summaryrefslogtreecommitdiffstats
path: root/meta-oe/recipes-devtools
Commit message (Collapse)AuthorAgeFilesLines
* jq: Fix CVEsColin McAllister2025-07-135-1/+397
| | | | | | | | | Adds backported patches to fix CVE-2024-23339, CVE-2024-53427, and CVE-2025-48060. Signed-off-by: Colin Pinnell McAllister <colin.mcallister@garmin.com> Change-Id: Ibc2db956b7fd5d0388dbed1a81ddf9aa58431fb1 Signed-off-by: Armin Kuster <akuster808@gmail.com>
* protobuf: fix CVE-2025-4565Chen Qi2025-07-022-0/+377
| | | | | | | | Backport patch with adjustments for 3.19.6 version to fix CVE-2025-4565. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* protobuf: fix ptest with python PACKAGECONFIG enabledChen Qi2025-07-022-2/+3
| | | | | | | | | | | 1. RDEPENDS on python3-protobuf instead of python-protobuf. The latter is not available anywhere. 2. Use use python3 interpreter. 3. Fix run-ptest to avoid test failure. An extra '\n' is needed to break out the loop. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* lapack: upgrade 3.10.0 -> 3.10.1wangmy2025-03-071-2/+2
| | | | | | | | | | Changelog: http://netlib.org/lapack/lapack-3.10.1.html Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Piotr Lewicki <piotr.l.lewicki@hitachienergy.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* abseil-cpp: fix CVE-2025-0838Changqing Li2025-03-062-0/+115
| | | | | | | | | | | | | | | | | | | | | Backport a patch to fix CVE-2025-0838 CVE-2025-0838: There exists a heap buffer overflow vulnerable in Abseil-cpp. The sized constructors, reserve(), and rehash() methods of absl::{flat,node}hash{set,map} did not impose an upper bound on their size argument. As a result, it was possible for a caller to pass a very large size that would cause an integer overflow when computing the size of the container's backing store, and a subsequent out-of-bounds memory write. Subsequent accesses to the container might also access out-of-bounds memory. We recommend upgrading past commit 5a0e2cb5e3958dd90bb8569a2766622cb74d90c1 Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-0838 Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* glade: fix CVE-2020-36774Zhang Peng2025-01-222-0/+55
| | | | | | | | | | | | | | | | CVE-2020-36774: plugins/gtk+/glade-gtk-box.c in GNOME Glade before 3.38.1 and 3.39.x before 3.40.0 mishandles widget rebuilding for GladeGtkBox, leading to a denial of service (application crash). Reference: [https://nvd.nist.gov/vuln/detail/CVE-2020-36774] Upstream patches: [https://gitlab.gnome.org/GNOME/glade/-/commit/7acdd3c6f6934f47b8974ebc2190a59ea5d2ed17] Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* meta-oe: Remove True option to getVar callsakash hadke2025-01-222-7/+7
| | | | | | | | getVar() now defaults to expanding by default, thus remove the True option from getVar() calls with a regex search and replace. Signed-off-by: Akash Hadke <akash.hadke27@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* php: upgrade 8.1.30 -> 8.1.31Vijay Anusuri2024-12-311-1/+1
| | | | | | | | | Includes fix for CVE-2024-8929, CVE-2024-11236, CVE-2024-11234 and CVE-2024-11233 Changelog: https://www.php.net/ChangeLog-8.php#8.1.31 Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
* protobuf: fix CVE-2024-7254Chen Qi2024-12-082-0/+796
