> -----Original Message----- > From: Yoann Congal <[email protected]> > Sent: Thursday, February 19, 2026 14:55 > To: Marko, Peter (FT D EU SK BFS1) <[email protected]>; > [email protected] > Subject: Re: [OE-core][scarthgap][PATCH] gnupg: upgrade 2.4.8 -> 2.4.9 > > On Wed Feb 18, 2026 at 10:28 PM CET, Peter Marko wrote: > > > > > >> -----Original Message----- > >> From: Yoann Congal <[email protected]> > >> Sent: Wednesday, February 4, 2026 11:10 > >> To: Marko, Peter (FT D EU SK BFS1) <[email protected]>; > >> [email protected] > >> Subject: Re: [OE-core][scarthgap][PATCH] gnupg: upgrade 2.4.8 -> 2.4.9 > >> > >> On Sat Jan 10, 2026 at 11:44 PM CET, Peter Marko via > lists.openembedded.org > >> wrote: > >> > From: Peter Marko <[email protected]> > >> > > >> > Handles CVE-2025-68973. > >> > > >> > Refresh patches. > >> > > >> > Signed-off-by: Peter Marko <[email protected]> > >> > --- > >> > meta/recipes-support/gnupg/gnupg/relocate.patch | 14 +++++++------- > >> > .../gnupg/{gnupg_2.4.8.bb => gnupg_2.4.9.bb} | 2 +- > >> > 2 files changed, 8 insertions(+), 8 deletions(-) > >> > rename meta/recipes-support/gnupg/{gnupg_2.4.8.bb => gnupg_2.4.9.bb} > >> (97%) > >> > >> Hello, > >> > >> I've tested that on autobuilder but got an error in oe-selftest-debian: > >> https://autobuilder.yoctoproject.org/valkyrie/?#/builders/35/builds/3138 > >> ERROR: autoconf-native-2.72e-r0 do_recipe_qa: GPG exited with code 2: > gpg: > >> signing failed: Corrupted protection > >> gpg: signing failed: Corrupted protection > >> ERROR: patch-native-2.7.6-r0 do_recipe_qa: GPG exited with code 2: gpg: > >> signing failed: Corrupted protection > >> gpg: signing failed: Corrupted protection > >> > >> I've started a build with this gnupg upgrade reverted to confirm that > >> this is indeed the cause: > >> https://autobuilder.yoctoproject.org/valkyrie/?#/builders/35/builds/3142 > >> > >> Can you look at this? > >> Thanks! > > > > Unfortunately, I'm not able to reproduce this failure. > > > > On my Debian 11 I have: > > SANITY_TESTED_DISTROS = "" > > PACKAGE_CLASSES = "package_rpm" > > RPM_GPG_SIGN_CHUNK = "1" > > IMAGE_CLASSES += 'testimage' > > And run: > > oe-selftest -r signing -j 16 > > And get: > > oe-selftest - INFO - RESULTS - > signing.LockedSignatures.test_locked_signatures: PASSED (122.35s) > > oe-selftest - INFO - RESULTS - signing.Signing.test_signing_packages: > PASSED (155.34s) > > oe-selftest - INFO - RESULTS - signing.Signing.test_signing_sstate_archive: > PASSED (121.11s) > > oe-selftest - INFO - oe-selftest - OK - All required tests passed > > (successes=3, > skipped=0, failures=0, errors=0) > > FYI, the failing build: > https://autobuilder.yoctoproject.org/valkyrie/?#/builders/35/builds/3138 > ... was on Debian 12 > (It's the retry with this patch reverted that was on Debian 11) > > Scarthgap has since been successfully retried on Debian 12 (without this > patch): > https://autobuilder.yoctoproject.org/valkyrie/?#/builders/35/builds/3226 > > Can you check this on Debian 12?
I have retested with Debian 12 and 13 and the tests were green. I guess I'm missing some configuration from AB so I have no clue how to fix it... So again, I'm just going to backport the CVE patch for now instead of upgrade... Peter > > Thanks! > > > So I guess I just backport the CVE fix instead of this upgrade. > > > > Peter > > > >> > >> Regards, > >> > >> -- > >> Yoann Congal > >> Smile ECS > > > -- > Yoann Congal > Smile ECS
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#231636): https://lists.openembedded.org/g/openembedded-core/message/231636 Mute This Topic: https://lists.openembedded.org/mt/117199147/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
