Mirror of git.yoctoproject.org/poky https://git.enea.com/cgit/linux/poky.git/atom?h=nanbield 2024-03-28T17:08:30+00:00 2024-03-28T17:08:30+00:00 Ross Burton ross.burton@arm.com 2024-03-15T14:37:37+00:00 urn:sha1:8a20101d142f0edb32ee1c0f0292a79d2bc90af2 We often see multiple curl tests fail during ptest runs, the actual test varies but the output is like this: FAIL: 337: protoc! There was no content at all in the file log/3/server.input. Server glitch? Total curl failure? Returned: 28 Error code 28 is CURLE_OPERATION_TIMEDOUT, so this is almost certainly due to a loaded machine resulting in the tests running slowly. It is notable that the test runner explicitly passes --max-time=13 to curl, so experiment and change this to 600 to see if this solves the problem. [ YOCTO #15268 ] (From OE-Core rev: d105cc0dae1fcca285c08f33df7888c68fb0dc2f) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit e2e9ec1bf97a7e36a05a247dbc671ecca584205f) Signed-off-by: Steve Sakoman <steve@sakoman.com> 2024-03-28T17:08:30+00:00 Ross Burton ross.burton@arm.com 2024-03-15T14:37:36+00:00 urn:sha1:ba6ed3b8311fd5791a06efc59cee75a3f4d5ea54 There's no need to run the output of runtests.pl through a sed to get automake-style output, as you can pass -am to get this formatting. Don't run timing dependent tests, as the ptests can run on loaded systems. Add a dependency on the en_US locale because some of the tests require this. (From OE-Core rev: 000bedc1c95e033f8a479a18a47dc66a0609d596) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 3c3601d50ae290e7e9797eadd20c05df99bbd040) Signed-off-by: Steve Sakoman <steve@sakoman.com> 2024-03-16T18:33:21+00:00 Simone Weiß simone.p.weiss@posteo.com 2024-03-11T08:39:54+00:00 urn:sha1:c9834bf620885c0570e68187f270aa29dc81af9f Upgrade version to adress recent CVE findings. Changelog ========= ** libgnutls: Fix more timing side-channel inside RSA-PSK key exchange [GNUTLS-SA-2024-01-14, CVSS: medium] [CVE-2024-0553] ** libgnutls: Fix assertion failure when verifying a certificate chain with a cycle of cross signatures [GNUTLS-SA-2024-01-09, CVSS: medium] [CVE-2024-0567] ** libgnutls: Fix regression in handling Ed25519 keys stored in PKCS#11 token certtool was unable to handle Ed25519 keys generated on PKCS#11 with pkcs11-tool (OpenSC). This is a regression introduced in 3.8.2. (cherry-pick from Oe-Core rev 705d2972b38efc9f331e3635c07ca92f8812b365) (From OE-Core rev: f40a53370eac89df38b2fab47c411a61d4df4fc0) Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> 2024-03-16T18:33:21+00:00 Wang Mingyu wangmy@fujitsu.com 2024-03-11T08:39:53+00:00 urn:sha1:c557cb4f0242d047ca4e9b8f2b56a89bc5fbc7f1 Changelog: ============ ** libgnutls: Fix timing side-channel inside RSA-PSK key exchange. ** libgnutls: Add API functions to perform ECDH and DH key agreement ** libgnutls: Added support for AES-GCM-SIV ciphers ** libgnutls: transparent KTLS support is extended to FreeBSD kernel ** gnutls-cli: New option --starttls-name (cherry-pick from Oe-Core rev 3c01bb0be8ddafa0aa1ad996ec524b51fd28f512) (From OE-Core rev: d9310c3ce0f88798de6d2d3d0c600b9014c1d872) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> 2024-03-13T13:59:26+00:00 Tim Orling ticotimo@gmail.com 2024-02-18T19:48:50+00:00 urn:sha1:bfd608ec84f51f9f26d422a416e6d9e1b45b3e69 This is the latest/last of the 9.0.z upgrades, since 9.1 is now released. CVE: CVE-2024-22667 (includes the patch for .2142 https://github.com/vim/vim/commit/b39b240c386a5a29241415541f1c99e2e6b8ce47) Changes: https://github.com/vim/vim/compare/v9.0.2130...v9.0.2190 (From OE-Core rev: 8155a1f60b490859b1c942da2a35d5106eddc901) Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> 2024-02-22T14:34:14+00:00 Wang Mingyu wangmy@fujitsu.com 2024-02-01T03:19:44+00:00 urn:sha1:7584c6d12a3b573781c6cc72f73e8d94e1824609 Changelog: atk-adaptor: Fix critical when no table cell array is returned. (From OE-Core rev: e742e3bdfbcb7cbbc7c4a3e26151b5ee3aa291e2) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 9bed9f07aea6c425748c8908641ce8a99fd5162f) Signed-off-by: Steve Sakoman <steve@sakoman.com> 2024-02-22T14:34:14+00:00 Ross Burton ross.burton@arm.com 2024-01-22T17:20:31+00:00 urn:sha1:563cd419c755b3afd90fe402f34ef23238f2a4fb Backport the upstream fix for CVE-2023-48795. (From OE-Core rev: c2894768c270e2698de23884f59e823f185820a0) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 314fa19c5e07fa632ff0434a6adbb97de1319a02) Signed-off-by: Steve Sakoman <steve@sakoman.com> 2024-02-07T14:00:02+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2023-12-28T22:58:36+00:00 urn:sha1:84d3e21ba8ba67676dab23dd59e5d638ef016384 Disable another test that intermittently fails on the autobuilder. (From OE-Core rev: 7c183e7470565db3085b4f18044567fc51c842ab) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 8d169e13f7e2eb6511f0ac98da63b060c6c0d53a) Signed-off-by: Steve Sakoman <steve@sakoman.com> 2024-02-07T14:00:02+00:00 Peter Marko peter.marko@siemens.com 2024-01-28T16:57:05+00:00 urn:sha1:51e225969756a303d0784358fc45fbedd4427548 CVE-2023-36191 is now rejected in NVD DB so it won't shoup up in cve-check report anymore. (From OE-Core rev: 362a77ea331124ae4c84553c0dceb06b05150804) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> 2024-02-07T14:00:02+00:00 Peter Marko peter.marko@siemens.com 2024-01-28T16:57:04+00:00 urn:sha1:8c33b62fa89d3a2774e2b86f9144a191b9e3bccd This fixes CVE-2024-0232 (From OE-Core rev: 748c18468cc7de0173ab4796805704b9376cd391) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>