Re: [OE-core][PATCH] ncurses: upgrade to 6.4+20230625
Thanks for the info. I thought it was a stable version. The upgrade was intended for resolving CVE: https://nvd.nist.gov/vuln/detail/CVE-2023-29491. But now it's clear that such version is a development version, I'll just send out patch to fix the CVE. Regards, Qi -Original Message-
Re: [OE-core] [PATCH v4] qemu: Add qemu-common package
Ping. Thanks, On 7/17/23 15:11, Yu, Mingli wrote: From: Mingli Yu We split the qemu package [1] to add support to make user can install one qemu arch emulation rpm to ease the concerns who care much about the rpm size in embedded device. But for the user who only install the qemu-*.rpm
Re: [OE-core][PATCH] ncurses: upgrade to 6.4+20230625
6.4+20230625 is a development snapshot, and not an actual stable release. We used to take them but that was due to misunderstanding about ncurses version policy. Is there a particular reason to move to it? Alex On Thu, 27 Jul 2023 at 04:25, Chen Qi via lists.openembedded.org wrote: > > From:
[OE-core] [kirkstone][PATCHv2] tiff: fix multiple CVEs
Backport fixes for: * CVE-2023-2908 - Upstream-Status: Backport from https://gitlab.com/libtiff/libtiff/-/commit/9bd48f0dbd64fb94dc2b5b05238fde0bfdd4ff3f * CVE-2023-3316 - Upstream-Status: Backport from https://gitlab.com/libtiff/libtiff/-/commit/d63de61b1ec3385f6383ef9a1f453e4b8b11d536 *
Re: [OE-core] [qa-build-notification] QA notification for completed autobuilder build (yocto-4.3_M2.rc2)
Hi all, Intel and WR YP QA is planning for QA execution for YP build yocto-4.3_M2.rc2. We are planning to execute following tests for this cycle: OEQA-manual tests for following module: 1. OE-Core 2. BSP-hw Runtime auto test for following platforms: 1. MinnowBoard Turbot - 32bit
[OE-core][PATCH] ncurses: upgrade to 6.4+20230625
From: Chen Qi The license checksum is updated because of the year change, the license itself remains the same. The exit_prototype.patch is refreshed to avoid patch fuzz error. The repo is switched back to salsa.debian.org. It was switch from salsa.debian.org to github mirror because, according
Re: [OE-core] [PATCH] rust: Add failed test cases to exclude list for Rust Oe-selftest
I don't see this in master or master-next yet so see comments below and send a slightly updated v2. On 2023-07-26 12:25, Yash Shinde wrote: Failed test cases are added to exclude list. Drop meta/recipes-devtools/rust/files/rust-oe-selftest.patch file. Signed-off-by: Yash Shinde ---
Re: [OE-core] [PATCH] createrepo-c: Fix 32 bit architecture segfaults with 64 bit time
On Wed, Jul 26, 2023 at 12:50 PM Richard Purdie wrote: > > After including time64.inc, createrepo-c was segfaulting on 32 bit > architectures > when creating repo indexes (even for an empty repo). > > Add a patch from Khem to fix this and some other compiler warnings related to > 64 > bit time
[OE-core] [PATCH] createrepo-c: Fix 32 bit architecture segfaults with 64 bit time
After including time64.inc, createrepo-c was segfaulting on 32 bit architectures when creating repo indexes (even for an empty repo). Add a patch from Khem to fix this and some other compiler warnings related to 64 bit time on 32 bit. [YOCTO #15170] Signed-off-by: Richard Purdie ---
Re: [OE-core] [PATCH] rust: Fix BOOTSTRAP_CARGO failure during Rust Oe-selftest
Please take this patch(to be patched first) along with https://lists.openembedded.org/g/openembedded-core/message/184896 ( https://lists.openembedded.org/g/openembedded-core/message/184896 ) to avoid merge failures. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group.
