Add zstd LTO support for target and nativesdk compiler.
This also brings gcc into sync with gcc-cross.
% x86_64-oe-linux-gcc -v
[...]
Supported LTO compression algorithms: zlib zstd
gcc version 12.2.0 (GCC)
% x86_64-oesdk-linux-gcc -v
[...]
Supported LTO compression algorithms: zlib
gcc versio
From: Ryan Eatmon
The latest 6.5 kernels do not appear to create the source file in
${D}${nonarch_base_libdir}/modules/${KERNEL_VERSION}/source so the
recipe errors out when trying to remove it. Simple fix is to add the
-f (force) flag to the call.
(From OE-Core rev: 2e669bf797b15d803e7d6a700e4
From: Jaeyoon Jung
Variable overrides in KCONFIG_CONFIG_COMMAND do not work as expected due
to double quote mismatches. The issue is reproducible in an environment
where gold is the default linker. Below is an example snippet of
run.do_terminal generated by do_menuconfig.
do_terminal() {
exec sh
From: Lee Chee Yang
Notes for BIND 9.18.19
Security Fixes
Previously, sending a specially crafted message over the control channel
could cause the packet-parsing code to run out of available stack
memory, causing named to terminate unexpectedly. This has been fixed.
(CVE-2023-3341)
ISC would lik
From: Narpat Mali
The delta between 3.1.32 & 3.1.37 contains the CVE-2023-40590 and
CVE-2023-41040 fixes and other bugfixes.
Changelog:
==
- WIP Quick doc by @LeoDaCoda in #1608
- Partial clean up wrt mypy and black by @bodograumann in #1617
- Disable merge_includes in config writers by
From: Colin McAllister
Add patch from libwebp 1.2.4 to fix CVE-2023-5129
Signed-off-by: Colin McAllister
Signed-off-by: Steve Sakoman
---
.../webp/files/CVE-2023-5129.patch| 364 ++
meta/recipes-multimedia/webp/libwebp_1.2.4.bb | 1 +
2 files changed, 365 inserti
From: Peter Marko
https://github.com/openssl/openssl/blob/openssl-3.0/NEWS.md#major-changes-between-openssl-3010-and-openssl-3011-19-sep-2023
Major changes between OpenSSL 3.0.10 and OpenSSL 3.0.11 [19 Sep 2023]
* Fix POLY1305 MAC implementation corrupting XMM registers on Windows
(CVE-2023-4807
From: Yogita Urade
A type confusion issue was addressed with improved checks.
This issue is fixed in iOS 16.5.1 and iPadOS 16.5.1, Safari
16.5.1, macOS Ventura 13.4.1, iOS 15.7.7 and iPadOS 15.7.7.
Processing maliciously crafted web content may lead to
arbitrary code execution. Apple is aware of
From: Lee Chee Yang
Signed-off-by: Lee Chee Yang
Signed-off-by: Steve Sakoman
---
meta/recipes-extended/cups/cups.inc | 1 +
.../cups/cups/CVE-2023-4504.patch | 42 +++
2 files changed, 43 insertions(+)
create mode 100644 meta/recipes-extended/cups/cups/
From: Ross Burton
(cherry-pick from commit 769576f36aac9652525beec5c7e8a4d26632b844 )
Signed-off-by: Ross Burton
Signed-off-by: Alexandre Belloni
Signed-off-by: Lee Chee Yang
Signed-off-by: Steve Sakoman
---
meta/recipes-graphics/xorg-xserver/xserver-xorg.inc | 2 ++
1 file changed, 2 inser
From: Meenali Gupta
Backport two patches [1] [2] to fix CVE-2023-36617
Signed-off-by: Meenali Gupta
Signed-off-by: Steve Sakoman
---
.../ruby/ruby/CVE-2023-36617_1.patch | 52 +++
.../ruby/ruby/CVE-2023-36617_2.patch | 47 +
meta/recipes-devto
From: Archana Polampalli
gst-plugins-bad: Integer overflow leading to heap overwrite in MXF file
handling with AES3 audio
Signed-off-by: Archana Polampalli
Signed-off-by: Steve Sakoman
---
.../CVE-2023-40475.patch | 49 +++
.../gstreamer1.0-plugins-bad_1.
