Re: [OE-core] [meta-oe][RFC 1/6] arm64: set BASE_LIB to lib64

On 9/9/20 6:29 PM, Jon Mason wrote: > On Wed, Sep 9, 2020 at 6:55 PM Mark Hatle > wrote: >> >> >> >> On 9/9/20 5:45 PM, Jon Mason wrote: >>> Set BASE_LIB for all arm64 systems to be lib64 by default. This can be >>> overridden for those that want something else (see tune-cortexa32.inc). >>> >>>

Re: [OE-core] [meta-oe][RFC 2/6] arch-armv8-2a.inc: Add Cortex-A55 tunings

On 9/9/20 6:21 PM, Jon Mason wrote: > On Wed, Sep 9, 2020 at 6:59 PM Mark Hatle > wrote: >> >> I like the direction of this work, but one comment.. (down below) >> >> On 9/9/20 5:45 PM, Jon Mason wrote: >>> Migrate the settings in tune-cortexa55.inc to arch-armv8-2a.inc. This >>> will allow for

[OE-core] [PATCH] qemu: always define unknown_lock_type

From: Mingli Yu When use gcc 10.1.0 and debug build is enabled, there comes below build failure: | /usr/lib/gcc/x86_64-wrs-linux/10.1.0/../../../../x86_64-wrs-linux/bin/ld.bfd: /mnt/build/tmp/work/x86_64-linux/qemu-system-native/5.1.0-r0/qemu-5.1.0/fsdev/qemu-fsdev-throttle.c:25: undefined refe

[OE-core] [PATCH] kernel-devsrc: account for HOSTCC and HOSTCXX

From: Bruce Ashfield Since commit 740d87766cb87f75c477 [kernel.bbclass: Configuration for environment with HOSTCXX], both HOSTCC and HOSTCXX are pickedup by the kernel build system as triggers to reconfigure if changed. As with previous changes to devsrc, we replace the cross build variant, with

[OE-core] [PATCH 2/3] libucontext: Recognise riscv32 architecture

Signed-off-by: Khem Raj --- meta/recipes-core/musl/libucontext_git.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-core/musl/libucontext_git.bb b/meta/recipes-core/musl/libucontext_git.bb index ec988f1920..734ad9c953 100644 --- a/meta/recipes-core/musl/libucontext_git.bb +++

[OE-core] [PATCH 3/3] linuxloader.bbclass: Define riscv32 ldso for musl

Signed-off-by: Khem Raj --- meta/classes/linuxloader.bbclass | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/classes/linuxloader.bbclass b/meta/classes/linuxloader.bbclass index ec0e0556dd..176fd89fdb 100644 --- a/meta/classes/linuxloader.bbclass +++ b/meta/classes/linuxloader.bbclass

[OE-core] [PATCH 1/3] musl: Upgrade to latest master

Accomodates rv32 port which is out of tree at the moment details are [1] [1] https://git.musl-libc.org/cgit/musl/log/?qt=range&q=73cc775bee53300c7cf759f37580220b18ac13d3..ffac0c229986725c0d0f3c806bafa7e3ca409f3b Signed-off-by: Khem Raj --- meta/recipes-core/musl/musl_git.bb | 2 +- 1 file cha

[OE-core] [PATCH v2] cryptodev: bump 1 commit past 1.11 to fix 5.9-rc1+

From: Denys Dmytriyenko There's one commit on top of 1.11 release that fixes builds against kernel 5.9-rc1+. Signed-off-by: Denys Dmytriyenko --- v2 - append SRCPV to PV meta/recipes-kernel/cryptodev/cryptodev.inc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/meta/rec

[OE-core] [PATCH v2] gnupg: uprev 2.2.22 -> 2.2.23

This addresses CVE-2020-25125 and provides some other minor updates and translations. Updated commits for reference: e234d04c3 Werner Koch Release 2.2.23 aeb8272ca Werner Koch gpg: Fix AEAD preference list overflow 038314665 Werner Koch po: auto update 1a4b0fd79 Yuri Chornoivan po: Update

