re-throw the exception with raise. A wrapper function 

Re: [OE-core] [PATCH] Use shutil.move when os.rename fails

That's a neat idea - if the exception handler catches OSError with error number 18 (Invalid cross-device link) in os.rename, it should attempt shutil.move, otherwise it should re-throw the exception with raise. A wrapper function will make it easier to handle other situations as they arise. I'll

Re: [OE-core] [yocto-security] [PATCH] busybox: use openssl for TLS connections whenever possible

On Wed, Apr 21, 2021 at 2:22 AM Shachar Menashe wrote: > On Tue, Apr 20, 2021 at 1:46 PM Shachar Menashe wrote: > > Last time we talked about this I thought we would need to change something in > openssl build settings to make the openssl binary get built just for this > solution, and that was

Re: [OE-core] [PATCH] Use shutil.move when os.rename fails

On Wed, 2021-04-21 at 11:43 -0300, Devendra Tewari wrote: > I created an image for Raspberry Pi Zero W from code at  > https://github.com/tewarid/docker-meta-raspberrypi/tree/sstate, using Docker > for macOS, and on Ubuntu 20.04- > LTS, and wrote it out to an SDCard using bmaptool. Booted and che

Re: [OE-core] [dunfell][PATCH] curl: Patch CVE-2021-22876 & CVE-2021-22890

On Tuesday 06 April 2021 at 13:53:42 +0100, Mike Crowe via lists.openembedded.org wrote: > Take patches from Ubuntu 20.04 7.68.0-1ubuntu2.5, which is close enough > that they apply without conflicts. > > Signed-off-by: Mike Crowe > --- > .../curl/curl/CVE-2021-22876.patch| 59 +++ >

[OE-core] [PATCH] oeqa/selftest/bblayers: Add test case for bitbake-layers layerindex-show-depends

Signed-off-by: Diego Sueiro --- meta/lib/oeqa/selftest/cases/bblayers.py | 5 + 1 file changed, 5 insertions(+) diff --git a/meta/lib/oeqa/selftest/cases/bblayers.py b/meta/lib/oeqa/selftest/cases/bblayers.py index f131d9856c..7d74833f61 100644 --- a/meta/lib/oeqa/selftest/cases/bblayers.py

Re: [OE-core] [PATCH] Use shutil.move when os.rename fails

On Wed, Apr 21, 2021 at 7:43 AM Devendra Tewari wrote: > > I created an image for Raspberry Pi Zero W from code at > https://github.com/tewarid/docker-meta-raspberrypi/tree/sstate, using Docker > for macOS, and on Ubuntu 20.04-LTS, and wrote it out to an SDCard using > bmaptool. Booted and chec

Re: [OE-core] [PATCH 1/2] elfutils: correct debuginfod builds on x32

I still see build failures on rv32 see https://errors.yoctoproject.org/Errors/Details/577160/ On Tue, Apr 20, 2021 at 1:47 PM Khem Raj wrote: > > On Tue, Apr 20, 2021 at 10:34 AM Alexander Kanavin > wrote: > > > > Then the patch needs to guard %lld only for those architectures, and I am > > not

Re: [OE-core] [PATCH] Use shutil.move when os.rename fails

I created an image for Raspberry Pi Zero W from code at https://github.com/tewarid/docker-meta-raspberrypi/tree/sstate , using Docker for macOS, and on Ubuntu 20.04-LTS, and wrote it out to an SDCard using bmaptool. Booted and chec

[OE-core][hardknott][PATCH] nettle: fix CVE-2021-20305

Backport and combine multiple commits from 3.7.2 to address this CVE. Signed-off-by: Trevor Gamblin --- .../nettle/nettle/CVE-2021-20305.patch| 516 ++ meta/recipes-support/nettle/nettle_3.7.1.bb | 1 + 2 files changed, 517 insertions(+) create mode 100644 meta/recip

[OE-core] standard for names for local source mirror tarballs for git-based recipes?

based on my recommendation, colleague created a local source mirror to start collecting tarballs so as to minimize amount of downloading for various builds. names of tarballs that correspond to fixed (versioned) tarballs was fairly obvious, but he got stuck trying to local source mirror a tarbal

[OE-core] [PATCH] ofono: prevent using bundled ell headers and fix build with ell-0.39

* -I../ofono-1.31 is included when building drivers/mbimmodem/mbim.c and then ell.h will happily include ell/util.h from there: # 1 "/OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/ofono/1.31-r0/recipe-sysroot/usr/include/ell/ell.h" 1 3 4 # 23 "/OE/build/oe-core/tmp-glibc/work/core2-64

Re: [OE-core] [yocto-security] [PATCH] busybox: use openssl for TLS connections whenever possible

On Tue, Apr 20, 2021 at 1:46 PM Shachar Menashe wrote: > > > Last time we talked about this I thought we would need to change something > in openssl build settings to make the openssl binary get built just for > this solution, and that was what got rejected. > But actually now I see (or perhaps

[OE-core] [PATCH][hardknott] parselogs: ignore floppy error on qemu-system-x86 at boot stage

From: Yanfei Xu We can disable floppy drive by BIOS on a hardware, but an empty floppy drive is connected by default on qemu-system-x86. Linux usually detect the device and modprode the matched floppy.ko at the boot stage. Due to we don't specify a floppy deivce in qemu boot arguments, then the e