- Apr 22, 2024
-
-
Steve Sakoman authored
(From OE-Core rev: b7182571242dc4e23e5250a449d90348e62a6abc) Signed-off-by:Steve Sakoman <steve@sakoman.com>
-
Steve Sakoman authored
(From meta-yocto rev: 70d8f77cf21e92d2f610d1b73f24d3faf6d96982) Signed-off-by:
-
- Apr 21, 2024
-
-
Sana Kazi authored
Drop unnecessary restriction for QoS mapping. Also adds tests for vlan QoS mapping. Link: https://github.com/systemd/systemd/commit/fe830b84d4002582e7aefb16e5e09fd0195f21c8.patch PR: https://github.com/systemd/systemd/pull/27761 (From OE-Core rev: b5c5e783fe06e3ae3b3e92ffa7f18bee62aca3c0) Signed-off-by:
Sana Kazi <sana.kazi@kpit.com> Signed-off-by:
Sana Kazi <sana.kazisk19@gmail.com> Signed-off-by:
-
Steve Sakoman authored
Intermittent failures on autobuilder: AssertionError: Failed ptests: {'valgrind': ['memcheck/tests/linux/timerfd-syscall']} (From OE-Core rev: 19e7d5e717e6d28e0b64bd382f07b8e709526474) Signed-off-by: -
Soumya Sambu authored
nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbounded number of HTTP/2 CONTINUATION frames even after a stream is reset to keep HPACK context in sync. This causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates this vulnerability by limiting the number of CONTINUATION frames it accepts per stream. There is no workaround for this vulnerability. References: https://nvd.nist.gov/vuln/detail/CVE-2024-28182 (From OE-Core rev: 85e65af4727695d61c225a5911325764f423c331) Signed-off-by:
Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by:
-
Harish Sadineni authored
CVE-2024-24576 only applies when invoking batch files (with the `bat` and `cmd` extensions) on Windows & No other platform or use is affected. More details about CVE is here: https://nvd.nist.gov/vuln/detail/CVE-2024-24576 (From OE-Core rev: 44e0b6b028657d32de5971d6a42a88767ef8c710) Signed-off-by:
Harish Sadineni <Harish.Sadineni@windriver.com> Signed-off-by:
-
Yogita Urade authored
ruby: RCE vulnerability with .rdoc_options in RDoc References: https://github.com/ruby/ruby/pull/10316 https://security-tracker.debian.org/tracker/CVE-2024-27281 (From OE-Core rev: d01b73c51ceead4911a9a9306dbe728f1db2e029) Signed-off-by:
Yogita Urade <yogita.urade@windriver.com> Signed-off-by:
-
Meenali Gupta authored
References: https://nvd.nist.gov/vuln/detail/CVE-2023-48795 (From OE-Core rev: a4a727839e608d114becc709c511651b4f546c6f) Signed-off-by:
Meenali Gupta <meenali.gupta@windriver.com> Signed-off-by:
-
- Apr 19, 2024
-
-
Michael Opdenacker authored
As reported by "make sphinx-lint" Tabs are even removed in Makefile examples, as Sphinx turns them to spaces anyway in the generated output. (From yocto-docs rev: fd1423141e7458ba557db465c171b0b4e9063987) Signed-off-by:
Michael Opdenacker <michael.opdenacker@bootlin.com> Reviewed-by:
Quentin Schulz <quentin.schulz@theobroma-systems.com> Signed-off-by:
-
Jörg Sommer authored
To make it more obvious which directories are needed, pass only these to *mkdir* and use the option `-p` to create the missing parents. (From yocto-docs rev: 4ddcedca4b09e2c051b33a40659ffce1db2984f5) Signed-off-by:
Jörg Sommer <joerg.sommer@navimatix.de> Signed-off-by:
-
Michael Opdenacker authored
As reported by "make sphinx-lint" (From yocto-docs rev: 18d86626406fe07d4f62ef0b9168c0220b3dd90a) Signed-off-by:
-
Michael Opdenacker authored
Fixing errors reported by "make sphinx-lint" (From yocto-docs rev: 45b04c281a567e06fd2904166bcc26603e73e684) Signed-off-by:
-
Michael Opdenacker authored
Makes it possible to catch errors not reported by sphinx, such as idle spaces. After customization, this should be used to enforce our syntax conventions, such as two spaces after a "-" character to introduce a list item. Just run "make sphinx-lint". (From yocto-docs rev: a735549a764f7cfebdc7534761b4d75dc523371a) Signed-off-by:
-
Michael Opdenacker authored
(From yocto-docs rev: 9247fd612db9e551eb58dbe41d31e460f0ad7d72) Signed-off-by:
-
Quentin Schulz authored
