From: Xiangyu Chen <xiangyu.chen@...> Since we removed the openssh dependency[1] on rng-tools, there are no package requiring rng-tools in oe-core, meta-oe, meta-virt, and the /dev/random won't block

When building for Arm, the following error is seen: | ../../libunwind-1.6.2/src/arm/Gtrace.c:529:7: error: call to undeclared library function 'printf' with type 'int (const char *, ...)'; ISO C99 and

Backport appropriate patches to fix CVE-2022-2879 and CVE-2022-41720. Modified the original fix for CVE-2022-2879 to remove a testdata tarball and any references to it since git binary diffs are not s

The RPM_ETCCONFIGDIR should be some root directory instead of the etc directory as in patch 0002-Add-support-for-prefixing-etc-from-RPM_ETCCONFIGDIR-.patch RPM_ETCCONFIGDIR is used to prefix /etc. The

RPM upstream removed find-debuginfo and switched to use debugedit since the following commit. https://github.com/rpm-software-management/rpm/commit/04b0805a756cdd9466fb9dc717846f5bf15518cc According t

Current Dev Position: YP 4.2 M4 Next Deadline: 3rd April 2023 YP 4.2 M4 Build Next Team Meetings: Bug Triage meeting Thursday March 23rd 7:30 am PDT (https://zoom.us/j/454367603?pwd=ZGxoa2ZXL3FkM3Y0bF

From: Peter Marko <peter.marko@...> Backport from v250-stable branch (v250.9) Signed-off-by: Peter Marko <peter.marko@...> --- .../systemd/systemd/CVE-2022-4415-1.patch | 109 +++++ .../systemd/systemd

The following changes since commit 21e8a662e6232e7fdd642b1d86d4f8f980be1a09: vala: Fix install conflict when enable multilib. (2023-03-10 05:54:34 -1000) are available in the Git repository at: https:

From: Richard Purdie <richard.purdie@...> This was likely something we took inspiration from elsewhere with. It was added in: https://git.openembedded.org/openembedded/commit/packages/netbase/netbase/

From: Kenfe-Mickael Laventure <mickael.laventure@...> The script generated by the sdk_ext_postinst function was not quoting the user existing PATH when updating it causing the export command to fail.

From: Kenfe-Mickael Laventure <mickael.laventure@...> The environment-setup script generated by the recipe was not quoting the user existing PATH when updating it causing the export command to fail. A

From: Kenfe-Mickael Laventure <mickael.laventure@...> The environment-setup script generated by the recipe was not quoting the user existing PATH when updating it causing the export command to fail. A

From: Richard Purdie <richard.purdie@...> glibc has it's dependencies handled more manually due to it's place in the toolchain bootstrap. It depends upon the compiler and indirectly through that to bi

From: Richard Purdie <richard.purdie@...> The previous fix wasn't enough to address all the possible ways the manifests might be ordered. Rework the previous fix so it is tied to the multilib cross-ca

From: Richard Purdie <richard.purdie@...> """ require conf/multilib.conf MACHINE = "qemuarm64" MULTILIBS = "multilib:lib32" DEFAULTTUNE:virtclass-multilib-lib32 = "armv7athf-neon" bitbake gcc-cross-ca

From: Alban Bedel <alban.bedel@...> Per default systemd use a pager for the output of most of its tools and it expect this pager to be color capable. But that is not the case when the busybox `less` i

From: Ross Burton <ross.burton@...> Clause II.3 of the Vim license states that any distribution of Vim that has been extended or modified must _at least_ indicate in the :version output that this is t

From: Ross Burton <ross.burton@...> This incorporates fixes for CVE-2023-1127, CVE-2023-1170, CVE-2023-1175. Also remove runtime/doc/uganda.txt from the license checksum: the Vim license is also in th

From: Chee Yang Lee <chee.yang.lee@...> Signed-off-by: Chee Yang Lee <chee.yang.lee@...> Signed-off-by: Steve Sakoman <steve@...> --- .../libksba/libksba/CVE-2022-3515.patch | 47 +++++++++++++++++++ m

From: Chee Yang Lee <chee.yang.lee@...> This patch fix CVE-2021-45944. https://nvd.nist.gov/vuln/detail/CVE-2021-45944 Signed-off-by: Chee Yang Lee <chee.yang.lee@...> Signed-off-by: Steve Sakoman <st