From: Siddharth Doshi
Upstream-Status: Backport from
[https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c]
CVE: CVE-2023-39318
Signed-off-by: Siddharth Doshi
Signed-off-by: Steve Sakoman
---
meta/recipes-devtools/go/go-1.17.13.inc | 1 +
.../go/go-1.21/CVE-202
From: Archana Polampalli
gst-plugins-bad: h265parser: Fix possible overflow using max_sub_layers_minus1
Signed-off-by: Archana Polampalli
Signed-off-by: Steve Sakoman
---
.../CVE-2023-40476.patch | 44 +++
.../gstreamer1.0-plugins-bad_1.20.7.bb| 1
From: Archana Polampalli
gst-plugins-bad: Heap-based buffer overflow in the MXF file demuxer when
handling
malformed files with uncompressed video in GStreamer versions before 1.22.6
Signed-off-by: Archana Polampalli
Signed-off-by: Steve Sakoman
---
.../CVE-2023-40474.patch
From: Archana Polampalli
In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote
code execution via crafted PostScript documents because they can switch to the
IJS device, or change the IjsServer parameter, after SAFER has been activated.
NOTE: it is a documented risk tha
Please review this set of changes for kirkstone and have comments back by
end of day Friday, September 29
Passed a-full on autobuilder (other than a known send-qa-email issue):
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5956
The following changes since commit d90e4d5e3cca
From: Soumya Sambu
shadow-utils: possible password leak during passwd(1) change
Signed-off-by: Soumya Sambu
Signed-off-by: Steve Sakoman
---
.../shadow/files/CVE-2023-4641-0001.patch | 36 +
.../shadow/files/CVE-2023-4641-0002.patch | 147 ++
meta/recipes-extended
From: Robert Joslyn
Some tests can fail intermittently and upstream has marked these as
flaky so they can easily be skipped. At present there are 12 tests
marked flaky with 10 of them running in the default recipe
configuration. Skip them to avoid the failures.
Signed-off-by: Robert Joslyn
---
This reverts commit 82dfa7b8ac5661134da21307d07d9ea2ed3ac6ea.
Its already included in the glibc minor update patch
Signed-off-by: Khem Raj
---
.../glibc/glibc/0024-CVE-2023-4527.patch | 219 --
meta/recipes-core/glibc/glibc_2.38.bb | 1 -
2 files changed, 220 dele
Please rebase this change on top of latest master, seeing patching issues see
https://errors.yoctoproject.org/Errors/Details/738684/
On Wed, Sep 27, 2023 at 3:14 AM Hemraj, Deepthi via
lists.openembedded.org
wrote:
>
> Below commits on glibc-2.38 stable branch are updated.
> 0e1ef6779a (HEAD -> r
On Wed, 2023-09-27 at 14:47 +0200, Julien Stephan wrote:
> Le mer. 27 sept. 2023 à 12:16, Alexandre Belloni
> a écrit :
> >
> > Hello,
> >
> > I had a build were all the tests passed, then I had this failure:
> >
> > https://autobuilder.yoctoproject.org/typhoon/#/builders/86/builds/5812/steps/1
On 2023-09-27 3:52 p.m., Alexandre Belloni via lists.openembedded.org wrote:
Randy,
Can you please ensure everyone at Windriver that will contribute to YP
has setup their from identity? This is described here:
https://docs.yoctoproject.org/dev/contributor-guide/submit-changes.html#fixing-your-f
From: Peter Marko
Recently NVD updated all CVEs for json-c and old fixed
cves are reported in some older yocto branches.
NVD match clause now includes full tag name including
date which is "greater" than tag without additional numbers.
Define CVE_VERSION identical to full tag also on master to
a
From: Peter Marko
Recently NVD updated all CVEs for json-c and old fixed
CVE-2020-12762 is reported by cve_check now.
NVD match clause now includes full tag name including
date which is "greater" than tag without additional numbers.
Fix it by defining CVE_VERSION identical to full tag.
Put it cl
On Wed, 2023-09-27 at 18:50 +0200, Julien Stephan wrote:
> [YOCTO #15162]
>
> When recipes such as bzip2 have several sources in SRC_URI, all the
> sources are correctly extracted into devtool temporary workdir, but
> currently, we only get back the primary source and all files declared
> using "f
The test results repository contains tags like:
master/64501-g65c94ca3196e5ef3344a469fea8e30444f2e967a/0
master/1-g65c94ca3196e5ef3344a469fea8e30444f2e967a/3
master/1-g65c94ca3196e5ef3344a469fea8e30444f2e967a/2
master/1-g65c94ca3196e5ef3344a469fea8e30444f2e967a/1
master/1-g65c94ca3196e5ef3344a469f
Randy,
Can you please ensure everyone at Windriver that will contribute to YP
has setup their from identity? This is described here:
https://docs.yoctoproject.org/dev/contributor-guide/submit-changes.html#fixing-your-from-identity
Thanks!
