Date   

[PATCH][kirkstone] ghostscript: fix CVE-2022-2085

Lee Chee Yang
 

From: Lee Chee Yang <lcyang92@...>

Signed-off-by: Chee Yang Lee <chee.yang.lee@...>
---
.../ghostscript/CVE-2022-2085.patch | 44 +++++++++++++++++++
.../ghostscript/ghostscript_9.55.0.bb | 1 +
2 files changed, 45 insertions(+)
create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2022-2085.patch

diff --git a/meta/recipes-extended/ghostscript/ghostscript/CVE-2022-2085.patch b/meta/recipes-extended/ghostscript/ghostscript/CVE-2022-2085.patch
new file mode 100644
index 0000000000..58cb93727a
--- /dev/null
+++ b/meta/recipes-extended/ghostscript/ghostscript/CVE-2022-2085.patch
@@ -0,0 +1,44 @@
+From ae1061d948d88667bdf51d47d918c4684d0f67df Mon Sep 17 00:00:00 2001
+From: Robin Watts <Robin.Watts@...>
+Date: Wed, 16 Feb 2022 15:22:50 +0000
+Subject: [PATCH] Bug 704945: Add init_device_procs entry for mem_x_device.
+
+When allocating a buffer device, we rely on an init_device_procs
+being defined for the device we are using as a prototype. Which
+device we use as a prototype depends upon the number of bits per
+pixel we are using. For bpp > 64, we use mem_x_device, which does
+not currently have an init_device_procs defined.
+
+This is a fairly hard case to tickle, as very few devices use
+more than 64 bits per pixel. The DeviceN device is one of the
+few that does, and then the problem only kicks in if the
+MaxBitmap figure is high enough (or conversely the resolution is
+low enough).
+
+
+http://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=ae1061d948d88667bdf51d47d918c4684d0f67df
+Upstream-Status: Backport
+CVE: CVE-2022-2085
+Signed-off-by: Chee Yang Lee <chee.yang.lee@...>
+---
+ base/gdevmx.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/base/gdevmx.c b/base/gdevmx.c
+index 08b0cbcfe..89e9ff774 100644
+--- a/base/gdevmx.c
++++ b/base/gdevmx.c
+@@ -1,4 +1,4 @@
+-/* Copyright (C) 2001-2021 Artifex Software, Inc.
++/* Copyright (C) 2001-2022 Artifex Software, Inc.
+ All Rights Reserved.
+
+ This software is provided AS-IS with no warranty, either express or
+@@ -25,4 +25,4 @@
+
+ /* The device descriptor. */
+ const gx_device_memory mem_x_device =
+- mem_device("imagex", 256, 0, NULL);
++ mem_device("imagex", 256, 0, mem_initialize_device_procs);
+--
+2.25.1
diff --git a/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb b/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb
index c28e62f089..365420fb64 100644
--- a/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb
+++ b/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb
@@ -33,6 +33,7 @@ SRC_URI_BASE = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/d
file://do-not-check-local-libpng-source.patch \
file://avoid-host-contamination.patch \
file://mkdir-p.patch \
+ file://CVE-2022-2085.patch \
"

SRC_URI = "${SRC_URI_BASE} \
--
2.36.1


Re: [PATCH] base.bbclass: Add sstate-cache dependency to GCCVERSION

Richard Purdie
 

On Wed, 2022-06-29 at 15:08 +0200, Tomasz Dziendzielski wrote:
If we have the build with different gcc versions in the same workspace
it might happen that nativesdk recipe will not detect the change of gcc
and the package will be taken from sstate-cache. This will lead to
do_package_qa failure due to binaries requiring symbols that are not
present in the older libstdc++.

Example error:
ERROR: nativesdk-mgen-1.0-r0 do_package_qa: QA Issue:
/opt/poky/3.2.3/sysroots/x86_64-pokysdk-linux/usr/lib/libssh2pp.so.0.1
contained in package nativesdk-mgen requires
libstdc++.so.6(GLIBCXX_3.4.11)(64bit), but no providers found in
RDEPENDS_nativesdk-mgen? [file-rdeps]
Add vardeps dependency to GCCVERSION to make sure the package is rebuild
with correct gcc version.

Signed-off-by: Tomasz Dziendzielski <tomasz.dziendzielski@...>
Signed-off-by: Jan Brzezanski <jan.brzezanski@...>
---
meta/classes/base.bbclass | 1 +
1 file changed, 1 insertion(+)

diff --git a/meta/classes/base.bbclass b/meta/classes/base.bbclass
index cc02de5f77..da2dc05bba 100644
--- a/meta/classes/base.bbclass
+++ b/meta/classes/base.bbclass
@@ -148,6 +148,7 @@ do_fetch[dirs] = "${DL_DIR}"
do_fetch[file-checksums] = "${@bb.fetch.get_checksum_file_list(d)}"
do_fetch[file-checksums] += " ${@get_lic_checksum_file_list(d)}"
do_fetch[vardeps] += "SRCREV"
+do_fetch[vardeps] += "GCCVERSION"
do_fetch[network] = "1"
python base_do_fetch() {

We're definitely not doing that, it is incorrect on many different
levels (e.g. fetching is not dependent on the target compiler version
just for starters). You also just made all native recipes rebuild for
the target GCC version too, which again, is just wrong.

Building with a different target gcc version should mean all the sstate
checksums change. I'm guessing what has happened in your case is that a
TMPDIR as reused after changing gcc version but something didn't
rebuild, probably as ${S} == ${B} and hence ${B} couldn't be cleaned.
We should really track down where the corruption came in and improve
the build output isolation of wherever that came from.

Worse is that your "fix" above probably won't even solve the problem as
if you repeat your build workflow where this broke originally, I'd
strongly suspect it will still break with that change above too.

