summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* manuals: update linux-yocto append examplesMichael Opdenacker2023-10-254-41/+40
| | | | | | | (From yocto-docs rev: b5d385f20d22566e12a7938a9894b86429f1dcfb) Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* ref-manual: Warn about COMPATIBLE_MACHINE skipping native recipesArne Schwerdt2023-10-251-0/+7
| | | | | | | | (From yocto-docs rev: 48e5fb383570dc6a067b14cc621e4cb347db900c) Signed-off-by: Arne Schwerdt <arne.schwerdt@elbbits.com> Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* vim: Upgrade 9.0.2009 -> 9.0.2048Siddharth Doshi2023-10-251-2/+2
| | | | | | | | | This includes CVE fix for CVE-2023-5535. (From OE-Core rev: 7681436190354b5c5b6c3a82b3094badd81113de) Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* libx11: Security Fix for CVE-2023-43785, CVE-2023-43786 and CVE-2023-43787Siddharth Doshi2023-10-256-0/+267
| | | | | | | | | | | | CVE's Fixed: CVE-2023-43785: libX11: out-of-bounds memory access in _XkbReadKeySyms() CVE-2023-43786: libX11: stack exhaustion from infinite recursion in PutSubImage() CVE-2023-43787: libX11: integer overflow in XCreateImage() leading to a heap overflow (From OE-Core rev: 8175d023c203d524d011d8947f90fbd02786c6db) Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* linux-firmware: upgrade 20230625 -> 20230804Meenali Gupta2023-10-251-2/+2
| | | | | | | | | | | | | | | | | | | License-Update: additional firmwares upgrade include fix for CVE-2023-20569 CVE-2022-40982 CVE-2023-20593 Changelog: https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/ References: https://nvd.nist.gov/vuln/detail/CVE-2023-20569 https://nvd.nist.gov/vuln/detail/CVE-2022-40982 https://nvd.nist.gov/vuln/detail/CVE-2023-20593 (From OE-Core rev: d3f1448246c9711f4f23f2e12c664e0ba3ae3f02) Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* zlib: patch CVE-2023-45853Peter Marko2023-10-252-0/+43
| | | | | | | | | | | Backport commit merged to develop branch from PR linked in NVD report: * https://nvd.nist.gov/vuln/detail/CVE-2023-45853 * https://github.com/madler/zlib/pull/843 (From OE-Core rev: 6e265e44febbb6fdf85c7926b9a64b731c98d814) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* gawk: backport Debian patch to fix CVE-2023-4156Vijay Anusuri2023-10-252-0/+29
| | | | | | | | | | | | Upstream-Status: Backport [https://git.launchpad.net/ubuntu/+source/gawk/tree/debian/patches?h=ubuntu/jammy-security & https://git.savannah.gnu.org/gitweb/?p=gawk.git;a=commitdiff;h=e709eb829448ce040087a3fc5481db6bfcaae212] (From OE-Core rev: 0547b60d3485c2e3853e5a9e0a3e051882b283f3) Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* qemu: ignore RHEL specific CVE-2023-2680Lee Chee Yang2023-10-251-0/+4
| | | | | | | (From OE-Core rev: a1256b8fa415002eee78427cc292b866570ee267) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* SECURITY.md: Add fileRichard Purdie2023-10-241-0/+24
| | | | | | | | | | Add a SECURITY.md file with hints for security researchers and other parties who might report potential security vulnerabilities. (From meta-yocto rev: e3c11a51dc814fdd400998f50b17e572d453e1d2) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* bitbake: SECURITY.md: add fileMarta Rybczynska2023-10-241-0/+24
