The current exception handler in list_and_fetch_failed_tests_artifacts
expects a non-exisiting variable and then fail to display the original
exception message since it raises a new one. The issue has been introduced
with commit 6e80b2ab66 ("oeqa/utils/postactions: transfer whole archive
over ssh instead of doing individual copies"). Now that tests artifacts are
now handled individually, there's no point of trying to print individual
names in the exception.
(From OE-Core rev: 60a7448abce091eb8c1cb953058fade0beb8b670)
Signed-off-by: Alexis Lothoré <alexis.lothore@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a50e72bb64fb8b0d14c23164eaeeabd9c271ac19)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
------C65ED3E1A5DE826CA595746785F6AF6F
To: openembedded-core@lists.openembedded.org
CC: Alban Bedel <alban.bedel@aerq.com>
Subject: [PATCH] bind: Fix build with the `httpstats` package config enabled
Date: Wed, 11 Sep 2024 08:26:47 +0200
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain
MIME-Version: 1.0
When the `httpstats` package config is enabled configure fails with
the error:
> configure: error: Specifying libxml2 installation path is not
> supported, adjust PKG_CONFIG_PATH instead
Drop the explicit path from `--with-libxml2` to solve this issue.
(From OE-Core rev: b87811febbb1a33182d8a3eb8c0f671548ae999a)
Signed-off-by: Alban Bedel <alban.bedel@aerq.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9b076fa51f5e6fd685066fb817c47239960778e6)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
While debugsrc is almost always a file (or link), there are apparently
cases where a directory could be returned from the dwarfsrcfiles
processing. When this happens, the hashing fails and an error results
when building the SPDX documents.
(From OE-Core rev: cc24c32795e6894387a6e7ebc9b1d9f4215621f0)
Signed-off-by: Mark Hatle <mark.hatle@amd.com>
Signed-off-by: Mark Hatle <mark.hatle@kernel.crashing.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 02e262c291c0b2066132b4cb2ca5fda8145284a9)
Signed-off-by: Mark Hatle <mark.hatle@kernel.crashing.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The solution to the problem upstream was fixed by the following commit:
ca6546fe52
Now MAX_INPUT is defined for non-glibc systems such as musl.
This fix was added in BlueZ 5.67.
(From OE-Core rev: a2532944258334c9f64b673278040dd5e27489d2)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This fixes and issue that allows blank lines to be incorrectly output
when the "-s" flag is included. This issue propogates into the
populate-volatile.sh script in initscripts. If a volatiles drop file
contains blank lines, a blank line will be included in combined users,
which will incorrectly result in a difference in the number of combined
users versus defined users. If this happens, the volatiles file will not
be executed.
(From OE-Core rev: dfbcf0581ab3dd47037726a7b8aa06f777792473)
(From OE-Core rev: 5f75aaf0489f40bd35cdd27322e4d1189e30a9e4)
Signed-off-by: Colin McAllister <colinmca242@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Adds extra "--collect" flag to the mount command within
automount_systemd. This is intended to fix an observed deadlock after
rapidly inserting and removing external media. This is because if the
mount command fails, the transient mount will enter a failed state. The
next time the media is inserted, automount_systemd bails because the
first consition finds that the file path for the failed transient mount
still exists. This leaves the external media unmounted and cannot be
mounted until the mount is fixed via systemctl or the device is
rebooted.
Adding "--collect" ensures that the transient mount is cleaned up after
entering a failed state, which ensures that the media can still be
mounted when it's re-inserted.
(From OE-Core rev: f0cda74d73eb8c14cd6f695f514108f1e94984a6)
(From OE-Core rev: 33de458b758c2fe430b515ff419dd200ea97ca0b)
Signed-off-by: Colin McAllister <colinmca242@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
We planned to drop SSTATEPOSTINSTFUNC some time ago with the introduction of
postfuncs. Finally get around to doing that which should make the buildhistory
code a little more readable.
