From: Robert Joslyn
This update contains minor features, bugfixes, and addresses several CVEs:
* https://curl.se/docs/CVE-2024-6197.html
* https://curl.se/docs/CVE-2024-6874.html
* https://curl.se/docs/CVE-2024-7264.html
Full relese notes available at https://curl.se/ch/8.9.1.html
Backport a
a v2.
Thanks,
Robert
On 4 Aug 2024, at 02:44, Robert Joslyn via lists.openembedded.org
wrote:
From: Robert Joslyn
This update contains minor features, bugfixes, and addresses several CVEs:
* https://curl.se/docs/CVE-2024-6197.html
* https://curl.se/docs/CVE-2024-6874.html
* https://curl.se
From: Robert Joslyn
This update contains minor features, bugfixes, and addresses several CVEs:
* https://curl.se/docs/CVE-2024-6197.html
* https://curl.se/docs/CVE-2024-6874.html
* https://curl.se/docs/CVE-2024-7264.html
Full relese notes available at https://curl.se/ch/8.9.1.html
Signed-off
From: Robert Joslyn
When newlib and libgloss were updated to 4.3.0, SRC_URI was updated to
append a fix-rs6000-cflags.patch file when building on PowerPC, but this
file was not added to the repo.
Remove appending the missing patch.
Signed-off-by: Robert Joslyn
---
meta/recipes-core/newlib
On Sun, 2024-05-26 at 08:57 -0700, Robert Joslyn via
lists.openembedded.org wrote:
> From: Robert Joslyn
>
> Remove backported patch that is upsteam in this version. Disable test
> 1481 since it requires --libcurl option that is disabled by default.
>
> Signed-off
From: Robert Joslyn
Remove backported patch that is upsteam in this version. Disable test
1481 since it requires --libcurl option that is disabled by default.
Remove --disable-ntlm-wb option since support for ntlm_wb was removed in
this version
Signed-off-by: Robert Joslyn
From: Robert Joslyn
Remove backported patch that is upsteam in this version. Disable test
1481 since it requires --libcurl option that is disabled by default.
Signed-off-by: Robert Joslyn
---
...41aadf4adf4f6aeb3f4c0ab489bb89610c36.patch | 64 ---
meta/recipes-support/curl
From: Robert Joslyn
Some tests can fail intermittently and upstream has marked these as
flaky so they can easily be skipped. At present there are 12 tests
marked flaky with 10 of them running in the default recipe
configuration. Skip them to avoid the failures.
Signed-off-by: Robert Joslyn
On 9/26/23 8:51 PM, Khem Raj wrote:
On Tue, Sep 26, 2023 at 7:55 PM Robert Joslyn
wrote:
On 9/26/23 7:55 AM, Khem Raj wrote:
I am seeing a ptest failure on qemx86-64/glibc
Failed ptests:
{'curl': ['test_1474', 'curl']}
In looking at the test, it is ma
On 9/26/23 7:55 AM, Khem Raj wrote:
I am seeing a ptest failure on qemx86-64/glibc
Failed ptests:
{'curl': ['test_1474', 'curl']}
In looking at the test, it is marked as flaky with the comment:
# Because of the timing sensitivity (scheduling delays of 500 msec can cause
# the test to fa
From: Robert Joslyn
NSS support was removed, so adjust PACKAGECONFIG options.
The --enable-crypto-auth option was removed and split into separate
options for basic-auth, bearer-auth, digest-auth, kerberos-auth,
negotiate-auth, and aws. Enable these new options since upstream enables
them by
On 9/20/23 10:12 PM, Alexander Kanavin wrote:
I applied the patch on current poky master with default config
(a83a16b7939e066b6686b62ae7ec66f12ef34f1e) and ran the tests locally:
root@qemux86-64:/usr/lib/curl/ptest/tests# ./runtests.pl -a -n -j4
The failure I am getting is:
test 1964...[HTTP
On 9/20/23 3:20 PM, Richard Purdie wrote:
On Wed, 2023-09-20 at 14:50 -0700, Robert Joslyn wrote:
On 9/19/23 5:54 AM, Richard Purdie wrote:
On Tue, 2023-09-19 at 05:40 -0700, Robert Joslyn wrote:
On 9/18/23 4:59 AM, Richard Purdie wrote:
On Sun, 2023-09-17 at 18:57 -0700, Robert Joslyn via
On 9/19/23 5:54 AM, Richard Purdie wrote:
On Tue, 2023-09-19 at 05:40 -0700, Robert Joslyn wrote:
On 9/18/23 4:59 AM, Richard Purdie wrote:
On Sun, 2023-09-17 at 18:57 -0700, Robert Joslyn via
lists.openembedded.org wrote:
NSS support was removed, so adjust PACKAGECONFIG options.
