Age | Commit message (Collapse) | Author |
|
tools/binman/binman needs python3-setuptools now.
(From OE-Core rev: cb896051a7e7b25c02fb40aa8a422d3e5580dd34)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
files in wic tmp directory can be usefull for debugging, so do not remove
tmp directory when wic create run with debugging mode (-D or --debug).
also update wic.Wic.test_debug_short and wic.Wic.test_debug_long to
check for tmp directory.
[YOCTO#14216]
(From OE-Core rev: a122e2418b67d38f691edcf8dd846c167d6b4fa9)
Signed-off-by: Lee Chee Yang <Chee.Yang.Lee@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: c64b06296b378e99cde489583c97b7d7edba4f88)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Currently the install script copy only few hard coded item while
setting up target ESP, kernel artifacts, all .efi in EFI/BOOT,
grub & boot cfg and loader.conf.
While ESP can be much complex, eg: contain multiple initrd.
Add a ESP folder to carry any other files to setup onto ESP.
(From OE-Core rev: 6eaca9cf20c42501fba27dea3a6446bad948e859)
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There are times when exluding or including a layer
may be desired. This provide the framwork for that via
two variables. The default is all layers in bblayers.
CVE_CHECK_LAYER_INCLUDELIST
CVE_CHECK_LAYER_EXCLUDELIST
(From OE-Core rev: 5fdde65ef58b4c1048839e4f9462b34bab36fc22)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Lets include whcih layer a package belongs to and
add it to the cve logs
(From OE-Core rev: 00d965bb42dc427749a4c3985af56ceffff80457)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
20.9 - 2021-01-29
~~~~~~~~~~~~~~~~~
* Run [isort](https://pypi.org/project/isort/) over the code base (:issue:`377`)
* Add support for the ``macosx_10_*_universal2`` platform tags (:issue:`379`)
* Introduce ``packaging.utils.parse_wheel_filename()`` and ``parse_sdist_filename()``
(:issue:`387` and :issue:`389`)
(From OE-Core rev: 6199c71030d527c57a1cb8496a377afb503d7670)
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add 0001-meson-Also-search-for-rst2man.py.patch to fix bug of program rst2man cannot be found.
Add dependency python3-docutils-native to manpages.
(From OE-Core rev: 600b75cef2807ccb3f89f24c77d02cd6e0a99e1f)
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
rename directory of patches
-License-Update: Copyright year updated to 2021.
(From OE-Core rev: 316f9602c633fdf52009b4567ccf598d1c716acd)
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: e4ef9eaea1e05975bd09b838e6ba35cc56da37d6)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 4e22a84e0482d8c56942acd0243c94f20484ffef)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 0e2dfa9f7904db32a14c09b1d451382a4c91f85d)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Drop musl fix as upstream fixed the issue.
(From OE-Core rev: 9ac95af964876752e7dae819f5b678ae4b510064)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 97acf2c86b7496385eabf57d5e21dae835a45e6b)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: b13ebb89b63a8a7d1c5d688c72c4aa4f54088963)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Drop patch merged upstream.
(From OE-Core rev: 4ca7c5435a379160fb9ac2d2d9d7aa5550632f65)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Drop 0001-Modify-shebang-of-libexec-y2racc-and-libexec-racc2y.patch
as files removed upstream.
License-Update: formatting
Drop autoconf270.patch, as no longer needed with 3.0.0
(I verified against master-next which has the new autoconf).
(From OE-Core rev: 8fbf04053845aac24e0c0f1395051b60294e02a3)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
easy_install script removed upstream:
https://github.com/pypa/setuptools/blob/v52.0.0/CHANGES.rst
Tarballs are now provided instead of zip files.
License-Update: formatting
(From OE-Core rev: 131105f94c8de1f087e8bd6e3e76a5c38962ae7d)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 124416ee6ff3228101f7b4423b6a5581a096cae1)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: e7521584b4acfc1ffa612f0167cef53eab967bcc)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: d26f5601d0cfe15cf9ef953e33e5e36e1b58e915)
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
include "missing_stdlib.h" is needed for strndupa()
(From OE-Core rev: 87c9ed35fce8c9358d8a5dda20ece0a46cbff325)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Changelog:
- Fix issue with D-Bus filter messages with no interfaces set.
