Hi Steve,
Please find the detailed error log:
{{{
| [629/6213] Compiling C object libqemuutil.a.p/stubs_win32-kbd-hook.c.o
| [630/6213] Compiling C object libqemuutil.a.p/stubs_replay-tools.c.o
| [631/6213] Compiling C object fsdev/virtfs-proxy-helper.p/9p-marshal.c.o
| [632/6213] Compiling C obje
Backport fixes for:
* CVE-2023-2908 - Upstream-Status: Backport from
https://gitlab.com/libtiff/libtiff/-/commit/9bd48f0dbd64fb94dc2b5b05238fde0bfdd4ff3f
* CVE-2023-3316 - Upstream-Status: Backport from
https://gitlab.com/libtiff/libtiff/-/commit/d63de61b1ec3385f6383ef9a1f453e4b8b11d536
* CVE-202
Depending on the host gcc version, libdnf fails to compile due to
missing cstdint inclusions. These issue have already been addressed
upstream, add the patches to resolve this for older versions of the
library.
These commits are taken directly from the libdnf project at
https://github.com/rpm-soft
On Sun, Aug 27, 2023 at 8:23 PM Abe Kohandel wrote:
>
> Depending on the host gcc version, libdnf fails to compile due to
> missing cstdint inclusions. These issue have already been addressed
> upstream, add the patches to resolve this for older versions of the
> library.
>
> These commits are tak
Depending on the host gcc version, libdnf fails to compile due to
missing cstdint inclusions. These issue have already been addressed
upstream, add the patches to resolve this for older versions of the
library.
These commits are taken directly from the libdnf project at
https://github.com/rpm-soft
On 23/08/27 03:42PM, Khem Raj wrote:
> On Sun, Aug 27, 2023 at 3:12 PM Abe Kohandel wrote:
>
> > Depending on the host gcc version, libdnf fails to compile due to
> > missing cstdint inclusion. The issue has already been addressed
> > upstream, add the patch to resolve this for older versions of
Depending on the host gcc version, libdnf fails to compile due to
missing cstdint inclusion. The issue has already been addressed
upstream, add the patch to resolve this for older versions of the
library.
This commit is taken directly from the libdnf project at
https://github.com/rpm-software-mana
On Sun, Aug 27, 2023 at 3:12 PM Abe Kohandel wrote:
> Depending on the host gcc version, libdnf fails to compile due to
> missing cstdint inclusion. The issue has already been addressed
> upstream, add the patch to resolve this for older versions of the
> library.
>
> This commit is taken directl
Depending on the host gcc version, libdnf fails to compile due to
missing cstdint inclusion. The issue has already been addressed
upstream, add the patch to resolve this for older versions of the
library.
This commit is taken directly from the libdnf project at
https://github.com/rpm-software-mana
> -Original Message-
> From: Max Krummenacher
> Sent: den 27 augusti 2023 10:10
> To: openembedded-core@lists.openembedded.org; Peter Kjellerstedt
>
> Cc: Max Krummenacher ; Randolph Sapp
>
> Subject: [oe][OE-core][Patch 0/1] Revert "bin_package.bbclass: Inhibit the
> default dependencie
> -Original Message-
> From: openembedded-core@lists.openembedded.org
> On Behalf Of Stéphane Veyret
> Sent: den 27 augusti 2023 18:49
> To: openembedded-core@lists.openembedded.org
> Cc: Stéphane Veyret
> Subject: [OE-core] [meta-oe][PATCH] volatile-binds: Calculate the name of the
> /
Fixes errors like below seen with bitbake core-image-ptest-fast
WARNING: core-image-ptest-apr-util-1.0-r0 do_recipe_qa: QA Issue: Recipe
core-image-ptest-apr-util in
/mnt/b/yoe/master/sources/poky/meta/recipes-core/images/core-image-ptest.bb
does not contain a SUMMARY. Please a
dd an entry. [mi
From: Narpat Mali
The delta between 3.1.27 & 3.1.32 contains the CVE-2022-24439 &
CVE-2023-40267 fixes and other bugfixes.
Changelog:
https://github.com/gitpython-developers/GitPython/releases/tag/3.1.32
https://gitpython.readthedocs.io/en/stable/changes.html#id5
- Bump cygwin/cygwin-install-ac
From: Ross Burton
The generated file covers all but one of these CVEs (which will be fixed
when [1] is resolved) so remove the redundant entries.
[1] https://github.com/nluedtke/linux_kernel_cves/issues/344
Signed-off-by: Ross Burton
Signed-off-by: Steve Sakoman
---
meta/recipes-kernel/linux
From: Siddharth
The commit
[https://github.com/openembedded/openembedded-core/commit/9bd4ddeb4b5efc65b0514d50d6991211271924c1]
backports fix for CVE-2023-2861 for version 6.2.0.
The 'qemu_fstat' in `do_create_others' is not defined which leads to the
undefined symbol error on certain architect
From: Ross Burton
Instead of manually looking up new CVEs and determining what point
releases the fixes are incorporated into, add a script to generate the
CVE_CHECK_IGNORE data automatically.
First, note that this is very much an interim solution until the
cve-check class fetches data from www.