There's a new yocto-patches mailing list available for all layers that do not have their own mailing list. c.f. https://lists.yoctoproject.org/g/yocto/topic/105197684 Cc: Quentin Schulz <foss+yocto@0leil.net> (From yocto-docs rev: d7fc3e978440d9f5724cbce85de000317a3e0783) Signed-off-by:
-
Quentin Schulz authored
There are some syntax warnings returned by Python: """ yocto-docs/documentation/conf.py:162: SyntaxWarning: invalid escape sequence '\P' 'passoptionstopackages': '\PassOptionsToPackage{bookmarksdepth=5}{hyperref}', yocto-docs/documentation/conf.py:163: SyntaxWarning: invalid escape sequence '\s' 'preamble': '\setcounter{tocdepth}{2}', """ Backslashes must be doubled in Python string literals to avoid interpretation as escape sequence, c.f. https://www.sphinx-doc.org/en/master/latex.html#module-latex . Cc: Quentin Schulz <foss+yocto@0leil.net> (From yocto-docs rev: 037f99339a4bae60f41f89df37911690b507c9a1) Signed-off-by: -
Lee Chee Yang authored
reorder CVEs from alphabetical order to numerical order, align it with text based release notes. (From yocto-docs rev: a2ce17f656758db737c398263efa594604ca2271) Signed-off-by:
Lee Chee Yang <chee.yang.lee@intel.com> Reviewed-by:
-
Ross Burton authored
These test suites are full of timing-sensitive test cases, so skip them too. [ YOCTO #15321 ] (From OE-Core rev: f94c74cee8b2650dd3211a49dc7e88bf60d2e6a7) Signed-off-by:
Ross Burton <ross.burton@arm.com> Signed-off-by:
Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit dd06c3668dbe9ec1cf9a0a84d7a6bc9851f9c662) Signed-off-by:
-
Ross Burton authored
There are several tests in the test suite which are very dependent on timing and fail on a loaded host system, so skip them. [ YOCTO #14825 #14882 #15081 ] (From OE-Core rev: 161d336a6c57fddb36a0c4e8c2def84ce70128e3) Signed-off-by:
Alexandre Belloni <alexandre.belloni@bootlin.com> (cherry picked from commit 68beb4f4b5a0bea5d431decddf7656f18ac7a04a) Signed-off-by:
-
Khem Raj authored
Some tests hardcode assumptions on locales, which may not be present in musl systems e.g., therefore add a way to skip such tests using -skip option. Skip unixInit-3* test on musl (From OE-Core rev: a70f9039259d7d38c5a3e50f7003d3228d1ab692) Signed-off-by:
Khem Raj <raj.khem@gmail.com> Signed-off-by:
-
Steve Sakoman authored
This reverts commit 1bdcd10930a2998f6bbe56b3ba4c9b6c91203b39. Causes ptest failures: {'expat': ['test_accounting_precision', 'test_return_ns_triplet', 'test_column_number_after_parse', 'test_default_current', 'test_external_entity_values']} (From OE-Core rev: 46fb46c0fff83da85f37a1ea705170a6d2039eff) Signed-off-by: -
Peter Marko authored
backport relevant parts from https://invisible-island.net/archives/ncurses/6.4/ncurses-6.4-20230424.patch.gz (From OE-Core rev: 6a54788ebe147ecd8e347ff8d2ba95a1c461d27d) Signed-off-by:
Peter Marko <peter.marko@siemens.com> Signed-off-by:
-
Peter Marko authored
Patch: https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d News: https://github.com/openssl/openssl/commit/daee101e39073d4b65a68faeb2f2de5ad7b05c36 (From OE-Core rev: 42fc40198dfcbb5e96d7f2af7fc134e2b021d82a) Signed-off-by:
-
Vijay Anusuri authored
Upstream-Status: Backport from https://gitlab.freedesktop.org/xorg/xserver/-/commit/96798fc1967491c80a4d0c8d9e0a80586cb2152b & https://gitlab.freedesktop.org/xorg/xserver/-/commit/3e77295f888c67fc7645db5d0c00926a29ffecee (From OE-Core rev: 223950f9c748f89ee1b2a9df9cd77a0099e74581) Signed-off-by:
Vijay Anusuri <vanusuri@mvista.com> Signed-off-by:
-
Sana Kazi authored
Add CVE-2023-51767 to CVE_CHECK_IGNORE to avoid in cve-check reports as upstream does not consider CVE-2023-51767 a bug underlying in OpenSSH and does not intent to address it in OpenSSH. (From OE-Core rev: de4186610335201c69d8952d605bb291f4a7427c) Signed-off-by:
-
Alex Stewart authored
CVE-2023-47100 is a duplicate of CVE-2023-47038. They have the same advertised fix commit, which has already been merged into the perl_5.34.3 sources used in kirkstone. (From OE-Core rev: 8df158f39f1eed1e3ae88ddf935c67e067b72525) Signed-off-by:
