maintainers.inc: add python3-spdx-tools and dependencies
Add maintainers for new packages and also some copied from meta-python:
python3-beartype, python3-booleanpy, python3-click, python3-isodate,
python3-license-expression, python3-rdflib, python3-spdx-tools,
python3-uritools, python3-xmltodict
Signed-off-by: Marta Rybczynska <mrybczynska@syslinbit.com> Signed-off-by: Samantha Jalabert <samantha.jalabert@syslinbit.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
ptest-packagelists.inc: add python test license-expression
Adding test to the list of tests with problems. It comes as a
copy from meta-python to satisfy dependencies of python3-spdx-tools
and throws and exception on execution.
Signed-off-by: Marta Rybczynska <mrybczynska@syslinbit.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
LABELS from poky are by default without any suffixes like "boot install", so default entry
does not have the .conf suffix as well and systemd-boot is not able to use this information
and it's starting in any case the first entry. To be able to start another entry by default,
.conf suffix is required.
With this change, LABELS variable can still be used by other bootloaders and being used as description
field.
Ross Burton [Mon, 25 Sep 2023 11:35:08 +0000 (12:35 +0100)]
webkitgtk: reduce size of -dbg package
Unless DEBUG_BUILD is enabled, pass -g1 to massively reduce the size of
the debug symbols (4.3GB to 700M at time of writing):
Level 1 produces minimal information, enough for making backtraces in
parts of the program that you don't plan to debug. This includes
descriptions of functions and external variables, and line number
tables, but no information about local variables.
This makes the sstate objects a lot more manageable, and packaging
faster. On my machine:
Previously, sending a specially crafted message over the control channel
could cause the packet-parsing code to run out of available stack
memory, causing named to terminate unexpectedly. This has been fixed.
(CVE-2023-3341)
ISC would like to thank Eric Sesterhenn from X41 D-Sec GmbH for bringing
this vulnerability to our attention. [GL #4152]
A flaw in the networking code handling DNS-over-TLS queries could cause
named to terminate unexpectedly due to an assertion failure under
significant DNS-over-TLS query load. This has been fixed.
(CVE-2023-4236)
ISC would like to thank Robert Story from USC/ISI Root Server Operations
for bringing this vulnerability to our attention. [GL #4242]
Removed Features
The dnssec-must-be-secure option has been deprecated and will be removed
in a future release. [GL #4263]
Feature Changes
If the server command is specified, nsupdate now honors the nsupdate -v
option for SOA queries by sending both the UPDATE request and the
initial query over TCP. [GL #1181]
Bug Fixes
The value of the If-Modified-Since header in the statistics channel was
not being correctly validated for its length, potentially allowing an
authorized user to trigger a buffer overflow. Ensuring the statistics
channel is configured correctly to grant access exclusively to
authorized users is essential (see the statistics-channels block
definition and usage section). [GL #4124]
This issue was reported independently by Eric Sesterhenn of X41 D-Sec
GmbH and Cameron Whitehead.
The Content-Length header in the statistics channel was lacking proper
bounds checking. A negative or excessively large value could potentially
trigger an integer overflow and result in an assertion failure. [GL
This issue was reported by Eric Sesterhenn of X41 D-Sec GmbH.
Several memory leaks caused by not clearing the OpenSSL error stack were
fixed. [GL #4159]
This issue was reported by Eric Sesterhenn of X41 D-Sec GmbH.
The introduction of krb5-subdomain-self-rhs and ms-subdomain-self-rhs
UPDATE policies accidentally caused named to return SERVFAIL responses
to deletion requests for non-existent PTR and SRV records. This has been
fixed. [GL #4280]
The stale-refresh-time feature was mistakenly disabled when the server
cache was flushed by rndc flush. This has been fixed. [GL #4278]
BIND’s memory consumption has been improved by implementing dedicated
jemalloc memory arenas for sending buffers. This optimization ensures
that memory usage is more efficient and better manages the return of
memory pages to the operating system. [GL #4038]
Previously, partial writes in the TLS DNS code were not accounted for
correctly, which could have led to DNS message corruption. This has been
fixed. [GL #4255]
Known Issues
There are no new known issues with this release. See above for a list of
all known issues affecting this BIND 9 branch.
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Kai Kang [Fri, 22 Sep 2023 08:04:12 +0000 (16:04 +0800)]
adwaita-icon-theme: 43 -> 45.0
Update adwaita-icon-theme from 43 to 45.0.
* meson is used to replace autotools, then the patch is redundant
* not overwrite PACKAGES, and remove sub-packages ${PN}-hires and
${PN}-symbolic-hires which are created to handle big icon files which
do not exist in adwaita-icon-theme 45.0
* update FILES of ${PN}-symbolic and split license files to ${PN}-doc
Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Mon, 25 Sep 2023 13:28:21 +0000 (14:28 +0100)]
create-spdx: Ensure it is clear where the message comes from
This message can appear in do_rootfs and the users tend to think this is
some kind of packaging issue. Add SPDX to the message so users like me
think in the right direction.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Sat, 23 Sep 2023 13:04:11 +0000 (14:04 +0100)]
oeqa/runtime/parselogs: parse the logs with Python, not grep
Instead of constructing huge grep statements, we can simply open the logs
in Python and do the relevant string operations directly.
