[OE-core] OpenEmbedded Happy Hour September 29 during ELC hours and after

Oops, sorry, updated the subject to the correct date. On Fri, Sep 24, 2021 at 06:19:10PM -0400, Denys Dmytriyenko wrote: > All, > > As you are aware, next week is LF Embedded Linux Conference, which coincides > with our OE Happy Hour. The Board has decided to extend the Happy Hour for > the >

Re: [OE-core] OpenEmbedded Happy Hour August 25 9pm/2100 UTC

All, As you are aware, next week is LF Embedded Linux Conference, which coincides with our OE Happy Hour. The Board has decided to extend the Happy Hour for the entire duration of Wednesday ELC sessions for people to come and go throughout the day and meet during breaks or for the entire hallwa

Re: [OE-core] [RFC PATCH 10/14] package_ipk/deb/rpm: Drop recursive do_build task dependencies

On 9/24/21 12:58 AM, Martin Jansa wrote: On Fri, Sep 24, 2021 at 6:51 AM Khem Raj > wrote: this is quite encouraging, dont go by number of lines of change :) btw. did you also try with other change which reduces native dependencies, I've tried layer.conf

Re: [OE-core] user/group XXX does not exist, using root with RPM/DNF packaging in Hardknott and Honister

On 9/24/21 9:02 AM, Zoltan Boszormenyi via lists.openembedded.org wrote: > Hi, > > I have a special package that creates users and groups > via inherit useradd. This package doesn't depend on any > others but it is depended on, both via DEPENDS and RDEPENDS > by packages using those users/groups

Re: [OE-core] user/group XXX does not exist, using root with RPM/DNF packaging in Hardknott and Honister

On Fri, Sep 24, 2021 at 9:36 AM Böszörményi Zoltán wrote: > > On 2021. 09. 24. 18:22, Khem Raj wrote: > > > > > > On 9/24/21 7:02 AM, Böszörményi Zoltán wrote: > >> Hi, > >> > >> I have a special package that creates users and groups > >> via inherit useradd. This package doesn't depend on any > >

Re: [OE-core] user/group XXX does not exist, using root with RPM/DNF packaging in Hardknott and Honister

On 2021. 09. 24. 18:22, Khem Raj wrote: On 9/24/21 7:02 AM, Böszörményi Zoltán wrote: Hi, I have a special package that creates users and groups via inherit useradd. This package doesn't depend on any others but it is depended on, both via DEPENDS and RDEPENDS by packages using those users/gr

Re: [OE-core] user/group XXX does not exist, using root with RPM/DNF packaging in Hardknott and Honister

On 9/24/21 7:02 AM, Böszörményi Zoltán wrote: Hi, I have a special package that creates users and groups via inherit useradd. This package doesn't depend on any others but it is depended on, both via DEPENDS and RDEPENDS by packages using those users/groups in their do_install scripts. This w

Re: [OE-core] [PATCH] libsamplerate0: Set correct soname for 0.1.9

On 9/24/21 5:47 AM, Tom Pollard wrote: Manually patch SHARED_VERSION_INFO, which was missed in the 0.1.9 release and later incorrectly fixed until 0.2.1 Signed-off-by: Tom Pollard --- .../libsamplerate0/shared_version_info.patch| 13 + .../libsamplerate/libsamplerate0_0

Re: [OE-core] [PATCH] bzip2: Update soname for libbz2 1.0.8

On 9/24/21 4:33 AM, Tom Pollard wrote: Set shared library name as libbz2.so.1.0.8, version in configure.ac already synced via do_configure PV substitution. Signed-off-by: Tom Pollard --- meta/recipes-extended/bzip2/bzip2/Makefile.am | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) di

Re: [OE-core] [PATCH V2] archiver: Configurable tarball compression

On 9/20/21 3:25 AM, Ian Ray wrote: In order to be more efficient, we use xz as compression method to create GPL sources archives. Signed-off-by: Fabien Lahoudere [V1 was https://patchwork.openembedded.org/patch/155985/] [Rebased] xz has its own mind when it comes to parallel threads, how do

[OE-core] [PATCH] curl: Update tls backend PACKAGECONFIG options

curl 7.77.0 made the tls backend configuration explicit. openssl is now a specific option replacing the default `--with-ssl`, and `--without-ssl` is required to build without any tls, overriding any other tls config. Adding 'without-ssl` as a mutually exclusive option against the existing tls optio