Re: [OE-core] [PATCH] cryptodev: bump 1 commit past 1.11 to fix 5.9-rc1+

On 9/9/20 5:38 PM, Denys Dmytriyenko wrote: > On Wed, Sep 09, 2020 at 05:24:05PM -0700, Khem Raj wrote: >> >> >> On 9/9/20 2:47 PM, Denys Dmytriyenko wrote: >>> From: Denys Dmytriyenko >>> >>> There's one commit on top of 1.11 release that fixes builds against kernel >>> 5.9-rc1+. >> >> since w

Re: [OE-core] [PATCH] cryptodev: bump 1 commit past 1.11 to fix 5.9-rc1+

On Wed, Sep 09, 2020 at 05:24:05PM -0700, Khem Raj wrote: > > > On 9/9/20 2:47 PM, Denys Dmytriyenko wrote: > > From: Denys Dmytriyenko > > > > There's one commit on top of 1.11 release that fixes builds against kernel > > 5.9-rc1+. > > since we call the recipe as 1.11, perhaps its better to

Re: [OE-core] [PATCH] gnupg: uprev 2.2.22 -> 2.2.23

On 9/9/20 5:27 PM, Saul Wold wrote: From: Saul Wold Clearly I did not fix all my own addresses! Will resent shortly! Sau! This addresses CVE-2020-25125 and provides some other minor updates and translations. Updated commits for reference: e234d04c3 Werner Koch Release 2.2.23 aeb82

[OE-core] [PATCH] gnupg: uprev 2.2.22 -> 2.2.23

From: Saul Wold This addresses CVE-2020-25125 and provides some other minor updates and translations. Updated commits for reference: e234d04c3 Werner Koch Release 2.2.23 aeb8272ca Werner Koch gpg: Fix AEAD preference list overflow 038314665 Werner Koch po: auto update 1a4b0fd79 Yuri Chor

Re: [OE-core] [PATCH] cryptodev: bump 1 commit past 1.11 to fix 5.9-rc1+

On 9/9/20 2:47 PM, Denys Dmytriyenko wrote: > From: Denys Dmytriyenko > > There's one commit on top of 1.11 release that fixes builds against kernel > 5.9-rc1+. since we call the recipe as 1.11, perhaps its better to explcitly apply this patch via SRC_URI or alter PV to reflect this SRCREV ch

Re: [OE-core] Application depending on gRPC not linking properly

On 9/9/20 5:56 AM, Goran Broeckaert wrote: > Hello, > > I have a simple application which depends on grpc. I'm using Yocto Zeus > for my project and I've written the following recipe: > > DESCRIPTION = "Test Application" > LICENSE = "CLOSED" > LIC_FILES_CHKSUM = "" > > SRC_URI = "\ > git://git

Re: [OE-core] [PATCH] libxml2: Fix CVE-2020-24977

On 9/9/20 1:11 AM, Ovidiu Panait wrote: > GNOME project libxml2 v2.9.10 and earlier have a global Buffer Overflow > vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue > has > been fixed in commit 8e7c20a1 (20910-GITv2.9.10-103-g8e7c20a1). > > Reference: > https://gitlab

Re: [OE-core] [PATCH 7/8] bind: Add 9.16.x

On 9/7/20 2:17 PM, Andrey Zhizhikin wrote: > On Mon, Sep 7, 2020 at 5:28 PM akuster808 wrote: >> >> >> >> On 9/4/20 1:39 AM, Andrey Zhizhikin wrote: >>> Hello Armin, >>> >>> On Tue, Sep 1, 2020 at 5:23 PM akuster wrote: Removed obsolete packageconfig options License change to MPL

Re: [OE-core] [meta-oe][RFC 1/6] arm64: set BASE_LIB to lib64

On Wed, Sep 9, 2020 at 6:55 PM Mark Hatle wrote: > > > > On 9/9/20 5:45 PM, Jon Mason wrote: > > Set BASE_LIB for all arm64 systems to be lib64 by default. This can be > > overridden for those that want something else (see tune-cortexa32.inc). > > > > Signed-off-by: Jon Mason > > --- > > meta/c

