<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/poky.git/meta/recipes-support, branch hardknott-next</title>
<subtitle>Mirror of git.yoctoproject.org/poky</subtitle>
<id>https://git.enea.com/cgit/linux/poky.git/atom?h=hardknott-next</id>
<link rel='self' href='https://git.enea.com/cgit/linux/poky.git/atom?h=hardknott-next'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/'/>
<updated>2021-06-02T22:32:44+00:00</updated>
<entry>
<title>curl: fix CVE-2021-22876</title>
<updated>2021-06-02T22:32:44+00:00</updated>
<author>
<name>Trevor Gamblin</name>
<email>trevor.gamblin@windriver.com</email>
</author>
<published>2021-06-01T15:09:28+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=72d9c16490cd94b03eff62f3fd25304e42a16b91'/>
<id>urn:sha1:72d9c16490cd94b03eff62f3fd25304e42a16b91</id>
<content type='text'>
Backport and modify the patch for CVE-2021-22876 from curl 7.76 to
make it apply cleanly on 7.75.

CVE: CVE-2021-22876

(From OE-Core rev: 7c39b71b78ffc64a456872769b341cfc662e747d)

Signed-off-by: Trevor Gamblin &lt;trevor.gamblin@windriver.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>curl: fix CVE-2021-22890</title>
<updated>2021-06-02T22:32:44+00:00</updated>
<author>
<name>Trevor Gamblin</name>
<email>trevor.gamblin@windriver.com</email>
</author>
<published>2021-06-01T15:09:27+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=fd5a86fa80290fe7bf21817c43f34d39db33d525'/>
<id>urn:sha1:fd5a86fa80290fe7bf21817c43f34d39db33d525</id>
<content type='text'>
Backport and modify the patch for CVE-2021-22890 from curl 7.76 to make
it apply cleanly on 7.75.

CVE: CVE-2021-22890

(From OE-Core rev: b11dc35cce0449623182ecf044c4a49664119b9c)

Signed-off-by: Trevor Gamblin &lt;trevor.gamblin@windriver.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>boost: fix do_fetch failure</title>
<updated>2021-05-30T07:19:35+00:00</updated>
<author>
<name>Stefan Ghinea</name>
<email>stefan.ghinea@windriver.com</email>
</author>
<published>2021-05-17T17:38:47+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=d46686394ff74114a5a890c0be2d47c5fd639b27'/>
<id>urn:sha1:d46686394ff74114a5a890c0be2d47c5fd639b27</id>
<content type='text'>
Bintray service has been discontinued causing boost do_fetch to fail:
WARNING: boost-1.76.0-r0 do_fetch: Failed to fetch URL
https://dl.bintray.com/boostorg/release/1.75.0/source/boost_1_75_0.tar.bz2,
attempting MIRRORS if available

RP: Backport to 1.75.0
(From OE-Core rev: 146f04f9d38f781767a52884f4870570c0d817e0)

Signed-off-by: Stefan Ghinea &lt;stefan.ghinea@windriver.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>libcap: Configure Make variables correctly without a horrible hack</title>
<updated>2021-05-15T16:18:21+00:00</updated>
<author>
<name>Peter Kjellerstedt</name>
<email>peter.kjellerstedt@axis.com</email>
</author>
<published>2021-05-07T20:38:30+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=6b5baa4a297e6d2042fc48d2ac8672903403dd87'/>
<id>urn:sha1:6b5baa4a297e6d2042fc48d2ac8672903403dd87</id>
<content type='text'>
Occasionally, the build would fail with:

  make[2]: execvp: mkdir: Argument list too long

This turned out to be due to a hacky solution used in the recipe to
modify the Makefile, which resulted in one more $(BUILD_CFLAGS) being
added to the immediately expanded BUILD_CFLAGS Make variable each time
do_configure was executed. After a couple of times, this lead to an
environment with a 140 kB BUILD_CFLAGS when mkdir should execute, which
resulted in the E2BIG.

(From OE-Core rev: 44900610bea76ab8983a899599f78790f6c5f659)

Signed-off-by: Peter Kjellerstedt &lt;peter.kjellerstedt@axis.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
(cherry picked from commit 116e6b61c585c6f0f7ae6f010bd490bb39914348)
Signed-off-by: Anuj Mittal &lt;anuj.mittal@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>db: update CVE_PRODUCT</title>
<updated>2021-05-15T16:18:21+00:00</updated>
<author>
<name>Chen Qi</name>
<email>Qi.Chen@windriver.com</email>
</author>
<published>2021-04-20T02:32:52+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=2c96b17e0d1ababa90dafeeabf2c86dfc62ad4b2'/>
<id>urn:sha1:2c96b17e0d1ababa90dafeeabf2c86dfc62ad4b2</id>
<content type='text'>
Update CVE_PRODUCT to also include 'berkeley_db'. For example,
CVE-2020-2981 uses 'berkeley_db'.

(From OE-Core rev: b5004de05327c734d63cfac153ebf1542f9177c9)

Signed-off-by: Chen Qi &lt;Qi.Chen@windriver.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
(cherry picked from commit ad799b109716ccd2f44dcf7a6a4cfcbd622ea661)
Signed-off-by: Anuj Mittal &lt;anuj.mittal@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>libevent: Increase ptest timing tolerance 50 ms -&gt; 100 ms</title>
<updated>2021-05-11T11:02:29+00:00</updated>
<author>
<name>Yi Fan Yu</name>
<email>yifan.yu@windriver.com</email>
</author>
<published>2021-04-23T14:59:53+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=641848ab75c6538692e9cc12a831a855daca16e2'/>
<id>urn:sha1:641848ab75c6538692e9cc12a831a855daca16e2</id>
<content type='text'>
Adjusting the tolerance to a more reasonable time
given the load on the AB and given the high amount(100) of
events some of the tests like `common_timeout` generates.

