Re: [OE-core] [PATCH 1/2] cve-report: add scripts to generate CVE reports

On Sat, 4 Aug 2018, Alexander Kanavin wrote: How reliable is NVD database for such automated scans? Previously, we have repeatedly concluded that it should not be trusted, and proper patching of vulnerabilities must involve humans looking at vulnerability reports and making appropriate decisi

[OE-core] ✗ patchtest: failure for Update to glibc 2.28

== Series Details == Series: Update to glibc 2.28 Revision: 1 URL : https://patchwork.openembedded.org/series/13386/ State : failure == Summary == Thank you for submitting this patch series to OpenEmbedded Core. This is an automated response. Several tests have been executed on the proposed s

[OE-core] [PATCH 09/10] blktool: Fix build with glibc 2.28

Signed-off-by: Khem Raj --- .../blktool/blktool-gnulib-makedev.patch | 23 +++ meta/recipes-extended/blktool/blktool_4-7.bb | 1 + 2 files changed, 24 insertions(+) create mode 100644 meta/recipes-extended/blktool/blktool/blktool-gnulib-makedev.patch diff --git a/meta/re

[OE-core] [PATCH 10/10] ppp: Use openssl for the DES instead of the libcrypt / glibc

Signed-off-by: Khem Raj --- .../ppp/ppp/ppp-2.4.7-DES-openssl.patch | 84 +++ meta/recipes-connectivity/ppp/ppp_2.4.7.bb| 5 +- 2 files changed, 87 insertions(+), 2 deletions(-) create mode 100644 meta/recipes-connectivity/ppp/ppp/ppp-2.4.7-DES-openssl.patch diff --g

[OE-core] [PATCH 08/10] strace: Fix build with glibc 2.28

Signed-off-by: Khem Raj --- .../0001-tests-Include-linux-stat.h.patch | 76 +++ meta/recipes-devtools/strace/strace_4.23.bb | 1 + 2 files changed, 77 insertions(+) create mode 100644 meta/recipes-devtools/strace/strace/0001-tests-Include-linux-stat.h.patch diff --git a

[OE-core] [PATCH 05/10] bootchart2: Update to master-tip

This has several fixes to get it building with glibc 2.28+ remove backported patch which is not needed now Signed-off-by: Khem Raj --- ...ssing-default-value-for-BOOTLOG_DEST.patch | 30 --- .../bootchart2/bootchart2_0.14.8.bb | 4 +-- 2 files changed, 2 insertions(+),

[OE-core] [PATCH 06/10] gzip: Fix build with glibc 2.28

Signed-off-by: Khem Raj --- .../gzip/gzip-1.9/gnulib.patch| 189 ++ meta/recipes-extended/gzip/gzip_1.9.bb| 4 +- 2 files changed, 192 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-extended/gzip/gzip-1.9/gnulib.patch diff --git a/meta/rec

[OE-core] [PATCH 04/10] findutils: Fix build with glibc 2.28

Fix foe gnulib bug and makedev header move in glibc 2.25+ Signed-off-by: Khem Raj --- .../findutils-4.6.0-gnulib-fflush.patch | 140 ++ .../findutils-4.6.0-gnulib-makedev.patch | 78 ++ .../findutils/findutils_4.6.0.bb | 2 + 3 files changed, 22

[OE-core] [PATCH 01/10] glibc: Upgrade to 2.28

License-Update: libidn is dropped from glibc and a testcase that was a particular contributor copyrighted see https://sourceware.org/git/?p=glibc.git;a=blobdiff;f=LICENSES;h=0e3a9fe39b26e97038d92f904508a4c3aa1bb43b;hp=b29efe01084af28cc40953d7317f22927c0ee3b7;hb=5a357506659f9a00fcf5bc9c5d8fc67617

[OE-core] [PATCH 07/10] bison: Fix build break with glibc 2.28

Signed-off-by: Khem Raj --- .../recipes-devtools/bison/bison/gnulib.patch | 21 +++ meta/recipes-devtools/bison/bison_3.0.4.bb| 1 + 2 files changed, 22 insertions(+) create mode 100644 meta/recipes-devtools/bison/bison/gnulib.patch diff --git a/meta/recipes-devtools/bison/

[OE-core] [PATCH 03/10] m4: Workaround gnulib's fseeko.c implementation

exposed by glibc 2.28 for details see https://lists.gnu.org/r/bug-gnulib/2018-03/msg0.html Signed-off-by: Khem Raj --- meta/recipes-devtools/m4/m4-1.4.18.inc| 1 + .../m4-1.4.18-glibc-change-work-around.patch | 129 ++ 2 files changed, 130 insertions(+) create mod

[OE-core] [PATCH 02/10] systemd: Detect if statx struct is defined in sys/stat.h

Fixed build with glibc 2.28+ Signed-off-by: Khem Raj --- ...-whether-struct-statx-is-defined-in-.patch | 109 ++ meta/recipes-core/systemd/systemd_239.bb | 1 + 2 files changed, 110 insertions(+) create mode 100644 meta/recipes-core/systemd/systemd/0022-build-sys-Detect-

[OE-core] [PATCH 00/10] Update to glibc 2.28

There are few changes which results in fixing gnulib pieces and some header includes for statx The following changes since commit 1c4d9f46d5d94ea15d0c0d68c412ec05b9f51820: machine: remove kernel-modules from RRECOMMENDS (2018-08-02 09:30:06 +0100) are available in the Git repository at: gi

[OE-core] ✗ patchtest: failure for directfb: fix tslib version check in configure.in

== Series Details == Series: directfb: fix tslib version check in configure.in Revision: 1 URL : https://patchwork.openembedded.org/series/13385/ State : failure == Summary == Thank you for submitting this patch series to OpenEmbedded Core. This is an automated response. Several tests have be

[OE-core] [meta-oe][PATCH] directfb: fix tslib version check in configure.in

From: Guan Ben The patch makes sure that the old as well as the new tslib pkg-config metadata file naming style is handled correctly. tslib 0.0 to 1.0 created only a tslib-.pc pkg-config metadata file. With tslib 1.1 the tslib-.pc phase out was started. Additionally, the pkg-config metadata fil

Re: [OE-core] [PATCH 1/2] cve-report: add scripts to generate CVE reports

On 08/03/2018 03:37 PM, Grygorii Tertychnyi (gtertych) via Openembedded-core wrote: > cvert-kernel - generate CVE report for the Linux kernel. > NVD entries for the Linux kernel is almost always outdated. > For example, https://nvd.nist.gov/vuln/detail/CVE-2018-1065 > is shown as matched f

Re: [OE-core] [PATCH 1/2] cve-report: add scripts to generate CVE reports

How reliable is NVD database for such automated scans? Previously, we have repeatedly concluded that it should not be trusted, and proper patching of vulnerabilities must involve humans looking at vulnerability reports and making appropriate decisions - same as Debian is doing for example. Alex 2