From: Hitendra Prajapati
Source: https://github.com/PCRE2Project/pcre2
MR: 118027
Type: Security Fix
Disposition: Backport from
https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a
ChangeID: e9b448d96a7e58b34b2c4069757a6f3ca0917713
Description:
CVE-2022-1586: p
From: Hitendra Prajapati
Backport from
https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a
CVE-2022-1586: pcre2: Out-of-bounds read in compile_xclass_matchingpath in
pcre2_jit_compile.c.
Signed-off-by: Hitendra Prajapati
Signed-off-by: Jeremy A. Puhlman
---
From: Hitendra Prajapati
Backport from
https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a
CVE-2022-1586: pcre2: Out-of-bounds read in compile_xclass_matchingpath in
pcre2_jit_compile.c.
Signed-off-by: Hitendra Prajapati
Signed-off-by: Jeremy A. Puhlman
(che
Please correct the upstream status to inappropriate, ‘submitted’ means the
patch was actually sent upstream, ‘inappropriate’ means the patch was not
submitted, but an issue was raised with upstream to find a solution.
Alex
On Tue 24. May 2022 at 3.28, leimaohui wrote:
> - Added a patch to avoid
- Added a patch to avoid excute fipshmac command. Because *.hmac
file should be created on target instead of on build environment.
- Added pkg_postinst_ontarget to make sure necessary files are
created on target.
Signed-off-by: Lei Maohui
---
...ile-should-be-excuted-in-target-envi.patch | 28 ++
On Mon, May 23, 2022 at 11:57 AM Peter Kjellerstedt
wrote:
>
> > -Original Message-
> > From: openembedded-core@lists.openembedded.org > c...@lists.openembedded.org> On Behalf Of Peter Kjellerstedt
> > Sent: den 29 april 2022 10:10
> > To: Steve Sakoman
> > Cc: Patches and discussions ab
> -Original Message-
> From: openembedded-core@lists.openembedded.org c...@lists.openembedded.org> On Behalf Of Peter Kjellerstedt
> Sent: den 29 april 2022 10:10
> To: Steve Sakoman
> Cc: Patches and discussions about the oe-core layer c...@lists.openembedded.org>
> Subject: Re: [OE-cor
On Mon, May 23, 2022 at 4:43 AM Martin Jansa wrote:
>
> The LICENSES file is already in LIC_FILES_CHKSUM.
>
> Unfortunately the files themselves usually don't have clear license headers,
> but at least there is Copyright in them, so it might be possible to map the
> LICENSES files sections to ac
On Mon, May 23, 2022 at 7:21 AM Jiaqing Zhao
wrote:
>
> It's an musl-specific issue I believe.
>
> man page defines it as [1]
> ssize_t getdents64(int fd, void *dirp, size_t count)
>
> But in musl, it's an alias of getdents [2]
> int getdents(int fd, struct dirent *buf, size_t len)
On Sun, May 22, 2022 at 3:32 AM Steve Sakoman via
lists.openembedded.org
wrote:
>
> Branch: kirkstone
>
> New this week: 7 CVEs
> CVE-2021-3611 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3611 *
> CVE-2021-3750 (CVSS3: 8.2 H
The libdrm-{nouveau,radeon,intel} are generated by libdrm recipe.
To use these libraries as a dependency in another component,
It should be explicitly added as RPROVIDES.
Signed-off-by:Minjae Kim
---
meta/recipes-graphics/drm/libdrm_2.4.101.bb | 6 ++
1 file changed, 6 insertions(+)
diff --
The libncurses5 is generated by ncurse recipe.
To use this library as a dependency in another component,
It should be explicitly added as RPROVIDES.
Signed-off-by:Minjae Kim
---
meta/recipes-core/ncurses/ncurses.inc | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/recipes-core/ncurses/
Am 22.05.22 um 14:12 schrieb richard.pur...@linuxfoundation.org:
I'd be interested to know what kind of aborts as that shouldn't have
happened. I'd be interested to understand what broke as it shouldn't
have done and none of our testing has shown it.