Re: [OE-core] [PATCH] rust: Add failed test cases to exclude list for Rust Oe-selftest
Please take this patch(to be patched after # 184890 ( https://lists.openembedded.org/g/openembedded-core/message/184890 ) ) along with https://lists.openembedded.org/g/openembedded-core/message/184890 to avoid merge failure. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this
Re: [OE-core] [PATCH] rust: Add failed test cases to exclude list for Rust Oe-selftest
On Wed, Jul 26, 2023 at 09:55 PM, Shinde, Yash wrote: > > file://rust-oe-selftest.patch;patchdir=${RUSTSRC} \ Please take this patch(to be patched after # 184890 ( https://lists.openembedded.org/g/openembedded-core/message/184890 ) ) along with
Re: [OE-core] [PATCH] rust: Fix BOOTSTRAP_CARGO failure during Rust Oe-selftest
Please take this patch(to be patched first) along with https://lists.openembedded.org/g/openembedded-core/message/184896 ( https://lists.openembedded.org/g/openembedded-core/message/184896 ) to avoid merge failures. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group.
[OE-core] [PATCH] rust: Add failed test cases to exclude list for Rust Oe-selftest
Failed test cases are added to exclude list. Drop meta/recipes-devtools/rust/files/rust-oe-selftest.patch file. Signed-off-by: Yash Shinde --- meta/lib/oeqa/selftest/cases/rust.py | 209 +- .../rust/files/rust-oe-selftest.patch | 2324 -
[OE-core] [PATCH 4/4] selftest/cases/glibc.py: switch to using NFS over TCP
This provides a more reliable test execution when running tests that write a large buffer/file and significantly reduces the localedata test failures. Signed-off-by: Anuj Mittal --- meta/lib/oeqa/selftest/cases/glibc.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git
[OE-core] [PATCH 3/4] oeqa/utils/nfs: allow requesting non-udp ports
Allows setting up NFS over TCP as well. Signed-off-by: Anuj Mittal --- meta/lib/oeqa/utils/nfs.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta/lib/oeqa/utils/nfs.py b/meta/lib/oeqa/utils/nfs.py index b66ed42a58..903469bfee 100644 --- a/meta/lib/oeqa/utils/nfs.py
[OE-core] [PATCH 2/4] selftest/cases/glibc.py: increase the memory for testing
Some of the tests trigger OOM and fail. Increase the amount of memory available so we dont run into these issues. Signed-off-by: Anuj Mittal --- meta/lib/oeqa/selftest/cases/glibc.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/lib/oeqa/selftest/cases/glibc.py
[OE-core] [PATCH 1/4] glibc/check-test-wrapper: don't emit warnings from ssh
Dont fill up the test log with ssh warning about having added the host to list of known hosts. Also helps fix a test case failure where stderr log was being compared to a known value. Signed-off-by: Anuj Mittal --- meta/recipes-core/glibc/glibc/check-test-wrapper | 2 +- 1 file changed, 1
[OE-core] [PATCH 0/4] Fix glibc test failures when running through qemu
After applying these changes, the number of tests failing for glibc come down to 69 on autobuilder. Result summary for qemux86-64: --- --- Recipe | Passed | Failed | Skipped
[OE-core] [PATCH] rust: Fix BOOTSTRAP_CARGO failure during Rust Oe-selftest
BOOTSTRAP_CARGO command fails due to codegen flags like `-Cpanic` were prevented from being reflected in the current target configuration which leads to Rust build(rust version 1.70) failure in Oe-selftest. Upstream-Status: Backport
[OE-core] [PATCH] rust: Fix BOOTSTRAP_CARGO failure during Rust Oe-selftest
BOOTSTRAP_CARGO command fails due to codegen flags like `-Cpanic` were prevented from being reflected in the current target configuration which leads to Rust build(rust version 1.70) failure in Oe-selftest. Upstream-Status: Backport
