* Re: [OE-core][kirkstone 00/27] Patch review
[not found] <16E7A00050A35F84.23874@lists.openembedded.org>
@ 2022-04-20 14:53 ` Steve Sakoman
2022-04-20 15:05 ` Khem Raj
2022-04-21 5:14 ` Randy MacLeod
0 siblings, 2 replies; 9+ messages in thread
From: Steve Sakoman @ 2022-04-20 14:53 UTC (permalink / raw)
To: steve; +Cc: openembedded-core
On Wed, Apr 20, 2022 at 4:08 AM Steve Sakoman via
lists.openembedded.org <steve=sakoman.com@lists.openembedded.org>
wrote:
>
> Please review this set of patches for kirkstone and have comments back by
> end of day Friday.
I'd particularly like feedback on the security/bug fix version updates
at the end of this series.
In the past I took these only on request.
Would people like me to be more proactive on this type of upgrade
(such as this series), or should I continue to take them only on
request?
Steve
>
> Passed a-full on autobuilder:
>
> https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3547
>
> The following changes since commit d2ba3b8850d461bc7b773240cdf15b22b31a3f9e:
>
> lua: fix CVE-2022-28805 (2022-04-19 14:02:08 +0100)
>
> are available in the Git repository at:
>
> git://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
> http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
>
> Alexander Kanavin (1):
> webkitgtk: adjust patch status
>
> Davide Gardenal (1):
> create-spdx: fix error when symlink cannot be created
>
> Ferry Toth (2):
> apt: add apt selftest to test signed package feeds
> package_manager: fix missing dependency on gnupg when signing deb
> package feeds
>
> Jon Mason (1):
> qemuarm64: use virtio pci interfaces
>
> Kai Kang (1):
> update_udev_hwdb: fix multilib issue with systemd
>
> Khem Raj (5):
> babeltrace: Disable warnings as errors
> xserver-xorg: Fix build with gcc12
> systemtap: Fix build with gcc-12
> gnupg: Disable FORTIFY_SOURCES on mips
> mdadm: Drop clang specific cflags
>
> Konrad Weihmann (2):
> git: correct license
> ncurses: use COPYING file
>
> Martin Jansa (1):
> systemd-boot: remove outdated EFI_LD comment
>
> Paulo Neves (1):
> selftest/lic_checksum: Add test for filename containing space
>
> Peter Kjellerstedt (2):
> u-boot: Correct the SRC_URI
> u-boot: Inherit pkgconfig
>
> Richard Purdie (1):
> buildtools-tarball: Only add cert envvars if certs are included
>
> Ross Burton (1):
> zlib: upgrade to 1.2.12
>
> wangmy (5):
> linux-firmware: upgrade 20220310 -> 20220411
> libsoup: upgrade 3.0.5 -> 3.0.6
> apt: upgrade 2.4.3 -> 2.4.4
> libusb1: upgrade 1.0.25 -> 1.0.26
> libgit2: upgrade 1.4.2 -> 1.4.3
>
> zhengruoqin (3):
> wireless-regdb: upgrade 2022.02.18 -> 2022.04.08
> git: upgrade 2.35.2 -> 2.35.3
> ruby: upgrade 3.1.1 -> 3.1.2
>
> meta/classes/create-spdx.bbclass | 10 +-
> meta/classes/sign_package_feed.bbclass | 1 +
> meta/conf/machine/qemuarm64.conf | 8 +-
> meta/lib/oeqa/runtime/cases/apt.py | 38 +-
> meta/lib/oeqa/selftest/cases/lic_checksum.py | 18 +
> meta/lib/oeqa/selftest/cases/runtime_test.py | 38 ++
> meta/recipes-bsp/u-boot/u-boot-common.inc | 6 +-
> meta/recipes-core/meta/buildtools-tarball.bb | 6 +-
> meta/recipes-core/ncurses/ncurses.inc | 2 +-
> .../systemd/systemd-boot_250.4.bb | 1 -
> meta/recipes-core/systemd/systemd_250.4.bb | 5 -
> meta/recipes-core/udev/eudev_3.2.10.bb | 4 -
> ...configure-Pass-LDFLAGS-to-link-tests.patch | 25 +-
> .../zlib/zlib/CVE-2018-25032.patch | 347 ------------------
> meta/recipes-core/zlib/zlib/cc.patch | 27 ++
> .../zlib/{zlib_1.2.11.bb => zlib_1.2.12.bb} | 7 +-
> .../apt/{apt_2.4.3.bb => apt_2.4.4.bb} | 2 +-
> .../git/{git_2.35.2.bb => git_2.35.3.bb} | 15 +-
> .../ruby/{ruby_3.1.1.bb => ruby_3.1.2.bb} | 2 +-
> meta/recipes-extended/mdadm/mdadm_4.2.bb | 2 -
> .../0001-render-Fix-build-with-gcc-12.patch | 90 +++++
> .../xorg-xserver/xserver-xorg_21.1.3.bb | 1 +
> ...20220310.bb => linux-firmware_20220411.bb} | 4 +-
> .../recipes-kernel/lttng/babeltrace2_2.0.4.bb | 2 +-
> ...ility-re-tweak-for-rhel6-use-functio.patch | 49 +++
> .../recipes-kernel/systemtap/systemtap_git.bb | 3 +-
> ....02.18.bb => wireless-regdb_2022.04.08.bb} | 2 +-
> ...spection.cmake-prefix-variables-obta.patch | 5 +-
> meta/recipes-support/gnupg/gnupg_2.3.4.bb | 3 +
> .../{libgit2_1.4.2.bb => libgit2_1.4.3.bb} | 2 +-
> .../{libsoup_3.0.5.bb => libsoup_3.0.6.bb} | 2 +-
> .../{libusb1_1.0.25.bb => libusb1_1.0.26.bb} | 2 +-
> scripts/postinst-intercepts/update_udev_hwdb | 5 +-
> 33 files changed, 322 insertions(+), 412 deletions(-)
> delete mode 100644 meta/recipes-core/zlib/zlib/CVE-2018-25032.patch
> create mode 100644 meta/recipes-core/zlib/zlib/cc.patch
> rename meta/recipes-core/zlib/{zlib_1.2.11.bb => zlib_1.2.12.bb} (83%)
> rename meta/recipes-devtools/apt/{apt_2.4.3.bb => apt_2.4.4.bb} (97%)
> rename meta/recipes-devtools/git/{git_2.35.2.bb => git_2.35.3.bb} (86%)
> rename meta/recipes-devtools/ruby/{ruby_3.1.1.bb => ruby_3.1.2.bb} (97%)
> create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-render-Fix-build-with-gcc-12.patch
> rename meta/recipes-kernel/linux-firmware/{linux-firmware_20220310.bb => linux-firmware_20220411.bb} (99%)
> create mode 100644 meta/recipes-kernel/systemtap/systemtap/0001-gcc12-c-compatibility-re-tweak-for-rhel6-use-functio.patch
> rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2022.02.18.bb => wireless-regdb_2022.04.08.bb} (94%)
> rename meta/recipes-support/libgit2/{libgit2_1.4.2.bb => libgit2_1.4.3.bb} (91%)
> rename meta/recipes-support/libsoup/{libsoup_3.0.5.bb => libsoup_3.0.6.bb} (94%)
> rename meta/recipes-support/libusb/{libusb1_1.0.25.bb => libusb1_1.0.26.bb} (94%)
>
> --
> 2.25.1
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#164668): https://lists.openembedded.org/g/openembedded-core/message/164668
> Mute This Topic: https://lists.openembedded.org/mt/90584508/3620601
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [steve@sakoman.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [OE-core][kirkstone 00/27] Patch review
2022-04-20 14:53 ` [OE-core][kirkstone 00/27] Patch review Steve Sakoman
@ 2022-04-20 15:05 ` Khem Raj
2022-04-21 5:14 ` Randy MacLeod
1 sibling, 0 replies; 9+ messages in thread
From: Khem Raj @ 2022-04-20 15:05 UTC (permalink / raw)
To: Steve Sakoman; +Cc: Patches and discussions about the oe-core layer
On Wed, Apr 20, 2022 at 7:54 AM Steve Sakoman <steve@sakoman.com> wrote:
>
> On Wed, Apr 20, 2022 at 4:08 AM Steve Sakoman via
> lists.openembedded.org <steve=sakoman.com@lists.openembedded.org>
> wrote:
> >
> > Please review this set of patches for kirkstone and have comments back by
> > end of day Friday.
