From: Siddharth Doshi
Updated SRC_URI link and format due to change in openssl website.
CVE's Fixed by upgrade:
CVE-2024-5535: Fixed possible buffer overread in SSL_select_next_proto().
CVE-2024-6119: Fixed possible denial of service in X.509 name checks
- Removed backports of CVE-2024-5535 as
This needs backporting to kirkstone and scarthgap as well.
On Tue, Sep 3, 2024 at 10:25 PM Khem Raj wrote:
>
> Signed-off-by: Khem Raj
> Cc: Mark Hatle
> ---
> ...fine-GLIBC_DYNAMIC_LINKER-and-UCLIBC_DYNAMIC_LINKE.patch | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --g
Add two packages to handle Qualcomm XElite firmware, one for the
board-specific signed blob and one for the unsigned (generic) GPU
firmware files.
Signed-off-by: Dmitry Baryshkov
---
.../linux-firmware/linux-firmware_20240811.bb | 8
1 file changed, 8 insertions(+)
diff --g
On Thu, 2024-09-05 at 21:21 +0100, Paul Barker via lists.openembedded.org wrote:
> meta-ide-support:do_write_test_data dumps the bitbake data dictionary to
> a file using export2json(). As this obviously includes the value of
> MACHINE, and other MACHINE-specific variables, the recipe needs to be
>
A variable was mistyped in an error message resulting in this error:
NameError: name 'tempalte_name' is not defined. Did you mean: 'template_name'?
Signed-off-by: Ryan Eatmon
---
scripts/oe-setup-build | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/oe-setup-build b/
meta-ide-support:do_write_test_data dumps the bitbake data dictionary to
a file using export2json(). As this obviously includes the value of
MACHINE, and other MACHINE-specific variables, the recipe needs to be
marked as MACHINE-specific.
Signed-off-by: Paul Barker
---
meta/recipes-core/meta/met
From: Hugo SIMELIERE
Upstream-Status: Backport from
https://github.com/python/cpython/commit/b2f11ca7667e4d57c71c1c88b255115f16042d9a
Upstream-Status: Backport from
https://github.com/python/cpython/commit/743acbe872485dc18df4d8ab2dc7895187f062c4
Signed-off-by: Hugo SIMELIERE
---
.../python/
From: Yoann Congal
Patch 0001-update_build_version.py-support-an-envvar-to-force-t.patch
was merged here:
https://github.com/KhronosGroup/SPIRV-Tools/commit/bc4060ed274ad9749c20daced96d6f0518d6418e
Signed-off-by: Yoann Congal
---
...1-update_build_version.py-support-an-envvar-to-force-t.patch
There are several issues:
a) pointless empty directories were being created as a path wasn't
fixed in a previous commit
b) SSTATE_PKGARCH wasn't being captured into the task signature
since it is in the ignore list by default. We want to capture
the absolute value, not the dependencies
c)
The sstate functions currently pull in STAMP and SSTATE_PKG which
end up pulling in DEFAULTTUNE and other variables. The location on
disk encodes all the "architecture" information we need so clean up
the dependencies of these tasks and make them non-architecture specific.
Signed-off-by: Richard P
Hi Khem,
it's surely related, but not a simple revert (as distutils commits are
merged into setuptools into different prefix and there were couple
commits on top), but with most of it reverted as in:
https://git.openembedded.org/openembedded-core-contrib/commit/?h=jansa/master-setuptools&id=cf3108
From: Wang Mingyu
Signed-off-by: Wang Mingyu
Signed-off-by: Alexandre Belloni
Signed-off-by: Richard Purdie
(cherry picked from commit b460d2d55a35450564ea04255153b0a3bf715530)
Signed-off-by: Steve Sakoman
---
...ireless-regdb_2024.05.08.bb => wireless-regdb_2024.07.04.bb} | 2 +-
1 file cha
From: Vrushti Dabhi
- The commit [https://sqlite.org/src/info/0e4e7a05c4204b47]
("Fix a buffer overread in the sessions extension that could occur when
processing a corrupt changeset.")
fixes CVE-2023-7104 instead of CVE-2022-46908.
- Hence, corrected the CVE-ID in CVE-2023-7104.patch.
- Ref
From: Vijay Anusuri
Refreshed patch 0001-configure-Remove-runtime-test-for-mmap-that-can-map-.patch
Includes security fix
CVE-2023-49582
changelog:
https://downloads.apache.org/apr/CHANGES-APR-1.7
Signed-off-by: Vijay Anusuri
Signed-off-by: Steve Sakoman
---
...1-configure-Remove-runtime-te
From: Vrushti Dabhi
The patch
"0001-sqlite-Increased-the-size-of-loop-variables-in-the-printf-implementation.patch"
fixes CVE-2022-35737.
Signed-off-by: Vrushti Dabhi
Signed-off-by: Steve Sakoman
---
...-in-the-printf-implementation.patch => CVE-2022-35737.patch} | 0
meta/recipes-support/sq
Please review this set of changes for kirkstone and have comments back by
end of day Friday, September 6
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/7310
The following changes since commit 6992437d725f9cc88da4261814b69aaadc5ef0f2:
grub: fs/f
From: Hitendra Prajapati
A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of
service (DoS) attack
via improper synchronization during socket closure when a client keeps a socket
open as the server
is taken offline.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2024
When bitbaking python3-rpds-py it built extension module as:
site-packages/rpds/rpds.cpython-312-armv7l-linux-gnueabihf.so
Which caused error on target:
root@qemuarm:~# python3 -c "from rpds import HashTrieMap, HashTrieSet, List"
Traceback (most recent call last):
File "", line 1, in
On Wed, 2024-09-04 at 12:21 +, Konrad Weihmann via lists.openembedded.org
wrote:
> in case of running two or more runqemu instances in parallel
> with no previously setup tap devices, the following happens:
>
> instance A probes for tap devices, but doesn't find
> any, proceeds to generating
* the default STAGING_DIR_NATIVE starts with STAGING_DIR_HOST and the
only difference is '-native' suffix at the end
* this can lead into replacing STAGING_DIR_NATIVE path with just "-native"
in FILE macros
* I've noticed this by accident in python3-matplotlib where buildpaths
QA warning wa
20 matches
Mail list logo
