Mirror of git.yoctoproject.org/poky https://git.enea.com/cgit/linux/poky.git/atom?h=yocto-3.4.3 2022-03-24T11:05:34+00:00 2022-03-24T11:05:34+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2022-03-24T11:05:30+00:00 urn:sha1:ee68ae307fd951b9de6b31dc6713ea29186b7749 (From OE-Core rev: ebca8f3ac9372b7ebb3d39e8f7f930b63b481448) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-03-24T11:05:16+00:00 Anuj Mittal anuj.mittal@intel.com 2022-03-24T05:58:09+00:00 urn:sha1:d8cd104e66e7a616f6cf6be67d3b36a798be4c7b In sstate.bbclass, when fetching an sstate object we have: pstaging_fetch(sstatefetch, d): [...] localdata.setVar('SRCPV', d.getVar('SRCPV')) i.e. some code which expands SRCPV before it changes SRC_URI for the sstate tarball fetching. In crate-fetch.bbclass we have: def import_crate(d): import crate if not getattr(crate, 'imported', False): bb.fetch2.methods.append(crate.Crate()) crate.imported = True def crate_get_srcrev(d): import_crate(d) return bb.fetch2.get_srcrev(d) SRCPV = "${@crate_get_srcrev(d)}" and so an "import crate" occurs when pstating_fetch() is called. That succeeds and all is well but the bb.fetch2.get_srcrev(d) call fails since there is no url in SRC_URI which supports srcrev() resulting in: | WARNING: rust-cross-core2-32-musl-1.54.0-r0 do_deploy_source_date_epoch_setscene: ExpansionError('SRCPV', '${@crate_get_srcrev(d)}', FetchError('SRCREV was used yet no valid SCM was found in SRC_URI', None)) | WARNING: Logfile for failed setscene task is /home/pokybuild/yocto-worker/musl-qemux86/build/build/tmp/work/x86_64-linux/rust-cross-core2-32-musl/1.54.0-r0/temp/log.do_deploy_source_date_epoch_setscene.3133099 | WARNING: Setscene task (/home/pokybuild/yocto-worker/musl-qemux86/build/meta/recipes-devtools/rust/rust-cross_1.54.0.bb:do_deploy_source_date_epoch_setscene) failed with exit code '1' - real task will be run instead [YOCTO #14680] (From OE-Core rev: 73b6c53ceea30a3f81c6de88c5bea452fe1c0018) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-03-22T22:22:41+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2022-03-22T22:22:39+00:00 urn:sha1:60f6cb756d0a514657f1cdf8ecc005ec3e4f7f30 (From OE-Core rev: a92a10d1ac5d050619cd6f71da5e6fa86bb9ab13) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-03-22T22:18:56+00:00 Chee Yang Lee chee.yang.lee@intel.com 2022-03-17T07:32:47+00:00 urn:sha1:94966930e79c2f6e204c15ceec3661fdecdab952 go1.16.15 (released 2022-03-03) includes a security fix to the regexp/syntax package, as well as bug fixes to the compiler, runtime, the go command, and to the net package. (From OE-Core rev: 685555947d91cfab6db45bca93419bd2f627e294) Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-03-22T22:18:56+00:00 Sakib Sajal sakib.sajal@windriver.com 2022-03-17T07:32:46+00:00 urn:sha1:036a9f92041a564e36019703428f6d4cc9761094 go 1.16.14 release includes fix for CVE-2022-23806. (From OE-Core rev: 7b5723ae41b7fcdc73a24f04ec0cda4fba8f8622) (From OE-Core rev: 676614ca3f72242f41263e793de104f3b324f5bb) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-03-22T22:18:56+00:00 Chee Yang Lee chee.yang.lee@intel.com 2022-03-17T07:32:44+00:00 urn:sha1:984de2b68a0e95abbad1c99e55f4fcf77088544a (From OE-Core rev: c9c5254345249b8a2c53e80cec3c469ca6fc1099) Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-03-15T16:38:29+00:00 Pavel Zhukov pavel@zhukoff.net 2022-03-07T10:19:29+00:00 urn:sha1:630d754ea3d7206976b1e0f4489e054cdbc08fe8 There were few bugs in the _isInitialized() function which might trigger git repo to be reinitialized and patches failing to apply. (From OE-Core rev: 427f4ef11beb8ceee007b5c7e152f2383a114aca) Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-03-15T16:38:29+00:00 Alexander Kanavin alex.kanavin@gmail.com 2022-03-07T11:21:27+00:00 urn:sha1:2c9e93bc40fb0c274ed007c0b07b5a9bd75de018 (From OE-Core rev: ff7d5af61066eee1fdcf9b8704d60a4dc3a9da14) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 6a3289c4786c4d278e2bf0ec1a5e04363772d8bc) Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-03-15T16:38:29+00:00 Alexander Kanavin alex.kanavin@gmail.com 2022-03-07T11:21:26+00:00 urn:sha1:9124353019a8d1da3e6f9821d5f67d43abbdd652 (From OE-Core rev: 5bf810a46db77e3136e7c49dae7394e513a3e71d) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit e543d4407fdc91559a77d6c5cd41bcb75bc8c73c) Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-03-15T16:38:29+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2022-03-07T17:00:18+00:00 urn:sha1:77140366fb8caa7bbf89b8d9b9ae1b2a22169cd7 Includes CVE-2022-0696, CVE-2022-0714, CVE-2022-0729. (From OE-Core rev: 4fa9357473eb62703b1df1b1fb529b4c0ba452a9) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 0d29988958e48534a0076307bb2393a3c1309e03) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>