>
> I'd particularly like feedback on the security/bug fix version updates
> at the end of this series.
>
> In the past I took these only on request.
>
> Would people like me to be more proactive on this type of upgrade
> (such as this series), or should I continue to take them only on
> request?
I think being proactive would be fine
>
> Steve
>
> >
> > Passed a-full on autobuilder:
> >
> > https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3547
> >
> > The following changes since commit d2ba3b8850d461bc7b773240cdf15b22b31a3f9e:
> >
> > lua: fix CVE-2022-28805 (2022-04-19 14:02:08 +0100)
> >
> > are available in the Git repository at:
> >
> > git://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
> > http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
> >
> > Alexander Kanavin (1):
> > webkitgtk: adjust patch status
> >
> > Davide Gardenal (1):
> > create-spdx: fix error when symlink cannot be created
> >
> > Ferry Toth (2):
> > apt: add apt selftest to test signed package feeds
> > package_manager: fix missing dependency on gnupg when signing deb
> > package feeds
> >
> > Jon Mason (1):
> > qemuarm64: use virtio pci interfaces
> >
> > Kai Kang (1):
> > update_udev_hwdb: fix multilib issue with systemd
> >
> > Khem Raj (5):
> > babeltrace: Disable warnings as errors
> > xserver-xorg: Fix build with gcc12
> > systemtap: Fix build with gcc-12
> > gnupg: Disable FORTIFY_SOURCES on mips
> > mdadm: Drop clang specific cflags
> >
> > Konrad Weihmann (2):
> > git: correct license
> > ncurses: use COPYING file
> >
> > Martin Jansa (1):
> > systemd-boot: remove outdated EFI_LD comment
> >
> > Paulo Neves (1):
> > selftest/lic_checksum: Add test for filename containing space
> >
> > Peter Kjellerstedt (2):
> > u-boot: Correct the SRC_URI
> > u-boot: Inherit pkgconfig
> >
> > Richard Purdie (1):
> > buildtools-tarball: Only add cert envvars if certs are included
> >
> > Ross Burton (1):
> > zlib: upgrade to 1.2.12
> >
> > wangmy (5):
> > linux-firmware: upgrade 20220310 -> 20220411
> > libsoup: upgrade 3.0.5 -> 3.0.6
> > apt: upgrade 2.4.3 -> 2.4.4
> > libusb1: upgrade 1.0.25 -> 1.0.26
> > libgit2: upgrade 1.4.2 -> 1.4.3
> >
> > zhengruoqin (3):
> > wireless-regdb: upgrade 2022.02.18 -> 2022.04.08
> > git: upgrade 2.35.2 -> 2.35.3
> > ruby: upgrade 3.1.1 -> 3.1.2
> >
> > meta/classes/create-spdx.bbclass | 10 +-
> > meta/classes/sign_package_feed.bbclass | 1 +
> > meta/conf/machine/qemuarm64.conf | 8 +-
> > meta/lib/oeqa/runtime/cases/apt.py | 38 +-
> > meta/lib/oeqa/selftest/cases/lic_checksum.py | 18 +
> > meta/lib/oeqa/selftest/cases/runtime_test.py | 38 ++
> > meta/recipes-bsp/u-boot/u-boot-common.inc | 6 +-
> > meta/recipes-core/meta/buildtools-tarball.bb | 6 +-
> > meta/recipes-core/ncurses/ncurses.inc | 2 +-
> > .../systemd/systemd-boot_250.4.bb | 1 -
> > meta/recipes-core/systemd/systemd_250.4.bb | 5 -
> > meta/recipes-core/udev/eudev_3.2.10.bb | 4 -
> > ...configure-Pass-LDFLAGS-to-link-tests.patch | 25 +-
> > .../zlib/zlib/CVE-2018-25032.patch | 347 ------------------
> > meta/recipes-core/zlib/zlib/cc.patch | 27 ++
> > .../zlib/{zlib_1.2.11.bb => zlib_1.2.12.bb} | 7 +-
> > .../apt/{apt_2.4.3.bb => apt_2.4.4.bb} | 2 +-
> > .../git/{git_2.35.2.bb => git_2.35.3.bb} | 15 +-
> > .../ruby/{ruby_3.1.1.bb => ruby_3.1.2.bb} | 2 +-
> > meta/recipes-extended/mdadm/mdadm_4.2.bb | 2 -
> > .../0001-render-Fix-build-with-gcc-12.patch | 90 +++++
> > .../xorg-xserver/xserver-xorg_21.1.3.bb | 1 +
> > ...20220310.bb => linux-firmware_20220411.bb} | 4 +-
> > .../recipes-kernel/lttng/babeltrace2_2.0.4.bb | 2 +-
> > ...ility-re-tweak-for-rhel6-use-functio.patch | 49 +++
> > .../recipes-kernel/systemtap/systemtap_git.bb | 3 +-
> > ....02.18.bb => wireless-regdb_2022.04.08.bb} | 2 +-
> > ...spection.cmake-prefix-variables-obta.patch | 5 +-
> > meta/recipes-support/gnupg/gnupg_2.3.4.bb | 3 +
> > .../{libgit2_1.4.2.bb => libgit2_1.4.3.bb} | 2 +-
> > .../{libsoup_3.0.5.bb => libsoup_3.0.6.bb} | 2 +-
> > .../{libusb1_1.0.25.bb => libusb1_1.0.26.bb} | 2 +-
> > scripts/postinst-intercepts/update_udev_hwdb | 5 +-
> > 33 files changed, 322 insertions(+), 412 deletions(-)
> > delete mode 100644 meta/recipes-core/zlib/zlib/CVE-2018-25032.patch
> > create mode 100644 meta/recipes-core/zlib/zlib/cc.patch
> > rename meta/recipes-core/zlib/{zlib_1.2.11.bb => zlib_1.2.12.bb} (83%)
> > rename meta/recipes-devtools/apt/{apt_2.4.3.bb => apt_2.4.4.bb} (97%)
> > rename meta/recipes-devtools/git/{git_2.35.2.bb => git_2.35.3.bb} (86%)
> > rename meta/recipes-devtools/ruby/{ruby_3.1.1.bb => ruby_3.1.2.bb} (97%)
> > create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-render-Fix-build-with-gcc-12.patch
> > rename meta/recipes-kernel/linux-firmware/{linux-firmware_20220310.bb => linux-firmware_20220411.bb} (99%)
> > create mode 100644 meta/recipes-kernel/systemtap/systemtap/0001-gcc12-c-compatibility-re-tweak-for-rhel6-use-functio.patch
> > rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2022.02.18.bb => wireless-regdb_2022.04.08.bb} (94%)
> > rename meta/recipes-support/libgit2/{libgit2_1.4.2.bb => libgit2_1.4.3.bb} (91%)
> > rename meta/recipes-support/libsoup/{libsoup_3.0.5.bb => libsoup_3.0.6.bb} (94%)
> > rename meta/recipes-support/libusb/{libusb1_1.0.25.bb => libusb1_1.0.26.bb} (94%)
> >
> > --
> > 2.25.1
> >
> >
> >
> >
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#164699): https://lists.openembedded.org/g/openembedded-core/message/164699
> Mute This Topic: https://lists.openembedded.org/mt/90584508/1997914
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [raj.khem@gmail.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [OE-core][kirkstone 00/27] Patch review
2022-04-20 14:53 ` [OE-core][kirkstone 00/27] Patch review Steve Sakoman
2022-04-20 15:05 ` Khem Raj
@ 2022-04-21 5:14 ` Randy MacLeod
2022-04-21 14:00 ` Steve Sakoman
1 sibling, 1 reply; 9+ messages in thread
From: Randy MacLeod @ 2022-04-21 5:14 UTC (permalink / raw)
To: Steve Sakoman; +Cc: Patches and discussions about the oe-core layer
[-- Attachment #1: Type: text/plain, Size: 3203 bytes --]
On Wed., Apr. 20, 2022, 10:54 Steve Sakoman, <steve@sakoman.com> wrote:
> On Wed, Apr 20, 2022 at 4:08 AM Steve Sakoman via
> lists.openembedded.org <steve=sakoman.com@lists.openembedded.org>
> wrote:
> >
> > Please review this set of patches for kirkstone and have comments back by
> > end of day Friday.
