Age | Commit message (Collapse) | Author |
|
We don't build/use the OPIE PAM module, exclude the CVE from this recipe.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
These CVEs apply to the way logrotate was installed on Gentoo, Debian
and SUSE, exclude from cve-check as they don't apply to OE.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The CVE is non-specific and depends on the users of jquery, doesn't
make sense to have this flagged against jquery as there is nothing we can
do about it.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The issues were investigated and found not to be an issue therefore
exclude from checks.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The CVE applies to the built-in VNC server but we don't enable this by default.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The CVE applies to virglrender before 0.6.0 which we don't have.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
These CVEs are disputed by upstream and there is no plan to fix/address them. No
other distros are carrying patches for them. There is a patch for 1010025
however it isn't merged upstream and probably carries more risk of other bugs
than not having it.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We're using a pre-release version of 2.06 so these issues are fixed but
continue to show up in the checks since it is pre-2.06 and the CPE
entries are "before but excluding 2.06".
Adding these will clean up CVE reports until the 2.06 release comes out.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Instead of [1] a very similar PR [2] was merged that allows
enabling/disabling documentation builds. So drop the patch here and use
the upstream cmake option ENABLE_DOCUMENTATION instead.
[1] https://github.com/ccache/ccache/pull/844
[2] https://github.com/ccache/ccache/pull/842
Signed-off-by: Bastian Krause <bst@pengutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* introduced with gcc-11, other hwasan files were already packaged in:
3df4a25465 gcc-sanitizers: Package up hwasan files
but static library was still triggering installed-vs-shipped
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This currently catches the .clb_blob and .vamrs,rock960.txt, and other
.txt files may come in future upstream releases.
Signed-off-by: Yann Dirson <yann@blade-group.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
0001-decompress_gunzip-Fix-DoS-if-gzip-is-corrupt.patch
removed since it is included in 1.33.1
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Particularly, numactl, numpy and libseccomp are disabled for now
due to failures or lack of qemu support. The rest have been verified
to pass quickly.
[RP: Fix multilib recipe handling]
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
meta-python is carrying 3.3.4, once we upgrade it in core
we can safely drop it from meta-python, helps with layer-compatibility
checks
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This fixes issues when qt plugins are enabled (which is not by default
without additional layers).
Signed-off-by: Andreas Müller <schnitzeltony@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
It fails to boot grub after upgrade grub to 2.06. According to
description in
https://bugzilla.yoctoproject.org/show_bug.cgi?id=14367
it is introduced by a commit to fix CVE. So remove option '-O2' from
CFLAGS rather than revert the commit to avoid the failure.
[YOCTO #14367]
CC: Tony Battersby <tonyb@cybernetics.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
runtest return an error due to missing expect on the target.
Add expect as runtime dependency.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Drop backports and refresh patches to apply on 4.x series
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Occasionally, the build would fail with:
make[2]: execvp: mkdir: Argument list too long
This turned out to be due to a hacky solution used in the recipe to
modify the Makefile, which resulted in one more $(BUILD_CFLAGS) being
added to the immediately expanded BUILD_CFLAGS Make variable each time
do_configure was executed. After a couple of times, this lead to an
environment with a 140 kB BUILD_CFLAGS when mkdir should execute, which
resulted in the E2BIG.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add the following patches from stable-2.12 branch of lttng repository
to fix errors when building lttng-modules against 5.12+ kernel
since they are not present on the release 2.12.5:
- 17cd2dc9 fix: block: add a disk_uevent helper (v5.12)
- 127135b6 fix backport: block: add a disk_uevent helper (v5.12)
- 853d5903 fix: mm, tracing: kfree event name mismatching with
provider kmem (v5.12)
Signed-off-by: Vinicius Aquino <vinicius.aquino@ossystems.com.br>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Integrating the following commit(s) to linux-yocto/5.4:
qemuppc32: reduce serial issues seen on shutdown
Richard reported:
We've been seeing a lot of the qemuppc shutdown issue and I decided to
look into it. The really worrying thing looking at the logs locally is the
serial ports are showing irq issues and becoming disabled as nobody would
handle them.
Errors like:
[ 9.194886] irq 36: nobody cared (try booting with the "irqpoll" option)
[ 9.198712] CPU: 0 PID: 127 Comm: bootlogd Not tainted
[ 9.202283] Call Trace:
[ 9.205611] [d1005f00] [c00a0da8] __report_bad_irq+0x50/0x138 (unreliable)
[ 9.209347] [d1005f30] [c00a0cc0] note_interrupt+0x324/0x378
[ 9.212855] [d1005f70] [c009d138] handle_irq_event+0xe8/0x104
[ 9.216353] [d1005fa0] [c00a1d9c] handle_fasteoi_irq+0xc0/0x29c
[ 9.219960] [d1005fc0] [c009b798] generic_handle_irq+0x40/0x5c
[ 9.223496] [d1005fd0] [c00075d0] __do_irq+0x58/0x188
[ 9.226948] [d1005ff0] [c0010040] call_do_irq+0x20/0x38
[ 9.230391] [d29eda60] [c0007788] do_IRQ+0x88/0xfc
[ 9.233860] [d29eda90] [c0016454] ret_from_except+0x0/0x14
[ 9.237288] --- interrupt: 501 at __setup_irq+0x3c4/0x838
[ 9.237288] LR = __setup_irq+0x790/0x838
[ 9.244155] [d29edb88] [c009f0a4] request_threaded_irq+0x114/0x1c8
[ 9.247672] [d29edbb8] [c07a5a18] pmz_startup+0x17c/0x32c
[ 9.251203] [d29edbd8] [c07a1140] uart_port_startup+0x184/0x2f8
[ 9.254651] [d29edc08] [c07a1974] uart_port_activate+0x78/0xf4
[ 9.258141] [d29edc28] [c07839f8] tty_port_open+0xd4/0x170
[ 9.261579] [d29edc58] [c079db74] uart_open+0x2c/0x48
[ 9.265116] [d29edc68] [c077a288] tty_open+0x168/0x640
[ 9.268574] [d29edcd8] [c0280be8] chrdev_open+0x138/0x2a4
[ 9.272123] [d29edd18] [c027421c] do_dentry_open+0x228/0x410
[ 9.275643] [d29edd48] [c028e9f4] path_openat+0xb04/0xf28
[ 9.279184] [d29eddd8] [c02917e4] do_filp_open+0x120/0x164
[ 9.282535] [d29ede98] [c0276238] do_sys_openat2+0xd8/0x19c
[ 9.285790] [d29edee8] [c0276574] sys_openat+0x88/0xdc
[ 9.289096] [d29edf38] [c00160d8] ret_from_syscall+0x0/0x34
[ 9.292620] --- interrupt: c01 at 0xfec3738
[ 9.292620] LR = 0xfec36e0
[ 9.299035] handlers:
[ 9.302312] [<7f7f7da8>] pmz_interrupt
[ 9.305541] Disabling IRQ #36
(and the irqpoll option does not help)
This is problematic as the shutdown test uses the serial interface to
shut down the system. If the serial interface fails to login or run the command,
game over for the test.
CONFIG_SERIAL_PMACZILOG_CONSOLE complicates that handling, but doesn't provide
any output or capabilities that we need. So we disable it here, and
reduce the chances of issues during shutdown.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
License-Update: additional firmware files, version changes
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|