| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
According to [1], EDK2 contains a vulnerability in BIOS where a user may
cause an Integer Overflow or Wraparound by network means. A successful
exploitation of this vulnerability may lead to denial of service.
Refer debian [2], backport a patch from edk2 [3] to fix CVE-2025-2295
[1] https://nvd.nist.gov/vuln/detail/CVE-2025-2295
[2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100594
[3] https://github.com/tianocore/edk2/commit/17cdc512f02a2dfd1b9e24133da56fdda099abda
(From OE-Core rev: 0f59dec939cf0d313b1b01b1e7bf10e059d9d0ac)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NVD responses changed to an invalid json between:
* April 5, 2025 at 3:03:44 AM GMT+2
* April 5, 2025 at 4:19:48 AM GMT+2
The last response is since then in format
{
"resultsPerPage": 625,
"startIndex": 288000,
"totalResults": 288625,
"format": "NVD_CVE",
"version": "2.0",
"timestamp": "2025-04-07T07:17:17.534",
"vulnerabilities": [
{...},
...
{...},
]
}
Json does not allow trailing , in responses, that is json5 format.
So cve-update-nvd2-native do_Fetch task fails with log backtrace ending:
...
File: '/builds/ccp/meta-siemens/projects/ccp/../../poky/meta/recipes-core/meta/cve-update-nvd2-native.bb', lineno: 234, function: update_db_file
0230: if raw_data is None:
0231: # We haven't managed to download data
0232: return False
0233:
*** 0234: data = json.loads(raw_data)
0235:
0236: index = data["startIndex"]
0237: total = data["totalResults"]
0238: per_page = data["resultsPerPage"]
...
File: '/usr/lib/python3.11/json/decoder.py', lineno: 355, function: raw_decode
0351: """
0352: try:
0353: obj, end = self.scan_once(s, idx)
0354: except StopIteration as err:
*** 0355: raise JSONDecodeError("Expecting value", s, err.value) from None
0356: return obj, end
Exception: json.decoder.JSONDecodeError: Expecting value: line 1 column 1442633 (char 1442632)
...
There was no announcement about json format of API v2.0 by nvd.
Also this happens only if whole database is queried (database update is
fine, even when multiple pages as queried).
And lastly it's only the cve list, all other lists inside are fine.
So this looks like a bug in NVD 2.0 introduced with some update.
Patch this with simple character deletion for now and let's monitor the
situation and possibly switch to json5 in the future.
Note that there is no native json5 support in python, we'd have to use
one of external libraries for it.
(From OE-Core rev: 6e526327f5c9e739ac7981e4a43a4ce53a908945)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 8df27ff912a25077222a02d2ca9d1252f1f15c26)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It's not clear what the intent was: libtool executable is present
in the native sysroot and can be used to obtain versions
during build time.
(From OE-Core rev: 9d16c45ed4caea9b0e3fe6e5dad983707dd10c65)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 1489c424a7a4728834d8253f81711ac0df25db9d)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: ab08938dc2d5658930a92abc5b4cefe4b975e582)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
upstream
(From OE-Core rev: 1ca89ea00103523d8877eed5b71eec2ba824510a)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Inappropriate
(From OE-Core rev: 30eefe0adacc6a064a0958fc8f463a3331ad12fa)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This update has been tested with glibc/musl and gcc/clang in all four
combinations.
Drop patches:
0001-Use-CC-to-check-for-implicit-fallthrough-warning-sup.patch
0001-fix-gcc-8-format-truncation-warning.patch
0001-util.c-add-limits.h-include-for-NAME_MAX-definition.patch
mdadm-3.3.2_x32_abi_time_t.patch
(issue fixed upstream)
0001-include-libgen.h-for-basename-API.patch
0001-mdadm.h-Undefine-dprintf-before-redefining.patch
(issue no longer occurs)
0001-mdadm-add-option-y-for-use-syslog-to-recive-event-re.patch
(service file significantly rewritten, the need for the tweak
should be reassessed)
debian-no-Werror.patch
(replaced with setting CWFLAGS to an empty string in the recipe;
we already set correct flags via CC/CFLAGS, and upstream's only
get in the way)
(From OE-Core rev: 913312b5b544ce804656fe3a297e09bafb5838fc)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream has released a new version (4.4) but not the tarball for it.