>
> I'd particularly like feedback on the security/bug fix version updates
> at the end of this series.
>
> In the past I took these only on request.
>
> Would people like me to be more proactive on this type of upgrade
> (such as this series), or should I continue to take them only on
> request?
>
Proactive but reasonably cautious. ;-)
Some comments below.
> Steve
>
> >
> > Passed a-full on autobuilder:
> >
> > https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3547
> >
> > The following changes since commit
> d2ba3b8850d461bc7b773240cdf15b22b31a3f9e:
> >
> > lua: fix CVE-2022-28805 (2022-04-19 14:02:08 +0100)
> >
> > are available in the Git repository at:
> >
> > git://git.openembedded.org/openembedded-core-contrib
> stable/kirkstone-nut
> >
> http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
> >
> > Alexander Kanavin (1):
> > webkitgtk: adjust patch status
> >
> > Davide Gardenal (1):
> > create-spdx: fix error when symlink cannot be created
> >
> > Ferry Toth (2):
> > apt: add apt selftest to test signed package feeds
> > package_manager: fix missing dependency on gnupg when signing deb
> > package feeds
> >
> > Jon Mason (1):
> > qemuarm64: use virtio pci interfaces
> >
> > Kai Kang (1):
> > update_udev_hwdb: fix multilib issue with systemd
> >
> > Khem Raj (5):
> > babeltrace: Disable warnings as errors
> > xserver-xorg: Fix build with gcc12
> > systemtap: Fix build with gcc-12
> > gnupg: Disable FORTIFY_SOURCES on mips
> > mdadm: Drop clang specific cflags
> >
> > Konrad Weihmann (2):
> > git: correct license
> > ncurses: use COPYING file
> >
> > Martin Jansa (1):
> > systemd-boot: remove outdated EFI_LD comment
> >
> > Paulo Neves (1):
> > selftest/lic_checksum: Add test for filename containing space
> >
> > Peter Kjellerstedt (2):
> > u-boot: Correct the SRC_URI
> > u-boot: Inherit pkgconfig
> >
> > Richard Purdie (1):
> > buildtools-tarball: Only add cert envvars if certs are included
> >
> > Ross Burton (1):
> > zlib: upgrade to 1.2.12
> >
> > wangmy (5):
> > linux-firmware: upgrade 20220310 -> 20220411
>
It's firmware so it should be fine but I don't know much about such things.
Have firmware updates ever broken older kernels?
Certainly there could be performance degradation. I guess it's a release
note item for others to worry about.
> libsoup: upgrade 3.0.5 -> 3.0.6
> > apt: upgrade 2.4.3 -> 2.4.4
> > libusb1: upgrade 1.0.25 -> 1.0.26
> > libgit2: upgrade 1.4.2 -> 1.4.3
> >
> > zhengruoqin (3):
> > wireless-regdb: upgrade 2022.02.18 -> 2022.04.08
> > git: upgrade 2.35.2 -> 2.35.3
> > ruby: upgrade 3.1.1 -> 3.1.2
>
These all seem like bug fix only updates.
Are you assuming that third number updates don't change API/ABI or looking
at commit summaries, git logs, or using a tool?
Thanks Steve.
Randy
>< snip ><
[-- Attachment #2: Type: text/html, Size: 5639 bytes --]
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [OE-core][kirkstone 00/27] Patch review
2022-04-21 5:14 ` Randy MacLeod
@ 2022-04-21 14:00 ` Steve Sakoman
2022-04-21 14:27 ` Randy MacLeod
0 siblings, 1 reply; 9+ messages in thread
From: Steve Sakoman @ 2022-04-21 14:00 UTC (permalink / raw)
To: Randy MacLeod; +Cc: Patches and discussions about the oe-core layer
On Wed, Apr 20, 2022 at 7:14 PM Randy MacLeod <rwmacleod@gmail.com> wrote:
>
>
>
> On Wed., Apr. 20, 2022, 10:54 Steve Sakoman, <steve@sakoman.com> wrote:
>>
>> On Wed, Apr 20, 2022 at 4:08 AM Steve Sakoman via
>> lists.openembedded.org <steve=sakoman.com@lists.openembedded.org>
>> wrote:
>> >
>> > Please review this set of patches for kirkstone and have comments back by
>> > end of day Friday.
>>
>> I'd particularly like feedback on the security/bug fix version updates
>> at the end of this series.
>>
>> In the past I took these only on request.
>>
>> Would people like me to be more proactive on this type of upgrade
>> (such as this series), or should I continue to take them only on
>> request?
>
>
> Proactive but reasonably cautious. ;-)
That's my feeling too.
