This incorporates fixes for CVE-2023-0512, CVE-2023-1127, CVE-2023-1175,
CVE-2023-1170, CVE-2023-0433, CVE-2023-1264, CVE-2023-1355.
Also remove runtime/doc/uganda.txt from the license checksum: the Vim
license is also in the top-level LICENSE file so this is redundant.
Signed-off-by: Soumya
--
sorry, I forgot to mark this one RFC
Am Fr, 17. Mär 2023 um 07:02:02 +0100 schrieb Markus Volk
:
Currently /tmp is a link to /var/tmp which breaks glib-2.0 ptest
Systemd documentation describes tmpdir usage as follows:
/tmp/ and /var/tmp/ are two world-writable directories Linux systems
provi
glib-2.0 ptest will fail if /tmp is a symlink to /var/tmp
Signed-off-by: Markus Volk
---
meta/recipes-core/initscripts/initscripts_1.0.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-core/initscripts/initscripts_1.0.bb
b/meta/recipes-core/initscripts/initscri
Currently /tmp is a link to /var/tmp which breaks glib-2.0 ptest
Systemd documentation describes tmpdir usage as follows:
/tmp/ and /var/tmp/ are two world-writable directories Linux systems provide
for temporary files. The former is
typically on tmpfs and thus backed by RAM/swap, and flushed out
Am Do, 16. Mär 2023 um 09:11:59 +0100 schrieb Alexander Kanavin
:
You can check that regardless. Patches not eligible for mickledore
will be stashed by integrators until master merge window reopens.
I did some tesing and found both ways are generally working. I'll send
patches for it marked as
With the move to a ptest per image, the multiple ptest log scenario
is much more likely. Tweak the handling to only warn if there are
overlapping files.
Signed-off-by: Richard Purdie
---
scripts/lib/resulttool/log.py | 8 +++-
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/scr
Hello,
This fails on the AB for edgerouter-alt and meta-intel:
https://autobuilder.yoctoproject.org/typhoon/#/builders/111/builds/4406/steps/11/logs/stdio
https://autobuilder.yoctoproject.org/typhoon/#/builders/100/builds/4205/steps/13/logs/stdio
| gcc
-isystem/home/pokybuild/yocto-worker/edge
From: Richard Purdie
This was likely something we took inspiration from elsewhere with.
It was added in:
https://git.openembedded.org/openembedded/commit/packages/netbase/netbase/hosts?id=c8e5702127e507e82e6f68a4b8c546803accea9d
in 2005. Debian added this entry around 2004 and discussed and dro
From: Wang Mingyu
Error: Transaction test error:
file /usr/share/man/man8/dhcpcd.8 conflicts between attempted installs of
dhcpcd-doc-9.4.1-r0.cortexa57 and lib32-dhcpcd-doc-9.4.1-r0.armv7ahf_neon
The differences between the two files are as follows:
@@ -821,7 +821,7 @@
If you always use th
From: Kenfe-Mickael Laventure
The script generated by the sdk_ext_postinst function was not quoting
the user existing PATH when updating it causing the export command to
fail.
Add necessary double quotes around $PATH.
Signed-off-by: Kenfe-Mickael Laventure
Signed-off-by: Alexandre Belloni
(ch
From: Kenfe-Mickael Laventure
The environment-setup script generated by the recipe was not quoting the
user existing PATH when updating it causing the export command to fail.
Add necessary double quotes around $PATH.
Signed-off-by: Kenfe-Mickael Laventure
Signed-off-by: Alexandre Belloni
(che
From: Kenfe-Mickael Laventure
The environment-setup script generated by the recipe was not quoting the
user existing PATH when updating it causing the export command to fail.
Add necessary double quotes around $PATH.
Signed-off-by: Kenfe-Mickael Laventure
Signed-off-by: Alexandre Belloni
(che
From: Alexander Kanavin
2.6.0 is out and so we can check for latest version again.
Signed-off-by: Alexander Kanavin
Signed-off-by: Alexandre Belloni
(cherry picked from commit 9851579eeebbdced9e770c4828f521b359e0306f)
Signed-off-by: Steve Sakoman
---
meta/recipes-devtools/apt/apt_2.4.5.bb |
From: Trevor Woerner
The cups' PACKAGECONFIG is populated based on DISTRO_FEATURES, but a user
is free to enable or disable PACKAGECONFIGs at will. In theory it is
possible that pam is enabled globally in DISTRO_FEATURES but disabled in
cups' PACKAGECONFIG. Checking the PACKAGECONFIG to determine
From: Zoltan Boszormenyi
Replace explicit opencl-icd-loader with virtual/opencl-icd.
