diff --git a/.gitlab-ci/container/build-crosvm.sh b/.gitlab-ci/container/build-crosvm.sh index cfee1597ef3de..772865425534b 100644 --- a/.gitlab-ci/container/build-crosvm.sh +++ b/.gitlab-ci/container/build-crosvm.sh @@ -25,6 +25,7 @@ RUSTFLAGS='-L native=/usr/local/lib' cargo install \ bindgen \ -j ${FDO_CI_CONCURRENT:-4} \ --root /usr/local \ + --version 0.60.1 \ $EXTRA_CARGO_ARGS RUSTFLAGS='-L native=/usr/local/lib' cargo install \ diff --git a/.gitlab-ci/container/build-deqp.sh b/.gitlab-ci/container/build-deqp.sh index c9f4df71f561b..71b11ab0750f9 100644 --- a/.gitlab-ci/container/build-deqp.sh +++ b/.gitlab-ci/container/build-deqp.sh @@ -12,6 +12,13 @@ git clone \ /VK-GL-CTS pushd /VK-GL-CTS +# Apply a patch to update zlib link to an available version. +# vulkan-cts-1.3.3.0 uses zlib 1.2.12 which was removed from zlib server due to +# a CVE. See https://zlib.net/ +# FIXME: Remove this patch when uprev to 1.3.4.0+ +wget -O- https://github.com/KhronosGroup/VK-GL-CTS/commit/6bb2e7d64261bedb503947b1b251b1eeeb49be73.patch | + git am - + # --insecure is due to SSL cert failures hitting sourceforge for zlib and # libpng (sigh). The archives get their checksums checked anyway, and git # always goes through ssh or https. diff --git a/.gitlab-ci/image-tags.yml b/.gitlab-ci/image-tags.yml index 8faf36cb888a1..c7406ea2a06d2 100644 --- a/.gitlab-ci/image-tags.yml +++ b/.gitlab-ci/image-tags.yml @@ -1,6 +1,6 @@ variables: DEBIAN_X86_BUILD_BASE_IMAGE: "debian/x86_build-base" - DEBIAN_BASE_TAG: "2022-10-04-vn-render-server" + DEBIAN_BASE_TAG: "2022-10-19-remove-xvmc-dev" DEBIAN_X86_BUILD_IMAGE_PATH: "debian/x86_build" DEBIAN_BUILD_TAG: "2022-10-18-dx-headers" @@ -11,11 +11,11 @@ variables: DEBIAN_X86_TEST_BASE_IMAGE: "debian/x86_test-base" DEBIAN_X86_TEST_IMAGE_PATH: "debian/x86_test-gl" - DEBIAN_X86_TEST_GL_TAG: "2022-09-29-uprev-dxvk" - DEBIAN_X86_TEST_VK_TAG: "2022-09-29-uprev-dxvk" + DEBIAN_X86_TEST_GL_TAG: "2022-10-20-bindgen-zlib-cve" + DEBIAN_X86_TEST_VK_TAG: "2022-10-20-bindgen-zlib-cve" FEDORA_X86_BUILD_TAG: "2022-09-22-python3-ply-2" - KERNEL_ROOTFS_TAG: "2022-10-05-uprev-dxvk" + KERNEL_ROOTFS_TAG: "2022-10-20-bindgen-zlib-cve" WINDOWS_X64_VS_PATH: "windows/x64_vs" WINDOWS_X64_VS_TAG: "2022-08-17-bump"