>> > Passed a-full on autobuilder:
>> >
>> > https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3547
>> >
>> > The following changes since commit d2ba3b8850d461bc7b773240cdf15b22b31a3f9e:
>> >
>> > lua: fix CVE-2022-28805 (2022-04-19 14:02:08 +0100)
>> >
>> > are available in the Git repository at:
>> >
>> > git://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
>> > http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
>> >
>> > Alexander Kanavin (1):
>> > webkitgtk: adjust patch status
>> >
>> > Davide Gardenal (1):
>> > create-spdx: fix error when symlink cannot be created
>> >
>> > Ferry Toth (2):
>> > apt: add apt selftest to test signed package feeds
>> > package_manager: fix missing dependency on gnupg when signing deb
>> > package feeds
>> >
>> > Jon Mason (1):
>> > qemuarm64: use virtio pci interfaces
>> >
>> > Kai Kang (1):
>> > update_udev_hwdb: fix multilib issue with systemd
>> >
>> > Khem Raj (5):
>> > babeltrace: Disable warnings as errors
>> > xserver-xorg: Fix build with gcc12
>> > systemtap: Fix build with gcc-12
>> > gnupg: Disable FORTIFY_SOURCES on mips
>> > mdadm: Drop clang specific cflags
>> >
>> > Konrad Weihmann (2):
>> > git: correct license
>> > ncurses: use COPYING file
>> >
>> > Martin Jansa (1):
>> > systemd-boot: remove outdated EFI_LD comment
>> >
>> > Paulo Neves (1):
>> > selftest/lic_checksum: Add test for filename containing space
>> >
>> > Peter Kjellerstedt (2):
>> > u-boot: Correct the SRC_URI
>> > u-boot: Inherit pkgconfig
>> >
>> > Richard Purdie (1):
>> > buildtools-tarball: Only add cert envvars if certs are included
>> >
>> > Ross Burton (1):
>> > zlib: upgrade to 1.2.12
>> >
>> > wangmy (5):
>> > linux-firmware: upgrade 20220310 -> 20220411
>
>
>
> It's firmware so it should be fine but I don't know much about such things. Have firmware updates ever broken older kernels?
> Certainly there could be performance degradation. I guess it's a release note item for others to worry about.
I've been doing these regularly for dunfell and it hasn't been an
issue in the past two years.
>> > libsoup: upgrade 3.0.5 -> 3.0.6
>> > apt: upgrade 2.4.3 -> 2.4.4
>> > libusb1: upgrade 1.0.25 -> 1.0.26
>> > libgit2: upgrade 1.4.2 -> 1.4.3
>> >
>> > zhengruoqin (3):
>> > wireless-regdb: upgrade 2022.02.18 -> 2022.04.08
>> > git: upgrade 2.35.2 -> 2.35.3
>> > ruby: upgrade 3.1.1 -> 3.1.2
>
>
> These all seem like bug fix only updates.
> Are you assuming that third number updates don't change API/ABI or looking at commit summaries, git logs, or using a tool?
Yes, my criteria for including is that they are bug/security only updates.
I don't assume anything from the version number, I review the release
notes (if any) and the git logs. In many cases the version updates in
master don't include this info in the commit message. In that case I
add either the release notes or the git log to the commit message when
cherry-picking from master.
So it is a time consuming manual process :-)
BTW, those who include release notes or commit logs in their version
bumps get smiles and brownie points from me!
Steve
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [OE-core][kirkstone 00/27] Patch review
2022-04-21 14:00 ` Steve Sakoman
@ 2022-04-21 14:27 ` Randy MacLeod
0 siblings, 0 replies; 9+ messages in thread
From: Randy MacLeod @ 2022-04-21 14:27 UTC (permalink / raw)
To: Steve Sakoman, Randy MacLeod
Cc: Patches and discussions about the oe-core layer
On 2022-04-21 10:00, Steve Sakoman wrote:
> On Wed, Apr 20, 2022 at 7:14 PM Randy MacLeod <rwmacleod@gmail.com> wrote:
>>
>> On Wed., Apr. 20, 2022, 10:54 Steve Sakoman, <steve@sakoman.com> wrote:
>>> On Wed, Apr 20, 2022 at 4:08 AM Steve Sakoman via
>>> lists.openembedded.org <steve=sakoman.com@lists.openembedded.org>
>>> wrote:
>>>> Please review this set of patches for kirkstone and have comments back by
>>>> end of day Friday.
>>> I'd particularly like feedback on the security/bug fix version updates
>>> at the end of this series.
>>>
>>> In the past I took these only on request.
>>>
>>> Would people like me to be more proactive on this type of upgrade
>>> (such as this series), or should I continue to take them only on
>>> request?
>> Proactive but reasonably cautious. ;-)
> That's my feeling too.
>
>>>> Passed a-full on autobuilder:
>>>>
>>>> https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3547
>>>>
>>>> The following changes since commit d2ba3b8850d461bc7b773240cdf15b22b31a3f9e:
>>>>
>>>> lua: fix CVE-2022-28805 (2022-04-19 14:02:08 +0100)
>>>>
>>>> are available in the Git repository at:
>>>>
>>>> git://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
>>>> http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
>>>>
>>>> Alexander Kanavin (1):
>>>> webkitgtk: adjust patch status
>>>>
>>>> Davide Gardenal (1):
>>>> create-spdx: fix error when symlink cannot be created
>>>>
>>>> Ferry Toth (2):
>>>> apt: add apt selftest to test signed package feeds
>>>> package_manager: fix missing dependency on gnupg when signing deb
>>>> package feeds
>>>>
>>>> Jon Mason (1):
>>>> qemuarm64: use virtio pci interfaces
>>>>
>>>> Kai Kang (1):
>>>> update_udev_hwdb: fix multilib issue with systemd
>>>>
>>>> Khem Raj (5):
>>>> babeltrace: Disable warnings as errors
>>>> xserver-xorg: Fix build with gcc12
>>>> systemtap: Fix build with gcc-12
>>>> gnupg: Disable FORTIFY_SOURCES on mips
>>>> mdadm: Drop clang specific cflags
>>>>
>>>> Konrad Weihmann (2):
>>>> git: correct license
>>>> ncurses: use COPYING file
>>>>
>>>> Martin Jansa (1):
>>>> systemd-boot: remove outdated EFI_LD comment
>>>>
>>>> Paulo Neves (1):
>>>> selftest/lic_checksum: Add test for filename containing space
>>>>
>>>> Peter Kjellerstedt (2):
>>>> u-boot: Correct the SRC_URI
>>>> u-boot: Inherit pkgconfig
>>>>
>>>> Richard Purdie (1):
>>>> buildtools-tarball: Only add cert envvars if certs are included
>>>>
>>>> Ross Burton (1):
>>>> zlib: upgrade to 1.2.12
>>>>
>>>> wangmy (5):
>>>> linux-firmware: upgrade 20220310 -> 20220411
>>
>> It's firmware so it should be fine but I don't know much about such things. Have firmware updates ever broken older kernels?
>> Certainly there could be performance degradation. I guess it's a release note item for others to worry about.
> I've been doing these regularly for dunfell and it hasn't been an
> issue in the past two years.
As expected but that's good to hear.
>
>>>> libsoup: upgrade 3.0.5 -> 3.0.6
>>>> apt: upgrade 2.4.3 -> 2.4.4
>>>> libusb1: upgrade 1.0.25 -> 1.0.26
>>>> libgit2: upgrade 1.4.2 -> 1.4.3
>>>>
>>>> zhengruoqin (3):
>>>> wireless-regdb: upgrade 2022.02.18 -> 2022.04.08
>>>> git: upgrade 2.35.2 -> 2.35.3
>>>> ruby: upgrade 3.1.1 -> 3.1.2
>> These all seem like bug fix only updates.
>> Are you assuming that third number updates don't change API/ABI or looking at commit summaries, git logs, or using a tool?
> Yes, my criteria for including is that they are bug/security only updates.
>
> I don't assume anything from the version number, I review the release
> notes (if any) and the git logs. In many cases the version updates in
> master don't include this info in the commit message. In that case I
> add either the release notes or the git log to the commit message when
> cherry-picking from master.
That's great. The only better response would be if we could run API/ABI
test.
I'll see if that's something that we can work on for release branches
but no promises
or timeline for that so far.