Unfortunately ordering the buildhistory function calls after the sstate ones is
difficult without coding that into the sstate class. This patch does that to
ensure everything functions as expected until we can find a better way. This is
still likely preferable than the generic sstate postfuncs support since the function
flow is much more readable.
(From OE-Core rev: 466c505b779dec2ba790f4e6cde7fbb35037f4ef)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c9e2a8fa2f0305ef1247ec405555612326f798f8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This fix will ensure that, when we activate feature
`BUILDHISTORY_RESET`, files marked to keep on feature
`BUILDHISTORY_PRESERVE` will indeed exist is buildhistory
final path since they are moved to buildhistory/old but
not restored at any point.
(From OE-Core rev: 93ee5b0ee71a51daba9a332e8dba93d78a849677)
Signed-off-by: Pedro Ferreira <Pedro.Silva.Ferreira@criticaltechworks.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9f68a45aa238ae5fcdfaca71ba0e7015e9cb720e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The directory that buildhistory_list_pkg_files writes to during do_package
is created by do_packagedata so a clean buildhistory doesn't have
files-in-package written during the first build since packagedata happens
after do_package.
Ensure the output package folder is created to avoid missing
files-in-package.txt files.
Also it ensures that in case of `find` fails we leave with
a hard error instead of hiding the error on the for loop.
(From OE-Core rev: eb94b09a9183e0b0d9cfc45287e0967ae185c099)
Signed-off-by: Pedro Silva Ferreira <Pedro.Silva.Ferreira@criticaltechworks.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8de9b8c1e199896b9a7bc5ed64967c6bfbf84bea)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Includes security fixes for CVE-2024-7592, CVE-2024-8088, CVE-2024-6232,
CVE-2023-27043 and other bug fixes.
Removed below patches, as the fix is included in 3.12.6 upgrade:
1. CVE-2024-7592.patch
2. CVE-2024-8088.patch
Release Notes:
https://www.python.org/downloads/release/python-3126/
(From OE-Core rev: aa492b1fd5973c37b8fa2cd17d28199eba46afcc)
(From OE-Core rev: 6688a8ff2e1cbf6ad8ebd1b89ec6c929caf6a161)
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Python 3.12.5 is failing a newer ptest for reading/writing limited
history when editline (default) is set in PACKAGECONFIG. Skip it for now
until a proper fix (if any) is determined.
A bug has been opened upstream: https://github.com/python/cpython/issues/123018
(From OE-Core rev: de569ddffd5ea36b70c56df21dec9c892e5dee7d)
(From OE-Core rev: 98b3a3e3f79a3edaa4cf2cfbf58eb84553d65e1e)
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Updated SRC_URI link and format due to change in openssl website.
CVE's Fixed by upgrade:
CVE-2024-5535: Fixed possible buffer overread in SSL_select_next_proto().
CVE-2024-6119: Fixed possible denial of service in X.509 name checks
- Removed backports of CVE-2024-5535 as it is already fixed.
- Removed first hunk of 0001-Added-handshake-history-reporting-when-test-fails.patch as the copyright years are already updated in test/helpers/handshake.c file
Detailed Information:
https://github.com/openssl/openssl/blob/openssl-3.2/CHANGES.md#changes-between-322-and-323-3-sep-2024
(From OE-Core rev: 2155e3016a98ae0db28488dcc5176437e6f8b24a)
Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This version bump adds new features and should not have been taken.
This reverts commit 35c2b5f56bca789b9723a144fda0a130a67a860c.
(From OE-Core rev: 79ed0dba62404b9de3cd97bc861dea8779416afc)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The presence or lack of nroff on the host was changing the doc type. Stop
the code from looking at host paths outside HOSTTOOLS and hence cause the
doc type to be deterministic and reproducible.