From: Yogita Urade
Envoy is a cloud-native high-performance edge/middle/service
proxy. Envoy’s HTTP/2 codec may leak a header map and
bookkeeping structures upon receiving `RST_STREAM` immediately
followed by the `GOAWAY` frames from an upstream server. In
nghttp2, cleanup of pending requests due
From: Soumya Sambu
Extremely large RSA keys in certificate chains can cause a
client/server to expend significant CPU time verifying
signatures. With fix, the size of RSA keys transmitted
during handshakes is restricted to <= 8192 bits. Based on
a survey of publicly trusted RSA keys, there are cu
From: Narpat Mali
CVE-2023-39018 belongs to ffmpeg-cli-wrapper (Java wrapper around the FFmpeg
CLI)
and not ffmpeg itself. As per CVE description, it is mentioned as FFmpeg 0.7.0
which
is the version for ffmpeg-cli-wrapper and ffmpeg don't have 0.7.0 version at
all.
Debian & Bugzilla trackers
Please review this set of changes for kirkstone and have comments back by
end of day Tuesday, August 29.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5789
The following changes since commit ea920e3c8075f3a1b79039341f8c889f6197a07f:
glibc-loca
From: Ross Burton
After what I presume is the recent kernel upgrade, perf started to fail
to configure. This was actually due to libtraceevent racing during its
build and failing to put one of the .o files into the .so (reminder:
Make is terrible). This doesn't cause the libtraceevent build to f
On Sat, 2023-08-26 at 10:31 +, Peter Kjellerstedt wrote:
> > -Original Message-
> > From:
> > openembedded-core@lists.openembedded.org
> > > > On Behalf Of Adrian Freihofer
> > Sent: den 26 augusti 2023 00:26
> > To: openembedded-core@lists.openembedded.org
> > Cc: Adrian Freihofer
>
Signed-off-by: Adrian Freihofer
---
meta/lib/oeqa/selftest/cases/devtool.py | 133
1 file changed, 133 insertions(+)
diff --git a/meta/lib/oeqa/selftest/cases/devtool.py
b/meta/lib/oeqa/selftest/cases/devtool.py
index a2b77e528de..21644ef7bc2 100644
--- a/meta/lib/oeqa/
Signed-off-by: Adrian Freihofer
---
documentation/sdk-manual/extensible.rst | 97 -
1 file changed, 96 insertions(+), 1 deletion(-)
diff --git a/documentation/sdk-manual/extensible.rst
b/documentation/sdk-manual/extensible.rst
index 9e08e57a4e7..d05d4e36aa7 100644
--- a/
Signed-off-by: Adrian Freihofer
---
meta/classes-global/staging.bbclass | 3 ++-
meta/lib/oe/package.py | 4 ++--
2 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/meta/classes-global/staging.bbclass
b/meta/classes-global/staging.bbclass
index 3a300c32e7c..7f4075a5f6e 1
Define the CMAKE_CROSSCOMPILING_EMULATOR variable similar to what the
meson bbclass does. This allows for example to execute cross compilied
unit tests on the build machine.
CMAKE_CROSSCOMPILING_EMULATOR is a semi colon separated list of
paramters which could directly handle the -L and the -E para
Instead of calling devtool deploy-target which starts a bitbake server
to get some variables the previous refactoring allows to generate a
simple script which does no longer depend on variables from bitbake.
This is much faster.
---
scripts/lib/devtool/ide.py | 115 ++--
Signed-off-by: Adrian Freihofer
---
scripts/lib/devtool/__init__.py | 5 +-
scripts/lib/devtool/deploy.py | 230 +---
2 files changed, 124 insertions(+), 111 deletions(-)
diff --git a/scripts/lib/devtool/__init__.py b/scripts/lib/devtool/__init__.py
index 702db669
Signed-off-by: Adrian Freihofer
---
meta-selftest/recipes-test/cpp/cmake-example.bb | 6 ++
1 file changed, 6 insertions(+)
diff --git a/meta-selftest/recipes-test/cpp/cmake-example.bb
b/meta-selftest/recipes-test/cpp/cmake-example.bb
index 96d543180b4..fbf1f266721 100644
--- a/meta-selftes
Signed-off-by: Adrian Freihofer
---
meta/lib/oe/package.py | 5 +++--
meta/lib/oe/utils.py | 12 +---
2 files changed, 12 insertions(+), 5 deletions(-)
diff --git a/meta/lib/oe/package.py b/meta/lib/oe/package.py
index 9d70925b9b7..ffca7559ba7 100644
--- a/meta/lib/oe/package.py
+++ b
This simple C++ project supports compilation with cmake and with meson.
It's supposed to be used with oe-selftest for the devtool ide plugin.
Signed-off-by: Adrian Freihofer
---
meta-selftest/recipes-test/cpp/.gitignore | 1 +
.../recipes-test/cpp/cmake-example.bb | 17 ++
.../r
The new devtool ide plugin configures an IDE to work with the eSDK.
With this initial implementation VSCode is the default IDE.
The plugin works for recipes inheriting the cmake or the meson bbclass.
Support for more programming languages and build tools may be added in
the future.
