summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* bitbake: tests/fetch: Add real git lfs tests and decoratorPaulo Neves2023-02-221-0/+44
| | | | | | | | | | | | | | | | | | | | | | | | | | Added tests that verify that git-lfs works with an actual real git-lfs server. This was not previously the case because the repo in the test was a simulation of git-lfs but not a real git lfs repo. The 2 added tests are almost the same but test that the git lfs file checkout is successfult with or without the lfs=1 flag. The lfs=1 URI parameter is a quirk that triggers 2 different code paths for git lfs. lfs=1, when used on git lfs repositories triggers the git lfs downloading at the fetch bare stage. lfs query parameter unset triggers the git lfs downloading only on checkout as an implicit behavior of git. This leads to possible network access on the unpack stage and outside the DL_DIR. lfs=0 actually disables git-lfs functionality even if supported. (Bitbake rev: d2be7f7f652360f13cd66d0850f3e19ffe2afb0a) Signed-off-by: Paulo Neves <paulo@myneves.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: tests/fetch: git-lfs restore _find_git_lfsPaulo Neves2023-02-221-16/+24
| | | | | | | | | | Not restoring the mocked _find_git_lfs leads to other tests failing. (Bitbake rev: 70f848631450bd723c223227c21c60e815ee033d) Signed-off-by: Paulo Neves <paulo@myneves.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: server/process: Improve idle thread exception handlingRichard Purdie2023-02-201-1/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | If the inotifier code has an exception, bitbake currently hangs. Catch any exception and exit if seen. Also check the idle thread is alive and exit if it disappears. This should stop bitbake hanging if such a situation arises in future such as this example: 3323260 21:48:31.554468 Running command ['getVariable', 'BBINCLUDELOGS'] Exception in thread Thread-1 (idle_thread): Traceback (most recent call last): File "/usr/lib64/python3.10/threading.py", line 1016, in _bootstrap_inner self.run() File "/usr/lib64/python3.10/threading.py", line 953, in run self._target(*self._args, **self._kwargs) File "/home/pokybuild/yocto-worker/oe-selftest-fedora/build/bitbake/lib/bb/server/process.py", line 408, in idle_thread self.cooker.process_inotify_updates() File "/home/pokybuild/yocto-worker/oe-selftest-fedora/build/bitbake/lib/bb/cooker.py", line 256, in process_inotify_updates n.read_events() File "/home/pokybuild/yocto-worker/oe-selftest-fedora/build/bitbake/lib/pyinotify.py", line 1207, in read_events if fcntl.ioctl(self._fd, termios.FIONREAD, buf_, 1) == -1: OSError: [Errno 9] Bad file descriptor 3323260 21:48:32.206995 Command Completed (socket: True) (Bitbake rev: 358b5b02d5de1ab0f98104c4ec4953e46999b9a5) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: cooker: Ensure lock is held with changing notifierRichard Purdie2023-02-201-16/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | We've seen a couple of cases which bitbake hangs due to an inotifer exception such as: 3323260 21:48:31.554468 Running command ['getVariable', 'BBINCLUDELOGS'] Exception in thread Thread-1 (idle_thread): Traceback (most recent call last): File "/usr/lib64/python3.10/threading.py", line 1016, in _bootstrap_inner self.run() File "/usr/lib64/python3.10/threading.py", line 953, in run self._target(*self._args, **self._kwargs) File "/home/pokybuild/yocto-worker/oe-selftest-fedora/build/bitbake/lib/bb/server/process.py", line 408, in idle_thread self.cooker.process_inotify_updates() File "/home/pokybuild/yocto-worker/oe-selftest-fedora/build/bitbake/lib/bb/cooker.py", line 256, in process_inotify_updates n.read_events() File "/home/pokybuild/yocto-worker/oe-selftest-fedora/build/bitbake/lib/pyinotify.py", line 1207, in read_events if fcntl.ioctl(self._fd, termios.FIONREAD, buf_, 1) == -1: OSError: [Errno 9] Bad file descriptor 3323260 21:48:32.206995 Command Completed (socket: True) Ensure we don't destory the inotifier when the idle thread is reading is by holding the lock during setup/teardown. (Bitbake rev: 8fc5c50c2e23017833f93bcd514d708a14fa4266) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: Update 7.87.0 to 7.88.0Robert Joslyn2023-02-201-2/+2