(From OE-Core rev: 343f40b0bc8ef65cc1e2abd6c9c33bb2e08bad3d)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 918e2b266eba6779f19f65349f85caa880ba45e7)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The presence or lack of nroff on the host was changing the doc type. Set it
explicitly to be deterministic and reproducible.
(From OE-Core rev: 9ed723d1972b4e1bd1ae799661194ccbd4c6c759)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f5053abb8957acf358b518ee3c76146dc5f4eb6c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
When bitbaking python3-rpds-py it built extension module as:
site-packages/rpds/rpds.cpython-312-armv7l-linux-gnueabihf.so
Which caused error on target:
root@qemuarm:~# python3 -c "from rpds import HashTrieMap, HashTrieSet, List"
Traceback (most recent call last):
File "<string>", line 1, in <module>
File "/usr/lib/python3.12/site-packages/rpds/__init__.py", line 1, in <module>
from .rpds import *
ModuleNotFoundError: No module named 'rpds.rpds'
Where as it should have been:
site-packages/rpds/rpds.cpython-312-arm-linux-gnueabihf.so
Associated upstream bug report:
https://github.com/PyO3/maturin/issues/2203
Associated upstream pull request:
https://github.com/PyO3/maturin/pull/2204
Note - mitigation has not been tested with musl:
https://github.com/PyO3/maturin/pull/2204#issuecomment-2323952320
(From OE-Core rev: 32a8a7379008cc6e367b7664c5b10b29f0bb8136)
(From OE-Core rev: d2f73e3840c21997b918d1f1cfae965c618c1076)
Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The contents of the COPYING file included in the current source code
package match those of LGPL-2.0 license, which seems to have been the
case since 2011 commit
c6691faa03
(From OE-Core rev: f3ae58b741e4e6e3a5196ff75fcc4da6ee89d0b9)
(From OE-Core rev: 422bee7302ea26403e0ac048d3a0e72988be83b3)
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The contents of the LICENSE.md file included in the current source
code package match those of libtiff license, which seems to have been
the case since 1999 commit
0ef31e1f62
where it was added with filename COPYRIGHT and was then changed to
LICENSE.md in 2022 commit
fa1d6d787f
(From OE-Core rev: 71d8e8b03349ab18dca558055c2b3a3687785ddf)
(From OE-Core rev: 5495cf45ce74e79be3b8d9b1195f65e253c62828)
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The contents of the LICENSE file included in the current source code
package match those of Info-ZIP license, which seems to originate from
the year 2007:
This is version 2007-Mar-4 of the Info-ZIP license.
(From OE-Core rev: 3739a1af61ff6f0faca23bb565f9e71666953715)
(From OE-Core rev: c9bc2bc9c9d0482b13b27505b57df050ebe01898)
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The contents of the LICENSE file included in the current source code
package match those of Info-ZIP license, which seems to originate from
the year 2009:
This is version 2009-Jan-02 of the Info-ZIP license.
(From OE-Core rev: e7c9368e56a6ad90b4ffbba1b765e2b3a331c796)
(From OE-Core rev: f4b84a234662bc8f68e54d4753d9f03e4c2e7931)
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Backport upstream patch to add a missing header. The patch says it is
for systemd, but I am seeing build issues when building openssh with
clang and musl. The issue being seen is:
#warning usage of non-standard #include <sys/cdefs.h> is deprecated
And similar deprecated warnings. This patch resolves the issue.
Original patch can be found at
88351eca17
This issue was introduced with OE-Core 1c9d3c22718bf49ae85c2d06e0ee60ebdc2fd0c1
1c9d3c2271
Patch suggested by Khem Raj.
(From OE-Core rev: ae4064a8a60b60bee8a32a454e8784fcf1ecd318)
Signed-off-by: Jon Mason <jdmason@kudzu.us>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Under high load, the ssh test is hitting the amount of retries.
Increase it to 20 to avoid this issue. This would increase the maximum
failure time from 50 seconds (5 * 10) to 100 seconds.