Cheers,
Richard
All-clear for the master b
I guess so, please do.
Alex
On Mon, 23 May 2022 at 16:21, Jiaqing Zhao wrote:
>
> It's an musl-specific issue I believe.
>
> man page defines it as [1]
> ssize_t getdents64(int fd, void *dirp, size_t count)
>
> But in musl, it's an alias of getdents [2]
> int getdents(int fd, str
It's an musl-specific issue I believe.
man page defines it as [1]
ssize_t getdents64(int fd, void *dirp, size_t count)
But in musl, it's an alias of getdents [2]
int getdents(int fd, struct dirent *buf, size_t len)
Shall we report to musl instead of systemd?
[1] https://man7.org
From: Richard Purdie
Using += unintentionally removes all other entries from DISTRO_FEATURES
if DISTRO_FEATURES was set by ?= such as by poky.conf. This reduces
sstate reusage on the autobuilder. Fix this to speed up builds.
Signed-off-by: Richard Purdie
(cherry picked from commit 124b82c32c454
From: Richard Purdie
We've seen failures on the autobuilder in oe-selftest where things which should
be in the sysroot aren't. The exact steps to reproduce the exact failure are
elusive and probably hash equivalance dependency but this set of steps does
reproduce corruption which is probably of t
From: Claudius Heine
The overlayfs_qa_check checks if the current root file system has a
mount configured for each overlayfs, when the overlayfs class is used.
However there are certain instances where this mount point is created at
runtime and not static in a fstab entry or systemd mount unit.
From: Samuli Piippo
Fixes Qt build with GCC 12.1.
Brings following fixes
* 3d549e5ccc0 PR29142, segv in ar with empty archive and libdeps specified
* c473aa1b9d8 M68K: avoid quadratic slowdlow in label alignment check
* 8d1187516e3 Adjust ld ctf test for 32-bit targets
* 9c67f6382ac x86: Pr
From: wangmy
Minor bug fix release with a single commit:
Make error messages about repodata and rpm mismatch more user friendly
This should help users to recognize the error is not on dnf side but
instead on the server (in the repository).
Signed-off-by: Wang Mingyu
Signed-off-by: Luca Cereso
From: Alexander Kanavin
Fixes build error: when using Linux 5.4 kernel:
In function read_extcsd: mmc_cmds.c:72:18: error: MMC_BLOCK_MAJOR
undeclared (first use in this function)
This SRCREV bump includes two commits:
b7e4d5a mmc-utils: Add General command CMD56 read support
0d493fb mmc-utils:
traceback.cpython-310.pyc is non-deterministic due to 'frozenset'
being written without strict ordering. For now let's just not
install the problematic file.
Signed-off-by: Steve Sakoman
Signed-off-by: Luca Ceresoli
Signed-off-by: Richard Purdie
(cherry picked from commit 4b1f0f7542abcb8606688
From: Marta Rybczynska
The addition of summary output caused two issues: error when building
an image and the fact that JSON output was generated even when
CVE_CHECK_FORMAT_JSON.
When generating an image it caused an error like:
ERROR: core-image-minimal-1.0-r0 do_rootfs: Error executing a pytho
From: Robert Joslyn
Backport patches to address the following CVEs:
* https://curl.se/docs/CVE-2022-22576.html
* https://curl.se/docs/CVE-2022-27775.html
* https://curl.se/docs/CVE-2022-27776.html
* https://curl.se/docs/CVE-2022-27774.html
* https://curl.se/docs/CVE-2022-30115.html
* https:
Inappropriate still means the issue needs to be reported to upstream,
can you do this please?
Alex
On Mon, 23 May 2022 at 15:34, Jiaqing Zhao wrote:
>
> Current patch removes the uint8_t* cast in src/basic/recurse-dir.c:57
> to fix musl build, but it changes the value here as pointer arithmetic
Please review this set of patches for kirkstone and have comments back by end
of day Wednesday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3692
The following changes since commit ec9e9497730f0a9c8ad3d696c8cdcec06267aacf:
base-passwd: Disabl
Current patch removes the uint8_t* cast in src/basic/recurse-dir.c:57
to fix musl build, but it changes the value here as pointer arithmetic
is type-depended in C. This patch corrects the behavior by adding an
extra cast to struct dirent*.
