| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
By default when sending patches Git adds the git version at the bottom
of the patch, which is not necessary in most cases. Suggest to remove it
when configuring Git when sending patches.
Suggested-By: Jaekyu Lee <jaekyu.lee@lge.com>
(From yocto-docs rev: 05455e916b3c94a73b358ac4f4189cc66bec35f2)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit d3465691231f10466703198a831a681803ffdfad)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These QA checks were merged as "patch-status" after commit
61a881fdbe8b5a21c6276b8a5d06cc30486b1eb3 ("insane: Improve patch-status
layer filtering") in OE-Core.
[ YOCTO #15345 ]
Reported-By: Diego Sueiro <diego.sueiro@arm.com>
(From yocto-docs rev: 4f18055f796d43e7e6901da0ee9537a165bdf2a5)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 3f3a9f53fea6c7d533b9e999dc959dcc3bed7745)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a bit to the "Can we prove the project is reproducible?" section to
show how OEQA_REPRODUCIBLE_TEST_TARGET can be used to test a single
package (rather than the world build), as this may be useful for
maintainers.
[YOCTO #15619]
(From yocto-docs rev: 6430ed0572ca5a6e10629aa27a05d4b262e87548)
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Reviewed-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit c4bc09f61621938086be377653121d6b4e62b570)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bitbake preserve network for non-local uid, refer [1],
so check_userns is not needed for non-local uid
[1] https://git.openembedded.org/bitbake/commit/?id=4eafae7904bae6e5c6bc50356e8a9077f2e207fa
(From OE-Core rev: c3e0666dd2624c20c5f32657846d6f044046205b)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 808d0cece22bcbee15236717e158da247cbedaf1)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
They break builds which share sstate files on different
machines and paths:
ERROR: ovmf-edk2-stable202408-r0 do_prepare_recipe_sysroot: Error executing a python function in exec_func_python() autogenerated:
The stack trace of python calls that resulted in this exception/failure was:
File: 'exec_func_python() autogenerated', lineno: 2, function: <module>
0001:
*** 0002:extend_recipe_sysroot(d)
0003:
File: '/srv/pokybuild/yocto-worker/oe-selftest-fedora/build/meta/classes-global/staging.bbclass', lineno: 624, function: extend_recipe_sysroot
0620:
0621: # Handle deferred binfiles
0622: for l in binfiles:
0623: (targetdir, dest) = binfiles[l]
*** 0624: staging_copyfile(l, targetdir, dest, postinsts, seendirs)
0625:
0626: bb.note("Installed into sysroot: %s" % str(msg_adding))
0627: bb.note("Skipping as already exists in sysroot: %s" % str(msg_exists))
0628:
File: '/srv/pokybuild/yocto-worker/oe-selftest-fedora/build/meta/classes-global/staging.bbclass', lineno: 165, function: staging_copyfile
0161: os.symlink(linkto, dest)
0162: #bb.warn(c)
0163: else:
0164: try:
*** 0165: os.link(c, dest)
0166: except OSError as err:
0167: if err.errno == errno.EXDEV:
0168: bb.utils.copyfile(c, dest)
0169: else:
Exception: FileExistsError: [Errno 17] File exists: '/srv/pokybuild/yocto-worker/oe-selftest-fedora/build/build-st-667282/tmp/sysroots-components/x86_64/ovmf-native/usr/bin/edk2_basetools/BaseTools/Source/Python/AutoGen/__pycache__/WorkspaceAutoGen.cpython-312.pyc' -> '/srv/pokybuild/yocto-worker/oe-selftest-fedora/build/build-st-667282/tmp/work/core2-64-poky-linux/ovmf/edk2-stable202408/recipe-sysroot-native/usr/bin/edk2_basetools/BaseTools/Source/Python/AutoGen/__pycache__/WorkspaceAutoGen.cpython-312.pyc'
(From OE-Core rev: d89f2533f1b394f443117d6c935ee04a3c6741e7)
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit facd9e17fa53e2fb3a828b3f179cfb659be75d37)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The following commit has been backported into the 6.6.y branch.
