The following changes since commit 427f4ef11beb8ceee007b5c7e152f2383a114aca:
patch.py: Prevent git repo reinitialization (2022-03-11 10:55:24 +0800)
are available in the Git repository at:
git://push.openembedded.org/openembedded-core-contrib stable/honister-next
Chee Yang Lee (2):
ghosts
Ping
On Thu, 2022-03-17 at 22:14 +0800, Anuj Mittal wrote:
> The following changes since commit
> d0b1807edc10835beff9a55a105ac191b6ac2fe7:
>
> unfs3: correct configure option (2022-03-07 22:19:01 +0800)
>
> are available in the Git repository at:
>
> git://push.openembedded.org/openembedde
All,
The triage team is starting to try and collect up and classify bugs which a
newcomer to the project would be able to work on in a way which means people
can find them. They're being listed on the triage page under the appropriate
heading:
https://wiki.yoctoproject.org/wiki/Bug_Triage#Newc
From: Richard Purdie
We still see occasional test failures for unknown reasons. Add some debugging to
show whether the matching files event was received even if the command complete
wasn't.
Also ensure any commandfailed/commandexit event is shown.
This will hopefully aid debugging the next tim
From: Richard Purdie
When the ping test fails due to a timeout we only get limited debug
information. Tweak the code to improve that in case it sheds any light
on intermittent failures.
Signed-off-by: Richard Purdie
(cherry picked from commit d81704057950e1970ef7f673fa771834fd2b3f1e)
Signed-off
From: Richard Purdie
nativesdk is a cross compiled target and therefore should use the target
config, not the native one. Copy the target entries accordingly.
Signed-off-by: Richard Purdie
(cherry picked from commit b1b5fec350b390fa7f2d26966df1411b032faf87)
Signed-off-by: Steve Sakoman
---
me
From: wangmy
License-Update:
year updated to 2022
Version of some driver files updated
Added files for some drivers
Signed-off-by: Wang Mingyu
Signed-off-by: Richard Purdie
(cherry picked from commit be1b1d204c89035c54a626db46c5054e553b82c2)
Signed-off-by: Steve Sakoman
---
...inux-firmwa
From: Alexander Kanavin
Signed-off-by: Alexander Kanavin
Signed-off-by: Richard Purdie
(cherry picked from commit 93a335993ce592a8ee34fc9a490e327f2775e03f)
Signed-off-by: Steve Sakoman
---
.../mobile-broadband-provider-info_git.bb | 4 ++--
1 file changed, 2 insertions(+),
From: Changhyeok Bae
Signed-off-by: Changhyeok Bae
Signed-off-by: Richard Purdie
(cherry picked from commit ed02ee8f20094f598448d58875cb7be8a24a019f)
Signed-off-by: Steve Sakoman
---
.../mobile-broadband-provider-info_git.bb | 7 ---
1 file changed, 4 insertions(+), 3 del
From: Tim Orling
Security and bug fixes (including upgrades for security and bug fixes to
bundled components).
For changes see:
https://docs.python.org/release/3.8.13/whatsnew/changelog.html#python-3-8-13-final
CVE: CVE-2022-26488
License-Update: Add 2022 to copyright years
* Update bpo-36852
From: Ovidiu Panait
Upgrade openssl 1.1.1l -> 1.1.1n to fix CVE-2022-0778:
https://nvd.nist.gov/vuln/detail/CVE-2022-0778
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65
This also fixes an evp_extra_test ptest failure introduced by openssl-1.
From: Minjae Kim
adapter incorrectly restores Discoverable state after powered down
Upstream-Status: Backport
[https://github.com/bluez/bluez/commit/b497b5942a8beb8f89ca1c359c54ad67ec843055]
CVE: CVE-2021-3658
Signed-off-by:Minjae Kim
Signed-off-by: Steve Sakoman
---
meta/recipes-connectivit
From: Davide Gardenal
Backport commits from the following MR:
https://git.qemu.org/?p=qemu.git;a=commit;h=3a9163af4e3dd61795a35d47b702e302f98f81d6
Two other commits have been backported in order to be able
to correctly apply the patches.