Signed-off-by: Zoltán Böszörményi
Signed-off-by: Alexandre Belloni
(cherry picked from commit 0ded85c2e4d0888e459bc98d1c8e55429f542dba)
Signed-off-by: Steve Sakoman
---
meta/recipes-graphics/piglit/piglit_gi
From: Trevor Woerner
cups includes a web server. Users can surf to port 631 (default) of a
machine running cups to (potentially, based on configuration, default off)
view jobs, add printers, and perform other forms of administration.
The location of the various resources that are used by the bui
From: Trevor Woerner
The cups documentation is clear that the correct way to install into an
alternate root directory is to use the BUILDROOT variable. From INSTALL.md:
Use the `BUILDROOT` variable to install to an alternate root directory:
make BUILDROOT=/some/other/root/di
From: Ross Burton
As per the release notes for 0.55.0[1], this patch is no longer needed
as Meson now only removes the RPATHs that it adds itself, any RPATHs
added via LDFLAGS or pkgconfig files are left untouched.
[1]
https://mesonbuild.com/Release-notes-for-0-55-0.html#rpath-removal-now-more-
From: Richard Purdie
Running recipetool.RecipetoolTests.test_recipetool_handle_license_vars
followed by wic.Wic2.test_biosplusefi_plugin_qemu would show a failure of:
File "/media/build/poky/meta/lib/oeqa/utils/commands.py", line 351, in runqemu
qemu = oeqa.targetcontrol.QemuTarget(reciped
From: Michael Halstead
RHEL compatible kernels do not support vgem so we disable virgl headless
testing.
Signed-off-by: Michael Halstead
Signed-off-by: Richard Purdie
(cherry picked from commit 78bc1ba2361249ec845d1b9e28d429a37dd83910)
Signed-off-by: Steve Sakoman
---
meta/lib/oeqa/selftest/
From: Richard Purdie
glibc has it's dependencies handled more manually due to it's place
in the toolchain bootstrap. It depends upon the compiler and indirectly
through that to binutils. This did mean that if binutils changes and the
compiler does not, sstate and hash equivalence could mean that
From: Richard Purdie
The previous fix wasn't enough to address all the possible ways the
manifests might be ordered. Rework the previous fix so it is tied
to the multilib cross-canadian code which is causing the problem.
RECIPE_SYSROOT_MANIFEST_SUBDIR is not documented as I'd hope nobody
ever ne
From: Richard Purdie
"""
require conf/multilib.conf
MACHINE = "qemuarm64"
MULTILIBS = "multilib:lib32"
DEFAULTTUNE:virtclass-multilib-lib32 = "armv7athf-neon"
bitbake gcc-cross-canadian-arm
"""
and then inspecting the lib32* manifest files under recipe-sysroot-native shows
them referencing lib3
From: Ross Burton
Clause II.3 of the Vim license states that any distribution of Vim that
has been extended or modified must _at least_ indicate in the :version
output that this is the case.
Handily, Vim has a --with-modified-by argument to add a line in that
text, so use MAINTAINER. This is th
From: Ross Burton
This incorporates fixes for CVE-2023-1127, CVE-2023-1170, CVE-2023-1175.
Also remove runtime/doc/uganda.txt from the license checksum: the Vim
license is also in the top-level LICENSE file so this is redundant.
Signed-off-by: Ross Burton
Signed-off-by: Richard Purdie
(cherry
From: Alexander Kanavin
Overview of changes in 1.50.13, 20-02-2023
==
- win32: Add back fallback for empty fontsets
- win32: Improve DirectWrite support
- Fix word segmentation for Japanese
- Don't set backspace-deletes-char for math symbols
- coretext: Fix
From: Alexander Kanavin
- Security fixes:
- Allow change of architecture for packages during security updates with
noarch involved (RhBug:2124483)
- Bug fixes:
- "dnf_keyring_add_public_keys": reset localError to NULL after free
(RhBug:2121222)
- context: Get RPM db path from RPM
- Fix
From: Xiangyu Chen
Signed-off-by: Xiangyu Chen
Signed-off-by: Alexandre Belloni
Signed-off-by: Richard Purdie
(cherry picked from commit 7d5193a9437dedb3f2cf35cb466acfe29cfa654e)
Signed-off-by: Steve Sakoman
---
.../sudo/{sudo_1.9.13p2.bb => sudo_1.9.13p3.bb} | 2 +-
1 file c
From: Alexander Kanavin
License-update: copyright years, formatting.