| | | | | | | | | | This is a feature and bugfix update. Release notes available at: https://curl.se/changes.html#7_88_0 License-Update: Copyright year updated (From OE-Core rev: c79c895269050c44134a16ab6801c06b9497cf37) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Upgrade 3.0.7 -> 3.0.8Siddharth Doshi2023-02-202-45/+1
| | | | | | | | | | | | | | | | | | | | OpenSSL 3.0.8 fixes 1 HIGH level security vulnerability and 7 MODERATE level security vulnerability [1]. Upgrade the recipe to point to 3.0.8. CVE-2022-3996 is reported fixed in 3.0.8, so drop the patch for that as well. [1] https://www.openssl.org/news/vulnerabilities.html CVEs Fixed: https://www.openssl.org/news/secadv/20230207.txt (From OE-Core rev: 8461466f63200a0b1c9c247b70fdf5819651544c) Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-hatchling: upgrade 1.12.2 -> 1.13.0Alexander Kanavin2023-02-201-1/+1
| | | | | | | | (From OE-Core rev: c55010f01d8b5f01ba43600f1f9485692e54997a) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* piglit: upgrade to latest revisionAlexander Kanavin2023-02-201-1/+1
| | | | | | | | (From OE-Core rev: ade4748a768e927fdbf46794c2bd9ee871acf166) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* git: upgrade 2.39.1 -> 2.39.2Alexander Kanavin2023-02-201-1/+1
| | | | | | | | (From OE-Core rev: 513146bc11e97a6aecb09567253c2ef0aadc09bf) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* e2fsprogs: upgrade 1.46.5 -> 1.47.0Alexander Kanavin2023-02-206-159/+6
| | | | | | | | (From OE-Core rev: 2a174dfdd7c42f52802ebf7cbaace324b5174947) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libcap: upgrade 2.66 -> 2.67Alexander Kanavin2023-02-202-7/+6
| | | | | | | | | | License-Update: added spdx ids (From OE-Core rev: cf49bb0c30f77b13a3b209bbb25ce74984dcb269) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wireless-regdb: upgrade 2022.08.12 -> 2023.02.13Alexander Kanavin2023-02-201-1/+1
| | | | | | | | (From OE-Core rev: a8e8ea1b4b100b6f0ba5ca9441a8f3f1ac31fbfd) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* diffoscope: upgrade 234 -> 235Alexander Kanavin2023-02-201-1/+1
| | | | | | | | (From OE-Core rev: 53ff8e5b6163fbdf74efc32cdd55f1631a24f5c1) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libhandy: upgrade 1.8.0 -> 1.8.1Alexander Kanavin2023-02-201-2/+2
| | | | | | | | (From OE-Core rev: e345c30b4ce33e0758f45b976b4be62593a56e52) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* harfbuzz: upgrade 6.0.0 -> 7.0.0Alexander Kanavin2023-02-202-38/+3
| | | | | | | | | | License-Update: copyright years (From OE-Core rev: f7532332e9dde401d9cca5b7f53e2a4e47164261) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mmc-utils: upgrade to latest revisionAlexander Kanavin2023-02-201-1/+1
| | | | | | | | (From OE-Core rev: 8b2cac7e9ba9c3254cfe8f7ecab95cd87bda2ee0) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-setuptools: upgrade 67.2.0 -> 67.3.1Alexander Kanavin2023-02-202-2/+2
| | | | | | | | (From OE-Core rev: 7863a647088d845dab284b6f50bbcc1f5efe8442) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* zstd: upgrade 1.5.2 -> 1.5.4Alexander Kanavin2023-02-201-3/+4
| | | | | | | | | | License-Update: copyright holder Facebook -> Meta (From OE-Core rev: 3c5fb3e291cbd61a76db47a93a78c0972506e574) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-firmware: upgrade 20230117 -> 20230210Alexander Kanavin2023-02-201-2/+2
| | | | | | | | | | License-Update: additional firmwares (From OE-Core rev: 8e6134d39b840d96e1c37d3df21a522afea8bc76) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dbus: upgrade 1.14.4 -> 1.14.6Alexander Kanavin2023-02-202-45/+2
| | | | | | | | (From OE-Core rev: 31245df3061c1a913bffe5e11ad6ac7fa9c83915) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vala: upgrade 0.56.3 -> 0.56.4Alexander Kanavin2023-02-202-3/+3
| | | | | | | | (From OE-Core rev: ca3cbf8de4c855dda08d73fb06886d4b06676eaf) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libwpe: upgrade 1.14.0 -> 1.14.1Alexander Kanavin2023-02-201-1/+1
| | | | | | | | (From OE-Core rev: 981264430ff09682020e6c26570e0d35065ad920) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: upgrade 3.2.0 -> 3.2.1Alexander Kanavin2023-02-201-2/+2
| | | | | | | | | | License-Update: additional items under MIT (From OE-Core rev: 5e894cf7ddec6cb8f59d0d256e818548d041da74) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dpkg: upgrade 1.21.19 -> 1.21.20Alexander Kanavin2023-02-202-2/+2
