summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* xfce4 update HOMEPAGEsscarthgap-nextscarthgapJ. S.10 days27-27/+27
| | | | | | | | | | | | | | https://goodies.xfce.org/ states "Starting this month (November 2019), a project is starting to migrate the goodies.xfce.org documentation to https://docs.xfce.org/start. The goal is to remove deprecated projects and, eventually, de-commission the goodies.xfce.org URLs. Additional information will be posted on https://wiki.xfce.org/projects/goodies-decomm/start as the project proceeds." This patch updates the URLs being used in the HOMEPAGEs to reflect where the address is actually resolving. Signed-off-by: Jason Schonberg <schonm@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* logcheck: correct the SRC_URIGuocai He10 days1-1/+1
| | | | | | | | In http://ftp.debian.org/debian/pool/main/l/logcheck/, the tarball of version 1.4.3 is not available. Signed-off-by: Guocai He <guocai.he.cn@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libconfig: correct the SRC_URIGuocai He10 days1-1/+1
| | | | | | | The old SRC_URI is not available. Signed-off-by: Guocai He <guocai.he.cn@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python3-h5py: backport fixes for incompatible-pointer-types issuesMartin Jansa10 days3-2/+56
| | | | | | | | | | | | | Needed in scarthgap for native build on hosts with gcc-14 and newer. It was in master since: https://git.openembedded.org/meta-openembedded/diff/meta-python/recipes-devtools/python/python3-h5py_3.11.0.bb?id=f0c767407d033e3f39ceeccc2f7e03a1ca7a6443 and then removed as fixed in 3.11.0 by: https://git.openembedded.org/meta-openembedded/commit/?id=4b990b6dbabaeb65df5bf46546a873c69032a040 but scarthgap has older 3.10.0, backport necessary changes. Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* jq-1.7.1: Backport multiple CVE fixesRoland Kovacs10 days4-0/+360
| | | | | | | | | | | | CVE: CVE-2024-23337 CVE: CVE-2024-53427 CVE: CVE-2025-48060 Patches CVE-2024-23337.patch and CVE-2024-53427.patch are backported from jq-1.8.0, and CVE-2025-48060.patch is backported from jq-1.8.1. Signed-off-by: Roland Kovacs <roland.kovacs@est.tech> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tcpreplay: fix CVE-2024-22654Archana Polampalli10 days3-0/+127
| | | | | | | tcpreplay v4.4.4 was discovered to contain an infinite loop via the tcprewrite function at get.c. Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* wireshark: upgrade 4.2.9 -> 4.2.12Vijay Anusuri10 days1-4/+4
| | | | | | | | | | | | | | | | | | releasenote: https://www.wireshark.org/docs/relnotes/wireshark-4.2.12.html https://www.wireshark.org/docs/relnotes/wireshark-4.2.11.html https://www.wireshark.org/docs/relnotes/wireshark-4.2.10.html Includes security fix CVE-2025-5601 License-Update: Update GPL copies for FSF no longer having an address Link: https://github.com/wireshark/wireshark/commit/18e4db97c424c11cb26fa7fef97b95dd3d001bb1 The 4.2.9 was not longer available at the original SRC_URI. At the new SRC_URI all version of the wireshark releases are available. Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* phpmyadmin: upgrade 5.2.1 -> 5.2.2Changqing Li10 days1-2/+2
| | | | | | | | | | | | | | License-Update: License year updated This upgrade include security fix for: CVE-2025-24529 CVE-2025-24530 Release note: https://www.phpmyadmin.net/news/2025/1/21/phpMyAdmin-522-is-released/ Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* udisks2: Hardening measure of CVE-2025-6019Changqing Li2025-07-062-0/+52
| | | | | | | | | | | | Refer [1], CVE-2025-6019 is strongly related to udisk daemon, and this is a hardening measure related to this. [1] https://cdn2.qualys.com/2025/06/17/suse15-pam-udisks-lpe.txt [2] https://security-tracker.debian.org/tracker/CVE-2025-6019 [3] https://ubuntu.com/blog/udisks-libblockdev-lpe-vulnerability-fixes-available Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libblockdev: fix CVE-2025-6019Changqing Li2025-07-062-0/+32