Also changes the patch's Upstream-Status to Inappropriate
On Thu, 2022-05-12 at 04:38 -0400, Robert P. J. Day wrote:
> Mention that there are other QEMU targets available in the OE layer,
> and leave it for the reader to check them out.
>
> Signed-off-by: Robert P. J. Day
>
> ---
>
> i think this is the happy medium between not saying anything about
From: Mingli Yu
When multilib enabled and add layers/meta-openembedded/meta-oe in
conf/bblayers.conf, it reports below error when run oe-selftest.
$ oe-selftest -r oescripts
[snip]
[20:36:33-0700] 2022-05-16 03:36:33,494 - oe-selftest - INFO - RESULTS -
oescripts.OEListPackageconfigTests.tes
Sort dict keys in the json output and use tab spacing. This means
when commited into git, the diffs are human readable but it is more
compact filesize than space indentation.
Signed-off-by: Richard Purdie
---
scripts/contrib/patchreview.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
d
Save commit data when writing to the json file so the results can
be copared/extended later.
Signed-off-by: Richard Purdie
---
scripts/contrib/patchreview.py | 1 +
1 file changed, 1 insertion(+)
diff --git a/scripts/contrib/patchreview.py b/scripts/contrib/patchreview.py
index dc417b4c55b4..00
Signed-off-by: Markus Volk
---
meta/recipes-graphics/libsdl2/libsdl2_2.0.22.bb | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/meta/recipes-graphics/libsdl2/libsdl2_2.0.22.bb
b/meta/recipes-graphics/libsdl2/libsdl2_2.0.22.bb
index 7206b2d2d8..48a294fbbc 100644
--- a/meta/r
libdecor is a client-side decoration library for Wayland clients. It is used
by libsdl2 for window decoration and is required to provide decoration for
shells that use client-side decoration such as gnome-shell or weston.
Signed-off-by: Markus Volk
---
.../libdecor/libdecor_0.1.0.bb
Signed-off-by: Markus Volk
---
meta/recipes-graphics/xorg-lib/xkeyboard-config_2.35.1.bb | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/recipes-graphics/xorg-lib/xkeyboard-config_2.35.1.bb
b/meta/recipes-graphics/xorg-lib/xkeyboard-config_2.35.1.bb
index 5215131e3e..46c73879e6 100644
Signed-off-by: Markus Volk
---
meta/recipes-graphics/xorg-lib/libxkbcommon_1.4.0.bb | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/recipes-graphics/xorg-lib/libxkbcommon_1.4.0.bb
b/meta/recipes-graphics/xorg-lib/libxkbcommon_1.4.0.bb
index 34652e9c4e..9840b0797b 100644
--- a/meta/rec
Signed-off-by: Markus Volk
---
meta/recipes-graphics/libsdl2/libsdl2_2.0.22.bb | 7 ++-
1 file changed, 2 insertions(+), 5 deletions(-)
diff --git a/meta/recipes-graphics/libsdl2/libsdl2_2.0.22.bb
b/meta/recipes-graphics/libsdl2/libsdl2_2.0.22.bb
index b112d63784..7206b2d2d8 100644
--- a/me
Hi Markus,
Il giorno Sun, 22 May 2022 10:47:52 +0200
"Markus Volk" ha scritto:
> Signed-off-by: Markus Volk
This patch does not apply, it is conflicting with a previous patch
from you that is on master. Can you rebase and resend?
Thanks.
--
Luca Ceresoli, Bootlin
Embedded Linux and Kernel en
These issues only affect libtiff post-4.3.0 but before 4.4.0, caused by
3079627e and fixed by b4e79bfa.
Signed-off-by: Ross Burton
---
meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb
b/meta/recipe
On Mon, 2022-05-23 at 13:43 +0200, Martin Jansa wrote:
> The LICENSES file is already in LIC_FILES_CHKSUM.
