[OE-core] [PATCH] libunistring: fix do_configure "Argument list too long" error

From: Changqing Li libunistring uses a lot of m4 files, with acpaths set to absolute path, and the TMPDIR is long/deep, for example when len(TMPDIR) = 350, do_configure failed with "Argument list too long" error. [snip] aclocal: error: cannot open xxx Argument list too long autoreconf: aclocal

[OE-core] [PATCH 34/37] cargo-c: convert to target recipe

From: Alexander Kanavin This was prompted by sstatetests.SStateHashSameSigs2.test_sstate_allarch_samesigs where adwaita-icon-theme would fail due to new librsvg introducing cargo-c-native into dependency path. Rather than look into why is that, I simply converted the recipe into the standard 't

[OE-core] [PATCH 27/37] pixman: update 0.42.2 -> 0.44.0

From: Alexander Kanavin Drop two backports. Drop iwmmxt support from recipe and patch (upstream has removed it). Signed-off-by: Alexander Kanavin --- ...-workarounds-in-cpu-features-detecti.patch | 23 ++-- ...loat.c-fix-inlining-failed-in-call-t.patch | 56 -- ...6ce00bb79a6b925ed4

[OE-core] [PATCH 18/37] libtool: update 2.5.2 -> 2.5.4

From: Alexander Kanavin 2.5.2 was a beta, upstream made two stable releases since: https://savannah.gnu.org/news/?id=10676 https://savannah.gnu.org/news/?id=10693 Drop libtool/0001-ltmain.in-Handle-trailing-slashes-on-install-command.patch (merged upstream) Apply all patches unconditionally; th

[OE-core] [PATCH 30/37] libpipeline: update 1.5.7 -> 1.5.8

From: Alexander Kanavin Signed-off-by: Alexander Kanavin --- .../libpipeline/autoconf-2.73.patch | 24 --- ...pipeline_1.5.7.bb => libpipeline_1.5.8.bb} | 3 +-- 2 files changed, 1 insertion(+), 26 deletions(-) delete mode 100644 meta/recipes-extended/libpipeline/li

[OE-core] [PATCH 20/37] btrfs-tools: update 6.10.1 -> 6.11

From: Alexander Kanavin Use github, as kernel.org has the needed tag, but not the branch it's on. Signed-off-by: Alexander Kanavin --- ...Add-a-possibility-to-specify-where-python-modules-ar.patch | 2 +- .../{btrfs-tools_6.10.1.bb => btrfs-tools_6.11.bb}| 4 ++-- 2 files changed,

[OE-core] [PATCH 31/37] libpam: update 1.6.1 -> 1.7.0

From: Alexander Kanavin Change from autotools to meson. ptest support is removed for now, as pam-ptest isn't executed on the autobuilder. Adjust packaging as pam now installs everything into /usr rather than /. Signed-off-by: Alexander Kanavin --- ...ect-check-for-existence-of-two-prepr.patc

[OE-core] [PATCH 22/37] python3-maturin: update 1.7.1 -> 1.7.4

From: Alexander Kanavin Signed-off-by: Alexander Kanavin --- .../python/python3-maturin-crates.inc | 188 +- ...n-architecture-name-resolvation-code.patch | 107 -- ...prove-wheel-reproducibility-by-sorti.patch | 4 +- ...ation-issue-with-linux-armv7l-archit.pa

[OE-core] [PATCH 05/37] gcr: drop obsolete autotools setting

From: Alexander Kanavin Signed-off-by: Alexander Kanavin --- meta/recipes-gnome/gcr/gcr_4.3.0.bb | 2 -- 1 file changed, 2 deletions(-) diff --git a/meta/recipes-gnome/gcr/gcr_4.3.0.bb b/meta/recipes-gnome/gcr/gcr_4.3.0.bb index 6c620dc391d..dcd8658d9cb 100644 --- a/meta/recipes-gnome/gcr/gcr

