The ssh-keygen would take a long time to generate the entropy of a key
The following commits have fixed the issue.
https://github.com/openssl/openssl/commit/dd1d7bcb69994d81662e709b0ad838880b943870
https://github.com/openssl/openssl/commit/d2f6e66d2837bff1f5f7636bb2118e3a45c9df61
Signed-off-by: H
Hi,
On Fri, Mar 15, 2024 at 07:52:00PM +, Dhairya Nagodra via
lists.openembedded.org wrote:
>
>
> >-Original Message-
> >From: Ross Burton
> >Sent: Friday, March 15, 2024 9:39 PM
> >To: Dhairya Nagodra -X (dnagodra - E-INFO CHIPS INC at Cisco)
> >
> >Cc: openembedded-core@lists.ope
Hi all,
Intel and WR YP QA is planning for QA execution for YP build yocto-4.0.17.rc1.
We are planning to execute following tests for this cycle:
OEQA-manual tests for following module:
1. OE-Core
2. BSP-hw
Runtime auto test for following platforms:
1. MinnowBoard Turbot - 32bit
Hi All,
QA for yocto-5.0_M3.rc1 is completed. This is the full report for this release:
https://git.yoctoproject.org/cgit/cgit.cgi/yocto-testresults-contrib/tree/?h=intel-yocto-testresults
=== Summary
A new bug was found: Bug 15440 - [5.0 M3 RC1] Fail to start matchbox-desktop o
Fix the following error:
root@intel-x86-64:~# wget -6 http://localhost
--2024-01-12 07:18:42-- http://localhost/
Resolving localhost... failed: No IPv4/IPv6 addresses for host.
wget: unable to resolve host address 'localhost'
Reference:
https://sourceware.org/bugzilla/show_bug.cgi?id=29605
Upst
From: Khem Raj
Autobuilder sees and intermittent failure on strace tests and it occurs
quite often therefore bump the size of image as the space requirement is
more now with parallel execution enabled.
[YOCTO #15370]
Signed-off-by: Khem Raj
Signed-off-by: Alexandre Belloni
(cherry picked from
From: Michael Halstead
Signed-off-by: Michael Halstead
Signed-off-by: Richard Purdie
(cherry picked from commit 56fdd8b79e2f7ec30d2cdcfa0c399a6553efac1e)
Signed-off-by: Steve Sakoman
---
meta/conf/distro/include/yocto-uninative.inc | 10 +-
1 file changed, 5 insertions(+), 5 deletions
From: Priyal Doshi
Signed-off-by: Priyal Doshi
Signed-off-by: Alexandre Belloni
(cherry picked from commit 5abbd0abf992ce8d11f3ae31fb1d83d97f5319fa)
Signed-off-by: Steve Sakoman
---
meta/recipes-extended/timezone/timezone.inc | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff -
From: Yoann Congal
When a CVE is updated to be rejected, matching database entries must be
removed. Otherwise:
* an incremental update is not equivalent the to an initial download.
* rejected CVEs might still appear as Unpatched in cve-check.
Signed-off-by: Yoann Congal
Signed-off-by: Richard P
From: Alex Kiernan
Upstream maintainer has changed to Chen-Yu Tsai :
https://lore.kernel.org/all/CAGb2v657baNMPKU3QADijx7hZa=GUcSv2LEDdn6N=qqafx8...@mail.gmail.com/
Note that fb768d3b13ff ("wifi: cfg80211: Add my certificate") and
3c2a8ebe3fe6 ("wifi: cfg80211: fix certs build to not depend on
From: Alexander Kanavin
License-Update: additional files
Signed-off-by: Alexander Kanavin
Signed-off-by: Richard Purdie
(cherry picked from commit add81ef0299ea5260f9bdc59ffc8f5cc0e74276f)
Signed-off-by: Steve Sakoman
---
...inux-firmware_20231211.bb => linux-firmware_20240220.bb} | 6 +++---
From: Lee Chee Yang
Changes between 3.1.4 and 3.1.5 [30 Jan 2024]
* A file in PKCS12 format can contain certificates and keys and may
come from
an untrusted source. The PKCS12 specification allows certain fields
to be
NULL, but OpenSSL did not correctly check for this case. A fix has
been
From: Yoann Congal
When a CVE is created, it often has no precise version information and
this is stored as "-" (matching any version). After an update, version
information is added. The previous "-" must be removed, otherwise, the
CVE is still "Unpatched" for cve-check.
