The ftp client in GNU Inetutils before 2.2 does not validate addresses
returned by PASV/LSPV responses to make sure they match the server
address. This is similar to CVE-2020-8284 for curl.
References:
https://nvd.nist.gov/vuln/detail/CVE-2021-40491
Patch from:
https://git.savannah.gnu.org/cgit/i
Use After Free in vim/vim
Upstream-Status: Backport
[https://github.com/vim/vim/commit/e031fe90cf2e375ce861ff5e5e281e4ad229ebb9]
CVE: CVE-2021-4069
---
.../vim/files/CVE-2021-4069.patch | 43 +++
meta/recipes-support/vim/vim.inc | 1 +
2 files changed, 4
Use After Free in vim/vim
Upstream-Status: Backport
[https://github.com/vim/vim/commit/e031fe90cf2e375ce861ff5e5e281e4ad229ebb9]
CVE: CVE-2021-4069
---
.../vim/files/CVE-2021-4069.patch | 43 +++
meta/recipes-support/vim/vim.inc | 1 +
2 files changed, 4
I’d suggest we host the tarball somewhere on yoctoproject.org actually.
Alex
On Sat 18. Dec 2021 at 2.16, Steve Sakoman wrote:
> On Fri, Dec 17, 2021 at 9:33 AM wrote:
> >
> > Dunfell uses 10.34 pcre2. This SRC_URI does not work with 10.34, as that
> version is not available there.
>
> Urghh .
On Fri, Dec 17, 2021 at 9:33 AM wrote:
>
> Dunfell uses 10.34 pcre2. This SRC_URI does not work with 10.34, as that
> version is not available there.
Urghh . . .you are correct.
It does look like sourceforge is still carrying this (as do a few
other random mirrors):
https://downloads.sourcefor
Dunfell uses 10.34 pcre2. This SRC_URI does not work with 10.34, as that
version is not available there.
Does Dunfell need to be updated to pcre2 > 10.36?
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#159836):
https://lists.openembedded.org/g/op
On Fri, Dec 17, 2021 at 6:47 AM Steve Sakoman wrote:
>
> On Fri, Dec 17, 2021 at 1:37 AM Ranjitsinh Rathod
> wrote:
> >
> > From: Ranjitsinh Rathod
> >
> > Issues seen in boost asio call when used within shared libraries
> > particularly in aarch64.
> > The discussion with boost maintainers is o
Should this be named oe.crate for consistency and avoiding potential
clashes?
Alex
On Fri, 17 Dec 2021 at 18:37, Matt Madison wrote:
> to install the crate:// fetch handler.
>
> Signed-off-by: Matt Madison
> ---
> meta/classes/base.bbclass | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(
On Thu, Dec 16, 2021 at 9:09 AM Matt Madison via
lists.openembedded.org
wrote:
>
> On Thu, Dec 16, 2021 at 7:53 AM Matt Madison via
> lists.openembedded.org
> wrote:
> >
> > On Thu, Dec 16, 2021 at 6:47 AM Joshua Watt wrote:
> > >
> > > On Wed, Dec 15, 2021 at 8:16 AM Matt Madison wrote:
> > >
No longer required now that the crate fetcher
gets installed via OE_IMPORTS.
Signed-off-by: Matt Madison
---
meta/classes/crate-fetch.bbclass | 28
1 file changed, 28 deletions(-)
delete mode 100644 meta/classes/crate-fetch.bbclass
diff --git a/meta/classes/crate-f
to install the crate:// fetch handler.
Signed-off-by: Matt Madison
---
meta/classes/base.bbclass | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/classes/base.bbclass b/meta/classes/base.bbclass
index b709777f24..ee9950f207 100644
--- a/meta/classes/base.bbclass
+++ b/met
No longer needed now that the crate fetcher is
installed via OE_IMPORTS.
Signed-off-by: Matt Madison
---
meta/classes/cargo_common.bbclass | 2 --
1 file changed, 2 deletions(-)
diff --git a/meta/classes/cargo_common.bbclass
b/meta/classes/cargo_common.bbclass
index 23d82aa6ab..c403591434 1006
This patch series switches to using the OE_IMPORTS mechanism
for installing the crate fetcher. This simplifies the addition
and clears up issues with interactions between SRCPV and
the shared-state fetching logic.
Matt Madison (4):
lib/crate.py: install crate fetcher on import
base.bbclass: ad
to enable the move to using OE_IMPORTS for adding
this fetcher.
Signed-off-by: Matt Madison
---
meta/lib/crate.py | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/lib/crate.py b/meta/lib/crate.py
index d10f441875..f9db7c28cd 100644
--- a/meta/lib/crate.py
+++ b/meta/lib/crate.py
@@ -14
On Fri, Dec 17, 2021 at 1:37 AM Ranjitsinh Rathod
wrote:
>
> From: Ranjitsinh Rathod
>
> Issues seen in boost asio call when used within shared libraries
> particularly in aarch64.
> The discussion with boost maintainers is on going at
> github.com/chriskohlhoff/asio/issues/588 originally reporte
QRTR is a virtual bus for talking to Qualcomm based modems,
either integrated or PCIe.
Signed-off-by: Loic Poulain
---
meta-oe/recipes-connectivity/libqmi/libqmi_1.30.2.bb | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/meta-oe/recipes-connectivity/libqmi/libqmi_1.30.2.bb
libqrtr-glib is a glib-based library to use and manage the
QRTR (Qualcomm IPC Router) bus. This bus is in turn a way
to reach remote services via QMI messages. It is especially
used by libqmi, for talking to integrated or PCIe Qualcomm
WWAN modems.
Signed-off-by: Loic Poulain
---
.../libqrtr-gli
Hello everyone,
This is the full report for yocto-3.5_M1.rc2:
https://git.yoctoproject.org/cgit/cgit.cgi/yocto-testresults-contrib/tree/?h=intel-yocto-testresults
=== Summary
No high milestone defects.
one issue found
Bug 14622 - bsps-hw.bsps-hw.Test_Seek_bar_and_volume_control
We're stuck on thud (vendor related), I ended up backporting these two
commits from upstream, to address this issue:
https://github.com/zuma-array/meta-rust/commit/5631d561f16d88acf9cd6a014dd292cf20668501
But I don't think the issue appears in master because of the newer gcc.
On Thu, Dec 16, 202
From: Ranjitsinh Rathod
Issues seen in boost asio call when used within shared libraries
particularly in aarch64.
The discussion with boost maintainers is on going at
github.com/chriskohlhoff/asio/issues/588 originally reported at
github.com/chriskohlhoff/asio/issues/642. The crash is quite frequ
From: Ranjitsinh Rathod
Issues seen in boost asio call when used within shared libraries
particularly in aarch64.
The discussion with boost maintainers is on going at
github.com/chriskohlhoff/asio/issues/588 originally reported at
github.com/chriskohlhoff/asio/issues/642. The crash is quite frequ
Add reasoning to Inappropriate to all patches that are missing
missing that entirely
To all maintainers please double check my proposals
The following changes since commit 31bc9cab25692fd0b07dbd994afd93802e93d6bf:
bitbake: fetch: npm: Use temporary file for empty user config (2021-12-14
22:4
Greetings,
I'm trying to update the documentation in
https://docs.yoctoproject.org/overview-manual/concepts.html#checksums-signatures.
With OEEquivHash, meta/lib/oe/sstatesig.py now implements 3 signature
handlers instead of 2.
However, I find parts of this document difficult to understand. In
pa
23 matches
Mail list logo
