summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* python3-django: move to version 4.2.7Joe Slater2023-12-041-1/+1
| | | | | | | | Version 4.2.5 fixes CVE-2023-36053 and CVE-2023-41164. Version 4.2.7 fixes CVE-2023-46695 and CVE-2023-43665. Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python3-gcovr: switch to main branchChristian Eggers2023-12-041-1/+1
| | | | | | | Branch "master" has been renamed to "main". Signed-off-by: Christian Eggers <ceggers@arri.de> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* gattlib: Upgrade to latest tip of trunkKhem Raj2023-12-041-2/+9
| | | | | | | | | | | | | | | License-Update: Year changed [1] Remove build directory from include directives in generated sourcecode via gdbus-codegen Upgrade includes fix for CVE-2019-6498 [1] https://github.com/labapart/gattlib/commit/5c87eda925c597e72107b5026c6b8d490ce76d62 Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Tan Wen Yan <wen.yan.tan@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libvpx: upgrade 1.13.0 -> 1.13.1Benjamin Bara2023-12-041-1/+1
| | | | | | | | | | | | | | | | | | | Changelog: ========= This release contains two security related fixes. One each for VP8 and VP9. - Upgrading: This release is ABI compatible with the previous release. - Bug fixes: https://crbug.com/1486441 (CVE-2023-5217) Fix to a crash related to VP9 encoding (#1642) Signed-off-by: Benjamin Bara <benjamin.bara@skidata.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Tan Wen Yan <wen.yan.tan@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* wireshark: Fix CVE-2023-2906Hitendra Prajapati2023-12-042-0/+39
| | | | | | | | | | Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/44dc70cc5aadca91cb8ba3710c59c3651b7b0d4d Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> (cherry picked from commit 919a2074586ff957362ae2dbd3438fa648bb9bee) Signed-off-by: Deepak Rathore <deeratho@cisco.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nlohmann-json: Add ptest supportMingli Yu2023-11-164-3/+123
| | | | | | | | | | | | | | | | | | | | | | | | | | * Backport 2 patches [1] [2] to fix the build failure under tests dir. * Fetch the test data during do_fetch phase to avoid internet access during test as some tests need test data. # ./run-ptest PASS: test-algorithms_cpp11 PASS: test-allocator_cpp11 PASS: test-alt-string_cpp11 PASS: test-assert_macro_cpp11 PASS: test-binary_formats_cpp11 [snip] PASS: test-unicode5_cpp11 PASS: test-user_defined_input_cpp11 PASS: test-windows_h_cpp11 PASS: test-wstring_cpp11 [1] https://github.com/nlohmann/json/commit/6cec5aefc97ad219b6fd5a4132f88f7c8f6800ee [2] https://github.com/nlohmann/json/commit/660d0b58565073975d6f5d94365d6cbf150a4cf8 Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 013b4d50432a3eba08a9cb54b9edf6b25a6378a8) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* traceroute: upgrade 2.1.2 -> 2.1.3Narpat Mali2023-11-161-1/+1
| | | | | | | | | | | | | | | This upgrade incorporates the CVE-2023-46316 fix. Changelog: ---------- - Fix command line parsing in wrappers. References: https://security-tracker.debian.org/tracker/CVE-2023-46316 https://sourceforge.net/projects/traceroute/files/traceroute/traceroute-2.1.3/ Signed-off-by: Narpat Mali <narpat.mali@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* open-vm-tools: fix CVE-2023-34058Archana Polampalli2023-11-162-0/+242
| | | | | | | | | | | | | A flaw was found in open-vm-tools. This flaw allows a malicious actor that has been granted Guest Operation Privileges in a target virtual machine to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias. Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-34058 Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python3-pynacl: add RCONFLICTS with python3-naclJoe Slater2023-11-161-0/+4