| | | | | | | | | | | Add a SECURITY.md file with hints for security researchers and other parties who might report potential security vulnerabilities. (Bitbake rev: 6c1ffa9091d0c53a100e8c8c15122d28642034bd) Signed-off-by: Marta Rybczynska <marta.rybczynska@syslinbit.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* uboot-extlinux-config.bbclass: fix missed override syntax migrationQuentin Schulz2023-10-211-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | uboot-extlinux-config allows to specify multiple "labels" (entries in a menu, à-la grub) and each of them have their own values for some fields. Each "base" variable, e.g. UBOOT_EXTLINUX_FDT can be overridden for each label. This is done via the OVERRIDES mechanism based on the label name, e.g. UBOOT_EXTLINUX_FDT:linux if linux is a label. However, OVERRIDES doesn't contain the label globally because it's only necessary in one task. Therefore, the OVERRIDES itself is modified within the task. This means that the sigdata will not be told the dependency on UBOOT_EXTLINUX_FDT:linux, because it cannot know about it. For this reason, we need to explicitly specify which variables this task depends on via vardeps varflag for the task. This was done in the past, but we missed updating it during the override syntax migration so the cache wouldn't get invalidated if someone modifies UBOOT_EXTLINUX_FDT:linux from a configuration file or a bbappend for example. Let's fix this by migrating it to the new syntax. (From OE-Core rev: 5570e49791b770271f176a4deeb5f6f1a028cb4a) Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit b4dd9d873508128adbbf5ff6cf0a3df3d2ffbcf6) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* libxpm: upgrade to 3.5.17Siddharth Doshi2023-10-211-1/+1
| | | | | | | | | | | | | This release fixes the following CVEs: - CVE-2023-43788 - CVE-2023-43789 (From OE-Core rev: 1475a47239d77a368bcec69f12e5a63f8bebe14f) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* tiff: Security fix for CVE-2023-40745Siddharth Doshi2023-10-212-0/+35
| | | | | | | | | Upstream-Status: Backport from [https://gitlab.com/libtiff/libtiff/-/commit/4fc16f649fa2875d5c388cf2edc295510a247ee5] CVE: CVE-2023-40745 (From OE-Core rev: f1aa2dd493c01e18ee0f534ff00523a1274f9066) Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* libtiff: Add fix for tiffcrop CVE-2023-1916Hitendra Prajapati2023-10-212-0/+100
| | | | | | | | | | | | | | | | | | | | | | | | | | Add fix for tiffcrop tool CVE-2023-1916 [1]. A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c, resulting in a denial of service and limited information disclosure. This issue affects libtiff versions 4.x. The tool is no longer part of newer libtiff distributions, hence the fix is rejected by upstream in [2]. The backport is still applicable to older versions of libtiff, pick the CVE fix from ubuntu 20.04 [3]. [1] https://nvd.nist.gov/vuln/detail/CVE-2023-1916 [2] https://gitlab.com/libtiff/libtiff/-/merge_requests/535 [3] https://packages.ubuntu.com/source/focal-updates/tiff (From OE-Core rev: 4d3e7f9a157e56a4a8ffb4d16fd6401a22851307) Signed-off-by: Marek Vasut <marex@denx.de> Upstream-Status: Backport from https://gitlab.com/libtiff/libtiff/-/commit/848434a81c443f59ec90d41218eba6e48a450a11 && https://gitlab.com/libtiff/libtiff/-/merge_requests/535 Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* binutils: CVE-2022-48063Armin Kuster2023-10-212-0/+49
| | | | | | | | | | | | | | | | Source: Binutils MR: 128800 Type: Security Fix Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=75393a2d54bcc40053e5262a3de9d70c5ebfbbfd ChangeID: ab04e4ec62d054c90d94f82230adb2342ce1ee1b Description: Affects binutils < 2.40 (From OE-Core rev: 80a8d16a4038868469b4583404b6f73e12bae0f1) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* binutils: Fix CVE-2022-47011Deepthi Hemraj2023-10-212-0/+36
| | | | | | | (From OE-Core rev: 5ff2e3c880705c2e920a4a61a5165810fadd7b84) Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* binutils: Fix CVE-2022-47008Deepthi Hemraj2023-10-212-0/+68
| | | | | | | (From OE-Core rev: 3a299d1610bf085790017569de090b0a41cf809b) Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* binutils: Mark CVE-2022-47696 as patchedChaitanya Vadrevu2023-10-211-0/+2
