From: Chen Qi
For now, only that paths added from current project are removed
to avoid PATH growing unnecessarily. This is to handle the case
of sourcing the init script into different build directories.
However, if we source the init script from different projects into
different build directori
From: Chen Qi
For now, only that paths added from current project are removed
to avoid PATH growing unnecessarily. This is to handle the case
of sourcing the init script into different build directories.
However, if we source the init script from different projects into
different build directori
From: Max Krummenacher
Fixup the to be called pkg-config as $(CROSS_COMPILE)pkg-config doesn't
exist.
With kernels < 6.4 pkg-config is only used for the gtk+-2.0 integration
which is disabled in the OE config. Thus the issue wasn't exposed so
far. With kernel 6.4 pkg-config is additionally used f
From: Max Krummenacher
With kernel 6.4-rc1 commit 6898e60f709b ("perf build: If libtraceevent
isn't present error the build") having libtraceevent is a required
dependency unless building it with 'NO_LIBTRACEEVENT=1'.
Older kernels did build libtraceevent as provided by the kernel sources.
(Unle
From: Max Krummenacher
Import from meta-openembedded at commit d250a0dc0 ("libtraceevent:
upgrade 1.7.1 -> 1.7.2").
Starting with kernel 6.4 libtraceevent is a dependency of perf. While
one can still build perf without it by opting out one would loose its
functionality compared with building perf
From: Max Krummenacher
Make sure that the OE provided CFLAGS are passed to the compiler so
that the -fdebug-prefix-map and -fmacro-prefix-map options are
actually active.
Fixes:
| WARNING: libtraceevent-1.7.2-r0 do_package_qa: QA Issue: File
/usr/lib/libtraceevent.a in package libtraceevent-sta
From: Max Krummenacher
With kernel 6.4-rc1 commit 6898e60f709b ("perf build: If libtraceevent
isn't present error the build") having libtraceevent is a required
dependency unless building it with 'NO_LIBTRACEEVENT=1'.
Changes in V2
- add a patch importing libtraceevent from meta-openembedded
- m
From: Max Krummenacher
Make sure that the OE provided CFLAGS are passed to the compiler so
that the -fdebug-prefix-map and -fmacro-prefix-map options are
actually active.
Fixes:
| WARNING: libtraceevent-1.7.2-r0 do_package_qa: QA Issue: File
/usr/lib/libtraceevent.a in package libtraceevent-sta
From: Max Krummenacher
With kernel 6.4-rc1 commit 6898e60f709b ("perf build: If libtraceevent
isn't present error the build") having libtraceevent is a required
dependency unless building it with 'NO_LIBTRACEEVENT=1'.
Older kernels did build libtraceevent as provided by the kernel sources.
(Unle
From: Max Krummenacher
Fixup the to be called pkg-config as $(CROSS_COMPILE)pkg-config doesn't
exist.
With kernels < 6.4 pkg-config is only used for the gtk+-2.0 integration
which is disabled in the OE config. Thus the issue wasn't exposed so
far. With kernel 6.4 pkg-config is additionally used f
From: Max Krummenacher
With kernel 6.4-rc1 commit 6898e60f709b ("perf build: If libtraceevent
isn't present error the build") having libtraceevent is a required
dependency unless building it with 'NO_LIBTRACEEVENT=1'.
Changes in V2
- add a patch importing libtraceevent from meta-openembedded
- m
From: Max Krummenacher
Import from meta-openembedded at commit d250a0dc0 ("libtraceevent:
upgrade 1.7.1 -> 1.7.2").
Starting with kernel 6.4 libtraceevent is a dependency of perf. While
one can still build perf without it by opting out one would loose its
functionality compared with building perf
Hi Steve,
Thank-you for the feedback.
I have added a better log to explain the reason for this additional patch and
have sent v3. Please let me know if it works according to you.
Regards,
Siddharth
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (
Upstream-Status: Backport from
[https://github.com/curl/curl/commit/4e2b52b5f7a3bf50a0f1494155717b02cc1df6d6]
Signed-off-by: Hitendra Prajapati
Signed-off-by: Siddharth Doshi
---
.../curl/curl/CVE-2023-27534-pre1.patch | 51
.../curl/curl/CVE-2023-27534.patch| 122 +
Hi Siddharth,
Thanks for this, but I think we need a better shortlog and commit
message explaining why we need this additional patch.
Could you send a v3?
Thanks!
Steve
On Thu, May 11, 2023 at 11:28 AM Siddharth wrote:
>
> Upstream-Status: Backport from
> [https://github.com/curl/curl/commit
From: Randolph Sapp
Fix a few of the oddities introduced by the previous patch that allowed
specification of the DTB install directory and specification of vendor
directories in that directory.
