[OE-core][master][PATCH 1/1] grub2: backport patch to fix CVE-2022-2601 CVE-2022-3775

From: Xiangyu Chen Backport patch from upstream to solve CVE-2022-2601 CVE-2022-3775 dependency: font: Fix size overflow in grub_font_get_glyph_internal() (https://git.savannah.gnu.org/cgit/grub.git/commit/?id=9c76ec09ae08155df27cd237eaea150b4f02f532) Backport patch from upstream to fix followin

[OE-core] [kirkstone][PATCH v2] libX11: CVE-2022-3554 & CVE-2022-3555 Fix memory leak

Upstream-Status: Backport from https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/1d11822601fd24a396b354fa616b04ed3df8b4ef && https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/8a368d808fec166b5fb3dfe6312aab22c7ee20af Signed-off-by: Hitendra Prajapati --- .../xorg-lib/libx11/CVE-202

Re: [OE-core] [kirkstone][PATCH] libX11: CVE-2022-3554 & CVE-2022-3555 Fix memory leak

Hi Team, Gentle Reminder !.. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#175009): https://lists.openembedded.org/g/openembedded-core/message/175009 Mute This Topic: https://lists.openembedded.org/mt/94751516/21656 Group Owner: openembedded-core

[OE-core][kirkstone][PATCH] kernel.bbclass: remove empty module directories to prevent QA issues

From: Ovidiu Panait Currently, allyesconfig test runs for x86_64 fail with: ERROR: linux-yocto-5.19.17+gitAUTOINC+0cba9aa404_aaf4490d18-r0 do_package: QA Issue: linux-yocto: Files/directories were installed but not shipped in any package: /lib/modules/5.19.17/kernel/drivers/nvdimm With CONFIG_

Re: [OE-core][PATCH] selftest: allow '-R' and '-r' be used together

On 2022-11-25 08:00, Richard Purdie via lists.openembedded.org wrote: Hi Qi, On Fri, 2022-11-25 at 05:56 +, Chen Qi wrote: The AB is actually running 'all' tests. The '--skip-tests (-R)' option means 'Run all (unhidden) tests except the ones specified.', according to its help message. This

[OE-Core][PATCH v4 11/11] oeqa/runtime/rust: Add cargo test

Signed-off-by: Alex Kiernan --- (no changes since v1) meta/lib/oeqa/runtime/cases/rust.py | 17 + 1 file changed, 17 insertions(+) diff --git a/meta/lib/oeqa/runtime/cases/rust.py b/meta/lib/oeqa/runtime/cases/rust.py index 186bb0d79e15..c9c60e16fd2b 100644 --- a/meta/lib/oeqa

[OE-Core][PATCH v4 10/11] packagegroup-rust-sdk-target: Add cargo

Signed-off-by: Alex Kiernan --- (no changes since v1) meta/recipes-core/packagegroups/packagegroup-rust-sdk-target.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-core/packagegroups/packagegroup-rust-sdk-target.bb b/meta/recipes-core/packagegroups/packagegroup-rust-sdk-targ

[OE-Core][PATCH v4 07/11] rust: Merge .inc into .bb

Signed-off-by: Alex Kiernan --- (no changes since v1) meta/recipes-devtools/rust/rust-target.inc | 10 - meta/recipes-devtools/rust/rust.inc| 223 - meta/recipes-devtools/rust/rust_1.66.0.bb | 218 +++- 3 files changed, 217 insertions(+), 234 deleti

[OE-Core][PATCH v4 09/11] cargo: Override crossbeam-utils with 0.8.14

Use cargo patching to replace crossbeam-utils with the semver compatible 0.8.14 rather than trying to patch our local changes. This corrects the ppc/mips builds. Signed-off-by: Alex Kiernan --- Changes in v4: - Add crossbeam atomics fixes for ppc/mips meta/recipes-devtools/cargo/cargo_1.66.0.b

[OE-Core][PATCH v4 08/11] rust: Move musl-x86 fix for `__stack_chk_fail_local` to rust-source

Any consumer of rust-source (potentially) needs this, so move to rust-source.inc Signed-off-by: Alex Kiernan --- Changes in v4: - Fixup `__stack_chk_fail_local` in musl-x86 meta/recipes-devtools/rust/rust-source.inc | 5 + meta/recipes-devtools/rust/rust_1.66.0.bb | 5 - 2 files chang

[OE-Core][PATCH v4 06/11] cargo: Extend DEBUG_PREFIX_MAP to cover vendor

The cargo build builds vendored libgit and curl, but these exist outside ${S} which DEBUG_PREFIX_MAP covers. Signed-off-by: Alex Kiernan --- (no changes since v1) meta/recipes-devtools/cargo/cargo_1.66.0.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/recipes-devtools/cargo/cargo