>
> So it is a time consuming manual process :-)
It is; thanks for the careful work.
>
> BTW, those who include release notes or commit logs in their version
> bumps get smiles and brownie points from me!
+1
../Randy
>
> Steve
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#164762): https://lists.openembedded.org/g/openembedded-core/message/164762
> Mute This Topic: https://lists.openembedded.org/mt/90584508/3616765
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [randy.macleod@windriver.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
--
# Randy MacLeod
# Wind River Linux
^ permalink raw reply [flat|nested] 9+ messages in thread
* [OE-core][kirkstone 00/27] Patch review
@ 2023-07-18 14:25 Steve Sakoman
0 siblings, 0 replies; 9+ messages in thread
From: Steve Sakoman @ 2023-07-18 14:25 UTC (permalink / raw)
To: openembedded-core
Please review this set of patches for kirkstone and have comments back by
end of day Thursday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5608
with the exception of a known intermittent issue on oe-selftest-ubuntu involving
a regression introduced in recent kernel stable branch updates:
https://bugzilla.yoctoproject.org/show_bug.cgi?id=15138
This will be fixed in an upcoming linux-yocto version bump, see thread below
for details:
https://lists.openembedded.org/g/openembedded-core/topic/99542122#182828
The following changes since commit 200c2783b3f8546f561382fff6bd5268680d403a:
cve-update-nvd2-native: actually use API keys (2023-07-13 06:39:45 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Alberto Planas (1):
bitbake.conf: add unzstd in HOSTTOOLS
Alexander Kanavin (5):
serf: upgrade 1.3.9 -> 1.3.10
wget: upgrade 1.21.3 -> 1.21.4
linux-firmware: upgrade 20230404 -> 20230515
wireless-regdb: upgrade 2023.02.13 -> 2023.05.03
sysfsutils: fetch a supported fork from github
Alexander Sverdlin (1):
rust-llvm: backport a fix for build with gcc-13
Chen Qi (4):
sdk.py: error out when moving file fails
sdk.py: fix moving dnf contents
zip: fix configure check by using _Static_assert
unzip: fix configure check for cross compilation
Heiko Thole (1):
wic: Add dependencies for erofs-utils
Hitendra Prajapati (1):
bind : fix CVE-2023-2828 & CVE-2023-2911
Jermain Horsman (1):
logrotate: Do not create logrotate.status file
Jose Quaresma (1):
selftest/reproducible: Allow chose the package manager
Marek Vasut (1):
systemd: Backport nspawn: make sure host root can write to the
uidmapped mounts we prepare for the container payload
Mauro Queiros (1):
pybootchartgui: show elapsed time for each task
Mikko Rapeli (1):
selftest reproducible.py: support different build targets
Nikhil R (1):
libpng: Add ptest for libpng
Poonam Jadhav (1):
libx11: Fix CVE-2023-3138 for kirkstone branch
Ross Burton (1):
tzdata: upgrade to 2023c
Soumya (2):
perl: Fix CVE-2023-31486
libwebp: Fix CVE-2023-1999
Tom Hochstein (1):
cmake: Fix CMAKE_SYSTEM_PROCESSOR setting for SDK
Trevor Gamblin (1):
vim: upgrade 9.0.1527 -> 9.0.1592
Vijay Anusuri (1):
sqlite3: CVE-2023-36191 CLI fault on missing -nonce
Vivek Kumbhar (1):
curl: Added CVE-2023-28320 Follow-up patch
meta/classes/image_types_wic.bbclass | 2 +-
meta/conf/bitbake.conf | 2 +-
.../distro/include/ptest-packagelists.inc | 1 +
meta/lib/oe/package_manager/rpm/sdk.py | 3 +-
meta/lib/oe/sdk.py | 2 +-
meta/lib/oeqa/selftest/cases/reproducible.py | 14 +-
.../bind/bind-9.18.11/CVE-2023-2828.patch | 197 ++++++++++++
.../bind/bind-9.18.11/CVE-2023-2911.patch | 97 ++++++
.../recipes-connectivity/bind/bind_9.18.11.bb | 2 +
meta/recipes-core/meta/wic-tools.bb | 2 +-
.../sysfsutils/sysfsutils_2.1.0.bb | 10 +-
...-host-root-can-write-to-the-uidmappe.patch | 216 +++++++++++++
meta/recipes-core/systemd/systemd_250.5.bb | 1 +
.../cmake/cmake/OEToolchainConfig.cmake | 5 +-
.../perl/files/CVE-2023-31486-0001.patch | 215 +++++++++++++
.../perl/files/CVE-2023-31486-0002.patch | 36 +++
meta/recipes-devtools/perl/perl_5.34.1.bb | 2 +
meta/recipes-devtools/rust/rust-llvm.inc | 4 +-
...-missing-cstdint-header-to-Signals.h.patch | 32 ++
.../logrotate/logrotate_3.20.1.bb | 1 -
meta/recipes-extended/timezone/timezone.inc | 6 +-
.../timezone/tzcode-native.bb | 2 -
...0001-Fix-C23-related-conformance-bug.patch | 301 ------------------
...-fix-detection-for-cross-compilation.patch | 103 ++++++
meta/recipes-extended/unzip/unzip_6.0.bb | 1 +
meta/recipes-extended/wget/wget.inc | 2 +-
.../wget/{wget_1.21.3.bb => wget_1.21.4.bb} | 2 +-
...se-_Static_assert-to-do-correct-dete.patch | 96 ++++++
meta/recipes-extended/zip/zip_3.0.bb | 1 +
.../xorg-lib/libx11/CVE-2023-3138.patch | 111 +++++++
.../xorg-lib/libx11_1.7.3.1.bb | 1 +
...20230404.bb => linux-firmware_20230515.bb} | 4 +-
....02.13.bb => wireless-regdb_2023.05.03.bb} | 2 +-
.../recipes-multimedia/libpng/files/run-ptest | 29 ++
.../libpng/libpng_1.6.39.bb | 16 +-
.../webp/files/CVE-2023-1999.patch | 60 ++++
meta/recipes-multimedia/webp/libwebp_1.2.4.bb | 4 +-
.../curl/curl/CVE-2023-28320-fol1.patch | 197 ++++++++++++
meta/recipes-support/curl/curl_7.82.0.bb | 1 +
...print-in-the-scons-file-to-unbreak-b.patch | 29 --
...sl_buckets.c-do-not-use-ERR_GET_FUNC.patch | 28 --
...11083-fix-building-with-scons-3.0.0-.patch | 29 --
...ories.without.sandbox-install.prefix.patch | 2 +-
.../serf/{serf_1.3.9.bb => serf_1.3.10.bb} | 6 +-
.../sqlite/files/CVE-2023-36191.patch | 37 +++
meta/recipes-support/sqlite/sqlite3_3.38.5.bb | 1 +
meta/recipes-support/vim/vim.inc | 4 +-
scripts/lib/wic/misc.py | 1 +
scripts/pybootchartgui/pybootchartgui/draw.py | 5 +
49 files changed, 1496 insertions(+), 429 deletions(-)
create mode 100644 meta/recipes-connectivity/bind/bind-9.18.11/CVE-2023-2828.patch
create mode 100644 meta/recipes-connectivity/bind/bind-9.18.11/CVE-2023-2911.patch