- Add support for PKCS#12 certification loading.
(From OE-Core rev: a522b528170291264a1dd5293840bec7cdfa7311)
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Removed upstreamed patches and refreshed q few other.
(From OE-Core rev: a21e8fdf1b66961ddae5929d393daa08800bb748)
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: ecb156fa391b29c6b317abb7bb126a36d709be6a)
Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
- remove build host path in cmake dev file to fix spirv-tools-dev reproducible
https://autobuilder.yocto.io/pub/repro-fail/oe-reproducible-20210125-8161_obd/packages/diff-html/
(From OE-Core rev: 7795a919f127b5fde5eb2049ec4e1e22f16bfee7)
Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
compiler can only use fortify options when some level of optimization is
on, otherwise it ends up sending some warnings.
warning: _FORTIFY_SOURCE requires compiling with optimization (-O) [-W#warnings]
this is usually OK, since -O<level> would be added via CFLAGS to
compiler cmdline in normal compile stages, however during configure
there are problems when CC,CPP,CXX are probed alone in configure tests
which results in above warning, which confuses the configure results and
autotools 2.70+ detects it as error e.g.
configure:17292: error: C preprocessor "riscv32-yoe-linux-clang -target riscv32-yoe-linux -mlittle-endian -mno-relax -Qunused-arguments -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security --sysroot=/mnt/b/yoe/master/build/tmp/work/riscv32-yoe-linux/ndpi/3.4-r0/recipe-sysroot -E" fails sanity check
See `config.log' for more details
therefore adding a -O ( which actually is -O1 ) to lcl_maybe_fortify
means we can properly test these configure tests and real -O<level> will
still override -O added here, so overrall behavior improves
(From OE-Core rev: b6113dd68caa46d56cf3c8293119f2b9d8b137fd)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Support glibc 2.33.
(From OE-Core rev: 5c7f963d395aa4a94d78c37883488baac471ea43)
Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
autoconf 2.70 onwards installs its own copies of config.guess/config.sub
which we keep up to date when autoconf builds, so there's no need to
depend on gnu-config for those files.
(From OE-Core rev: 332145c34b4aac2e74a713070af25414e1fd8c9c)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
autoconf 2.70 now invokes intltoolize, so there's no need to do it again
in this class.
(From OE-Core rev: e24ac6605aeaae42475d3f753dc9452093af5a14)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This breaks kmod, so for now we can continue to do it ourselves.
(From OE-Core rev: 628e0263e3bb768ea771d0e0260fdb18e16c871e)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
After too many years, autoconf has made a new release. On the whole it
is compatible with previous releases, but some macros are more specific
about what they expose so minor tweaks to configure.ac may be required.
autoconf also now invokes intltoolize, gtkdocize, and copies
config.sub/guess, so there is less work for autotools.bbclass to do.
- AC_HEADER_MAJOR-port-to-glibc-2.25.patch
- add_musl_config.patch
- autoconf-replace-w-option-in-shebangs-with-modern-use-warnings.patch
- autoreconf-gnuconfigize.patch
- check-automake-cross-warning.patch
- config_site.patch
- fix_path_xtra.patch
- performance.patch
Drop a number of patches which have been integrated upstream.
- man-host-perl.patch
Don't use the target perl path when building documentation at build time:
- no-man.patch
Don't build documentation in native builds to avoid further build
dependencies.
(From OE-Core rev: f5dd2e0acbb0aa4079c51aaeab8c26e743a4c714)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
New autoconf warns about obsolete macro usage, but there is quite
a lot of obsolete usage in the wild which isn't really in our problem.
(From OE-Core rev: a152b5a37aec247b0540b82ad6c9bdc20c532d21)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
These files are split for historical reasons, so merge them to make
maintaining them easier.
The bb and inc had differing LICENSE assignments. Current autoconf is
GPLv3+.
(From OE-Core rev: 192f635fa6964213e771c0b1443b2c15863b3d57)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Update gnu-config to the latest upstream commit.
(From OE-Core rev: 37c088759218909acbd06a3a935c7ff99ff2fcd5)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix an issue with autoconf 2.70 where duplicate macro includes
caused configure failures.