[OE-core] [PATCH] rust: Fix BOOTSTRAP_CARGO failure during Rust Oe-selftest
BOOTSTRAP_CARGO command fails due to codegen flags like `-Cpanic` were prevented from being reflected in the current target configuration which leads to Rust build(rust version 1.70) failure in Oe-selftest. Upstream-Status: Backport
Re: [OE-core] [kirkstone][PATCH] tiff: fix multiple CVEs
It would be quite helpful to me if in the future you would send multiple patches to the same recipe as a patch series rather than individually. That way I won't have to try to figure out which order you intended them to be applied! Steve On Tue, Jul 25, 2023 at 8:09 PM Hitendra Prajapati
Re: [OE-core] [kirkstone][PATCH] tiff: fix multiple CVEs
On Wed, 2023-07-26 at 17:20 +0530, Hitendra Prajapati wrote: > +Upstream-Status: Backport > [https://gitlab.com/libtiff/libtiff/-/commit/b5c7d4c4e0ac16b5cfb1 > 1acaaeaa493334f8] > +CVE: CVE-2023-3618 > +Signed-off-by: Hitendra Prajapati > +--- > + tools/tiffcrop.c | 18 +++--- > +
[OE-core][dunfell][PATCH] go: fix CVE-2023-29406 net/http: insufficient sanitization of Host header
Signed-off-by: Vivek Kumbhar --- meta/recipes-devtools/go/go-1.14.inc | 1 + .../go/go-1.14/CVE-2023-29406.patch | 212 ++ 2 files changed, 213 insertions(+) create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-29406.patch diff --git
[OE-core] [kirkstone][PATCH] libxcrypt: fix build with perl-5.38 and use master branch
* fixes do_configure failure: checking whether all ucontext.h functions are available... yes when is deprecated at libxcrypt/4.4.30-r0/git/build-aux/scripts/BuildCommon.pm line 522. Compilation failed in require at ../git/build-aux/scripts/expand-selected-hashes line 28. BEGIN
Re: [OE-core] [PATCH] rpm: Allow setting platform macro settings externally
2023. 07. 25. 18:30 keltezéssel, Alexander Kanavin írta: I would want to hold this until we have a reaction from upstream. Now we have reaction. Both PRs were closed because they were not against master, my bad. Now reopened against master as
Re: [OE-core] [PATCH] oe.data: allow to mask out secret variables
On Wed, 2023-07-26 at 14:02 +0200, Enrico Scholz via lists.openembedded.org wrote: > Alexander Kanavin writes: > > > > Else, there are sometimes not many ways to work without them. > > > E.g. SSTATE_MIRRORS has contain the secret token because it is > > > used directly by bitbake; perhaps I
Re: [OE-core] [PATCH] oe.data: allow to mask out secret variables
Alexander Kanavin writes: >> Else, there are sometimes not many ways to work without them. >> E.g. SSTATE_MIRRORS has contain the secret token because it is >> used directly by bitbake; perhaps I could use a wget wrapper and >> write a custom curl python class... > > Yes, the secret needs to be
Re: [OE-core] [PATCH] oe.data: allow to mask out secret variables
On Wed, 26 Jul 2023 at 13:42, Enrico Scholz wrote:> > it's better to just scrub them prior to publishing with a post-script.> > Else, there are sometimes not many ways to work without them. > E.g. SSTATE_MIRRORS has contain the secret token because it is used > directly by bitbake; perhaps I
[OE-core] [kirkstone][PATCH] tiff: fix multiple CVEs
Backport fixes for: * CVE-2023-2908 - Upstream-Status: Backport from https://gitlab.com/libtiff/libtiff/-/commit/9bd48f0dbd64fb94dc2b5b05238fde0bfdd4ff3f * CVE-2023-3316 - Upstream-Status: Backport from https://gitlab.com/libtiff/libtiff/-/commit/d63de61b1ec3385f6383ef9a1f453e4b8b11d536 *
Re: [OE-core] [PATCH] oe.data: allow to mask out secret variables