| | | | | | | | Backport patch with tweaks for the current version to fix CVE-2024-7254. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* php: upgrade 8.1.29 -> 8.1.30Yogita Urade2024-12-081-1/+1
| | | | | | | | | | | Includes fix for CVE-2024-8925, CVE-2024-8926, CVE-2024-8927 and CVE-2024-9026 Changelog: https://www.php.net/ChangeLog-8.php#8.1.30 Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* flatbuffers: fix native build with gcc-14 on hostMartin Jansa2024-12-082-1/+30
| | | | | | | | | | | | | | | | | | | In C++ we cannot have both assignment operator and const member. Since span::operator= is defined, span::count_ constness must be removed. Fixes: FAILED: CMakeFiles/flatc.dir/src/util.cpp.o ccache flatbuffers/2.0.0/recipe-sysroot-native/usr/bin/aarch64-webos-linux/aarch64-webos-linux-g++ --sysroot=flatbuffers/2.0.0/recipe-sysroot -DFLATBUFFERS_LOCALE_INDEPENDENT=1 -Iflatbuffers/2.0.0/git/include -Iflatbuffers/2.0.0/git/grpc -mbranch-protection=standard -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -Werror=return-type -funwind-tables --sysroot=flatbuffers/2.0.0/recipe-sysroot -O2 -pipe -g -feliminate-unused-debug-types -fcanon-prefix-map -fmacro-prefix-map=flatbuffers/2.0.0/git=/usr/src/debug/flatbuffers/2.0.0 -fdebug-prefix-map=flatbuffers/2.0.0/git=/usr/src/debug/flatbuffers/2.0.0 -fmacro-prefix-map=flatbuffers/2.0.0/build=/usr/src/debug/flatbuffers/2.0.0 -fdebug-prefix-map=flatbuffers/2.0.0/build=/usr/src/debug/flatbuffers/2.0.0 -fdebug-prefix-map=flatbuffers/2.0.0/recipe-sysroot= -fmacro-prefix-map=flatbuffers/2.0.0/recipe-sysroot= -fdebug-prefix-map=flatbuffers/2.0.0/recipe-sysroot-native= -fvisibility-inlines-hidden -fPIC -DNDEBUG -MD -MT CMakeFiles/flatc.dir/src/util.cpp.o -MF CMakeFiles/flatc.dir/src/util.cpp.o.d -o CMakeFiles/flatc.dir/src/util.cpp.o -c flatbuffers/2.0.0/git/src/util.cpp In file included from ../git/include/flatbuffers/util.h:23, from ../git/src/util.cpp:44: ../git/include/flatbuffers/stl_emulation.h: In member function 'constexpr flatbuffers::span<T, Extent>& flatbuffers::span<T, Extent>::operator=(const flatbuffers::span<T, Extent>&)': ../git/include/flatbuffers/stl_emulation.h:549:12: error: assignment of read-only member 'flatbuffers::span<T, Extent>::count_' 549 | count_ = other.count_; | ~~~~~~~^~~~~~~~~~~~~~ Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* xmlrpc-c: fix do_fetch errorGuocai He2024-10-131-1/+1
| | | | | | | | | Fetcher failure: Unable to find revision 86405c7e1bd4f70287204a28d242a1054daab520 in branch master Signed-off-by: Guocai He <guocai.he.cn@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* cjson: upgrade 1.7.17 -> 1.7.18Peter Marko2024-10-131-1/+1
| | | | | | | | | | | | | | | | Changelog: ============ * Add NULL check to cJSON_SetValuestring()(CVE-2024-31755) * Remove non-functional list handling of compiler flags * Fix heap buffer overflow * remove misused optimization flag -01 * Set free'd pointers to NULL whenever they are not reassigned immediately after Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (From meta-openembedded rev: 535822eff7647b6363225bb8f04d2d7d59a71204) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* android-tools: Create flag file /etc/usb-debugging-enabledDmitry Baryshkov2024-10-131-1/+1
