Raw short log since the 2.1.4 release:
Alex Henrie (1):
mkfs.jffs2: fix spelling of --compression-mode parameter in help text
Andrew Mellor (1):
ubinfo: Fix --vol_id return code for absent volume id
Christophe Kerello (1):
nandflipbits: fix corrupted oob
David Oberhollenzer (1):
Release mtd-utils-2.1.5
Enrico Jorns (1):
libmtd: do not ignore non-zero eraseblock size when MTD_NO_ERASE is set
Frederic Germain (2):
.gitignore: add new ubiscan utility
Fix warning about unaligned pointer in jffs2reader
Khem Raj (1):
tests: Remove unused linux/fs.h header from includes
Michael Walle (1):
mtd-utils: flash_otp_dump make offset optional
Mike Frysinger (1):
fix test bashism
Rafał Miłecki (1):
nandwrite: warn about writing 0xff blocks
Sascha Hauer (1):
mtd-utils: nanddump: fix writing big images on 32bit machines
liaohua (1):
nor-utils: fix memory leak
(From OE-Core rev: 7f2503ef132634431b28207c51b3fd18de076eb9)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit a3289c988764e5b864873b4adc7656c101a5b9c0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Version 3.0.16 is a patch release.
- Fix regressions in 3.0.15 due to improperly tested fuzz fixes
- Fix argument guards in icaltime_as_timet to match documentation and tests.
(From OE-Core rev: 6d68985f1a7a55cda92c177c739e51cac3faf653)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 77d4557d6f6a1405d03bb5dc7ca23d7ee78c2037)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
3.4.4 Oct-23-2022
Important aarch64 fixes, including support for linux builds
with Link Time Optimization (-flto).
Fix x86 stdcall stack alignment.
Fix x86 Windows msvc assembler compatibility.
Fix moxie and or1k small structure args.
3.4.3 Sep-19-22
All struct args are passed by value, regardless of size, as per ABIs.
Enable static trampolines for Cygwin.
Add support for Loongson's LoongArch64 architecture.
Fix x32 static trampolines.
Fix 32-bit x86 stdcall stack corruption.
Fix ILP32 aarch64 support.
License-Update: copyright years
(From OE-Core rev: 6ad074b1caff63e90805aac25cca8a831b57273d)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 5b42ba98ef26a52bad8de1790b402938fec4a160)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function
smc_encode_stream of the file libavcodec/smcenc.c of the component QuickTime Graphics Video Encoder. The
manipulation of the argument y_size leads to out-of-bounds read. The attack can be initiated remotely.
The name of the patch is 13c13109759090b7f7182480d075e13b36ed8edd. It is recommended to apply a patch to
fix this issue. The identifier of this vulnerability is VDB-213544.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2022-3965
Upstream Fix:
13c1310975
(From OE-Core rev: c1f1ab29b5e2911a15b072e7feb0133320bad976)
Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file
libavcodec/rpzaenc.c of the component QuickTime RPZA Video Encoder. The manipulation of the argument y_size
leads to out-of-bounds read. It is possible to initiate the attack remotely. The name of the patch is
92f9b28ed84a77138105475beba16c146bdaf984. It is recommended to apply a patch to fix this issue. The associated
identifier of this vulnerability is VDB-213543.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2022-3964
Upstream Fix:
92f9b28ed8
(From OE-Core rev: 40a1c9d3c839df6479582ac27264fac851a0d4c3)
Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It's "runtime/cases" in master and kirkstone.
If layer specific tests are in "runtime" directory,
they will not be found.
(From yocto-docs rev: 23dcf002eec5136427554112af8679fc2b98e61d)
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ext2/3/4 FS contains not only mtime, but also ctime, atime and crtime.
Currently, all the files are being added into the rootfs image using
mkfs -d functionality which affects all the timestamps excluding mtime.
This patch ensures these timestamps inside the FS image equal to
the SOURCE_DATE_EPOCH if it is set.