[OE-core] [PATCH 24/37] libgit2: update 1.8.2 -> 1.8.4

From: Alexander Kanavin Signed-off-by: Alexander Kanavin --- .../libgit2/{libgit2_1.8.2.bb => libgit2_1.8.4.bb}| 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta/recipes-support/libgit2/{libgit2_1.8.2.bb => libgit2_1.8.4.bb} (79%) diff --git a/meta/recipes-supp

[OE-core] [PATCH 37/37] rpm: replace use of rpm2cpio with rpm2archive

From: Alexander Kanavin rpm2cpio has been deprecated upstream, so this prepares for its eventual removal. rpm2archive produces a tar archive which can be uncompressed with tar executable from the host. Signed-off-by: Alexander Kanavin --- meta/classes-recipe/testexport.bbclass | 1 - me

[OE-core] [PATCH 29/37] texinfo: update 7.1 -> 7.1.1

From: Alexander Kanavin Rather than try to patch out specific manpages needing help2man, simply don't build them: this is less prone to tricky rebase conflicts. Signed-off-by: Alexander Kanavin --- ...01-Makefile.am-do-not-build-manpages.patch | 29 ...changes-to-build-without-zlib-an

[OE-core] [PATCH 16/37] swig: upgrade 4.2.1 -> 4.3.0

From: Alexander Kanavin Signed-off-by: Alexander Kanavin --- meta/recipes-devtools/swig/swig/determinism.patch | 8 .../swig/{swig_4.2.1.bb => swig_4.3.0.bb} | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) rename meta/recipes-devtools/swig/{swig_4.2.1.

[OE-core] [PATCH 23/37] utfcpp: update 4.0.5 -> 4.0.6

From: Alexander Kanavin Signed-off-by: Alexander Kanavin --- .../recipes-support/utfcpp/{utfcpp_4.0.5.bb => utfcpp_4.0.6.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-support/utfcpp/{utfcpp_4.0.5.bb => utfcpp_4.0.6.bb} (89%) diff --git a/meta/recipes-support/ut

[OE-core] [PATCH 01/37] maintainers.inc: unassign myself (don't panic!)

From: Alexander Kanavin For a very long time my focus hasn't been these recipes in particular; rather I'm trying to ensure oe-core as a whole doesn't fall too far behind upstream releases. To better reflect this reality, I wish to be no longer listed for any specific recipes. Signed-off-by: Alex

[OE-core] [PATCH 03/37] barebox: add more common items into shared .inc with barebox-tools

From: Alexander Kanavin barebox-tools needs to be updated in lockstep with barebox, and was already once erroneously updated to 2024.10 without barebox itself. Particularly, this change puts PV into .inc as well for both recipes. This will allow AUH to produce correct update patches, as barebox

[OE-core] [PATCH 15/37] python3-dtc: update 1.7.0 -> 1.7.2

From: Alexander Kanavin Remove patch, as it is a leftover from meta-virtualization times where python3-dtc was ahead of dtc in oe-core and had to be tweaked. Signed-off-by: Alexander Kanavin --- ...erlay-make-overlay_get_target-public.patch | 132 -- ...hon3-dtc_1.7.0.bb => pyt

[OE-core] [PATCH 14/37] dtc: upgrade 1.7.0 -> 1.7.2

From: Alexander Kanavin Remove patches (both applied upstream). Add a tests option that is disabled by default (as previously it was inside a is_cross() condition and so was always disabled). Signed-off-by: Alexander Kanavin --- ...01-meson.build-bump-version-to-1.7.0.patch | 29 -

[OE-core] [PATCH 36/37] rpm: update 4.19.1.1 -> 4.20.0

From: Alexander Kanavin With this release, as expected, deprecated openpgp support has been fully removed and replaced with sequoia: https://github.com/rpm-software-management/rpm-sequoia/ Alas, it's written in rust, and has no recipe, so for now signing rpm packages has to be disabled. Remove