| | | | | | | | | | | | | | | | Location of the file that systemd uses to check whether to start adbd or not has been updated from /var to /etc in android-tools-adbd.service. This change changes the path of creation of usb-debugging-enabled flag file in android-tools recipes from /var/usb-debugging-enabled to /etc/usb-debugging-enabled Backport-of: 2a3d4be9994e ("android-tools: create flag flag file for adbd at a proper location") Fixes: a29c6386d576 ("android-toold-adbd: Fix inconsistency between selinux configurations") Fixes: 8106cfe769aa ("android-tools-adbd.service: Change /var to /etc in ConditionPathExists") Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> Signed-off-by: Raghuvarya S <quic_raghuvar@quicinc.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* android-tools-adbd.service: Update ConditionPathExists to /etcRaghuvarya S2024-10-131-1/+1
| | | | | | | | | | | | | | To ensure android-tools-adbd.service starts at boot, the path for ConditionPathExists must be present at build time. /etc is more suitable for build-time files than /var, which is for runtime files. Changed ConditionPathExists from /var/usb-debugging-enabled to /etc/usb-debugging-enabled Backport-of: 8106cfe769aa ("android-tools-adbd.service: Change /var to /etc in ConditionPathExists") CC: Khem Raj <raj.khem@gmail.com> CC: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> Signed-off-by: Raghuvarya S <quic_raghuvar@quicinc.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* php-fpm: fix systemdEmil Kronborg2024-07-302-12/+62
| | | | | | | | | | | | | | 2848cc99a186 ("php-fpm: Add support for systemd") introduced a systemd service file, where ExecStart and ExecStop uses /etc/init.d/php-fpm, which does not exist if systemd is enabled. Consequently, the php-fpm service fails to start even though it is correctly installed. This is fixed by this commit in which the service file is identical to the one from the PHP source code except for the use of BitBake variables. Also, use ${systemd_system_unitdir} instead of ${systemd_unitdir}/system. Signed-off-by: Emil Kronborg <emil.kronborg@protonmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* php: Fix install conflict when enable multilib.Wang Mingyu2024-07-301-1/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Error: Transaction test error: file /usr/bin/php-config conflicts between attempted installs of php-dev-8.2.7-r0.core2_64 and lib32-php-dev-8.2.7-r0.i686 file /usr/bin/phpize conflicts between attempted installs of php-dev-8.2.7-r0.core2_64 and lib32-php-dev-8.2.7-r0.i686 file /usr/include/php/main/build-defs.h conflicts between attempted installs of php-dev-8.2.7-r0.core2_64 and lib32-php-dev-8.2.7-r0.i686 file /usr/include/php/main/php_config.h conflicts between attempted installs of php-dev-8.2.7-r0.core2_64 and lib32-php-dev-8.2.7-r0.i686 The differences of php-config are as follows: @@ -8,16 +8,16 @@ vernum="80207" include_dir="/usr/include/php" includes="-I$include_dir -I$include_dir/main -I$include_dir/TSRM -I$include_dir/Zend -I$include_dir/ext -I$include_dir/ext/date/lib" -ldflags=" -L/usr/lib64" +ldflags=" -L/usr/lib" libs="-lcrypt -lc-client -lrt -lcrypt -lpam -lbz2 -lrt -lm -ldl -lxml2 -lssl -lcrypto -lsqlite3 -lz -lxml2 -lssl -lcrypto -lsqlite3 -lxml2 -lxml2 -lxml2 -lxml2 -lz -lssl -lcrypto -lcrypt " -extension_dir='/usr/lib64/php8/extensions/no-debug-non-zts-20220829' +extension_dir='/usr/lib/php8/extensions/no-debug-non-zts-20220829' man_dir=`eval