The
On 9/18/23 4:59 AM, Richard Purdie wrote:
On Sun, 2023-09-17 at 18:57 -0700, Robert Joslyn via
lists.openembedded.org wrote:
NSS support was removed, so adjust PACKAGECONFIG options.
The --enable-crypto-auth option was removed and split into separate
options for basic-auth, bearer-auth, digest
most common.
Disable test 1279 since this requires libcurl and hangs the tests.
Signed-off-by: Robert Joslyn
---
meta/recipes-support/curl/curl/disable-tests | 1 +
.../curl/{curl_8.2.1.bb => curl_8.3.0.bb} | 14 +-
2 files changed, 10 insertions(+), 5 deleti
This is a minor bugfix release:
https://curl.se/changes.html#8_2_1
Signed-off-by: Robert Joslyn
---
meta/recipes-support/curl/{curl_8.2.0.bb => curl_8.2.1.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-support/curl/{curl_8.2.0.bb => curl_8.2.1.bb} (98%)
RDEPEND on the specific perl modules required for the tests rather than
the perl-modules meta package.
Signed-off-by: Robert Joslyn
---
meta/recipes-support/curl/curl_8.2.0.bb | 19 +--
1 file changed, 17 insertions(+), 2 deletions(-)
diff --git a/meta/recipes-support/curl
This is a feature and bugfix update. Full release notes available at:
https://curl.se/changes.html#8_2_0
Signed-off-by: Robert Joslyn
---
meta/recipes-support/curl/{curl_8.1.2.bb => curl_8.2.0.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-support/c
This is a bugfix only release. Release notes:
https://curl.se/changes.html#8_1_1
Signed-off-by: Robert Joslyn
---
meta/recipes-support/curl/{curl_8.1.0.bb => curl_8.1.1.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-support/curl/{curl_8.1.0.bb => curl_8.
This is a feature and bugfix release. Release notes are available at:
https://curl.se/changes.html#8_1_0
Signed-off-by: Robert Joslyn
---
meta/recipes-support/curl/{curl_8.0.1.bb => curl_8.1.0.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-support/c
This update contains bug, security, and feature updates. For detailed
release notes, see https://curl.se/changes.html#8_0_1
Signed-off-by: Robert Joslyn
---
meta/recipes-support/curl/{curl_7.88.1.bb => curl_8.0.1.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/reci
This is a feature and bugfix update. Release notes available at:
https://curl.se/changes.html#7_88_0
License-Update: Copyright year updated
---
meta/recipes-support/curl/{curl_7.87.0.bb => curl_7.88.0.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta/recipes-support/curl/
Backport patches to address these CVEs.
* https://curl.se/docs/CVE-2022-43551.html
* https://curl.se/docs/CVE-2022-43552.html
Signed-off-by: Robert Joslyn
---
.../curl/curl/CVE-2022-43551.patch| 32
.../curl/curl/CVE-2022-43552.patch| 78
-update-icon-cache-3.0
to match the gtk-update-icon-cache binary name deployed in
meta/recipes-gnome/gtk+/gtk+3.inc.