[OE-core] [PATCH 32/37] go-helloworld: update to latest revision

From: Alexander Kanavin Signed-off-by: Alexander Kanavin --- meta/recipes-extended/go-examples/go-helloworld_0.1.bb | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/meta/recipes-extended/go-examples/go-helloworld_0.1.bb b/meta/recipes-extended/go-examples/go-helloworld_0

[OE-core] [PATCH 33/37] cargo-c-native: update 0.10.3 -> 0.10.5

From: Alexander Kanavin Signed-off-by: Alexander Kanavin --- meta/recipes-devtools/rust/cargo-c-crates.inc | 478 +- ... => cargo-c-native_0.10.5+cargo-0.83.0.bb} | 2 +- 2 files changed, 243 insertions(+), 237 deletions(-) rename meta/recipes-devtools/rust/{cargo-c-native_0.

[OE-core] [PATCH 35/37] librsvg: update 2.58.2 -> 2.59.2

From: Alexander Kanavin Upstream has moved from autotools to meson, which requires a substantial amount of tweaks to the recipe. Signed-off-by: Alexander Kanavin --- meta/recipes-gnome/librsvg/librsvg-crates.inc | 682 +- ...-rust-target-to-cargo-also-when-not-.patch | 44 --

[OE-core] [PATCH 28/37] vulkan-samples: update to latest revision

From: Alexander Kanavin Drop patch as issue fixed upstream. Signed-off-by: Alexander Kanavin --- ...ce-FORCE_INLINE_TEMPLATE-with-inline.patch | 52 --- .../vulkan/vulkan-samples_git.bb | 3 +- 2 files changed, 1 insertion(+), 54 deletions(-) delete mode 100644

[OE-core] [PATCH 21/37] python3-markdown: update 3.6 -> 3.7

From: Alexander Kanavin Signed-off-by: Alexander Kanavin --- .../{python3-markdown_3.6.bb => python3-markdown_3.7.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta/recipes-devtools/python/{python3-markdown_3.6.bb => python3-markdown_3.7.bb} (72%) diff --git a/met

[OE-core] [PATCH 26/37] tiff: update 4.6.0 -> 4.7.0

From: Alexander Kanavin Drop all CVE backports. Signed-off-by: Alexander Kanavin --- .../libtiff/tiff/CVE-2023-52355-0001.patch| 238 -- .../libtiff/tiff/CVE-2023-52355-0002.patch| 28 --- .../libtiff/tiff/CVE-2023-52356.patch | 49 .../libtiff/tiff/CVE-2

[OE-core] [PATCH 08/37] pkg-config-native: pick additional search paths from $EXTRA_NATIVE_PKGCONFIG_PATH

From: Alexander Kanavin This was prompted by working on librsvg update: the new meson-driven version wants to query values from .pc files residing in its own build directory, and modifies PKG_CONFIG_PATH accordingly. When using the pkg-config-native wrapper such modifications have no effect, and

[OE-core] [PATCH 11/37] python3-beartype: upgrade 0.18.5 -> 0.19.0

From: Alexander Kanavin Change backend to hatchling. Signed-off-by: Alexander Kanavin --- ...{python3-beartype_0.18.5.bb => python3-beartype_0.19.0.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta/recipes-devtools/python/{python3-beartype_0.18.5.bb => python3-beartyp

[OE-core] [PATCH 13/37] virglrenderer: upgrade 1.0.1 -> 1.1.0

From: Alexander Kanavin drm-msm-experimental option removed upstream. Signed-off-by: Alexander Kanavin --- ...001-meson.build-use-python3-directly-for-python.patch | 9 - ...-Fix-int-conversion-fatal-build-error-with-GCC-.patch | 6 +- .../{virglrenderer_1.0.1.bb => virglrenderer_1

[OE-core] [PATCH 10/37] elfutils: upgrade 0.191 -> 0.192

From: Alexander Kanavin License-Update: copyright years Signed-off-by: Alexander Kanavin --- .../{elfutils_0.191.bb => elfutils_0.192.bb} | 12 --- ...001-config-eu.am-do-not-force-Werror.patch | 34 ++ ...01-debuginfod-Remove-unused-variable.patch | 34 --

