Currently /usr/bin/python is provided by the python2 package. If python2 is not installed, the built image lacks a provider for it. This results in failed scripts when using '/usr/bin/python' shebang.

-> nginx: fix CVE-2022-41741 -> nginx: disabled duplicate atoms. -> Reference: -> https://nvd.nist.gov/vuln/detail/CVE-2022-41742 -> Upstream fixes: -> https://github.com/nginx/nginx/commit/0d23105373

A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function smc_encode_stream of the file libavcodec/smcenc.c of the component QuickTime Graphics Video Encod

A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file libavcodec/rpzaenc.c of the component QuickTime RPZA Video Encoder. The manipulation of the

A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function smc_encode_stream of the file libavcodec/smcenc.c of the component QuickTime Graphics Video Encod

The following changes since commit 9237ffc4feee2dd6ff5bdd672072509ef9e82f6d: build-appliance-image: Update to langdale head revision (2022-11-14 16:30:13 +0000) are available in the Git repository at:

The following changes since commit 3243b069db7629d15e4b8c25b4133f824d18520c: qemu: add io_uring PACKAGECONFIG (2022-11-10 07:13:46 -1000) are available in the Git repository at: https://git.openembedd

CVE Reference: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2022-3715 Signed-off-by: Xiangyu Chen <xiangyu.chen@...> --- .../bash/bash/CVE-2022-3715.patch | 33 +++++++++++++++++++ meta/recipes-exte

This patch contains a fix for CVE-2022-3970 Reference: https://nvd.nist.gov/vuln/detail/CVE-2022-3970 https://security-tracker.debian.org/tracker/CVE-2022-3970 Patch generated from : https://gitlab.co

This should be the final pull request for the 3.1.21 release. The following changes since commit ce99d451a54b8ce46b7f9030deaba86355009b1a: wic: swap partitions are not added to fstab (2022-11-11 04:24

License-Update: upstream has clarified that it is gpl3 https://salsa.debian.org/debian/man-db/-/commit/695a3560fdf91f829f21f00a502244b0cf28e29d Signed-off-by: Alexander Kanavin <alex@...> --- .../man-

Reader.Read doesn't set a limit on the maximum size of file headers. Upstream-Status: Backport from [https://github.com/golang/go/commit/0a723816cd205576945fa57fbdde7e6532d59d08] CVE: CVE-2022-2879 Si

get_data() uses oeqa test method name and an optional key to get data from image specific "testimage_data.json" file located in image deploy directory. Image recipes can provide custom versions of thi

The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an

Current Dev Position: YP 4.2 M1 Next Deadline: 5th December 2022 YP 4.2 Build Next Team Meetings: Bug Triage meeting Thursday November 24th 7:30 am PDT (https://zoom.us/j/454367603?pwd=ZGxoa2ZXL3FkM3Y

When building with CONFIG_MODVERSIONS=3Dy and CONFIG_RANDSTRUCT=3Dy we ne= ed to copy the build assets generated for the randstrutc seed to STAGING_KERNEL_BUILDDIR, otherwise the out-of-tree modules b

From: Mingli Yu <mingli.yu@...> After Python upgrade to 3.11, it requires pkg-config to detect tcl and tk when configure tkinter, so add tcl depends to fix below error. | The necessary bits to build t

From: Mingli Yu <mingli.yu@...> The patch alter-includedir.patch previouly install the header to /usr/include/tcl8.6, but it doesn't reflect in tcl.pc and the header location still /usr/include in tcl

From: John Edward Broadbent <jebr@...> This recipe can be used to identify kernel dependencies, and immediately throw build errors if those dependencies are not met. Signed-off-by: John Edward Broadbe

From: Enrico Scholz <enrico.scholz@...> Transition to ThreadPoolExecutor (eb6a6820928472ef194b963b606454e731f9486f) broke the | Checking sstate mirror object availability: ... progress bar because the