Signed-off-by: Daniel Gomez
Signed-off-by: Alexandre Belloni
Signed-off-by: Richard Purdie
Signed-off-by: Robert Joslyn
---
meta/classes/gtk-icon-cache.bbclass | 2 +-
1 file
Backport fixes for:
- CVE-2022-32221 POST following PUT confusion
- CVE-2022-35260 .netrc parser out-of-bounds access
- CVE-2022-42915 HTTP proxy double-free
- CVE-2022-42916 HSTS bypass via IDN
Signed-off-by: Robert Joslyn
---
.../curl/curl/CVE-2022-32221.patch| 27
Feature and security update. Fixes the following CVEs:
- CVE-2022-32221
- CVE-2022-35260
- CVE-2022-42915
- CVE-2022-42916
Release notes: https://curl.se/changes.html#7_86_0
Signed-off-by: Robert Joslyn
---
meta/recipes-support/curl/{curl_7.85.0.bb => curl_7.86.0.bb} | 2 +-
1 f
Signed-off-by: Robert Joslyn
---
meta/recipes-extended/timezone/timezone.inc | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/meta/recipes-extended/timezone/timezone.inc
b/meta/recipes-extended/timezone/timezone.inc
index 2b956cf7c0..d032fed356 100644
--- a/meta/recipes
liboggflac++ packaging. This was merged into the
main libflac and libflac++ libraries in version 1.1.3, so these
packages have been empty.
License-Update: Updated copyright years
Signed-off-by: Robert Joslyn
---
.../flac/{flac_1.3.4.bb => flac_1.4.0.bb} | 38 +--
1 f
https://curl.se/docs/CVE-2022-35252.html
Signed-off-by: Robert Joslyn
---
.../curl/curl/CVE-2022-35252.patch| 72 +++
meta/recipes-support/curl/curl_7.69.1.bb | 1 +
2 files changed, 73 insertions(+)
create mode 100644 meta/recipes-support/curl/curl/CVE-2022
https://curl.se/docs/CVE-2022-35252.html
Signed-off-by: Robert Joslyn
---
.../curl/curl/CVE-2022-35252.patch| 72 +++
meta/recipes-support/curl/curl_7.82.0.bb | 1 +
2 files changed, 73 insertions(+)
create mode 100644 meta/recipes-support/curl/curl/CVE-2022
Tarball switched from bz2 to xz.
Signed-off-by: Robert Joslyn
---
.../xorg-lib/{libfontenc_1.1.4.bb => libfontenc_1.1.6.bb}| 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
rename meta/recipes-graphics/xorg-lib/{libfontenc_1.1.4.bb =>
libfontenc_1.1.6.bb} (72%)
diff --git
Tarball switched from bz2 to xz.
Signed-off-by: Robert Joslyn
---
.../xorg-lib/{libxau_1.0.9.bb => libxau_1.0.10.bb}| 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta/recipes-graphics/xorg-lib/{libxau_1.0.9.bb => libxau_1.0.10.bb}
(76%)
diff --git
Tarball switched from bz2 to xz.
Signed-off-by: Robert Joslyn
---
.../xorg-lib/{libxfont2_2.0.5.bb => libxfont2_2.0.6.bb}| 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
rename meta/recipes-graphics/xorg-lib/{libxfont2_2.0.5.bb =>
libxfont2_2.0.6.bb} (85%)
diff --git
Upstream has switched some new releases from bz2 to xz compression. Add
an XORG_EXT variable so recipes can set the file name extension needed
for the compression type.
Signed-off-by: Robert Joslyn
---
meta/recipes-graphics/xorg-lib/xorg-lib-common.inc | 3 ++-
1 file changed, 2 insertions
Release notes are available at: https://curl.se/changes.html#7_85_0
Remove backported patches as they are included in the new release.