[OE-core] [PATCH 07/37] systemd-compat-units: execute postinst on target

From: Alexander Kanavin There is a race here where postinst relies on existence of various files from other packages on the target rootfs to operate properly, but doesn't ensure that it runs after all of those packages have been installed. Adding dependencies on those packages is not a solution a

[OE-core] [PATCH 09/37] debugedit: upgrade 5.0 -> 5.1

From: Alexander Kanavin Remove 0002-sepdebugcrcfix.c-do-not-use-64bit-variants.patch as the issues were fixed upstream. Signed-off-by: Alexander Kanavin --- .../{debugedit_5.0.bb => debugedit_5.1.bb}| 8 +-- ...ugcrcfix.c-do-not-use-64bit-variants.patch | 56 --- ...003-Ma

[OE-core] [PATCH 06/37] cargo.bbclass: do not install libraries by default

From: Alexander Kanavin 'cargo install' only installs executables and examples into the system, and we should follow that. Libraries are vendored into build trees from the crate registry and then baked directly into executables. Neverthless, there's now a condition variable, so individual recipe

[OE-core] [PATCH 04/37] meson.bbclass: enable qemu exe wrapper in nativesdk

From: Alexander Kanavin nativesdk builds are cross-builds like target ones, and so meson expectations regarding ability to run binaries are the same: either provide the wrapper, or disable the build time options that need executing target binaries during build time (if such options are made avail

[OE-core] [PATCH 02/37] mtd-utils: set PV directly in the recipe filename

From: Alexander Kanavin Signed-off-by: Alexander Kanavin --- .../mtd/{mtd-utils_git.bb => mtd-utils_2.2.1.bb}| 2 -- 1 file changed, 2 deletions(-) rename meta/recipes-devtools/mtd/{mtd-utils_git.bb => mtd-utils_2.2.1.bb} (99%) diff --git a/meta/recipes-devtools/mtd/mtd-utils_

[OE-core][kirkstone][PATCH 2/2] qemu: fix CVE-2024-3447

From: Yogita Urade A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both `s->data_count` and the size of `s->fifo_buffer` are set to 0x200, leading to an out-of-bound access. A malicious guest could use this flaw to crash the QEMU process on

[OE-core][kirkstone][PATCH 1/2] qemu: fix CVE-2024-3446

From: Divya Chellam A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest to crash the QEMU process

[OE-core][PATCH 1/5] lib: sbom30: Fix import handling

Fixes a bug in the way that imports where being handled, due to a misspelled variable Signed-off-by: Joshua Watt --- meta/lib/oe/sbom30.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/lib/oe/sbom30.py b/meta/lib/oe/sbom30.py index 0a7b4c05fbe..ea70f6fb69d 100644 --- a

[OE-core][PATCH 5/5] lib: oeqa: spdx: Add tests for extra options

Adds a test for several of the extra options provided by the SPDX classes. In particular, these are the options that can produce non-reproducible results, so are not enabled by default in OE core. This test takes care to configure the build so that the tests do run in a reproducible manner so that

[OE-core][PATCH 4/5] lib: spdx: Fix SPDX_BUILD_HOST

The call to make a new import for the SPDX_BUILD_HOST was incorrect, since it was asking for the key named "SPDX_BUILD_HOST", instead of the key name contained in that variable Signed-off-by: Joshua Watt --- meta/lib/oe/spdx30_tasks.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff

[OE-core][PATCH 2/5] lib: sbom30: Fix agent reference

When a agent reference was being used, the code was not using the correct base variable to look up the agent Signed-off-by: Joshua Watt --- meta/lib/oe/sbom30.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/lib/oe/sbom30.py b/meta/lib/oe/sbom30.py index ea70f6fb69d..7

[OE-core][PATCH 3/5] classes: create-spdx: Fix variable dependencies

A few variable dependencies were incorrect from the SPDX tasks, which prevented rebuilds from occurring, or caused them to occur when they should not. Signed-off-by: Joshua Watt --- meta/classes-recipe/create-spdx-image-3.0.bbclass | 3 +++ meta/classes/create-spdx-3.0.bbclass | 10