echo /usr/share/man` program_prefix="" program_suffix="" exe_extension="" php_cli_binary=NONE php_cgi_binary=NONE -configure_options=" '--build=x86_64-linux' '--host=x86_64-poky-linux' '--target=x86_64-poky-linux' '--prefix=/usr' '--exec_prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--libexecdir=/usr/libexec' '--datadir=/usr/share' '--sysconfdir=/etc' '--sharedstatedir=/com' '--localstatedir=/var' '--libdir=/usr/lib64' '--includedir=/usr/include' '--oldincludedir=/usr/include' '--infodir=/usr/share/info' '--mandir=/usr/share/man' '--disable-silent-rules' '--disable-dependency-tracking' '--with-libtool-sysroot=' '--enable-mbstring' '--enable-fpm' '--with-libdir=lib64' '--with-gettext=/usr/lib64/..' '--with-zlib=/usr/lib64/..' '--with-iconv=/usr/lib64/..' '--with-bz2=/usr' '--with-config-file-path=/etc/php/apache2-php8' 'ac_cv_c_bigendian_php=no' '--enable-sockets' '--enable-pcntl' '--enable-shared' '--disable-rpath' '--with-pic' '--libdir=/usr/lib64/php8' '--disable-static' '--with-imap=' '--with-imap-ssl=' '--disable-ipv6' '--disable-mbregex' '--with-mysqli=mysqlnd' '--with-pdo-mysql=m ysqlnd' '--enable-opcache' '--with-openssl' '--without-pgsql' '--disable-soap' '--with-sqlite3=/usr/lib64/..' '--with-pdo-sqlite=/usr/lib64/..' '--with-valgrind=no' '--enable-nls' 'build_alias=x86_64-linux' 'host_alias=x86_64-poky-linux' 'target_alias=x86_64-poky-linux' 'PKG_CONFIG_PATH=/usr/lib64/pkgconfig:/usr/share/pkgconfig://usr/share/pkgconfig' 'PKG_CONFIG_LIBDIR=/usr/lib64/pkgconfig' 'CC=x86_64-poky-linux-gcc -m64 -march=core2 -mtune=core2 -msse3 -mfpmath=sse -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security --sysroot=' 'CFLAGS= -O2 -pipe -g -feliminate-unused-debug-types -fcanon-prefix-map -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -g -DPTYS_ARE_GETPT -DPTYS_ARE_SEARCHED -I/usr/include/apache2 -DHAVE_LIBDL ' 'LDFLAGS=-Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -fcanon-prefix-map -Wl,-z,relro,-z,now -ldl ' 'CPPFLAGS=' 'CPP=x86_64-poky-linux-gcc -E --sysroot= -m64 -march=core2 -mtune=core2 -msse3 -mfpmath=sse -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security' 'CXX=x86_64-poky-linux-g++ -m64 -march=core2 -mtune=core2 -msse3 -mfpmath=sse -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security --sysroot=' 'CXXFLAGS= -O2 -pipe -g -feliminate-unused-debug-types -fcanon-prefix-map -fvisibility-inlines-hidden'" +configure_options=" '--build=x86_64-linux' '--host=i686-pokymllib32-linux' '--target=i686-pokymllib32-linux' '--prefix=/usr' '--exec_prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--libexecdir=/usr/libexec' '--datadir=/usr/share' '--sysconfdir=/etc' '--sharedstatedir=/com' '--localstatedir=/var' '--libdir=/usr/lib' '--includedir=/usr/include' '--oldincludedir=/usr/include' '--infodir=/usr/share/info' '--mandir=/usr/share/man' '--disable-silent-rules' '--disable-dependency-tracking' '--with-libtool-sysroot=' '--enable-mbstring' '--enable-fpm' '--with-libdir=lib' '--with-gettext=/usr/lib/..' '--with-zlib=/usr/lib/..' '--with-iconv=/usr/lib/..' '--with-bz2=/usr' '--with-config-file-path=/etc/php/apache2-php8' 