See upstream commit:
commit 5fe6ec8f6ab549b6422e41551abb51802bd48bc7
Author: Peter Zijlstra <peterz@infradead.org>
Date: Mon Nov 6 13:41:43 2023 +0100
sched: Remove vruntime from trace_sched_stat_runtime()
That caused building the lttng-modules report compile error:
tracepoint-event-impl.h:133:6: error: conflicting types for
'trace_sched_stat_runtime';
The fix is still pending on lttng review board, backport it to oe-core to
de-block the build issue.
(From OE-Core rev: 598b2f27d74e08eb6089eadad68f80b2f1ef71de)
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add shutil import to resolve error:
Exception: NameError: name 'shutil' is not defined, Did you forget to import 'shutil'
(From OE-Core rev: 759fb4bb4f5d5cf7f124f64b9314a34e41f58d23)
Signed-off-by: Mark Hatle <mark.hatle@kernel.crashing.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b64263a43b4d82f1ebba13815bccb8a8cd3127f9)
Signed-off-by: Mark Hatle <mark.hatle@kernel.crashing.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
https://requests.readthedocs.io/en/latest/community/updates/#release-history
2.32.3 (2024-05-29)
* Bugfixes - Fixed bug breaking the ability to specify custom SSLContexts
in sub-classes of HTTPAdapter. (#6716)
* Fixed issue where Requests started failing to run on Python versions
compiled without the ssl module. (#6724)
2.32.2 (2024-05-21)
* Deprecations - To provide a more stable migration for custom HTTPAdapters
impacted by the CVE changes in 2.32.0, we’ve renamed _get_connection to a
new public API, get_connection_with_tls_context. Existing custom
HTTPAdapters will need to migrate their code to use this new API.
get_connection is considered deprecated in all versions of
Requests>=2.32.0.
* A minimal (2-line) example has been provided in the linked PR to ease
migration, but we strongly urge users to evaluate if their custom adapter
is subject to the same issue described in CVE-2024-35195. (#6710)
2.32.1 (2024-05-20)
* Bugfixes - Add missing test certs to the sdist distributed on PyPI.
https://github.com/psf/requests/compare/v2.32.0...v2.32.3
Also transition to using python_setuptools_build_meta.
(From OE-Core rev: e1787271b07c605df2843d82d65e1c3d2e2114e6)
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes between 2.12.8 -> 2.12.9
================================
https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.9
Security
* [CVE-2024-40896] Fix XXE protection in downstream code
Improvements
* Undeprecate xmlKeepBlanksDefault.
(From OE-Core rev: 774b10921b1e46d99338bb8c047d7f094d5ce7bd)
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Changelog:
https://docs.python.org/release/3.12.8/whatsnew/changelog.html#python-3-12-8
(From OE-Core rev: db5081254adacf6c87269fd43af7199267ad535c)
Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Changelog:
https://docs.python.org/release/3.12.7/whatsnew/changelog.html#python-3-12-7
(From OE-Core rev: 197048667f69ed559baf54831eb7b1606320f3e8)
Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Add Patch file to fix CVE-2024-20696
CVE: CVE-2024-20696
(From OE-Core rev: a3b0a4a53e99e4faa42a6e7be5713b12acc63dba)
Signed-off-by: Nitin Wankhade <nitin.wankhade@kpit.com>
Signed-off-by: Nikhil R <nikhilr5@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
| |
These were fixed in previous commits.
