Signed-off-by: Anatol Belski
---
.../tar/tar/CVE-2021-20193.patch | 133 ++
meta/recipes-extended/tar/tar_1.32.bb | 1 +
2 files changed, 134 insertions(+)
create mode 100644 meta/recipes-extended/tar/tar/CVE-2021-20193.patch
diff --git a/meta/recipes
Signed-off-by: Anatol Belski
---
.../tar/tar/CVE-2021-20193.patch | 133 ++
meta/recipes-extended/tar/tar_1.32.bb | 1 +
2 files changed, 134 insertions(+)
create mode 100644 meta/recipes-extended/tar/tar/CVE-2021-20193.patch
diff --git a/meta/recipes
ding recipe and fail.
As the described combination seems valid, including "mingw32" into the
whitelist unconditionally as a fix is suggested.
Signed-off-by: Anatol Belski
---
meta/classes/cross-canadian.bbclass | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/
6 has been whitelisted as it was
already present in the previous state.
Signed-off-by: Anatol Belski
---
meta/recipes-core/glibc/glibc-version.inc | 2 +-
meta/recipes-core/glibc/glibc_2.32.bb | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/meta/recipes-core/g
in EUC-KR conversion module (bz #24973)
0858f46440 Add NEWS entry for CVE-2020-29562 (BZ #26923)
1e40391de2 iconv: Fix incorrect UCS4 inner loop bounds (BZ#26923)
568c86274a tests-mcheck: New variable to run tests with MALLOC_CHECK_=3
Signed-off-by: Anatol Belski
---
meta/recipes-core/glibc/glibc-v
Hi,
On 3/16/2021 4:45 PM, Steve Sakoman wrote:
On Tue, Mar 16, 2021 at 2:56 AM Anatol Belski
wrote:
Hi,
On 3/15/2021 10:36 PM, Denys Dmytriyenko wrote:
https://wiki.yoctoproject.org/wiki/Stable_Release_and_LTS#Stable.2FLTS_Patch_Acceptance_Policies
Stable/LTS Patch Acceptance Policies
Hi,
On 3/15/2021 10:36 PM, Denys Dmytriyenko wrote:
https://wiki.yoctoproject.org/wiki/Stable_Release_and_LTS#Stable.2FLTS_Patch_Acceptance_Policies
Stable/LTS Patch Acceptance Policies
Potentially Acceptable:
* Bug fix only version upgrades for upstreams with a good stable process
The upstream patches are only in glib >= 2.66.6 and >= 2.67.3 and won't
be backported. This patch is developed based on the upstream patch set
and consulting teh backports recently made by Ubuntu for the 2.64.6
series.
Signed-off-by: Anatol Belski
---
.../glib-2.0/glib-2.0/CVE-2021-27219
Hi,
looking at the state of the upstream glibc 2.31, pulling the latest
upstream might be more suitable than cherry-picking patches. Depending
on the recipe maintainers opinion, it might be a good time time to do
so as some other CVE issues are fixed there, too.
Thanks
Anatol
On Fri,
Please ignore this one, i missed to tag for [dunfell], resent with the
correct tag.
Thanks
Anatol
On 3/12/2021 3:52 PM, Anatol Belski wrote:
The upstream patches are only in glib >= 2.66.6 and >= 2.67.3 and won't
be backported. This patch is developed based on the upstream pat
The upstream patches are only in glib >= 2.66.6 and >= 2.67.3 and won't
be backported. This patch is developed based on the upstream patch set
and consulting teh backports recently made by Ubuntu for the 2.64.6
series.
Signed-off-by: Anatol Belski
---
.../glib-2.0/glib-2.0/CVE-2021-27219
The upstream patches are only in glib >= 2.66.6 and >= 2.67.3 and won't
be backported. This patch is developed based on the upstream patch set
and consulting teh backports recently made by Ubuntu for the 2.64.6
series.
Signed-off-by: Anatol Belski
---
.../glib-2.0/glib-2.0/CVE-2021-27219
Hi,
On 2/25/2021 1:23 AM, Randy MacLeod wrote:
On 2021-02-24 6:57 p.m., Richard Purdie wrote:
On Wed, 2021-02-24 at 21:16 +0100, Anatol Belski wrote:
On 2/24/2021 5:49 PM, Richard Purdie wrote:
No, I mean the dynamic loader pointer.