On 27/09/2023 03:46:59-0700, Hemraj, Deepthi via lists.o
* needed on hosts with gcc-13 for ccache-native
Signed-off-by: Martin Jansa
---
...x-FTBFS-with-not-yet-released-GCC-13.patch | 92 +++
meta/recipes-devtools/ccache/ccache_4.6.bb| 4 +-
2 files changed, 95 insertions(+), 1 deletion(-)
create mode 100644
meta/recipes-devtoo
Gentle ping.
The other patch of the series was rejected but imho this one is useful as
it improves the error reporting.
Jose
Jose Quaresma via lists.openembedded.org escreveu no dia quinta, 13/07/2023 à(s)
12:03:
> Also remove the warning than doesn't make sense as the code will generate
> an
> -Original Message-
> From: openembedded-core@lists.openembedded.org
> On Behalf Of Sean Nyekjaer
> Sent: den 27 september 2023 14:58
> To: openembedded-core@lists.openembedded.org
> Cc: Sean Nyekjaer ; kas...@krinvent.dk
> Subject: [OE-core][PATCH v2] gcc: depend on zstd
>
> Add zstd L
On Wed, 27 Sept 2023, 12:05 Reyna, David, wrote:
> Hi Marta!
>
> > What about 11am Pacific on tomorrow (28 Sept or Oct 3)?
>
> Let us aim for October 3 so that I can prepare a full demo..
>
> > I think that you have meant 10am to 2PM, otherwise 1am Pacific would
> work very well for me too
>
> I
[YOCTO #15162]
When recipes such as bzip2 have several sources in SRC_URI, all the
sources are correctly extracted into devtool temporary workdir, but
currently, we only get back the primary source and all files declared
using "files://", then the devtool temporary workdir is deleted
Fix this by
Add patch from libwebp 1.1.0 to fix CVE-2023-5129.
Signed-off-by: Colin McAllister
---
.../webp/files/CVE-2023-5129.patch| 364 ++
meta/recipes-multimedia/webp/libwebp_1.1.0.bb | 1 +
2 files changed, 365 insertions(+)
create mode 100644 meta/recipes-multimedia/web
Add patch for Libwebp 1.3.1 to fix CVE-2023-5129.
Signed-off-by: Colin McAllister
---
.../webp/files/CVE-2023-5129.patch| 364 ++
meta/recipes-multimedia/webp/libwebp_1.3.1.bb | 4 +-
2 files changed, 367 insertions(+), 1 deletion(-)
create mode 100644 meta/recipes
Add patch from libwebp 1.2.4 to fix CVE-2023-5129
Signed-off-by: Colin McAllister
---
.../webp/files/CVE-2023-5129.patch| 364 ++
meta/recipes-multimedia/webp/libwebp_1.2.4.bb | 1 +
2 files changed, 365 insertions(+)
create mode 100644 meta/recipes-multimedia/webp
On Wed, Sep 27, 2023 at 9:34 AM Lukas Funke
wrote:
> On 10.09.2023 23:26, Martin Jansa wrote:
> > On Sun, Mar 12, 2023 at 10:15 AM Martin Jansa via lists.openembedded.org
> > wrote:
> >
> >> On Tue, Jan 3, 2023 at 5:03 PM Lukas Funke <
> >> lukas.funke-...@weidmueller.com> wrote:
> >>
> >>> Mart
Signed-off-by: Ashish Sharma
---
.../mdadm/files/CVE-2023-28736.patch | 77 +++
meta/recipes-extended/mdadm/mdadm_4.1.bb | 1 +
2 files changed, 78 insertions(+)
create mode 100644 meta/recipes-extended/mdadm/files/CVE-2023-28736.patch
diff --git a/meta/recipes-ex
Machines that have added subdirectires to the KERNEL_DEVICETREE
recently, such as arm32 boards that were moved under subdirectories in
Linux 6.5, will have that subdirectory in the node name of the FIT. This
breaks existing systems that select a configuration in u-boot by it's
name.