Cheers,

Richard


Re: [PATCH] vim: 8.2.5083 -> 9.0.0005

Richard Purdie
 

On Wed, 2022-06-29 at 16:57 +0300, Alexander Kanavin wrote:
Would it be better to stay at 9.0.0000 for now?
I'm not sure it makes a lot of difference. The 5 changes after 9.0 look
relatively harmless, some of them are translation fixes. This change
addresses 4 CVEs and I suspect there will be more to follow so we'll
have to update past 9.0 soon anyway. I was torn but going for the
latest seemed to make the most sense.

Cheers,

Richard


Re: [PATCH] vim: 8.2.5083 -> 9.0.0005

Alexander Kanavin
 

Would it be better to stay at 9.0.0000 for now?

Alex

On Wed 29. Jun 2022 at 16.26, Richard Purdie <richard.purdie@...> wrote:
The license checksum changed due to a major version change in the referenced file.

Signed-off-by: Richard Purdie <richard.purdie@...>
---
 .../vim/{vim-tiny_8.2.bb => vim-tiny-9.0.bb}                | 0
 meta/recipes-support/vim/vim.inc                            | 6 +++---
 meta/recipes-support/vim/{vim_8.2.bb => vim_9.0.bb}         | 0
 3 files changed, 3 insertions(+), 3 deletions(-)
 rename meta/recipes-support/vim/{vim-tiny_8.2.bb => vim-tiny-9.0.bb} (100%)
 rename meta/recipes-support/vim/{vim_8.2.bb => vim_9.0.bb} (100%)

diff --git a/meta/recipes-support/vim/vim-tiny_8.2.bb b/meta/recipes-support/vim/vim-tiny-9.0.bb
similarity index 100%
rename from meta/recipes-support/vim/vim-tiny_8.2.bb
rename to meta/recipes-support/vim/vim-tiny-9.0.bb
diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc
index 06707dbe112..b85f34d6c8e 100644
--- a/meta/recipes-support/vim/vim.inc
+++ b/meta/recipes-support/vim/vim.inc
@@ -11,7 +11,7 @@ RSUGGESTS:${PN} = "diffutils"

 LICENSE = "Vim"
 LIC_FILES_CHKSUM = "file://LICENSE;md5=6b30ea4fa660c483b619924bc709ef99 \
-                    file://runtime/doc/uganda.txt;md5=daf48235bb824c77fe8ae88d5f575f74"
+                    file://runtime/doc/uganda.txt;md5=001ef779f422a0e9106d428c84495b4d"

 SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \
            file://disable_acl_header_check.patch \
@@ -21,8 +21,8 @@ SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \
            file://racefix.patch \
            "

-PV .= ".5083"
-SRCREV = "db77c49401145d76441fbb3d22a1d7d987681c13"
+PV .= ".0005"
+SRCREV = "040674129f3382822eeb7b590380efa5228124a8"

 # Remove when 8.3 is out
 UPSTREAM_VERSION_UNKNOWN = "1"
diff --git a/meta/recipes-support/vim/vim_8.2.bb b/meta/recipes-support/vim/vim_9.0.bb
similarity index 100%
rename from meta/recipes-support/vim/vim_8.2.bb
rename to meta/recipes-support/vim/vim_9.0.bb
--
2.34.1





[PATCH] vim: 8.2.5083 -> 9.0.0005

Richard Purdie
 

The license checksum changed due to a major version change in the referenced file.

Signed-off-by: Richard Purdie <richard.purdie@...>
---
.../vim/{vim-tiny_8.2.bb => vim-tiny-9.0.bb} | 0
meta/recipes-support/vim/vim.inc | 6 +++---
meta/recipes-support/vim/{vim_8.2.bb => vim_9.0.bb} | 0
3 files changed, 3 insertions(+), 3 deletions(-)
rename meta/recipes-support/vim/{vim-tiny_8.2.bb => vim-tiny-9.0.bb} (100%)
rename meta/recipes-support/vim/{vim_8.2.bb => vim_9.0.bb} (100%)

diff --git a/meta/recipes-support/vim/vim-tiny_8.2.bb b/meta/recipes-support/vim/vim-tiny-9.0.bb
similarity index 100%
rename from meta/recipes-support/vim/vim-tiny_8.2.bb
rename to meta/recipes-support/vim/vim-tiny-9.0.bb
diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc
index 06707dbe112..b85f34d6c8e 100644
--- a/meta/recipes-support/vim/vim.inc
+++ b/meta/recipes-support/vim/vim.inc
@@ -11,7 +11,7 @@ RSUGGESTS:${PN} = "diffutils"

LICENSE = "Vim"
LIC_FILES_CHKSUM = "file://LICENSE;md5=6b30ea4fa660c483b619924bc709ef99 \
- file://runtime/doc/uganda.txt;md5=daf48235bb824c77fe8ae88d5f575f74"
+ file://runtime/doc/uganda.txt;md5=001ef779f422a0e9106d428c84495b4d"

SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \
file://disable_acl_header_check.patch \
@@ -21,8 +21,8 @@ SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \
file://racefix.patch \
"

-PV .= ".5083"
-SRCREV = "db77c49401145d76441fbb3d22a1d7d987681c13"
+PV .= ".0005"
+SRCREV = "040674129f3382822eeb7b590380efa5228124a8"

# Remove when 8.3 is out
UPSTREAM_VERSION_UNKNOWN = "1"
diff --git a/meta/recipes-support/vim/vim_8.2.bb b/meta/recipes-support/vim/vim_9.0.bb
similarity index 100%
rename from meta/recipes-support/vim/vim_8.2.bb
rename to meta/recipes-support/vim/vim_9.0.bb
--
2.34.1


[PATCH] base.bbclass: Add sstate-cache dependency to GCCVERSION

Tomasz Dziendzielski
 

If we have the build with different gcc versions in the same workspace
it might happen that nativesdk recipe will not detect the change of gcc
and the package will be taken from sstate-cache. This will lead to
do_package_qa failure due to binaries requiring symbols that are not
present in the older libstdc++.