| | | | | | | (From OE-Core rev: bc480221d8091be460a1b8c4d023b9841e1df3c2) Signed-off-by: Chaitanya Vadrevu <chaitanya.vadrevu@ni.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* binutils: Mark CVE-2022-47673 as patchedChaitanya Vadrevu2023-10-211-0/+2
| | | | | | | (From OE-Core rev: 96fe4b522a35f75a7d2b597d7e650dfc7ae82e27) Signed-off-by: Chaitanya Vadrevu <chaitanya.vadrevu@ni.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* binutils: Fix CVE-2022-47695Chaitanya Vadrevu2023-10-212-0/+59
| | | | | | | | | Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=3d3af4ba39e892b1c544d667ca241846bc3df386] (From OE-Core rev: 4d4732c2e295fea610d266fa12bae3cc01f93dfa) Signed-off-by: Chaitanya Vadrevu <chaitanya.vadrevu@ni.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* migration-guides: add release notes for 4.0.13Lee Chee Yang2023-10-182-0/+272
| | | | | | | | (From yocto-docs rev: 9a03e60370bb4f10fa340c1e29cd743e5703653b) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* overview: Add note about non-reproducibility side effectsJoshua Watt2023-10-181-0/+9
| | | | | | | | | | | Adds an additional note about some of the side effects that can occur if recipes are not reproducible and hash equivalence is enabled. (From yocto-docs rev: aaf3e97c78e235bf3042c79ecdcf0b7c1a68ca8f) Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* dev-manual: fix testimage usage instructionsTrevor Gamblin2023-10-182-3/+3
| | | | | | | | | | | | | | | | The proper way to inherit the testimage class is now IMAGE_CLASSES += "testimage" so change lines with 'INHERIT += "testimage"' to match. This makes the dev-manual consistent with the migration guide, which already specifies that the old way causes an error. (From yocto-docs rev: 40d82ec5f55c2353ef6f052e8460a6003fd903f4) Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* ref-manual: releases.svg: Scarthgap is now version 5.0Michael Opdenacker2023-10-181-1/+1
| | | | | | | | | According to https://wiki.yoctoproject.org/wiki/Releases (From yocto-docs rev: 1ce820adce0d9ca4eb6457dc089d55a0cec8c266) Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* apt: add missing <cstdint> for uint16_tKhem Raj2023-10-182-0/+36
| | | | | | | | | | (From OE-Core rev: 2572b32e729831762790ebfbf930a1140657faea) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 8c46ded67df2d830c8bbf5f7b82d75db81d797e2) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-urllib3: 1.26.15 -> 1.26.17Lee Chee Yang2023-10-181-1/+1
| | | | | | | | | | | | | | | | | 1.26.17 (2023-10-02) Added the Cookie header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect. (CVE-2023-43804) 1.26.16 (2023-05-23) Fixed thread-safety issue where accessing a PoolManager with many distinct origins would cause connection pools to be closed while requests are in progress (#2954) (From OE-Core rev: 27a1de55a46b7b313eb2a6370e9d779a7cd49154) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-urllib3: upgrade 1.26.14 -> 1.26.15Wang Mingyu2023-10-181-1/+1
| | | | | | | | | | | | | | | | | Changelog: ========== * Fix socket timeout value when "HTTPConnection" is reused ('#2645 <https://github.com/urllib3/urllib3/issues/2645>'__) * Remove "!" character from the unreserved characters in IPv6 Zone ID parsing ('#2899 <https://github.com/urllib3/urllib3/issues/2899>'__) * Fix IDNA handling of '\x80' byte ('#2901 <https://github.com/urllib3/urllib3/issues/2901>'__) (From OE-Core rev: a335ccbcc9913e79bfe958c41690b7efa189ae93) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 8e062efbac29a81831c3060bcae601dc533d65dd) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-urllib3: upgrade 1.26.13 -> 1.26.14Tim Orling2023-10-181-1/+1