| | | | | | | | | python3-nacl is in the meta-virtualization layer. Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 74e31e51ffbd52b8864fed4debe7711e3ef4d739) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* cpuid: fix do_installChangqing Li2023-11-162-4/+42
| | | | | | | Fix do_install to make cpuid-doc installed correctly Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nlohmann-json: Avoid usage of nobranch=1Sourav Pramanik2023-11-161-1/+1
| | | | | | | | | | | | The usage of nobranch=1 in SRC_URI allows using unprotected branches. This change updates the real branch name in place of nobranch=1. Signed-off-by: Sourav Kumar Pramanik <pramanik.souravkumar@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit eec3c65b8136fe492f3be81ab62717d7c8922d04) Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nodejs: Upgrade 18.17.1 -> 18.18.2Archana Polampalli2023-11-163-2/+2
| | | | | | | | | | | | | | | | | Update to latest release of latest LTS 18 release The following CVEs are fixed in this release: CVE-2023-44487 CVE-2023-45143 CVE-2023-38552 CVE-2023-39333 License-Update: [1] [2] [1] https://github.com/nodejs/node/commit/06513585dc9bad6e9deb00d5f30bf3af0930295d [2] https://github.com/nodejs/node/commit/fbe89e632005e06ecafa7a34f75a0ac01ad3b885 Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libssh: upgrade 0.10.4 -> 0.10.5Yi Zhao2023-11-162-40/+7
| | | | | | | | | | | | | | Changelog: https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.10.5 * Generate cases list dynamically in run-ptest. * Install missing file to fix ptest failure. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit b0833f1f3ec78f16a79d9ff66cdd19da93496018) Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* postgresql: upgrade 15.3 -> 15.4Wang Mingyu2023-11-162-4/+6
| | | | | | | | | | | | | | | | 0001-configure.ac-bypass-autoconf-2.69-version-check.patch refreshed for 15.4 Changelog: https://www.postgresql.org/docs/release/15.4/ Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (master rev: 23396e531fba70923342481ee5cde7795191ec93) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* mbedtls: upgrade 2.28.3 -> 2.28.5Yi Zhao2023-11-161-1/+1
| | | | | | | | | | This release includes security fix for CVE-2023-43615. Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-2.28.5 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nginx: add configure optionJoe Slater2023-10-152-0/+42
| | | | | | | | | | | | Support --with-http_xslt_module configure option via a PACKAGECONFIG option. The option is not added to the defaults. Cherry-pick from master. Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit e0ac8eec48ddddc93751cfcdef2557998bfe91c8) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python3-inotify: fix testsJoe Slater2023-10-152-0/+621
| | | | | | | | | | | Some tests in test-inotify.py assume values for watch descriptors. This is not safe, so we retrieve the assigned values to compare with event information generated. Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 0efa5c872f6357f8639310e339d9c5a6f0315f2d) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* frr: Security fix CVE-2023-38802Yi Zhao2023-10-152-0/+140
| | | | | | | | | | | | | | | | CVE-2023-38802: FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation). Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-38802 Patch from: https://github.com/FRRouting/frr/commit/46817adab03802355c3cce7b753c7a735bdcc5ae Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* frr: Fix CVE-2023-41358 and CVE-2023-41360Robert Yang2023-10-153-0/+143
| | | | | | | | | | | | Backport patches to fix CVE-2023-41358 and CVE-2023-41360. References: https://nvd.nist.gov/vuln/detail/CVE-2023-41358 https://nvd.nist.gov/vuln/detail/CVE-2023-41360 Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* lldpd: upgrade 1.0.16 -> 1.0.17Meenali Gupta2023-10-151-1/+1