[OE-core][PATCH 0/5] Various SPDX Fixes

In the course of making training material for SPDX, I discovered that several of SPDX options to add additional information about the build were broken. Fix these, and add a selftest to make sure that they continue working in the future. Joshua Watt (5): lib: sbom30: Fix import handling lib: s

[OE-core] [PATCH] lrzsz: update SRC_URI to avoid redirect

This server redirects to https:, so we might as well avoid the redirect. Signed-off-by: Ross Burton --- meta/recipes-bsp/lrzsz/lrzsz_0.12.20.bb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/meta/recipes-bsp/lrzsz/lrzsz_0.12.20.bb b/meta/recipes-bsp/lrzsz/lrzsz_0.12.2

Re: [OE-core] [PATCH v2] linux-yocto: add and use GPL-2.0-with-syscall-note license

On Tue, Dec 3, 2024 at 4:19 AM Denis OSTERLAND-HEIM via lists.openembedded.org wrote: > > See Linux COPYING, LICENSES/preferred/GPL-2.0 > and LICENSES/exceptions/Linux-syscall-note. > > Signed-off-by: Denis Osterland-Heim > --- > v1 -> v2: > * add full GPL-2.0 license text > > .../GPL-2.0-with

[OE-core] Yocto Project Status 3 Dec. 2024 (WW49)

Current Dev Position: YP 5.2 M1 Next Deadline: YP 5.2 M1 Build date 2024-12-09 Next Team Meetings: - Bug Triage meeting Thursday Dec. 5th at 7:30 am PST ( https://zoom.us/j/454367603?pwd=ZGxoa2ZXL3FkM3Y0bFd5aVpHVVZ6dz09) - Weekly Project Engineering Sync Tuesday Dec. 10th at 8 a

Re: [OE-core] [PATCH 2/3] spdx: add support for WITH operator

On 27 Nov 2024, at 07:34, Denis OSTERLAND-HEIM via lists.openembedded.org wrote: > Right. > Apache-2.0-with-LLVM-exception and GPL-2.0-with-OpenSSL-exception are not > listed on spdx.org/licenses > and the others are listed with the "insert here". > The clean way would be to implement the WITH

Re: [OE-core] [oe-ore][PATCHv4] libsecret: add pam support depending on DISTRO_FEATURES

On 3 Dec 2024, at 14:07, Markus Volk wrote: > > Got it. Currently I have issues to access the gnome gitlab. Will send a patch > there later Yes, everyone does…. Should be back to normal service in a week or so. Thanks Markus! Ross -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent t

[OE-core][scarthgap 05/16] libsoup: fix CVE-2024-52530, CVE-2024-52531

From: Changqing Li CVE-2024-52531: GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. Input received over the network cannot trigger this. Refer: https://nvd.nist.gov/vuln/detail/CVE-2024-52531 CVE-2024-52

Re: [OE-core] [oe-ore][PATCHv4] libsecret: add pam support depending on DISTRO_FEATURES

Got it. Currently I have issues to access the gnome gitlab. Will send a patch there later On Tue, Dec 3 2024 at 12:42:10 PM +00:00:00, Ross Burton via lists.openembedded.org wrote: On 30 Nov 2024, at 08:52, Markus Volk via lists.openembedded.org

Re: [RFC][oe-core][PATCHv2 1/2] libpam: add more PACKAGECONFIG options

Thanks, these look basically ok to me. Alex On Tue, 3 Dec 2024 at 14:56, Markus Volk via lists.openembedded.org wrote: > > Use ?= instead of ??= > > Signed-off-by: Markus Volk > --- > meta/recipes-extended/pam/libpam_1.7.0.bb | 7 ++- > 1 file changed, 6 insertions(+), 1 deletion(-) > > di