(From OE-Core rev: da2c64b3158c58eb0a484d3acbdf0419df2d34e8)
Signed-off-by: Sergei Zhmylev <s.zhmylev@yadro.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 75d2dd0ea7790db2e8ee921784ca373abff2df65)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Currently if you switch machines, gcc-source do_deploy_source_date_epoch
would re-run as the stamps are tune specific. This hasn't caused much
of an issue until now, however if we fix the gcc recipes to reuse the
timestamp from this task, it does then create problems.
Copy code from allarch to ensure this task hash doesn't change between
machines/tunes.
(From OE-Core rev: 1511cb3bae2d6e2dad48269108e68967ae302efc)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 7e052d03464ba5e880a6c5a0e45ff2f467ef97e8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Whilst we patch gengtype.cc, we don't patch gengtype-lex.cc which would
be the file which would trigger regeneration of files.
The real bug that was likely the cause for this fix is probably SDE issues
with gcc shared workdir so this code can now be dropped.
(From OE-Core rev: 8a49626bb32b40a2cf97fd8b80564b494ae38698)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 7ab82b5db2a737c2a0266280b15d343a27c0e1d5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The source date epoch for gcc isn't being transferred from the shared
workdir to the current WORKDIR for the specific recipe. This results in
the clamping code within sstate.bbclass using a value from 2011 which
changes the timestamps of many files. Since this happens part way
through the build, if pieces of gcc haven't built, or build/rebuild
later, we see things rebuilding when they should not and for generated
files, races are possible.
Fix this by copying the SDE from the shared workdir into the recipe
workdir.
[YOCTO #14953]
(From OE-Core rev: 0511f24264bcc27d6b61edd2e16f899c985eb8ad)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit b996293b4c8ab7ff3ed852045d17290df29205df)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When building with CONFIG_MODVERSIONS=y and CONFIG_RANDSTRUCT=y we need
to copy the build assets generated for the randstrutc seed to
STAGING_KERNEL_BUILDDIR, otherwise the out-of-tree modules build will
generate those assets which will result in a different
RANDSTRUCT_HASHED_SEED.
(From OE-Core rev: d6cb9dce1ffb14f9db497e9bb0cb7265ea4064ec)
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit b36303158b2e0273ff415bdedefb379f680b30fc)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Since RRECOMMENDS declaration implictly induces building the recipes
that provide the runtime recommended packages, conditionalize adding
such values according to associated PACKAGECONFIG settings in order
to avoid redundant building.
(From OE-Core rev: 41ecfff7a413fff178364d67c1bf96c8e6d31c30)
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit a1989add927f7805378fe4d5afbde780b747ba77)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add the trailing '.git' to git repo uri in SRC_URI then it could share
source code repo on premirror with grpc which uses libuv as a git
submodule with fixed revision.
(From OE-Core rev: 8e5d2044ff27b54a8013fbf2ecf1cccd2cf76871)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit cecdf616e7cf192cdc723a446be1d14c197c980d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Whilst SDE definitely needs to be exported, the fallback does not as
it is only used in our python code via the datastore.
It was introduced as an export in 9a1dde74e794362399193dc3f81c9685a83d0776
but even then it doesn't look like it needed to be, likely just a copy and
paste mistake.
Drop the export.
(From OE-Core rev: 7a1555a0f4223f8ca4485b410de91098301d5896)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 74fb6539dd06acb0dd6a9af4809152975e8473e6)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Check if the module object has attribute '__file__' to fix and
avoid errors like:
AttributeError: module '_abc' has no attribute '__file__'. Did you mean: '__name__'?
(From OE-Core rev: 1684457df9fb7029a276df4438c8fc4a17e3e1e9)
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 8acce12c1a4cf37ac312c92d62a6ae93a349dddf)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Currently the hciattach bcm43xx firmware loader looks up the firmware
blob in /etc/firmware . Change this to /lib/firmware instead, so that
the path is consistent with Linux kernel which also looks up firmware
for the WiFi part in /lib/firmware .