| | | | | | | | | | | | | | | | This release only contains bugfixes and security fixes. Highlighted bugfixes in 1.0.17:       Read overflow when parsing CDP addresses. Thanks to Matteo Memelli.       Don't output empty lines on configure commands. Changelog:       https://github.com/lldpd/lldpd/releases/tag/1.0.17 References:       https://nvd.nist.gov/vuln/detail/CVE-2023-41910 Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* kernel-selftest: Build headers before compiling testsKhem Raj2023-10-151-1/+1
| | | | | | | This fixes build failure with kernel 6.5 Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* redis: upgrade 7.0.12 -> 7.0.13Changqing Li2023-10-1510-1/+1
| | | | | | | | | Refer [1], include an urgency SECURITY fix and some bug fixes [1] https://github.com/redis/redis/releases/tag/7.0.13 Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* x11vnc: Fix CVE-2020-29074Lee Chee Yang2023-09-272-0/+28
| | | | | | | Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit dbdea59838054f9c908533d486cf3c0c2897c791) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* opensc: fix CVE-2023-2977Lee Chee Yang2023-09-272-0/+55
| | | | | | | Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 44b00373094f845e71575d9d6f5c54b038f3a21a) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* netkit-telnet: Fix CVE-2022-39028Sanjay Chitroda2023-09-272-0/+54
| | | | | | | | | | | | | | | | | References: https://nvd.nist.gov/vuln/detail/CVE-2022-39028 https://security-tracker.debian.org/tracker/CVE-2022-39028 Upstream Patch: https://cgit.freebsd.org/src/commit/?id=6914ffef4e23 - Patch is adopted from FreeBSD, as same vulnerability of telnetd is applicable to FreeBSD and netkit-telnet packages. Signed-off-by: Sanjay Chitroda <sanjay.chitroda@einfochips.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit d629fe71e4242fc0557f5668d9f223777eb60a0f) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* openldap: update to 2.5.16.Armin Kuster2023-09-272-34/+1
| | | | | | | | | | 2.5.x is an LTS version per the project. Drop patch now included. Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 7a423279cf6afe27cf6abf747f1a2021ee5b6d26) Signed-off-by: Armin Kuster <akuster@mvista.com>
* poppler: fix CVE-2023-34872Yogita Urade2023-09-192-0/+47
| | | | | | | | | | | | A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open. Reference: https://gitlab.freedesktop.org/poppler/poppler/-/issues/1399 Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* grpc: fix CVE-2023-33953Chen Qi2023-09-192-0/+225
| | | | | Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* grpc: fix CVE-2023-32732Chen Qi2023-09-192-0/+82
| | | | | | Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python3-appdirs: print ptest results in unified formatPolampalli, Archana2023-09-191-1/+1
| | | | | | | | Update run-ptest script to print the output of python3-appdirs ptest results in unified format Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* image_types_sparse: Fix syntax errorChris Dimich2023-09-191-5/+7
| | | | | | | | | | | | | | | | | | When using the image type: IMAGE_FSTYPES += " wic.sparse" IMAGE_CLASSES += " image_types_sparse" The following error arises: Syntax error: Bad function name So need to remove function in favor of variable. Signed-off-by: Chris Dimich <chris.dimich@boundarydevices.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Bastian Krause <bst@pengutronix.de> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tcpreplay: fix pcap detection with /usr/lib32 multilibMartin Jansa2023-09-062-4/+87
| | | | | | | | | | | | * use BPN, BP where useful * use prefix instead of hardcoding /usr * add patch to search also in lib32 subdir of --with-libpcap value to fix: checking for libpcap... configure: error: "Unable to find matching library for header file in TOPDIR/BUILD/work/raspberrypi4_64-oemllib32-linux-gnueabi/lib32-tcpreplay/4.4.4-r0/lib32-recipe-sysroot/usr" Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libcyusbserial: fix installed-vs-shipped QA issue with multilibMartin Jansa2023-09-062-1/+46