[OE-Core][PATCH v4 05/11] cargo: Merge .inc into .bb

Signed-off-by: Alex Kiernan --- (no changes since v1) meta/recipes-devtools/cargo/cargo.inc | 69 meta/recipes-devtools/cargo/cargo_1.66.0.bb | 71 - 2 files changed, 69 insertions(+), 71 deletions(-) delete mode 100644 meta/recipes-devtools/cargo

[OE-Core][PATCH v4 03/11] packagegroup-rust-sdk-target: Add Rust SDK target packagegroup

Signed-off-by: Alex Kiernan --- (no changes since v1) .../packagegroups/packagegroup-rust-sdk-target.bb | 13 + 1 file changed, 13 insertions(+) create mode 100644 meta/recipes-core/packagegroups/packagegroup-rust-sdk-target.bb diff --git a/meta/recipes-core/packagegroups/packa

[OE-Core][PATCH v4 04/11] packagegroup-core-sdk: Add SDK toolchain language selection support

Use SDK_TOOLCHAIN_LANGS to allow different language support to be selected within SDKs. Initially supported options are rust and go. Signed-off-by: Alex Kiernan --- (no changes since v3) Changes in v3: - Switch to packagegroup-core-sdk driven from TARGET_TOOLCHAIN_LANGS (which defaults to SDK

[OE-Core][PATCH v4 00/11] Add rust runtime tests

This series adds runtime tests for rust and cargo, merges (most of) the include files into the base recipes and fixes target cargo builds. Also add SDK_TOOLCHAIN_LANGS for selection of target toolchains as part of packagegroup-core-sdk. Changes in v4: - Fixup `__stack_chk_fail_local` in musl-x86

[OE-Core][PATCH v4 02/11] rust-llvm: Update LLVM_VERSION to match embedded version

Signed-off-by: Alex Kiernan --- (no changes since v1) meta/recipes-devtools/rust/rust-llvm_1.66.0.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-devtools/rust/rust-llvm_1.66.0.bb b/meta/recipes-devtools/rust/rust-llvm_1.66.0.bb index e1baeb78574f..4cf244bb6

[OE-Core][PATCH v4 01/11] rust-llvm: Merge .inc into .bb

Signed-off-by: Alex Kiernan --- (no changes since v2) Changes in v2: - Drop rust.inc/rust.bb merge, not actually made use of in the change set - Reorder so cargo test goes after build fixes meta/recipes-devtools/rust/rust-llvm.inc | 78 -- .../recipes-devtools/rust/rust-

[OE-core] OE-core CVE metrics for langdale on Sun 25 Dec 2022 03:30:01 AM HST

Branch: langdale New this week: 4 CVEs CVE-2022-42010 (CVSS3: 6.5 MEDIUM): dbus:dbus-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-42010 * CVE-2022-42011 (CVSS3: 6.5 MEDIUM): dbus:dbus-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-42011 * CVE-2022-42012 (CVS

[OE-core] OE-core CVE metrics for kirkstone on Sun 25 Dec 2022 03:00:01 AM HST

Branch: kirkstone New this week: 1 CVEs CVE-2022-4603 (CVSS3: 8.8 HIGH): ppp https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4603 * Removed this week: 5 CVEs CVE-2022-37454 (CVSS3: 9.8 CRITICAL): python3:python3-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37454 *

[OE-core] [PATCH] oeqa/rpm.py: Increase timeout and add debug output

[Yocto #14346] Systemd may be slow in killing pam session sometimes [1][2]. It may cause rpm test to fail because there's process (sd_pam) running and own by "test1" user after timeout. Increasing timeout to 2 mins and assert earlier with debug output if there's such process(es). If increasing of t

[OE-core] OE-core CVE metrics for dunfell on Sun 25 Dec 2022 02:30:01 AM HST

Branch: dunfell New this week: 1 CVEs CVE-2022-4603 (CVSS3: 8.8 HIGH): ppp https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4603 * Removed this week: 11 CVEs CVE-2021-3521 (CVSS3: 4.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3521 * CVE-2021-3636

[OE-core] OE-core CVE metrics for master on Sun 25 Dec 2022 02:00:01 AM HST

Branch: master New this week: 1 CVEs CVE-2022-4603 (CVSS3: 8.8 HIGH): ppp https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4603 * Removed this week: 0 CVEs Full list: Found 10 unpatched CVEs CVE-2022-2601 (CVSS3: 8.6 HIGH): grub:grub-efi:grub-native https://web.nvd.nist.gov/view/vuln