Example error:
| ERROR: nativesdk-mgen-1.0-r0 do_package_qa: QA Issue:
| /opt/poky/3.2.3/sysroots/x86_64-pokysdk-linux/usr/lib/libssh2pp.so.0.1
| contained in package nativesdk-mgen requires
| libstdc++.so.6(GLIBCXX_3.4.11)(64bit), but no providers found in
| RDEPENDS_nativesdk-mgen? [file-rdeps]

Add vardeps dependency to GCCVERSION to make sure the package is rebuild
with correct gcc version.

Signed-off-by: Tomasz Dziendzielski <tomasz.dziendzielski@...>
Signed-off-by: Jan Brzezanski <jan.brzezanski@...>
---
meta/classes/base.bbclass | 1 +
1 file changed, 1 insertion(+)

diff --git a/meta/classes/base.bbclass b/meta/classes/base.bbclass
index cc02de5f77..da2dc05bba 100644
--- a/meta/classes/base.bbclass
+++ b/meta/classes/base.bbclass
@@ -148,6 +148,7 @@ do_fetch[dirs] = "${DL_DIR}"
do_fetch[file-checksums] = "${@bb.fetch.get_checksum_file_list(d)}"
do_fetch[file-checksums] += " ${@get_lic_checksum_file_list(d)}"
do_fetch[vardeps] += "SRCREV"
+do_fetch[vardeps] += "GCCVERSION"
do_fetch[network] = "1"
python base_do_fetch() {

--
2.36.1


[master][kirkstone][PATCH] ruby: Add ruby-native dependency for nativesdk class

Ranjitsinh Rathod
 

We need to add ruby-native dependency for nativesdk class too
to fix the compilation issue
Earlier this dependency is part of DEPENDS variable but the below
commit removes it from DEPENDS and add only for
DEPENDS_append_class-target which triggers the failure in
nativesdk-ruby:do_compile task
Link: https://git.yoctoproject.org/poky/commit/?h=dunfell&id=6060b500b952754c595fdf5de5de35c886e0e1d5

Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@...>
Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@...>
---
meta/recipes-devtools/ruby/ruby.inc | 1 +
meta/recipes-devtools/ruby/ruby_3.1.2.bb | 2 +-
2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/meta/recipes-devtools/ruby/ruby.inc b/meta/recipes-devtools/ruby/ruby.inc
index ebff5efd1f..efa40331e0 100644
--- a/meta/recipes-devtools/ruby/ruby.inc
+++ b/meta/recipes-devtools/ruby/ruby.inc
@@ -15,6 +15,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=5b8c87559868796979806100db3f3805 \

DEPENDS = "zlib openssl libyaml gdbm readline libffi"
DEPENDS:append:class-target = " ruby-native"
+DEPENDS:append:class-nativesdk = " ruby-native"

SHRT_VER = "${@oe.utils.trim_version("${PV}", 2)}"
SRC_URI = "http://cache.ruby-lang.org/pub/ruby/${SHRT_VER}/ruby-${PV}.tar.gz \
diff --git a/meta/recipes-devtools/ruby/ruby_3.1.2.bb b/meta/recipes-devtools/ruby/ruby_3.1.2.bb
index 38ba46731b..a9e6765939 100644
--- a/meta/recipes-devtools/ruby/ruby_3.1.2.bb
+++ b/meta/recipes-devtools/ruby/ruby_3.1.2.bb
@@ -104,4 +104,4 @@ FILES:${PN}-ptest:append:class-target = "\
${libdir}/ruby/${SHRT_VER}.0/*/-test- \
"

-BBCLASSEXTEND = "native"
+BBCLASSEXTEND = "native nativesdk"
--
2.17.1

This message contains information that may be privileged or confidential and is the property of the KPIT Technologies Ltd. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message. KPIT Technologies Ltd. does not accept any liability for virus infected mails.


[kirkstone][PATCH] binutils : CVE-2019-1010204

Pgowda
 

Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=2a4fc266dbf77ed7ab83da16468e9ba627b8bc2d]

Signed-off-by: Pgowda <pgowda.cve@...>
---
.../binutils/binutils-2.38.inc | 1 +
.../binutils/0014-CVE-2019-1010204.patch | 49 +++++++++++++++++++
2 files changed, 50 insertions(+)
create mode 100644 meta/recipes-devtools/binutils/binutils/0014-CVE-2019-1010204.patch

diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc
index dc0a2a4054..a069071c97 100644
--- a/meta/recipes-devtools/binutils/binutils-2.38.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.38.inc
@@ -32,5 +32,6 @@ SRC_URI = "\
file://0011-sync-with-OE-libtool-changes.patch \
file://0012-Check-for-clang-before-checking-gcc-version.patch \
file://0013-Avoid-as-info-race-condition.patch \
+ file://0014-CVE-2019-1010204.patch \
"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/binutils/binutils/0014-CVE-2019-1010204.patch b/meta/recipes-devtools/binutils/binutils/0014-CVE-2019-1010204.patch
new file mode 100644
index 0000000000..dad4a62038
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0014-CVE-2019-1010204.patch
@@ -0,0 +1,49 @@
+From 2a4fc266dbf77ed7ab83da16468e9ba627b8bc2d Mon Sep 17 00:00:00 2001
+From: Nick Clifton <nickc@...>
+Date: Mon, 27 Jun 2022 13:07:40 +0100
+Subject: [PATCH] Have gold's File_read::do_read() function check the start
+ parameter
+
+ PR 23765
+ * fileread.cc (File_read::do_read): Check start parameter before
+ computing number of bytes to read.
+
+Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=2a4fc266dbf77ed7ab83da16468e9ba627b8bc2d]
+
+Signed-off-by: Pgowda <pgowda.cve@...>
+---
+ gold/ChangeLog | 6 ++++++
+ gold/fileread.cc | 6 ++++++
+ 2 files changed, 12 insertions(+)
+
+diff --git a/gold/ChangeLog b/gold/ChangeLog
+index 5103dab7b67..8557dc6db7f 100644
+--- a/gold/ChangeLog
++++ b/gold/ChangeLog
+@@ -1,3 +1,9 @@
++2022-06-27 Nick Clifton <nickc@...>
++
++ PR 23765
++ * fileread.cc (File_read::do_read): Check start parameter before
++ computing number of bytes to read.
++
+ 2022-02-17 Nick Clifton <nickc@...>
+
+ * po/sr.po: Updated Serbian translation.
+diff --git a/gold/fileread.cc b/gold/fileread.cc
+index 2b653f78c2e..af2df215468 100644
+--- a/gold/fileread.cc
++++ b/gold/fileread.cc
+@@ -385,6 +385,12 @@ File_read::do_read(off_t start, section_
+ ssize_t bytes;
+ if (this->whole_file_view_ != NULL)
+ {
++ // See PR 23765 for an example of a testcase that triggers this error.
++ if (((ssize_t) start) < 0)
++ gold_fatal(_("%s: read failed, starting offset (%#llx) less than zero"),
++ this->filename().c_str(),
++ static_cast<long long>(start));
++
+ bytes = this->size_ - start;
+ if (static_cast<section_size_type>(bytes) >= size)
+ {
--
2.25.1