Strip off the
-Original Message-
From: openembedded-core@lists.openembedded.org
On Behalf Of Peter Marko via
lists.openembedded.org
Sent: Wednesday, September 27, 2023 16:21
To: soumya.sa...@windriver.com
Cc: openembedded-core@lists.openembedded.org
Subject: Re: [OE-core][kirkstone][PATCH 1/1] glibc:
Sure, will send v2.
Regards,
Soumya
From: Marko, Peter
Sent: Wednesday, September 27, 2023 7:50 PM
To: Sambu, Soumya
Cc: openembedded-core@lists.openembedded.org
Subject: RE: [OE-core][kirkstone][PATCH 1/1] glibc: Update to latest on stable
2.35 branch
CAUTI
-Original Message-
From: openembedded-core@lists.openembedded.org
On Behalf Of Soumya via
lists.openembedded.org
Sent: Wednesday, September 27, 2023 9:46
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone][PATCH 1/1] glibc: Update to latest on stable 2.35
branch
On Wed, 2023-09-27 at 06:07 -0700, JD Schroeder wrote:
> On Tue, Sep 12, 2023 at 06:03 AM, Ross Burton wrote:
> > On 1 Sep 2023, at 11:03, Alexandre Belloni via
> > lists.openembedded.org
> > wrote:
> > >
> > > Hello,
> > >
> > > This fails on the autobuilders:
> > >
> > > https://autobuilder.y
On Tue, Sep 26, 2023 at 2:22 PM Colin McAllister wrote:
>
> Add patch from libwebp 1.1.0 to fix CVE-2023-5129.
>
> Signed-off-by: Colin McAllister
> ---
> .../webp/files/CVE-2023-5129.patch| 364 ++
> meta/recipes-multimedia/webp/libwebp_1.1.0.bb | 1 +
> 2 files ch
On Tue, Sep 26, 2023 at 1:46 PM Colin McAllister wrote:
>
> Add patch for Libwebp 1.3.1 to fix CVE-2023-5129.
>
> Signed-off-by: Colin McAllister
> ---
> .../webp/files/CVE-2023-5129.patch| 364 ++
> meta/recipes-multimedia/webp/libwebp_1.3.1.bb | 4 +-
> 2 files ch
On Tue, Sep 26, 2023 at 2:25 PM Colin McAllister wrote:
>
> Add patch from libwebp 1.2.4 to fix CVE-2023-5129
>
> Signed-off-by: Colin McAllister
> ---
> .../webp/files/CVE-2023-5129.patch| 364 ++
> meta/recipes-multimedia/webp/libwebp_1.2.4.bb | 1 +
> 2 files cha
On 9/26/23 8:51 PM, Khem Raj wrote:
On Tue, Sep 26, 2023 at 7:55 PM Robert Joslyn
wrote:
On 9/26/23 7:55 AM, Khem Raj wrote:
I am seeing a ptest failure on qemx86-64/glibc
Failed ptests:
{'curl': ['test_1474', 'curl']}
In looking at the test, it is marked as flaky with the comment:
On 10.09.2023 23:26, Martin Jansa wrote:
On Sun, Mar 12, 2023 at 10:15 AM Martin Jansa via lists.openembedded.org
wrote:
On Tue, Jan 3, 2023 at 5:03 PM Lukas Funke <
lukas.funke-...@weidmueller.com> wrote:
Martin,
first of all: thank you for testing the patches. As usual the corner
cases ar
On Tue, Sep 12, 2023 at 06:03 AM, Ross Burton wrote:
>
> On 1 Sep 2023, at 11:03, Alexandre Belloni via lists.openembedded.org
> wrote:
>
>>
>> Hello,
>>
>> This fails on the autobuilders:
>>
>> https://autobuilder.yoctoproject.org/typhoon/#/builders/117/builds/3449/steps/12/logs/stdio
>>
>
On 27/09/2023 15:02:00+0200, Julien Stephan wrote:
> Le mer. 27 sept. 2023 à 14:59, Alexander Kanavin
> a écrit :
> >
> > You need to scroll up. The failure is in lines 557 to 609.
>
> Hmm stange ctrl-f didn't work. I can see it now. Thank you, I'll look at it
>
By default the log is not fully
Le mer. 27 sept. 2023 à 14:59, Alexander Kanavin
a écrit :
>
> You need to scroll up. The failure is in lines 557 to 609.