Re: [OE-core] [meta-oe][RFC 2/6] arch-armv8-2a.inc: Add Cortex-A55 tunings

On Wed, Sep 9, 2020 at 6:59 PM Mark Hatle wrote: > > I like the direction of this work, but one comment.. (down below) > > On 9/9/20 5:45 PM, Jon Mason wrote: > > Migrate the settings in tune-cortexa55.inc to arch-armv8-2a.inc. This > > will allow for a single file to include all of the tunings o

Re: [OE-core] [meta-oe][RFC 2/6] arch-armv8-2a.inc: Add Cortex-A55 tunings

I like the direction of this work, but one comment.. (down below) On 9/9/20 5:45 PM, Jon Mason wrote: > Migrate the settings in tune-cortexa55.inc to arch-armv8-2a.inc. This > will allow for a single file to include all of the tunings of a family > of processors. This will reduce the proliferati

Re: [OE-core] [meta-oe][RFC 1/6] arm64: set BASE_LIB to lib64

On 9/9/20 5:45 PM, Jon Mason wrote: > Set BASE_LIB for all arm64 systems to be lib64 by default. This can be > overridden for those that want something else (see tune-cortexa32.inc). > > Signed-off-by: Jon Mason > --- > meta/conf/machine/include/arm/arch-arm64.inc | 3 +-- > meta/co

[OE-core] [meta-oe][RFC 5/6] arch-armv8a.inc: Add tunes for supported ARMv8a cores

Add tunes for all the ARMv8a cores currently supported in GCC. This is: Cortex-A34, Cortex-A73, and Cortex-A73-Cortex-A35. Signed-off-by: Jon Mason --- meta/conf/machine/include/arm/arch-armv8a.inc | 43 +++ 1 file changed, 43 insertions(+) diff --git a/meta/conf/machine/includ

[OE-core] [meta-oe][RFC 4/6] qemuarm64: change tuning

The previous patch caused the tuning file referenced here to be removed. Use the new one with the new DEFAULTTUNE. Signed-off-by: Jon Mason --- meta/conf/machine/qemuarm64.conf | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/meta/conf/machine/qemuarm64.conf b/meta/conf/mach

[OE-core] [meta-oe][RFC 6/6] arch-armv8-2a.inc: Add tunes for supported ARMv8.2a cores

Add tunes for all the ARMv8.2a cores currently supported in GCC. This is: Cortex-A65, Cortex-A65AE, Cortex-A75, Cortex-A76, Cortex-A76AE, Cortex-A77, Neoverse-E1, Neoverse-N1, Cortex-A75-Cortex-A55, and Cortex-A76-Cortex-A55. Signed-off-by: Jon Mason --- .../machine/include/arm/arch-armv8-2a.in

[OE-core] [meta-oe][RFC 3/6] arch-armv8a.inc: Add existing tunings

Migrate the exting tune settings to arch-armv8a.inc. This will allow for a single file to include all of the tunings of a family of processors. This will reduce the proliferation of unique files per processor currently occuring in conf/machine/include/ Signed-off-by: Jon Mason --- meta/conf/ma

[OE-core] [meta-oe][RFC 1/6] arm64: set BASE_LIB to lib64

Set BASE_LIB for all arm64 systems to be lib64 by default. This can be overridden for those that want something else (see tune-cortexa32.inc). Signed-off-by: Jon Mason --- meta/conf/machine/include/arm/arch-arm64.inc | 3 +-- meta/conf/machine/include/arm/arch-armv8-2a.inc| 2

[OE-core] [meta-oe][RFC 2/6] arch-armv8-2a.inc: Add Cortex-A55 tunings

Migrate the settings in tune-cortexa55.inc to arch-armv8-2a.inc. This will allow for a single file to include all of the tunings of a family of processors. This will reduce the proliferation of unique files per processor currently occuring in conf/machine/include/ Signed-off-by: Jon Mason ---

