Yes, I wonder why this needs to be disabled altogether at build time. Can’t
rng-tools figure out the right sources at run time?
Alex
On Mon 2. May 2022 at 23.33, William A. Kennington III via
lists.openembedded.org wrote:
> Isn't this desirable if you don't have an hwrng? We want to generate
>
From: Richard Purdie
There are reports of issues with the new libstdc++ from gcc 12. This upgrades
to a gcc 12 version of uninative to allow builds on those systems. Gcc 12 isn't
finalised so we may need to add a new version of this if/as appropriate when it
is.
Signed-off-by: Richard Purdie
(c
From: Rahul Kumar
The tarball (neard-0.16.tar.xz) fetched by the recipe is incomplete.
Few plugins (e.g. tizen) and tests scripts (e.g. Test-channel, test-see,
neard-ui.py, ndef-agent etc) are missing.
Since neard did not release latest tarballs, so as per community
recommendation switching the
From: Ross Burton
Recent git releases containing [1] have an ownership check when opening
repositories, and refuse to open a repository if it is owned by a
different user.
This breaks any use of git in do_install, as that is executed by the
(fake) root user. Whilst not common, this does happen.
From: Richard Purdie
We're going to use the environment approach for solving this issue.
Signed-off-by: Richard Purdie
(cherry picked from commit 0982977dc052ad4e65608f6853f930121d08837a)
Signed-off-by: Steve Sakoman
---
meta/classes/base.bbclass | 1 -
1 file changed, 1 deletion(-)
diff --g
From: Paul Gortmaker
In a devshell, recent versions of git will complain if the repo is owned
by someone other than the current UID - consider this example:
--
bitbake -c devshell linux-yocto
[...]
kernel-source#git branch
fatal: unsafe repository
('/home/paul/poky/build-qemuarm6
From: Chen Qi
Signed-off-by: Chen Qi
Signed-off-by: Luca Ceresoli
Signed-off-by: Richard Purdie
(cherry picked from commit 3a9b6e71d1e7e8e2ebc0ed047841e36f09300387)
Signed-off-by: Steve Sakoman
---
meta/lib/oeqa/sdk/cases/buildepoxy.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
d
From: Peter Kjellerstedt
Otherwise it will fail if using OE_TERMINAL = "xterm" with the not so
helpful error:
xterm: Xt error: Can't open display: localhost:0.0
Signed-off-by: Peter Kjellerstedt
Signed-off-by: Luca Ceresoli
Signed-off-by: Richard Purdie
(cherry picked from commit ba53fc3bc
From: Ross Burton
CVE-2015-20107 describes an arbitrary command execution in the mailcap
module, but this is by design in mailcap and needs to be worked around
by the calling application.
Upstream Python will be documenting this flaw in the library reference,
and it is likely that the mailcap mo
From: Khem Raj
This symlink is not valid when using usrmerge and ptest packaging would fail
Exception: FileExistsError: [Errno 17] File exists: '/usr/bin/busybox.suid' ->
'/mnt/b/yoe/master/build/tmp/work/ppc64p9le-yoe-linux-musl/busybox/1.35.0-r0/package/usr/lib/busybox/ptest/bin/login'
Signe
Please review this set of patches for dunfell and have comments back by end
of day Wednesday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3600
with the exception of the meta-virtualization test which was just added
to a-full:
https://autobuild
The following changes since commit 8e81d38048c953d0823abf04d5b2506cd988f0bb:
build-appliance-image: Update to dunfell head revision (2022-04-25 15:58:54
+0100)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
http://cgit.ope
Isn't this desirable if you don't have an hwrng? We want to generate
entropy so we can perform cryptographic operations by default if we
bring in rng-tools.
On Mon, May 2, 2022 at 2:10 PM Wes Malone wrote:
>
> After boot rngd maxes out the processor initializing JITTER entropy for
> some minutes.
After boot rngd maxes out the processor initializing JITTER entropy for
some minutes. Here we disable libjitterentropy in favor of only using
the hardware random source via config.
Signed-off-by: Wes Malone
---
meta/recipes-support/rng-tools/rng-tools_6.15.bb | 1 -
1 file changed, 1 deletion(-)
Since updating to kirkstone from hardknott, after boot rngd maxes out my
rpi4's processor for minutes initializing JITTER. The sustained CPU
usage was triggering my resource monitoring alerts. Changing config to
disable jitter with -x jitter stops the initialization process and uses
just the pi's h
Hi Pgowda,
Il giorno Mon, 2 May 2022 01:08:51 -0700
"Pgowda" ha scritto:
> While running lib32-glibc-tests, it fails with the following error
> as the recipe is not PROVIDED. BBCLASSEXTEND is cleaned in glibc-tests
> and is not able to recognize the multilibs.