(From OE-Core rev: 67f6fe7d2cfb95c9a39a0d288daabf69babf6f17)
Signed-off-by: Marek Vasut <marex@denx.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 72b3b79ad8b980e8dd9470d16b72c2c70072bbc0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
STAGING_KERNEL_DIR uses the MACHINE name so it breaks the multiconfig
and in this cases it will run the shared recipes twice, one for each
machine.
STAGING_KERNEL_DIR it's been introduced in commit 5487dee2e1
(From OE-Core rev: 8e65e5d9204cbc04587b7e90ff4ed8cd7bffdb65)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6050d1f74c02495490d982ead2993b6b3c9cc04a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Newer versions of binutils (2.38+) have changed how the
"--only-keep-debug" of objcopy behaves when stripping non-debug sections
from an ELF.
https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=68f543154e92ab0f5d6c569e0fa143f5e8bd2d80
This change causes associated sections to be correctly marked as NOBITS
with the section contents removed from the output. The side effect is
that this causes issues with objcopy's ability to perform symbol and
relocation stripping (-S/--strip-all) on the debug split ELF, such that
with some object files (e.g. kernel modules) objcopy fails to strip
symbols/relocations with an error like the following:
.../.debug/nls_cp950.ko[.rodata]: file truncated
Because of this it is now problematic to generate minidebuginfo for
these types of ELF objects. However it is not typically useful to inject
minidebuginfo into these types of ELFs, and other distributions (e.g.
Fedora, referring to find-debuginfo.sh of debugedit) only insert
minidebuginfo into executables and shared libraries.
This change causes the minidebuginfo injection to only apply to EXEC/DYN
type ELFs, which limits the injection to executables and shared
libraires.
Additionally this change fixes the parsing of the sections from the
"readelf -W -S" output which was not accounting for the section index
column having leading spaces for single digit index values e.g. "[ 1]".
(From OE-Core rev: 9485559d269ed11bfcc90399c9282549ced35ce0)
Signed-off-by: Nathan Rossi <nathan.rossi@digi.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 2084cfcb3d15db3e02637f1cd63ab9c997f38a65)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The glibc-locale recipe already partially depends on the base depends in
order to satisfy the do_package dependency on binutils. However since
commit d6ffd683bf6 NM has defaulted to gcc-nm, meaning do_package
depends on gcc (for minidebuginfo).
Whilst the do_package task could handle having the dependencies
explicitly defined (either in glibc-locale or in package.bbclass),
setting these would require some amount of conditional dependency
configuration (cross/crosssdk/etc.). Since both binutils and gcc are
already dependencies of virtual/libc (although compilerlibs is not),
having glibc-locale not inhibit the default depends simplifies the
handling of this situation for both glibc-locale and package.bbclass.
(From OE-Core rev: 97020ee9912663196a7e8a524a23b0b70d8cf686)
Signed-off-by: Nathan Rossi <nathan.rossi@digi.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 8a40d0a6039e87a5b4b26a0e84dd797fe5c75cba)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add a new selftest to validate minidebuginfo support. This selftest
builds a complete target image with PACKAGE_MINIDEBUGINFO enabled. ELFs
included in the image are expected to have minidebuginfo included in the
resulting executables and shared libraries, the self test validates this
by unpacking the image and checking for the associated ".gnu_debugdata"
section on busybox and libc ELFs.
(From OE-Core rev: e7b0b23fd8357456ba41fe8d222f10313536d2d3)
Signed-off-by: Nathan Rossi <nathan.rossi@digi.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 5063a31ad05b75ec6ac12158fe759e81fcdb1585)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Config written to the emptytest include file is invalid after the test
has cleaned up its temporary directories resulting in the emptytest
recipe potentially having invalid content when parsed by successive
bitbake runs.
This presents the following error in tests after lic_checksum execution,
e.g. 'oe-selftest -r lic_checksum recipetool'
ERROR: .../emptytest.bb: Unable to get checksum for emptytest SRC_URI entry tmpn_nyosnq: file could not be found
Remove the recipe include content once the bitbake runs are completed in
each lic_checksum test case.