Re: [RFC][oe-core][PATCH] pam: update 1.6.1 -> 1.7.0

Sent a v2 that adds the package split and more cleanup on top of the upcoming libpam update and On Mon, Dec 2 2024 at 12:37:08 +01:00:00, Markus Volk wrote: On Mon, Dec 2 2024 at 12:06:17 +01:00:00, Alexander Kanavin wrote: Please see my comment elsewhere, it's better to split this into sev

Re: [OE-core][scarthgap][PATCH] qemu: patch CVE-2024-6505

Good to know. Then I'll just have to submit CVE ignore patch when that merges as this vulnerability is version-less in NVD DB... Peter > -Original Message- > From: Steve Sakoman > Sent: Tuesday, December 3, 2024 14:53 > To: Marko, Peter (FT D EU SK BFS1) > Cc: openembedded-core@lists.o

[RFC][oe-core][PATCHv2 2/2] libpam: build twice and package libpam separately

This commit splits the libpam recipe and now compiles twice. First only the libs are packaged and afterwards the libpam modules. This breaks a dependency loop and makes it possible to link against systemd to enable 'logind' support for the modules. It compiles for x86-64/arm/arm64 and mutlilib an

[RFC][oe-core][PATCHv2 1/2] libpam: add more PACKAGECONFIG options

Use ?= instead of ??= Signed-off-by: Markus Volk --- meta/recipes-extended/pam/libpam_1.7.0.bb | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/meta/recipes-extended/pam/libpam_1.7.0.bb b/meta/recipes-extended/pam/libpam_1.7.0.bb index ec1c868d21..2c134c1378 100644 ---

Re: [OE-core][scarthgap][PATCH] qemu: patch CVE-2024-6505

This is fixed in the qemu minor version upgrade currently out for review: https://lists.openembedded.org/g/openembedded-core/message/208200 Steve On Mon, Dec 2, 2024 at 3:39 PM Peter Marko via lists.openembedded.org wrote: > > From: Peter Marko > > Backport patch [3] as linked from [1] via [2]

Re: [OE-core] [BACKPORT] rootfs: Ensure run-postinsts is not uninstalled for read-only-rootfs-delayed-postinsts

On Mon, Dec 2, 2024 at 11:20 PM Nicolas Gillen < nicolas.gil...@agregio-solutions.com> wrote: > Thanks Steve, > > You probably already noticed that the link I sent doesn't contain the full > patch. > The full patch is here : > https://git.openembedded.org/openembedded-core/commit?id=60f587475dda99

[OE-core][scarthgap 07/16] python3-urllib3: upgrade 2.2.1 -> 2.2.2

From: Trevor Gamblin (From OE-Core rev: 32fdd5673c25084af4ba295b271455cd92ca09d5) Signed-off-by: Trevor Gamblin Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie Signed-off-by: Soumya Sambu Signed-off-by: Steve Sakoman --- .../{python3-urllib3_2.2.1.bb => python3-urllib3_2.2.2

Re: [OE-core] [scarthgap][backport] Fix packaging of stale externalsrc recipes

On Tue, Dec 3, 2024 at 1:13 AM Marcus Comstedt wrote: > > > Hi. > > After upgrading from dunfell to scarthgap (due to the EOL of the > former), I discovered that bitbake would occasionally package versions > of externalsrc packages that did not contain the latest changes. > > The details are in th

[OE-core] [PATCH] oeqa/gitarchive: Fix syntax warning

The backslash characters cause syntax warnings, mark the strings are raw to avoid this. Signed-off-by: Richard Purdie --- meta/lib/oeqa/utils/gitarchive.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/lib/oeqa/utils/gitarchive.py b/meta/lib/oeqa/utils/gitarchive.py i

[OE-core][scarthgap 14/16] libgcrypt: Fix building error with '-O2' in sysroot path

From: Robert Yang * Backport a patch to fix: $ . oe-init-build-env build-O2 $ bitbake libgcrypt random/rndjent.c:40:10: fatal error: stdio.h: No such file or directory * Remove 0002-libgcrypt-fix-building-error-with-O2-in-sysroot-path.patch which is fixed by the backported patch. Note, master

[OE-core][scarthgap 12/16] gcc: add a backport patch to fix an issue with tzdata 2024b

From: Markus Volk There is an issue in the std::chrono::tzdb parser that causes problems since the tzdata-2024b release started using %z in the main format. As a real world problem I encounter an issue with the waybar clock module, which ignores the timezone setting and only shows system time.