Using the plug
Make the details of the cmake configure arguments available to
d.getVar(). This allows to share them with devtool via tinfoil.
Signed-off-by: Adrian Freihofer
---
meta/classes-recipe/cmake.bbclass | 43 +--
1 file changed, 24 insertions(+), 19 deletions(-)
diff --git
Signed-off-by: Adrian Freihofer
---
meta/classes-recipe/cmake.bbclass | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/meta/classes-recipe/cmake.bbclass
b/meta/classes-recipe/cmake.bbclass
index 7c40df4cdbf..c63b0a80b18 100644
--- a/meta/classes-recipe/cmake.bbclass
+++
Changes in comparison to v3:
- Add workspace/attic fodler to vscode ignore lists.
Changes in comparison to v2:
- Fix the oe-selftests to run on a mchine without vscode installed
According to
https://www.yoctoproject.org/community/yocto-project-engineering-request-for-quotation/
one of the propo
It is essential to configure VSCode indexer plugins to ignore the build
folder of bitbake. Otherwise, the indexer plugins run with 100% CPU load
until an OOM exception occurs. In practice, this makes VSCode more or
less unusable for working with Yocto until a file like the one added by
this commit
By default, /var/lib is bind mounted on /var/volatile/lib. If this is
the case, the recipe adds conditions on systemd-random-seed in the
service file mounting it. But as the VOLATILE_BINDS may be modified,
/var/lib may be mounted elsewhere, for example in /persistent/var/lib.
In this case, the cond
The mount-copybind script will create the parent directory of the bind
mount if it does not exist. But actually, if this is the case, the
service will not even start because of the ConditionPathIsReadWrite.
This patch adds a "or" condition to allow the service to start also if
the parent directory
Signed-off-by: Khem Raj
---
meta/recipes-devtools/qemu/qemu.inc | 1 +
...w-nvme-fix-null-pointer-access-in-di.patch | 39 +++
2 files changed, 40 insertions(+)
create mode 100644
meta/recipes-devtools/qemu/qemu/0001-CVE-2023-40360-hw-nvme-fix-null-pointer-access-in-d
Signed-off-by: Khem Raj
---
meta/recipes-connectivity/inetutils/inetutils_2.4.bb | 7 +++
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/meta/recipes-connectivity/inetutils/inetutils_2.4.bb
b/meta/recipes-connectivity/inetutils/inetutils_2.4.bb
index 19fc3bfde68..85e9f642b30 1
Signed-off-by: Khem Raj
---
...tpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch | 279 ++
...03-Indent-changes-in-previous-commit.patch | 253
.../inetutils/inetutils_2.4.bb| 2 +
3 files changed, 534 insertions(+)
create mode 100644
meta/recipes-con
Branch: mickledore
New this week: 10 CVEs
CVE-2014-1737 (CVSS3: N/A): linux-yocto
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1737 *
CVE-2014-3153 (CVSS3: N/A): linux-yocto
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3153 *
CVE-2014-3534 (CVSS3: N/A): linux-yocto
htt
On Sat, Aug 26, 2023 at 10:08 PM Weihmann, Konrad (Avnet Embedded)
wrote:
>
> Hi all,
>
>
>
> this mentioned patch is needed to fix the currently broken Yocto 4.0.12
> release.
>
> This there a plan to issue a hotfix tag release, or will this be part of the
> next 4.0.13 in roughly 6 weeks?
The
Branch: kirkstone
New this week: 22 CVEs
CVE-2020-22218 (CVSS3: 7.5 HIGH): libssh2:libssh2-native
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-22218 *
CVE-2020-22219 (CVSS3: 9.8 CRITICAL): flac
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-22219 *
CVE-2021-32292 (CVSS3:
Branch: dunfell
New this week: 26 CVEs
CVE-2020-21686 (CVSS3: 5.5 MEDIUM): nasm:nasm-native
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-21686 *
CVE-2020-22219 (CVSS3: 9.8 CRITICAL): flac
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-22219 *
CVE-2021-32292 (CVSS3: 9.8 CR
Branch: master
New this week: 4 CVEs
CVE-2023-28736 (CVSS3: 6.7 MEDIUM): mdadm
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-28736 *
CVE-2023-28938 (CVSS3: 4.4 MEDIUM): mdadm
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-28938 *
CVE-2023-40303 (CVSS3: 7.8 HIGH): inetutils
From: Max Krummenacher
This reverts commit d1d09bd4d7be88f0e341d5fccbfbefeb98d4b727.
The commit not only removes the dependencies on the cross compiler
but also does not depend on e.g. virtual/${TARGET_PREFIX}compilerlibs
and virtual/libc which in turn makes the file-rdeps qa check fail
if insta
From: Max Krummenacher
Hi
With commit d1d09bd4d7 ("bin_package.bbclass: Inhibit the default
dependencies") applied I'm getting a lot of these errors, i.e. qa
does miss libc and compiler provided libs:
ERROR: ti-img-rogue-umlibs-23.1.6404501-r2 do_package_qa: QA Issue:
/usr/lib/libusc.so.23.1.6
48 matches
Mail list logo