(From OE-Core rev: 4581b5793f310d2f1f0c80bfe1a5f8743416c4fc)
Signed-off-by: Jon Mason <jdmason@kudzu.us>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c796438eec5dd6b4671b798f85506bc89ff402ab)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Changelog:
==========
- context: use rpmtsAddReinstallElement() when doing a reinstall
- MergedTransaction: Fix invalid memory access when dropping items
- ConfigParser: fix use-out-of-scope leaks
- Since we use rpmtsAddReinstallElement rpm also uninstalls the package
- Fix countme bucket calculation
(From OE-Core rev: 20b67ad71cfa3eac35b2514067f87d79d9c3da2e)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9cf8330068503a5721640763309c4c74f293a94d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Changelog:
===========
- Fixed error handling when reading a mixed "1setOf" attribute.
- Fixed scheduler start if there is only domain socket to listen on
0001-use-echo-only-in-init.patch
0002-don-t-try-to-run-generated-binaries.patch
0004-cups-fix-multilib-install-file-conflicts.patch
refreshed for 2.4.10.
(From OE-Core rev: 01039c35a89de4bbd1410b3ee08a99cf325adf2b)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit dd7a978d2d7feb11f6c265ba812c8ca29912ebc6)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
At some point this became unnecessary, as tested by building apr
with DISTRO_FEATURES:append = " ld-is-gold"
The logs do confirm that (previously) problematic binary links without errors.
(From OE-Core rev: c04d1ca0d4f1c7236a5093e7be5ef51633c503fd)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c041932f14cf552b0446732ce0cca6537f3286ab)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
If XvFB is enabled, the CVE_STATUS for CVE-2023-5574 should be
'unpatched' rather than the empty string. Otherwise SDPX checker
complains:
xserver-xorg-2_21.1.13-r0 do_create_spdx: Unknown CVE status
(From OE-Core rev: 9965028d74b3c480f7556d299d616999822b79bf)
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0ec5dcbdd7c922df25ce90b04902d9c7c749a8c0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
There is a HIGH severity vulnerability affecting the CPython "zipfile"
module. When iterating over names of entries in a zip archive (for example,
methodsof "zipfile.ZipFile" like "namelist()", "iterdir()", "extractall()",
etc) the process can be put into an infinite loop with a maliciously crafted
zip archive. This defect applies when reading only metadata or extracting
the contents of the zip archive. Programs that are not handling
user-controlled zip archives are not affected.
References:
https://nvd.nist.gov/vuln/detail/CVE-2024-8088
Upstream-Patch:
7ae310c56a
(From OE-Core rev: 2d98276ba70ed6c44afecd42a7352f1b3030438f)
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
There is a LOW severity vulnerability affecting CPython, specifically the
'http.cookies' standard library module. When parsing cookies that contained
backslashes for quoted characters in the cookie value, the parser would use
an algorithm with quadratic complexity, resulting in excess CPU resources
being used while parsing the value.
References:
https://nvd.nist.gov/vuln/detail/CVE-2024-7592
Upstream-Patch:
dcc3eaef98
(From OE-Core rev: 3bb9684eef5227e7b1280ee9051884310b0d0b7f)
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for
remote code execution via its download functions. These functions, which are used to download
packages from URLs provided by users or retrieved from package index servers, are susceptible
to code injection. If these functions are exposed to user-controlled inputs, such as package
URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0.
References:
https://nvd.nist.gov/vuln/detail/CVE-2024-6345
Upstream-patch:
88807c7062
(From OE-Core rev: 468c5a4e12b9d38768b00151c55fd27b2b504f3b)
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
In native.bbclass, CFLAGS is overrided by 'CFLAGS = "${BUILD_CFLAGS}"',
this make "CFLAGS +=" not work for expect-native, use append to make it
also work for native.
(From OE-Core rev: 6974c6548cae62529d96d4ceb3a296707d4adae5)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