[YOCTO #14163]

(From OE-Core rev: d5d88c2293e8ebc958d1bce9af8f796024443be9)

Signed-off-by: Yi Fan Yu &lt;yifan.yu@windriver.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
(cherry picked from commit 38b36d2b90d570149e63816e68f457aea28a5092)
Signed-off-by: Anuj Mittal &lt;anuj.mittal@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>diffoscope: add native libraries to LD_LIBRARY_PATH</title>
<updated>2021-05-11T11:02:29+00:00</updated>
<author>
<name>Alexander Kanavin</name>
<email>alex.kanavin@gmail.com</email>
</author>
<published>2021-05-05T15:18:50+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=cc40e858d264e82bdac9a77f00ef03122f81402f'/>
<id>urn:sha1:cc40e858d264e82bdac9a77f00ef03122f81402f</id>
<content type='text'>
Reversal of global setting in previous commit necessitates
a local fix, otherwise, this happens:

  File "/home/pokybuild/yocto-worker/reproducible-debian/build/build-st-52142/tmp/work/x86_64-linux/diffoscope-native/172-r0/recipe-sysroot-native/usr/lib/python3.9/ctypes/__init__.py", line 392, in __getitem__
    func = self._FuncPtr((name_or_ordinal, self))
AttributeError: nativepython3: undefined symbol: archive_errno

(From OE-Core rev: 73edf1b88f0997f7368bfdb59d3076f085c5da4e)

Signed-off-by: Alexander Kanavin &lt;alex.kanavin@gmail.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
(cherry picked from commit 87884d9938829d5ae5d250f483c749e00cd83322)
Signed-off-by: Anuj Mittal &lt;anuj.mittal@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>ptest-runner: libgcc must be installed for pthread_cancel to work</title>
<updated>2021-05-11T11:02:29+00:00</updated>
<author>
<name>Jose Quaresma</name>
<email>quaresma.jose@gmail.com</email>
</author>
<published>2021-05-03T17:10:40+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=a0ce4f3bbafd96e85e2fd0d2761e8b98e4e169ea'/>
<id>urn:sha1:a0ce4f3bbafd96e85e2fd0d2761e8b98e4e169ea</id>
<content type='text'>
This only affects glibc systems and have been
found on runqemu core-image-minimal with gstreamer ptest-runner

STOP: ptest-runner
libgcc_s.so.1 must be installed for pthread_cancel to work
Aborted

(From OE-Core rev: 0eeb4dd1e9dbbbe205ff9821a398c44d5769f798)

Signed-off-by: Jose Quaresma &lt;quaresma.jose@gmail.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
(cherry picked from commit 1cb679e6a4528a2cef16f65342d5e65adb14cb16)
Signed-off-by: Anuj Mittal &lt;anuj.mittal@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>libssh2: fix build failure with option no-ecdsa</title>
<updated>2021-05-04T21:57:50+00:00</updated>
<author>
<name>Stefan Ghinea</name>
<email>stefan.ghinea@windriver.com</email>
</author>
<published>2021-04-23T17:18:26+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=5cde220103874fa92949e3211bf50620d319458f'/>
<id>urn:sha1:5cde220103874fa92949e3211bf50620d319458f</id>
<content type='text'>
libssh2 fails at do_compile if
DEPRECATED_CRYPTO_FLAGS = "no-ecdsa" is set in recipe:

../src/.libs/libssh2.so: undefined reference to
`LIBSSH2_KEX_METHOD_EC_SHA_HASH_CREATE_VERIFY'

References:
https://github.com/libssh2/libssh2/issues/549

Upstream patches:
https://github.com/libssh2/libssh2/commit/1f76151c92e1b52e9c24ebf06adc77fbd6c062bc

(From OE-Core rev: d70cf4cd57d61f7db7179673b211e631c944e0e6)

Signed-off-by: Stefan Ghinea &lt;stefan.ghinea@windriver.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
(cherry picked from commit 2bb146e7315f8080cb49a95212231ccb76a4a822)
Signed-off-by: Anuj Mittal &lt;anuj.mittal@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>ca-certificates: Fix openssl runtime cert dependencies</title>
<updated>2021-04-30T13:37:25+00:00</updated>
<author>
<name>Khem Raj</name>
<email>raj.khem@gmail.com</email>
</author>
<published>2021-04-18T22:53:10+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=1a3ffc03d5fdee2b5c8b0874f238be3f7bf79eb8'/>
<id>urn:sha1:1a3ffc03d5fdee2b5c8b0874f238be3f7bf79eb8</id>
<content type='text'>
With commit dc778c70449ee5401b5a24ad18b22b88338c47c5, dependency was
moved to openssl-bin which in itself was a fine change, but dropping
dependency on openssl too should have been kept along, dropping this
meant that openssl binary wont be able to validate secure connections as
the CApath files wont be installed, which infact are required for
openssl bins to work, following call e.g. fails

$ openssl s_client -connect google.com:443

....
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 256 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 20 (unable to get local issuer certificate)
....

The local issuer certs are not found in default location
/usr/lib/ssh-1.1/certs, this dir and its content is installed by openssl package
therefore re-add the dependency on openssl

(From OE-Core rev: 84afcdcb9d7ee24596bd3f8d808d30c9d558d918)

Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
Cc: Andrei Gherzan &lt;andrei@gherzan.ro&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
(cherry picked from commit eaf377315efc73d6ffe361372a873918b3bb3bf5)
Signed-off-by: Anuj Mittal &lt;anuj.mittal@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
</feed>