gpg signing and stale gpg-agent

Federico Pellegrin
 



Hi all,
I've been working with signing packages via gpg (specificall RPM, but that shouldn't really matter) lately and things mostly work fine (modulo that small patch from some 2 weeks ago now in master).

I have just one more possibly minor issue I wanted to get possibly an opinion from the expert folk if possible!


Little background: to keep things isolated and not system dependant the GPG related files are kept in a separate directory. This is then specified via GPG_PATH (which then de facto is passed to various gpg tools as --homedir). The keys are then kept there and just as a detail that is then an encrypted FS which is just mounted/umounted when needed.

When gpg is run it will spawn a gpg-agent to deal with keys and this is fine. The problem I have is that after bitbake finished the gpg-agent will still be left running there and in my specific case this means that the directory (pointed by GPG_PATH) will figure as in use and therefore cannot be umounted. Of course if I kill by hand the gpg-agent then I can just proceed and so on.

So the first question is: is it 'nice' that after the bitbake execution we possibly leave as a matter of fact running stuff from Yocto around the system? 


As I wanted to come to pose a question also having done a bit of homework I tried to understand how I could fix this and right now I arrived at something like:

-------------

diff --git a/meta/lib/oe/gpg_sign.py b/meta/lib/oe/gpg_sign.py
index aa9bb49f2c..d6d1fd9e6c 100644
--- a/meta/lib/oe/gpg_sign.py
+++ b/meta/lib/oe/gpg_sign.py
@@ -58,6 +58,12 @@ class LocalSigner(object):
         for i in range(0, len(files), sign_chunk):
             subprocess.check_output(shlex.split(cmd + ' '.join(files[i:i+sign_chunk])), stderr=subprocess.STDOUT)
 
+        gpg_conf_bin = bb.utils.which(os.getenv('PATH'), "gpgconf")
+        if gpg_conf_bin and self.gpg_path:
+            cmd = [ gpg_conf_bin ] + ["--homedir", self.gpg_path, "--kill", "gpg-agent"]
+            subprocess.check_output(cmd, stderr=subprocess.STDOUT)
+
+
     def detach_sign(self, input_file, keyid, passphrase_file, passphrase=None, armor=True, output_suffix=None, use_sha256=False):
         """Create a detached signature of a file"""
 
-------------

(note: I kill only if the homedir is defined, this is TBD, it's just a PoC)
So basically after the loop that does all the chunk-wise signing I ask gpgconf to stop the gpgagent and this actually seem to work pretty fine. But I'm not convinced this is the best as maybe it is stopped and restarted more than needed (TBC).

My desire was to make sure to do it just once, for example hooking on an "atexit" but that seemed to be called a bit randomly and not always (which is a bit puzzling for me, but maybe clear for the experts, as I saw atexit is also used in a couple of other places as cleanup).

So in short:
1) Do you think we should implement a clean-up of the gpg-agent or should we just live with it?
2) If yes should we do it always or just under some conditions? (ie. GPG_PATH is passed, not if using the user's default one?)
3) What would be the best way to get some cleanup code reliably called and just once? (if not the PoC above)

Many thanks in advance,
Federico


Re: eSDK dependencies

Andrej Valek
 

Hello Richard,

Yes, but variants have set SDK_EXT_TYPE=full. Can't say about the pure
poky eSDK, but with our layers, size is different. Let's say 2/3 of the
"working" one.

Do you really need locked-sigs.inc from both variant? I guess, you only
need to know if some entries are missing and not the values. If yes,
then I have to build the old "working" on based on dunfell.


Regards,
Andrej

On Tue, 2022-06-28 at 11:16 +0100, Richard Purdie wrote:
On Tue, 2022-06-28 at 07:55 +0000, Valek, Andrej wrote:
Hello Richard and Alex,

Richard:
We tried to revert the commits which you mentioned and it didn't
work.

Alex:
Yes, is fully reproducible on latest master.

bitbake core-image-minimal -c populate_sdk_ext

eSDK installed via: poky-glibc-x86_64-core-image-minimal-
cortexa15t2hf-
neon-qemuarm-toolchain-ext-4.1+snapshot.sh

. environment-setup-cortexa15t2hf-neon-poky-linux-gnueabi
devtool modify busybox

Sstate summary: Wanted 14 Local 0 Mirrors 0 Missed 14 Current 6 (0%
match, 30% complete)

So it started a compilation of missing components. We are assuming,
that eSDK will include all build deps for all components in the
image
and not just a deps for image itself.
Ok. To confirm, SDK_EXT_TYPE is set to full in both cases? Could you
share the locked-sigs.inc file from both? I'd like to understand if
the
tools are there but not being used or whether they're really not
there
at all. Is there much of a size difference between the two eSDKs?

I suspect some kind of bisection to track down the change causing the
issue will be necessary unfortunately but at least that test case is
relatively straightforward...