| | | | | | | | | | | | | | | | https://github.com/urllib3/urllib3/blob/1.26.14/CHANGES.rst#12614-2023-01-11 1.26.14 (2023-01-11) Fixed parsing of port 0 (zero) returning None, instead of 0. (#2850) Removed deprecated getheaders() calls in contrib module. (From OE-Core rev: aefb7af6b56269d45170beb99e6c878bf2448b78) Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 55ab1bf20e6893088acb6460e9004dac8e205559) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-urllib3: upgrade 1.26.12 -> 1.26.13Alexander Kanavin2023-10-181-1/+1
| | | | | | | | | | | (From OE-Core rev: e8ae3247795d9333f6252bbec85a8e09c0c9cb48) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit b18552f69a2eb8900981a10ba386dc4f862b29c3) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-urllib3: upgrade 1.26.11 -> 1.26.12wangmy2023-10-181-1/+1
| | | | | | | | | | (From OE-Core rev: 69a610b440b5e9e92931e43bd1c75230bb99f03e) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> (cherry picked from commit cb05578af3ace6e3983f93e16d9ad1ac2a65fbe2) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-urllib3: upgrade 1.26.10 -> 1.26.11Alexander Kanavin2023-10-181-1/+1
| | | | | | | | | | | (From OE-Core rev: d83b4afc17839b6c11b540aabf056647ddacb587) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit dbe07ff87e2cb1a8276e69a43c7cdbb9ae6e5493) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-urllib3: upgrade 1.26.9 -> 1.26.10wangmy2023-10-181-1/+2
| | | | | | | | | | | | | | | | | | Add dependence python3-logging. Changelog: ========= * Removed support for Python 3.5 * Fixed an issue where a "ProxyError" recommending configuring the proxy as HTTP instead of HTTPS could appear even when an HTTPS proxy wasn't configured. (From OE-Core rev: d9f200b931e48d957b721005f0140ef3fff55af3) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit a8a26a92dfe367472daf086a33a1b30ff6d17540) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* vim: Upgrade 9.0.1894 -> 9.0.2009Siddharth Doshi2023-10-181-2/+2
| | | | | | | | | This includes CVE fix for CVE-2023-5441. (From OE-Core rev: 6c88137d4ab36054ac97cff0457d78ef503f383e) Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* binutils: Fix CVE-2022-45703Yash Shinde2023-10-183-0/+180
| | | | | | | (From OE-Core rev: b2fa5b29462a16b238f8a6a40886b45aa483e963) Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* binutils: Fix CVE-2022-44840Yash Shinde2023-10-182-0/+152
| | | | | | | (From OE-Core rev: 7a42ae332ebde565cc7c6fca568563f076bd26ba) Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* xdg-utils: Fix CVE-2022-4055Hitendra Prajapati2023-10-182-0/+166
| | | | | | | | | Upstream-Status: Backport from https://gitlab.freedesktop.org/xdg/xdg-utils/-/commit/f67c4d1f8bd2e3cbcb9eb49f5e897075e7426780 (From OE-Core rev: fc4eecb6143b2b32a374388248b41c1d95b33968) Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* libtiff: fix CVE-2022-40090 improved IFD-Loop handlingHitendra Prajapati2023-10-182-0/+570
| | | | | | | | | Upstream-Status: Backport from https://gitlab.com/libtiff/libtiff/-/commit/c7caec9a4d8f24c17e667480d2c7d0d51c9fae41 (From OE-Core rev: 1effa609b5b527eb9afa5a2c529bdc0b317e4be0) Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* bitbake: bitbake-worker/runqueue: Avoid unnecessary bytes object copiesEtienne Cordonnier2023-10-182-9/+9
| | | | | | | | | | | | | | | | | | | | | declaring queue=b"" creates an object of types bytes(). bytes() is an immutable object, and therefore doing "self.queue = self.queue + r" creates a new object containing "self.queue" concatenated with "r". On my test setup, we are passing 180MB of data of "workerdata" to the bitbake-worker, so those copies significantly slow down the initialization of the bitbake-worker. Rather use bytearray() which a mutable type, and use extend() to avoid copies. In my test setup, byterray.extend() is 10.000 times faster than copying the queue, for a queue size of 180MB. (Bitbake rev: 9993a89e5b97dda5f3657e5a7cc3a4fa94ff7111) Signed-off-by: Etienne Cordonnier <ecordonnier@snap.