Signed-off-by: Alexander Kanavin
Signed-off-by: Alexandre Belloni
(cherry picked from commit 1476813725cce6754334b4a6727675640a7a1e44)
Signed-off-by: Steve Sakoman
---
...o.conf.in-fix-conflict-with-multilib.patch | 21
From: Siddharth
Upstream-Status: Backport from
[https://github.com/harfbuzz/harfbuzz/commit/8708b9e081192786c027bb7f5f23d76dbe5c19e8]
Signed-off-by: Siddharth Doshi
Signed-off-by: Steve Sakoman
---
.../harfbuzz/CVE-2023-25193-pre1.patch| 135
.../harfbuzz/harfbuzz/CVE-202
Please review this set of patches for langdale and have comments back by
end of day Monday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5058
The following changes since commit 21e8a662e6232e7fdd642b1d86d4f8f980be1a09:
vala: Fix install confl
Fix an issue introduced in the new openssl version where an assembler file
isn't generated in a reproducible way by seeding the perl random number
generator consistently. It has no crypto impact, it is just used to
avoid function name clashes.
Signed-off-by: Richard Purdie
---
.../openssl/openss
This has already been done for oe-core/master.
Signed-off-by: Joe Slater
---
meta/recipes-support/nghttp2/nghttp2_1.47.0.bb | 4
1 file changed, 4 insertions(+)
diff --git a/meta/recipes-support/nghttp2/nghttp2_1.47.0.bb
b/meta/recipes-support/nghttp2/nghttp2_1.47.0.bb
index 58ce08084d..b
I managed to get something working with little modification.
I added a new variable in cargo_common.bbclass:
# Contains a list of crate to be found via git protocol
# that are in SRC_URI
# This is useful when devtool'ing the main crate
# and still patch the path of these dependencies
# in cargo co
Backport fix from cpython 3.11 branch.
Signed-off-by: Joe Slater
---
.../python/python3/cve-2023-24329.patch | 50 +++
.../recipes-devtools/python/python3_3.10.9.bb | 1 +
2 files changed, 51 insertions(+)
create mode 100644 meta/recipes-devtools/python/python3/cve-2023-2
I actually ran across this issue myself and was wondering what the status is.
Since it seems the patch is not included yet, but I've tested it on our systems
and it does seem to prevent the issue.
Unless I've missed another fix/patch someplace else that makes this one
redundant.
About the "Afte
From: Alban Bedel
Per default systemd use a pager for the output of most of its tools
and it expect this pager to be color capable. But that is not the case
when the busybox `less` is used, which lead to output garbled by color
escape sequences.
To fix this issue add a profile frament that disab
Sorry, I messed up with the different mailing list, this patch series
should be for openembedded-core
On Thu, 16 Mar 2023 at 13:13, wrote:
> From: Frederic Martinsons
>
> Signed-off-by: Frederic Martinsons
> ---
> .../python/python3-cryptography-crates.inc| 67 +++
> 1 fi
Sorry, I messed up with the different mailing list, this patch series
should be for openembedded-core
On Thu, 16 Mar 2023 at 13:12, wrote:
> From: Frederic Martinsons
>
> Signed-off-by: Frederic Martinsons
> ---
> .../python/python3-bcrypt-crates.inc | 149 --
> 1 fi
Sorry, I messed up with the different mailing list, this patch series
should be for openembedded-core
Le jeu. 16 mars 2023, 13:12, a écrit :
> From: Frederic Martinsons
>
> This is related to checksum verification introduction from
>
> https://patchwork.yoctoproject.org/project/bitbake/patch/20
Upstream-Status: Backport
[https://sourceware.org/git/?p=binutils-gdb.git;h=5830876a0cca17bef3b2d54908928e72cca53502]
Signed-off-by: Yash Shinde
---
.../binutils/binutils-2.40.inc| 1 +
.../binutils/0016-CVE-2023-25586.patch| 34 +++
2 files changed, 35
Upstream-Status: Backport
[https://sourceware.org/git/?p=binutils-gdb.git;h=5830876a0cca17bef3b2d54908928e72cca53502]
Signed-off-by: Yash Shinde
---
.../binutils/binutils-2.40.inc| 1 +
.../binutils/0016-CVE-2023-25586.patch| 34 +++
2 files changed, 35
2023. 03. 16. 11:22 keltezéssel, Zoltan Boszormenyi via lists.openembedded.org
írta:
2023. 03. 16. 0:08 keltezéssel, Richard Purdie írta:
On Wed, 2023-03-15 at 18:20 +0100, Zoltan Boszormenyi wrote:
2023. 03. 15. 17:52 keltezéssel, Ross Burton írta:
On 15 Mar 2023, at 08:00, Zoltan Boszormenyi
2023. 03. 16. 0:08 keltezéssel, Richard Purdie írta:
On Wed, 2023-03-15 at 18:20 +0100, Zoltan Boszormenyi wrote:
2023. 03. 15. 17:52 keltezéssel, Ross Burton írta:
On 15 Mar 2023, at 08:00, Zoltan Boszormenyi via lists.openembedded.org
wrote:
apart from the CONFIGURE_FILES line which wou
I just sent a revised patchset that drops this patch and addresses the
sstatetests failure below. I did not run it through AB, but I don't
expect breakage.