| | | | | | | | | | | | | | | | | | * testing ${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_LIBDIR} existence doesn't really work in cross compilation and on some hosts was causing: ERROR: QA Issue: libcyusbserial: Files/directories were installed but not shipped in any package: /usr/lib/libcyusbserial.so.1 /usr/lib/libcyusbserial.so Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install. libcyusbserial: 2 installed and not shipped files. [installed-vs-shipped] with multilib using /usr/lib32 or /usr/lib64 when the same didn't exist on host. Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* khronos-cts.inc: respect MLPREFIX when appending DEPENDS with anonymous pythonMartin Jansa2023-09-061-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * this causes 2 issues: lib32-opengl-es-cts depending on 64bit wayland and wayland-protocols: $ bitbake-getvar -r lib32-opengl-es-cts DEPENDS # # $DEPENDS [14 operations] # set /OE/build/oe-core/openembedded-core/meta/conf/bitbake.conf:309 # "" # set /OE/build/oe-core/openembedded-core/meta/conf/documentation.conf:137 # [doc] "Lists a recipe's build-time dependencies (i.e. other recipe files)." # :prepend /OE/build/oe-core/openembedded-core/meta/classes-global/base.bbclass:57 # "${BASEDEPENDS} " # :prepend /OE/build/oe-core/openembedded-core/meta/classes-recipe/pkgconfig.bbclass:7 # "pkgconfig-native " # :prepend /OE/build/oe-core/openembedded-core/meta/classes-recipe/cmake.bbclass:10 # "cmake-native " # :append /OE/build/oe-core/openembedded-core/meta/classes-recipe/python3native.bbclass:11 # " python3-native " # append /OE/build/oe-core/meta-openembedded/meta-oe/recipes-graphics/vk-gl-cts/khronos-cts.inc:28 # "python3-lxml-native libpng zlib virtual/libgles2 qemu-native" # :append[libc-musl] /OE/build/oe-core/meta-openembedded/meta-oe/recipes-graphics/vk-gl-cts/khronos-cts.inc:38 # " libexecinfo" # rename (to) classextend.py:108 [map_depends_variable] # "DEPENDS_NONML" # set classextend.py:109 [map_depends_variable] # "${@oe.classextend.get_depends('DEPENDS', d)}" # append classextend.py:110 [map_depends_variable] # [vardeps] " DEPENDS_NONML" # append cmake.bbclass:25 [__anon_30__OE_build_oe_core_openembedded_core_meta_classes_recipe_cmake_bbclass] # " ninja-native" # append khronos-cts.inc:77 [__anon_80__OE_build_oe_core_meta_openembedded_meta_oe_recipes_graphics_vk_gl_cts_khronos_cts_inc] # " wayland-native wayland wayland-protocols" # append khronos-cts.inc:79 [__anon_80__OE_build_oe_core_meta_openembedded_meta_oe_recipes_graphics_vk_gl_cts_khronos_cts_inc] # " virtual/libx11 virtual/egl " # pre-expansion value: # "${@oe.classextend.get_depends('DEPENDS', d)} ninja-native wayland-native wayland wayland-protocols virtual/libx11 virtual/egl " DEPENDS="cmake-native lib32-libpng pkgconfig-native python3-lxml-native python3-native qemu-native virtual/lib32-arm-oemllib32-linux-gnueabi-compilerlibs virtual/arm-oemllib32-linux-gnueabi-gcc virtual/lib32-libc virtual/lib32-libgles2 lib32-zlib ninja-native wayland-native wayland wayland-protocols virtual/libx11 virtual/egl " * lib32-opengl-es-cts-dev runtime depending on 64bit wayland-dev wayland-protocols-dev as caught by multilib QA check: ERROR: QA Issue: lib32-opengl-es-cts package lib32-opengl-es-cts-dev - suspicious values 'wayland-dev wayland-protocols-dev' in RRECOMMENDS [multilib] Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* mongodb: enable hardware crc32 only with crc in TUNE_FEATURESMartin Jansa2023-09-061-0/+1
