Re: [OE-core] [PATCH] ncurses: Update 6.4 -> 6.4+20230514

Thanks for explaining this. In this case, the other patch that I made to ncurses ("ncurses: change GitHub mirror") is not necessary (at least until they release ncurses 6.5). I made that commit so that an updated developer snapshot can be applied on top (this patch). Florin -=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] ncurses: Update 6.4 -> 6.4+20230514

What about this, then? Looks like it is commited by you: http://cgit.openembedded.org/openembedded-core/commit/meta/recipes-core/ncurses?h=kirkstone&id=325fe5f68bc698f78f5c1a14407c0bbb4cba45f7 Indeed, you were updating from a development snapshot to another development snapshot, but judging by the

Re: [OE-core] [PATCH] ncurses: Update 6.4 -> 6.4+20230514

What's the reasoning behind updating ncurses from 6.3 to 6.3+20220423 in Kirkstone, then? https://git.yoctoproject.org/poky/commit/meta/recipes-core/ncurses?h=kirkstone&id=e13ce12e4ad79100bd45c751203040ce2a6f1920 Looks like they updated for fixing a CVE as well, and they did not backport the pat

Re: [OE-core] [PATCH] ncurses: change GitHub mirror

This was done in a similar way to this commit, when the change was made from Debian packaging to GitHub's mirror: https://git.yoctoproject.org/p oky/commit/meta/recipes-core/n curses?id=dfaabf971b02e33870f9 f927e9b1356e05e74a17 ( https://git.yoctoproject.org/poky/commit/meta/recipes-core/ncurse

[OE-core] [PATCH] ncurses: Update 6.4 -> 6.4+20230514

Latest patch in ncurses GitHub mirror Includes the fix for CVE-2023-29491, done in 6.4+20230408 Signed-off-by: Florin Diaconescu --- .../ncurses/{ncurses_6.4.bb => ncurses_6.4+20230514.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta/recipes-core/ncur

[OE-core] [PATCH] ncurses: change GitHub mirror

Change from github.com/mirror/ncurses to github.com/ThomasDickey/ncurses-snapshots (which is linked in the ncurses FAQ http://invisible-island.net/ncurses/ncurses.faq.html) This is updated at least weekly, compared to mirror/ncurses, which was last updated on March 12th. Signed-off-by: Florin

[OE-core] [kirkstone][PATCH] python3: upgrade 3.10.8 -> 3.10.9

: Florin Diaconescu --- .../python/python3/CVE-2022-42919.patch | 70 .../python/python3/cve-2022-37454.patch | 108 -- .../{python3_3.10.8.bb => python3_3.10.9.bb} | 3 +- 3 files changed, 1 insertion(+), 180 deletions(-) delete mode 100644 meta/reci

[OE-core] [kirkstone][PATCH] python3: upgrade 3.10.8 -> 3.10.9

: Florin Diaconescu --- .../python/python3/CVE-2022-42919.patch | 70 --- .../python/python3/cve-2022-37454.patch | 108 - .../recipes-devtools/python/python3_3.10.9.bb | 428 ++ 3 files changed, 428 insertions(+), 178 deletions(-) delete mode 100644 meta/recipes

[OE-core] [kirkstone][PATCH] rsync: update 3.2.4 -> 3.2.5

Changelog: https://download.samba.org/pub/rsync/NEWS#3.2.5 Signed-off-by: Florin Diaconescu --- meta/recipes-devtools/rsync/{rsync_3.2.4.bb => rsync_3.2.5.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-devtools/rsync/{rsync_3.2.4.bb => rsync_3.2.5.bb} (96%)

[OE-core] [kirkstone][PATCH] rsync: update 3.2.3 -> 3.2.4

Drop configure options that have been removed upstream. License-Update: formatting Changelog: https://download.samba.org/pub/rsync/NEWS#3.2.4 Signed-off-by: Florin Diaconescu --- ...-the-hostname-in-the-certificate-whe.patch | 31 --- .../rsync/files/makefile-no-rebuild.patch

[OE-core] [kirkstone][PATCH] expat: upgrade 2.4.8 -> 2.4.9

lision for -funsigned-char Special thanks to: David Faure Felix Wilhelm Frank Bergmann Rhodri James Rosen Penev Thijs Schreijer Vincent Torri and Google Project Zero Signed-off-b

[OE-core] [PATCH] expat: upgrade 2.4.8 -> 2.4.9

lision for -funsigned-char Special thanks to: David Faure Felix Wilhelm Frank Bergmann Rhodri James Rosen Penev Thijs Schreijer Vincent Torri and Google Project Zero Signed-off-b

Re: [OE-core] [kirkstone][PATCH] expat: CVE-2022-40674

Just saw the new release, I will submit another patch with the 2.4.9 upgrade. Thanks for letting me know! Florin On Tue, Sep 20, 2022 at 6:57 PM Alex Kiernan wrote: > 2.4.9 looks to have landed w/ this change in it. > > On Tue, Sep 20, 2022 at 12:09 PM Florin Diaconescu

[OE-core] [kirkstone][PATCH] expat: CVE-2022-40674

Upstream-Status: Accepted [https://github.com/libexpat/libexpat/pull/629/commits/4a32da87e931ba54393d465bb77c40b5c33d343b] Signed-off-by: Florin Diaconescu --- .../expat/expat/CVE-2022-40674.patch | 56 +++ meta/recipes-core/expat/expat_2.4.8.bb| 1 + 2 files

[OE-core] [kirkstone][PATCH] expat: upgrade 2.4.7 -> 2.4.8

"-current_version " in a way compatible with GNU Libtool see https://verbump.de/ for what these numbers do Infrastructure: #589 CI: Upgrade Clang from 13 to 14 Special thanks to: evpobr Kai Pastor Sam James Signed-off-by: Florin Diacon

[OE-core] [PATCH] expat: CVE-2022-40674

Upstream-Status: Accepted [https://github.com/libexpat/libexpat/pull/629/commits/4a32da87e931ba54393d465bb77c40b5c33d343b] Signed-off-by: Florin Diaconescu --- .../expat/expat/CVE-2022-40674.patch | 57 +++ meta/recipes-core/expat/expat_2.4.8.bb| 1 + 2 files

[OE-core] [dunfell][PATCH] binutils : CVE-2022-38533

Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ef186fe54aa6d281a3ff8a9528417e5cc614c797] Signed-off-by: Florin Diaconescu --- .../binutils/binutils-2.34.inc| 1 + .../binutils/binutils/CVE-2022-38533.patch| 37 +++ 2