[OE-core] [PATCH V2] archiver: Configurable tarball compression

In order to be more efficient, we use xz as compression method to create GPL sources archives. Signed-off-by: Fabien Lahoudere [V1 was https://patchwork.openembedded.org/patch/155985/] [Rebased] Signed-off-by: Ian Ray --- meta/classes/archiver.bbclass | 8 +--- 1 file changed, 5 insertions(

[OE-core] [PATCH 3/4] lttng-modules/dev-upstream: update to 2.13-latest

From: Bruce Ashfield To ensure we can build against 5.15, and to keep in sync with the versioned recipe, we bump to the latest commit on the 2.13 release branch. Signed-off-by: Bruce Ashfield --- meta/recipes-kernel/lttng/lttng-modules_2.13.0.bb | 4 ++-- 1 file changed, 2 insertions(+), 2 del

[OE-core] [PATCH 4/4] linux-yocto/5.13: drop recipes

From: Bruce Ashfield 5.13 is EOL upstream, and we've moved to 5.14 for the release, so we drop the versioned recipes. The kernel tree and branches will stay available for use, but other layers must create recipes if they wish to continue with 5.13. Signed-off-by: Bruce Ashfield --- .../linux/l

[OE-core] [PATCH 2/4] lttng-modules: fix build against 5.15+

From: Bruce Ashfield When testing linux-yocto-dev 5.15-rc, lttng-modules fails to build. Upstream already has fixes for 5.15 in the release branch, so we backport the two patches here and we can drop them on the next version bump. Signed-off-by: Bruce Ashfield --- ...Remove-deprecated-CPU-hotp

[OE-core] [PATCH 1/4] linux-yocto-dev: update to v5.15-rcX

From: Bruce Ashfield The main reference kernel has moved to 5.14, so we bump -dev to 5.15 for the release. Signed-off-by: Bruce Ashfield --- meta/recipes-kernel/linux/linux-yocto-dev.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-kernel/linux/linux-yocto-de

[OE-core] [PATCH 0/4] linux-yocto: complete bump to v5.14/v5.15

From: Bruce Ashfield Richard, These are the remaining patches now that we have 5.14 into master. This moves -dev to 5.15 (and fixes the associated kernel packages to build against it). We remove 5.13 from master as well, and I'll follow up with the yocto-bsps equivalent shortly. Bruce The fol

[OE-core][dunfell 25/25] connman: add CVE_PRODUCT

Upstream database uses both "connman" and "connection_manager" to report CVEs Signed-off-by: Steve Sakoman --- meta/recipes-connectivity/connman/connman.inc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/recipes-connectivity/connman/connman.inc b/meta/recipes-connectivity/connman/co

[OE-core][dunfell 24/25] libsoup-2.4: remove obsolete intltool dependency

From: Ross Burton This hasn't been needed since libsoup 2.65.2. Signed-off-by: Ross Burton Signed-off-by: Richard Purdie (cherry picked from commit 250a3f9a804917c8a9427d0209365d27b1b8fa4a) Signed-off-by: Steve Sakoman --- meta/recipes-support/libsoup/libsoup-2.4_2.68.4.bb | 2 +- 1 file cha

[OE-core][dunfell 23/25] testimage: symlink the task log and qemu console log to tmp/log/oeqa

From: Alexander Kanavin This makes it easier for the AB scripts (particularly, collect-results) to access and archive these items, as they can contain useful information when ptests or other qemu tests fail (and also if they don't fail). [YOCTO #14518] Signed-off-by: Alexander Kanavin Signed-o

[OE-core][dunfell 22/25] wic: keep rootfs_size as integer

From: Alexander Kanavin The corrected line accidentally converted it to float, which causes problems later on with python 3.10: | File "/home/alex/development/poky/scripts/lib/wic/partition.py", line 278, in prepare_rootfs_ext | os.ftruncate(sparse.fileno(), rootfs_size * 1024) | TypeErro

[OE-core][dunfell 21/25] core-image-sato: Fix runqemu error for qemuarmv5

From: Jon Mason When attempting to execute runqemu on qemuarmv5, the following error is encountered: runqemu - ERROR - Failed to run qemu: qemu-system-arm: versatilepb: memory size must not exceed 256MB To work around this, limit the QB_MEM size for qemuarmv5, similar to what is being done for