| | | | | | | | | | | | | | | | | | | | | | CVE-2025-6019: A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the "allow_active" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an "allow_active" user on a system may be able escalate to full root privileges on the target host. Normally, udisks mounts user-provided filesystem images with security flags like nosuid and nodev to prevent privilege escalation. However, a local attacker can create a specially crafted XFS image containing a SUID-root shell, then trick udisks into resizing it. This mounts their malicious filesystem with root privileges, allowing them to execute their SUID-root shell and gain complete control of the system. Refer: https://cdn2.qualys.com/2025/06/17/suse15-pam-udisks-lpe.txt Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python3-pylint: correct the SRC_URIGuocai He2025-07-061-1/+1
| | | | | | | | In the SRC_URI, the branch of maintenance/3.1.x has been reomved, which will cause do fetch error. So update as "branch=main" Signed-off-by: Guocai He <guocai.he.cn@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libssh: fix CVE-2025-5318Hitendra Prajapati2025-07-062-0/+32
| | | | | | | Upstream-Status: Backport from https://git.libssh.org/projects/libssh.git/commit/?id=5f4ffda88770f95482fd0e66aa44106614dbf466 Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python3-protobuf: upgrade from 4.25.3 to 4.25.8Chen Qi2025-07-061-1/+1
| | | | | | | protobuf has upgraded to 4.25.8. Sync with it. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* protobuf: upgrade from 4.25.3 to 4.25.8Chen Qi2025-07-062-796/+1
| | | | | | | | | | | | 0001-Add-recursion-check-when-parsing-unknown-fields-in-J.patch is dropped because it has been in new version. This upgrade also fixes CVE-2025-4565. The fix commit is as below: d31100c91 Manually backport recursion limit enforcement to 25.x Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* imagemagick: guard sed operations in do_install for optional filesSana Kazi2025-06-231-6/+17
| | | | | | | | | | | | | When PACKAGECONFIG options like 'cxx' 'webp' and 'xml' are disabled, certain files such as Magick++-config.im7, configure.xml, or delegates.xml are not installed. Unconditionally running sed on these files results in errors during do_install Error: sed: can't read .../image/usr/bin/Magick++-config.im7: No such file or directory Signed-off-by: Nikhil R <nikhilr5@kpit.com> Signed-off-by: Sana Kazi <sanakazi720@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* postgresql: upgrade 16.8 -> 16.9Yogita Urade2025-06-232-3/+3
| | | | | | | | | | | | | Includes fix for CVE-2025-4207 Release notes: https://www.postgresql.org/docs/release/16.9/ 0003-configure.ac-bypass-autoconf-2.69-version-check.patch Refreshed for 16.9 Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* canutils: use https instead of git protocolBastian Krause2025-06-231-1/+1
| | | | | | | | The git server at git.pengutronix.de no longer supports the git protocol, so switch to https. Signed-off-by: Bastian Krause <bst@pengutronix.de> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libsocketcan: use https instead of git protocolBastian Krause2025-06-231-1/+1
| | | | | | | | The git server at git.pengutronix.de no longer supports the git protocol, so switch to https. Signed-off-by: Bastian Krause <bst@pengutronix.de> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* redis: upgrade 7.2.7 -> 7.2.8Vijay Anusuri2025-06-2310-1/+1
| | | | | | | | | | | | | | | | | | | | ChangeLog: https://github.com/redis/redis/releases/tag/7.2.8 Update urgency: SECURITY: There are security fixes in the release. Security fixes ================== * (CVE-2025-21605) An unauthenticated client can cause an unlimited growth of output buffers Bug fixes ================= * #12817, #12905 Fix race condition issues between the main thread and module threads * #13863 RANDOMKEY - infinite loop during client pause * #13877 ShardID inconsistency when both primary and replica support it Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* chrony: use inherit_defer for conditional inherit of useraddClayton Casciato2025-06-231-1/+1