[OE-core] [meta-oe][RFC 0/6] ARMv8 Tune reorg

There is a large number of Arm Tune files located in meta/conf/machine/include/, and to support the current and upcoming Arm cores, more are needed. Adding more files is simply going to make it harder to find the relevant ones for an OE/YP developer/user. Also, there are problems with stale and e

Re: [OE-core] [meta-oe][PATCH 3/4] tune-cortexa57-cortexa53.inc: add CRC and set march

On 9/9/20 5:16 PM, Jon Mason wrote: > Add CRC to the default tuning of big.LITTLE Cortex-A57-A53. This puts > it inline with all other ARMv8a tunings. Also, reference > PACKAGE_EXTRA_ARCHS_tune-armv8a-crc instead of > PACKAGE_EXTRA_ARCHS_tune-aarch64, which sets the -march to armv8 and > enable

[OE-core] [meta-oe][PATCH 4/4] tune-cortexa*: Cleanups

Make the existing ARMv8 Cortex-A tunings similar in the way the cascade the settings. Signed-off-by: Jon Mason --- meta/conf/machine/include/tune-cortexa32.inc | 2 +- meta/conf/machine/include/tune-cortexa35.inc | 2 +- meta/conf/machine/include/tune-cortexa53.inc

[OE-core] [meta-oe][PATCH 0/4] Arm Tune Clean-Ups

A few clean-ups and fixes for Arm tune files found while working on the follow-on series. Since the changes are needed and not necessarily part of that series, I'm sending it as a separate series. Jon Mason (4): cortex-m0plus.inc: change file permissions tune-cortexa55.inc: clean-up ARMv8.2

[OE-core] [meta-oe][PATCH 3/4] tune-cortexa57-cortexa53.inc: add CRC and set march

Add CRC to the default tuning of big.LITTLE Cortex-A57-A53. This puts it inline with all other ARMv8a tunings. Also, reference PACKAGE_EXTRA_ARCHS_tune-armv8a-crc instead of PACKAGE_EXTRA_ARCHS_tune-aarch64, which sets the -march to armv8 and enables the CRC. Signed-off-by: Jon Mason --- meta/

[OE-core] [meta-oe][PATCH 1/4] cortex-m0plus.inc: change file permissions

File is executable, and should be read/write. Signed-off-by: Jon Mason --- meta/conf/machine/include/tune-cortex-m0plus.inc | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100755 => 100644 meta/conf/machine/include/tune-cortex-m0plus.inc diff --git a/meta/conf/machine/include/

[OE-core] [meta-oe][PATCH 2/4] tune-cortexa55.inc: clean-up ARMv8.2a uses

Remove 'crc', as that is implied by 8.2 (per GCC https://gcc.gnu.org/onlinedocs/gcc/AArch64-Options.html#AArch64-Options). Also, the PACKAGE_EXTRA_ARCHS should refer to the ARMv8.2a version, not the more generic ARMv8 version. Signed-off-by: Jon Mason --- meta/conf/machine/include/tune-cortexa5

[OE-core] [PATCH] cryptodev: bump 1 commit past 1.11 to fix 5.9-rc1+

From: Denys Dmytriyenko There's one commit on top of 1.11 release that fixes builds against kernel 5.9-rc1+. Signed-off-by: Denys Dmytriyenko --- meta/recipes-kernel/cryptodev/cryptodev.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-kernel/cryptodev/crypt

[OE-core] [PATCH v2 2/4] cve-check/cve-update-db-native: use lockfile to fix usage under multiconfig

Previously CVE_CHECK_DB_FILE / CVE_CHECK_DB_DIR was the same across multiconfigs which led to a race condition wherein multiple cve-update-db-native:do_populate_cve_db tasks could attempt to write to the same sqlite database. This led to the following task failure: Error executing a python fun

