Reason:
CVE-2021-3947, issue introduced in v6.0.0-rc0
Reference:
https://security-tracker.debian.org/tracker/CVE-2021-3947
Dunfell utilizes qemu v4.2.0, Hence whitelisting the CVE.
Signed-off-by: poojitha adireddy
---
meta/recipes-devtools/qemu/qemu.inc | 3 +++
1 file changed, 3 insertions(+)
- enable tls by default to fix:
| hash.c:16:12: fatal error: gnutls/crypto.h: No such file or directory
|16 | # include
Changes in CUPS v2.4.7 (2023-09-20)
---
- CVE-2023-4504 - Fixed Heap-based buffer overflow when reading Postscript
in PPD files
- Added O
On Mon, Nov 13 2023 at 04:04:46 PM +00:00:00, Ross Burton
wrote:
That’s horrible, there’s a perfectly good way of specifying
DEPENDS in PACKAGECONFIGs.
The reason I did it this way is because bb.utils.contains cannot be
used in PACKAGECONFIGs depends field.
I know this conflict option and a
On Mon, Nov 13, 2023 at 5:55 AM Ross Burton wrote:
>
> On 12 Nov 2023, at 11:17, Steve Sakoman via lists.openembedded.org
> wrote:
> > New this week: 8 CVEs
>
> Such fun!
>
> I did some research and have included my notes below. Do we have any
> volunteers for the avahi patchbomb?
I think we
On 10 Nov 2023, at 19:37, Piotr Łobacz via lists.openembedded.org
wrote:
>
> By default curl is being configured with:
>
> --with-ca-bundle=${sysconfdir}/ssl/certs/ca-certificates.crt
>
> which causes an issue for native build, when calling
> curl-native command, as certificates file is missin
On 11 Nov 2023, at 10:30, Xiangyu Chen via lists.openembedded.org
wrote:
> Taken a patch from debain[1] that after sshd listening port, using a signal
> to tell systemd
> it is ready now.
It’s not Upstream-Status: Inappropriate, this is perfectly acceptable for
upstream.
In fact it’s been sub
On Mon, Nov 13, 2023 at 4:38 AM Trevor Gamblin wrote:
>
>
> On 2023-11-12 07:33, Patchtest wrote:
> > Thank you for your submission. Patchtest identified one
> > or more issues with the patch. Please see the log below for
> > more information:
> >
> > ---
> > Tests failed for the patch, but the re
On 12 Nov 2023, at 21:23, Markus Volk via lists.openembedded.org
wrote:
> -DEPENDS = "libpng jpeg dbus zlib libusb1"
> +DEPENDS = "libpng jpeg dbus zlib libusb1
> ${@bb.utils.contains('PACKAGECONFIG', 'gnutls', 'gnutls', 'openssl', d)}"
That’s horrible, there’s a perfectly good way of specifyin
Hi Steve,
I know ubuntu2204 has been causing concern for dunfell builds with vim
and reproducibility. Since I have a local ubuntu 22.04 machine I took a
look and sure enough, dunfell vim builds 'fail'.
The difference is that in one case, iconv runs during do_compile and in
the other it does not.
On Mon, Nov 13, 2023 at 4:35 AM Richard Purdie
wrote:
>
> On Mon, 2023-11-13 at 04:14 -1000, Steve Sakoman wrote:
> > On Mon, Nov 13, 2023 at 3:42 AM Richard Purdie
> > wrote:
> > >
> > > On Sat, 2023-11-11 at 05:03 -1000, Steve Sakoman wrote:
> > > > We are seeing reproducibility issues where gc
On 2023-11-12 07:33, Patchtest wrote:
Thank you for your submission. Patchtest identified one
or more issues with the patch. Please see the log below for
more information:
---
Tests failed for the patch, but the results log could not be processed due to
excessive result line length.
---
Hi,
On Mon, 2023-11-13 at 04:14 -1000, Steve Sakoman wrote:
> On Mon, Nov 13, 2023 at 3:42 AM Richard Purdie
> wrote:
> >
> > On Sat, 2023-11-11 at 05:03 -1000, Steve Sakoman wrote:
> > > We are seeing reproducibility issues where gcc-cross sometimes defaults
> > > to gnu11 and other times to gnu17.