Adjust one of the devtool selftests, as it requires that the recipe
under test is using a tarball. Another selftest also needs to be
tweaked to correctly clean up its modifications to that same recipe on
test completion.
(From OE-Core rev: de635a9bc0392689ff36b50e7f91572d3fbaac09)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The recipe unconditionally disables seccomp, so the code isn't
even compiled. If this needs to come back in the future please
submit upstream first.
(From OE-Core rev: 9d058504213f79979a7f1f59527172b71df95a71)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.patch upstream
(From OE-Core rev: 74da2ba88c6d2b88a68a3ad63b3603b82d7f4e03)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 71bfc7e302ad66d989cb991b75dfcffdfa455987)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
At some point the problematic define ceased to be used anywhere,
and so we can simply patch it out (and remove the associated
option setting from the recipe).
(From OE-Core rev: 4acbb1b92b9e51d6a741458d6cbd0c48ab55f6ca)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ca-certificates/0002-update-ca-certificates-use-SYSROOT.patch
was using a non-standard environment variable, and was replaced
with a patch that adds a command line option (and then this
was submitted upstream). ca-certificates recipe was tweaked accordingly,
and nothing else in core or meta-oe is using update-ca-certificates.
Drop default-sysroot.patch as the use case is unclear: sysroot
is explicitly specified in all known invocations of update-ca-certificate,
and if there's a place where it isn't, then update-ca-certificates
will error out trying to write to /etc, and should be fixed to
explicitly specify the sysroot.
(From OE-Core rev: 90d9f0ba674d4fe8e9291f0513c13dff3775c545)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
The original linking issues seem to be long gone.
(From OE-Core rev: 71b56605f95d87f48a25bc42aa7f830c2ef298fc)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
The original linking issues seem to be long gone.
(From OE-Core rev: 16868477597125296c8618177cd4f61baacd878b)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Upstream submission should be done for tcl 9.x patches.
(From OE-Core rev: 2671c3183a74617e79f6879b228f2df8055397fb)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 514365235743528802e3f854d21f991a1bc01674)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The now-removed patch was added for clang compatibility, but over time
started fixing problems that do not exist, and got its description
to mismatch the content.
The new patch is fixing the only problem with clang that still
occurs. I verified that all files that were patched before still
build without errors.
If you find other issues (this would be with non-default
options probably), please fix them similarly.
(From OE-Core rev: 6b8bd203180375a6b97345ddaa5fef7f68219ea6)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix the issue that:
| Traceback (most recent call last):
| File "/mnt/test/build_auh/tmp/work/core2-64-poky-linux/python3-webcolors/24.11.1/recipe-sysroot-native/usr/lib/pyth on3.13/site-packages/pyproject_hooks/_impl.py", line 402, in _call_hook
| raise BackendUnavailable(
| ...<4 lines>...
| )
| pyproject_hooks._impl.BackendUnavailable: Cannot import 'pdm.backend'
python3-webcolors has migrated to pdm-backend
| diff --git a/pyproject.toml b/pyproject.toml
| index 6fcec77..9f2dfa9 100644
| --- a/pyproject.toml
| +++ b/pyproject.toml
| @@ -1,65 +1,110 @@
| [build-system]
| -requires = ["setuptools>=61.0"]
| -build-backend = "setuptools.build_meta"
| +requires = [
| + "pdm-backend",
| +]
| +build-backend = "pdm.backend"
(From OE-Core rev: 4b02af34cbffb62c8242d21e5d797ae114d4f421)
Signed-off-by: Lei Maohui <leimaohui@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
python3-pdm and python3-pdm-backend are dependencies of python3-webcolors
python3-pdm itself depends on python3-pdm-build-locked
(From OE-Core rev: 6d064f60275b294dc6fc0e6480a0e5b0e7820934)
Signed-off-by: Lei Maohui <leimaohui@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Apply fix in libc that are needed for rustix-0.38 to build.
(From OE-Core rev: c21fd6f1c0b6a9df9950c541025f24e342b7a118)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
The issue is no longer present. Tested BlueZ 5.80 and 5.82
The issue has likely been gone for quite a while.
