<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/poky.git/meta/recipes-devtools, branch kirkstone</title>
<subtitle>Mirror of git.yoctoproject.org/poky</subtitle>
<id>https://git.enea.com/cgit/linux/poky.git/atom?h=kirkstone</id>
<link rel='self' href='https://git.enea.com/cgit/linux/poky.git/atom?h=kirkstone'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/'/>
<updated>2026-04-10T10:53:18+00:00</updated>
<entry>
<title>tcl: skip http11 tests</title>
<updated>2026-04-10T10:53:18+00:00</updated>
<author>
<name>Ross Burton</name>
<email>ross.burton@arm.com</email>
</author>
<published>2025-09-05T12:43:04+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=7bf1fce6da3710b107bbcdfb248ab696e0fffc50'/>
<id>urn:sha1:7bf1fce6da3710b107bbcdfb248ab696e0fffc50</id>
<content type='text'>
These tests are either unstable under load, or just unstable.

A ticket has been filed upstream[1] but for now disable them.

[ YOCTO #15467 ]

[1] https://core.tcl-lang.org/tcl/tktview/3764f4e81f1483ab554c6d60f8483887bde28221

(From OE-Core rev: e6158f316828afaf167b6e67c3b6256888b33634)

Signed-off-by: Ross Burton &lt;ross.burton@arm.com&gt;
Signed-off-by: Mathieu Dubois-Briand &lt;mathieu.dubois-briand@bootlin.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
(cherry picked from commit 8f1538518fd3a3017189b38437691ce358a2566a)
Signed-off-by: Yoann Congal &lt;yoann.congal@smile.fr&gt;
Signed-off-by: Paul Barker &lt;paul@pbarker.dev&gt;
</content>
</entry>
<entry>
<title>recipes: Default to https git protocol for YP/OE repos</title>
<updated>2026-04-10T10:53:18+00:00</updated>
<author>
<name>Yoann Congal</name>
<email>yoann.congal@smile.fr</email>
</author>
<published>2026-04-09T11:10:53+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=e2b0ffbd78a9f36e2f9b635ee7314656eaee364d'/>
<id>urn:sha1:e2b0ffbd78a9f36e2f9b635ee7314656eaee364d</id>
<content type='text'>
This corresponds to the master
commit 139102a73d41 ("recipes: Default to https git protocol where possible").
But only for the git.yoctoproject.org and git.openembedded.org repos.
&gt; The recommendation from server maintainers is that the https protocol
&gt; is both faster and more reliable than the dedicated git protocol at this point.
&gt; Switch to it where possible.

(From OE-Core rev: c1b208babae70244ab062b2e4674b0309fbd65e5)

Signed-off-by: Yoann Congal &lt;yoann.congal@smile.fr&gt;
Signed-off-by: Paul Barker &lt;paul@pbarker.dev&gt;
</content>
</entry>
<entry>
<title>python3-pyopenssl: Fix CVE-2026-27459</title>
<updated>2026-04-10T10:53:18+00:00</updated>
<author>
<name>Vijay Anusuri</name>
<email>vanusuri@mvista.com</email>
</author>
<published>2026-03-25T07:24:54+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=80f07f41878e7b68e08f9bb6d20fe4193a1775e4'/>
<id>urn:sha1:80f07f41878e7b68e08f9bb6d20fe4193a1775e4</id>
<content type='text'>
Pick patch mentioned in NVD

[1] https://nvd.nist.gov/vuln/detail/CVE-2026-27459
[2] https://ubuntu.com/security/CVE-2026-27459

(From OE-Core rev: b46b806b2ef773d7061923e7bab9184fb758a6b4)

Signed-off-by: Vijay Anusuri &lt;vanusuri@mvista.com&gt;
Signed-off-by: Yoann Congal &lt;yoann.congal@smile.fr&gt;
Signed-off-by: Paul Barker &lt;paul@pbarker.dev&gt;
</content>
</entry>
<entry>
<title>python3-pyopenssl: Fix CVE-2026-27448</title>
<updated>2026-04-10T10:53:18+00:00</updated>
<author>
<name>Vijay Anusuri</name>
<email>vanusuri@mvista.com</email>
</author>
<published>2026-03-25T07:24:53+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=631b2c9ded69c37ac7c3b7e824ee58c6afafcb64'/>
<id>urn:sha1:631b2c9ded69c37ac7c3b7e824ee58c6afafcb64</id>
<content type='text'>
Pick patch mentioned in NVD

[1] https://nvd.nist.gov/vuln/detail/CVE-2026-27448
[2] https://ubuntu.com/security/CVE-2026-27448