Add a recursive search for dtb and dtbo files to make sure
upstream dtb directory standards don't brea
From: Randolph Sapp
Upstream's dtb directory structure has no real standard. They just tend
to idle around the 2/3 directory depth. Recursively search for the
dtb/dtbo files instead of assuming anything.
Fixes: 04ab57d200 (kernel-devicetree: allow specification of dtb
directory, 2023-05-02)
Sig
From: Martin Jansa
Use the notation suggested by Martin Jansa to avoid a bashism. Also
switch KERNEL_DTBVENDORED to the more common 0/1 notation instead of
true/false.
Fixes: 04ab57d200 (kernel-devicetree: allow specification of dtb
directory, 2023-05-02)
Signed-off-by: Martin Jansa
Signed-off
Hi Steve,
I have committed modified patch on behalf of Hitendra as he is away for few
days. please find the patch at ->
https://lists.openembedded.org/g/openembedded-core/message/181154
I have verified that this builds fine with adding "--with-libssh2" option also.
Regards,
Siddharth
-=-=-=-=
Upstream-Status: Backport from
[https://github.com/curl/curl/commit/4e2b52b5f7a3bf50a0f1494155717b02cc1df6d6]
Signed-off-by: Hitendra Prajapati
Signed-off-by: Siddharth Doshi
---
.../curl/curl/CVE-2023-27534-pre1.patch | 44 +++
.../curl/curl/CVE-2023-27534.patch| 122 ++
From: Arturo Buzarra
If a package with a postsints script requires ldconfig, the package class adds
a ldconfig postinst fragment to initialize it before. Systemd has its own
ldconfig.service to initialize it and sometimes if both services are running
at the same time in the first boot, the first
From: Yoann Congal
Exclude CVEs that are fixed in current linux-yocto version v5.4.237.
To get the commit fixing a CVE, I used the Debian kernel-sec repo [1].
[1]:
https://salsa.debian.org/kernel-team/kernel-sec/-/commit/86d5040aee9275f9555458fcaf9cb43710dff398
Signed-off-by: Yoann Congal
Si
From: Ranjitsinh Rathod
BSD-4-Clause is only applicable to the {PN}-doc package as when I
check for the source code I find below files which only uses the
license BSD-4-Clause
~/sources/libbsd$ grep -rl "All advertising materials mentioning features or
use of this software" *|grep -v \.1|grep -
From: Vivek Kumbhar
Fix An integer overflow vulnerability was discovered in Freetype in
tt_hvadvance_adjust() function in src/truetype/ttgxvar.c
Signed-off-by: Vivek Kumbhar
Signed-off-by: Steve Sakoman
---
.../freetype/freetype/CVE-2023-2004.patch | 40 +++
.../freetype/
From: Ashish Sharma
Avoid overwriting the read packet length after the initial test. Thus
move all the length checks which depends on the total length first
and do not use the total lenght from the IP packet afterwards.
Fixes CVE-2023-28488
Reported by Polina Smirnova
Signed-off-by: Ashish Sh
From: Peter Marko
Backports from:
*
https://gitlab.gnome.org/GNOME/libxml2/-/commit/e4f85f1bd2eb34d9b49da9154a4cc3a1bc284f68
*
https://gitlab.gnome.org/GNOME/libxml2/-/commit/547edbf1cbdccd46b2e8ff322a456eaa5931c5df
Signed-off-by: Peter Marko
Signed-off-by: Steve Sakoman
---
.../libxml/libx
Please review this set of patches for dunfell and have comments back by
end of day Monday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5294
The following changes since commit fd4cc8d7b5156c43d162a1a5a809fae507457ef4:
build-appliance-image: U
From: Shubham Kulkarni
html/template: disallow actions in JS template literals
Backport from
https://github.com/golang/go/commit/b1e3ecfa06b67014429a197ec5e134ce4303ad9b
Signed-off-by: Shubham Kulkarni
Signed-off-by: Steve Sakoman
---
meta/recipes-devtools/go/go-1.14.inc | 3 +
.
On 5/9/23 6:32 PM, Steve Sakoman wrote:
From: Yoann Congal
Exclude CVEs that are fixed in both current linux-yocto version
v5.10.175 and v5.15.108.
To get the commit fixing a CVE, I used the Debian kernel-sec repo [1].
[1]:
https://salsa.debian.org/kernel-team/kernel-sec/-/commit/86d5040ae
Hello,
On 11/05/2023 14:56:01+0200, Max Krummenacher wrote:
> From: Max Krummenacher
>
> Import from meta-openembedded at commit d250a0dc0 ("libtraceevent:
> upgrade 1.7.1 -> 1.7.2").