Signed-off-by: Robert Joslyn
---
.../curl/{curl_7.84.0.bb => curl_7.85.0.bb} | 4 +-
...-to-using-atomic_int-instead-of-bool.patch |
> On Aug 24, 2022, at 4:53 AM, Pawan Badganchi wrote:
>
> From: Pawan Badganchi
>
> Add below patch to fix CVE-2016-3709
>
> CVE-2016-3709.patch
> Link:
> https://github.com/GNOME/libxml2/commit/c1ba6f54d32b707ca6d91cb3257ce9de82876b6f
>
> Signed-off-by: Pawan Badganchi
> ---
> .../libxml/
Backport fixes for:
* CVE-2022-32206 - https://curl.se/docs/CVE-2022-32206.html
* CVE-2022-32207 - https://curl.se/docs/CVE-2022-32207.html
* CVE-2022-32208 - https://curl.se/docs/CVE-2022-32208.html
Signed-off-by: Robert Joslyn
---
.../curl/curl/CVE-2022-32206.patch| 52
Backport fixes for:
* CVE-2022-32205 - https://curl.se/docs/CVE-2022-32205.html
* CVE-2022-32206 - https://curl.se/docs/CVE-2022-32206.html
* CVE-2022-32207 - https://curl.se/docs/CVE-2022-32207.html
* CVE-2022-32208 - https://curl.se/docs/CVE-2022-32208.html
Signed-off-by: Robert Joslyn
On 7/2/2022 5:33 AM, Richard Purdie wrote:
On Fri, 2022-07-01 at 15:18 +0100, Jose Quaresma wrote:
Signed-off-by: Jose Quaresma
---
meta/recipes-support/curl/{curl_7.83.1.bb => curl_7.84.0.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-support/curl/{curl_7.8
This is a feature and bugfix update. Release notes are available at:
https://curl.se/changes.html#7_84_0
Backport a patch fixing a compile issue where sched.h was not included
on certain platforms.
Signed-off-by: Robert Joslyn
---
.../curl/{curl_7.83.1.bb => curl_7.84.0.bb} | 7 ++--
...
> On Jun 19, 2022, at 5:33 AM, Steve Sakoman wrote:
>
> Branch: dunfell
>
> New this week: 3 CVEs
> CVE-2022-27779 (CVSS3: 5.3 MEDIUM): curl:curl-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27779 *
> CVE-2022-27780 (CVSS3: 7.5 HIGH): curl:curl-native
> https://web.nvd.
> On Jun 12, 2022, at 6:02 AM, Steve Sakoman wrote:
>
> Branch: kirkstone
>
> New this week: 5 CVEs
> CVE-2022-1664 (CVSS3: 9.8 CRITICAL): dpkg
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1664 *
> CVE-2022-1927 (CVSS3: 9.8 CRITICAL): vim
> https://web.nvd.nist.gov/view/vuln/d
> On Jun 1, 2022, at 9:07 AM, Steve Sakoman wrote:
>
> On Tue, May 31, 2022 at 11:01 PM Riyaz Ahmed Khan wrote:
>>
>> From: Riyaz Khan
>>
>> Add patches for CVE issues: CVE-2022-27781 CVE-2022-27782
>>
>> CVE-2022-27781
>> Link:
>> [https://github.com/curl/curl/commit/5c7da89d404bf59c8dd82
Fix typo to properly whitelist CVE-2021-22945.
Signed-off-by: Robert Joslyn
---
meta/recipes-support/curl/curl_7.69.1.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-support/curl/curl_7.69.1.bb
b/meta/recipes-support/curl/curl_7.69.1.bb
index b53b00cc38
Backport patches to address CVE-2022-27774, CVE-2022-27781, and
CVE-2022-27782.
Signed-off-by: Robert Joslyn
---
.../curl/curl/CVE-2022-27774-1.patch | 45 +++
.../curl/curl/CVE-2022-27774-2.patch | 80
.../curl/curl/CVE-2022-27774-3.patch | 83
.../curl
-2022-27780.html
* https://curl.se/docs/CVE-2022-27781.html
* https://curl.se/docs/CVE-2022-27779.html
* https://curl.se/docs/CVE-2022-27782.html
Signed-off-by: Robert Joslyn
---
.../curl/curl/CVE-2022-22576.patch| 145 ++
.../curl/curl/CVE-2022-27774-1.patch | 45
of
powerpc is not supported.
Remove setting GLIBC_EXTRA_OECONF with parameters that are no longer
valid. Also remove a commented out setting of the variable that probably
isn't vaild anyway.
Fixes: 2511e937f445 ("glibc: Drop ppc sqrt optimisations")
Signed-off-by: Robert Joslyn
curl_easy_nextheader
* msh3: add support for QUIC and HTTP/3 using msh3
Full changelog at: https://curl.se/changes.html#7_83_0
Signed-off-by: Robert Joslyn
---
meta/recipes-support/curl/{curl_7.82.0.bb => curl_7.83.0.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-supp
from MIT to
MIT-open-group. The curl license contains the additional advertising
clause present in the Open Group variant.