| | | | | | | | (From OE-Core rev: e31998514ea509cbe7bebc364f68313453e4307f) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* util-macros: upgrade 1.19.3 -> 1.20.0Alexander Kanavin2023-02-201-3/+2
| | | | | | | | | | License-Update: copyright years (From OE-Core rev: 2e15aab3adacd3bd6274ed463dfe263f813f32c5) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* man-pages: upgrade 6.02 -> 6.03Alexander Kanavin2023-02-201-3/+3
| | | | | | | | | | License-Update: unrelated clarification in README (From OE-Core rev: 0b18b25010be30361268ef6cfa440a258b4917e8) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* webkitgtk: upgrade 2.38.4 -> 2.38.5Alexander Kanavin2023-02-201-1/+1
| | | | | | | | (From OE-Core rev: bd07b5303c973f823bba87753c33b8bac279d2fb) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dos2unix: upgrade 7.4.3 -> 7.4.4Alexander Kanavin2023-02-201-2/+2
| | | | | | | | | | License-Update: copyright years (From OE-Core rev: 60fb044689bcdf182511f9a847556e19066f9f3e) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* log4cplus: upgrade 2.0.8 -> 2.1.0Alexander Kanavin2023-02-201-1/+1
| | | | | | | | (From OE-Core rev: 5e08700b8fff568e476130cb81cf9e736d2c5372) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nghttp2: upgrade 1.51.0 -> 1.52.0Alexander Kanavin2023-02-201-1/+1
| | | | | | | | (From OE-Core rev: 0066015df6302c26ca0e99541f004715e0b1160b) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: upgrade 3.11.1 -> 3.11.2Alexander Kanavin2023-02-204-6/+6
| | | | | | | | | | License-Update: copyright years (From OE-Core rev: fc04712bb3fd0a7bbb8d7102a2ffe686e448d6bb) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* puzzles: upgrade to latest revisionAlexander Kanavin2023-02-201-1/+1
| | | | | | | | (From OE-Core rev: e51cf8ac22e3511d6aa8e218d7e41921e36503e0) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnu-config: update to latest revisionAlexander Kanavin2023-02-201-2/+2
| | | | | | | | (From OE-Core rev: aad768f6bded5341a4557496e81047ed4f6c643b) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vulkan-samples: update to latest revisionAlexander Kanavin2023-02-202-39/+1
| | | | | | | | | | Drop patch as it's merged upstream. (From OE-Core rev: fd1f4035fef30782f9e07a778fa63b78fab89102) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: update 3.7.8 -> 3.8.0Alexander Kanavin2023-02-204-27/+23
| | | | | | | | | | | | | | | Refresh patches. guile option removed upstream. License-update: formatting, urls https://github.com/gnutls/gnutls/commit/a39e528897184c6f6a33d245b82891a8dc8090ce (From OE-Core rev: 016025f1c77b9ffc00213e6056c5134f353ff541) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* freetype: update 2.12.1 -> 2.13.0Alexander Kanavin2023-02-201-4/+5
| | | | | | | | | | License-update: additional files under MIT license. (From OE-Core rev: 572a15afc41903beadeb2d5da2fea4295e2bb1dc) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rust: update 1.67.0 -> 1.67.1Alexander Kanavin2023-02-206-1/+1
| | | | | | | | (From OE-Core rev: d80c1e0270cdb35a29863eefaa5a8be2a2841631) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* go: update 1.20 -> 1.20.1Alexander Kanavin2023-02-208-4/+4
| | | | | | | | (From OE-Core rev: 257d508268719bd90ed81b61a04b756ba78ec1bd) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gstreamer1.0-python: do not require introspection during buildsAlexander Kanavin2023-02-201-5/+1
| | | | | | | | | | | | | Somewhere along the way this ceased to be a build requirement; I have verified that the recipe installs the same set of identical files with and without introspection enabled and present in sysroot. (From OE-Core rev: 32283136eaad7631c5253b8da538b747666d2705) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcr: enable vala .vapi generation only when gobject introspection is also ↵Alexander Kanavin2023-02-201-0/+2
| | | | | | | | | | enabled (From OE-Core rev: 4de7fa49f18ec1288f6a817910a81107b4f0d883) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* scripts/oe-setup-layers: do not clobber json module with a variable named 'json'Alexander Kanavin2023-02-201-4/+4
| | | | | | | | (From OE-Core rev: 91e5aef9fd710b08ead9491f1900fbab5386b157) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* scripts/oe-setup-layers: correct variable names - layers should be called reposAlexander Kanavin2023-02-201-34/+34