Cheers,

Richard


Re: [PATCH v6] Rust Oe-Selftest implementation

Pgowda
 

Hi Richard,

Thanks very much for pointing that out.
I could reproduce the issue on the docker host that does not contain zlib-devel.
Trying to analyse the issue on dependency of zlib.
It would be helpful if you could give some pointers on zlib dependency
as it would have been seen in other recipes as well.
It would help us in fixing the issue appropriately.

Thanks,
Pgowda

On Mon, Jun 6, 2022 at 2:21 PM Richard Purdie
<richard.purdie@...> wrote:

On Fri, 2022-06-03 at 18:37 +0530, pgowda cve wrote:
Hi Luca,

Regarding the issue
https://bugzilla.yoctoproject.org/show_bug.cgi?id=14818

I ran the Oe-Selftest for Rust as well as completed packages and did
not come across any issues.
a@yow-fedora-builder1 build]$ uname -a
Linux yow-fedora-builder1 5.16.18-200.fc35.x86_64 #1 SMP PREEMPT Mon
Mar 28 14:10:07 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux

The log of tests can be seen as follows:-
The command used to run the test was as mentioned in the Bugzilla.
oe-selftest -a -t machine -t toolchain-system -j 15

test_libatomic: PASSED (113.76s)
2022-06-03 08:39:19,084 - oe-selftest - INFO - RESULTS -
gcc.GccLibGompSelfTestSystemEmulated.test_libgomp: PASSED (637.21s)
2022-06-03 08:39:19,084 - oe-selftest - INFO - RESULTS -
gcc.GccLibItmSelfTestSystemEmulated.test_libitm: PASSED (133.31s)
2022-06-03 08:39:19,084 - oe-selftest - INFO - RESULTS -
gcc.GccLibStdCxxSelfTestSystemEmulated.test_libstdcxx: PASSED
(2546.63s)
2022-06-03 08:39:19,084 - oe-selftest - INFO - RESULTS -
gcc.GxxCrossSelfTestSystemEmulated.test_cross_gxx: PASSED (744.56s)
2022-06-03 08:39:19,084 - oe-selftest - INFO - RESULTS -
glibc.GlibcSelfTestSystemEmulated.test_glibc: PASSED (1101.43s)
2022-06-03 08:39:19,085 - oe-selftest - INFO - RESULTS -
meta_ide.MetaIDE.test_meta_ide_can_build_cpio_project: PASSED (54.33s)
2022-06-03 08:39:19,085 - oe-selftest - INFO - RESULTS -
meta_ide.MetaIDE.test_meta_ide_can_compile_c_program: PASSED (0.19s)
2022-06-03 08:39:19,085 - oe-selftest - INFO - RESULTS -
meta_ide.MetaIDE.test_meta_ide_had_installed_meta_ide_support: PASSED
(0.01s)
2022-06-03 08:39:19,085 - oe-selftest - INFO - RESULTS -
runqemu.QemuTest.test_qemu_can_shutdown: PASSED (45.98s)
2022-06-03 08:39:19,085 - oe-selftest - INFO - RESULTS -
rust.RustSelfTestSystemEmulated.test_rust: PASSED (8381.70s)
2022-06-03 08:39:19,085 - oe-selftest - INFO - RESULTS -
gcc.GccLibSspSelfTestSystemEmulated.test_libssp: SKIPPED (3.92s)
2022-06-03 08:39:22,336 - oe-selftest - INFO - SUMMARY:
2022-06-03 08:39:22,336 - oe-selftest - INFO - oe-selftest () - Ran 16
tests in 19613.479s
2022-06-03 08:39:22,336 - oe-selftest - INFO - oe-selftest - OK - All
required tests passed (successes=15, skipped=1, failures=0, errors=0)

I also ran the Rust Oe-Selftest individually and did not find any issues.
Can you please share the environment file so that I can reproduce and
fix the issue?
There isn't any magic environment we can share here I'm afraid. We
don't know why it happens on some autobuilder workers and not on
others, this is something we need to investigate and fix. This is one
of the challenges of these "intermittent" issues.

The errors seem to relate to zlib so it may be worth looking at whether
host headers influence the rust build and those may be causing some
kind of determinism issue. You may have to build the binaries one a
system with the headers, then run them on a system without for example.

Cheers,

Richard



[PATCH] rust: fix issue building cross-canadian tools for aarch64 on x86_64

Peter Bergin
 

Commit bd36593ba3db758b3eacc974e48468a665967961 did introduce a
regression when building package rust-cross-canadian-aarch64
on a x86_64 host. This commit will fix that configuration.

Suggested-by: Richard Purdie <richard.purdie@...>
Signed-off-by: Peter Bergin <peter@...>
---
meta/recipes-devtools/rust/rust-common.inc | 5 +----
1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/meta/recipes-devtools/rust/rust-common.inc b/meta/recipes-devtools/rust/rust-common.inc
index 621cd4ad57..ef70c48d0f 100644
--- a/meta/recipes-devtools/rust/rust-common.inc
+++ b/meta/recipes-devtools/rust/rust-common.inc
@@ -309,10 +309,7 @@ def rust_gen_target(d, thing, wd, features, cpu, arch, abi=""):

# build tspec
tspec = {}
- if bb.data.inherits_class('cross-canadian', d):
- tspec['llvm-target'] = d.getVar('RUST_HOST_SYS', arch_abi)
- else:
- tspec['llvm-target'] = d.getVar('RUST_TARGET_SYS', arch_abi)
+ tspec['llvm-target'] = d.getVar('RUST_TARGET_SYS', arch_abi)
tspec['data-layout'] = d.getVarFlag('DATA_LAYOUT', arch_abi)
tspec['max-atomic-width'] = int(d.getVarFlag('MAX_ATOMIC_WIDTH', arch_abi))
tspec['target-pointer-width'] = d.getVarFlag('TARGET_POINTER_WIDTH', arch_abi)
--
2.34.1


[dunfell][PATCH] grub2: CVE-2021-3981 Incorrect permission in grub.cfg allow unprivileged user to read the file content

Hitendra Prajapati
 

Source: https://git.savannah.gnu.org/cgit/grub.git/
MR: 116495
Type: Security Fix
Disposition: Backport from https://git.savannah.gnu.org/cgit/grub.git/diff/util/grub-mkconfig.in?id=0adec29674561034771c13e446069b41ef41e4d4
ChangeID: fce3d59e50320bef247bb981352051b8f953a4fc
Description:
CVE-2021-3981 grub2: Incorrect permission in grub.cfg allow unprivileged user to read the file content.