create mode 100644 meta/recipes-core/systemd/systemd/0001-nspawn-make-sure-host-root-can-write-to-the-uidmappe.patch
create mode 100644 meta/recipes-devtools/perl/files/CVE-2023-31486-0001.patch
create mode 100644 meta/recipes-devtools/perl/files/CVE-2023-31486-0002.patch
create mode 100644 meta/recipes-devtools/rust/rust-llvm/0003-Support-Add-missing-cstdint-header-to-Signals.h.patch
delete mode 100644 meta/recipes-extended/timezone/tzcode/0001-Fix-C23-related-conformance-bug.patch
create mode 100644 meta/recipes-extended/unzip/unzip/0001-unix-configure-fix-detection-for-cross-compilation.patch
rename meta/recipes-extended/wget/{wget_1.21.3.bb => wget_1.21.4.bb} (60%)
create mode 100644 meta/recipes-extended/zip/zip-3.0/0001-unix-configure-use-_Static_assert-to-do-correct-dete.patch
create mode 100644 meta/recipes-graphics/xorg-lib/libx11/CVE-2023-3138.patch
rename meta/recipes-kernel/linux-firmware/{linux-firmware_20230404.bb => linux-firmware_20230515.bb} (99%)
rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2023.02.13.bb => wireless-regdb_2023.05.03.bb} (94%)
create mode 100644 meta/recipes-multimedia/libpng/files/run-ptest
create mode 100644 meta/recipes-multimedia/webp/files/CVE-2023-1999.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2023-28320-fol1.patch
delete mode 100644 meta/recipes-support/serf/serf/0001-Fix-syntax-of-a-print-in-the-scons-file-to-unbreak-b.patch
delete mode 100644 meta/recipes-support/serf/serf/0001-buckets-ssl_buckets.c-do-not-use-ERR_GET_FUNC.patch
delete mode 100644 meta/recipes-support/serf/serf/0004-Follow-up-to-r1811083-fix-building-with-scons-3.0.0-.patch
rename meta/recipes-support/serf/{serf_1.3.9.bb => serf_1.3.10.bb} (78%)
create mode 100644 meta/recipes-support/sqlite/files/CVE-2023-36191.patch
--
2.34.1
^ permalink raw reply [flat|nested] 9+ messages in thread
* [OE-core][kirkstone 00/27] Patch review
@ 2023-02-12 21:10 Steve Sakoman
0 siblings, 0 replies; 9+ messages in thread
From: Steve Sakoman @ 2023-02-12 21:10 UTC (permalink / raw)
To: openembedded-core
Please review these patches for kirkstone and have comments back by end
of day Tuesday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4921
The following changes since commit cb64ace13db85e143d99627c8803fbb13ba18617:
Fix missing leading whitespace with ':append' (2023-02-01 04:16:52 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Alejandro Hernandez Samaniego (1):
testimage: Fix error message to reflect new syntax
Alexander Kanavin (3):
vulkan-samples: branch rename master -> main
gdk-pixbuf: do not use tools from gdk-pixbuf-native when building
tests
oeqa/qemurunner: do not use Popen.poll() when terminating runqemu with
a signal
Arnout Vandecappelle (1):
python3-pytest: depend on python3-tomli instead of python3-toml
Bruce Ashfield (2):
linux-yocto/5.15: update to v5.15.89
linux-yocto/5.15: update to v5.15.91
Changqing Li (1):
apt: fix do_package_qa failure
Chee Yang Lee (1):
git: upgrade to 2.35.6
Harald Seiler (1):
bootchart2: Fix usrmerge support
Khem Raj (2):
scons: Pass MAXLINELENGTH to scons invocation
scons.bbclass: Make MAXLINELENGTH overridable
Louis Rannou (1):
oeqa/selftest/locales: Add selftest for locale generation/presence
Martin Jansa (1):
meta: remove True option to getVar and getVarFlag calls (again)
Mikko Rapeli (1):
oeqa context.py: fix --target-ip comment to include ssh port number
Mingli Yu (1):
glslang: branch rename master -> main
Narpat Mali (1):
python3-certifi: fix for CVE-2022-23491
Pawel Zalewski (1):
classes/fs-uuid: Fix command output decoding issue
Richard Purdie (3):
kernel/linux-kernel-base: Fix kernel build artefact determinism issues
make-mod-scripts: Ensure kernel build output is deterministic
libc-locale: Fix on target locale generation
Ross Burton (4):
git: ignore CVE-2022-41953
buildtools-tarball: set pkg-config search path
sdkext/cases/devtool: pass a logger to HTTPService
httpserver: add error handler that write to the logger
Ulrich Ölmann (2):
recipe_sanity: fix old override syntax
lsof: fix old override syntax
meta/classes/fs-uuid.bbclass | 2 +-
meta/classes/image.bbclass | 2 +-
meta/classes/kernel.bbclass | 3 -
meta/classes/libc-package.bbclass | 1 +
meta/classes/license_image.bbclass | 2 +-
meta/classes/linux-kernel-base.bbclass | 4 +
meta/classes/recipe_sanity.bbclass | 2 +-
meta/classes/scons.bbclass | 8 +-
meta/classes/testimage.bbclass | 2 +-
meta/lib/oe/package_manager/deb/__init__.py | 8 +-
meta/lib/oeqa/runtime/context.py | 4 +-
meta/lib/oeqa/sdkext/cases/devtool.py | 2 +-
meta/lib/oeqa/selftest/cases/locales.py | 45 ++++
meta/lib/oeqa/utils/httpserver.py | 6 +
meta/lib/oeqa/utils/qemurunner.py | 11 +-
meta/recipes-core/meta/buildtools-tarball.bb | 3 +
meta/recipes-devtools/apt/apt_2.4.5.bb | 1 +
.../0001-bootchart2-support-usrmerge.patch | 37 ---
.../bootchart2/bootchart2_0.14.9.bb | 11 +-
.../git/{git_2.35.5.bb => git_2.35.6.bb} | 4 +-
meta/recipes-devtools/go/go_1.17.13.bb | 4 +-
.../python3-certifi/CVE-2022-23491.patch | 230 ++++++++++++++++++
.../python/python3-certifi_2021.10.8.bb | 2 +
.../python/python3-pytest_7.1.1.bb | 2 +-
meta/recipes-devtools/rust/rust-common.inc | 2 +-
meta/recipes-devtools/rust/rust.inc | 20 +-
meta/recipes-extended/lsof/lsof_4.94.0.bb | 2 +-
.../0001-Add-use_prebuilt_tools-option.patch | 173 -------------
...w-a-subset-of-tests-in-cross-compile.patch | 66 +++++
.../gdk-pixbuf/gdk-pixbuf_2.42.10.bb | 17 +-
.../glslang/glslang_1.3.204.1.bb | 2 +-
.../vulkan/vulkan-samples_git.bb | 2 +-
.../linux/linux-yocto-rt_5.15.bb | 6 +-
.../linux/linux-yocto-tiny_5.15.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 +-
.../make-mod-scripts/make-mod-scripts_1.0.bb | 2 +-
scripts/contrib/image-manifest | 2 +-
scripts/lib/devtool/menuconfig.py | 2 +-
38 files changed, 432 insertions(+), 292 deletions(-)