Alexander Kanavin writes: > Please no. These things can leak out in a million other ways no; that is very unlikely. The parts which are dealing with secrets usually take care about not leaking them. All major CI systems have the same problem (need secret variables) and at least gitlab solves
Re: [OE-core] [PATCH] oe.data: allow to mask out secret variables
Please no. These things can leak out in a million other ways (e.g. if you publish logs), it's better to just scrub them prior to publishing with a post-script. Having secrets in bitbake variables is a bad idea to begin with. Alex On Wed, 26 Jul 2023 at 13:10, Enrico Scholz via
[OE-core] [PATCH] oe.data: allow to mask out secret variables
From: Enrico Scholz Some integrations require that passwords or secret tokens are assigned to bitbake variables. E.g. the meta-dependencytrack layer has a 'DEPENDENCYTRACK_API_KEY' or my sstate-server requires a 'SSTATE_SERVER_SESSION' token. These secrets will appear in testdata.json which
ODP: [OE-Core][PATCH v11][master-next 1/5] package_ipk.bbclass: add support for ACLs and xattr
Hi Alexandre, Alex, Thx for supporting me, I have finally discovered the issue regarding this packages differences. It occurred that I was badly comparing two strings for tarformat comparison. Now it is fixed and should finally work. This has been additionally tested with oe-selftest -r
[OE-Core][PATCH v11][master-next 2/5] package.bbclass: add support for ACLs and xattr
Extend `tar` command, with additional parameters, depending on choosen package class and target distro features, in order to support ACLs and xattr. Currently only `package_ipk` supports fully ACLs and xattr. Signed-off-by: Piotr Łobacz --- meta/classes-global/package.bbclass | 9 +++-- 1
[OE-Core][PATCH v11][master-next 3/5] opkg-utils: add acl and xattr support
Add support for tar archives created with --acls and/or --xattrs options, PAX header format. GNU tar and libarchive already supports ACLs and extended attributes. We can now add this support as well to opkg-build script in order to use fsetattr or setcap inside do_install command and end up with
[OE-Core][PATCH v11][master-next 5/5] opkg: set locale from system environment variables
A C program inherits its locale environment variables when it starts up. This happens automatically. However, these variables do not automatically control the locale used by the library functions, because ISO C says that all programs start by default in the standard ‘C’ locale. Fixes warnings:
[OE-Core][PATCH v11][master-next 4/5] opkg: add options to enable support for acl and xattr
The libarchive library, which is being used by opkg, supports ACLs and xattr already. More informations can be read at this link: https://github.com/libarchive/libarchive/pull/691 Signed-off-by: Piotr Łobacz --- ...-to-enable-support-for-acl-and-xattr.patch | 70 +++
[OE-Core][PATCH v11][master-next 1/5] package_ipk.bbclass: add support for ACLs and xattr
Extend OPKGBUILDCMD variable, with additional parameters, depending on target distro features, in order to support ACLs and xattr. With fix pushed to the opkg-devel: https://groups.google.com/g/opkg-devel/c/dYNHrLjDwg8 opkg-build is able to create tar archives with ACLs and xattr. Signed-off-by:
Re: [OE-core] Toolchain test results
urther but > > it > > is a start! > > > > A lot of locale/iconv tests seemed to be failing when calling write > with large buffers/files over NFS. Some of others were triggering OOM. > > I ran the tests again after making a few changes: > > https://autobuild
[OE-core] [kirkstone] cherry-pick kernel: add missing path to search for debug files
