[OE-core][PATCH] opensbi: Update to v1.1

This release has: * SBI PMU improvements * RISC-V AIA v0.3.0 draft support * Simple external interrupt handling framework * Xilinx UART-Lite driver * RISC-V privilege specification v1.12 support * RISC-V Svpbmt extension support * RISC-V Smstateen extension support * RISC-V Sstc extension support *

[OE-core] OE-core CVE metrics for kirkstone on Sun 26 Jun 2022 03:00:01 AM HST

Branch: kirkstone New this week: 0 CVEs Removed this week: 2 CVEs CVE-2022-1927 (CVSS3: 9.8 CRITICAL): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1927 * CVE-2022-1942 (CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1942 * Full list: Found 11

[OE-core] OE-core CVE metrics for dunfell on Sun 26 Jun 2022 02:30:01 AM HST

Branch: dunfell New this week: 0 CVEs Removed this week: 9 CVEs CVE-2021-36368 (CVSS3: 3.7 LOW): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-36368 * CVE-2021-44717 (CVSS3: 4.8 MEDIUM): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-44717 * CVE-2022-

[OE-core] OE-core CVE metrics for master on Sun 26 Jun 2022 02:00:01 AM HST

Branch: master New this week: 0 CVEs Removed this week: 2 CVEs CVE-2022-0529 (CVSS3: 5.5 MEDIUM): unzip:unzip-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0529 * CVE-2022-0530 (CVSS3: 5.5 MEDIUM): unzip:unzip-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0

[OE-Core][PATCH] python3-cryptography: Cleanup DEPENDS/RDEPENDS

idna was removed in 3.1, asn1crypto in 2.8, six in 3.3.1; setuptools never appears to have been a runtime requirement. With these removed the recipe both builds and passes ptest: = 2824 passed, 52 skipped, 85319 subtests passed in 3932.89s (1:05:32) = Also drop redundant ${PYTHON_PN}-s

Re: [OE-core] [PATCH] llvm: add PACKAGECONFIG[optviewer]

On Wed, 2022-06-22 at 22:47 +0200, Luca Ceresoli via lists.openembedded.org wrote: > Currently the CMake configuration for llvm finds the python pygments and > pyyaml if they are installed on the host. This makes builds > non-reproducible across different machines, some having those modules > insta

[OE-core] [PATCH 4/4] coreutils: Tweak packaging variable names for coreutils-dev

PACKAGES uses ${PN}-dev so be consistent with the addition to the variable to avoid weird variable conflicts. Signed-off-by: Richard Purdie --- meta/recipes-core/coreutils/coreutils_9.1.bb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta/recipes-core/coreutils/coreuti

[OE-core] [PATCH 3/4] bitbake.conf: Change -dev RDEPENDS to RRECOMMENDS

Switch the default DEPENDS for ${PN}-dev to be a RRECOMMENDS instead. This takes advantage of a change to complmentary package globbing to not follow RRECOMMENDS and means and SDK for an image with both openssh and dropbear compoments will now build successfully. Signed-off-by: Richard Purdie ---

[OE-core] [PATCH 2/4] bitbake.conf/recipes: Introduce add DEV_PKG_DEPENDENCY to change RDEPENDS:${PN}-dev

There is a pattern that several recipes need to break the dependency of ${PN}-dev on ${PN}, most often as ${PN} may be be empty. Add a new variable to parameterise this and allow it to be changed more easily. Signed-off-by: Richard Purdie --- meta/conf/bitbake.conf

[OE-core] [PATCH 1/4] package_manager: Change complementary package handling to not include soft dependencies

From: Ross Burton We've some long standing bugs where the RDEPENDS from -dev packages causes problems, e.g. dropbear and openssh components on an image working fine together but then the SDK failing to build as the main openssh and dropbear packages conflict with each other (pulled in by openssh-