create mode 100644 meta/lib/oeqa/selftest/cases/locales.py
delete mode 100644 meta/recipes-devtools/bootchart2/bootchart2/0001-bootchart2-support-usrmerge.patch
rename meta/recipes-devtools/git/{git_2.35.5.bb => git_2.35.6.bb} (97%)
create mode 100644 meta/recipes-devtools/python/python3-certifi/CVE-2022-23491.patch
delete mode 100644 meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-Add-use_prebuilt_tools-option.patch
create mode 100644 meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-meson.build-allow-a-subset-of-tests-in-cross-compile.patch
--
2.34.1
^ permalink raw reply [flat|nested] 9+ messages in thread
* [OE-core][kirkstone 00/27] Patch review
@ 2022-07-14 4:35 Steve Sakoman
0 siblings, 0 replies; 9+ messages in thread
From: Steve Sakoman @ 2022-07-14 4:35 UTC (permalink / raw)
To: openembedded-core
Please review this set of patches for kirkstone and have comments back by end
of day Friday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3911
with the exception of an intermittent autobuilder issue on qemumips-alt which
passed on subsequent retest:
https://autobuilder.yoctoproject.org/typhoon/#/builders/102/builds/3279
The following changes since commit 4667abcc925ae0c430cccb480ec530506f6201ae:
dropbear: break dependency on base package for -dev package (2022-07-01 08:35:07 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Alexander Kanavin (6):
openssl: update 3.0.4 -> 3.0.5
gstreamer1.0: upgrade 1.20.2 -> 1.20.3
weston: update 10.0.0 -> 10.0.1
glib-2.0: upgrade 2.72.2 -> 2.72.3
glib-networking: upgrade 2.72.0 -> 2.72.1
libsoup: upgrade 3.0.6 -> 3.0.7
Richard Purdie (2):
qemu: Avoid accidental librdmacm linkage
glibc-tests: Avoid reproducibility issues
Ross Burton (2):
tiff: backport the fix for CVE-2022-2056, CVE-2022-2057, and
CVE-2022-2058
vim: upgrade to 9.0.0021
Sakib Sajal (1):
u-boot: fix CVE-2022-34835
Steve Sakoman (3):
ruby: add PACKAGECONFIG for capstone
qemu: add PACKAGECONFIG for capstone
qemu: Avoid accidental libvdeplug linkage
Sundeep KOKKONDA (2):
glibc: stable 2.35 branch updates
binutils : stable 2.38 branch updates
Wentao Zhang (1):
harfbuzz: fix CVE-2022-33068
wangmy (10):
gst-devtools: upgrade 1.20.2 -> 1.20.3
gstreamer1.0-libav: upgrade 1.20.2 -> 1.20.3
gstreamer1.0-omx: upgrade 1.20.2 -> 1.20.3
gstreamer1.0-plugins-bad: upgrade 1.20.2 -> 1.20.3
gstreamer1.0-plugins-base: upgrade 1.20.2 -> 1.20.3
gstreamer1.0-plugins-good: upgrade 1.20.2 -> 1.20.3
gstreamer1.0-plugins-ugly: upgrade 1.20.2 -> 1.20.3
gstreamer1.0-python: upgrade 1.20.2 -> 1.20.3
gstreamer1.0-rtsp-server: upgrade 1.20.2 -> 1.20.3
gstreamer1.0-vaapi: upgrade 1.20.2 -> 1.20.3
...ffer-overflow-vulnerability-in-i2c-m.patch | 126 ++++++++++++
meta/recipes-bsp/u-boot/u-boot_2022.01.bb | 1 +
.../{openssl_3.0.4.bb => openssl_3.0.5.bb} | 2 +-
.../glib-2.0/glib-2.0/relocate-modules.patch | 2 +-
...{glib-2.0_2.72.2.bb => glib-2.0_2.72.3.bb} | 2 +-
...ng_2.72.0.bb => glib-networking_2.72.1.bb} | 2 +-
meta/recipes-core/glibc/glibc-tests_2.35.bb | 3 +
meta/recipes-core/glibc/glibc-version.inc | 2 +-
.../glibc/glibc/reproducible-paths.patch | 23 +++
.../binutils/binutils-2.38.inc | 2 +-
meta/recipes-devtools/qemu/qemu.inc | 3 +
meta/recipes-devtools/ruby/ruby_3.1.2.bb | 1 +
.../harfbuzz/harfbuzz/CVE-2022-33068.patch | 35 ++++
.../harfbuzz/harfbuzz_4.0.1.bb | 3 +-
.../{weston_10.0.0.bb => weston_10.0.1.bb} | 4 +-
...tools_1.20.2.bb => gst-devtools_1.20.3.bb} | 2 +-
...1.20.2.bb => gstreamer1.0-libav_1.20.3.bb} | 2 +-
...x_1.20.2.bb => gstreamer1.0-omx_1.20.3.bb} | 2 +-
....bb => gstreamer1.0-plugins-bad_1.20.3.bb} | 2 +-
...bb => gstreamer1.0-plugins-base_1.20.3.bb} | 2 +-
...bb => gstreamer1.0-plugins-good_1.20.3.bb} | 2 +-
...bb => gstreamer1.0-plugins-ugly_1.20.3.bb} | 2 +-
....20.2.bb => gstreamer1.0-python_1.20.3.bb} | 2 +-
....bb => gstreamer1.0-rtsp-server_1.20.3.bb} | 2 +-
...1.20.2.bb => gstreamer1.0-vaapi_1.20.3.bb} | 2 +-
...er1.0_1.20.2.bb => gstreamer1.0_1.20.3.bb} | 2 +-
...-the-FPE-in-tiffcrop-415-427-and-428.patch | 182 ++++++++++++++++++
meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 1 +
.../{libsoup_3.0.6.bb => libsoup_3.0.7.bb} | 2 +-
meta/recipes-support/vim/vim.inc | 4 +-
30 files changed, 399 insertions(+), 23 deletions(-)
create mode 100644 meta/recipes-bsp/u-boot/files/0001-i2c-fix-stack-buffer-overflow-vulnerability-in-i2c-m.patch
rename meta/recipes-connectivity/openssl/{openssl_3.0.4.bb => openssl_3.0.5.bb} (99%)
rename meta/recipes-core/glib-2.0/{glib-2.0_2.72.2.bb => glib-2.0_2.72.3.bb} (96%)
rename meta/recipes-core/glib-networking/{glib-networking_2.72.0.bb => glib-networking_2.72.1.bb} (93%)
create mode 100644 meta/recipes-core/glibc/glibc/reproducible-paths.patch
create mode 100644 meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2022-33068.patch
rename meta/recipes-graphics/wayland/{weston_10.0.0.bb => weston_10.0.1.bb} (97%)
rename meta/recipes-multimedia/gstreamer/{gst-devtools_1.20.2.bb => gst-devtools_1.20.3.bb} (95%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-libav_1.20.2.bb => gstreamer1.0-libav_1.20.3.bb} (91%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-omx_1.20.2.bb => gstreamer1.0-omx_1.20.3.bb} (95%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-bad_1.20.2.bb => gstreamer1.0-plugins-bad_1.20.3.bb} (98%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-base_1.20.2.bb => gstreamer1.0-plugins-base_1.20.3.bb} (97%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-good_1.20.2.bb => gstreamer1.0-plugins-good_1.20.3.bb} (97%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-ugly_1.20.2.bb => gstreamer1.0-plugins-ugly_1.20.3.bb} (94%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-python_1.20.2.bb => gstreamer1.0-python_1.20.3.bb} (91%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-rtsp-server_1.20.2.bb => gstreamer1.0-rtsp-server_1.20.3.bb} (90%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-vaapi_1.20.2.bb => gstreamer1.0-vaapi_1.20.3.bb} (95%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0_1.20.2.bb => gstreamer1.0_1.20.3.bb} (97%)
