From: Bruce Ashfield
Updating to the latest korg -stable release that comprises
the following commits:
a140610d8aff Linux 5.4.257
42900fd140c8 net/sched: Retire rsvp classifier
b3637835ac99 drm/amdgpu: fix amdgpu_cs_p1_user_fence
650ebbba5c15 mtd: rawnand: brcmnand: Fix ECC leve
From: Bruce Ashfield
Updating to the latest korg -stable release that comprises
the following commits:
0c2544add9fc Linux 5.4.256
1ba96e65ef4c Revert "MIPS: Alchemy: fix dbdma2"
94aef0fe5a82 powerpc/pmac/smp: Drop unnecessary volatile qualifier
b29a10fd0734 powerpc/pmac/smp: Avo
From: Bruce Ashfield
Updating to the latest korg -stable release that comprises
the following commits:
fd2a1d1f32ea Linux 5.4.254
e7711f15ed6b sch_netem: fix issues in netem_change() vs get_dist_table()
3c3ffd6a3cf7 alpha: remove __init annotation from exported page_is_ram()
e12
From: Bruce Ashfield
Updating to the latest korg -stable release that comprises
the following commits:
21732fd22497 Linux 5.4.252
9399ea1ce481 x86: fix backwards merge of GDS/SRSO bit
bc7b9a6c2ca4 xen/netback: Fix buffer overrun triggered by unusual packet
43ed6f79b3e7 x86/cpu,
From: Alexander Kanavin
Use autotools-brokensep as new version needs that.
upgrade include fix for CVE-2020-21686 and CVE-2022-29654
(cherry picked from commit c9c724ffa36757b56e70bc8d7b880c0c5777b153)
Signed-off-by: Alexander Kanavin
Signed-off-by: Richard Purdie
Signed-off-by: Lee Chee Yan
From: Lee Chee Yang
https://docs.python.org/release/3.8.18/whatsnew/changelog.html#changelog
Release date: 2023-08-24
Security
gh-108310: Fixed an issue where instances of ssl.SSLSocket were
vulnerable to a bypass of the TLS handshake and included protections
(like certificate verification) and
From: Siddharth Doshi
Upstream-Status: Backport from
[https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c]
CVE: CVE-2023-39318
Upstream-Status: Backport from
[https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5]
CVE: CVE-2023-39319
Signed-off-by
From: Lee Chee Yang
Signed-off-by: Lee Chee Yang
Signed-off-by: Steve Sakoman
---
meta/recipes-devtools/qemu/qemu.inc | 1 +
.../qemu/qemu/CVE-2020-24165.patch| 94 +++
2 files changed, 95 insertions(+)
create mode 100644 meta/recipes-devtools/qemu/qemu/
From: Vijay Anusuri
Artifex Ghostscript through 10.01.2 mishandles permission validation for
pipe devices (with the %pipe% prefix or the | pipe character prefix).
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2023-36664
Upstream commits:
https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=
From: Lee Chee Yang
Signed-off-by: Lee Chee Yang
Signed-off-by: Steve Sakoman
---
.../xorg-lib/libxpm/CVE-2022-46285.patch | 40 +++
.../xorg-lib/libxpm_3.5.13.bb | 2 +
2 files changed, 42 insertions(+)
create mode 100644 meta/recipes-graphics/xorg-lib/l
From: Archana Polampalli
NASM v2.16 was discovered to contain a heap buffer overflow in the
component quote_for_pmake() asm/nasm.c:856
References:
https://nvd.nist.gov/vuln/detail/CVE-2022-44370
Upstream patches:
https://github.com/netwide-assembler/nasm/commit/2d4e6952417ec6f08b6f135d2b5d0e19b
From: Colin McAllister
Add patch from libwebp 1.1.0 to fix CVE-2023-5129.