(From OE-Core rev: 87ab9c39c497c2a8b558e8d6ce673a931a5887b2)
Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Rather than reporting each invalid PACKAGECONFIG with a separate error
message, report them all with one error message.
(From OE-Core rev: bf9366583f53fe2498d7aa9192ebfe6562887cf3)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
This makes sure invalid PACKAGECONFIGs are reported also for recipes
that have no do_configure task, e.g., packagegroups.
(From OE-Core rev: d3325c384a7df54c564cae093659cf7b692629f2)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When using xinet.d to limit rsync connections, it can't handle changes
in system time. When time is set back, the connection limit is reached
very quickly and rsync gets deactivated, if time is changed again, rsync
is never reactivated.
The current timer of xinet.d is based on the time() and is affected by
the system time. Use clock_gettime() with CLOCK_MONOTONIC as the new
timer because CLOCK_MONOTONIC clock is not affected by discontinuous
jumps in the system time.
(From OE-Core rev: e4bfd2cc66c4b5614513ec50806492efc8df75be)
Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 5200dcb39834790542c429d70cf54db07ff7a378)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
Fix issue with handling BAP state transitions.
Fix issue with handling D-Bus interface removal.
Fix issue with handling MAP and supported features.
Fix issue with handling SDP record for Phonebook Access Client.
Fix issue with handling AVRCP PDU parameters length mismatch.
Fix issue with handling AVRCP PDU for SetAbsoluteVolume.
Fix issue with handling AVDTP bad media transport format.
Fix issue with handling support for LL Privacy setting.
Full Changelog: https://github.com/bluez/bluez/compare/5.80...5.82
(From OE-Core rev: f42ee87abcfca80a803bf44fb91b41f29a2c7d70)
Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* add function log_success_msg/log_failure_msg/log_warning_msg, some
packages still use these functions, like mariadb, refer [1], without
these function, with sysV init manager, mariadb will report error:
root@qemux86-64:~# /etc/init.d/mysqld status
/etc/init.d/mysqld: line 383: log_success_msg: command not found
* remove RCONFLICTS with lsbinitscripts, LSB support already remove in
[2]
[1] https://github.com/MariaDB/server/blob/main/support-files/mysql.server.sh#L104
[2] https://git.openembedded.org/openembedded-core/commit/?id=fb064356af615d67d85b65942103bf943d84d290
[3] https://refspecs.linuxbase.org/LSB_4.0.0/LSB-Core-generic/LSB-Core-generic/iniscrptfunc.html
(From OE-Core rev: b57824d0ec593898abd9eb957c2ff1317bb74440)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add test to check if --exclude-path option can exclude symlinks. This
test validates commit[1].
Test result:
$ oe-selftest -r wic.Wic.test_exclude_path
2025-04-03 15:11:25,211 - oe-selftest - INFO - meta-selftest layer not found in BBLAYERS, adding it
2025-04-03 15:11:30,016 - oe-selftest - INFO - Adding layer libraries:
2025-04-03 15:11:30,017 - oe-selftest - INFO - /buildarea/poky/meta/lib
2025-04-03 15:11:30,017 - oe-selftest - INFO - /buildarea/poky/meta-yocto-bsp/lib
2025-04-03 15:11:30,017 - oe-selftest - INFO - /buildarea/poky/meta-selftest/lib
2025-04-03 15:11:30,019 - oe-selftest - INFO - Checking base configuration is valid/parsable
NOTE: Starting bitbake server...