[OE-core][dunfell 20/25] Update mailing list address

From: Jon Mason Signed-off-by: Jon Mason Signed-off-by: Richard Purdie (cherry picked from commit 83169c33f7585da25560784f79eaad2c6f029f3c) Signed-off-by: Steve Sakoman --- meta/conf/distro/include/maintainers.inc | 2 +- meta/recipes-core/glibc/ldconfig-native-2.12.1/ldc

[OE-core][dunfell 19/25] bash: Ensure deterministic build

From: Richard Purdie Bash keeps a count of the number of times make was invoked on a directory and changes the output versioning accordingly. We want deterministic output so disable this behaviour. Signed-off-by: Richard Purdie (cherry picked from commit 13a039e03195a47c750d5901e96fe81cf523481f

[OE-core][dunfell 18/25] useradd: Ensure preinst data is expanded correctly in pkgdata

From: Richard Purdie The preinst data in pkgdata will not expand out the ${XXX_PARAM} variables since they don't use a package suffix. It happens that the final expansion used for the packages is corrected by a second trip through the datastore. The first version is used for calculation of the t

[OE-core][dunfell 17/25] rpm: Handle proper return value to avoid major issues

From: Ranjitsinh Rathod 0001-rpm-rpmio.c-restrict-virtual-memory-usage-if-limit-s.patch changed to avoid critical issues Handled return values of getrlimit() and lzma_cputhreads() functions to avoid unexpected behaviours like devide by zero and potential read of uninitialized variable 'virtual_me

[OE-core][dunfell 16/25] linux-yocto/5.4: update to v5.4.144

From: Bruce Ashfield Updating linux-yocto/5.4 to the latest korg -stable release that comprises the following commits: c6bf0ed9d1a7 Linux 5.4.144 0634c0f91995 audit: move put_tree() to avoid trim_trees refcount underflow and UAF cab0003311a0 net: don't unconditionally copy_from_user

[OE-core][dunfell 15/25] linux-yocto/5.4: update to v5.4.143

From: Bruce Ashfield Updating linux-yocto/5.4 to the latest korg -stable release that comprises the following commits: fd80923202c6 Linux 5.4.143 4bf194158102 netfilter: nft_exthdr: fix endianness of tcp option cast e4fd994f02c5 fs: warn about impending deprecation of mandatory locks

[OE-core][dunfell 14/25] iputils: Fix regression of arp table update

From: Visa Hankala Backport a fix from iputils 20210202 to make arp table updating work again. Fixes: 77c5792aa5e7 ("iputils: fix various arping regressions") Signed-off-by: Visa Hankala Signed-off-by: Steve Sakoman --- ...ng-make-update-neighbours-work-again.patch | 79 +++ .

[OE-core][dunfell 13/25] vim: Backport fix for CVE-2021-3770

From: Richard Purdie Signed-off-by: Richard Purdie (cherry picked from commit 54d3d023ce55ba4a7160ed25a283f0918e7d8e2e) Signed-off-by: Steve Sakoman --- ...1e135a16091c93f6f5f7525a5c58fb7ca9f9.patch | 207 ++ meta/recipes-support/vim/vim.inc | 2 + 2 files change

[OE-core][dunfell 12/25] tar: ignore node-tar CVEs

From: Armin Kuster These three CVEs are specific to the Node package node-tar. exclude: CVE-2021-37701 CVE-2021-37712 CVE-2021-37713 Signed-off-by: Armin Kuster Signed-off-by: Richard Purdie (cherry picked from commit 9f9317a02d73c1e5aea026683a037e52c996c7bb) Signed-off-by: Steve Sakoman ---

[OE-core][dunfell 11/25] squashfs-tools: fix CVE-2021-40153

From: Kai Kang Source: http://git.yoctoproject.org/poky.git MR: 113126 Type: Security Fix Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?h=hardknott&id=cfc17a7ab5d3b0d6354a7194b8c8746c501959d9 ChangeID: cfc17a7ab5d3b0d6354a7194b8c8746c501959d9 Description: Bac