Alex
On Wed, 15 Mar 2023 at 14:38, Alexandre Belloni
wrote:
>
> Hello,
>
> I did a build without this patch (as requested by Richard) and th
Also, enable that, if opengl is in native DISTRO_FEATURES: this allows
mesa-native to build drivers that rely on libllvm, particularly llvmpipe,
which is a (sort of) accelerated software renderer that is the only
option on build hosts without dedicated or supported GPUs.
Signed-off-by: Alexander K
This was needed back when we used upstream llvm-config which
would add bogus rpaths into the drivers; nowadays it is replaced
with a oe-specific wrapper.
The particular reason is that mesa-native relies on having rpaths
to work correctly (i.e. find other native libraries in the
same sysroot locati
Drop patches:
0001-gbm-backend-fix-gbm-compile-without-dri.patch
0001-freedreno-pm4-Use-unsigned-instead-of-uint-to-fix-mu.patch
(backports)
0001-util-format-Check-for-NEON-before-using-it.patch
(upstream submission has stalled with unanswered concerns from upstream;
patch no longer applies; issue
With mesa 23.0, it is not longer possible to use the host drivers, as
mesa upstream has added strict checks for matching builds between
drivers and libraries that load them.
Add a check and a hint to runqemu so that there is a helpful error when
there is no native/nativesdk opengl/virgl support.
Without this, the only available driver would be swrast
(without llvmpipe) which is far too slow to be practical,
and so qemu wouldn't be able to perform accelerated graphics.
The one major dependency pulled in by this change is llvm-native
which takes just under three minutes on my machine. If th
This prevents accidental builds of it when native/nativesdk opengl
is not actually enabled (which may cause undesirable lengthening
of dependency chains or build failures because those dependencies
don't enable options required for mesa).
Signed-off-by: Alexander Kanavin
---
meta/recipes-graphic
From: Mingli Yu
Backport patches to fix raid0 tests:
tests/00raid0
tests/00readonly
tests/03r0assem
tests/04r0update
tests/04update-metadata
Signed-off-by: Mingli Yu
---
...d-a-test-that-validates-raid0-with-l.patch | 41 +++
...-Run-udevadm-settle-before-setting-r.patch | 39 +
From: Mingli Yu
Backport patches to fix raid0 tests:
tests/00raid0
tests/00readonly
tests/03r0assem
tests/04r0update
tests/04update-metadata
Signed-off-by: Mingli Yu
---
...d-a-test-that-validates-raid0-with-l.patch | 41 +++
...-Run-udevadm-settle-before-setting-r.patch | 39 +
From: Mingli Yu
Backport patches to fix raid0 tests:
tests/00raid0
tests/00readonly
tests/03r0assem
tests/04r0update
tests/04update-metadata
Signed-off-by: Mingli Yu
---
...-Run-udevadm-settle-before-setting-r.patch | 39 +++
...metadata-avoid-passing-chunk-size-to.patch | 41 +
From: Mingli Yu
Backport patch [1] to fix the failure of the 06wrmostly test.
[1]
https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=41edf6f45895193f4a523cb0a08d639c9ff9ccc9
Signed-off-by: Mingli Yu
---
...-Fix-optional-write-behind-parameter.patch | 45 +++
meta
From: Mingli Yu
Backport patch [1] to fix tests/02lineargrow.