'ac_cv_c_bigendian_php=no' '--enable-sockets' '--enable-pcntl' '--enable-shared' '--disable-rpath' '--with-pic' '--libdir=/usr/lib/php8' '--disable-static' '--with-imap=' '--with-imap-ssl=' '--disable-ipv6' '--disable-mbregex' '--with-mysqli=mysqlnd' '--with-pdo-mysql=mys qlnd' '--enable-opcache' '--with-openssl' '--without-pgsql' '--disable-soap' '--with-sqlite3=/usr/lib/..' '--with-pdo-sqlite=/usr/lib/..' '--with-valgrind=no' '--enable-nls' 'build_alias=x86_64-linux' 'host_alias=i686-pokymllib32-linux' 'target_alias=i686-pokymllib32-linux' 'PKG_CONFIG_PATH=/usr/lib/pkgconfig:/usr/share/pkgconfig:/ubinux-dev/ubinux001/contribution/build_xh/tmp/work/i686-pokymllib32-linux/lib32-php/8.2.7-r0/recipe-sysroot//usr/share/pkgconfig' 'PKG_CONFIG_LIBDIR=/usr/lib/pkgconfig' 'CC=i686-pokymllib32-linux-gcc -m32 -march=i686 -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -D_TIME_BITS=64 -D_FILE_OFFSET_BITS=64 --sysroot=' 'CFLAGS= -O2 -pipe -g -feliminate-unused-debug-types -fcanon-prefix-map -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -g -DPTYS_ARE_GETPT -DPTYS_ARE_SEARCHED -I/usr/include/apache2 -DHAVE_LIBDL ' 'LDFLAGS=-Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -fcanon-prefix-map -Wl,-z,relro,-z,now -ldl ' 'CPPFLAGS =' 'CPP=i686-pokymllib32-linux-gcc -E --sysroot= -m32 -march=i686 -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -D_TIME_BITS=64 -D_FILE_OFFSET_BITS=64' 'CXX=i686-pokymllib32-linux-g++ -m32 -march=i686 -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -D_TIME_BITS=64 -D_FILE_OFFSET_BITS=64 --sysroot=' 'CXXFLAGS= -O2 -pipe -g -feliminate-unused-debug-types -fcanon-prefix-map -fvisibility-inlines-hidden'" The differences of phpize are as follows: @@ -4,7 +4,7 @@ prefix='/usr' datarootdir='/usr/php' exec_prefix="`eval echo /usr`" -phpdir="`eval echo /usr/lib64/php8`/build" +phpdir="`eval echo /usr/lib/php8`/build" includedir="`eval echo /usr/include`/php" builddir="`pwd`" SED="sed" The differences of build-defs.h are as follows: @@ -14,7 +14,7 @@ +----------------------------------------------------------------------+ */ -#define CONFIGURE_COMMAND " '../php-8.2.7/configure' '--build=x86_64-linux' '--host=x86_64-poky-linux' '--target=x86_64-poky-linux' '--prefix=/usr' '--exec_prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--libexecdir=/usr/libexec' '--datadir=/usr/share' '--sysconfdir=/etc' '--sharedstatedir=/com' '--localstatedir=/var' '--libdir=/usr/lib64' '--includedir=/usr/include' '--oldincludedir=/usr/include' '--infodir=/usr/share/info' '--mandir=/usr/share/man' '--disable-silent-rules' '--disable-dependency-tracking' '--with-libtool-sysroot=' '--enable-mbstring' '--enable-fpm' '--with-libdir=lib64' '--with-gettext=/usr/lib64/..' '--with-zlib=/usr/lib64/..' '--with-iconv=/usr/lib64/..' '--with-bz2=/usr' '--with-config-file-path=/etc/php/apache2-php8' 'ac_cv_c_bigendian_php=no' '--enable-sockets' '--enable-pcntl' '--enable-shared' '--disable-rpath' '--with-pic' '--libdir=/usr/lib64/php8' '--disable-static' '--with-imap=' '--with-imap-ssl=' '--disable-ipv6' '--disable-mbregex' '--with-m ysqli=mysqlnd' '--with-pdo-mysql=mysqlnd' '--enable-opcache' '--with-openssl' '--without-pgsql' '--disable-soap' '--with-sqlite3=/usr/lib64/..' '--with-pdo-sqlite=/usr/lib64/..' '--with-valgrind=no' '--enable-nls' 'build_alias=x86_64-linux' 'host_alias=x86_64-poky-linux' 'target_alias=x86_64-poky-linux' 'PKG_CONFIG_PATH=/usr/lib64/pkgconfig:/usr/share/pkgconfig://usr/share/pkgconfig' 