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* bitbake: bitbake-getvar: Add a quiet command line argumentPaulo Neves2023-10-181-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | bitbake-getvar does not have a way to silence bitbake server's logger and that makes the tool hard to use for text processing. This is especially true when one wants to get a bitbake value to be piped to some other utility and instead we get uncontrolled logging messages or warnings together with bitbake's variable value. Example without quiet: bitbake-getvar --value MACHINE NOTE: Starting bitbake server... qemux86-64 With quiet: bitbake-getvar --value MACHINE --quiet qemux86-64 (Bitbake rev: d677daa0770c66010fc4ed0af5bbbb94752ba590) Signed-off-by: Paulo Neves <ptsneves@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> (cherry picked from commit af354e975d0b4c26d0e91e3c82946b093bc11b45) Signed-off-by: Markus Niebel <Markus.Niebel@ew.tq-group.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* contributor-guide: style-guide: discourage using Pending patch statusRoland Hieber2023-10-071-1/+8
| | | | | | | | | | Suggested-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Suggested-by: Alexander Kanavin <alex.kanavin@gmail.com> (From yocto-docs rev: 49d9c8da92cdec6fe4cdc3a4432794b9d286a24f) Signed-off-by: Roland Hieber <rhi@pengutronix.de> Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* contributor-guide: deprecate "Accepted" patch statusRoland Hieber2023-10-071-8/+5
| | | | | | | | | | | | | | | | | | | | This is in accordance with the gatesgarth Release Notes: > In the ``Upstream-Status`` header convention for patches, > ``Accepted`` has | been replaced with ``Backport`` as these almost > always mean the same thing i.e. the patch is already upstream and > may need to be removed in a future recipe upgrade. If you are adding > these headers to your own patches then use Backport to indicate that > the patch has been sent upstream. <https://docs.yoctoproject.org/migration-guides/migration-3.2.html#miscellaneous-changes> Suggested-by: Michael Opdenacker <michael.opdenacker@bootlin.com> (From yocto-docs rev: 9abc0d3100a07d93249f2fb376c42aab1bd9eb3a) Signed-off-by: Roland Hieber <rhi@pengutronix.de> Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* contributor-guide: discourage marking patches as InappropriateRoland Hieber2023-10-071-16/+14
| | | | | | | | | | | | | | It was never really clear what all those reasons really meant, and every patch submitted upstream liftens the maintenance on the Yocto side. So remove the current list, and replace it with two reasons in which an upstream submission likely won't benefit the upstream project. Suggested-by: Alexander Kanavin <alex.kanavin@gmail.com> (From yocto-docs rev: e0aabb7f3e7cd28a22224740eeb794a86ab34886) Signed-off-by: Roland Hieber <rhi@pengutronix.de> Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* contributor-guide: recipe-style-guide: add section about CVE patchesRoland Hieber2023-10-071-0/+25
| | | | | | | | | | | | | | | | | | | This was previously included in the OpenEmbedded wiki page [1], but was not ported along with the rest in commit 95c9a1e1e78bbfb82ade (2023-09-12, Michael Opdenacker: "contributor-guide: recipe-style-guide: add Upstream-Status"). [1]: https://www.openembedded.org/index.php?title=Commit_Patch_Message_Guidelines&oldid=10935 Group the examples in their own sections (but name it differently from any other section in this document so that sphinx doesn't generate a warning about duplicate labels). (From yocto-docs rev: 090049e08d7b6fc497a9ac5bc9fabbfa35327414) Signed-off-by: Roland Hieber <rhi@pengutronix.de> Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* contributor-guide: recipe-style-guide: add more patch tagging examplesRoland Hieber2023-10-071-1/+20