(From OE-Core rev: 63f4da1f46d4fdf0c244f0e52028087657fea7d4)
Signed-off-by: Nathan Rossi <nathan.rossi@digi.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 087df767a64b271b503d714df3df6d8b3caad1c0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
==========
* configure: Restore ucontext api functionality check.
In c3f01c72b303cbbb0cc8983120677edee2f3fa4b the use of the ucontext api
in the main program was removed, and with it the configure check for it.
However, the ucontext api is still used in the "explicit_bzero" test and
thus this test still needs to be in place.
See also: https://bugs.gentoo.org/838172
* configure: Restore the functionality of the '--disable-symvers' switch.
Without this fix the build was simply broken, if symbol versioning was
disabled for any reason, e.g. whether the compiler nor the linker
supporting it, or if disabled on purpose by the user (issue #142).
* Fix variable name in crypt(3) for a datamember of 'struct crypt_data'
(issue #153).
* Add glibc-on-loongarch-lp64 (Loongson LA464 / LA664) entry to
libcrypt.minver. This was added in GNU libc 2.36.
(From OE-Core rev: 061a969a6d7a8d3a7009190a18c1564cae4ad990)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 7da5dd3b43718b876645602b1a23c739cbe8016d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
1.7.4.4 is a bug fix release
0001-configure.ac-check-getprotobynumber_r-with-AC_TRY_LI.patch
removed since it's included in 1.7.4.4
(From OE-Core rev: 42942e565870bd4d0753e0dc7bed9277a71bccf9)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit c00e9d66f0b8449ff1bf24546f232345eb6feebd)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
https://gitlab.isc.org/isc-projects/bind9/-/blob/v9_18_8/CHANGES
--- 9.18.7 released ---
5962. [security] Fix memory leak in EdDSA verify processing.
(CVE-2022-38178) [GL #3487]
5960. [security] Fix serve-stale crash that could happen when
stale-answer-client-timeout was set to 0 and there was
a stale CNAME in the cache for an incoming query.
(CVE-2022-3080) [GL #3517]
5959. [security] Fix memory leaks in the DH code when using OpenSSL 3.0.0
and later versions. The openssldh_compare(),
openssldh_paramcompare(), and openssldh_todns()
functions were affected. (CVE-2022-2906) [GL #3491]
5958. [security] When an HTTP connection was reused to get
statistics from the stats channel, and zlib
compression was in use, each successive
response sent larger and larger blocks of memory,
potentially reading past the end of the allocated
buffer. (CVE-2022-2881) [GL #3493]
5957. [security] Prevent excessive resource use while processing large
delegations. (CVE-2022-2795) [GL #3394]
5956. [func] Make RRL code treat all QNAMEs that are subject to
wildcard processing within a given zone as the same
name. [GL #3459]
5955. [port] The libxml2 library has deprecated the usage of
xmlInitThreads() and xmlCleanupThreads() functions. Use
xmlInitParser() and xmlCleanupParser() instead.
[GL #3518]
5954. [func] Fallback to IDNA2003 processing in dig when IDNA2008
conversion fails. [GL #3485]
5953. [bug] Fix a crash on shutdown in delete_trace_entry(). Add
mctx attach/detach pair to make sure that the memory
context used by a memory pool is not destroyed before
the memory pool itself. [GL #3515]
5952. [bug] Use quotes around address strings in YAML output.
[GL #3511]
5951. [bug] In some cases, the dnstap query_message field was
erroneously set when logging response messages.