Thank you for your submission. Patchtest identified one
or more issues with the patch. Please see the log below for
more information:
---
Testing patch
/home/patchtest/share/mboxes/v3-wic-rawcopy-add-support-for-zsdt-decompression.patch
FAIL: test Signed-off-by presence: Mbox is missing Signed-o
On Mon, Nov 13, 2023 at 3:42 AM Richard Purdie
wrote:
>
> On Sat, 2023-11-11 at 05:03 -1000, Steve Sakoman wrote:
> > We are seeing reproducibility issues where gcc-cross sometimes defaults
> > to gnu11 and other times to gnu17.
> >
> > Specify std=gnu17 rather than leave this to chance.
> >
> > S
From: Malte Schmidt
---
scripts/lib/wic/plugins/source/rawcopy.py | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/scripts/lib/wic/plugins/source/rawcopy.py
b/scripts/lib/wic/plugins/source/rawcopy.py
index 7c90cd3cf8..82d38fbb84 100644
--- a/scripts/lib/wic/plugins/source/
From: Stefan Herbrechtsmeier
Extract patches with all-zero hash in each patch header instead of the
hash of the commit to reduce changes during patch refresh.
Signed-off-by: Stefan Herbrechtsmeier
---
meta/lib/oe/patch.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta
From: Stefan Herbrechtsmeier
Extract patches without diffstats to reduce changes during patch
refresh.
Signed-off-by: Stefan Herbrechtsmeier
---
meta/lib/oe/patch.py | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/meta/lib/oe/patch.py b/meta/lib/oe/patch.py
index 4ec9caed
From: Lukas Funke
The patch series aims to reduce the noise in patches created by devtools. Some
diffs are just introduced due to an update in the hash or in the diffstats.
These changes are not important to a reviewer.
Stefan Herbrechtsmeier (2):
patch: extract patches without diffstats
pat
On 12 Nov 2023, at 11:17, Steve Sakoman via lists.openembedded.org
wrote:
> New this week: 8 CVEs
Such fun!
I did some research and have included my notes below. Do we have any
volunteers for the avahi patchbomb?
> CVE-2023-3397 (CVSS3: 6.3 MEDIUM): linux-yocto
> https://web.nvd.nist.gov/vi
On Sat, 2023-11-11 at 05:03 -1000, Steve Sakoman wrote:
> We are seeing reproducibility issues where gcc-cross sometimes defaults
> to gnu11 and other times to gnu17.
>
> Specify std=gnu17 rather than leave this to chance.
>
> Signed-off-by: Steve Sakoman
> Signed-off-by: Khem Raj
> ---
> meta
This creates 3 new subpackages:
* glxinfo
* eglinfo
* esinfo (for es1_info and es2_info)
These diagnostic utilities are useful without the demos.
Signed-off-by: Zoltán Böszörményi
---
meta/recipes-graphics/mesa/mesa-demos_8.5.0.bb | 8
1 file changed, 8 insertions(+)
diff --git a/meta
Dnia poniedziałek, 13 listopada 2023 12:35:23 CET Richard Purdie pisze:
> On Fri, 2023-11-10 at 20:37 +0100, Piotr Łobacz wrote:
> > By default curl is being configured with:
> >
> > --with-ca-bundle=${sysconfdir}/ssl/certs/ca-certificates.crt
> >
> > which causes an issue for native build, when
On Fri, 2023-11-10 at 20:37 +0100, Piotr Łobacz wrote:
> By default curl is being configured with:
>
> --with-ca-bundle=${sysconfdir}/ssl/certs/ca-certificates.crt
>
> which causes an issue for native build, when calling
> curl-native command, as certificates file is missing.
>
> This commit fix
The current code in ssh.py is terminating the ssh process that
does not finish its computation in a given timeout (when timeout
is passed), the SSHCall function is returning the process error
code.
The Openssl ssh before version 8.6_p1 is returning 0 when it is
terminated, from commit 8a9520836e71
The current code in ssh.py is terminating the ssh process that
does not finish its computation in a given timeout (when timeout
is passed), the SSHCall function is returning the process error
code.
The Openssl ssh before version 8.6_p1 is returning 0 when it is
terminated, from commit 8a9520836e71
Hi all,
> On 9 Nov 2023, at 14:36, luca fancellu via lists.openembedded.org
> wrote:
>
> The current code in ssh.py is terminating the ssh process that
> does not finish its computation in a given timeout (when timeout
> is passed), the SSHCall function is returning the process error
> code.
>
26 matches
Mail list logo