Hmm stange ctrl-f didn't work. I can see it now. Thank you, I'll look at it
Julien
>
> Alex
>
>
> On Wed, 27 Sept 2023 at 14:48, Julien Stephan wrote:
> >
> > Le mer. 27 sep
You need to scroll up. The failure is in lines 557 to 609.
Alex
On Wed, 27 Sept 2023 at 14:48, Julien Stephan wrote:
>
> Le mer. 27 sept. 2023 à 12:16, Alexandre Belloni
> a écrit :
> >
> > Hello,
> >
> > I had a build were all the tests passed, then I had this failure:
> >
> > https://autobui
On 27/09/2023 14:47:57+0200, Julien Stephan wrote:
> Le mer. 27 sept. 2023 à 12:16, Alexandre Belloni
> a écrit :
> >
> > Hello,
> >
> > I had a build were all the tests passed, then I had this failure:
> >
> > https://autobuilder.yoctoproject.org/typhoon/#/builders/86/builds/5812/steps/14/logs/st
Add zstd LTO support for target and nativesdk compiler.
This also brings gcc into sync with gcc-cross.
---
% x86_64-oe-linux-gcc -v
[...]
Supported LTO compression algorithms: zlib zstd
gcc version 12.2.0 (GCC)
% x86_64-oesdk-linux-gcc -v
[...]
Supported LTO compression algorithms: zlib
gcc ve
Le mer. 27 sept. 2023 à 12:16, Alexandre Belloni
a écrit :
>
> Hello,
>
> I had a build were all the tests passed, then I had this failure:
>
> https://autobuilder.yoctoproject.org/typhoon/#/builders/86/builds/5812/steps/14/logs/stdio
>
Hi Alexandre,
I only see
bblock.BBLock.test_lock_single_
From: Lee Chee Yang
Notes for BIND 9.18.19
Security Fixes
Previously, sending a specially crafted message over the control channel
could cause the packet-parsing code to run out of available stack
memory, causing named to terminate unexpectedly. This has been fixed.
(CVE-2023-3341)
ISC would lik
From: Lee Chee Yang
Signed-off-by: Lee Chee Yang
---
meta/recipes-extended/cups/cups.inc | 1 +
.../cups/cups/CVE-2023-4504.patch | 42 +++
2 files changed, 43 insertions(+)
create mode 100644 meta/recipes-extended/cups/cups/CVE-2023-4504.patch
diff --gi
From: Ross Burton
(cherry-pick from commit 769576f36aac9652525beec5c7e8a4d26632b844 )
Signed-off-by: Ross Burton
Signed-off-by: Alexandre Belloni
Signed-off-by: Lee Chee Yang
---
meta/recipes-graphics/xorg-xserver/xserver-xorg.inc | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/re
On Wed, 2023-09-27 at 13:22 +0200, Sean Nyekjaer wrote:
>
> > On 27 Sep 2023, at 13.17, Richard Purdie
> > wrote:
> >
> > On Wed, 2023-09-27 at 12:49 +0200, Sean Nyekjaer wrote:
> > > Add zstd LTO support for the nativesdk compiler.
> >
> > This is changing it for the target compiler as well?
> On 27 Sep 2023, at 13.17, Richard Purdie
> wrote:
>
> On Wed, 2023-09-27 at 12:49 +0200, Sean Nyekjaer wrote:
>> Add zstd LTO support for the nativesdk compiler.
>
> This is changing it for the target compiler as well?
>
> Perhaps also mention it brings it into sync with gcc-cross (assumi
On Wed, 2023-09-27 at 12:49 +0200, Sean Nyekjaer wrote:
> Add zstd LTO support for the nativesdk compiler.
This is changing it for the target compiler as well?
Perhaps also mention it brings it into sync with gcc-cross (assuming it
does?).
Cheers,
Richard
-=-=-=-=-=-=-=-=-=-=-=-
Links: You r
Regression testing is done and below are the test results.
Before glibc update
Summary of test results:
213 FAIL
4805 PASS
16 XFAIL
4 XPASS
218 UNSUPPORTED
After glibc update
Summary of test results:
216 FAIL
4805 PASS
16 XFAIL
4 XPASS
218 UNSUPPORTED
*These are the newly added test cases*
PASS:
Regression testing is done and no regressions found.