'PKG_CONFIG_LIBDIR=/usr/lib64/pkgconfig' 'CC=x86_64-poky-linux-gcc -m64 -march=core2 -mtune=core2 -msse3 -mfpmath=sse -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security --sysroot=' 'CFLAGS= -O2 -pipe -g -feliminate-unused-debug-types -fcanon-prefix-map -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -g -DPTYS_ARE_GETPT -DPTYS_ARE_SEARCHED -I/usr/include/apache2 -DHAVE_LIBDL ' 'LDFLAGS=-Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -fcanon-prefix-map -Wl,-z,relro,-z,now -ldl ' 'CPPFLAGS=' 'CPP=x86_64-poky-linux-gcc -E --sysroot= -m64 -march=core2 -mtune=core2 -msse3 -mf pmath=sse -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security' 'CXX=x86_64-poky-linux-g++ -m64 -march=core2 -mtune=core2 -msse3 -mfpmath=sse -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security --sysroot=' 'CXXFLAGS= -O2 -pipe -g -feliminate-unused-debug-types -fcanon-prefix-map -fvisibility-inlines-hidden'" +#define CONFIGURE_COMMAND " '../php-8.2.7/configure' '--build=x86_64-linux' '--host=i686-pokymllib32-linux' '--target=i686-pokymllib32-linux' '--prefix=/usr' '--exec_prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--libexecdir=/usr/libexec' '--datadir=/usr/share' '--sysconfdir=/etc' '--sharedstatedir=/com' '--localstatedir=/var' '--libdir=/usr/lib' '--includedir=/usr/include' '--oldincludedir=/usr/include' '--infodir=/usr/share/info' '--mandir=/usr/share/man' '--disable-silent-rules' '--disable-dependency-tracking' '--with-libtool-sysroot=' '--enable-mbstring' '--enable-fpm' '--with-libdir=lib' '--with-gettext=/usr/lib/..' '--with-zlib=/usr/lib/..' '--with-iconv=/usr/lib/..' '--with-bz2=/usr' '--with-config-file-path=/etc/php/apache2-php8' 'ac_cv_c_bigendian_php=no' '--enable-sockets' '--enable-pcntl' '--enable-shared' '--disable-rpath' '--with-pic' '--libdir=/usr/lib/php8' '--disable-static' '--with-imap=' '--with-imap-ssl=' '--disable-ipv6' '--disable-mbregex' '--with-mys qli=mysqlnd' '--with-pdo-mysql=mysqlnd' '--enable-opcache' '--with-openssl' '--without-pgsql' '--disable-soap' '--with-sqlite3=/usr/lib/..' '--with-pdo-sqlite=/usr/lib/..' '--with-valgrind=no' '--enable-nls' 'build_alias=x86_64-linux' 'host_alias=i686-pokymllib32-linux' 'target_alias=i686-pokymllib32-linux' 'PKG_CONFIG_PATH=/usr/lib/pkgconfig:/usr/share/pkgconfig:/ubinux-dev/ubinux001/contribution/build_xh/tmp/work/i686-pokymllib32-linux/lib32-php/8.2.7-r0/recipe-sysroot//usr/share/pkgconfig' 'PKG_CONFIG_LIBDIR=/usr/lib/pkgconfig' 'CC=i686-pokymllib32-linux-gcc -m32 -march=i686 -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -D_TIME_BITS=64 -D_FILE_OFFSET_BITS=64 --sysroot=' 'CFLAGS= -O2 -pipe -g -feliminate-unused-debug-types -fcanon-prefix-map -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -g -DPTYS_ARE_GETPT -DPTYS_ARE_SEARCHED -I/usr/include/apache2 -DHAVE_LIBDL ' 'LDFLAGS=-Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -fcanon-prefix-map -W l,-z,relro,-z,now -ldl ' 'CPPFLAGS=' 'CPP=i686-pokymllib32-linux-gcc -E --sysroot= -m32 -march=i686 -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -D_TIME_BITS=64 -D_FILE_OFFSET_BITS=64' 'CXX=i686-pokymllib32-linux-g++ -m32 -march=i686 -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -D_TIME_BITS=64 -D_FILE_OFFSET_BITS=64 --sysroot=' 'CXXFLAGS= -O2 -pipe -g -feliminate-unused-debug-types -fcanon-prefix-map -fvisibility-inlines-hidden'" #define PHP_ODBC_CFLAGS "" #define PHP_ODBC_LFLAGS "" #define PHP_ODBC_LIBS "" @@ -24,12 +24,12 @@ #define PHP_PROG_SENDMAIL "/usr/sbin/sendmail" #define PEAR_INSTALLDIR "" #define PHP_INCLUDE_PATH ".:" -#define PHP_EXTENSION_DIR "/usr/lib64/php8/extensions/no-debug-non-zts-20220829" +#define PHP_EXTENSION_DIR "/usr/lib/php8/extensions/no-debug-non-zts-20220829" #define PHP_PREFIX "/usr" #define PHP_BINDIR "/usr/bin" #define PHP_SBINDIR "/usr/sbin" #define PHP_MANDIR "/usr/share/man" -#define PHP_LIBDIR "/usr/lib64/php8" +#define PHP_LIBDIR "/usr/lib/php8" #define PHP_DATADIR "/usr/share" #define PHP_SYSCONFDIR "/etc" #define PHP_LOCALSTATEDIR "/var" The differences of php_config.h are as follows: @@ -2064,7 +2064,7 @@ /* #undef SIZEOF_INTMAX_T */ /* The size of `long', as computed by sizeof. */ -#define SIZEOF_LONG 8 +#define SIZEOF_LONG 4 /* The size of `long long', as computed by sizeof. */ #define SIZEOF_LONG_LONG 8 @@ -2079,7 +2079,7 @@ #define SIZEOF_SHORT 2 /* The size of `size_t', as computed by sizeof. */ -#define SIZEOF_SIZE_T 8 +#define SIZEOF_SIZE_T 4 /* Size of ssize_t */ #define SIZEOF_SSIZE_T 8 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* giflib: fix build with gold and avoid imagemagick-native dependencyMartin Jansa2024-07-173-45/+39
| | | | | | | | * avoid imagemagick-native like upstream did in: https://sourceforge.net/p/giflib/code/ci/d54b45b0240d455bbaedee4be5203d2703e59967/ Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* php: Upgrade to 8.1.29Soumya Sambu2024-06-271-1/+1
| | | | | | | | | | Includes fix for CVE-2024-5458, CVE-2024-2408 and other bugs Changelog: https://www.php.net/ChangeLog-8.php#8.1.29 Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* giflib: upgrade to version 5.2.2nikhil2024-06-273-43/+46
| | | | | | | | | | | | | | | | | | | | | Upgrade to latest version giflib v5.2.2. This version fixes bugs listed in link below: Link: https://sourceforge.net/p/giflib/code/ci/5.2.2/tree/NEWS Fixes for CVE-2023-48161, CVE-2022-28506, CVE-2023-39742 Link: https://clients.neighbourhood.ie/yocto/1-40.html#:~:text=CVE%2D2023%2D39742%3A%20giflib%3Agiflib%2Dnative Added dependency on ImageMagick which includes "convert" utility, to ensure availability of required tool during compilation process. Add patch to rename binary used in Makefile from "convert" to "convert.im7" as installed by imagemagick package. Drop CVE-2022-28506.patch as it is fixed in this version. Signed-off-by: Bhabu Bindu <bhabubindu@kpit.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* yajl: backport Debian patch for CVE-2022-24795Vijay Anusuri2024-06-272-0/+62
| | | | | | | | | | | | import patch from ubuntu to fix CVE-2022-24795 Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/yajl/tree/debian/patches/?h=ubuntu%2Ffocal-security Upstream commit https://github.com/ppisar/yajl/commit/23cea2d7677e396efed78bbf1bf153961fab6bad] Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* sip3: Fix segmentation faultRob Woolley2024-06-272-17412/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The first version of this patch introduced a problem with python3-pyqt5. Python emitted the following error message when one attempted to import PyQt5.Qt: ImportError: