Mirror of git.yoctoproject.org/meta-virtualization https://git.enea.com/cgit/linux/meta-virtualization.git/atom?h=kirkstone 2025-03-06T17:41:51+00:00 2025-03-06T17:41:51+00:00 Chen Qi Qi.Chen@windriver.com 2025-03-06T02:19:01+00:00 urn:sha1:cf982c9fad8fe654058d80f53c558fa6f23a5193 Backport patch to fix CVE-2025-24976. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2024-07-22T22:24:22+00:00 Mingli Yu mingli.yu@windriver.com 2024-07-10T06:20:47+00:00 urn:sha1:902669ebb70fe2e0f8ee1c3a44f7344cab861a53 Use dup3 instead for riscv64 as there is no dup2 on riscv64 linux to fix the below build failure: vendor/github.com/bugsnag/panicwrap/dup2.go:10:9: undefined: syscall.Dup2 Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2023-07-25T18:53:37+00:00 Narpat Mali narpat.mali@windriver.com 2023-07-25T11:53:19+00:00 urn:sha1:af02908efda1580e77b3fdeed25b124a2b8d9482 A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: `n`). This vulnerability allows a malicious user to submit an unreasonably large value for `n,` causing the allocation of a massive string array, possibly causing a denial of service through excessive use of memory. References: https://github.com/distribution/distribution/security/advisories/GHSA-hqxw-f8mx-cpmw https://github.com/distribution/distribution/commit/521ea3d973cb0c7089ebbcdd4ccadc34be941f54 Signed-off-by: Narpat Mali <narpat.mali@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2022-06-20T16:09:51+00:00 Chen Qi Qi.Chen@windriver.com 2022-06-12T08:00:03+00:00 urn:sha1:fe1bd21891838d8dc4f7cf84a13581868251c125 v2.8.1 is the latest stable version. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2022-06-20T16:09:51+00:00 Chen Qi Qi.Chen@windriver.com 2022-06-12T08:00:02+00:00 urn:sha1:cddd676f401427182b6f7e4d7bfe4de4f5f00017 Fix settings for GOROOT, CGO_CFLAGS and CGO_LDFLAGS. The previous setting for GOROOT is no longer valid as the directory does not exist for now. So adjust the GOROOT setting. Currently CGO_CFLAGS is set to use BUILDSDK_CFLAGS, and this is incorrect. We need target flags instead of SDK related flags. Such setting happens to work for some hosts. However, when building on newer hosts, we get QA error like below: ERROR: docker-distribution-v2.7.1-r0 do_package_qa: QA Issue: /usr/sbin/registry contained in package docker-registry requires libc.so.6(GLIBC_2.34)(64bit), but no providers found in RDEPENDS_docker-registry? [file-rdeps] The above error was found on hardknott on host Fedora 35. Tracking down the error and I found it's using host stuff which is likely to be caused by using incorrect CGO_CFLAGS. As the master branch is using the same settings, it has the same issue. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2022-06-20T16:09:51+00:00 Chen Qi Qi.Chen@windriver.com 2022-06-12T08:00:01+00:00 urn:sha1:0642784cb137466460a79da9e86f9958089ea2f6 In order for systemd variables such as SYSTEMD_AUTO_ENABLE to have effect, we need to inherit the systemd class. We also need to specify the package which contains the service. As go.bbclass already inherits goarch.bbclass, we only need to inehrit go.bbclass. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2022-03-21T21:31:28+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2022-03-08T03:30:09+00:00 urn:sha1:6c6e6dc9238696ecfb369d8b0d4745bed9037714 Bumping docker-distribution to version v2.7.1-42-g3b7b5345, which comprises the following commits: 97f6dace [release/2.7] vendor: github.com/opencontainers/image-spec v1.0.2 10ade61d manifest: validate document type before unmarshal c5679da3 [release/2.7] vendor: github.com/golang-jwt/jwt v3.2.1 Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2021-11-22T16:20:14+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2021-11-22T16:12:52+00:00 urn:sha1:9ab81946f6293f512d7d8eb65db5516781b23531 Bumping docker-distribution to version v2.7.1-38-gf7365390, which comprises the following commits: 97f6dace [release/2.7] vendor: github.com/opencontainers/image-spec v1.0.2 9a3ff113 fix go check issues 19b573a6 Change should to must in v2 spec d836b23f [release/2.7] update to go1.16 Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2021-11-02T13:57:03+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2021-11-02T13:24:33+00:00 urn:sha1:0a7ae8bc50208a7409198a8e92c4ce4afb2b5ed3 github is removing git:// access, and fetches will start experiencing interruptions in service, and eventually will fail completely. bitbake will also begin to warn on github src_uri's that don't use https. So we convert the meta-virt instances to use protocol=https (done using the oe-core contrib conversion script) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2021-08-27T14:50:45+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2021-08-24T15:48:11+00:00 urn:sha1:00f93904d1c7b6fdc94f49aa445784c755fac5f6 Not much of an update, but we pickup the latest compatibility restrictions: Bumping docker-distribution to version v2.7.1-32-g61e7e208, which comprises the following commits: d836b23f [release/2.7] update to go1.16 cc341b01 Added flag for user configurable cipher suites Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>