| | | | | | | | | | | | The script is operating on layer repositories, which can and do sometimes contain several layers. This distinction is important as the script will be tweaked to write a record of actual layer locations. (From OE-Core rev: 833965e6001db98039c0aa816ae661232213bcea) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: runqueue: Drop SystemExit usageRichard Purdie2023-02-191-2/+1
| | | | | | | | | Using bb.fatal for a fatal error message is the best practise, switch the code to match other call sites. (Bitbake rev: c27e48fa81c2327a4a355a028884ab457cde3ae7) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: cookerdata: Drop dubious exception handling codeRichard Purdie2023-02-191-5/+0
| | | | | | | | | | | This code appears to be dangerous, it swallows exceptions, turning them into "handled" versions which then show no errors to the user. This is a pretty poor user experience and I can't see why this code should be swallowing such things. Drop the worst bits of code. (Bitbake rev: 13279044f16f2cf2502ebf39d277415f99bb6c18) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: cookerdata: Improve early exception handlingRichard Purdie2023-02-191-9/+1
| | | | | | | | | | | | | | | | Martin Jansa reported that if you put a syntax error into an imported module such as qa.py in OE, no error is shown. Part of the issue appears to be that the catch_parse_error() decorator only catches certain exceptions and SyntaxError isn't one of them. As far as I can tell we should remove all the special cases and use the more advanced code in all cases, not just expansion errors. I confirmed this now prints a proper error message for a qa.py syntax error. (Bitbake rev: 2365d891847f8e73d1c4661ddfdab8818ff619dc) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* insane.bbclass: move Upstream-Status logic to oe.qaMartin Jansa2023-02-192-16/+20
| | | | | | | | | | * to be used by standalone script scripts/contrib/patchreview.py as well (From OE-Core rev: c326efeec8f576200728a44c694becdeab4fe2db) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tar: Update fix for CVE-2022-48303 to upstream versionJoe Slater2023-02-193-37/+44
| | | | | | | | | | | | | | | | | | | | | | Fixes CVE-2022-48303 by checking Base-256 encoding is at least 2 bytes long. GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters. Reference: https://nvd.nist.gov/vuln/detail/CVE-2022-48303 Upstream patch: https://savannah.gnu.org/bugs/?62387 https://git.savannah.gnu.org/cgit/tar.git/patch/src/list.c?id=3da78400eafcccb97e2f2fd4b227ea40d794ede8 (From OE-Core rev: 0043c9d3f7b65a0cbb0a27c37b4825b8f5511dec) Signed-off-by: Rodolfo Quesada Zumbado <rodolfo.zumbado@windriver.com> Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glibc: stable 2.37 branch updates.Yash Shinde2023-02-191-1/+1
| | | | | | | | | | | | | | | | | Below commits on glibc-2.37 stable branch are updated. d8e1a7590d elf: Smoke-test ldconfig -p against system /etc/ld.so.cache 6fe86ecd78 NEWS: Document CVE-2023-25139. 07b9521fc6 Account for grouping in printf width (bug 30068) fb7b95dc47 Use 64-bit time_t interfaces in strftime and strptime (bug 30053) 9f8513dc64 LoongArch: Add new relocation types. 020b43544a cdefs: Limit definition of fortification macros (From OE-Core rev: 262ee4d12fd82f1722b0ac859d95fdfd7640cb95) Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* site: remove glib site valuesRoss Burton2023-02-1932-439/+3
| | | | | | | | | | | | | | | | | GLib 1.x is incredibly obsolete and GLib 2.x is built using Meson not autotools, so we can remove the GLib entries from the site files. Also fix a few copy/paste typos where glib_ was used incorrectly, for example: ac_cv_sizeof_ptrdiff_t=${glib_cv_sizeof_ptrdiff_t=4} The glib_cv_ should be ac_cv_. (From OE-Core rev: 69e757e6bef8b1037e2f23121774af1d5f6c96df) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pkgconfig: use system glib for nativesdk buildsRoss Burton2023-02-193-215/+0
| | | | | | | | | | | | | | | There's no need to use the internal glib fork for nativesdk builds, as we can use the proper nativsdk-glib-2.0 recipe. This means we're shipping less statically linked and obsolete code, and can also drop two patches to that code which were only needed in nativesdk builds on Windows. (From OE-Core rev: f893b70a2db326e82f1de5c47b7da3855fa42439) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-08-15 13:42:02 +0000