Signed-off-by: Colin McAllister
Signed-off-by: Steve Sakoman
---
.../webp/files/CVE-2023-5129.patch| 364 ++
meta/recipes-multimedia/webp/libwebp_1.1.0.bb | 1 +
2 files changed, 365 insert
From: Ashish Sharma
Signed-off-by: Ashish Sharma
Signed-off-by: Steve Sakoman
---
.../mdadm/files/CVE-2023-28736.patch | 77 +++
meta/recipes-extended/mdadm/mdadm_4.1.bb | 1 +
2 files changed, 78 insertions(+)
create mode 100644 meta/recipes-extended/mdadm/file
Please review this set of changes for dunfell and have comments back by
end of day Tuesday, October 3
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5966
The following changes since commit a9d194f21a3bdebca8aaff204804a5fdc67c76d1:
vim: Upgrade
On Sat, 2023-09-30 at 13:05 -0400, Bruce Ashfield wrote:
> On Sat, Sep 30, 2023 at 12:58 PM Richard Purdie
> wrote:
> > On Sat, 2023-09-30 at 12:33 -0400, Bruce Ashfield wrote:
> > > On Sat, Sep 30, 2023 at 7:07 AM Richard Purdie
> > > wrote:
> > >
> > > >
> > > > I had some difficulties with t
On Sat, Sep 30, 2023 at 12:58 PM Richard Purdie <
richard.pur...@linuxfoundation.org> wrote:
> On Sat, 2023-09-30 at 12:33 -0400, Bruce Ashfield wrote:
> > On Sat, Sep 30, 2023 at 7:07 AM Richard Purdie
> > wrote:
> >
> > >
> > > I had some difficulties with this series since it doesn't apply
> >
On Sat, 2023-09-30 at 12:33 -0400, Bruce Ashfield wrote:
> On Sat, Sep 30, 2023 at 7:07 AM Richard Purdie
> wrote:
>
> >
> > I had some difficulties with this series since it doesn't apply
> > against
> > master. The issue was that someone else had updated the kernel CVEs
> > and
> > those chang
On Sat, Sep 30, 2023 at 7:07 AM Richard Purdie <
richard.pur...@linuxfoundation.org> wrote:
> Hi Bruce,
>
> On Fri, 2023-09-29 at 16:04 -0400, bruce.ashfi...@gmail.com wrote:
> > Given where we are in the release cycle, this clearly is NOT a typical
> > consolidated pull request.
> >
> > I've done
Le mer. 27 sept. 2023 à 23:17, Richard Purdie
a écrit :
>
> On Wed, 2023-09-27 at 14:47 +0200, Julien Stephan wrote:
> > Le mer. 27 sept. 2023 à 12:16, Alexandre Belloni
> > a écrit :
> > >
> > > Hello,
> > >
> > > I had a build were all the tests passed, then I had this failure:
> > >
> > > http
Hi all,
after watching "DEF CON 31 - Terminally Owned - 60 Years of Escaping - David
Leadbeater" [1] I wrote this recipe to test our message behavior.
SUMMARY = "Test escape sequences"
DESCRIPTION = "Test escape sequences"
LICENSE = "MIT"
python do_compile() {
bb.plain("\033[31;1;4mHello\03
Hi Bruce,
On Fri, 2023-09-29 at 16:04 -0400, bruce.ashfi...@gmail.com wrote:
> Given where we are in the release cycle, this clearly is NOT a typical
> consolidated pull request.
>
> I've done what normally takes about three weeks in about 4 days.
Thanks, I know this isn't where any of us wanted
Hello,
This series causes those rust.RustHostCompileTest.test_cargo_build failures:
https://autobuilder.yoctoproject.org/typhoon/#/builders/53/builds/7879/steps/13/logs/stdio
RustCompileTest class: SDK doesn't contain a Rust cross-canadian toolchain
RustCompileTest class: SDK doesn't contain a R
Le mer. 27 sept. 2023 à 22:36, Richard Purdie
a écrit :
>
> On Wed, 2023-09-27 at 18:50 +0200, Julien Stephan wrote:
> > [YOCTO #15162]
> >
> > When recipes such as bzip2 have several sources in SRC_URI, all the
> > sources are correctly extracted into devtool temporary workdir, but
> > currently,
23 matches
Mail list logo