[OE-core][scarthgap 16/16] rootfs: Ensure run-postinsts is not uninstalled for read-only-rootfs-delayed-postinsts

From: "Gassner, Tobias.ext" This patch ensures that pkg_postinst_ontarget task is executed for read only rootfs when read-only-rootfs-delayed-postinsts is set as IMAGE_FEATURES. The issue was that run-postinsts could be uninstalled at the end of rootfs construction and that shouldn't happen fo

[OE-core][scarthgap 13/16] ninja: fix build with python 3.13

From: Markus Volk python 3.13 removed the pipes module. Thus build fails for host machines that run python 3.13 This commit adds a backport patch to use subprocess module instead Signed-off-by: Markus Volk Signed-off-by: Steve Sakoman --- ...4efb41c039789b81f0dc0d67c1ed0faea17c.patch | 62 +

[OE-core][scarthgap 15/16] dropbear: backport fix for concurrent channel open/close

From: Florian Kreutzer Prevents sporadic crashes of dropbear server when multiple channels are active at the same time. Upstream discussion: https://github.com/mkj/dropbear/pull/326/commits https://github.com/mkj/dropbear/issues/321 Issue was introduced in dropbear-2022.83 and fixed in v2024.86

[OE-core][scarthgap 09/16] scripts/install-buildtools: Update to 5.0.5

From: Aleksandar Nikolic Update to the 5.0.5 release of the 5.0 series for buildtools. Signed-off-by: Aleksandar Nikolic Signed-off-by: Steve Sakoman --- scripts/install-buildtools | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/install-buildtools b/scripts/ins

[OE-core][scarthgap 11/16] qemu: upgrade 8.2.3 -> 8.2.7

From: Yogita Urade This includes fix for: CVE-2024-4693, CVE-2024-6505 and CVE-2024-7730 General changelog for 8.2: https://wiki.qemu.org/ChangeLog/8.2 Droped: 0001-target-riscv-kvm-change-KVM_REG_RISCV_FP_F-to-u32.patch 0002-target-riscv-kvm-change-KVM_REG_RISCV_FP_D-to-u64.patch 0003-target-r

[OE-core][scarthgap 00/16] Patch review

Please review this set of changes to scarthgap and have comments back by end of day Thursday, December 5 Passed a-full on autobuilder: https://valkyrie.yoctoproject.org/#/builders/29/builds/560 The following changes since commit dac630ab5ee7aa6c5c7c294093adbd11b116c765: llvm: reduce size of -

[OE-core][scarthgap 10/16] glibc: stable 2.39 branch updates

From: Deepthi Hemraj Below commits on glibc-2.39 stable branch are updated. dcaf51b41e elf: Change ldconfig auxcache magic number (bug 32231) b3c51635ef Make tst-strtod-underflow type-generic b74be22f65 Add crt1-2.0.o for glibc 2.0 compatibility tests fcdf98f38c Add tests of more strtod special c

[OE-core][scarthgap 08/16] python3-requests: upgrade 2.32.1 -> 2.32.2

From: Soumya Sambu https://requests.readthedocs.io/en/latest/community/updates/#id2 2.32.2 (2024-05-21) * Deprecations - To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we’ve renamed _get_connection to a new public API, get_connecti

[OE-core][scarthgap 06/16] tzdata&tzcode-native: upgrade 2024a -> 2024b

From: Jinfeng Wang Signed-off-by: Jinfeng Wang Signed-off-by: Steve Sakoman (cherry picked from commit c8d3edb2562ea4d980186e78b4abb5a94b1d7b22) Signed-off-by: Steve Sakoman --- .../glib-2.0/gdatetime-test-fail-0001.patch | 72 +++ .../glib-2.0/gdatetime-test-fail-0002.patch