[GL #3501]
5948. [bug] Fix nsec3.c:dns_nsec3_activex() function, add a missing
dns_db_detachnode() call. [GL #3500]
5947. [func] Change dnssec-policy to allow graceful transition from
an NSEC only zone to NSEC3. [GL #3486]
5946. [bug] Fix statistics channel's handling of multiple HTTP
requests in a single connection which have non-empty
request bodies. [GL #3463]
5945. [bug] If parsing /etc/bind.key failed, delv could assert
when trying to parse the built in trust anchors as
the parser hadn't been reset. [GL !6468]
5944. [bug] Fix +http-plain-get and +http-plain-post options
support in dig. Thanks to Marco Davids at SIDN for
reporting the problem. [GL !6672]
5942. [bug] Fix tkey.c:buildquery() function's error handling by
adding the missing cleanup code. [GL #3492]
5941. [func] Zones with dnssec-policy now require dynamic DNS or
inline-siging to be configured explicitly. [GL #3381]
5938. [bug] An integer type overflow could cause an assertion
failure when freeing memory. [GL #3483]
5936. [bug] Don't enable serve-stale for lookups that error because
it is a duplicate query or a query that would be
dropped. [GL #2982]
5935. [bug] Fix DiG lookup reference counting bug, which could
be observed in NSSEARCH mode. [GL #3478]
(From OE-Core rev: ed4a32b9c6e25b09a2aa4eb0446bf0ea9ed37ca9)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 1d87d2652f7f6640dda85e037c580c83f99a8ba8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Release 2.5.0 Tue October 25 2022
Security fixes:
#616#649#650 CVE-2022-43680 -- Fix heap use-after-free after overeager
destruction of a shared DTD in function
XML_ExternalEntityParserCreate in out-of-memory situations.
Expected impact is denial of service or potentially
arbitrary code execution.
Bug fixes:
#612#645 Fix curruption from undefined entities
#613#654 Fix case when parsing was suspended while processing nested
entities
#616#652#653 Stop leaking opening tag bindings after a closing tag
mismatch error where a parser is reset through
XML_ParserReset and then reused to parse
#656 CMake: Fix generation of pkg-config file
#658 MinGW|CMake: Fix static library name
Other changes:
#663 Protect header expat_config.h from multiple inclusion
#666 examples: Make use of XML_GetBuffer and be more
consistent across examples
#648 Address compiler warnings
#667#668 Version info bumped from 9:9:8 to 9:10:8;
see https://verbump.de/ for what these numbers do
Includes a fix for CVE-2022-43680.
(From OE-Core rev: 8dda30a9c64a4ad1f8eee11deb2e5143ba5fd719)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a257a674272dc638f09167e9b9202adfb477ef1e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Prepare for version bump which includes this fix
This reverts commit 791fe354e5887af3fa3d3f772fafacc5eaedca21.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport a patch from upstream[1] to fix CVE-2022-42011 dbus-daemon can be crashed by messages with array length inconsistent with element type
[1] b9e6a75230
(From OE-Core rev: 5d96a3c244388623d87a2999dafaa25d0bd216b6)
Signed-off-by: Xiangyu Chen <xiangyu.chen@eng.windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We identified a use case where a native recipe (autoconf-native) was
rebuilt with no change in output yet the sstate for do_package tasks
wasn't being used.
The issue is that do_package tasks have a hard dependency on
pseudo-native:do_populate_sysroot. That task was one of the many
tasks being rehashed when autoconf-native's hash was changed.
If update_tasks processed a recipe before it had processed pseudo-native,
that recipe would be marked as not possible from sstate and would
run the full tasks.
The fix is to split the processing into two passes, first to handle
the existing covered/notcovered updates, then in the second pass,
check whether there are "harddep" issues.
This defers the do_package tasks until after pseudo-native is installed
from sstate as expected and everything works well again.
(Bitbake rev: 72a3afd99e8b785cb2a2f687e71a58e08cdd9c74)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e479d1e418a7d34f0a4663b4a0e22bb11503c8ab)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
io_uring is enabled or disabled depending on whether liburing is available,
so add a PACKAGECONFIG to make this explicit, disabled by default.
(From OE-Core rev: 3243b069db7629d15e4b8c25b4133f824d18520c)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit daee79639c39ac6278855b35e0ddf71e52dd13f8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