[OE-core] [PATCH v2 1/4] cve-update-db-native: add progress handler

Signed-off-by: Chris Laplante --- .../recipes-core/meta/cve-update-db-native.bb | 90 ++- 1 file changed, 47 insertions(+), 43 deletions(-) diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb index 32d6dbdffc..2221825bf8 1

[OE-core] [PATCH v2 3/4] cve-update-db-native: use context manager for cve_f

--- meta/recipes-core/meta/cve-update-db-native.bb | 5 + 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb index d22b66f6c7..328f6ab364 100644 --- a/meta/recipes-core/meta/cve-update-db

[OE-core] [PATCH v2 4/4] cve-check: avoid FileNotFoundError if no do_cve_check task has run

For example, if you just run 'bitbake cve-update-db-native' in a clean build system, |cve_tmp_file| won't exist yet. Signed-off-by: Chris Laplante --- meta/classes/cve-check.bbclass | 13 +++-- 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/meta/classes/cve-check.bbclass b

[OE-core] [PATCH v2 0/4] cve-check fixes/enhancements

v1: initial v2: use lockfile in cve-update-db-native as suggested by Ross Burton Chris Laplante (4): cve-update-db-native: add progress handler cve-check/cve-update-db-native: use lockfile to fix usage under multiconfig cve-update-db-native: use context manager for cve_f cve-check: avo

Re: [OE-core] [PATCH 2/4] cve-check/cve-update-db-native: fix under multiconfig

> > But the databases will be identical so that's basically a waste of > > time. How about adding a lock file so the second task waits for the > > first to complete, and then does nothing as the database is up to date? > > That's a good point. I also considered just making it a bb.event.BuildStar

Re: [OE-core] [PATCH 2/4] cve-check/cve-update-db-native: fix under multiconfig

> On Wed, 9 Sep 2020 at 18:35, Chris Laplante via lists.openembedded.org > wrote: > > > > Previously CVE_CHECK_DB_FILE / CVE_CHECK_DB_DIR was the same > across > > multiconfigs which led to a race condition wherein multiple > > cve-update-db-native:do_populate_cve_db tasks could attempt to write >

Re: [OE-core] [PATCH 2/4] cve-check/cve-update-db-native: fix under multiconfig

On Wed, 9 Sep 2020 at 18:35, Chris Laplante via lists.openembedded.org wrote: > > Previously CVE_CHECK_DB_FILE / CVE_CHECK_DB_DIR was the same across > multiconfigs which led to a race condition wherein multiple > cve-update-db-native:do_populate_cve_db tasks could attempt to write to > the same s

[OE-core] [PATCH 1/4] cve-update-db-native: add progress handler

Signed-off-by: Chris Laplante --- .../recipes-core/meta/cve-update-db-native.bb | 90 ++- 1 file changed, 47 insertions(+), 43 deletions(-) diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb index 32d6dbdffc..2221825bf8 1

[OE-core] [PATCH 2/4] cve-check/cve-update-db-native: fix under multiconfig

Previously CVE_CHECK_DB_FILE / CVE_CHECK_DB_DIR was the same across multiconfigs which led to a race condition wherein multiple cve-update-db-native:do_populate_cve_db tasks could attempt to write to the same sqlite database. This led to the following task failure: Error executing a python fun

[OE-core] [PATCH 3/4] cve-update-db-native: use context manager for cve_f

--- meta/recipes-core/meta/cve-update-db-native.bb | 5 + 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb index 57368caf73..f8f13af97c 100644 --- a/meta/recipes-core/meta/cve-update-db

[OE-core] [PATCH 4/4] cve-check: avoid FileNotFoundError if no do_cve_check task has run

For example, if you just run 'bitbake cve-update-db-native' in a clean build system, |cve_tmp_file| won't exist yet. Signed-off-by: Chris Laplante --- meta/classes/cve-check.bbclass | 13 +++-- 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/meta/classes/cve-check.bbclass b

[OE-core] [PATCH v2] weston-init: Redefine weston service and add socket activation option