2025-04-03 15:11:31,652 - oe-selftest - INFO - Adding: "include selftest.inc" in /buildarea/poky/build-st/conf/local.conf
2025-04-03 15:11:31,653 - oe-selftest - INFO - Adding: "include bblayers.inc" in bblayers.conf
2025-04-03 15:11:31,653 - oe-selftest - INFO - test_exclude_path (wic.Wic)
2025-04-03 15:43:11,341 - oe-selftest - INFO - ... ok
2025-04-03 15:43:11,341 - oe-selftest - INFO - ----------------------------------------------------------------------
2025-04-03 15:43:11,342 - oe-selftest - INFO - Ran 1 test in 1899.900s
2025-04-03 15:43:11,342 - oe-selftest - INFO - OK
2025-04-03 15:43:14,834 - oe-selftest - INFO - RESULTS:
2025-04-03 15:43:14,835 - oe-selftest - INFO - RESULTS - wic.Wic.test_exclude_path: PASSED (1899.69s)
2025-04-03 15:43:14,836 - oe-selftest - INFO - SUMMARY:
2025-04-03 15:43:14,836 - oe-selftest - INFO - oe-selftest () - Ran 1 test in 1899.900s
2025-04-03 15:43:14,836 - oe-selftest - INFO - oe-selftest - OK - All required tests passed (successes=1, skipped=0, failures=0, errors=0)
[1] https://git.openembedded.org/openembedded-core/commit/?id=42e829ac1e9d74646b6dfb327b18b15f6b0df60b
(From OE-Core rev: 0dd455bed9b52c0cf237ea2f8bd1a8f7890078e9)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Drop patch to exclusively disable it in code
It seems to be fixed upstream [1]
[1] https://github.com/rust-lang/cmake-rs/pull/158
(From OE-Core rev: 60b4b0808a3b961917ed8abe16b9f7df2a311952)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 2606586c10b9a3297fcab15cd45f519975649655)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE_STATUS can be also "Unknown" since oe-core commit
d25f1817752bc8a84c40dcbef75f7559801ce15e
When this status type is used, build fails with e.g.
ERROR: openssl-3.4.1-r0 do_create_spdx: Unknown CVE-2025-0001 status 'Unknown'
Since this is now a valid status, it needs to be handled.
It cannot be mapped to any VEX status (see below), so just skip it.
Possible VEX statuses are: NOT AFFECTED, AFFECTED, FIXED, and UNDER INVESTIGATION.
(From OE-Core rev: 2d3081ef63c8a54df62a2a08bd36008c20eed65a)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
cc: Marta Rybczynska <rybczynska@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Just like the "init" version this script, pass $DROPBEAR_RSAKEY_ARGS to the
'dropbearkey' program when generating a host key.
This allows to speed up SSH connections on read-only root systems by adding
the line DROPBEAR_RSAKEY_ARGS="-s 1024" into /etc/default/dropbear.
See also: c0efbcb47ab3 ("dropbear/init: Allow extra arguments for key generation")
(From OE-Core rev: 3ae2c70fe83bc242b7a13655bc38431c81033c66)
Signed-off-by: Mike Looijmans <mike.looijmans@topic.nl>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The runtime version of time is determined by:
build-aux/git-version-gen .tarball-version
But there's no .tarball-version in the tarball. So we add this file
manually with ${PV} as the content if it does not exist.
Note that there's a patch for upstream:
https://lists.gnu.org/archive/html/bug-time/2021-01/msg00000.html
So it's possible that when this time recipe is upgraded to a new
version, we won't need such adjust any more.
Before the fix, time --version:
time (GNU Time) UNKNOWN
After the fix, time --version:
time (GNU Time) 1.9
(From OE-Core rev: 201d1851666d558124226c871754a581cf427530)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We encountered a newgrp regression in shadow 4.17.3:
root@qemux86-64:~# groupadd g1
root@qemux86-64:~# useradd t1
root@qemux86-64:~# gpasswd g1
Changing the password for group g1
New Password:
Re-enter new password:
root@qemux86-64:~# sudo -u t1 newgrp g1
Password:
Invalid password.
root@qemux86-64:~#
In versions prior to shadow 4.17.3, shadow used an internal
implementation to support shadow group because it could not correctly
detect whether glibc supports shadow group in a cross-compilation
environment. In 4.17.3, it can correctly check whether glibc supports
shadow group even in a cross-compilation environment[1]. If supported,
shadow will use it instead of its own internal implementation.
Shadow group support in glibc requires adding a gshadow entry in
nsswitch.conf.