(From OE-Core rev: 5c582778954a05f102e292a0516b73b010d289a0)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Pick commit from:
* https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8039
(From OE-Core rev: e9113fafef9cb2f060c9728d1e1bebdd76baad47)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Pick commits from:
* https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042
(From OE-Core rev: 4763e9911e82c886a02727bf654872280138d83e)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Pick commit from:
* https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8043
(From OE-Core rev: cc560b159f6629bc018ce6d832551a81d4c3f8c8)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Pick commit related to gstreamer from:
* https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8032
(From OE-Core rev: d68a84dd3419811ec7f487907d7412c6105979d0)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Pick commit related to plugins-good from:
* https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8032
(From OE-Core rev: 30f2b1c6b10e064ce0f0f1910d2740e6ccc86251)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Pick commit from:
* https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8034
(From OE-Core rev: 13e66d4e616e66d278cd96bb04da4cc7e599626b)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Pick commits from:
* https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8040
(From OE-Core rev: ba5545302daee0fb5ac2f3ca45cf8524cee278dc)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Pick commits from:
* https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8033
(From OE-Core rev: 8a0c3c92ec3bf150c0697d25c70ad149b2d82f0e)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Pick commits from:
* https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8036
(From OE-Core rev: c81dae9e755d28eb514bfa32426ef2d8fff78e56)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Pick commits from:
* https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057
(From OE-Core rev: 4edd9caa9703e067167c4a185c7338c4e89f795b)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
fixup! gstreamer1.0-plugins-good: patch CVE-2024-47540 and CVE-2024-47601
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Pick commit from:
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8041
(From OE-Core rev: 6236088fc43f7d2e8a01bb6e3937969ced8a7f6d)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Pick commits from:
* https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8038
(From OE-Core rev: fbf7092a67703ff3101cce55bf33bcfc24339503)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Pick commit from:
* https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8037
(From OE-Core rev: 0cdac58a6a7ec25404b8a67508604844d282345a)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Pick commit from:
* https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8035
(From OE-Core rev: e7dbf6d73a11e6e9ec16035711179f451044eb09)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Cherry-pick commits from branch 1.22 per [1].
Also cherry-pick [2] so these apply cleanly.
[1] https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059
[2] https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/62de06c7a443a5ac40ab2a4f2589625932bf9632
(From OE-Core rev: 33c2611c3998f25bf606b5a940c09b70ce04674c)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
| |
These are currently tested on the autobuilder for Scarthgap.
(From meta-yocto rev: bd166d1fb8dc1bed7e71bd06b970a3da9149203e)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Remove duplicate instructions
- Detail how to run bmaptool directly if you installed it on your host
instead of building it through the ``bmaptool-native`` recipe,
as running "oe-run-native bmaptool-native bmaptool ..." won't work
in this case.
- Use "chmod a+w" instead of "chmod 666", better advice,
and only run "chmod" in the option that runs "oe-run-native"
(From yocto-docs rev: a1e4f18af6b0b10cece83c53ebb14052a0b94314)
Signed-off-by: Michael Opdenacker <michael.opdenacker@rootcommit.com>
Reviewed-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 4afa71ef6e5bf1db126c80e6d987f588d0b5a086)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Using only "bitbake bmaptool-native", running "oe-run-native bmaptool-native bmaptool ..."
fails as follows:
Error: Have you run 'bitbake bmaptool-native -caddto_recipe_sysroot'?
Running the "bitbake bmaptool-native -caddto_recipe_sysroot" target
is actually sufficient.
(From yocto-docs rev: c43eea3875e265c8a62b9f7323365b8d740a39f8)
Signed-off-by: Michael Opdenacker <michael.opdenacker@rootcommit.com>
Reviewed-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 72fe904a3bbb5e2c7279ab1f119c2beca200dcf2)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To follow the styling conventions when we are
refering to the name of a tool instead of the command itself
(documentation/standards.md).
This also improves the HTML rendering of the bmaptools subsection.
(From yocto-docs rev: 55146fae45e8c2de1d0f7242f1c89f3e165d77c9)
Signed-off-by: Michael Opdenacker <michael.opdenacker@rootcommit.com>
Reviewed-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit c569d840c4b6f43e10629b6f1ff45189211e27a9)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The variable SRCPV is deprecated since 4.3. Instead of including SRCPV
in PV, including the sign "+" is enough for bitbake to add the source
control information to PKGV during the packaging phase.