Currently, weston when autolauched with systemd ends up with seat0 related errors because its launched before seat0 is assigned. Fixes [05:16:09.357] logind: failed to get session seat [05:16:09.358] logind: cannot setup systemd-logind helper (-61), using legacy fallback The above error results

Re: [OE-core] [PATCH] weston-init: Run drm udev rule after systemd multi-seat setup

On Tue, Sep 8, 2020 at 11:23 PM Henning Heinold wrote: > > On Tue, Sep 08, 2020 at 11:19:05PM -0700, Khem Raj wrote: > > Currently, weston when autolauched with systemd ends up with seat0 > > related errors because its launched before seat0 is assigned. The udev > > rule to install the seat is cal

Re: [OE-core][dunfell 17/25] libubootenv: uprev to v0.3

Hi Ming, On 30.08.20 20:16, Steve Sakoman wrote: > From: Ming Liu > > Update libubootenv to the latest 0.3 release, which comprises the > following commits: > Thanks for this, but I released a 0.3.1 afterwards to include somefixes: - Fix file reading/writing when the environment is in EEPROM

[OE-core] Application depending on gRPC not linking properly

Hello, I have a simple application which depends on grpc. I'm using Yocto Zeus for my project and I've written the following recipe: DESCRIPTION = "Test Application" LICENSE = "CLOSED" LIC_FILES_CHKSUM = "" SRC_URI = "\ git://git/dev/test-application.git;protocol=ssh;branch=yocto;name=testapp \

Re: [OE-core] [PATCH v2] weston: upgrade 8.0.0 -> 9.0.0

Thanks - I think with this release weston-info is now moved to its own repo and renamed wayland-info? Can you make a recipe for it? https://gitlab.freedesktop.org/wayland/wayland-utils Alex On Wed, 9 Sep 2020 at 04:22, Denys Dmytriyenko wrote: > From: Denys Dmytriyenko > > Weston 9.0.0 is rel

[OE-core] [PATCH][zeus] acl: Disable parallel make install

Similiarly to attr, do_install fails on newer versions of make with interesting and hard to debug errors. Disablle parallle make install as a workaround. Later verisons of acl in newer releases don't have the issue. Signed-off-by: Richard Purdie --- meta/recipes-support/attr/acl_2.2.52.bb | 3 ++

Re: [OE-core] [PATCH] cmake: whitelist CVE-2016-10642

Absolutely. Ross On Tue, 8 Sep 2020 at 19:25, Steve Sakoman wrote: > > Is this also suitable for dunfell? > > Steve > > On Tue, Sep 8, 2020 at 6:47 AM Ross Burton wrote: > > > > This CVE is specific to the npm package that can install cmake, so isn't > > relevant to our cmake recipe. > > > > Si

Re: [OE-core] [zeus][PATCH 00/11] zeus review request

On Wed, 2020-09-09 at 16:11 +0800, Anuj Mittal wrote: > A set of CVE fixes for zeus. Please review. > > I have rebased these on top of current zeus-next and have run the > entire > set through autobuilder using the contrib/rpurdie/zeus helper > branch. > > There's one failure while compiling acl

[OE-core] [PATCH] libxml2: Fix CVE-2020-24977

GNOME project libxml2 v2.9.10 and earlier have a global Buffer Overflow vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 8e7c20a1 (20910-GITv2.9.10-103-g8e7c20a1). Reference: https://gitlab.gnome.org/GNOME/libxml2/-/issues/178 Upstream patch: ht

[OE-core] [zeus][PATCH 07/11] bind: Security Advisory - bind - CVE-2020-8623

From: Li Zhou Backport patch from to solve CVE-2020-8623. Signed-off-by: Li Zhou Signed-off-by: Anuj Mittal --- .../bind/bind/CVE-2020-8623.patch | 402 ++ .../recipes-conn