Use a weak assignment with the RANDOM variable to make changes via
bbappend easier.
Signed-off-by: Robert Joslyn
---
.../curl/{curl_7.81.0.bb => curl_7.82.0
67,7 @@ EXTRA_OECONF = " \
> --enable-debug \
> --enable-optimize \
> --disable-curldebug \
> +${@'--without-ssl' if (bb.utils.filter('PACKAGECONFIG', 'gnutls mbedtls
> nss openssl', d) == '') else ''} \
> &
only trivial patch fuzz
modifications.
Signed-off-by: Robert Joslyn
---
.../curl/curl/CVE-2021-22945.patch| 35 ++
.../curl/curl/CVE-2021-22946.patch| 333
.../curl/curl/CVE-2021-22947.patch| 357 ++
meta/recipes-support/curl
I'll give it a go to try and help out.
Signed-off-by: Robert Joslyn
---
meta/conf/distro/include/maintainers.inc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/conf/distro/include/maintainers.inc
b/meta/conf/distro/include/maintainers.inc
index 0af6974a3d..d700d
should only be used when trying to disable all
crypto support.
Move --with-random to it's own option, since it is useful for other
crypto providers, not just openssl.
Signed-off-by: Robert Joslyn
---
meta/recipes-support/curl/curl_7.81.0.bb | 12
1 file changed, 8 insertions(
Update URLs to refelct what upstream is presently using and add zstd
PACKAGECONFIG.
Signed-off-by: Robert Joslyn
---
.../curl/{curl_7.80.0.bb => curl_7.81.0.bb}| 10 +-
1 file changed, 5 insertions(+), 5 deletions(-)
rename meta/recipes-support/curl/{curl_7.80.0
-by: Robert Joslyn
---
.../{btrfs-tools_5.11.1.bb => btrfs-tools_5.12.bb} | 7 ---
1 file changed, 4 insertions(+), 3 deletions(-)
rename meta/recipes-devtools/btrfs-tools/{btrfs-tools_5.11.1.bb =>
btrfs-tools_5.12.bb} (92%)
diff --git a/meta/recipes-devtools/btrfs-tools
Looks like this update causes btrfs-tools-native to fail to build with older
kernels. I think it just needs a new PACKAGECONFIG, but I’ll take a look and
send a v2.
Thanks,
Robert
> On May 10, 2021, at 10:18 PM, Robert Joslyn
> wrote:
>
> License-Update: libbtrfsutil was r
oint, the new versioning scheme doesn’t do the even is release,
odd is development thing anymore. I can send a v3, or a separate patch if
that’s easier since v2 is already on master-next.
Thanks,
Robert
> On Tue, 11 May 2021 at 07:39, Robert Joslyn
> wrote:
> Refresh patch and
Forgot the Signed-off-by, sent a v2.
Thanks,
Robert
> On May 10, 2021, at 9:57 PM, Robert Joslyn
> wrote:
>
> Refresh patch and adjust version directory for new version numbering
> scheme. Add new dependency on libarchive.
> ---
> .../epiphany/{epiphany_3.38.3.bb => e
Refresh patch and adjust version directory for new version numbering
scheme. Add new dependency on libarchive.
Signed-off-by: Robert Joslyn
---
.../epiphany/{epiphany_3.38.3.bb => epiphany_40.1.bb} | 7 ---
.../0002-help-meson.build-disable-the-use-of-yelp.patch | 8
2 fi
License-Update: libbtrfsutil was relicensed to LGPLv2.1+:
https://git.kernel.org/pub/scm/linux/kernel/git/kdave/btrfs-progs.git/commit/?id=9e30f779e3cbf12a88ebe309ee371851fdfd3aa0
Signed-off-by: Robert Joslyn
---
.../{btrfs-tools_5.11.1.bb => btrfs-tools_5.12.bb} | 6 +++---
1 f
Refresh patch and adjust version directory for new version numbering
scheme. Add new dependency on libarchive.