| | | | | | | | | | | | | | | | * see https://jira.mongodb.org/browse/SERVER-30893 * fixes: aarch64-oe-linux-gcc -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -Werror=return-type --sysroot=TOPDIR/BUILD/work/mach-oe-linux/mongodb/4.4.13-r0/recipe-sysroot -o build/opt/third_party/wiredtiger/src/checksum/arm64/crc32-arm64.o -c -std=c11 -fno-omit-frame-pointer -fno-strict-aliasing -fasynchronous-unwind-tables -ggdb -pthread -Wall -Wsign-compare -Wno-unknown-pragmas -Winvalid-pch -O2 -Wno-unused-local-typedefs -Wno-unused-function -Wno-deprecated-declarations -Wno-unused-const-variable -Wno-unused-but-set-variable -Wno-missing-braces -Wno-exceptions -fstack-protector-strong -fPIE -DNDEBUG -D_XOPEN_SOURCE=700 -D_GNU_SOURCE -D_FORTIFY_SOURCE=2 -DBOOST_THREAD_VERSION=5 -DBOOST_THREAD_USES_DATETIME -DBOOST_SYSTEM_NO_DEPRECATED -DBOOST_MATH_NO_LONG_DOUBLE_MATH_FUNCTIONS -DBOOST_ENABLE_ASSERT_DEBUG_HANDLER -DBOOST_LOG_NO_SHORTHAND_NAMES -DBOOST_LOG_USE_NATIVE_SYSLOG -DBOOST_LOG_WITHOUT_THREAD_ATTR -DABSL_FORCE_ALIGNED_ACCESS -DHAVE_VERBOSE -DHAVE_FALLOCATE -DHAVE_SYNC_FILE_RANGE -DHAVE_ARM_NEON_INTRIN_H -D_GNU_SOURCE -DHAVE_BUILTIN_EXTENSION_ZLIB -DHAVE_BUILTIN_EXTENSION_SNAPPY -DHAVE_BUILTIN_EXTENSION_ZSTD -Isrc/third_party/zstandard-1.4.3/zstd/lib -Isrc/third_party/snappy-1.1.7 -Ibuild/opt/third_party/wiredtiger -Isrc/third_party/wiredtiger -Ibuild/opt/third_party/wiredtiger/src/include -Isrc/third_party/wiredtiger/src/include -Ibuild/opt/third_party/wiredtiger/build_linux -Isrc/third_party/wiredtiger/build_linux src/third_party/wiredtiger/src/checksum/arm64/crc32-arm64.c cc1: warning: command-line option '-Wno-exceptions' is valid for C++/ObjC++ but not for C /tmp/ccGvwFgu.s: Assembler messages: /tmp/ccGvwFgu.s:45: Error: selected processor does not support `crc32cb w2,w2,w3' /tmp/ccGvwFgu.s:77: Error: selected processor does not support `crc32cx w2,w2,x4' /tmp/ccGvwFgu.s:103: Error: selected processor does not support `crc32cb w2,w2,w0' Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tcpdump: upgrade 4.99.3 -> 4.99.4Wang Mingyu2023-09-051-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Changelog: ========== Source code: ---------------- Fix spaces before tabs in indentation. Updated printers: ----------------- LSP ping: Fix "Unused value" warnings from Coverity. CVE-2023-1801: Fix an out-of-bounds write in the SMB printer. DNS: sync resource types with IANA. ICMPv6: Update the output to show a RPL DAO field name. Geneve: Fix the Geneve UDP port test. Building and testing: ---------------------- Require at least autoconf 2.69. Don't check for strftime(), as it's in C90 and beyond. Update config.{guess,sub}, timestamps 2023-01-01,2023-01-21. Documentation: ------------- man: Document TCP flag names better. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 2e782260d0b6018614dbdea95899a4a0921915e0) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libiio: use main branch instead of masterMartin Jansa2023-09-041-1/+1
| | | | | | | * the branch was renamed upstream Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* krb5: Fix CVE-2023-36054Soumya Sambu2023-09-042-0/+69
| | | | | | | | | | | | | | lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count. References: https://nvd.nist.gov/vuln/detail/CVE-2023-36054 Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* yasm: fix CVE-2023-37732Soumya2023-09-032-0/+42
| | | | | | | | | | | | | Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm/intnum.c and /elf/elf.c, which allows the attacker to cause a denial of service via a crafted file. References: https://github.com/yasm/yasm/issues/233 https://nvd.nist.gov/vuln/detail/CVE-2023-37732 Signed-off-by: Soumya <soumya.sambu@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* hwloc: fix CVE-2022-47022Polampalli, Archana2023-08-312-1/+79
| | | | | | | | | | | | | | | An issue was discovered in open-mpi hwloc 2.1.0 allows attackers to cause a denial of service or other unspecified impacts via glibc-cpuset in topology-linux.c. References: https://nvd.nist.gov/vuln/detail/CVE-2022-47022 https://github.com/open-mpi/hwloc/issues/544 Upstream patches: https://github.com/open-mpi/hwloc/commit/ac1f8db9a0790d2bf153711ff4cbf6101f89aace Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* iperf3: upgrade 3.13 -> 3.14Wang Mingyu2023-08-311-1/+1
| | | | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nodejs: upgrade 18.16.1 -> 18.17.1Polampalli, Archana2023-08-313-2/+2
| | | | | | | | | | | | | | | | | | | | Update to latest release of latest LTS 18 release License-Update: [1] [2] [3] The following CVEs are fixed in this release: CVE-2023-32002 CVE-2023-32006 CVE-2023-32559 [1] https://github.com/nodejs/node/commit/0cfdb3affa518bf55cfd8120f0286099fabfb22a [2] https://github.com/nodejs/node/commit/2ea6e030038d86376dea748f702ed14018f99aba [3] https://github.com/nodejs/node/commit/261e1d23d11053b373ea51745f6c1187440c2b08 https://github.com/nodejs/node/releases/tag/v18.17.1 Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* frr: Security fix CVE-2023-3748Yi Zhao2023-08-312-0/+55
| | | | | | | | | | | | | | | | | | | | | CVE-2023-3748: A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue may allow an attacker to send specially crafted hello messages with the unicast flag set, the interval field set to 0, or any TLV that contains a sub-TLV with the Mandatory flag set to enter an infinite loop and cause a denial of service. Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-3748 Patch from: https://github.com/FRRouting/frr/commit/ae1e0e1fed77716bc06f181ad68c4433fb5523d0 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit ee1026ab77dcb31b0f5cb723b4d998aab4c00382) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* mcelog: Drop unneeded autotools-brokensepMingli Yu2023-08-161-2/+9
| | | | | | | | | | | | | Drop unneeded autotools-brokensep class inherit, this package has traditional makefile build. This change also fixes the below buildpaths issue altogether. WARNING: mcelog-191-r0 do_package_qa: QA Issue: File /usr/sbin/.debug/mcelog in package mcelog-dbg contains reference to TMPDIR [buildpaths] (cherry picked from commit 29e6c4928cfbfe3a00921b956938781d53563582) Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* khronos-cts: Replace wayland feature dependancy with vulkanLinus Jacobson2023-08-161-1/+1
| | | | | | | | | | | | | | | | | | Khronos-cts.inc is used for building vulkan-cts or opengl-es-cts. Even though vulkan-cts depends on vulkan-loader, which automatically requires vulkan distro feature, it is more explicitly stated if written here next to opengl. Some systems do not support a windowing service (like wayland) but still might use standard khronos GPU libraries. For these cases, wayland dependancy is invalid. Patch replaces the invalid wayland distro feature dependancy with vulkan for clarity. Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* php: Upgrade to 8.2.8Mingli Yu2023-08-111-1/+1
| | | | | | | | | | php 8.2.7 is a security release and the php 8.2.8 is a bug fix release and more details at [1]. [1] https://www.php.net/ChangeLog-8.php#8.2.7 Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* iniparser: Fix CVE-2023-33461Mingli Yu2023-08-112-1/+54
| | | | | | | Handle null return from iniparser_getstring to fix CVE-2023-33461. Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* yajl: Fix CVE-2023-33460Mingli Yu2023-08-113-1/+78
| | | | | | | | | | Backport 2 patches [1] [2] to fix CVE-2023-33460. [1] https://github.com/openEuler-BaseService/yajl/commit/3d65cb0c6db4d433e5e42ee7d91d8a04e21337cf [2] https://github.com/openEuler-BaseService/yajl/commit/23a122eddaa28165a6c219000adcc31ff9a8a698 Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* redis: upgrade 7.0.11 -> 7.0.12Changqing Li2023-08-1010-1/+1
| | | | | | | | Refer: https://github.com/redis/redis/releases/tag/7.0.12 Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* redis: upgrade 6.2.12 -> 6.2.13Changqing Li2023-08-101-1/+1
| | | | | | | | Refer: https://github.com/redis/redis/releases/tag/6.2.13 Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-08-03 22:08:19 +0000