Hello Steve I would like to ask you to cherry-picking commit 8252367023b31d923c6031280843cdd35050df56 to kirckstone. We are using it successfully and it's a trivial fix. The original discussion is here: https://lists.openembedded.org/g/openembedded-core/topic/88532225#160734 Thank you and best
[OE-core] [mickledore][PATCH] cups: Fix CVE-2023-34241
From: Mingli Yu Backport patch [1] to fix CVE-2023-34241. [1] https://github.com/OpenPrinting/cups/commit/9809947a959e18409dcf562a3466ef246cb90cb2 Signed-off-by: Mingli Yu --- meta/recipes-extended/cups/cups.inc | 1 + .../cups/cups/CVE-2023-34241.patch| 70
[OE-core] [PATCH v2] nfs-utils: Fix host path contamination building locktest
Signed-off-by: Khem Raj --- v2: Fix build on ppc32 ...t-Makefile.am-Do-not-use-build-flags.patch | 36 + ...locktest-Use-intmax_t-to-print-off_t.patch | 53 +++ .../nfs-utils/nfs-utils_2.6.3.bb | 2 + 3 files changed, 91 insertions(+) create mode
Re: [OE-core][PATCH] meta-networking: cve_check: convert CVE_CHECK_IGNORE to CVE_STATUS
There is already a patch available to convert all of meta-openembedded recipes https://lists.openembedded.org/g/openembedded-devel/message/103992 Also this is incorrect mailing list... Peter -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#184865):
[OE-core] [kirkstone][PATCH] libtiff: fix CVE-2023-26965 heap-based use after free
Upstream-Status: Backport from https://gitlab.com/libtiff/libtiff/-/commit/ec8ef90c1f573c9eb1f17d6a056aa0015f184acf Signed-off-by: Hitendra Prajapati --- .../libtiff/tiff/CVE-2023-26965.patch | 97 +++ meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 1 + 2 files
[OE-core] [dunfell] [PATCH] harfbuzz: Resolve backported commit bug.
The commit [https://github.com/openembedded/openembedded-core/commit/c22bbe9b45e3] backports fix for CVE-2023-25193 for version 2.6.4. The apply() in src/hb-ot-layout-gpos-table.hh ends prematurely. The if block in apply() has an extra return statement, which causes it to return w/o executing
Re: [OE-core] Toolchain test results
isabled > > > for > > > the tests and have sent a patch to fix that. That reduces the > > > failures > > > from ~3900 to ~330. We should really try and reduce that further > > > but > > > it > > > is a start! > > > > > > > A lot of locale/
[OE-core][PATCH] meta-networking: cve_check: convert CVE_CHECK_IGNORE to CVE_STATUS
2023-07-26
Thread
Sanjaykumar kantibhai Chitroda -X (schitrod - E-INFO CHIPS INC at Cisco) via lists.openembedded.org
From: Sanjay Chitroda - OE-core has added support for CVE_STATUS: https://github.com/openembedded/openembedded-core/commit/1634ed4048cf - Try to add convert and apply statuses for old CVEs Signed-off-by: Sanjay Chitroda --- .../freeradius/freeradius_3.0.26.bb | 7 +++---
Re: [OE-core] Toolchain test results
rther but > > it > > is a start! > > > > A lot of locale/iconv tests seemed to be failing when calling write > with large buffers/files over NFS. Some of others were triggering OOM. > > I ran the tests again after making a few changes: > > https://autobuilder.
[OE-core] [kirkstone][PATCH] tiff: fix multiple CVEs
Backport fixes for: * CVE-2023-25433 - Upstream-Status: Backport from https://gitlab.com/libtiff/libtiff/-/commit/9c22495e5eeeae9e00a1596720c969656bb8d678 && https://gitlab.com/libtiff/libtiff/-/commit/688012dca2c39033aa2dc7bcea9796787cfd1b44 * CVE-2023-25434 & CVE-2023-25435 - Upstream-Status:
Re: [OE-core] Toolchain test results
. Some of others were triggering OOM. I ran the tests again after making a few changes: https://autobuilder.yocto.io/pub/non-release/20230726-11/testresults/qemux86-64-tc/ After switching NFS mount to TCP