The trick is to remember to casefold() all of the strings, so that the
"in" operator can be used.
Just one of the ignores needs to be adjusted because it uses a regular
expression and the new logic doesn't support that. This is handled
by simply reducing the size of the ignore match.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Sat, 23 Sep 2023 13:04:07 +0000 (14:04 +0100)]
oeqa/runtime/parselogs: improve find call
getLogList() uses remote find invocations to find the logs. Instead of
relying on shell expansion of wildcards and redundant use of -maxdepth
(pointless as the shell expansion means the find is passed the files to
return), invoke find idiomatically by telling it what directory to
search for and escape the glob so find processes it.
Also remove many pointless str() calls.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
spdx: use TOOLCHAIN_OUTPUTNAME for SDK filename prefix
Replace SDK_NAME with TOOLCHAIN_OUTPUTNAME when naming SDK host and
target SPDX archives.
In most cases TOOLCHAIN_OUTPUTNAME is almost identical to SDK_NAME,
but sometimes custom meta-toolchain recipes have some variations and
populate_sdk_base.bbclass already uses TOOLCHAIN_OUTPUTNAME to name
corresponding host and target manifests:
This avoids file conflicts in deploy/sdk/ when building multiple
machines (either manually or via multiconfig), where sdk/toolchain
installers, manifests and now SPDX archives will overlap otherwise.
Robert Joslyn [Sat, 23 Sep 2023 17:17:43 +0000 (10:17 -0700)]
curl: Update from 8.2.1 to 8.3.0
NSS support was removed, so adjust PACKAGECONFIG options.
The --enable-crypto-auth option was removed and split into separate
options for basic-auth, bearer-auth, digest-auth, kerberos-auth,
negotiate-auth, and aws. Enable these new options since upstream enables
them by default.
Disable test 1279 since this requires libcurl and hangs the tests.
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 22 Sep 2023 14:34:18 +0000 (15:34 +0100)]
oeqa/runner: Ensure class setup errors are shown to bitbake logging
This took a bit of digging but failure messages from testimage are shown to bitbake's
logging through stopTest. In the case of a setUpClass failure stopTest is never
called and the bitbake logging never sees the error. It would still be in the task
logfile. Add some code+comment to ensure logs not shown to the user mid stream are shown
at the end.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Thu, 21 Sep 2023 16:49:56 +0000 (17:49 +0100)]
lib: Import packagedata oe module by default
Variable dependencies for functions in the oe.packagedata module were
missing as it was not present in BBIMPORTS. Add it as the fact it was
missing is likely just historical oversight from base.bbclass history
and the dependencies are useful.
Add an exclusion to bitbake.conf to ensure BB_NUMBER_THREADS doesn't
change task checksums.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Thu, 21 Sep 2023 16:50:32 +0000 (17:50 +0100)]
oeqa/selftest/oescripts: Avoid variable access at module load
Using get_bb_var in the class setup leads to slow startup of oe-selftest.
Move the calls into setupClass instead to remove the overhead at the expense
of some code duplication.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Thu, 21 Sep 2023 16:49:25 +0000 (17:49 +0100)]
oeqa: Streamline oe-selftest startup time
"bitbake -e" executions from get_bb_var calls are slow and slow down oe-selftest
startup. Rationalise the code to avoid them and minimise the number of "parsing"
locations we use by caching key variables and passing them around more.
This was particularly problematic with oe-selftest -j usage since it would
have multiple bitbake -e executions per process making parallel usage
particularly slow.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Currently the bb_get_var calls trigger multiple "bitbake -e" executions
which slow the start of oe-selftest for any test. Rework the code to avoid
these delays.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The test above this removal correctly looks at symlinks however to
remove a symlink we should call unlink(), not remove(). This avoids
some build failures/tracebacks.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
selftest assumes that the test result output lines will consist of two
tokens separated by whitespace, which are the actual result and the name
of the test run. As a result, the script fails if any verbosity is added
to the output of patchtest itself (e.g. by including a failure reason).
Make the call to split() only do so once in order to ensure that two
tokens are obtained.
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
pypi.bbclass: Update the upstream checks to automatically replace '_' with '-'
For a number of existing packages, the pypi URI contains '-', but the package name (PYPI_PACKAGE) uses '_'. Add a simple replace for the UPSTREAM_CHECK_URI and UPSTREAM_CHECK_REGEX. The change resulted in 19 additional auto-detected upstream checks for python packages meta-python.
It did break upstream checks for 3 packages that will be patched shortly:
- python3-ipython-genutils
- python3-ninja-syntax
- python3-wpa-supplicant
Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
projects / thirdparty / openembedded / openembedded-core-contrib.git / log