(From OE-Core rev: c95d2068281fd88427a2e0a996d69c3898473e63)

Signed-off-by: Vijay Anusuri &lt;vanusuri@mvista.com&gt;
Signed-off-by: Yoann Congal &lt;yoann.congal@smile.fr&gt;
Signed-off-by: Paul Barker &lt;paul@pbarker.dev&gt;
</content>
</entry>
<entry>
<title>python3: upgrade 3.10.19 -&gt; 3.10.20</title>
<updated>2026-04-10T10:53:18+00:00</updated>
<author>
<name>Vijay Anusuri</name>
<email>vanusuri@mvista.com</email>
</author>
<published>2026-04-06T13:46:27+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=3c9199cfd854ac7c375beed30466aeabacad32bc'/>
<id>urn:sha1:3c9199cfd854ac7c375beed30466aeabacad32bc</id>
<content type='text'>
Drop upstreamed patches.

Release information:
* https://www.python.org/downloads/release/python-31020/
* The release you're looking at is Python 3.10.20, a security bugfix release for the legacy 3.10 series.

Handles CVE-2024-6923 CVE-2025-6075 CVE-2025-12084 CVE-2025-13836 CVE-2025-13837
CVE-2025-15282 CVE-2025-59375 CVE-2026-0865 CVE-2026-24515 CVE-2026-25210

(From OE-Core rev: 51e1581d337b674272c1a71dfc366387577bc5df)

Signed-off-by: Vijay Anusuri &lt;vanusuri@mvista.com&gt;
[YC: rebased on top of kirkstone]
Signed-off-by: Yoann Congal &lt;yoann.congal@smile.fr&gt;
Signed-off-by: Paul Barker &lt;paul@pbarker.dev&gt;
</content>
</entry>
<entry>
<title>createrepo-c: Fix createrepo-c-native build on GCC14 hosts (e.g. Fedora 41)</title>
<updated>2026-03-20T09:55:33+00:00</updated>
<author>
<name>Yoann Congal</name>
<email>yoann.congal@smile.fr</email>
</author>
<published>2026-03-15T22:46:32+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=1aee6e9648661c1e6159127c2b6e4690576020f7'/>
<id>urn:sha1:1aee6e9648661c1e6159127c2b6e4690576020f7</id>
<content type='text'>
This version of createrepo-c does a wrong pointer assignment, and on GCC14[0]
hosts (e.g. Fedora 41), this fails to build with:
  FAILED: src/python/CMakeFiles/_createrepo_c.dir/createrepo_cmodule.c.o
  build/tmp-glibc/hosttools/gcc [...] python/createrepo_cmodule.c
  python/createrepo_cmodule.c:82:41: error: initialization of ‘PyObject * (*)(PyObject *, PyObject *)’ {aka ‘struct _object * (*)(struct _object *, struct _object *)’} from incompatible pointer type ‘PyObject * (*)(PyObject *, PyObject *, PyObject *)’ {aka ‘struct _object * (*)(struct _object *, struct _object *, struct _object *)’} [-Wincompatible-pointer-types]
     82 |     {"xml_parse_main_metadata_together",(PyCFunctionWithKeywords)py_xml_parse_main_metadata_together,
        |                                         ^
  src/python/createrepo_cmodule.c:82:41: note: (near initialization for ‘createrepo_c_methods[15].ml_meth’)

Add a patch to fix the pointer assignment. The patched code has since
been removed by upstream.

[0]: https://gcc.gnu.org/gcc-14/porting_to.html#incompatible-pointer-types

(From OE-Core rev: 17b1a1cd097c2bd6d690a3cd44561c2d40844088)

Signed-off-by: Yoann Congal &lt;yoann.congal@smile.fr&gt;
Signed-off-by: Paul Barker &lt;paul@pbarker.dev&gt;
</content>
</entry>
<entry>
<title>libcomps: Fix libcomps-native build on GCC14 hosts (e.g. Fedora 41)</title>
<updated>2026-03-20T09:55:33+00:00</updated>
<author>
<name>Yoann Congal</name>
<email>yoann.congal@smile.fr</email>
</author>
<published>2026-03-15T22:40:33+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=3a4d4d66ba65d9880e25f8e1a460008cad1f955d'/>
<id>urn:sha1:3a4d4d66ba65d9880e25f8e1a460008cad1f955d</id>
<content type='text'>
This version of libcomps does wrong pointer assignment, and on GCC14
hosts (e.g. Fedora 41), this fails to build with:
| build/tmp-glibc/work/x86_64-linux/libcomps-native/0.1.18-r0/git/libcomps/tests/check_parse.c:588:11: error: assignment to ‘COMPS_DocGroup *’ from incompatible pointer type ‘COMPS_DocCategory *’ [-Wincompatible-pointer-types]
|   588 |         g = (COMPS_DocCategory*)it-&gt;comps_obj;

Backport a patch making the assignment correct.