Update the documentation for SRCPV and the places where it was used.
When instructions previously referred to SRCPV, replace by mentioning to
include "+" in the assignment.
In most examples, "+git" is added to PV as it is the most popular SCM.
Simply adding "+" is also possible, although it is better practice to
include the SCM name, so give that example.
Update the gcompat example with l3afpad as it didn't include "+git" in
its PV definition anymore.
(From yocto-docs rev: ef4d259842d9b1dd2d08ee38e00f932852f70543)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit ee16c96202e5027d1a8d7e89e11c25f127c78326)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
[YOCTO #15185]
(From OE-Core rev: 01423828248b75e1f5afe2e5959ccd971df875cd)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 924df18b47e9a69fa295bafe37bdb39d8eaea2bb)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
importlib.metadata is part of -core, but that will import zipfile which
is part of -compression.
Obviously this shows that our packaging of the Python modules is not
optimal. I plan to follow up with a redesign of the splitting which
focuses on simply pulling out the larger or esoteric modules and
having a more featureful core.
(From OE-Core rev: 05166eafb99cf8c7adb6879277069ab384a2f8df)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
The fix brought by this patch is already part of python 3.12.3
therefore drop it.
(From OE-Core rev: 555623d2378138fdcfae95c04e06ba384cebab5b)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit updates the warning to use a check for "trivially constructible" instead of
"trivially copyable." The original check was incorrect, as "trivially copyable" only applies
to types that can be copied trivially, whereas "trivially constructible" is the correct check
for types that can be trivially default-constructed.
This change ensures the warning is more accurate and aligns with the proper type traits.
LLVM accepted a similar fix:
https://github.com/llvm/llvm-project/issues/47355
PR c++/116731 [https://gcc.gnu.org/bugzilla/show_bug.cgi?id=116731]
(From OE-Core rev: 614a8e3a06003dfcbf1f32dc2d6f4d18f74b71a4)
Signed-off-by: Marek Polacek <polacek@redhat.com>
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
FFmpeg n7.0 is affected by a Double Free via the rkmpp_retrieve_frame
function within libavcodec/rkmppdec.c.
(From OE-Core rev: 53528caafa576a2f6417436cc0dba8be06e75048)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
FFmpeg n6.1.1 has an Out-of-bounds Read via libavcodec/ppc/vp8dsp_altivec.c,
static const vec_s8 h_subpel_filters_outer
(From OE-Core rev: 64d77d422d3c99d8a246ab03edfb54d9d185326e)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parse_options
function of sbgdec.c within the libavformat module. When parsing certain options,
the software does not adequately validate the input. This allows for negative
duration values to be accepted without proper bounds checking.
(From OE-Core rev: a07bc254011736c0f0445607c56609be677ea8a7)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Insufficient validation of filenames against control characters in
Apache Subversion repositories served via mod_dav_svn allows
authenticated users with commit access to commit a corrupted revision,
leading to disruption for users of the repository. All versions of
Subversion up to and including Subversion 1.14.4 are affected if serving
repositories via mod_dav_svn. Users are recommended to upgrade to
version 1.14.5, which fixes this issue. Repositories served via other
access methods are not affected.
References:
https://nvd.nist.gov/vuln/detail/CVE-2024-46901
Upstream patches:
https://subversion.apache.org/security/CVE-2024-46901-advisory.txt
(From OE-Core rev: 16c212bd9a9e9c35256ff308da72a518c76ce11d)
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A buffer overflow vulnerability exists in GNU Binutils’ objdump utility
when processing tekhex format files. The vulnerability occurs in the
Binary File Descriptor (BFD) library’s tekhex parser during format identification.
Specifically, the issue manifests when attempting to read 8 bytes at an address
that precedes the global variable ‘_bfd_std_section’, resulting in an out-of-bounds read.
