-
Notifications
You must be signed in to change notification settings - Fork 51
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
overlay sys-kernel/coreos-firmware: update to 20230625_p20230724 for flatcar-3665 #1039
overlay sys-kernel/coreos-firmware: update to 20230625_p20230724 for flatcar-3665 #1039
Conversation
Update coreos-firmware to 20230625_p20230724, mainly to address CVE-2023-20593. Gentoo ref: 6390ce05738eac80fc06663a73ca6b22fdaee8d1 Fix issue of dealing with snapshot directory to avoid build failure.
Due to slightly different situations of maintenance branches, I had to create all 4 branches to run CI respectively. Backporting branches:
Jenkins CI:
|
Build action triggered: https://github.com/flatcar/scripts/actions/runs/5750824634 |
CI passed |
@@ -67,6 +68,11 @@ src_unpack() { | |||
git-r3_src_unpack | |||
else | |||
default | |||
# rename directory from git snapshot tarball | |||
if [[ ${#MY_COMMIT} -gt 8 ]]; then |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't understand why this condition is as it is and not, e.g., -gt 0
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am not sure.
I just want to keep it as similar as possible to Gentoo.
https://gitweb.gentoo.org/repo/gentoo.git/tree/sys-kernel/linux-firmware/linux-firmware-20230625_p20230724.ebuild#n92
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The only thing that strikes me as odd is that GIT_COMMIT
does not show up anywhere else. There's MY_COMMIT
, but not GIT_COMMIT
. Maybe a bug in the ebuild?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The only thing that strikes me as odd is that GIT_COMMIT does not show up anywhere else. There's MY_COMMIT, but not GIT_COMMIT.
Right. I was wondering about that yesterday. 🤷
Applied to flatcar-3033, flatcar-3510, flatcar-3602. |
Update
sys-kernel/coreos-firmware
to20230625_p20230724
, mainly to address CVE-2023-20593.Based on Gentoo commit 6390ce05738e.
Fix issue of dealing with snapshot directory to avoid build failure.
See also flatcar/Flatcar#1134.
Backporting branches:
Testing done
changelog/
directory (user-facing change, bug fix, security fix, update)/boot
and/usr
size, packages, list files for any missing binaries, kernel modules, config files, kernel modules, etc.