Alex Stewart <alex.stewart@ni.com> Signed-off-by:
-
Jonathan GUILLOT authored
Typo prevents cupsd to start correctly with following error: Unable to read "/etc/cups/cupsd.conf" due to errors. Using `/usr/sbin/cupsd -t` to check the configuration: Unknown authorization type Defaul on line 77 of /etc/cups/cupsd.conf. Unknown Policy Limit directive AuthType on line 77 of /etc/cups/cupsd.conf. (From OE-Core rev: eab100205bc5cdffc5ccc7752e1ee5abd9ebb58a) Signed-off-by:
Jonathan GUILLOT <jonathan@joggee.fr> Signed-off-by:
-
- Apr 05, 2024
-
-
Alexander Kanavin authored
Try to particularly emphasize that it can be used to find out why something rebuilds when it shouldn't. (From yocto-docs rev: 1cd543e62e8f1b65e65108d919c2f481001e044c) Signed-off-by:
Alexander Kanavin <alex@linutronix.de> Reviewed-by:
-
BELOUARGA Mohamed authored
The documentation of the variable SPDX_NAMESPACE_PREFIX does not exist. This variable is used to change the prefix of some links in SPDX docs. (From yocto-docs rev: 0055b7ea1cdf72359695e08fe6d2ca9a405fba51) Signed-off-by:
BELOUARGA Mohamed <m.belouarga@technologyandstrategy.com> Reviewed-by:
-
Michael Opdenacker authored
According to errors reported by "make stylecheck" (From yocto-docs rev: b3aaf4523190f7528d49c29a9aea234bb1647eae) Signed-off-by:
-
Martin Jansa authored
* this is often confused to apply for e.g. meta-oe as well where it doesn't apply as meta-oe has own ML mentioned in README. (From yocto-docs rev: 98102408fe5468529e040a138f09c8fbc5fe065a) Signed-off-by:
Martin Jansa <martin.jansa@gmail.com> Reviewed-by:
-
Lee Chee Yang authored
(From yocto-docs rev: 8267ccacea77a657cf92bcd2b48bec5f2ef61849) Signed-off-by:
-
Michael Opdenacker authored
Allowing to remove nested parentheses in the text! (From yocto-docs rev: a0ba062f8b31426f80ccd760e29b054405ee2a8e) Signed-off-by:
-
Michael Opdenacker authored
Instead of "manpage(s)" or "man page(s)". To address one of the errors reported by "make stylecheck" (From yocto-docs rev: f6e69f8877d1d33200993f21b448e7fa3cf7859b) Signed-off-by:
-
Michael Opdenacker authored
Plus a few text styling improvements, some reported by "make stylecheck" (From yocto-docs rev: ce0e83716197773d8eae0c2f0edc1cf290ebd60f) Signed-off-by:
-
Michael Opdenacker authored
Use the "Vale" (https://vale.sh ) tool to perform text style checks Run "make stylecheck" to run the checks. This just checks the text, not the Sphinx syntax style choices. (From yocto-docs rev: e3e4ba2aa963d4d178c4e9e842e66f4ee4bd3736) Signed-off-by:
Thomas Petazzoni <thomas.petazzoni@bootlin.com> Signed-off-by:
-
Colin McAllister authored
Backports missing license from master to kirkstone. (From OE-Core rev: 26a878cbfbb3bc7a6e892e105577ebf8138ce150) Signed-off-by:
Colin McAllister <colin.mcallister@garmin.com> Signed-off-by:
-
Claus Stovgaard authored
When using the gcc-sanitizers as part of the SDK on a Linux with a newer kernel, the ASAN fails randomly. This was seen on Ubuntu 22.04. This is also described at https://stackoverflow.com/questions/77894856/possible-bug-in-gcc-sanitizers Backport the fix from LLVM project, as gcc has not yet backported anything for the 11 series. (From OE-Core rev: 7af8e24d6c60a01e398b10a57939947fb156feec) Signed-off-by:
Claus Stovgaard <claus.stovgaard@gmail.com> Signed-off-by:
-
Tan Wen Yan authored
https://github.com/urllib3/urllib3/releases/tag/1.26.18 Major changes in python3-urllib3 1.26.18: - Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses. (CVE-2023-45803) (cherry picked from OE-Core rev: 74da05b63634c248910594456dae286947f33da5) (From OE-Core rev: c473f32184ea0ab41f6eb4c8dcc1d7bb5fd7b16f) Signed-off-by:
Tan Wen Yan <wen.yan.tan@intel.com> Signed-off-by:
-
Lee Chee Yang authored
import patch from ubuntu to fix CVE-2023-52356 CVE-2023-6277 import from http://archive.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_4.3.0-6ubuntu0.8.debian.tar.xz (From OE-Core rev: 4728df36bb3888df4d3cc0db1fd66138e865c511) Signed-off-by:
-