(From OE-Core rev: 4e5d7c86a8a5e752df451d988861a86236e8c8ff)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: d6327189d2e86f0647a2cf11bc3dc3effa51a55d)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This change was only needed with 2.70, it is not needed with 2.71.
This reverts commit 36aef08dcd5e45c4138ccd72e8de01157f7213c4.
(From OE-Core rev: 37362d8bdbec17a676af41b13683efd17c0cef50)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Final glibc 2.32 based uninative.
(From OE-Core rev: 8b5d932a42ce9e3e801837bea9cf319c455d9ae5)
Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We're seeing occasional issues where builds fail as events were written from the
worker children in the form <event>partial data<event>full event</event>.
This causes failures as bitbake server can't parse that and exits. This could
be due to short writes to the worker event pipe which we weren't checking. Check
this and loop accordingly. Also add some asserts to detect other potential causes.
Thanks to Joshua Watt for help in spotting the issue.
[YOCTO #14181]
(Bitbake rev: a9451746a4bd7ccedf4c72cd03ad4ff0ab0143aa)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
If the server returns an empty response ("null" in json), this cannot
be iterated to check for the presence of the "chunk-stream" key.
(Bitbake rev: bf75370bcd6d02ed08cd959eec6190196b792515)
Signed-off-by: Paul Barker <pbarker@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The connect function was previously removed from the hashserv Client
class but the bitbake-hashclient app was not updated. The client is
connected during hashserv.create_client() anyway so not separate connect
call is needed.
(Bitbake rev: 99bdb236bceeffa0083a0fa529280b217c1d310d)
Signed-off-by: Paul Barker <pbarker@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
target
When we run `devtool build mc` recipe's task dependencies are expanded
to "mc:do_populate_sysroot" where "mc" name is treated as multiconfig
and "do_package_sysroot" as multiconfigname.
| ERROR: Multiconfig dependency mc:do_populate_sysroot depends on
| nonexistent multiconfig configuration named do_populate_sysroot
(Bitbake rev: 3ce4b2caccfe608a54dff159459f3687ea610597)
Signed-off-by: Tomasz Dziendzielski <tomasz.dziendzielski@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Sometimes (that is, in all my builds) the lic_manifest_dir and
lic_manifest_symlink_dir end up pointing to the same file, resulting
in an error like this:
Exception: FileExistsError: [Errno 17] File exists: '/.../tmp-glibc/deploy/licenses/my-image-tdkz15' -> '/.../tmp-glibc/deploy/licenses/my-image-tdkz15'
First check to see if this is the case before attempting to create
the link.
(From OE-Core rev: 50f83fb542065eaf7a20ac07b63ae06441ada180)
Signed-off-by: Mike Looijmans <mike.looijmans@topic.nl>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* gnu isn't compatible with --xattrs used e.g. here:
https://github.com/advancedtelematic/meta-updater/blob/d3a832f66e8802cb45536ff278d5c77f946d341d/classes/image_types_ostree.bbclass#L16
causing do_image_tar failing with:
| tar: --xattrs can be used only on POSIX archives
| Try 'tar --help' or 'tar --usage' for more information.
* https://www.gnu.org/software/tar/manual/html_chapter/tar_8.html
says about posix format:
This is the most flexible and feature-rich format.
It does not impose any restrictions on file sizes or file name lengths.
This format is quite recent, so not all tar implementations are able to handle it properly.
However, this format is designed in such a way that any tar implementation able to read `ustar'
archives will be able to read most `posix' archives as well, with the only exception that any
additional information (such as long file names etc.) will in such case be extracted as plain
text files along with the files it refers to.
This archive format will be the default format for future versions of GNU tar.
and:
The default format for GNU tar is defined at compilation time.
You may check it by running tar --help, and examining the last lines of its output.
Usually, GNU tar is configured to create archives in `gnu' format, however, future version will switch to `posix'.
* I've compared tar on centos7 and ubuntu-18.04:
bash-4.2$ cat /etc/centos-release
CentOS Linux release 7.9.2009 (Core)
bash-4.2$ tar --version
tar (GNU tar) 1.26
...
bash-4.2$ tar --help | tail -n 5
*This* tar defaults to:
--format=gnu -f- -b20 --quoting-style=escape --rmt-command=/etc/rmt
--rsh-command=/usr/bin/ssh
...
bitbake@e0ee76f81c2f:/$ grep VERSION /etc/os-release
VERSION="18.04.5 LTS (Bionic Beaver)"
VERSION_ID="18.04"
VERSION_CODENAME=bionic
bitbake@e0ee76f81c2f:/$ tar --version
tar (GNU tar) 1.29
...
bitbake@e0ee76f81c2f:/$ tar --help | tail -n 5
...