Affects "grub2 < 2.06"

Signed-off-by: Hitendra Prajapati <hprajapati@...>
---
.../grub/files/CVE-2021-3981.patch | 32 +++++++++++++++++++
meta/recipes-bsp/grub/grub2.inc | 1 +
2 files changed, 33 insertions(+)
create mode 100644 meta/recipes-bsp/grub/files/CVE-2021-3981.patch

diff --git a/meta/recipes-bsp/grub/files/CVE-2021-3981.patch b/meta/recipes-bsp/grub/files/CVE-2021-3981.patch
new file mode 100644
index 0000000000..e27027ea65
--- /dev/null
+++ b/meta/recipes-bsp/grub/files/CVE-2021-3981.patch
@@ -0,0 +1,32 @@
+From 67740c43c9326956ea5cd6be77f813b5499a56a5 Mon Sep 17 00:00:00 2001
+From: Hitendra Prajapati <hprajapati@...>
+Date: Mon, 27 Jun 2022 10:15:29 +0530
+Subject: [PATCH] CVE-2021-3981
+
+Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/diff/util/grub-mkconfig.in?id=0adec29674561034771c13e446069b41ef41e4d4]
+CVE: CVE-2021-3981
+Signed-off-by: Hitendra Prajapati <hprajapati@...>
+---
+ util/grub-mkconfig.in | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in
+index 9f477ff..ead94a6 100644
+--- a/util/grub-mkconfig.in
++++ b/util/grub-mkconfig.in
+@@ -287,7 +287,11 @@ and /etc/grub.d/* files or please file a bug report with
+ exit 1
+ else
+ # none of the children aborted with error, install the new grub.cfg
+- mv -f ${grub_cfg}.new ${grub_cfg}
++ oldumask=$(umask)
++ umask 077
++ cat ${grub_cfg}.new > ${grub_cfg}
++ umask $oldumask
++ rm -f ${grub_cfg}.new
+ fi
+ fi
+
+--
+2.25.1
+
diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc
index 0d3f6d05da..9e98d8249d 100644
--- a/meta/recipes-bsp/grub/grub2.inc
+++ b/meta/recipes-bsp/grub/grub2.inc
@@ -95,6 +95,7 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \
file://0044-script-execute-Fix-NULL-dereference-in-grub_script_e.patch \
file://0045-commands-ls-Require-device_name-is-not-NULL-before-p.patch \
file://0046-script-execute-Avoid-crash-when-using-outside-a-func.patch \
+ file://CVE-2021-3981.patch\
"
SRC_URI[md5sum] = "5ce674ca6b2612d8939b9e6abed32934"
SRC_URI[sha256sum] = "f10c85ae3e204dbaec39ae22fa3c5e99f0665417e91c2cb49b7e5031658ba6ea"
--
2.25.1


[PATCH] binutils : CVE-2019-1010204

Pgowda
 

Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=2a4fc266dbf77ed7ab83da16468e9ba627b8bc2d]

Signed-off-by: Pgowda <pgowda.cve@...>
---
.../binutils/binutils-2.38.inc | 1 +
.../binutils/0014-CVE-2019-1010204.patch | 49 +++++++++++++++++++
2 files changed, 50 insertions(+)
create mode 100644 meta/recipes-devtools/binutils/binutils/0014-CVE-2019-1010204.patch

diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc
index dc0a2a4054..a069071c97 100644
--- a/meta/recipes-devtools/binutils/binutils-2.38.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.38.inc
@@ -32,5 +32,6 @@ SRC_URI = "\
file://0011-sync-with-OE-libtool-changes.patch \
file://0012-Check-for-clang-before-checking-gcc-version.patch \
file://0013-Avoid-as-info-race-condition.patch \
+ file://0014-CVE-2019-1010204.patch \
"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/binutils/binutils/0014-CVE-2019-1010204.patch b/meta/recipes-devtools/binutils/binutils/0014-CVE-2019-1010204.patch
new file mode 100644
index 0000000000..dad4a62038
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0014-CVE-2019-1010204.patch
@@ -0,0 +1,49 @@
+From 2a4fc266dbf77ed7ab83da16468e9ba627b8bc2d Mon Sep 17 00:00:00 2001
+From: Nick Clifton <nickc@...>
+Date: Mon, 27 Jun 2022 13:07:40 +0100
+Subject: [PATCH] Have gold's File_read::do_read() function check the start
+ parameter
+
+ PR 23765
+ * fileread.cc (File_read::do_read): Check start parameter before
+ computing number of bytes to read.
+
+Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=2a4fc266dbf77ed7ab83da16468e9ba627b8bc2d]
+
+Signed-off-by: Pgowda <pgowda.cve@...>
+---
+ gold/ChangeLog | 6 ++++++
+ gold/fileread.cc | 6 ++++++
+ 2 files changed, 12 insertions(+)
+
+diff --git a/gold/ChangeLog b/gold/ChangeLog
+index 5103dab7b67..8557dc6db7f 100644
+--- a/gold/ChangeLog
++++ b/gold/ChangeLog
+@@ -1,3 +1,9 @@
++2022-06-27 Nick Clifton <nickc@...>
++
++ PR 23765
++ * fileread.cc (File_read::do_read): Check start parameter before
++ computing number of bytes to read.
++
+ 2022-02-17 Nick Clifton <nickc@...>
+
+ * po/sr.po: Updated Serbian translation.
+diff --git a/gold/fileread.cc b/gold/fileread.cc
+index 2b653f78c2e..af2df215468 100644
+--- a/gold/fileread.cc
++++ b/gold/fileread.cc
+@@ -385,6 +385,12 @@ File_read::do_read(off_t start, section_
+ ssize_t bytes;
+ if (this->whole_file_view_ != NULL)
+ {
++ // See PR 23765 for an example of a testcase that triggers this error.
++ if (((ssize_t) start) < 0)
++ gold_fatal(_("%s: read failed, starting offset (%#llx) less than zero"),
++ this->filename().c_str(),
++ static_cast<long long>(start));
++
+ bytes = this->size_ - start;
+ if (static_cast<section_size_type>(bytes) >= size)
+ {
--
2.25.1