[OE-core][scarthgap 04/16] libsndfile: fix CVE-2024-50612

From: Hitendra Prajapati Upstream-Status: Backport from https://github.com/libsndfile/libsndfile/commit/4755f5bd7854611d92ad0f1295587b439f9950ba Signed-off-by: Hitendra Prajapati Signed-off-by: Steve Sakoman --- .../libsndfile1/CVE-2024-50612.patch | 412 ++ .../libs

[OE-core][scarthgap 03/16] builder: set CVE_PRODUCT

From: Peter Marko Builder is a common word and there are many other builder components which makes us to ignore CVEs for all of them. There is already 1 ignored and currently 3 new ones. Instead, set product to yocto to filter them. Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman ---

[OE-core][scarthgap 01/16] python3-zipp: fix CVE-2024-5569

From: Jiaying Song A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython,

[OE-core][scarthgap 02/16] acpica: fix CVE-2024-24856

From: Changqing Li The memory allocation function ACPI_ALLOCATE_ZEROED does not guarantee a successful allocation, but the subsequent code directly dereferences the pointer that receives it, which may lead to null pointer dereference. To fix this issue, a null pointer check should be added. If it

Re: [OE-core] [PATCH v2] linux-yocto: add and use GPL-2.0-with-syscall-note license

On Tue, Dec 03 2024, "Denis OSTERLAND-HEIM via lists.openembedded.org" wrote: > See Linux COPYING, LICENSES/preferred/GPL-2.0 > and LICENSES/exceptions/Linux-syscall-note. > > + [snip GPL text] > + > + NOTE! This copyright does *not* cover user programs that use kernel > + services by normal s

Re: [OE-core] [oe-ore][PATCHv4] libsecret: add pam support depending on DISTRO_FEATURES

On 30 Nov 2024, at 08:52, Markus Volk via lists.openembedded.org wrote: > Add a recipe for pam_wrapper, needed to build the tests > > [https://gitlab.com/cwrap/pam_wrapper] > > Import cmocka recipe from meta-oe > [https://git.openembedded.org/meta-openembedded/tree/meta-oe/recipes-test/cmocka/c

[OE-core] [PATCH v2] linux-yocto: add and use GPL-2.0-with-syscall-note license

See Linux COPYING, LICENSES/preferred/GPL-2.0 and LICENSES/exceptions/Linux-syscall-note. Signed-off-by: Denis Osterland-Heim --- v1 -> v2: * add full GPL-2.0 license text .../GPL-2.0-with-Linux-syscall-note | 357 ++ meta/recipes-kernel/linux/linux-yocto.inc |

[OE-core][scarthgap][PATCH 1/1] Revert "ruby: upgrade 3.2.2 -> 3.3.5"

From: Yogita Urade This reverts commit 0402f54b66438ec6e9f06f02652e148dce6480b3. This isn't a minor version upgrade. $git log v3_2_2..v3_3_5 --oneline | wc -l 6924 Signed-off-by: Yogita Urade --- ...Alignof-to-define-ALIGN_OF-when-poss.patch | 51 ++ ...e.in-do-not-write-host-cross-c

Re: [OE-core] [PATCH V3 1/3] sbom30/spdx30: add link prefix to the namespace of spdxId and alias

Sure, thanks for the reply, I am glad to wait for your rework patch, thanks again //Hongxu -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#208184): https://lists.openembedded.org/g/openembedded-core/message/208184 Mute This Topic: https://lists.op

[OE-core] [scarthgap][backport] Fix packaging of stale externalsrc recipes

Hi. After upgrading from dunfell to scarthgap (due to the EOL of the former), I discovered that bitbake would occasionally package versions of externalsrc packages that did not contain the latest changes. The details are in this bug: https://bugzilla.yoctoproject.org/show_bug.cgi?id=15646 As R