After the patch:
root@qemux86-64:~# groupadd g1
root@qemux86-64:~# useradd t1
root@qemux86-64:~# gpasswd g1
Changing the password for group g1
New Password:
Re-enter new password:
root@qemux86-64:~# sudo -u t1 newgrp g1
Password:
t1@qemux86-64:/home/root$
[1] https://github.com/shadow-maint/shadow/commit/da6b9cff02d583ef169a0bc0c1014b19b5fad2fb
(From OE-Core rev: 0cb122f17cf264ef904880351db1c0bb325fe5a6)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Drop 0001-dependencies-dev-prepend-sysroot-when-searching-for-.patch as
this is now upstreamed.
Remove the deletion of a .pyc because it uses frozenset(), this bug in
Python has been fixed since 3.11[1]
[1] https://github.com/python/cpython/commit/51999c960e7fc45feebd629421dec6524a5fc803
(From OE-Core rev: ec524490bfa860a2caf7c3f77924c4dafeb631bf)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
These .pyc files were non-deterministic because they used frozensets[1],
but this has been fixed in 3.11 onwards.
[1] https://github.com/python/cpython/issues/81777
[2] https://github.com/python/cpython/commit/51999c960e7fc45feebd629421dec6524a5fc803
(From OE-Core rev: c8c391ed3e0598a3bea7bc0981126d870315063d)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
There's no point in checking if __name__ == "__main__" (i.e., is this
module being invoked) and then doing nothing.
(From OE-Core rev: 020b6b1411c9fd3adb208808c0d56623190873f8)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
ppp is only required by connman when building the L2TP or PPTP plugins. Move it
from DEPENDS to PACKAGECONFIG so it's only there when required.
(From OE-Core rev: c65180bb677d8dae1992445cd378119d8cbed424)
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
gold is no longer built/supported. The workaround for binutils on MIPS no
longer appears to be required.
Also fix up tabs/whitespace in shell functions, correct HOMEPAGE, drop broken
BUGTRACKER link.
(From OE-Core rev: 5c269ba9a396832af3f8139ecaa0cfd9f7d4d1b5)
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
No functional changes.
(From OE-Core rev: dc0540aaad680b495c5e51f3926db26028c00a42)
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- enable analytics since gstreamer1.0-python depend on it now
- explicitly diable options that new added in meson_options.txt
- lcevcdecoder
- lcevcencoder
- tensordecoders
- nvcomp
- nvdswrapper
- svtjpegxs
- webview2
- aja
- cuda-nvmm
- d3d12
- add backport patch to fix undefined reference to `__atomic_fetch_add_8' issue
This patch is part of upstream commit
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8637/commits?commit_id=f2b5c0b6020b50f5173e449b45a6f
7a7be31c48f
(From OE-Core rev: 527f58c8d0aa0c1b516ae47feffa406e32dbd81f)
Signed-off-by: Lei Maohui <leimaohui@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
gstreamer1.0-python adds depend on gstreamer-analytics-1.0 in gstbad now:
|../../../../../../workspace/sources/gstreamer1.0-python/meson.build:23:13: ERROR: Dependency "gstreamer-analytics-1.0" not found, tried pkgconfig
Source code:
| $ vi workspace/sources/gstreamer1.0-python/meson.build
| 23 gstbad_dep = dependency('gstreamer-analytics-1.0', version :gst_req,
| 24 fallback : [])
(From OE-Core rev: 05ee332f10c16fa9150110e5e7fba2831b77171e)
Signed-off-by: Lei Maohui <leimaohui@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: dd57e0c96028a4a7dcd329fa8eebe65fd3777a00)
Signed-off-by: Lei Maohui <leimaohui@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: 3bed80c1266ddca5d83357a18164598082e3a4fa)
Signed-off-by: Lei Maohui <leimaohui@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
- add backport patch to fix undefined reference to `__atomic_fetch_add_8' issue
This patch is part of upstream commit
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8637/commits?commit_id=f2b5c0b6020b50f5173e449b45a6f7a7be31c48f
(From OE-Core rev: f9a14c0dac0687754b28e2f6260761de77ddfd3b)
Signed-off-by: Lei Maohui <leimaohui@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: c5baea75181317bf8c9b04812c7db6972ac1994b)
Signed-off-by: Lei Maohui <leimaohui@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: 8a2b04206f60ced01a54a4c17a1c3694c9cf33e9)
Signed-off-by: Lei Maohui <leimaohui@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