| | | | | | | | (From yocto-docs rev: 038697bb1f7eae4214eeecd01f665da083df43fe) Signed-off-by: Roland Hieber <rhi@pengutronix.de> Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* dev-manual: new-recipe.rst: replace reference to wikiMichael Opdenacker2023-10-071-3/+3
| | | | | | | (From yocto-docs rev: c68a5b5c8f92dbde0adaa91c90e08714fa4ac2a8) Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* bsp-guide: bsp.rst: replace reference to wikiMichael Opdenacker2023-10-071-2/+2
| | | | | | | (From yocto-docs rev: b7d59090425b1fbabf8801a2359fd704bb51947a) Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* contributor-guide/style-guide: Add a note about task idempotenceRichard Purdie2023-10-071-0/+14
| | | | | | | | (From yocto-docs rev: 681e6a0a4305057f7b96f5bef804391d8aff812b) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> CC: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* contributor-guide/style-guide: Refer to recipes, not packagesRichard Purdie2023-10-071-7/+8
| | | | | | | | | | | Whilst often referred to as packages by people we should use the more accurate term in documentation, 'recipe' instead of 'packages'. (From yocto-docs rev: d97795e5cfc41b57bffd1255bceaaea8494fd181) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* glibc: Update to latest on stable 2.35 branchPeter Marko2023-10-072-2/+2
| | | | | | | | | | | | Adresses CVE-2023-4911. Single commit bump: * c84018a05ae tunables: Terminate if end of input is reached (CVE-2023-4911) (From OE-Core rev: bca43f95850d395f9dc56644fa1d12910cabb0c5) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* glibc: Update to latest on stable 2.35 branchSoumya Sambu2023-10-052-1/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Adresses CVE-2023-4813, CVE-2023-4806, CVE-2023-5156. Added these to CVE_CHECK_IGNORE to avoid in cve-check reports since the recipe version did not change. These are the complete list of changes this brings * 73d4ce728a Document CVE-2023-4806 and CVE-2023-5156 in NEWS * 17092c0311 Fix leak in getaddrinfo introduced by the fix for CVE-2023-4806 [BZ #30843]* * 762a747fae io: Fix record locking contants for powerpc64 with __USE_FILE_OFFSET64 * e3ccb230a9 getaddrinfo: Fix use after free in getcanonname (CVE-2023-4806) * 1b9087dcec gethosts: Return EAI_MEMORY on allocation failure * f5f88f142a gaih_inet: Split result generation into its own function * a6da106892 gaih_inet: split loopback lookup into its own function * 8b70d97b08 gaih_inet: make gethosts into a function * 9098deb96a gaih_inet: separate nss lookup loop into its own function * ce64e72b7d gaih_inet: Split nscd lookup code into its own function. * 4897bf7968 gaih_inet: Split simple gethostbyname into its own function * 571c531b3b gaih_inet: make numeric lookup a separate routine * 9aad91abe6 gaih_inet: Simplify service resolution * d02808dee9 getaddrinfo: Fix leak with AI_ALL [BZ #28852] * f366eaa608 gaih_inet: Simplify canon name resolution * b126325fc7 nss: Sort tests and tests-container and put one test per line * 6e867146ee Simplify allocations and fix merge and continue actions [BZ #28931] * 59ee83b0c2 elf: Move l_init_called_next to old place of l_text_end in link map * 34b07bdbdd elf: Remove unused l_text_end field from struct link_map * 02a67e102f elf: Always call destructors in reverse constructor order (bug 30785) * aeea91fd15 elf: Do not run constructors for proxy objects * 1d828d5855 elf: Introduce to _dl_call_fini (From OE-Core rev: be0bca7eaa08948b6c4eabe63e68a6e14d8dad3b) Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-08-08 07:47:30 +0000