| | | | | | | | | | | | [ Upstream commit 63df976d8eec0fa714e8da30f4333f8af23c57d3 ] conditionnal inherit is missed when PACKAGECONFIG privdrop is activated after this inherit, eg in .bbappend. Signed-off-by: Andreas Fenkart <afenkart@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Clayton Casciato <majortomtosourcecontrol@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* lmsensors: Fix build without sensordLeonard Anderweit2025-06-231-2/+3
| | | | | | | | | | | | | | | | | | | When building with sensord disabled (PACKAGECONFIG = ""), do_install would fail because it tried to build sensord which was skiped in do_compile. Error log: make: *** No rule to make target 'rrd.h', needed by 'prog/sensord/rrd.rd'. Stop. Avoid building sensord in do_install by explicitly setting PROG_EXTRA. (master rev: fc88c96c4e40d9dbc6097c4679ac79ed55356730) Fixes: 86b20b84ec27 (lmsensors: Clean stale files for sensord to avoid incorrect GCC header dependencies) Signed-off-by: Leonard Anderweit <l.anderweit@phytec.de> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* proftpd: Fix CVE-2024-57392Vijay Anusuri2025-05-212-0/+43
| | | | | | | Upstream-Status: Backport from https://github.com/proftpd/proftpd/commit/981a37916fdb7b73435c6d5cdb01428b2269427d Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python3-posix-ipc: improve build_supportMartin Jansa2025-05-214-0/+166
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * fixes: https://lists.openembedded.org/g/openembedded-devel/message/117255 DEBUG: Executing shell function do_compile * Getting build dependencies for wheel... /usr/lib/ld-linux-aarch64.so.1: No such file or directory Traceback (most recent call last): File "TOPDIR/BUILD/work/raspberrypi4_64-webos-linux/python3-posix-ipc/1.2.0/recipe-sysroot-native/usr/lib/python3.13/site-packages/pyproject_hooks/_in_process/_in_process.py", line 389, in <module> main() ~~~~^^ File "TOPDIR/BUILD/work/raspberrypi4_64-webos-linux/python3-posix-ipc/1.2.0/recipe-sysroot-native/usr/lib/python3.13/site-packages/pyproject_hooks/_in_process/_in_process.py", line 373, in main json_out["return_val"] = hook(**hook_input["kwargs"]) ~~~~^^^^^^^^^^^^^^^^^^^^^^^^ File "TOPDIR/BUILD/work/raspberrypi4_64-webos-linux/python3-posix-ipc/1.2.0/recipe-sysroot-native/usr/lib/python3.13/site-packages/pyproject_hooks/_in_process/_in_process.py", line 143, in get_requires_for_build_wheel return hook(config_settings) File "TOPDIR/BUILD/work/raspberrypi4_64-webos-linux/python3-posix-ipc/1.2.0/recipe-sysroot-native/usr/lib/python3.13/site-packages/setuptools/build_meta.py", line 334, in get_requires_for_build_wheel return self._get_build_requires(config_settings, requirements=[]) ~~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "TOPDIR/BUILD/work/raspberrypi4_64-webos-linux/python3-posix-ipc/1.2.0/recipe-sysroot-native/usr/lib/python3.13/site-packages/setuptools/build_meta.py", line 304, in _get_build_requires self.run_setup() ~~~~~~~~~~~~~~^^ File "TOPDIR/BUILD/work/raspberrypi4_64-webos-linux/python3-posix-ipc/1.2.0/recipe-sysroot-native/usr/lib/python3.13/site-packages/setuptools/build_meta.py", line 320, in run_setup exec(code, locals()) ~~~~^^^^^^^^^^^^^^^^ File "<string>", line 23, in <module> File "TOPDIR/BUILD/work/raspberrypi4_64-webos-linux/python3-posix-ipc/1.2.0/posix_ipc-1.2.0/build_support/discover_system_info.py", line 409, in discover d["QUEUE_PRIORITY_MAX"] = sniff_mq_prio_max() ~~~~~~~~~~~~~~~~~^^ File "TOPDIR/BUILD/work/raspberrypi4_64-webos-linux/python3-posix-ipc/1.2.0/posix_ipc-1.2.0/build_support/discover_system_info.py", line 