*This* tar defaults to:
--format=gnu -f- -b20 --quoting-style=escape --rmt-command=/usr/lib/tar/rmt
--rsh-command=/usr/bin/rsh
Both support posix format (as pax POSIX 1003.1-2001). But centos7 version is
already too old anyway, because it doesn't support --sort=name used since:
https://git.openembedded.org/openembedded-core/commit/?id=4fa68626bbcfd9795577e1426c27d00f4d9d1c17
and
https://git.openembedded.org/openembedded-core/commit/?id=f19e43dec63a86c200e04ba14393583588550380
says that 1.28 is the minium version now and
https://git.openembedded.org/openembedded-core/commit/?id=7a66434cf11b7f051699b774e4fccd6738351368
recommends to use install-buildtools for hosts with tar < 1.28
On the other side latest tumbleweed from:
https://hub.docker.com/r/opensuse/tumbleweed
with tar-1.33 alredy defaults to posix format:
b99dbb3d86dd:/ # head -n 3 /etc/os-release
NAME="openSUSE Tumbleweed"
ID="opensuse-tumbleweed"
b99dbb3d86dd:/ # tar --version
tar (GNU tar) 1.33
...
b99dbb3d86dd:/ # tar --help | tail -n 3
*This* tar defaults to:
--format=posix -f- -b20 --quoting-style=escape --rmt-command=/usr/bin/rmt
--rsh-command=/usr/bin/ssh
I've packaged some sample rootfs directory with both tars and the result is
identical (with --format=gnu as well as --format=posix).
with ubuntu:
tar --sort=name --format=gnu --numeric-owner -cf rootfs.ubuntu.gnu.tar -C rootfs .
tar --xattrs --xattrs-include=* --sort=name --format=posix --numeric-owner -cf rootfs.ubuntu.posix.tar -C rootfs .
tumbleweed:
tar --sort=name --format=gnu --numeric-owner -cf rootfs.tumbleweed.gnu.tar -C rootfs .
tar --xattrs --xattrs-include=* --sort=name --format=posix --numeric-owner -cf rootfs.tumbleweed.posix.tar -C rootfs .
centos7 (without --sort=name):
tar --format=gnu --numeric-owner -cf rootfs.centos7.gnu.tar -C rootfs .
tar --xattrs --xattrs-include=* --format=posix --numeric-owner -cf rootfs.centos7.posix.tar -C rootfs .
size is identical:
-rw-r--r-- 1 mjansa mjansa 2487480320 Feb 5 09:19 rootfs.ubuntu.gnu.tar
-rw-r--r-- 1 mjansa mjansa 2487480320 Feb 5 10:17 rootfs.centos7.gnu.tar
-rw-r--r-- 1 mjansa mjansa 2487480320 Feb 5 10:26 rootfs.tumbleweed.gnu.tar
-rw-r--r-- 1 mjansa mjansa 2579875840 Feb 5 10:15 rootfs.ubuntu.posix.tar
-rw-r--r-- 1 mjansa mjansa 2579875840 Feb 5 10:16 rootfs.centos7.posix.tar
-rw-r--r-- 1 mjansa mjansa 2579875840 Feb 5 10:26 rootfs.tumbleweed.posix.tar
but md5s aren't:
5e3880283379dd773ac054e20562fdea rootfs.centos7.gnu.tar
abeaf992c780aa780a27be01365d26f5 rootfs.centos7.posix.tar
0c6ee59d87ab56583293262de110bca4 rootfs.tumbleweed.gnu.tar
1555bc7276eaba924bf82a13a010fd6d rootfs.tumbleweed.posix.tar
553d802bba351e273191bd5b2a621b66 rootfs.ubuntu.gnu.tar
b6d7b43b30174686f6625ba3c7aefdc6 rootfs.ubuntu.posix.tar
diffoscope shows some differences when using gnu format:
$ diffoscope rootfs.tumbleweed.gnu.tar rootfs.ubuntu.gnu.tar
...
