Hi All,
QA for yocto- 4.2.2.rc1 is completed. This is the full report for this release:
https://git.yoctoproject.org/cgit/cgit.cgi/yocto-testresults-contrib/tree/?h=intel-yocto-testresults
=== Summary
No high milestone defects.
No new issue found.
Thanks,
Jing Hui
>
>From 2d8164ac97277c344bc7c9e11f0ed78235726bda Mon Sep 17 00:00:00 2001
From: Heiko Thole
Date: Wed, 12 Jul 2023 07:41:59 +0200
Subject: [kirkstone][PATCH] wic: Add dependencies for erofs-utils
In order to build erofs filesystems, wic must have the erofs-utils package
installed into its
HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available
standalone on CPAN, has an insecure default TLS configuration where
users must opt in to verify certificates.
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-31486
Upstream patches:
HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available
standalone on CPAN, has an insecure default TLS configuration where
users must opt in to verify certificates.
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-31486
Upstream patches:
From: Changqing Li
* CVE-2023-33551.patch is for fix CVE-2023-33551.
* CVE-2023-33552-3.patch is upstream patch for fix CVE-2023-33552, since
the patch context is changed, CVE-2023-33552-1.patch and
CVE-2023-33552-2.patch is backported.
Signed-off-by: Changqing Li
---
From: Ross Burton
The 6.4 kernel causes parselog failures when Xorg starts:
(II) FBDEV(0): checking modes against framebuffer device...
(II) FBDEV(0): mode "640x480" test failed
(II) FBDEV(0): mode "640x480" test failed
(II) FBDEV(0): mode "640x480" test failed
(II)
Dear Richard,
Thank you for your reply and for including Joshua.
For us at Karl Storz it would be most convenient to have the extratedText
always populated, but in my opinion this can't be the default behaviour because
it would go against the SPDX standard, or at least its intent. The
As per suggestion, v3 (missing follow-up) patch has been sent for review.
Kind regards,
Vivek
On Wed, Jul 12, 2023 at 9:12 PM Steve Sakoman wrote:
> Hi Vivek,
>
> Sorry I didn't notice this earlier, but we already have a fix for this
> CVE in kirkstone:
>
>
>
Introduced by:
https://github.com/curl/curl/commit/3c49b405de4fbf1fd7127f91908261268640e54f
(curl-7_9_8)
Fixed by:
https://github.com/curl/curl/commit/13718030ad4b3209a7583b4f27f683cd3a6fa5f2
(curl-8_1_0)
Follow-up:
https://github.com/curl/curl/commit/f446258f0269a62289cca0210157cb8558d0edc3
Richard Purdie escreveu no dia quinta,
13/07/2023 à(s) 12:11:
> On Thu, 2023-07-13 at 11:02 +, Jose Quaresma wrote:
> > sstate_report_unihash function from sstate.bbclass needs to
> > run with pseudo disbaled when running do_image_complete task.
> > This is because it have the deploy content
On Thu, 2023-07-13 at 11:02 +, Jose Quaresma wrote:
> sstate_report_unihash function from sstate.bbclass needs to
> run with pseudo disbaled when running do_image_complete task.
> This is because it have the deploy content with uid and gid
> of the user that run bitbake on the build machine.
>
Also remove the warning than doesn't make sense as the code will generate
an exception and bitbake will abort.
Before:
| WARNING: core-image-minimal-initramfs-1.0-r0 do_image_complete: KeyError in .
| Exception: Exception: KeyError: 'getpwuid(): uid not found: x'
| Path . is owned by uid
sstate_report_unihash function from sstate.bbclass needs to
run with pseudo disbaled when running do_image_complete task.
This is because it have the deploy content with uid and gid
of the user that run bitbake on the build machine.
By default the creation of sstate is skiped in the task
Hi,
I've copied Joshua on this so he sees it since he's done a lot of work
on that class.
On Thu, 2023-07-13 at 09:29 +, Brehm, Wolfgang wrote:
> We at Karl Storz need to provide the literal license text for each
> software component we use, for legal reasons. There is a property
>
From: Ross Burton
By changing the default code generation of GCC we're inadvertently
breaking the GCC test suite, which has ~120K+ more failures when run for
aarch64 compared to x86-64.
This was because the generated code fragments included the BTI
instructions, which the test case wasn't
From: Ross Burton
Enable branch protection (PAC/BTI) for all aarch64 builds. This was
previously enabled at a global level in the GCC build, but that breaks
the gcc test suite.
Signed-off-by: Ross Burton
---
meta/conf/machine/include/arm/arch-arm64.inc | 5 +
1 file changed, 5
Summary of after update test results:
34 FAIL
5027 PASS
37 UNSUPPORTED
12 XFAIL
6 XPASS
Summary of before update test results:
35 FAIL
5026 PASS
37 UNSUPPORTED
12 XFAIL
6 XPASS
Diff:
-1 FAIL
1 PASS
0 UNSUPPORTED
0 XFAIL
0 XPASS
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to
Dear openembedded developers,
We at Karl Storz need to provide the literal license text for each software
component we use, for legal reasons. There is a property "extractedText" in the
SPDX documents, but it is only meant to be populated when the license is not a
standard license. However
Below commits on glibc-2.31 stable branch are updated.
2d4f26e5cf x86: Fix wcsnlen-avx2 page cross length comparison
Signed-off-by: Deepthi Hemraj
---
meta/recipes-core/glibc/glibc-version.inc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git
Dmidecode before 3.5 allows -dump-bin to overwrite a local file.
This has security relevance because, for example, execution of
Dmidecode via Sudo is plausible.
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-30630
https://lists.nongnu.org/archive/html/dmidecode-devel/2023-04/msg00016.html
From: Priyal Doshi
Signed-off-by: Priyal Doshi
---
meta/recipes-extended/timezone/timezone.inc | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/meta/recipes-extended/timezone/timezone.inc
b/meta/recipes-extended/timezone/timezone.inc
index 1834665..2960bfe 100644
---
Signed-off-by: Vivek Kumbhar
---
.../python/python3/CVE-2023-24329.patch | 80 +++
.../recipes-devtools/python/python3_3.8.17.bb | 1 +
2 files changed, 81 insertions(+)
create mode 100644 meta/recipes-devtools/python/python3/CVE-2023-24329.patch
diff --git
22 matches
Mail list logo