238, in sniff_mq_prio_max if max_priority < 0: ^^^^^^^^^^^^^^^^ TypeError: '<' not supported between instances of 'str' and 'int' ERROR Backend subprocess exited when trying to invoke get_requires_for_build_wheel WARNING: TOPDIR/BUILD/work/raspberrypi4_64-webos-linux/python3-posix-ipc/1.2.0/temp/run.do_compile.2736023:168 exit 1 from 'nativepython3 -m build --no-isolation --wheel --outdir TOPDIR/BUILD/work/raspberrypi4_64-webos-linux/python3-posix-ipc/1.2.0/dist TOPDIR/BUILD/work/raspberrypi4_64-webos-linux/python3-posix-ipc/1.2.0/posix_ipc-1.2.0' WARNING: Backtrace (BB generated script): On some hosts. Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* can-utils: handle CAN_ERR_CNT correctlyJeroen Hofstee2025-05-212-0/+71
| | | | | | | | If CAN_ERR_CNT is set, the snprintf_can_error_frame() bails out, as it cannot decode CAN_ERR_CNT. Signed-off-by: Jeroen Hofstee <jhofstee@victronenergy.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* syslog-ng: fix CVE-2024-47619Yogita Urade2025-05-212-0/+293
| | | | | | | | | | | | | | | | | | | syslog-ng is an enhanced log daemo. Prior to version 4.8.2, `tls_wildcard_match()` matches on certificates such as `foo.*.bar` although that is not allowed. It is also possible to pass partial wildcards such as `foo.a*c.bar` which glib matches but should be avoided / invalidated. This issue could have an impact on TLS connections, such as in man-in-the-middle situations. Version 4.8.2 contains a fix for the issue. Reference: https://nvd.nist.gov/vuln/detail/CVE-2024-47619 Upstream patch: https://github.com/syslog-ng/syslog-ng/commit/12a0624e4c275f14cee9a6b4f36e714d2ced8544 Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* iperf3: upgrade 3.16 -> 3.18Zhang Peng2025-05-212-34/+3
| | | | | | | | | | | | | | License-Update: Copyright year updated to 2024. Include security update: CVE-2024-26306 and CVE-2024-53580 drop backported patch: do-not-listen-to-old-udp-prot-listener.patch ChangeLog: https://github.com/esnet/iperf/releases/tag/3.18 https://github.com/esnet/iperf/releases/tag/3.17.1 https://github.com/esnet/iperf/releases/tag/3.17 Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* poppler: fix CVE-2025-43903Yogita Urade2025-05-173-0/+126
| | | | | | | | | | | | | | | | | | | NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries. CVE-2025-43903-0001 is the dependent commit and CVE-2025-43903-0002 is the actual CVE fix. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-43903 Upstream patches: https://gitlab.freedesktop.org/poppler/poppler/-/commit/33672ca1b6670f7378e24f6d475438f7f5d86b05 https://gitlab.freedesktop.org/poppler/poppler/-/commit/f1b9c830f145a0042e853d6462b2f9ca4016c669 Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* poppler: fix CVE-2025-32365Yogita Urade2025-05-172-0/+42
| | | | | | | | | | | | | | | Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-32365 Upstream patch: https://gitlab.freedesktop.org/poppler/poppler/-/commit/1f151565bbca5be7449ba8eea6833051cc1baa41 Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* poppler: fix CVE-2025-32364Yogita Urade2025-05-172-0/+29
| | | | | | | | | | | | | | | A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malformed inputs associated with INT_MIN. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-32364 Upstream patch: https://gitlab.freedesktop.org/poppler/poppler/-/commit/d87bc726c7cc98f8c26b60ece5f20236e9de1bc3 Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libmodbus: ignore CVE-2023-26793 and CVE-2024-34244Peter Marko2025-05-171-0/+3
| | | | | | | | | See discussions in closed/rejected issues linked from NVD CVE reports: * CVE-2023-26793: https://github.com/stephane/libmodbus/issues/683#issuecomment-2615601890 * CVE-2024-34244: https://github.com/stephane/libmodbus/issues/743#issuecomment-2222214256 Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* can-utils: fix printing / reading timestampsJeroen Hofstee2025-05-172-1/+425