---
.../epiphany/{epiphany_3.38.3.bb => epiphany_40.1.bb} | 7 ---
.../0002-help-meson.build-disable-the-use-of-yelp.patch | 8
2 files changed, 8 insertions(+), 7 dele
Update HOMEPAGE and SRC_URI since development moved to GitHub.
Signed-off-by: Robert Joslyn
---
...fonts_2.00.1.bb => liberation-fonts_2.1.4.bb} | 16
1 file changed, 4 insertions(+), 12 deletions(-)
rename meta/recipes-graphics/ttf-fonts/{liberation-fonts_2.00.1
Cosmetic changes to better follow the style guide.
Signed-off-by: Robert Joslyn
---
meta/recipes-devtools/btrfs-tools/btrfs-tools_5.11.1.bb | 7 ---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.11.1.bb
b/meta/recipes-devtools
someone cares
enough to make reiserfs recipes.
Remove acl and attr from DEPENDS, as they do not apper to be needed. Add
zlib since it is required.
Signed-off-by: Robert Joslyn
---
.../btrfs-tools/btrfs-tools_5.11.1.bb | 18 --
1 file changed, 16 insertions(+), 2 deletions
Update licensing, as libtrfsutil is under LGPLv3+. Note that libtrfsutil
is in the process of being relicensed to LGPLv2.1+:
https://github.com/kdave/btrfs-progs/issues/323
Signed-off-by: Robert Joslyn
---
.../{btrfs-tools_5.10.1.bb => btrfs-tools_5.11.1.bb} | 9 ++---
1 f
Remove upstreamed patch.
Add gamepad PACKAGECONFIG. Although upstream enables it by default,
leave it disabled because the libmanette recipe is in meta-oe.
Signed-off-by: Robert Joslyn
---
...ics-check-to-include-1-byte-CAS-test.patch | 77 ---
...ebkitgtk_2.30.5.bb
> On Apr 16, 2021, at 12:17 AM, Andre McCurdy wrote:
>
> On Thu, Apr 15, 2021 at 10:38 PM Robert Joslyn
> wrote:
>>
>> Add options to make it easier to control which features are enabled. All
>> of these default to enabled by upstream, so keep them enabled to
Cosmetic changes to bettor follow the style guide.
Signed-off-by: Robert Joslyn
---
meta/recipes-devtools/btrfs-tools/btrfs-tools_5.11.1.bb | 7 ---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.11.1.bb
b/meta/recipes-devtools
someone cares
enough to make reiserfs recipes.
Remove acl and attr from DEPENDS, as they do not apper to be needed. Add
zlib since it is required.
Signed-off-by: Robert Joslyn
---
.../btrfs-tools/btrfs-tools_5.11.1.bb | 26 ---
1 file changed, 23 insertions(+), 3 deletions
Update licensing, as libtrfsutil is under LGPLv3+. Note that libtrfsutil
is in the process of being relicensed to LGPLv2.1+:
https://github.com/kdave/btrfs-progs/issues/323
Signed-off-by: Robert Joslyn
---
.../{btrfs-tools_5.10.1.bb => btrfs-tools_5.11.1.bb} | 9 ++---
1 f
> On Jan 20, 2021, at 10:18 AM, Steve Sakoman wrote:
>
> On Sun, Jan 17, 2021 at 11:16 AM Robert Joslyn
> wrote:
>>
>> According to the Intel security advisory [1], these CVEs are mitigated by
>> the following kernel commits:
>>
>> eddb7732119d53
> On Jan 17, 2021, at 1:14 PM, Robert Joslyn
> wrote:
>
> According to the Intel security advisory [1], these CVEs are mitigated by
> the following kernel commits:
>
> eddb7732119d53400f48a02536a84c509692faa8 Bluetooth: A2MP: Fix not
>
5.4.72 releases. Since the kernels provied by OE-core
contain these fixes, mark them as whitelisted.
[1]:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html?wapkw=CVE-2020-12351
Signed-off-by: Robert Joslyn
---
meta/recipes-connectivity/bluez5/bluez5_5.55.bb
This CVE only applies to the load_ppp_generic_if_needed patch applied by
Ubuntu. This patch is not used by OpenEmbedded, so the CVE does not
apply.
