Upstream-Status:
Backport[https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=d12f8998d2d086f0a6606589e5aedb7147e6f2f1]
CVE: CVE-2023-25588
Signed-off-by: Deepthi Hemraj
---
.../binutils/binutils-2.38.inc| 7 +-
.../binutils/0028-CVE-2023-25588.patch|
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7,
2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding
specially crafted input to `git apply --reject`, a path outside the working
tree can be overwritten with partially controlled contents
From: Chen Qi
Util now, only paths added for current project are removed
to avoid PATH growing unnecessarily. This is to handle the case
of sourcing the init script into different build directories.
However, if we source the init script from different projects into
different build directories,
Hi Peter,
Thanks for your careful review. I'll send out V3 according to your
suggestion.
Just one thing. I think we need to export OE_ADDED_PATHS for two reason:
1. users can clearly see it in the `env' command's output.
2. if the prefixed PATH is carried into some subprocess (e.g., a
From: yanxk
original test suites takes 5 minutes with KVM enabled.
autotest files would contain reference to TMPDIR, now
they are removed.
tar test would provide ptest output like:
PASS: compressor program failure
SKIP: remove-files with compression
PASS: remove-files with compression:
From: yanxk
original test suites takes 5 minutes with KVM enabled.
autotest files would contain reference to TMPDIR, now
they are removed.
tar test would provide ptest output like:
PASS: compressor program failure
SKIP: remove-files with compression
PASS: remove-files with compression:
Hi, Ross
Please see "[PATCH V3] e2fsprogs: Fix error SRCDIR when using usrmerge
DISTRO_FEATURES".
First, "e2fsprogs:” is added into commit message.
Then, it is fixed with ptest.patch.
Best regards,
Qiu Tingting
发件人: Ross Burton
发送时间: 2023年5月11日 00:26
On 12/05/2023 15:45:49+0200, Thomas Roos via lists.openembedded.org wrote:
> From: Thomas Roos
>
> This function is not necessary.
>
> [YOCTO #13872]
>
This fails on the AB:
https://autobuilder.yoctoproject.org/typhoon/#/builders/73/builds/7052/steps/13/logs/stdio
The stack trace of python
From: Qiu Tingting
When build e2fsprogs ptest with usrmerge DISTRO_FEATURES,
in test_script and test_one scripts, value of SRCDIR has problem.
SRCDIR=/usr/usr/lib/e2fsprogs/ptest/test
ptest log
# ptest-runner e2fsprogs
START: ptest-runner
2022-12-17T11:08
Hi all,
Intel and WR YP QA is planning for QA execution for YP build yocto-4.0.10.rc1.
We are planning to execute following tests for this cycle:
OEQA-manual tests for following module:
1. OE-Core
2. BSP-hw
Runtime auto test for following platforms:
1. MinnowTurbot 32-bit
2. NUC 7
3. ADL
4.
On Sun, May 14, 2023 at 11:49 AM Richard Purdie
wrote:
>
> On Sun, 2023-05-14 at 06:31 -1000, Steve Sakoman wrote:
> > From: Richard Purdie
> >
> > Signed-off-by: Richard Purdie
> > (cherry picked from commit 4ba74f61f38827d82586cf9c993a4b27065f5c6f)
> > Signed-off-by: Steve Sakoman
> > ---
>
On Sun, 2023-05-14 at 06:31 -1000, Steve Sakoman wrote:
> From: Richard Purdie
>
> Signed-off-by: Richard Purdie
> (cherry picked from commit 4ba74f61f38827d82586cf9c993a4b27065f5c6f)
> Signed-off-by: Steve Sakoman
> ---
> meta/recipes-core/glib-networking/glib-networking/eagain.patch | 2 +-
Branch: mickledore
New this week: 16 CVEs
CVE-2022-3964 (CVSS3: 8.1 HIGH): ffmpeg
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3964 *
CVE-2022-3965 (CVSS3: 8.1 HIGH): ffmpeg
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3965 *
CVE-2023-1255 (CVSS3: 5.9 MEDIUM):
From: Ross Burton
In 5c6064 the qemuarm* machines gained vmalloc=256, because in testing
Bruce was seeing problems when the vmalloc area was too big for the
memory size of the machine (eg 256MB).
The intention was for the area to be very small, but 256 bytes is too
small and the kernel sets a
From: Richard Purdie
Signed-off-by: Richard Purdie
(cherry picked from commit a51a069bad78c578122ae1a5b500f715246d413d)
Signed-off-by: Steve Sakoman
---
meta/conf/distro/include/maintainers.inc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git
From: Martin Jansa
* this in the end doesn't help much, I was debugging warning (about
base-files.do_install
signature being different than expected) from:
python3 $target_sdk_dir/ext-sdk-prepare.py $LOGFILE '${SDK_INSTALL_TARGETS}'
this shows the warning on console, but it doesn't end
From: Martin Siegumfeldt
Fix issue of the below instance template systemd service dependency
[Install]
WantedBy=svc-wants@%i.service
creating the symlink (instance "a" example)
/etc/systemd/system/svc-wants@%i.service.wants/svc-wanted-by@a.service
which should be
From: Ross Burton
Backport a patch to fix appending to archives larger than 2GB.