| | | | | | | Backport a patch to correctly handle 64bit timestamps. Signed-off-by: Jeroen Hofstee <jhofstee@victronenergy.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nodejs: backport a patch to prevent brotli crashing nodejsJeroen Hofstee2025-05-172-0/+65
| | | | | | | | | | | Brotli can crash nodejs (on ARM), because the memory allocated for brotli wasn't properly aligned. https://github.com/google/brotli/issues/1159 https://github.com/nodejs/node/commit/dc035bbc9b310ff8067bc0dad22230978489c061 Signed-off-by: Jeroen Hofstee <jhofstee@victronenergy.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python3-posix-ipc: switch to PEP-517 build backendKhem Raj2025-05-171-1/+1
| | | | | | Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python3-posix-ipc: upgrade 1.1.1 -> 1.2.0Wang Mingyu2025-05-171-2/+2
| | | | | | | | | | | | 0001-Use-default-cc-from-environment-variable.patch removed since it's not available in 1.2.0 License-Update: Reorg and rename files; add pyproject.toml Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tftpy: fix CVE-2023-46566Archana Polampalli2025-04-262-0/+28
| | | | | | | | Buffer Overflow vulnerability in msoulier tftpy commit 467017b844bf6e31745138a30e2509145b0c529c allows a remote attacker to cause a denial of service via the parse function in the TftpPacketFactory class. Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* pipewire: Install missing ALSA config filesAriel D'Alessandro2025-04-261-0/+10
| | | | | | | | | | | | | | | | | | | | | | | | | As detailed in Pipewire documentation [0], the ALSA plugin requires config files to be symlinked as follow: ``` The plugin will be picked up by alsa when the following files are in /etc/alsa/conf.d/: /etc/alsa/conf.d/50-pipewire.conf -> /usr/share/alsa/alsa.conf.d/50-pipewire.conf /etc/alsa/conf.d/99-pipewire-default.conf ``` The above symlinks are missing, thus the pipewire device is not properly detected. Fix this by creating the required symlinks and installing them in the pipewire-alsa package. [0] https://github.com/PipeWire/pipewire/blob/master/INSTALL.md#alsa-plugin Link: https://github.com/openembedded/meta-openembedded/issues/704 Signed-off-by: Ariel D'Alessandro <ariel.dalessandro@collabora.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* iniparser: Fix CVE-2025-0633Soumya Sambu2025-04-262-0/+38
| | | | | | | | | | | | | | | Heap-based Buffer Overflow vulnerability in iniparser_dumpsection_ini() in iniparser allows attacker to read out of bound memory References: https://nvd.nist.gov/vuln/detail/CVE-2025-0633 https://ubuntu.com/security/CVE-2025-0633 Upstream patch: https://gitlab.com/iniparser/iniparser/-/commit/072a39a772a38c475e35a1be311304ca99e9de7f Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* lmsensors: Clean stale files for sensord to avoid incorrect GCC header ↵Haixiao Yan2025-04-161-1/+4
| | | | | | | | | | | | | | | | | | | | | | dependencies After upgrading GCC—for example, from 14.1.0 to 14.2.0—building lmsensors that was previously compiled with GCC 14.1.0 may fail with an error like: lmsensors/3.6.0/recipe-sysroot-native/usr/lib/x86_64-wrs-linux/gcc/x86_64-wrs-linux/ 14.1.0/include/stddef.h can't find, which is needed by 'prog/sensord/args.rd'. This occurs because prog/sensord/args.rd still references stale headers from the older GCC version. The root cause is that stale *.rd and *.ro files under prog/sensord are not properly cleaned during do_configure. This patch ensures those files are removed to prevent broken dependencies when GCC is upgraded. Also remove the same statement in do_compile. (master rev: 86b20b84ec278cacf4975b7933d46b894d74796e) Signed-off-by: Haixiao Yan <haixiao.yan.cn@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* php: Upgrade 8.2.26 -> 8.2.28Soumya Sambu2025-04-161-1/+1