CVE: CVE-2020-13253
Signed-off-by: Davide Gardenal
Sign
From: Davide Gardenal
Backport commits from the following issue:
https://github.com/skvadrik/re2c/issues/219
CVE: CVE-2018-21232
Signed-off-by: Davide Gardenal
Signed-off-by: Steve Sakoman
---
.../re2c/re2c/CVE-2018-21232-1.patch | 347 ++
.../re2c/re2c/CVE-2018-2123
From: Ralph Siemsen
The project has migrated from www.xmlsoft.org to gitlab.gnome.org.
Update the homepage accordingly, and use gnomebase to construct the
download URL, rather than including it in SRC_URI explicitly.
Note that the download is now in .xz format rather than .gz, so the
sha256sum i
From: Ralph Siemsen
Use-after-free of ID and IDREF attributes, which could result in denial
of service.
https://nvd.nist.gov/vuln/detail/CVE-2022-23308
CVE: CVE-2022-23308
Signed-off-by: Ralph Siemsen
Signed-off-by: Steve Sakoman
---
.../libxml/libxml2/CVE-2022-23308.patch | 204 ++
Please review this set of patches for dunfell and have comments back by end of
day Wednesday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3397
The following changes since commit ff90d0e91aec252d3f5986df9ce02293cddadbca:
build-appliance-image
some architectures like ppc/mips do not wire this in kernel since
linux/mman.h for these architectures do not use asm-generic/mman.h
Signed-off-by: Khem Raj
---
meta/recipes-devtools/qemu/qemu.inc | 1 +
...and-MAP_SHARED_VALIDATE-on-needed-li.patch | 48 +++
2 files c
On 21.03.22 14:43, Ross Burton wrote:
On Thu, 3 Mar 2022 at 11:43, Konrad Weihmann wrote:
After scrolling through the log that I can get from a github pipeline
(sorry no runner log available) - I noticed
2022-03-03T05:39:23.2334189Z WARNING: cve-update-db-native-1.0-r0
do_fetch: Failed to fe
On Thu, Mar 10, 2022 at 11:25 AM Michael Opdenacker via
lists.openembedded.org wrote:
> Greetings
>
> We need to prepare the final migration notes for Kirkstone and need your
> help. Here is a quick list of already documented changes (see
>
> https://git.yoctoproject.org/yocto-docs/tree/documenta
Add new PEP517_* variables, remove obsolete variables, and update for
renamed classes.
Signed-off-by: Ross Burton
---
documentation/ref-manual/classes.rst | 71 +++---
documentation/ref-manual/variables.rst | 11 ++--
2 files changed, 46 insertions(+), 36 deletions(-)
diff
Crazy shell code (e.g. libtool) can pass in a command pipeline as a
path which exceeds the max path length the system can support (6000+
chars). This will fail in libc or the syscall but if we don't do
something here, we'd segfault before it can do that. Leave path
unchanged and let libc deal with
On Thu, 3 Mar 2022 at 11:43, Konrad Weihmann wrote:
> After scrolling through the log that I can get from a github pipeline
> (sorry no runner log available) - I noticed
>
> 2022-03-03T05:39:23.2334189Z WARNING: cve-update-db-native-1.0-r0
> do_fetch: Failed to fetch CVE data ([Errno 99] Cannot as
From: Sakib Sajal
go 1.16.14 release includes fix for CVE-2022-23806.
(From OE-Core rev: 7b5723ae41b7fcdc73a24f04ec0cda4fba8f8622)
Signed-off-by: Sakib Sajal
Signed-off-by: Anuj Mittal
Signed-off-by: Richard Purdie
Signed-off-by: Chee Yang Lee
Signed-off-by: Anuj Mittal
---
meta/recipes-d
From: Chee Yang Lee
go1.16.15 (released 2022-03-03) includes a security fix to the regexp/syntax
package, as well as bug fixes to the compiler, runtime, the go command, and to
the net package.