[OE-core][dunfell 10/25] nettle: Security fix for CVE-2021-20305

From: Armin Kuster Source: Debian.org MR: 110174 Type: Security Fix Disposition: Backport from https://sources.debian.org/patches/nettle/3.4.1-1+deb10u1/ ChangeID: 47746f3e58c03a62fef572797d0ae6e0cd865092 Description: Affects: Nettle < 3.7.2 Minor fixup for nettle_secp_224r1 to _nettle_secp_22

[OE-core][dunfell 09/25] curl: Fix CVE-2021-22946 and CVE-2021-22947, whitelist CVE-2021-22945

From: Mike Crowe curl v7.79.0 contained fixes for three CVEs: The description of CVE-2021-22945[1] contains: > This flaw was introduced in commit 2522903b79 but since MQTT support > was marked 'experimental' then and not enabled in the build by default > until curl 7.73.0 (October 14, 2020) we c

[OE-core][dunfell 08/25] nettle: Security fix for CVE-2021-3580

From: Armin Kuster Source: https://git.lysator.liu.se/nettle/nettle MR: 112331 Type: Security Fix Disposition: Backport from https://git.lysator.liu.se/nettle/nettle/-/commit/0ad0b5df315665250dfdaa4a1e087f4799edaefe ChangeID: ffbbadbfa862e715ec7da4695d7db67484f8517a Description: Affects nettle

[OE-core][dunfell 07/25] qemu: fix CVE-2021-3682

From: Sakib Sajal Source: https://git.yoctoproject.org/git/poky MR: 112369 Type: Security Fix Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-devtools/qemu?id=48960ce56265e9ec7ec352c0d0fcde6ed44569be ChangeID: 799afc7adf3f2c915751744b618e38cccb01d854

[OE-core][dunfell 06/25] qemu: Security fix for CVE-2020-28916

From: Armin Kuster Source: qemu.org MR: 107262 Type: Security Fix Disposition: Backport from https://git.qemu.org/?p=qemu.git;a=commit;h=c2cb511634012344e3d0fe49a037a33b12d8a98a ChangeID: 3024b894ab045c1a74ab2276359d5e599ec9e822 Description: Affects qemu < 5.0.0 Signed-off-by: Armin Kuster Si

[OE-core][dunfell 05/25] qemu: Security fix for CVE-2020-27617

From: Armin Kuster Source: qemu.org MR: 106462 Type: Security Fix Disposition: Backport from https://git.qemu.org/?p=qemu.git;a=commit;h=7564bf7701f00214cdc8a678a9f7df765244def1 ChangeID: b9dc1b656c07d6a0aecaf7680ed33801bd5f6352 Description: Affects qemu < 5.2.0 Signed-off-by: Armin Kuster Si

[OE-core][dunfell 04/25] qemu: Security fix CVE-2020-12829

From: Armin Kuster Source: qemu.org MR: 105490 Type: Security Fix Disposition: Backport from https://git.qemu.org/?p=qemu.git;a=commit;h=b15a22bbcbe6a78dc3d88fe3134985e4cdd87de4 ChangeID: 6e222b766fc67c76cdc311d02cc47801992d0e66 Description: Affect qemu < 5.0.0 Signed-off-by: Armin Kuster Sig

[OE-core][dunfell 03/25] libsndfile: Security fix for CVE-2021-3246

From: Armin Kuster Source: https://github.com/libsndfile/libsndfile MR: 112098 Type: Security Fix Disposition: Backport from https://github.com/libsndfile/libsndfile/pull/713 ChangeID: 10d137de063b7a1e543ee96fbcf948945a452869 Description: Signed-off-by: Armin Kuster Signed-off-by: Steve Sakoman

[OE-core][dunfell 02/25] apr: Security fix for CVE-2021-35940

From: Armin Kuster Source: https://dist.apache.org MR: 112793 Type: Security Fix Disposition: Backport from https://dist.apache.org/repos/dist/release/apr/patches/apr-1.7.0-CVE-2021-35940.patch ChangeID: c8247210204ffcc7d1425e3d60f077ad3dd54ebc Description: An out-of-bounds array read in the a

[OE-core][dunfell 01/25] libgcrypt: Security fix CVE-2021-33560

From: Armin Kuster Source: https://sources.debian.org/patches/libgcrypt20/1.8.4-5+deb10u1 MR: 111591 Type: Security Fix Disposition: Backport from https://sources.debian.org/data/main/libg/libgcrypt20/1.8.4-5%2Bdeb10u1/debian/patches/31_cipher-Fix-ElGamal-encryption-for-other-implementati.patch