> Starting with kernel 6.4 libtraceevent is a dependency of perf. While
> one can still build perf without it by
On 2023-05-11 14:54, Alexandre Belloni wrote:
Hello Randy,
This patch is missing your From: ;)
See "Fixing your From identity" here:
https://www.openembedded.org/wiki/How_to_submit_a_patch_to_OpenEmbedded
Fixed, sent v2,
https://lists.openembedded.org/g/openembedded-core/message/181142
The
From: Randy MacLeod
Fixes: https://nvd.nist.gov/vuln/detail/CVE-2023-2426
caf642c25 patch 9.0.1499: using uninitialized memory with fuzzy matching
Signed-off-by: Randy MacLeod
---
meta/recipes-support/vim/vim.inc | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/meta/reci
Hello Randy,
This patch is missing your From: ;)
See "Fixing your From identity" here:
https://www.openembedded.org/wiki/How_to_submit_a_patch_to_OpenEmbedded
On 11/05/2023 10:59:15-0400, Randy MacLeod via lists.openembedded.org wrote:
> Fixes: https://nvd.nist.gov/vuln/detail/CVE-2023-2426
> caf
Exclude CVEs that are fixed in current linux-yocto version v5.4.237.
To get the commit fixing a CVE, I used the Debian kernel-sec repo [1].
[1]:
https://salsa.debian.org/kernel-team/kernel-sec/-/commit/86d5040aee9275f9555458fcaf9cb43710dff398
Signed-off-by: Yoann Congal
---
meta/recipes-kerne
From: Ross Burton
Specifically this includes the commit "Fix appending to archives bigger
than 2G".
Drop all submitted patches.
Apply a patch from git to fix the build with clang.
[ YOCTO #11674 ]
Signed-off-by: Ross Burton
---
...charset_alias-when-building-for-musl.patch | 30 -
.../0001
On 2023-05-11 10:59, Randy MacLeod via lists.openembedded.org wrote:
Fixes:https://nvd.nist.gov/vuln/detail/CVE-2023-2426
caf642c25 patch 9.0.1499: using uninitialized memory with fuzzy matching
Signed-off-by: Randy MacLeod
---
meta/recipes-support/vim/vim.inc | 4 ++--
1 file changed, 2 inse
Fixes: https://nvd.nist.gov/vuln/detail/CVE-2023-2426
caf642c25 patch 9.0.1499: using uninitialized memory with fuzzy matching
Signed-off-by: Randy MacLeod
---
meta/recipes-support/vim/vim.inc | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/meta/recipes-support/vim/vim.in
Hi Hitendra,
There's been a bug filed against this patch (build failure when when
curl is configured with `libssh2` i.e. PACKAGECONFIG_append = "
libssh2"):
https://bugzilla.yoctoproject.org/show_bug.cgi?id=15114
Could you investigate and advise whether there is an easy fix or
whether we should
From: Max Krummenacher
Import from meta-openembedded at commit d250a0dc0 ("libtraceevent:
upgrade 1.7.1 -> 1.7.2").
Starting with kernel 6.4 libtraceevent is a dependency of perf. While
one can still build perf without it by opting out one would loose its
functionality compared with building perf
From: Max Krummenacher
Fixup the to be called pkg-config as $(CROSS_COMPILE)pkg-config doesn't
exist.
With kernels < 6.4 pkg-config is only used for the gtk+-2.0 integration
which is disabled in the OE config. Thus the issue wasn't exposed so
far. With kernel 6.4 pkg-config is additionally used f
From: Max Krummenacher
With kernel 6.4-rc1 commit 6898e60f709b ("perf build: If libtraceevent
isn't present error the build") having libtraceevent is a required
dependency unless building it with 'NO_LIBTRACEEVENT=1'.
Older kernels did build libtraceevent as provided by the kernel sources.
(Unle
From: Max Krummenacher
With kernel 6.4-rc1 commit 6898e60f709b ("perf build: If libtraceevent
isn't present error the build") having libtraceevent is a required
dependency unless building it with 'NO_LIBTRACEEVENT=1'.
Changes in V2
- add a patch importing libtraceevent from meta-openembedded
- m
Hi all
Thanks for volunteering Bruce.
As there is no other feedback I will prepare a V3 in a minute.
Regards,
Max
On Wed, May 10, 2023 at 10:00 PM Bruce Ashfield
wrote:
>
> On Tue, May 9, 2023 at 1:09 PM Jose Quaresma wrote:
> >
> > Hi Max,
> >
> > This also needs an entry on meta/conf/distro/
Hi Paul,
I'm sorry about that, will make sure this is supported again in final state
with all [YOCTO #12937] changes where the *_NAME and *_LINK_NAME variables
are reversed:
-IMAGE_NAME ?= "${IMAGE_LINK_NAME}${IMAGE_VERSION_SUFFIX}"
-IMAGE_LINK_NAME ?=
"${IMAGE_BASENAME}${IMAGE_MACHINE_SUFFIX}${I
44 matches
Mail list logo