[ YOCTO #11674 ]
Signed-off-by: Ross Burton
Signed-off-by: Steve Sakoman
---
...appending-to-archives-bigger-than-2G.patch | 312 ++
meta/recipes-extended/cpio/cpio_2.13.bb | 1 +
2
From: Richard Purdie
Signed-off-by: Richard Purdie
(cherry picked from commit 2a86ca028980b501e386f6bb8293a094fd77f97b)
Signed-off-by: Steve Sakoman
---
meta/conf/distro/include/maintainers.inc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git
From: Khem Raj
these tests do not work with musl's iconv implementation and would need
enabling icu support using --with-icu which we do not enable by default
Additionally enable locale with musl too.
Signed-off-by: Khem Raj
Signed-off-by: Luca Ceresoli
(cherry picked from commit
From: Khem Raj
This file can be processed by run-ptest during runtime and tests
mentioned in skipped.txt will not be run.
Signed-off-by: Khem Raj
Signed-off-by: Luca Ceresoli
(cherry picked from commit 4d30f3535f53ad6d8f462f99b6cd2fe8d2ecbfb5)
Signed-off-by: Steve Sakoman
---
From: Khem Raj
This patch is doing the same things thats already being done in the
do_install_ptest where the problematic tests are being deleted from
final package. run-ptest script runs a find for available tests and runs
each test target found during run therefore its enough to remove
them
From: Khem Raj
Add needed locale rdeps on musl as well.
Signed-off-by: Khem Raj
Signed-off-by: Luca Ceresoli
(cherry picked from commit 1e71eaf6792727d2335ee2e2ad4c5ce88137fe77)
Signed-off-by: Steve Sakoman
---
meta/recipes-extended/gawk/gawk_5.2.1.bb | 17 +++--
1 file changed,
From: Richard Purdie
Signed-off-by: Richard Purdie
(cherry picked from commit 4ba74f61f38827d82586cf9c993a4b27065f5c6f)
Signed-off-by: Steve Sakoman
---
meta/recipes-core/glib-networking/glib-networking/eagain.patch | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git
From: Richard Purdie
In autobuilder testing we regularly see glib-networking ptest fail with a
"Resource temporarily unavailable (g-io-error-quark, 27)" error.
Add a patch to see if a retry can resolve the issue.
Signed-off-by: Richard Purdie
(cherry picked from commit
From: Richard Purdie
Upstream asked for some changes, this updates our patch to match. The
differences
likely don't change our real world use.
Signed-off-by: Richard Purdie
(cherry picked from commit 42591e07a469cff881fa087d5251a8c783897634)
Signed-off-by: Steve Sakoman
---
From: Otavio Salvador
Update to 23.0.3 stable release. Release notes in:
- https://docs.mesa3d.org/relnotes/23.0.3.html
New features
None
Bug fixes
overlay layer: unable to launch titles on steam
radv: possibly not setting state dirty bits correctly
RADV: VRS attachment not working in
From: Upgrade Helper
The Waffle bugfix release 1.7.1 is now available.
What is new in this release:
- cmake: pass deps' cflags to the build
- gbm: fix crash when platform lacks modifier support
- gitlab-ci: stabilise CI runs under X
- gitlab-ci: add more warnings, make all warnings
Please review this set of patches for mickledore and have comments back by
end of day Tuesday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5299
The following changes since commit 27b4fb60c7c66c245ba50607c8e178390fc41014:
Branch: langdale
New this week: 2 CVEs
CVE-2023-2426 (CVSS3: 5.5 MEDIUM): vim
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2426 *
CVE-2023-2610 (CVSS3: 7.8 HIGH): vim
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2610 *
Removed this week: 0 CVEs
Full list: Found 52
Branch: kirkstone
New this week: 2 CVEs
CVE-2023-2426 (CVSS3: 5.5 MEDIUM): vim
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2426 *
CVE-2023-2610 (CVSS3: 7.8 HIGH): vim
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2610 *
Removed this week: 9 CVEs
CVE-2022-48434 (CVSS3:
Branch: dunfell
New this week: 2 CVEs
CVE-2023-2426 (CVSS3: 5.5 MEDIUM): vim
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2426 *
CVE-2023-2610 (CVSS3: 7.8 HIGH): vim
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2610 *
Removed this week: 0 CVEs
Full list: Found 93
Branch: master
New this week: 3 CVEs
CVE-2022-21227 (CVSS3: 7.5 HIGH): sqlite3:sqlite3-native
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-21227 *
CVE-2023-2426 (CVSS3: 5.5 MEDIUM): vim
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2426 *
CVE-2023-2610 (CVSS3: 7.8
33 matches
Mail list logo