[1]
https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=a2c832465fc75202e244327b2081231dfa974617
Signed-off-by: Mingli Yu
---
...ow-clear-the-superblock-at-every-ite.patch | 33 +++
meta/recipes-extende
On Thu, 2023-03-16 at 09:36 +0100, Alexander Kanavin wrote:
> On Thu, 16 Mar 2023 at 09:30, Richard Purdie
> wrote:
> > In the openssl source this is generated by a perl script,
> > rypto/modes/asm/aes-gcm-avx512.pl
> >
> > Wearing suitable safety equipment to stop it burning, inside the perl
> >
On Thu, 16 Mar 2023 at 09:30, Richard Purdie
wrote:
> In the openssl source this is generated by a perl script,
> rypto/modes/asm/aes-gcm-avx512.pl
>
> Wearing suitable safety equipment to stop it burning, inside the perl
> script you can see references like:
>
> my $rndsuffix = &random_string();
On Thu, 2023-03-16 at 08:32 +, wan...@fujitsu.com wrote:
> Yes, so I received an error message when I sent it. I will revise and resubmit
I did fix the ones I'd put through testing since I didn't really want
to repeat it so only anything unmerged needs to be resent.
Cheers,
Richard
-=-=-=
Yes, so I received an error message when I sent it. I will revise and resubmit
--
Best Regards
---
Wang Mingyu
Development Dept.I
Nanjing Fujitsu Nanda Software Tech. Co., Ltd.(FNST) No. 6 Wenzhu Road,
Nanjing, 210012, China
TEL: +86+25-86630566-8
On Wed, 2023-03-15 at 20:02 -0400, Randy MacLeod wrote:
> On 2023-03-15 09:58, Randy MacLeod via lists.openembedded.org wrote:
>
> > The ptests all passed or were skipped as you'd hope and expect from
> > openssl.
> > Results below.
>
> The autobuilder shows that the updated openssl isn't repr
From: Mingli Yu
Backport patches to fix raid0 tests:
tests/00raid0
tests/00readonly
tests/03r0assem
tests/04r0update
tests/04update-metadata
Signed-off-by: Mingli Yu
---
...-Run-udevadm-settle-before-setting-r.patch | 39 +++
...metadata-avoid-passing-chunk-size-to.patch | 41 +
From: Mingli Yu
Backport patch [1] to fix the failure of the 06wrmostly test.
[1]
https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=41edf6f45895193f4a523cb0a08d639c9ff9ccc9
Signed-off-by: Mingli Yu
---
...-Fix-optional-write-behind-parameter.patch | 45 +++
meta
From: Mingli Yu
Backport patch [1] to fix tests/02lineargrow.
[1]
https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=a2c832465fc75202e244327b2081231dfa974617
Signed-off-by: Mingli Yu
---
...ow-clear-the-superblock-at-every-ite.patch | 33 +++
meta/recipes-extende
On Thu, 16 Mar 2023 at 09:11, Richard Purdie
wrote:
>
> On Wed, 2023-03-15 at 19:11 +0800, wangmy wrote:
> > From: Upgrade Helper
>
> I noticed a number of your patches have this set which is incorrect!
Mass-reassigning the author can be done with something like:
git rebase origin/master --exec
On Wed, 15 Mar 2023 at 19:04, Markus Volk wrote:
>
> Am Mi, 15. Mär 2023 um 18:46:29 +0100 schrieb Alexander Kanavin
> :
>
> I was hoping setting VOLATILE_TMP_DIR correctly would be enough.
>
>
> I guess it will be enough to pass the test, but it won't resolve the logic
> gap between systemd and
On Wed, 2023-03-15 at 19:11 +0800, wangmy wrote:
> From: Upgrade Helper
I noticed a number of your patches have this set which is incorrect!
Cheers,
Richard
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#178675):
https://lists.openembedded.org/
On 15/03/2023 18:03:01-0700, Tim Orling wrote:
> Content-Type: text/plain; charset=y
You replied 'y' to the encoding question where you should have been more
careful and simply press enter ;) (and so the patch doesn't apply
without manually editing it)
> Content-Transfer-Encoding: 8bit
> * Drop
Hi all,
Intel and WR YP QA is planning for QA execution for YP build yocto-3.1.24.rc1.
We are planning to execute following tests for this cycle:
OEQA-manual tests for following module:
1. OE-Core
2. BSP-hw
Runtime auto test for following platforms:
1. MinnowTurbot 32-bit
2. NUC 7
3. ADL
4.
69 matches
Mail list logo