[OE-core] [zeus][PATCH 03/11] go: CVE-2020-16845

From: Zhixiong Chi Backport CVE patch from the upstream: https://github.com/golang/go.git commit 027d7241ce050d197e7fabea3d541ffbe3487258 Signed-off-by: Zhixiong Chi Signed-off-by: Anuj Mittal --- meta/recipes-devtools/go/go-1.12.inc | 1 + .../go/go-1.12/CVE-2020-16845.patch

[OE-core] [zeus][PATCH 04/11] qemu: CVE-2020-10756

From: Stefan Ghinea An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents

[OE-core] [zeus][PATCH 01/11] xserver-xorg: Security Advisory - xserver-xorg - CVE-2020-14347

From: Li Zhou Backport patch from to solve CVE-2020-14347. Signed-off-by: Li Zhou Signed-off-by: Anuj Mittal --- .../xserver-xorg/CVE-2020-14347.patch | 37 +++ .../xorg-xs

[OE-core] [zeus][PATCH 05/11] qemu : fix CVE-2020-15863

From: Li Wang Signed-off-by: Lee Chee Yang Signed-off-by: Richard Purdie Signed-off-by: Li Wang Signed-off-by: Anuj Mittal --- meta/recipes-devtools/qemu/qemu.inc | 1 + .../qemu/qemu/CVE-2020-15863.patch| 64 +++ 2 files changed, 65 insertions(+) crea

[OE-core] [zeus][PATCH 09/11] qemu: CVE-2020-14364

From: Li Wang Backport patch from: https://git.qemu.org/?p=qemu.git;a=patch;h=b946434f2659a182afc17e155be6791ebfb302eb Signed-off-by: Li Wang Signed-off-by: Anuj Mittal --- meta/recipes-devtools/qemu/qemu.inc | 1 + .../qemu/qemu/CVE-2020-14364.patch| 93 +++

[OE-core] [zeus][PATCH 06/11] bind: Security Advisory - bind - CVE-2020-8622

From: Li Zhou Backport patch from to solve CVE-2020-8622. Signed-off-by: Li Zhou Signed-off-by: Anuj Mittal --- .../bind/bind/CVE-2020-8622.patch | 60 +++ .../recipes-conn

[OE-core] [zeus][PATCH 00/11] zeus review request

A set of CVE fixes for zeus. Please review. I have rebased these on top of current zeus-next and have run the entire set through autobuilder using the contrib/rpurdie/zeus helper branch. There's one failure while compiling acl (for reproducibility test) which probably happened because of memory

[OE-core] [zeus][PATCH 02/11] qemu: CVE-2020-16092

From: Li Wang Backport CVE patch from the upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=035e69b063835a5fd23cacabd63690a3d84532a8 Signed-off-by: Li Wang Signed-off-by: Anuj Mittal --- meta/recipes-devtools/qemu/qemu.inc | 1 + .../qemu/qemu/CVE-2020-16092.patch|

[OE-core] [zeus][PATCH 10/11] go: Security Advisory - go - CVE-2020-24553

From: Li Zhou Backport the patch from to solve CVE-2020-24553. Signed-off-by: Li Zhou Signed-off-by: Anuj Mittal --- meta/recipes-devtools/go/go-1.12.inc | 2 + ...i-rename-a-test-file-to-be-less-cute.p

[OE-core] [zeus][PATCH 11/11] gnutls: CVE-2020-24659

From: Zhixiong Chi Backport the CVE patch from the usptream: https://gitlab.com/gnutls/gnutls.git commit 29ee67c205855e848a0a26e6d0e4f65b6b943e0a Signed-off-by: Zhixiong Chi Signed-off-by: Anuj Mittal --- .../gnutls/gnutls/CVE-2020-24659.patch| 117 ++ meta/recipes-sup

[OE-core] [zeus][PATCH 08/11] bind: Security Advisory - bind - CVE-2020-8624

From: Li Zhou Backport patch from to solve CVE-2020-8624. Signed-off-by: Li Zhou Signed-off-by: Anuj Mittal --- .../bind/bind/CVE-2020-8624.patch | 33 +++ .../recipes-conn