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188305):
https://lists.openembedded.org/g/openembedded-core/message/188305
Mute This Topic: https://lists.openembedded.org/mt/101614741/21656
Group
Below commits on binutils-2.41 stable branch are updated.
cb4c3555ac4 (HEAD -> binutils-2_41-branch, origin/binutils-2_41-branch)
Automatic date update in version.in
6ffa5a420a0 aarch64: Remove unused function
b6f6a3ecd15 x86: restrict prefix use with .insn VEX/XOP/EVEX
60834ae1eb7 PR30794, PowerP
From: Lee Chee Yang
Signed-off-by: Lee Chee Yang
---
meta/recipes-extended/cups/cups.inc | 1 +
.../cups/cups/CVE-2023-4504.patch | 42 +++
2 files changed, 43 insertions(+)
create mode 100644 meta/recipes-extended/cups/cups/CVE-2023-4504.patch
diff --gi
Add zstd LTO support for the nativesdk compiler.
---
% x86_64-oe-linux-gcc -v
[...]
Supported LTO compression algorithms: zlib zstd
gcc version 12.2.0 (GCC)
% x86_64-oesdk-linux-gcc -v
[...]
Supported LTO compression algorithms: zlib
gcc version 12.2.0 (GCC)
---
Signed-off-by: Sean Nyekjaer
* e.g. mozjs from meta-oe contains major version from PV in the script name
but currently cannot use a variable there because it would be unexpanded
in the varflag name as shown in bitbake -e (lib32-curl included for
comparison)
env.lib32-curl:# $ALTERNATIVE_TARGET [2 operations]
env.lib32-cu
Below commits on glibc-2.38 stable branch are updated.
0e1ef6779a (HEAD -> release/2.38/master, origin/release/2.38/master)
manual/jobs.texi: Add missing @item EPERM for getpgid
d94461bb86 string: Fix tester build with fortify enable with gcc < 12
63250e9c57 iconv: restore verbosity with unrecogni
Regression testing with binutils testing is performed and no regressions found
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188299):
https://lists.openembedded.org/g/openembedded-core/message/188299
Mute This Topic: https://lists.openembedded.org
Below commits on binutils-2.41 stable branch are updated.
cb4c3555ac4 (HEAD -> binutils-2_41-branch, origin/binutils-2_41-branch)
Automatic date update in version.in
6ffa5a420a0 aarch64: Remove unused function
b6f6a3ecd15 x86: restrict prefix use with .insn VEX/XOP/EVEX
60834ae1eb7 PR30794, PowerP
Hello,
I had a build were all the tests passed, then I had this failure:
https://autobuilder.yoctoproject.org/typhoon/#/builders/86/builds/5812/steps/14/logs/stdio
On 25/09/2023 10:04:47+0200, Julien Stephan wrote:
> Hi all,
>
> This is v5 for bblock script.
>
> Improvement from v4:
> * Fix se
Below commits on glibc-2.38 stable branch are updated.
0e1ef6779a (HEAD -> release/2.38/master, origin/release/2.38/master)
manual/jobs.texi: Add missing @item EPERM for getpgid
d94461bb86 string: Fix tester build with fortify enable with gcc < 12
63250e9c57 iconv: restore verbosity with unrecogni
Hi Marta!
> What about 11am Pacific on tomorrow (28 Sept or Oct 3)?
Let us aim for October 3 so that I can prepare a full demo..
> I think that you have meant 10am to 2PM, otherwise 1am Pacific would work
> very well for me too
I actually did mean 2:00 am Pacific. I do work with our India te
From: Soumya Sambu
Adresses CVE-2023-4813, CVE-2023-4806
These are the complete list of changes this brings
* 73d4ce728a Document CVE-2023-4806 and CVE-2023-5156 in NEWS
* 17092c0311 Fix leak in getaddrinfo introduced by the fix for CVE-2023-4806
[BZ #30843]*
* 762a747fae io: Fix record lockin
Hi David,
Thank you very much for the description and the offer to get a demo.
As discussed yesterday in the call, there are some other people who
seem interested.
> PROPOSAL 1: If the full triage is too much to bite off to start with, perhaps
> using it to track and coordinate work will bring im
From: Chen Qi
https://nvd.nist.gov/vuln/detail/CVE-2023-33595 uses 'cpython'.
Although it's currently the only one that uses cpython, let's add
cpython to CVE_PRODUCT, just in case.
Signed-off-by: Chen Qi
---
meta/recipes-devtools/python/python3_3.11.5.bb | 2 +-
1 file changed, 1 insertion(+)
76 matches
Mail list logo