Signed-off-by: Yoann Con
From: Yoann Congal
Add a URL to the doc of the API used in the function.
... and fix a small typo dabase -> database
Signed-off-by: Yoann Congal
Signed-off-by: Richard Purdie
(cherry picked from commit e0157b3b81333a24abd31dbb23a6abebca3e7ba7)
Signed-off-by: Steve Sakoman
---
meta/recipes-co
From: Yoann Congal
CVE_CHECK_DB_FILE is already defined in cve-check.bbclass which is
always inherited in cve-update-nvd2-native (There is a check line 40).
Remove it to avoid confusion. Otherwise, this should not change
anything.
Signed-off-by: Yoann Congal
Signed-off-by: Richard Purdie
(che
From: Yoann Congal
Add a new variable "CVE_DB_INCR_UPDATE_AGE_THRES", which can be used to
specify the maximum age of the database for doing an incremental update
For older databases, a full re-download is done.
With a value of "0", this forces a full-redownload.
Signed-off-by: Yoann Congal
Si
From: Yoann Congal
attmepts -> attempts
Signed-off-by: Yoann Congal
Signed-off-by: Richard Purdie
(cherry picked from commit dc18aaeda8e810f9082a0ceac08e5e4275bbd0f7)
Signed-off-by: Steve Sakoman
---
meta/recipes-core/meta/cve-update-nvd2-native.bb | 2 +-
1 file changed, 1 insertion(+), 1 d
From: Claus Stovgaard
PEAP client: Update Phase 2 authentication requirements. Also see
https://www.top10vpn.com/research/wifi-vulnerabilities/
Signed-off-by: Claus Stovgaard
Signed-off-by: Richard Purdie
(cherry picked from commit 57b6a329df897de69ae8b90706d9fe37e0ed6d35)
Signed-off-by: Steve
From: Simone Weiß
Log if the CVE_STATUS is set for a CVE, but the cve is not reported for a
component. This should hopefully help to clean up not needed CVE_STATUS
settings.
Signed-off-by: Simone Weiß
Signed-off-by: Richard Purdie
(cherry picked from commit 013d531a84fa08b6ae8a47bdf3ba1fa8f18b
Please review this set of changes for nanbield and have comments back by
end of day Tuesday, March 19
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6688
The following changes since commit f40a53370eac89df38b2fab47c411a61d4df4fc0:
gnutls: Upgra
without vapi gnome-calculator-46.0 will fail with:
| ../gnome-calculator-46.0/lib/currency-provider.vala:161.19-161.47:
error: The name `send_and_splice_async' does not exist in the context
of `Soup.Session' (libsoup-3.0)
Signed-off-by: Markus Volk
---
meta/recipes-support/libsoup/libsoup_3.4.4.
Hi, Richard
> I'm afraid this looks like a pretty horrible workaround where the header is
> broken in the non-fortran enabled case and mulitlib wouldn't work in the
> fortran
> case.
>
I'm sorry. It seems that I should submit a discussion instead of submitting
these patches directly.
I found t
Major changes in 46.0
=
- Translation updates
Major changes in 46.rc
==
- Make default clock format overridable by translators
- Translation updates
Major changes in 46.beta
- Add key to modify XKB options
- Add key to indicate whet
not particularly related to this upgrade but gtk4 is failing to
compile with musl+clang - https://github.com/kraj/meta-clang/pull/922
I was hoping this upgrade would have helped but sadly it did not.
On Sun, Mar 17, 2024 at 10:26 AM Markus Volk wrote:
>
> - Remove ffmpeg backend as it was removed
From: Baruch Siach
Use the read-only squashfs filesystem to test the read-only case.