Signed-off-by: Robert Joslyn
---
meta/recipes-connectivity/ppp/ppp_2.4.7.bb | 4
1 file changed, 4 insertions(+)
diff --git a/meta/recipes
man: steve@octo:~/Desktop$ wc -l cve-raffle-sorted-
> nodups
> (07:11:42 AM) sakoman: 50 cve-raffle-sorted-nodups
> (07:12:04 AM) sakoman: And the winner by random selection is:
> (07:12:21 AM) sakoman: steve@octo:~/Desktop$ shuf -n 1 cve-raffle-
> sorted-nodups
> (07:12:21 AM) sako
This fixes a NULL pointer dereference in GENERAL_NAME_cmp function.
CVE: CVE-2020-1971
Signed-off-by: Robert Joslyn
---
.../openssl/{openssl_1.1.1g.bb => openssl_1.1.1i.bb}| 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-connectivity/open
On 2020-12-04 03:40, Konrad Weihmann wrote:
PACKAGECONFIG_pn-btrfs-utils = "foo bar" in local.conf or distro.conf
should do what you had in mind.
But yes your observations are correct bbappends are applied *after*
the initial recipe was parsed
Thanks, I was able to get it working with this in m
I'm trying to remove unnecessary packages from one of my images, and I
noticed that some conditional inherit lines don't work as I'd expect. In
my case, I'm trying to remove python, and the only recipe pulling in
python is btrfs-tools. The relevant parts of the btrfs-tools recipe (I'm
building on m
On Sun, 2020-02-16 at 20:01 +, Patchwork wrote:
> == Series Details ==
>
> Series: ell: Update to 0.28
> Revision: 1
> URL : https://patchwork.openembedded.org/series/22697/
> State : failure
>
> == Summary ==
>
>
> Thank you for submitting this patch series to OpenEmbedded Core. This is
ChangeLog:
- Fix issue with NULL check of D-Bus proxy for method calls.
- Add support for emitting D-Bus property changes on demand.
- Add support for reporting file attribute changes.
Signed-off-by: Robert Joslyn
---
meta/recipes-core/ell/{ell_0.27.bb => ell_0.28.bb} | 4 ++--
1 file chan
- Fix issue with data overflow and multiple PEMs.
- Fix issue with handling DHCP lease expiration.
Signed-off-by: Robert Joslyn
---
meta/recipes-core/ell/{ell_0.26.bb => ell_0.27.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta/recipes-core/ell/{ell_0.26.bb => el
populated with a qemu-native build with snappy improperly
enabled, and the cached qemu-native gets used on another build machine
that does not have libsnappy.
Signed-off-by: Robert Joslyn
---
meta/recipes-devtools/qemu/qemu.inc | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/recipes-devtools
On Mon, 2019-03-18 at 16:53 +, Manjukumar Harthikote Matha wrote:
> Hi,
>
> > -Original Message-
> > From: openembedded-core-boun...@lists.openembedded.org
> > [mailto:openembedded-core-boun...@lists.openembedded.org] On Behalf
> > Of
> > Rober
From: Michael Halstead
Avoid uninative checksum warnings when building on aarch64 hardware.
Signed-off-by: Michael Halstead
Signed-off-by: Richard Purdie
---
meta/conf/distro/include/yocto-uninative.inc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/conf/distro/inclu
On Sun, 2018-12-02 at 10:43 +, Richard Purdie wrote:
> On Sat, 2018-12-01 at 19:14 -0800, Robert Joslyn wrote:
> > The pciutils recipe places libpci in a separate package, but the
> > default
> > package split puts the headers for the library in pciutils-dev.
> > W
pkgconfig files from
pciutils-dev to libpci-dev so the SDK gets those files for images using
libpci.
Signed-off-by: Robert Joslyn
---
meta/recipes-bsp/pciutils/pciutils_3.6.2.bb | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/meta/recipes-bsp/pciutils/pciutils_3.6.2.bb
b/meta
The pciutils recipe places libpci in a separate package, but the default
package split puts the headers for the library in pciutils-dev. When
building an SDK for an image that uses libpci, but not pciutils, the
headers for libpci are not included.
