We have long since obsoleted md5sum in favour of sha256sum. Drop the remaining
56 entries (which were showing many recipes hadn't been touched in a long time).
They all do have the corresponding sha256sum entries as is clear from the diff.
(From OE-Core rev: 7e4bfcc9706fa8a09f6a0004174a2c3b21c90df3)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Use an existing defined CVE_CHECK_STATUSMAP key in
meta/lib/oe/cve_check.py in order to avoid following complaint from
BitBake:
WARNING: libyaml-native-0.2.5-r0 do_create_spdx: Invalid detail "wontfix" for CVE_STATUS[CVE-2024-35328] = "wontfix: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302", fallback to Unpatched
(From OE-Core rev: c66d9a2a0d197498fa21ee8ca51a4afb59f75473)
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This has not yet been disputed officially
(From OE-Core rev: 7ec7384837f3e3fb68b25a6108ed7ec0f261a4aa)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is open yet but seems to be disputed
(From OE-Core rev: 4cba8ad405b1728afda3873f99ac88711ab85644)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is the result of automated script conversion:
scripts/contrib/convert-overrides.py <oe-core directory>
converting the metadata to use ":" as the override character instead of "_".
(From OE-Core rev: 42344347be29f0997cc2f7636d9603b1fe1875ae)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Helps building static tools which depend on libyaml during build or
shipped with SDK
libyaml is MIT licensed so static linking would not be as prohibitive
(From OE-Core rev: 1c2be08fc66c09ed7547eda172da4c99e8563091)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-License-Update: file name changed from LICENSE to License.
Copyright year updated to 2020.
(From OE-Core rev: 93cd242d3d75492cd67adb59f297505851919eae)
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Change all recipes to https where we get an http 301 permanent redirect.
(From OE-Core rev: e514acda9e12bccde6d3974e0fd1a37b3837191a)
Signed-off-by: Stefan Müller-Klieser <s.mueller-klieser@phytec.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upstream appear to have regenerated the tarball, the new one is the same except the
directory name changed from libyaml to yaml. Adapt to this.
(From OE-Core rev: 9ab05b6ec860078df37c4ea68267ecffaa0ce38c)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
License changed due to copyright dates being added.
(From OE-Core rev: 079df0021b0819f4b88e20ac8f3350a0f153c6bc)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The currnet patches in OE-core doesn't have the "CVE:"
tag, now part of the policy of the patches.
This is patch add this tag to several patches. There might
be patches that I miss; the tag can be added in the future.
(From OE-Core rev: 065ebeb3e15311d0d45385e15bf557b1c95b1669)
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