Signed-off-by: Baruch Siach
Signed-off-by: Vyacheslav Yurkov
---
meta-selftest/wic/overlayfs_etc.wks.in| 4 +--
meta/lib/oeqa/selftest/cases/overlayfs.py | 34 +++
2 files changed, 30
- Remove ffmpeg backend as it was removed upstream
Overview of Changes in 4.14.1, 16-03-2024
=
* GtkTextView:
- Fix a mixup of cursor and anchor when retrieving surrounding text
in input methods
* Printing:
- Avoid accessing freed printers
* Accessib
- Remove ffmpeg backend as it was removed upstream
Signed-off-by: Markus Volk
---
meta/recipes-gnome/gtk+/{gtk4_4.12.5.bb => gtk4_4.14.1.bb} | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
rename meta/recipes-gnome/gtk+/{gtk4_4.12.5.bb => gtk4_4.14.1.bb} (96%)
diff --git a/meta/recipes
On Sun, 2024-03-17 at 01:17 -1000, Steve Sakoman wrote:
> Branch: master
>
> New this week: 0 CVEs
>
> Removed this week: 0 CVEs
>
> Full list: Found 37 unpatched CVEs
> CVE-2023-7216 (CVSS3: 5.3 MEDIUM): cpio
Hi, checked all the upstream developments, no news at all this week,
besides t
From: Meenali Gupta
A flaw was found in Expat (libexpat). If XML_DTD is undefined at compile time, a
recursive XML Entity Expansion condition can be triggered.This issue may lead to
a condition where data is expanded exponentially, which will quickly consume
system
resources and cause a denial o
No, I've noticed this when stress-ng and lib32-stress-ng were running
do_compile at the same time and for some reason both sync calls got
stuck, I've killed it when it was running both do_compile tasks for 13
hours (and there was chromium and lib32-chromium do_compile running
for 15+ hours as well
On Sun, Mar 17, 2024, 08:01 Martin Jansa wrote:
> calling 'sync' from do_compile in the middle of big OE world
> build harms the build time.
>
No objection from me but do you have a any data on how much an innocuous
call to sync slows down a build?
Randy
> Signed-off-by: Martin Jansa
> ---
>
Branch: nanbield
New this week: 12 CVEs
CVE-2023-52434 (CVSS3: 8.0 HIGH): linux-yocto
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52434 *
CVE-2023-52435 (CVSS3: 5.5 MEDIUM): linux-yocto
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52435 *
CVE-2023-52438 (CVSS3: 7.8 HIG
Branch: kirkstone
New this week: 0 CVEs
Removed this week: 0 CVEs
Full list: Found 44 unpatched CVEs
CVE-2021-35937 (CVSS3: 6.4 MEDIUM): rpm:rpm-native
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35937 *
CVE-2021-35938 (CVSS3: 6.7 MEDIUM): rpm:rpm-native
https://web.nvd.nist.gov
Branch: dunfell
New this week: 0 CVEs
Removed this week: 0 CVEs
Full list: Found 110 unpatched CVEs
CVE-2020-15705 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15705 *
CVE-2020-25742 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-
calling 'sync' from do_compile in the middle of big OE world
build harms the build time.
Signed-off-by: Martin Jansa
---
.../0001-Makefile-avoid-calling-sync.patch| 35 +++
.../stress-ng/stress-ng_0.13.12.bb| 1 +
2 files changed, 36 insertions(+)
create mode 10
Branch: master
New this week: 0 CVEs
Removed this week: 0 CVEs
Full list: Found 37 unpatched CVEs
CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 *
CVE-2021-3714 (CVSS3: 5.9 MEDIUM): linux-yocto
https://web.nvd.nist.gov/view/vuln/d
On Fri, 2024-03-15 at 19:19 -0500, r...@ti.com wrote:
> From: Randolph Sapp
>
> Add a link from libbz2.so.1.0 to libbz2.so.${PV} for compatibility
> with
> other distributions.
>
> A handfull of distributions are still using the "Makefile-libbz2_so" to
> generate libbz2 and bzip2-shared. This cr
37 matches
Mail list logo