Signed-off-by: Chee Yang Lee
Signed-off-by: Anuj Mittal
---
meta/recipes-devtools/go/{go-1.16.14.i
From: Chee Yang Lee
Signed-off-by: Chee Yang Lee
Signed-off-by: Anuj Mittal
---
.../ghostscript/CVE-2021-3781.patch | 236 ++
.../ghostscript/ghostscript_9.54.0.bb | 1 +
2 files changed, 237 insertions(+)
create mode 100644
meta/recipes-extended/ghostscri
Final set of changes before 3.4.3. Please review.
No problems seen while testing on the autobuilder.
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3396
Thanks,
Anuj
The following changes since commit 427f4ef11beb8ceee007b5c7e152f2383a114aca:
patch.py: Prevent git repo r
On Thu, 2022-03-17 at 15:32 +0800, Lee Chee Yang wrote:
> From: Chee Yang Lee
>
> This is a bug fix release in the stable 2.32 series.
>
> change in the WebKitGTK 2.32.4 release:
> Do not append .asc extension to downloaded text/plain files.
> Fix several crashes and rendering issues.
>
> https
Backport fixes for the following CVEs:
- CVE-2022-0865
- CVE-2022-0891
- CVE-2022-0907
- CVE-2022-0908
- CVE-2022-0909
- CVE-2022-0924
Signed-off-by: Ross Burton
---
...rash-when-reading-a-file-with-multip.patch | 38 +++
...ue-380-and-382-heap-buffer-overflow-.patch | 218 ++
On Sat, Mar 19, 2022 at 8:26 PM Richard Purdie
wrote:
>
> This adds support for a random kernel CVE monitoring tool which can be
> run as a specific task against a kernel:
>
> $ bitbake linux-yocto -c checkcves
> [...]
> Sstate summary: Wanted 3 Local 3 Mirrors 0 Missed 0 Current 135 (100% match,
On Mon, Mar 21, 2022 at 10:56:55AM +, Richard Purdie wrote:
> On Mon, 2022-03-21 at 10:43 +, mikko.rap...@bmw.de wrote:
> > On Mon, Mar 21, 2022 at 10:37:17AM +, Richard Purdie wrote:
> > > On Mon, 2022-03-21 at 07:48 +, mikko.rap...@bmw.de wrote:
> > > > Hi,
> > > >
> > > > Thanks
On Mon, 2022-03-21 at 10:43 +, mikko.rap...@bmw.de wrote:
> On Mon, Mar 21, 2022 at 10:37:17AM +, Richard Purdie wrote:
> > On Mon, 2022-03-21 at 07:48 +, mikko.rap...@bmw.de wrote:
> > > Hi,
> > >
> > > Thanks for the interesting patch!
> > >
> > > On Sat, Mar 19, 2022 at 07:25:55PM
On Mon, Mar 21, 2022 at 10:37:17AM +, Richard Purdie wrote:
> On Mon, 2022-03-21 at 07:48 +, mikko.rap...@bmw.de wrote:
> > Hi,
> >
> > Thanks for the interesting patch!
> >
> > On Sat, Mar 19, 2022 at 07:25:55PM +, Richard Purdie wrote:
> > > This adds support for a random kernel CVE
On Mon, 2022-03-21 at 07:48 +, mikko.rap...@bmw.de wrote:
> Hi,
>
> Thanks for the interesting patch!
>
> On Sat, Mar 19, 2022 at 07:25:55PM +, Richard Purdie wrote:
> > This adds support for a random kernel CVE monitoring tool which can be
> > run as a specific task against a kernel:
> >
Signed-off-by: Alexander Kanavin
---
meta/recipes-devtools/python/python3-sphinx-rtd-theme_0.5.0.bb | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/recipes-devtools/python/python3-sphinx-rtd-theme_0.5.0.bb
b/meta/recipes-devtools/python/python3-sphinx-rtd-theme_0.5.0.bb
index 4a43b595aa
Hi,
Thanks for the interesting patch!
On Sat, Mar 19, 2022 at 07:25:55PM +, Richard Purdie wrote:
> This adds support for a random kernel CVE monitoring tool which can be
> run as a specific task against a kernel:
>
> $ bitbake linux-yocto -c checkcves
> [...]
> Sstate summary: Wanted 3 Loca
36 matches
Mail list logo