(From OE-Core rev: 1853a4b2e22aaa1e8e7929bb13eaddbdd4542c71)

Signed-off-by: Yoann Congal &lt;yoann.congal@smile.fr&gt;
Signed-off-by: Paul Barker &lt;paul@pbarker.dev&gt;
</content>
</entry>
<entry>
<title>python3-pip: Fix CVE-2026-1703</title>
<updated>2026-03-20T09:55:33+00:00</updated>
<author>
<name>Vijay Anusuri</name>
<email>vanusuri@mvista.com</email>
</author>
<published>2026-03-11T11:01:01+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=b0c2d6dfec39564100120dbb9e0eeab1d99a81ba'/>
<id>urn:sha1:b0c2d6dfec39564100120dbb9e0eeab1d99a81ba</id>
<content type='text'>
Pick patch according to [1]

[1] https://security-tracker.debian.org/tracker/CVE-2026-1703
[2] https://nvd.nist.gov/vuln/detail/CVE-2026-1703
[3] https://github.com/pypa/pip/pull/13777

(From OE-Core rev: 0535436a9ceedcf690001cd705be753de4e4915f)

Signed-off-by: Vijay Anusuri &lt;vanusuri@mvista.com&gt;
Signed-off-by: Yoann Congal &lt;yoann.congal@smile.fr&gt;
Signed-off-by: Paul Barker &lt;paul@pbarker.dev&gt;
</content>
</entry>
<entry>
<title>pseudo: Update to include a fix for systems with kernel &lt;5.6</title>
<updated>2026-02-27T15:54:02+00:00</updated>
<author>
<name>Yoann Congal</name>
<email>yoann.congal@smile.fr</email>
</author>
<published>2026-02-17T16:34:25+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=b5f43fb19e59d7bdebffecb1c951a2d2cb8a952d'/>
<id>urn:sha1:b5f43fb19e59d7bdebffecb1c951a2d2cb8a952d</id>
<content type='text'>
 $ git log --oneline --no-decorate  9ab513512d8b5180a430ae4fa738cb531154cdef..43cbd8fb4914328094ccdb4bb827d74b1bac2046
43cbd8f ports/linux: define __NR_openat2 if missing

(From OE-Core rev: 61c7d9337d63fa6e022c047bc7c21004b038f697)

Signed-off-by: Yoann Congal &lt;yoann.congal@smile.fr&gt;
Signed-off-by: Mathieu Dubois-Briand &lt;mathieu.dubois-briand@bootlin.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
(cherry picked from commit e9a35f32b983de724d2c2e436c017b49d5b70469)
Signed-off-by: Yoann Congal &lt;yoann.congal@smile.fr&gt;
Signed-off-by: Paul Barker &lt;paul@pbarker.dev&gt;
</content>
</entry>
<entry>
<title>pseudo: Update to include an openat2 fix</title>
<updated>2026-02-27T15:54:02+00:00</updated>
<author>
<name>Richard Purdie</name>
<email>richard.purdie@linuxfoundation.org</email>
</author>
<published>2026-02-13T12:22:45+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=56e5f34c39fa8295c54d3d08eb9a498726ff8752'/>
<id>urn:sha1:56e5f34c39fa8295c54d3d08eb9a498726ff8752</id>
<content type='text'>
We're seeing occasional autobuilder failures with tar issues related to openat2.
It appears there are definitions missing on debian 11 and opensuse 15.5 systems
which mean the openat2 syscall intercept isn't compiled in. This then triggers
on systems using the openat2 syscall, such as alma9 where it is used in a tar
CVE fix.

This updates to include the fix from upstream pseudo (along with a compile warning
fix).

This was tested by taking sstate for pseudo-native from a debian 11 system and using
it in a build of "bitbake nativesdk-git -c install" on a alma9 system where that task
failed. After this fix, it completes.

(From OE-Core rev: 2759db87db7529d60a5b2344dc1db7720e3518d6)

Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
(cherry picked from commit 2c20c05b324e5d6564c8554381019170839509bb)
Signed-off-by: Yoann Congal &lt;yoann.congal@smile.fr&gt;
Signed-off-by: Paul Barker &lt;paul@pbarker.dev&gt;
</content>
</entry>
</feed>