Move the headers, unversioned so symlink, and pkgc
From: Andrej Valek
Patch original c_rehash script with Debian patch instead
of overriding it with own version.
Error output from c_reshah without patching:
Unknown regexp modifier "/b" at ./c_rehash line 15, at end of line
Unknown regexp modifier "/W" at ./c_rehash line 28, at end of line
From: Andre McCurdy
The fact that the darwin support only appears to consider x86 (and
not x86_64) suggests that it's not maintained or tested. In general
oe-core doesn't support building on darwin.
(From OE-Core rev: 9c7f37bb1345c38211acd137c00b9d07f92601a7)
(From OE-Core rev: ebe53ed0e34b88c7
From: Andre McCurdy
Openssl 1.1 requires perl in order to build (just as openssl 1.0
does). The missing dependency has gone unnoticed up to now since
hostperl-runtime-native is included in ASSUME_PROVIDED.
(From OE-Core rev: ed5f8bb582453e7d8a1636ad1463380076209bd2)
(From OE-Core rev: 33a951904
From: Andrej Valek
Please see this security advisory:
https://www.openssl.org/news/secadv/20180612.txt
Remove obsolete patch.
(From OE-Core rev: 0d19caefeeca14f44c80ccb716c30b17f14255a5)
(From OE-Core rev: 784059db22d763ca9f579a10a34fd90c68542e82)
Signed-off-by: Andrej Valek
Signed-off-by: R
From: Andrej Valek
Please see this security advisory:
https://www.openssl.org/news/secadv/20180612.txt
Refresh patches
(From OE-Core rev: ff3db93e53c4f9d56807d3755c799459944e9a87)
(From OE-Core rev: 84233553e963e26ca5f9f983662d4bd133176bb9)
Signed-off-by: Andrej Valek
Signed-off-by: Richard
From: Andre McCurdy
Squash whitespace in CC_INFO to avoid recipe whitespace changes to
CFLAG affecting the final openssl binaries (the value of CC_INFO gets
embedded in libcrypto, via buildinf.h).
(From OE-Core rev: 2227c51896d4399daac9d85f40d7510b7c8ae03f)
(From OE-Core rev: 0bda7fda8ce11b9b8c
From: Andre McCurdy
Creating the openssl manpages, which happens as part of do_install(),
can take a significant amount of time (e.g. ~50 seconds on a quad
core laptop). Provide a PACKAGECONFIG option to allow creation of the
manpages to be skipped completely if not required and inherit the
manpa
From: Andre McCurdy
The openssl Configure script will only select standalone makedepend
(vs running "$CC -M") when building with gcc < 3.x or with an Apple
Xcode version which predates the switch to clang (in approx 2010?).
Neither of these cases are possible when building under OE, therefore
the
From: Andre McCurdy
The perlpath.pl script is used to patch the #! lines in all perl
scripts in the utils directory. However, as these scripts are run via
e.g. "perl foo.pl", they don't actually rely on the #! path to be
correct (which can be confirmed by the observation that the path is
currentl
From: Andre McCurdy
Fix inconsistent indent (and also make the openssl 1.1 recipe more
consistent and consistent with the openssl 1.0 recipe).
(From OE-Core rev: 69844643aa1b829c27f144db634c8223c18c783f)
(From OE-Core rev: 3e0290b51da404761ac6a7d2657fd10693bf21b9)
Signed-off-by: Andre McCurdy
From: Andre McCurdy
Align the openssl 1.1 recipe with changes made to openssl 1.0:
http://git.openembedded.org/openembedded-core/commit/?id=a072d4620db462c5d3459441d5684cfd99938400
(From OE-Core rev: 24e745aaa2354432a9112879450263cab742c85b)
(From OE-Core rev: ec24fcc63e33b9c808b81968bad94e
From: Andre McCurdy
Previously (when EXTRA_OEMAKE contained -e) exporting these variables
over-rode default values in the top-level openssl Makefile. However,
since -e was removed from EXTRA_OEMAKE as part of:
http://git.openembedded.org/openembedded-core/commit/?id=537a404cfbb811fcb526cdb5f2
1 - 100 of 124 matches
Mail list logo
