Add missing parenthesis, and another example of a compressed patch filename.
(From yocto-docs rev: febc0c6b7b5843c70ed01f9b2bda71c02091eae6)
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This includes CVE fix for CVE-2023-5535.
(From OE-Core rev: 7681436190354b5c5b6c3a82b3094badd81113de)
Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(From OE-Core rev: a1256b8fa415002eee78427cc292b866570ee267)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Add a SECURITY.md file with hints for security researchers and other
parties who might report potential security vulnerabilities.
(From meta-yocto rev: e3c11a51dc814fdd400998f50b17e572d453e1d2)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Add a SECURITY.md file with hints for security researchers and other
parties who might report potential security vulnerabilities.
(Bitbake rev: 6c1ffa9091d0c53a100e8c8c15122d28642034bd)
Signed-off-by: Marta Rybczynska <marta.rybczynska@syslinbit.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
uboot-extlinux-config allows to specify multiple "labels" (entries in a
menu, à-la grub) and each of them have their own values for some fields.
Each "base" variable, e.g. UBOOT_EXTLINUX_FDT can be overridden for each
label. This is done via the OVERRIDES mechanism based on the label name,
e.g. UBOOT_EXTLINUX_FDT:linux if linux is a label.
However, OVERRIDES doesn't contain the label globally because it's only
necessary in one task. Therefore, the OVERRIDES itself is modified
within the task. This means that the sigdata will not be told the
dependency on UBOOT_EXTLINUX_FDT:linux, because it cannot know about it.
For this reason, we need to explicitly specify which variables this task
depends on via vardeps varflag for the task.
This was done in the past, but we missed updating it during the override
syntax migration so the cache wouldn't get invalidated if someone
modifies UBOOT_EXTLINUX_FDT:linux from a configuration file or a
bbappend for example.
Let's fix this by migrating it to the new syntax.
(From OE-Core rev: 5570e49791b770271f176a4deeb5f6f1a028cb4a)
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b4dd9d873508128adbbf5ff6cf0a3df3d2ffbcf6)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Adds an additional note about some of the side effects that can occur if
recipes are not reproducible and hash equivalence is enabled.
(From yocto-docs rev: aaf3e97c78e235bf3042c79ecdcf0b7c1a68ca8f)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The proper way to inherit the testimage class is now
IMAGE_CLASSES += "testimage"
so change lines with 'INHERIT += "testimage"' to match. This makes the
dev-manual consistent with the migration guide, which already specifies
that the old way causes an error.
(From yocto-docs rev: 40d82ec5f55c2353ef6f052e8460a6003fd903f4)
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
1.26.17 (2023-10-02)
Added the Cookie header to the list of headers to strip from requests
when redirecting to a different host. As before, different headers can
be set via Retry.remove_headers_on_redirect. (CVE-2023-43804)
1.26.16 (2023-05-23)
Fixed thread-safety issue where accessing a PoolManager with many
distinct origins would cause connection pools to be closed while
requests are in progress (#2954)
(From OE-Core rev: 27a1de55a46b7b313eb2a6370e9d779a7cd49154)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Add dependence python3-logging.
Changelog:
=========
* Removed support for Python 3.5
* Fixed an issue where a "ProxyError" recommending configuring the proxy as HTTP
instead of HTTPS could appear even when an HTTPS proxy wasn't configured.
(From OE-Core rev: d9f200b931e48d957b721005f0140ef3fff55af3)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a8a26a92dfe367472daf086a33a1b30ff6d17540)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This includes CVE fix for CVE-2023-5441.
(From OE-Core rev: 6c88137d4ab36054ac97cff0457d78ef503f383e)
Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
declaring queue=b"" creates an object of types bytes().
bytes() is an immutable object, and therefore doing "self.queue = self.queue + r"
creates a new object containing "self.queue" concatenated with "r".
On my test setup, we are passing 180MB of data of "workerdata" to the bitbake-worker,
so those copies significantly slow down the initialization of the bitbake-worker.
Rather use bytearray() which a mutable type, and use extend() to avoid copies.
In my test setup, byterray.extend() is 10.000 times faster than copying the queue,
for a queue size of 180MB.
(Bitbake rev: 9993a89e5b97dda5f3657e5a7cc3a4fa94ff7111)
Signed-off-by: Etienne Cordonnier <ecordonnier@snap.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
bitbake-getvar does not have a way to silence bitbake
server's logger and that makes the tool hard to use for
text processing. This is especially true when one wants to
get a bitbake value to be piped to some other utility and
instead we get uncontrolled logging messages or warnings
together with bitbake's variable value.
Example without quiet:
bitbake-getvar --value MACHINE
NOTE: Starting bitbake server...
qemux86-64
With quiet:
bitbake-getvar --value MACHINE --quiet
qemux86-64
(Bitbake rev: d677daa0770c66010fc4ed0af5bbbb94752ba590)
Signed-off-by: Paulo Neves <ptsneves@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit af354e975d0b4c26d0e91e3c82946b093bc11b45)
Signed-off-by: Markus Niebel <Markus.Niebel@ew.tq-group.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This is in accordance with the gatesgarth Release Notes:
> In the ``Upstream-Status`` header convention for patches,
> ``Accepted`` has | been replaced with ``Backport`` as these almost
> always mean the same thing i.e. the patch is already upstream and
> may need to be removed in a future recipe upgrade. If you are adding
> these headers to your own patches then use Backport to indicate that
> the patch has been sent upstream.
<https://docs.yoctoproject.org/migration-guides/migration-3.2.html#miscellaneous-changes>
Suggested-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
(From yocto-docs rev: 9abc0d3100a07d93249f2fb376c42aab1bd9eb3a)
Signed-off-by: Roland Hieber <rhi@pengutronix.de>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
It was never really clear what all those reasons really meant, and every
patch submitted upstream liftens the maintenance on the Yocto side.
So remove the current list, and replace it with two reasons in which an
upstream submission likely won't benefit the upstream project.
Suggested-by: Alexander Kanavin <alex.kanavin@gmail.com>
(From yocto-docs rev: e0aabb7f3e7cd28a22224740eeb794a86ab34886)
Signed-off-by: Roland Hieber <rhi@pengutronix.de>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This was previously included in the OpenEmbedded wiki page [1], but was
not ported along with the rest in commit 95c9a1e1e78bbfb82ade
(2023-09-12, Michael Opdenacker: "contributor-guide: recipe-style-guide:
add Upstream-Status").
[1]: https://www.openembedded.org/index.php?title=Commit_Patch_Message_Guidelines&oldid=10935
Group the examples in their own sections (but name it differently from
any other section in this document so that sphinx doesn't generate a
warning about duplicate labels).
(From yocto-docs rev: 090049e08d7b6fc497a9ac5bc9fabbfa35327414)
Signed-off-by: Roland Hieber <rhi@pengutronix.de>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