-00239890: 3030 3000 3030 3737 3637 0020 4b00 0000 000.007767. K...
+00239890: 3030 3000 3031 3135 3737 0020 4b00 0000 000.011577. K...
...
-00239900: 0075 7374 6172 2020 0000 0000 0000 0000 .ustar ........
+00239900: 0075 7374 6172 2020 0072 6f6f 7400 0000 .ustar .root...
...
-00239920: 0000 0000 0000 0000 0000 0000 0000 0000 ................
+00239920: 0000 0000 0000 0000 0072 6f6f 7400 0000 .........root...
with posix format there are also some differences shown by diffoscope:
$ diffoscope rootfs.tumbleweed.posix.tar rootfs.ubuntu.posix.tar
016a4c00: 2e2f 7573 722f 6269 6e2f 5061 7848 6561 ./usr/bin/PaxHea
-016a4c10: 6465 7273 2f63 6861 7474 722e 6532 6673 ders/chattr.e2fs
-016a4c20: 7072 6f67 7300 0000 0000 0000 0000 0000 progs...........
+016a4c10: 6465 7273 2e32 322f 6368 6174 7472 2e65 ders.22/chattr.e
+016a4c20: 3266 7370 726f 6773 0000 0000 0000 0000 2fsprogs........
...
03937000: 2e2f 7573 722f 6269 6e2f 5061 7848 6561 ./usr/bin/PaxHea
-03937010: 6465 7273 2f63 6f6e 7461 696e 6572 642d ders/containerd-
-03937020: 6374 7200 0000 0000 0000 0000 0000 0000 ctr.............
+03937010: 6465 7273 2e32 322f 636f 6e74 6169 6e65 ders.22/containe
+03937020: 7264 2d63 7472 0000 0000 0000 0000 0000 rd-ctr..........
so cannot really say which format is better for reproducible tar
archives from different distros, but posix at least supports xattrs
and it's the format for future.
(From OE-Core rev: 3ecea58f2a3382d9f4b410d6ad7089111334cb6f)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Added below CVE:
CVE-2020-12825
Link: CVE-2020-12825 [https://gitlab.gnome.org/Archive/libcroco/-/commit/6eb257e5c731c691eb137fca94e916ca73941a5a]
Link: https://gitlab.gnome.org/Archive/libcroco/-/issues/8
(From OE-Core rev: f8cee7386c556e1c5adb07a0aee385642b7a5568)
Signed-off-by: Saloni Jain <Saloni.Jain@kpit.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Whitelisted below CVEs:
1. CVE-2018-12433
Link: https://security-tracker.debian.org/tracker/CVE-2018-12433
Link: https://nvd.nist.gov/vuln/detail/CVE-2018-12433
CVE-2018-12433 is marked disputed and ignored by NVD as it does
not impact crypt libraries for any distros and hence, can be safely
marked whitelisted.
2. CVE-2018-12438
Link: https://security-tracker.debian.org/tracker/CVE-2018-12438
Link: https://ubuntu.com/security/CVE-2018-12438
CVE-2018-12438 was reported for affecting openjdk crypt libraries
but there are no details available on which openjdk versions are
affected and does not directly affect libgcrypt or any specific
yocto distributions, hence, can be whitelisted.
(From OE-Core rev: 2943efe3f56d394308f9364b439c25f6a7613288)
Signed-off-by: Saloni Jain <Saloni.Jain@kpit.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
0001-fix-up-check-for-hardlinks-always-false-if-inode-0xF.patch
removed since it is included in 1.45.7
(From OE-Core rev: f51835e022731d1c0e8e18209e48f1a718048977)
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Bash 5.1 enabled bracketed input mode by default, but this causes a lot
of problems with automated testing as it can inject a lot of control
sequences into non-interactive output. Disable it to cleanup the output
an preserve the pre-5.1 behavior
(From OE-Core rev: 6c1cb7e274050f1ccb817b8ee34d0f61f34c95e3)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Our nologin path is /sbin/nologin instead of /bin/nologin.
(From OE-Core rev: cd7f55e960e759d946d8b619b0a306e610f66356)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|