$ tmp/sysroots-uninative/x86_64-linux/usr/bin/patchelf
On 2/24/2021 5:49 PM, Richard Purdie wrote:
On Wed, 2021-02-24 at 13:56 +0100, Anatol Belski wrote:
On 2/24/2021 1:32 PM, Richard Purdie wrote:
Hi,
On Wed, 2021-02-24 at 12:40 +0100, Anatol Belski wrote:
the current master build seems to be broken with symbols unavailable
from the host
On 2/24/2021 1:32 PM, Richard Purdie wrote:
Hi,
On Wed, 2021-02-24 at 12:40 +0100, Anatol Belski wrote:
the current master build seems to be broken with symbols unavailable
from the host glibc. The following is to see on the SDK built and
installed on the same host Ubuntu 18.04.5 having glibc
Hi,
the current master build seems to be broken with symbols unavailable
from the host glibc. The following is to see on the SDK built and
installed on the same host Ubuntu 18.04.5 having glibc 2.27:
$ . /tmp/poky-sdk-master-00/environment-setup-core2-64-poky-linux
$ ldd $(which $CC)
Hi Randy,
thanks for driving progress on this work.
On Tue, 2021-02-16 at 21:40 -0500, Randy MacLeod wrote:
> I've updated poky-contrib with my merge of meta-rust to oe-core:
>
> http://git.yoctoproject.org/cgit/cgit.cgi/poky-contrib/log/?h=rmacleod/rust-wip-2021-02-16
>
> The build status is
Hi,
On 2/3/2021 3:38 PM, Steve Sakoman wrote:
On Wed, Feb 3, 2021 at 12:02 AM Mikko Rapeli wrote:
Hi,
On Wed, Feb 03, 2021 at 08:42:57AM +, Anatol Belski wrote:
The naming convention needs to be help so the CVE is recognized as
fixed by the tooling.
Yocto CVE checker does detect CVE
Hi,
On 2/3/2021 11:02 AM, Mikko Rapeli wrote:
Hi,
On Wed, Feb 03, 2021 at 08:42:57AM +, Anatol Belski wrote:
The naming convention needs to be help so the CVE is recognized as
fixed by the tooling.
Yocto CVE checker does detect CVE patches also from patch comments so
this change
The naming convention needs to be help so the CVE is recognized as
fixed by the tooling.
Signed-off-by: Anatol Belski
---
...ion-to-avoid-GOptionEntry-lis.patch => CVE-2020-35457.patch} | 0
meta/recipes-core/glib-2.0/glib-2.0_2.62.6.bb | 2 +-
2 files changed, 1 insert
Hi,
please note the bitbake part sent separately to bitbake-devel@
https://lists.openembedded.org/g/bitbake-devel/message/11907
Thanks
Anatol
On Sun, 2021-01-17 at 15:25 +0100, Anatol Belski wrote:
> From: Sinan Kaya
>
> Signed-off-by: Sinan Kaya
> Signed-off-by: A
From: Sinan Kaya
Signed-off-by: Sinan Kaya
Co-Developed-by: Anatol Belski
Signed-off-by: Anatol Belski
---
meta/classes/image-live.bbclass | 2 +-
meta/classes/image_types.bbclass | 8 ++--
2 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/meta/classes/image-live.bbclass b
From: Sinan Kaya
Signed-off-by: Sinan Kaya
Signed-off-by: Anatol Belski
---
meta/recipes-core/images/build-appliance-image_15.0.0.bb | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/meta/recipes-core/images/build-appliance-image_15.0.0.bb
b/meta/recipes-core/images
From: Sinan Kaya
Signed-off-by: Sinan Kaya
Signed-off-by: Anatol Belski
---
scripts/runqemu | 8 +---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/scripts/runqemu b/scripts/runqemu
index e5e66f3453..dd92a64553 100755
--- a/scripts/runqemu
+++ b/scripts/runqemu
@@ -94,11
On 1/16/2021 10:22 AM, Paul Barker wrote:
On Thu, 14 Jan 2021 at 13:01, Anatol Belski
wrote:
From: Sinan Kaya
This patch brings support for generating VHD/VHDX from WIC. It touches
different areas but it needs to be applied at once for all the parts to
concert. The patch could be split
On 1/15/2021 11:12 PM, Richard Purdie wrote:
On Thu, 2021-01-14 at 13:01 +, Anatol Belski wrote:
From: Sinan Kaya
This patch brings support for generating VHD/VHDX from WIC. It touches
different areas but it needs to be applied at once for all the parts to
concert. The patch could
From: Sinan Kaya
This patch brings support for generating VHD/VHDX from WIC. It touches
different areas but it needs to be applied at once for all the parts to
concert. The patch could be split, if needed, otherwise considering
OE-Core as target.
Signed-off-by: Sinan Kaya
Signed-off-by: Anatol
Currently there's no easy way to override this part as it's hardcoded
into the EXTRA_OEMAKE var. This change makes it possible to manipulate
the list of subdirs in a more fine graned and future oriented manner.
Signed-off-by: Anatol Belski
---
meta/recipes-connectivity/iproute2/iproute2.inc | 4
28 matches
Mail list logo