create mode 100644 meta/recipes-multimedia/libtiff/tiff/0001-fix-the-FPE-in-tiffcrop-415-427-and-428.patch
rename meta/recipes-support/libsoup/{libsoup_3.0.6.bb => libsoup_3.0.7.bb} (94%)
--
2.25.1
^ permalink raw reply [flat|nested] 9+ messages in thread
* [OE-core][kirkstone 00/27] Patch review
@ 2022-04-20 14:07 Steve Sakoman
0 siblings, 0 replies; 9+ messages in thread
From: Steve Sakoman @ 2022-04-20 14:07 UTC (permalink / raw)
To: openembedded-core
Please review this set of patches for kirkstone and have comments back by
end of day Friday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3547
The following changes since commit d2ba3b8850d461bc7b773240cdf15b22b31a3f9e:
lua: fix CVE-2022-28805 (2022-04-19 14:02:08 +0100)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Alexander Kanavin (1):
webkitgtk: adjust patch status
Davide Gardenal (1):
create-spdx: fix error when symlink cannot be created
Ferry Toth (2):
apt: add apt selftest to test signed package feeds
package_manager: fix missing dependency on gnupg when signing deb
package feeds
Jon Mason (1):
qemuarm64: use virtio pci interfaces
Kai Kang (1):
update_udev_hwdb: fix multilib issue with systemd
Khem Raj (5):
babeltrace: Disable warnings as errors
xserver-xorg: Fix build with gcc12
systemtap: Fix build with gcc-12
gnupg: Disable FORTIFY_SOURCES on mips
mdadm: Drop clang specific cflags
Konrad Weihmann (2):
git: correct license
ncurses: use COPYING file
Martin Jansa (1):
systemd-boot: remove outdated EFI_LD comment
Paulo Neves (1):
selftest/lic_checksum: Add test for filename containing space
Peter Kjellerstedt (2):
u-boot: Correct the SRC_URI
u-boot: Inherit pkgconfig
Richard Purdie (1):
buildtools-tarball: Only add cert envvars if certs are included
Ross Burton (1):
zlib: upgrade to 1.2.12
wangmy (5):
linux-firmware: upgrade 20220310 -> 20220411
libsoup: upgrade 3.0.5 -> 3.0.6
apt: upgrade 2.4.3 -> 2.4.4
libusb1: upgrade 1.0.25 -> 1.0.26
libgit2: upgrade 1.4.2 -> 1.4.3
zhengruoqin (3):
wireless-regdb: upgrade 2022.02.18 -> 2022.04.08
git: upgrade 2.35.2 -> 2.35.3
ruby: upgrade 3.1.1 -> 3.1.2
meta/classes/create-spdx.bbclass | 10 +-
meta/classes/sign_package_feed.bbclass | 1 +
meta/conf/machine/qemuarm64.conf | 8 +-
meta/lib/oeqa/runtime/cases/apt.py | 38 +-
meta/lib/oeqa/selftest/cases/lic_checksum.py | 18 +
meta/lib/oeqa/selftest/cases/runtime_test.py | 38 ++
meta/recipes-bsp/u-boot/u-boot-common.inc | 6 +-
meta/recipes-core/meta/buildtools-tarball.bb | 6 +-
meta/recipes-core/ncurses/ncurses.inc | 2 +-
.../systemd/systemd-boot_250.4.bb | 1 -
meta/recipes-core/systemd/systemd_250.4.bb | 5 -
meta/recipes-core/udev/eudev_3.2.10.bb | 4 -
...configure-Pass-LDFLAGS-to-link-tests.patch | 25 +-
.../zlib/zlib/CVE-2018-25032.patch | 347 ------------------
meta/recipes-core/zlib/zlib/cc.patch | 27 ++
.../zlib/{zlib_1.2.11.bb => zlib_1.2.12.bb} | 7 +-
.../apt/{apt_2.4.3.bb => apt_2.4.4.bb} | 2 +-
.../git/{git_2.35.2.bb => git_2.35.3.bb} | 15 +-
.../ruby/{ruby_3.1.1.bb => ruby_3.1.2.bb} | 2 +-
meta/recipes-extended/mdadm/mdadm_4.2.bb | 2 -
.../0001-render-Fix-build-with-gcc-12.patch | 90 +++++
.../xorg-xserver/xserver-xorg_21.1.3.bb | 1 +
...20220310.bb => linux-firmware_20220411.bb} | 4 +-
.../recipes-kernel/lttng/babeltrace2_2.0.4.bb | 2 +-
...ility-re-tweak-for-rhel6-use-functio.patch | 49 +++
.../recipes-kernel/systemtap/systemtap_git.bb | 3 +-
....02.18.bb => wireless-regdb_2022.04.08.bb} | 2 +-
...spection.cmake-prefix-variables-obta.patch | 5 +-
meta/recipes-support/gnupg/gnupg_2.3.4.bb | 3 +
.../{libgit2_1.4.2.bb => libgit2_1.4.3.bb} | 2 +-
.../{libsoup_3.0.5.bb => libsoup_3.0.6.bb} | 2 +-
.../{libusb1_1.0.25.bb => libusb1_1.0.26.bb} | 2 +-
scripts/postinst-intercepts/update_udev_hwdb | 5 +-
33 files changed, 322 insertions(+), 412 deletions(-)
delete mode 100644 meta/recipes-core/zlib/zlib/CVE-2018-25032.patch
create mode 100644 meta/recipes-core/zlib/zlib/cc.patch
rename meta/recipes-core/zlib/{zlib_1.2.11.bb => zlib_1.2.12.bb} (83%)
rename meta/recipes-devtools/apt/{apt_2.4.3.bb => apt_2.4.4.bb} (97%)
rename meta/recipes-devtools/git/{git_2.35.2.bb => git_2.35.3.bb} (86%)
rename meta/recipes-devtools/ruby/{ruby_3.1.1.bb => ruby_3.1.2.bb} (97%)
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-render-Fix-build-with-gcc-12.patch
rename meta/recipes-kernel/linux-firmware/{linux-firmware_20220310.bb => linux-firmware_20220411.bb} (99%)
create mode 100644 meta/recipes-kernel/systemtap/systemtap/0001-gcc12-c-compatibility-re-tweak-for-rhel6-use-functio.patch
rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2022.02.18.bb => wireless-regdb_2022.04.08.bb} (94%)
rename meta/recipes-support/libgit2/{libgit2_1.4.2.bb => libgit2_1.4.3.bb} (91%)
rename meta/recipes-support/libsoup/{libsoup_3.0.5.bb => libsoup_3.0.6.bb} (94%)
rename meta/recipes-support/libusb/{libusb1_1.0.25.bb => libusb1_1.0.26.bb} (94%)
--
2.25.1
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2023-07-18 14:26 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <16E7A00050A35F84.23874@lists.openembedded.org>
2022-04-20 14:53 ` [OE-core][kirkstone 00/27] Patch review Steve Sakoman
2022-04-20 15:05 ` Khem Raj
2022-04-21 5:14 ` Randy MacLeod
2022-04-21 14:00 ` Steve Sakoman
2022-04-21 14:27 ` Randy MacLeod
2023-07-18 14:25 Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2023-02-12 21:10 Steve Sakoman
2022-07-14 4:35 Steve Sakoman
2022-04-20 14:07 Steve Sakoman
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.