| | | | | | | | | | | Includes fix for - CVE-2025-1219, CVE-2025-1736, CVE-2025-1861, CVE-2025-1734 and CVE-2025-1217 Changelog: https://www.php.net/ChangeLog-8.php#8.2.28 Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* openvpn: upgrade 2.6.12 -> 2.6.14Divya Chellam2025-04-161-1/+1
| | | | | | | | | | | | | | This includes CVE-fix for CVE-2025-2704 Changelog: ========== https://github.com/OpenVPN/openvpn/releases For full details, refer to: https://github.com/OpenVPN/openvpn/compare/v2.6.12...v2.6.14 Signed-off-by: Divya Chellam <divya.chellam@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* mbedtls: 3.6.2 -> 3.6.3Yi Zhao2025-04-161-5/+2
| | | | | | | | | | | | | | | | ChangeLog: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.6.3 Remove mbedtls-framework repository, as the framework is now added as a flat directory rather than a submodule[1][2]. [1] https://github.com/Mbed-TLS/mbedtls/commit/b41194ce7f2fda63bf5959588631eba73c5c621e [2] https://github.com/Mbed-TLS/mbedtls/commit/2c824b4fe5dab7e1526560be203bf705857e372a Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* mbedtls: upgrade 2.28.9 -> 2.28.10Yi Zhao2025-04-161-1/+1
| | | | | | | | | | ChangeLog https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-2.28.10 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* sharutils: Let POSIX_SHELL be overridable from environmentKhem Raj2025-04-162-0/+50
| | | | | | | | This helps fix WARNING: sharutils-4.15.2-r0 do_package_qa: QA Issue: File /usr/bin/shar in package sharutils contains reference to TMPDIR Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster@mvista.com>
* e2tools: Fix buildpaths QA warning in config.status in ptestKhem Raj2025-04-161-1/+1
| | | | | Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster@mvista.com>
* fwknop: Specify target locations of gpg and wgetKhem Raj2025-04-161-1/+3
| | | | | | | | | This fixes emitting buildpaths into binary and also fixes the issue where these tools wont exist on the paths they were found on build machine Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster@mvista.com>
* fetchmail: disable rpath to fix buildpaths warning.Wang Mingyu2025-04-161-4/+1
| | | | | | | | | | | There was an error with the last modification to the buildpaths warning, which could cause segment error. fix the following warning about buildpath: WARNING: fetchmail-6.4.38-r0 do_package_qa: QA Issue: File /usr/bin/fetchmail in package fetchmail contains reference to TMPDIR [buildpaths] Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster@mvista.com>
* fetchmail: Fix buildpaths warning.Wang Mingyu2025-04-161-0/+3
| | | | | | | | WARNING: fetchmail-6.4.38-r0 do_package_qa: QA Issue: File /usr/bin/fetchmail in package fetchmail contains reference to TMPDIR [buildpaths] Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster@mvista.com>
* gcab: fix buildpaths QA issueMartin Jansa2025-04-162-0/+38
| | | | | | Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster@mvista.com>
* nana: Fix buildpaths warning.Wang Mingyu2025-04-161-0/+6
| | | | | | | | | | WARNING: nana-2.5+git-r0 do_package_qa: QA Issue: File /usr/bin/nana-c++lg in package nana contains reference to TMPDIR File /usr/bin/nana-clg in package nana contains reference to TMPDIR File /usr/bin/nana in package nana contains reference to TMPDIR [buildpaths] Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster@mvista.com>
* lprng: Specify target paths for needed utilitiesKhem Raj2025-04-161-1/+3
| | | | | | | | | | | | | pr,openssl,chown,chgrp are guessed during configure and they are found on host, sometimes under native sysroot and some under HOSTTOOLS which is not right, therefore point to target locations of these tools Fixes all errors like below File /usr/sbin/lprng_certs in package lprng contains reference to TMPDIR Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster@mvista.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-07-21 11:03:26 +0000