[oe] subscribe

Thanks & Regards, Sanjay Chitroda Software Engineer schit...@cisco.com -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#104536): https://lists.openembedded.org/g/openembedded-devel/message/104536 Mute This Topic: https:/

Re: [oe] [meta-oe][kirkstone][PATCH 1/1] python3-werkzeug: fix for CVE-2023-23934

Dear Narpat, Once your python3-werkzeug package is built successfully using bitbake. You can try to check /tmp/work/*/python3-werkzeug//temp/log.do_patch file. It will provide the logs specific to do_patch task, where you can confirm this HUNK information. Thanks, Sanjay From: openembedded-de

Re: [oe] [meta-python][kirkstone][PATCH 1/1] python3-django: upgrade 3.2.12 -> 3.2.19

++ Arman Hi Narpat, As per my knowledge, generally we don't go for package upgrade in stable branches like dunfell/kirkstone. In some special case where we have strong motive then only, we recommend package upgrade. Kirkstone Reference: https://github.com/openembedded/meta-openembedded/commi

Re: [oe] [meta-python][kirkstone][PATCH 1/1] python3-django: fix for CVE-2023-31047

++ Armin Hi Narpat, FYI, meta-oe layer kirkstone branch python3-django package is already bump to 4.2.1 version with following commit: https://github.com/openembedded/meta-openembedded/commit/84782522d145f55e4076699c4bb00bcb4cec98da python3-django version 4.2.1 https://github.com/django/django

Re: [oe][meta-networking][kirkstone][PATCH 1/1] samba: fix CVE-2022-41916

Hi Archana, As I mentioned it will be advisable and good if we can make standard format. We don't have strict guideline for this, but we always recommend to follow this, specifically for CVE patches. We would appreciate, If you can consider this point and share the updated patchset. Thanks, Sa

Re: [oe][meta-networking][kirkstone][PATCH 1/1] samba: fix CVE-2022-41916

Hi Hari, Regarding format only nothing specific to review of fix, I saw many developers has contributed to samba package fixes. I would be great if we can keep common format inside .patch file as following. -- CVE: CVE-2022-41916 Upstream-Status: Backp

Re: [oe] [meta-oe][kirkstone,PATCH] gnulib: Update recipe name to 2018-12-18

From: openembedded-devel@lists.openembedded.org On Behalf Of Sanjaykumar kantibhai Chitroda -X (schitrod - E-INFO CHIPS INC at Cisco) via lists.openembedded.org Sent: Wednesday, May 31, 2023 9:48 AM To: openembedded-devel@lists.openembedded.org Cc: Sanjaykumar kantibhai Chitroda -X (schitrod - E

Re: [oe] [meta-oe][dunfell,PATCH] gnulib: Update recipe name to 2018-12-18

ehalf Of Sanjaykumar kantibhai Chitroda -X (schitrod - E-INFO CHIPS INC at Cisco) via lists.openembedded.org Sent: Wednesday, May 31, 2023 9:49 AM To: openembedded-devel@lists.openembedded.org Cc: Sanjaykumar kantibhai Chitroda -X (schitrod - E-INFO CHIPS INC at Cisco) ; Khem Raj Subject: [oe] [me

Re: [oe] [oe-core][kirkstone][PATCH 1/1] webkitgtk: fix CVE-2022-42867

Thanks Richard, for the information. I will investigate this part and share update in next 2 days. - why CVEs are not reported against webkitgtk package. - Sanjay -Original Message- From: Richard Purdie Sent: Tuesday, June 6, 2023 7:39 PM To: Sanjaykumar kantibhai Chitroda -X (schitrod

Re: [oe] [oe-core][kirkstone][PATCH 1/1] webkitgtk: fix CVE-2022-42867

Hi Richard, Do we accept the CVE fixes which are not reported in our CVE metrics? https://autobuilder.yocto.io/pub/non-release/patchmetrics/cve-status-kirkstone.txt On which image we run cve_check task to generate CVE metrics? Any image which run for all the packages available in SDK? Thanks, S

[oe] [meta-oe][dunfell,PATCH] gnulib: Update recipe name to 2018-12-18

As per gnulib_2018-03-07 recipe information, SRCREV = "0d6e3307bbdb8df4d56043d5f373eeeffe4cbef3" This revision was committed on "2018-12-18". There is a discrepancy between SRCREV and the recipe version. Which reports "CVE-2018-17942" as unpatched. To report "CVE-2018-17942" as patched, We need t

[oe] [meta-oe][kirkstone,PATCH] gnulib: Update recipe name to 2018-12-18

As per gnulib_2018-03-07 recipe information, SRCREV = "0d6e3307bbdb8df4d56043d5f373eeeffe4cbef3" This revision was committed on "2018-12-18". There is a discrepancy between SRCREV and the recipe version. Which reports "CVE-2018-17942" as unpatched. To report "CVE-2018-17942" as patched, We need t

[oe] [meta-oe][mickledore,PATCH] gnulib: Update recipe name to 2018-12-18

As per gnulib_2018-03-07 recipe information, SRCREV = "0d6e3307bbdb8df4d56043d5f373eeeffe4cbef3" This revision was committed on "2018-12-18". There is a discrepancy between SRCREV and the recipe version. Which reports "CVE-2018-17942" as unpatched. To report "CVE-2018-17942" as patched, We need t

Re: [oe] [meta-oe][PATCH] gnulib: Update recipe name to 2018-12-18

Hi all, Any update/comment ? @raj.k...@gmail.com can you please guide me on how to procced further ? Thanks, Sanjay -Original Message- From: Sanjay Chitroda Sent: Friday, May 19, 2023 10:56 AM To: openembedded-devel@lists.openembedded.org Cc: Sanjaykumar kantibhai Chitroda -X (schitrod

Re: [oe] [meta-oe][PATCH] gnulib: Update recipe name to 2018-12-18

Hi all, Any update/comment ? @raj.k...@gmail.com can you please guide me on how to procced further ? Thanks, Sanjay -Original Message- From: openembedded-devel@lists.openembedded.org On Behalf Of Sanjaykumar kantibhai Chitroda -X (schitrod - E-INFO CHIPS INC at Cisco) via

[oe] [meta-oe][PATCH] gnulib: Update recipe name to 2018-12-18

As per gnulib_2018-03-07 recipe information, SRCREV = "0d6e3307bbdb8df4d56043d5f373eeeffe4cbef3" This revision was committed on "2018-12-18". There is a discrepancy between SRCREV and the recipe version. Which reports "CVE-2018-17942" as unpatched. To report "CVE-2018-17942" as patched, We need t