>
> Unfortunately the files themselves usually don't have clear license
> headers, but at least there is Copyright in them, so it might be
> possible to map the LICENSES files sections to act
The LICENSES file is already in LIC_FILES_CHKSUM.
Unfortunately the files themselves usually don't have clear license
headers, but at least there is Copyright in them, so it might be possible
to map the LICENSES files sections to actual source files (in cases where
it's not explicitly mentioned) a
On Mon, 2022-05-23 at 13:24 +0200, Martin Jansa wrote:
> * the main motivation is to get rid of this bbappend from 2014:
>
> https://github.com/openwebos/meta-webos/commit/8eb313e4303defbe495cf7f91974799046975fca
> which unfortunately doesn't explain which files under BSD license are
> includ
This is really just RFC,
if there is an agreement that we need to resolve this, then we might also
introduce package specific licenses as even our old bbappend was adding BSD
only to glibc-extra-nss, PN-dbg, PN-dev, PN, PN-staticdev and PN-utils, but
that's from eglibc-2.17 days and would need to
* the main motivation is to get rid of this bbappend from 2014:
https://github.com/openwebos/meta-webos/commit/8eb313e4303defbe495cf7f91974799046975fca
which unfortunately doesn't explain which files under BSD license are included
in which package and also uses ambiguous 'BSD' license which
Thanks; can you resend the change with the link in the patch file just
above the Upstream-Status line?
Alex
On Mon, 23 May 2022 at 10:11, leimao...@fujitsu.com
wrote:
>
> Hi, Alex
>
> > Has the issue been raised with upstream? Would be good to include a link to
> > that
> > into the patch: any
On Fri, 2022-05-20 at 09:53 +0800, Changqing Li wrote:
> From: Changqing Li
>
> When DISTRO_FEATURES efi-secure-boot and ima is enabled, all the target
> will depend on help2man-native. During build time,some recipes will run
> target_binary --help when help2man exist, which may cause run target
From: Raphael Teller
Allow recipe to set a custom postinst for kernel image.
Use prependVar in order to allow custom postinst to be
ran after default postinst, potentially modifying the
installed file/symlink.
Signed-off-by: Raphael Teller
---
meta/classes/kernel.bbclass | 2 +-
1 file changed
Hi, Alex
> Has the issue been raised with upstream? Would be good to include a link to
> that
> into the patch: any new 'inappropriate' patch is a support burden.
I know, and I has submitted this issue:
https://gitlab.com/gnutls/gnutls/-/issues/1373
Best regards
Lei
> -Original Message
Add patches for CVE issues: CVE-2022-27781 CVE-2022-27782
CVE-2022-27781
Link:
[https://github.com/curl/curl/commit/5c7da89d404bf59c8dd82a001119a16d18365917]
CVE-2022-27782
Link:
[https://github.com/curl/curl/commit/1645e9b44505abd5cbaf65da5282c3f33b5924a5]
Signed-off-by: Riyaz Ahmed Khan
---
This seems to solve my problem with the quicktype recipe [1]. Thank
you very much for working in this.
[1]
https://lore.kernel.org/all/CANNYZj-V8O1-USTdtOYKi5hB80QjxQZH2d2=ybj-4y2sm5b...@mail.gmail.com/T/
On Thursday, 19 May 2022, 12:05:50 CEST, Enrico Scholz via
lists.openembedded.org wrote:
Has the issue been raised with upstream? Would be good to include a
link to that into the patch: any new 'inappropriate' patch is a
support burden.
Alex
On Mon, 23 May 2022 at 08:53, leimaohui wrote:
>
> - Added a patch to avoid excute fipshmac command. Because *.hmac
> file should be created on
As product, sdk should do cve check as well as rootfs.
Signed-off-by: Lei Maohui
---
meta/classes/cve-check.bbclass | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 7cd98ae..3729d9c 100644
--- a/meta/classes/cve-check.bbcla
51 matches
Mail list logo