Backport a patch from upstream to fix CVE-2024-53589.
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=e0323071916878e0634a6e24d8250e4faff67e88]
(From OE-Core rev: 15635eb807ea1cbf0fd04e0cbe9cf169df107a05)
Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With the recent changes from commit
bd6265ca323fac547a197bb516dc4a9ef3897508 ("doc: Makefile: add support
for xelatex"), the list of dependencies needs to be updated.
The initial list of dependencies was made for Ubuntu/Debian, and the
packages were translated for the other distros using pkgs.org.
Add them separately from the rest of the dependencies as they pull a
_lot_ of additional dependencies (for LaTeX).
Move the texlive-fncychap documentation dependency to the PDF specific
dependency.
Notes:
- Fedora/OpenSUSE do not have the "lang-all" texlive collection, so
install all available languages.
- AlmaLinux does not seem to provide texlive-collection-fontsextra,
texlive-collection-lang*, and texlive-collection-latexextra, so add a
warning about that.
(From yocto-docs rev: 804240fa86fee63d0d2dd029d941cf14b23bd730)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 02c090718ac602f7d4760dd28dadbf0631668d49)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
To match the list in meta-poky/conf/distro/poky.conf.
(From yocto-docs rev: 74639cae135e254814c350f01f6e333d6d764fe9)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit c9c3f6896e4bc967a9b394574532735babb70397)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
| |
(From yocto-docs rev: 7b829845aa5a06bdcad0005fc44b24e2757a3d84)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit dc7fd0e56fbfed77975f6b4ed2106331476ef7f3)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
inkscape used to be a requirement to convert SVG images to PNGs/PDFs,
but we replaced it recently by rsvg-convert.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
(From yocto-docs rev: 19e18d3019209e9789461502bc5147856faef9c3)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 8c0bb4e41c203a0a7a31c2bdc26834d87a83413a)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a requirement for building the documentation, otherwise we get
(on Ubuntu 24.04):
File "/usr/lib/python3.12/locale.py", line 615, in setlocale
return _setlocale(category, locale)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
locale.Error: unsupported locale setting
(From yocto-docs rev: 1b0353a230dce361fe29d4d184aebd9af28a9937)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 0943a7b67ef0012b5d9badc15e0c579dbb9014ae)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We used to have packages here and there in system-requirements.rst for
each distro. Instead, gather all the dependencies in poky.yaml.in so we
have an overview of what we provide for each distro.
Use yaml ">" to list the dependencies in alphabetical order, one entry
per line, which makes them easier to read and compare among distros.
Rename UBUNTU_… variables to UBUNTU_DEBIAN_…, since these are used for
both distros.
(From yocto-docs rev: 33c0656706f5110381681b212877d39ec2148cc6)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 1ed6118b7cf1b5dcbfca753c83fa30fb97bf44ad)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
locale install
Modify locale installation method to be standard accross all debian-based distributions.
Pre-existing method is available only on Ubuntu, locale-gen tool has no parameter in Debian.
(From yocto-docs rev: 70212d4780df6b7b74bd5c428d71b49d9a91c403)
Signed-off-by: Guénaël Muller <guenael.muller@smile.fr>
Reviewed-by: Yoann Congal <yoann.congal@smile.fr>
Reviewed-by: Antonin Godard <antonin.godard@bootlin.com>
Tested-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 30002019198a168e48537407bb928facb26af82a)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After much debugging, the corruption issues on the autobuilder appear to
be due to the way sqlite accesses database files. It doesn't change the
file timestamp after making changes, which for reasons unknown, confuses
NFS. As soon as the file is touched, NFS becomes fine again accross the
whole cluster, as if by magic.
We could try and debug further but putting a "touch" call into the code
is easy and harmless. Lets hope this removes this annoying source of
errors.
(From OE-Core rev: b19b1e905d966443c4e4d17dfaeb299ae2526575)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