>
> ERROR: Nothing PROVIDES 'lib3
On Mon, May 2, 2022 at 12:43 PM Ralph Siemsen wrote:
>
> On Mon, May 2, 2022 at 9:23 AM Marta Rybczynska wrote:
> >
> > On Fri, Apr 29, 2022 at 5:53 PM Ralph Siemsen
> > wrote:
> >>
> >> # Interval between CVE database updates, in seconds.
> >> # Set to "0" to to force an update of the database
On Mon, May 2, 2022 at 9:23 AM Marta Rybczynska wrote:
>
> On Fri, Apr 29, 2022 at 5:53 PM Ralph Siemsen
> wrote:
>>
>> # Interval between CVE database updates, in seconds.
>> # Set to "0" to to force an update of the database.
>> CVE_DATABASE_UPDATE_INTERVAL ?= "24*60*60"
>>
>
> This is a good
Hi Claudius,
Il giorno Fri, 29 Apr 2022 10:17:33 +0200
"Claudius Heine" ha scritto:
> The overlayfs_qa_check checks if the current root file system has a
> mount configured for each overlayfs, when the overlayfs class is used.
>
> However there are certain instances where this mount point is cr
Add a new variable CVE_DB_UPDATE_INTERVAL allowing the user to set
the database update interval.
- a positive value sets an interval (in seconds)
- a zero ("0") forces the database update
Signed-off-by: Marta Rybczynska
---
Changes from v1:
- allow to set the interval, not only force the updat
The update of the NVD database was expected to happen once per hour.
However, the database file date changes only if the content was actually
updated. In practice, the check worked for the first hour after the
new download.
As the NVD database changes usually only once a day, we can just
update it
On Sun, May 1, 2022 at 11:08 PM Jose Quaresma wrote:
>
> Hi Davide,
>
> This patch needs to be sent first for the master branch and backported for
> kirkstone only after that.
He's tagged [master] in the subject in addition to [kirkstone], so
this is fine. I appreciate the heads up that I shoul
On Fri, Apr 29, 2022 at 5:53 PM Ralph Siemsen
wrote:
> Hi Marta,
>
> This explains why the CVE database update seemed to happen far more
> frequently than it should. Thanks for digging into it.
>
> On Fri, Apr 29, 2022 at 2:32 AM Marta Rybczynska
> wrote:
> >
> > Add a new variable FORCE_CVE_DB_
CVE: CVE-2022-1420
Signed-off-by: Rahul Chauhan
---
.../vim/files/CVE-2022-1420.patch | 93 +++
meta/recipes-support/vim/vim.inc | 1 +
2 files changed, 94 insertions(+)
create mode 100644 meta/recipes-support/vim/files/CVE-2022-1420.patch
diff --git a
CVE: CVE-2022-1381
Signed-off-by: Rahul Chauhan
---
.../vim/files/CVE-2022-1381.patch | 111 ++
meta/recipes-support/vim/vim.inc | 1 +
2 files changed, 112 insertions(+)
create mode 100644 meta/recipes-support/vim/files/CVE-2022-1381.patch
diff --git
Ok thanks. I found the commit id:
https://git.yoctoproject.org/poky/commit/?id=21559199516a31c7635c5f2d874eaa4a92fff0e5
Unfortunately, it will probably take some time until the solution is included
on all our build machines.
Until then, we fixed our setup by using PSEUDO_UNLOAD=1 before any git
Hi Pgowda,
Pgowda escreveu no dia segunda, 2/05/2022 à(s) 09:09:
> While running lib32-glibc-tests, it fails with the following error
> as the recipe is not PROVIDED. BBCLASSEXTEND is cleaned in glibc-tests
> and is not able to recognize the multilibs.
>
> ERROR: Nothing PROVIDES 'lib32-glibc-te
Hi Davide,
This patch needs to be sent first for the master branch and backported
for kirkstone only after that.
Jose
Davide Gardenal escreveu no dia segunda,
2/05/2022 à(s) 08:43:
> Create generate_json_report including all the code used to generate the
> JSON
> manifest file.
> Add to cve_sa
While running lib32-glibc-tests, it fails with the following error
as the recipe is not PROVIDED. BBCLASSEXTEND is cleaned in glibc-tests
and is not able to recognize the multilibs.
ERROR: Nothing PROVIDES 'lib32-glibc-tests'
Signed-off-by: pgowda
---
meta/recipes-core/glibc/glibc-tests_2.35.bb
Create generate_json_report including all the code used to generate the JSON
manifest file.
Add to cve_save_summary_handler the ability to create the summary in JSON
format.
Signed-off-by: Davide Gardenal
---
meta/classes/cve-check.bbclass | 50 +---
1 file changed, 32 insertion
30 matches
Mail list logo
