[OE-core] [PATCH v6 0/3] pkg-database and systemd-sysext image

systemd-sysext allows to overlay another image (or multiple) ontop of a "base-image" = the current rootfs, via the use of overlayfs; to add tools and features meant for development purposes. To quote the documentation on systemd-sysext: " ...addition in order to make debugging/development easier).

[OE-core] [PATCH v6 2/3] image.bbclass/rootfs: set and unpack package-database

set the package-database of a "lower image" to unpack and build upon when installing packages for the current image. This way a lean image will be created, which only holds the packages that are not already present in the lower image. An image build such could then be used with overlayfs or system

[OE-core] [PATCH v6 1/3] image.bbclass/rootfs: archive and deploy package database

archive the package database after the rootfs has been put together as *rootfs-pkdbfs.tar.gz, and put it into the deploy folder. This creates a snapshot of the package mangers state at the point in time when all dependencies have been resolved and installed; which could be used by "extension image

[OE-core] [PATCH v6 3/3] classes: add a systemd-sysext image class

systemd-sysext can load a raw-image containing usr/ and opt/ folders to mount them as RO overlay over the rootfs, to "extend" the systems. This class provides the necessary changes/additions to the enclosed file-system so that systemd-sysext accepts the extension for "merge" into the rootfs. With

[OE-core] [PATCH] kernel.bbclass: check, if directory exists before removing empty module directory

If the kernel folder does not exist, find will result in an error. This can occur if the kernel has no modules but, for example, custom modules are created. Add check before deleting. Signed-off-by: Heiko Thole --- meta/classes-recipe/kernel.bbclass | 2 +- 1 file changed, 1 insertion(+), 1 de

[OE-core] [PATCH] devtool: sync: Fix Execution error

From: Vincent Kriek When executing devtool sync on a recipe that was extract with devtool extract earlier the following error occured: Traceback (most recent call last): [...] bb.process.ExecutionError: Execution of 'git fetch file:///home/vin/projects/poky/build/tmp/work/all-poky-l

Re: [OE-core] [PATCH 10/33] gnutls: upgrade 3.8.4 -> 3.8.5

On Sat, 2024-04-13 at 20:55 +, Simone Weiß wrote: > On Fri, 2024-04-12 at 16:39 +0200, Alexandre Belloni wrote: > > On 11/04/2024 19:41:09+, Simone Weiß wrote: > > > On Wed, 2024-04-10 at 02:45 +0200, Alexandre Belloni via > > > lists.openembedded.org wrote: > > > > Failed ptests: > > > > {

[OE-core] [PATCH 2/2] gnutls: Fix failing ptests

From: Simone Weiß When upgrading gnutls to the newest version 3.8.5, some ptest failed. Backported a patch from upstream gnutls(not in any release yet) to fix this issue. Signed-off-by: Simone Weiß --- ...PKCS1-v1_5-system-wide-configuration.patch | 269 ++ meta/recipes-support

[OE-core] [PATCH 1/2] gnutls: upgrade 3.8.4 -> 3.8.5

From: Wang Mingyu Add-ptest-support.patch refreshed for 3.8.5 Changelog: == * libgnutls: Due to majority of usages and implementations of RSA decryption with PKCS#1 v1.5 padding being incorrect, leaving them vulnerable to Marvin attack, the RSAES-PKCS1-v1_5 is being deprecated (enc

[OE-core] OE-core CVE metrics for nanbield on Sun 14 Apr 2024 04:00:01 AM HST

Branch: nanbield New this week: 0 CVEs Removed this week: 0 CVEs Full list: Found 128 unpatched CVEs CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 * CVE-2021-3714 (CVSS3: 5.9 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vul

Re: [RFC][oe-core][PATCH] xwayland: update 23.2.5 -> 23.2.6

This requires libei which is currently in meta-oe On Sun, Apr 14 2024 at 04:06:52 PM +02:00:00, Markus Volk wrote: - add a PACKAGECONFIG for libdecor ! This will require to move libei from meta-oe to oe-core ! Signed-off-by: Markus Volk > --- .../xwayland/{xwaylan

[RFC][oe-core][PATCH] xwayland: update 23.2.5 -> 23.2.6

- add a PACKAGECONFIG for libdecor ! This will require to move libei from meta-oe to oe-core ! Signed-off-by: Markus Volk --- .../xwayland/{xwayland_23.2.5.bb => xwayland_23.2.6.bb} | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) rename meta/recipes-graphics/xwayland/{xwayland_

[OE-core] OE-core CVE metrics for kirkstone on Sun 14 Apr 2024 03:00:01 AM HST

Branch: kirkstone New this week: 0 CVEs Removed this week: 0 CVEs Full list: Found 35 unpatched CVEs CVE-2021-35937 (CVSS3: 6.4 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35937 * CVE-2021-35938 (CVSS3: 6.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov

[OE-core] OE-core CVE metrics for dunfell on Sun 14 Apr 2024 02:00:01 AM HST

Branch: dunfell New this week: 0 CVEs Removed this week: 0 CVEs Full list: Found 106 unpatched CVEs CVE-2020-15705 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15705 * CVE-2020-25742 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-

[OE-core] OE-core CVE metrics for master on Sun 14 Apr 2024 01:00:01 AM HST

Branch: master New this week: 0 CVEs Removed this week: 21 CVEs CVE-2014-4859 (CVSS3: 6.8 MEDIUM): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4859 * CVE-2014-4860 (CVSS3: 6.8 MEDIUM): ovmf:ovmf-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4860

Re: [OE-core][PATCH] openssl: openssl: patch CVE-2024-2511

I think that sending this patch was correct, see comments below. Peter From: openembedded-core@lists.openembedded.org On Behalf Of Tim Orling via lists.openembedded.org Sent: Sunday, April 14, 2024 6:45 To: Marko, Peter (ADV D EU SK BFS1) Cc: openembedded-core@lists.openembedded.org Subject: R