[PATCH] python3-pycryptodome: upgrade 3.14.1 -> 3.15.0

wangmy
 

Changelog:
=========

New features
------------
Add support for curves Ed25519 and Ed448, including export and import of keys.
Add support for EdDSA signatures.
Add support for Asymmetric Key Packages (RFC5958) to import private keys.

Resolved issues
---------------
GH#620: for Crypto.Util.number.getPrime , do not sequentially scan numbers searching for a prime.



Signed-off-by: Wang Mingyu <wangmy@...>
---
...n3-pycryptodome_3.14.1.bb => python3-pycryptodome_3.15.0.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-devtools/python/{python3-pycryptodome_3.14.1.bb => python3-pycryptodome_3.15.0.bb} (38%)

diff --git a/meta/recipes-devtools/python/python3-pycryptodome_3.14.1.bb b/meta/recipes-devtools/python/python3-pycryptodome_3.15.0.bb
similarity index 38%
rename from meta/recipes-devtools/python/python3-pycryptodome_3.14.1.bb
rename to meta/recipes-devtools/python/python3-pycryptodome_3.15.0.bb
index c0324590c2..cabe9189f2 100644
--- a/meta/recipes-devtools/python/python3-pycryptodome_3.14.1.bb
+++ b/meta/recipes-devtools/python/python3-pycryptodome_3.15.0.bb
@@ -1,5 +1,5 @@
require python-pycryptodome.inc
inherit setuptools3

-SRC_URI[sha256sum] = "e04e40a7f8c1669195536a37979dd87da2c32dbdc73d6fe35f0077b0c17c803b"
+SRC_URI[sha256sum] = "9135dddad504592bcc18b0d2d95ce86c3a5ea87ec6447ef25cfedea12d6018b8"

--
2.25.1


[PATCH] python3-numpy: upgrade 1.22.4 -> 1.23.0

wangmy
 

Changelog:
==========
The NumPy 1.23.0 release continues the ongoing work to improve the
handling and promotion of dtypes, increase the execution speed, clarify
the documentation, and expire old deprecations. The highlights are:

Implementation of loadtxt in C, greatly improving its performance.
Exposing DLPack at the Python level for easy data exchange.
Changes to the promotion and comparisons of structured dtypes.
Improvements to f2py.


Signed-off-by: Wang Mingyu <wangmy@...>
---
.../python/{python3-numpy_1.22.4.bb => python3-numpy_1.23.0.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-devtools/python/{python3-numpy_1.22.4.bb => python3-numpy_1.23.0.bb} (96%)

diff --git a/meta/recipes-devtools/python/python3-numpy_1.22.4.bb b/meta/recipes-devtools/python/python3-numpy_1.23.0.bb
similarity index 96%
rename from meta/recipes-devtools/python/python3-numpy_1.22.4.bb
rename to meta/recipes-devtools/python/python3-numpy_1.23.0.bb
index 8ad3442413..5457b7d34b 100644
--- a/meta/recipes-devtools/python/python3-numpy_1.22.4.bb
+++ b/meta/recipes-devtools/python/python3-numpy_1.23.0.bb
@@ -13,7 +13,7 @@ SRC_URI = "https://github.com/${SRCNAME}/${SRCNAME}/releases/download/v${PV}/${S
file://run-ptest \
file://0001-generate_umath.py-do-not-write-full-path-to-output-f.patch \
"
-SRC_URI[sha256sum] = "b4308198d0e41efaa108e57d69973398439c7299a9d551680cdd603cf6d20709"
+SRC_URI[sha256sum] = "bd3fa4fe2e38533d5336e1272fc4e765cabbbde144309ccee8675509d5cd7b05"

UPSTREAM_CHECK_URI = "https://github.com/numpy/numpy/releases"
UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)\.tar"
--
2.25.1


[PATCH] python3-dbusmock: upgrade 0.28.0 -> 0.28.1

wangmy
 

Changelog:
==========
Again works on RHEL/CentOS 8 (0.27 broke there), now in CI
Avoid glib GI dependency for main dbusmock, for running in virtualenv

Signed-off-by: Wang Mingyu <wangmy@...>
---
.../{python3-dbusmock_0.28.0.bb => python3-dbusmock_0.28.1.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-devtools/python/{python3-dbusmock_0.28.0.bb => python3-dbusmock_0.28.1.bb} (83%)

diff --git a/meta/recipes-devtools/python/python3-dbusmock_0.28.0.bb b/meta/recipes-devtools/python/python3-dbusmock_0.28.1.bb
similarity index 83%
rename from meta/recipes-devtools/python/python3-dbusmock_0.28.0.bb
rename to meta/recipes-devtools/python/python3-dbusmock_0.28.1.bb
index 6155c866a2..d6889f4313 100644
--- a/meta/recipes-devtools/python/python3-dbusmock_0.28.0.bb
+++ b/meta/recipes-devtools/python/python3-dbusmock_0.28.1.bb
@@ -4,7 +4,7 @@ HOMEPAGE = "https://pypi.org/project/python-dbusmock/"
LICENSE = "GPL-3.0-only"
LIC_FILES_CHKSUM = "file://COPYING;md5=e6a600fd5e1d9cbde2d983680233ad02"