[OE-core][dunfell 00/25] Patch review

Please review this next set of patches for dunfell and have comments back by end of day Tuesday. Passed a-full on autobuilder: https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/2639 The following changes since commit 49ca1f62cc17c951b7737a4ee3c236f732bc8ebe: build-appliance-im

Re: [OE-core] Backport request to dunfell: "Unlicense"

Hi Massimo, The proper way to request a backport is to send a patch to the mailing list (openembedded-core@lists.openembedded.org) so that others in the community have an opportunity to comment. I suspect there won't be an issue, but let's follow the process! Steve On Wed, Sep 22, 2021 at 5:08

[OE-core] user/group XXX does not exist, using root with RPM/DNF packaging in Hardknott and Honister

Hi, I have a special package that creates users and groups via inherit useradd. This package doesn't depend on any others but it is depended on, both via DEPENDS and RDEPENDS by packages using those users/groups in their do_install scripts. This works for packaging becase these ownerships are en

Re: [OE-core] [PATCH v2] create-spdx: Don't collect natives sources

On Fri, Sep 24, 2021, 2:16 AM Richard Purdie < richard.pur...@linuxfoundation.org> wrote: > On Thu, 2021-09-23 at 17:14 -0500, Joshua Watt wrote: > > On 9/23/21 5:07 PM, Joshua Watt wrote: > > > > > > On 9/23/21 4:29 PM, Saul Wold wrote: > > > > > > > > > > > > On 9/23/21 2:05 PM, Joshua Watt wrot

[OE-core] [PATCH] libsamplerate0: Set correct soname for 0.1.9

Manually patch SHARED_VERSION_INFO, which was missed in the 0.1.9 release and later incorrectly fixed until 0.2.1 Signed-off-by: Tom Pollard --- .../libsamplerate0/shared_version_info.patch| 13 + .../libsamplerate/libsamplerate0_0.1.9.bb | 1 + 2 files changed, 14

[OE-core] [PATCH] bzip2: Update soname for libbz2 1.0.8

Set shared library name as libbz2.so.1.0.8, version in configure.ac already synced via do_configure PV substitution. Signed-off-by: Tom Pollard --- meta/recipes-extended/bzip2/bzip2/Makefile.am | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-extended/bzip2/bzip2/

[OE-core] [hardknott][PATCH] vim: fix CVEs

From: Mingli Yu Backport patches to fix CVE-2021-3778 and CVE-2021-3796. Signed-off-by: Mingli Yu --- .../vim/files/CVE-2021-3778.patch | 33 + .../vim/files/CVE-2021-3796.patch | 49 +++ meta/recipes-support/vim/vim.inc | 2 +

Re: [OE-core] [RFC PATCH 10/14] package_ipk/deb/rpm: Drop recursive do_build task dependencies

On Fri, 2021-09-24 at 09:58 +0200, Martin Jansa wrote: > On Fri, Sep 24, 2021 at 6:51 AM Khem Raj wrote: > > this is quite encouraging, dont go by number of lines of change :) > > btw. did you also try with other change which reduces native dependencies, > > > >   > I've tried layer.conf change

Re: [OE-core] [RFC PATCH 10/14] package_ipk/deb/rpm: Drop recursive do_build task dependencies

On Fri, Sep 24, 2021 at 6:51 AM Khem Raj wrote: > this is quite encouraging, dont go by number of lines of change :) > btw. did you also try with other change which reduces native dependencies, > I've tried layer.conf change in our builds and it causes _a lot_ of pkgconfig issues, but in most ca

Re: [OE-core] [PATCH v2] create-spdx: Don't collect natives sources

On Thu, 2021-09-23 at 17:14 -0500, Joshua Watt wrote: > On 9/23/21 5:07 PM, Joshua Watt wrote: > > > > On 9/23/21 4:29 PM, Saul Wold wrote: > > > > > > > > > On 9/23/21 2:05 PM, Joshua Watt wrote: > > > > > > > > On 9/23/21 3:53 PM, Saul Wold wrote: > > > > > Extend the SPDXPackage to include i