-SRC_URI[sha256sum] = "c63edeacec7796c4f379b2e17566d62afa404c048931ac9eba446470cec80ada"
+SRC_URI[sha256sum] = "6434e544c055e3570b20e341e50a3d2dd50b19d9e55d579b919e14879f9f1e57"

PYPI_PACKAGE = "python-dbusmock"

--
2.25.1


[PATCH] python3-certifi: upgrade 2022.5.18.1 -> 2022.6.15

wangmy
 

Signed-off-by: Wang Mingyu <wangmy@...>
---
...hon3-certifi_2022.5.18.1.bb => python3-certifi_2022.6.15.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-devtools/python/{python3-certifi_2022.5.18.1.bb => python3-certifi_2022.6.15.bb} (86%)

diff --git a/meta/recipes-devtools/python/python3-certifi_2022.5.18.1.bb b/meta/recipes-devtools/python/python3-certifi_2022.6.15.bb
similarity index 86%
rename from meta/recipes-devtools/python/python3-certifi_2022.5.18.1.bb
rename to meta/recipes-devtools/python/python3-certifi_2022.6.15.bb
index ff460d40b9..f78409b177 100644
--- a/meta/recipes-devtools/python/python3-certifi_2022.5.18.1.bb
+++ b/meta/recipes-devtools/python/python3-certifi_2022.6.15.bb
@@ -7,7 +7,7 @@ HOMEPAGE = " http://certifi.io/"
LICENSE = "ISC"
LIC_FILES_CHKSUM = "file://LICENSE;md5=67da0714c3f9471067b729eca6c9fbe8"

-SRC_URI[sha256sum] = "9c5705e395cd70084351dd8ad5c41e65655e08ce46f2ec9cf6c2c08390f71eb7"
+SRC_URI[sha256sum] = "84c85a9078b11105f04f3036a9482ae10e4621616db313fe045dd24743a0820d"

inherit pypi setuptools3

--
2.25.1


[PATCH] python3-babel: upgrade 2.10.1 -> 2.10.3

wangmy
 

Changelog
=========
Fallback count=”other” format in format_currency() (#872)

Fix get_period_id() with dayPeriodRule across 0:00 (#871)

Add support for b and B period symbols in time format (#869)

chore(docs/typo): Fixes a minor typo in a function comment (#864)

Signed-off-by: Wang Mingyu <wangmy@...>
---
.../python/{python3-babel_2.10.1.bb => python3-babel_2.10.3.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-devtools/python/{python3-babel_2.10.1.bb => python3-babel_2.10.3.bb} (87%)

diff --git a/meta/recipes-devtools/python/python3-babel_2.10.1.bb b/meta/recipes-devtools/python/python3-babel_2.10.3.bb
similarity index 87%
rename from meta/recipes-devtools/python/python3-babel_2.10.1.bb
rename to meta/recipes-devtools/python/python3-babel_2.10.3.bb
index d06eb2bf5c..7420bfc917 100644
--- a/meta/recipes-devtools/python/python3-babel_2.10.1.bb
+++ b/meta/recipes-devtools/python/python3-babel_2.10.3.bb
@@ -3,7 +3,7 @@ HOMEPAGE = "http://babel.edgewall.org/"
LICENSE = "BSD-3-Clause"
LIC_FILES_CHKSUM = "file://LICENSE;md5=1b3f4650099e6d6a73e5a7fc8774ff18"

-SRC_URI[sha256sum] = "98aeaca086133efb3e1e2aad0396987490c8425929ddbcfe0550184fdc54cd13"
+SRC_URI[sha256sum] = "7614553711ee97490f732126dc077f8d0ae084ebc6a96e23db1482afabdb2c51"

PYPI_PACKAGE = "Babel"

--
2.25.1


[PATCH] python3-importlib-metadata: upgrade 4.11.4 -> 4.12.0

wangmy
 

License-Update:
Add text content of “http://www.apache.org/licenses/LICENSE-2.0" to LICENSE

Changelog:
===========
py-93259: Now raise ValueError when None or an empty string are passed to
Distribution.from_name (and other callers).

Signed-off-by: Wang Mingyu <wangmy@...>
---
...etadata_4.11.4.bb => python3-importlib-metadata_4.12.0.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta/recipes-devtools/python/{python3-importlib-metadata_4.11.4.bb => python3-importlib-metadata_4.12.0.bb} (79%)

diff --git a/meta/recipes-devtools/python/python3-importlib-metadata_4.11.4.bb b/meta/recipes-devtools/python/python3-importlib-metadata_4.12.0.bb
similarity index 79%
rename from meta/recipes-devtools/python/python3-importlib-metadata_4.11.4.bb
rename to meta/recipes-devtools/python/python3-importlib-metadata_4.12.0.bb
index 807a16d6db..c00e42cb1c 100644
--- a/meta/recipes-devtools/python/python3-importlib-metadata_4.11.4.bb
+++ b/meta/recipes-devtools/python/python3-importlib-metadata_4.12.0.bb
@@ -1,14 +1,14 @@
DESCRIPTION = "Read metadata from Python packages"
HOMEPAGE = "https://pypi.org/project/importlib-metadata/"
LICENSE = "Apache-2.0"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=e88ae122f3925d8bde8319060f2ddb8e"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"

inherit pypi python_setuptools_build_meta

PYPI_PACKAGE = "importlib_metadata"
UPSTREAM_CHECK_REGEX = "/importlib-metadata/(?P<pver>(\d+[\.\-_]*)+)/"

-SRC_URI[sha256sum] = "5d26852efe48c0a32b0509ffbc583fda1a2266545a78d104a6f4aff3db17d700"
+SRC_URI[sha256sum] = "637245b8bab2b6502fcbc752cc4b7a6f6243bb02b31c5c26156ad103d3d45670"

S = "${WORKDIR}/importlib_metadata-${PV}"

--
2.25.1

6401 - 6420 of 173770