dynamic module does not define module export function (PyInit_Qt) This came about due to segfault in sip when executed in do_configure of python3-pyqt5. This resulted in a zero-length sipQtcmodule.c file being produced. This compiled successfully which meant no build failure was observed. The segfault was caused by a mistake in backporting the patch from SIP 6. The generateCompositeCpp() function uses the generate_include_sip_h() helper function in later versions which doesn't exist in SIP 4. We must replace the first parameter passed to isPY_SSIZE_T_CLEAN() from mod to pt->module to account for this. The change is not necessary for generateInternalAPIHeader() To simplify the patch we can remove the generated lexer and parser files and run flex and bison in do_configure instead. Signed-off-by: Rob Woolley <rob.woolley@windriver.com> Tested-by: Toby Flynn <campingandskiing@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nodejs: fix CVE-2023-46809Archana Polampalli2024-06-022-0/+626
| | | | | Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nodejs: fix CVE-2024-22025Archana Polampalli2024-06-022-0/+149
| | | | | Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nodejs: fix CVE-2024-22019Archana Polampalli2024-06-022-0/+557
| | | | | Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* php: upgrade 8.1.22 -> 8.1.28Soumya Sambu2024-05-261-1/+1
| | | | | | | | | | | | | Upgrade php to 8.1.28 Security fixes: CVE-2024-3096 CVE-2024-2756 https://www.php.net/ChangeLog-8.php#8.1.28 Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* giflib: Fix CVE CVE-2022-28506nikhil2024-04-282-1/+43
| | | | | | | | | | | | | | There is a heap buffer overflow in DumpScreen2RGB() in gif2rgb.c. This occurs when a crafted gif file, where size of color table is < 256 but image data contains pixels with color code highier than size of color table. This causes oferflow of ColorMap->Colors array. Fix the issue by checking if value of each pixel is within bounds of given color table. If the value is out of color table, print error message and exit. Signed-off-by: Nikhil R <nikhil.r@kpit.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nodejs: Set CVE_PRODUCT to "node.js"virendra thakur2024-02-281-0/+2
| | | | | | | Set CVE_PRODUCT to 'node.js' for nodjs recipe Signed-off-by: virendra thakur <virendrak@kpit.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* cjson: upgrade 1.7.15 -> 1.7.17Archana Polampalli2024-01-121-1/+1
| | | | | | | | | | | The following CVEs are addressed in this release. CVE-2023-50471 CVE-2023-50472 https://github.com/DaveGamble/cJSON/releases/tag/v1.7.17 Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* sip3: Add py_ssize_t_clean argumentRob Woolley2024-01-122-0/+17681
| | | | | | | | | | | | | | An unintentional breakage was made upstream in sip4 which results in builds reporting: QtCoremod.sip:23: syntax error This was reported in Debian, but not resolved: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=998605 A backport of a fix from the upstream project fixes the parser to prevent it from complaining about the syntax error. Signed-off-by: Rob Woolley <rob.woolley@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* sip3: Add sipconfig.pyRob Woolley2024-01-121-1/+18
| | | | | | | | | | | | Add the destdir option to ensure that sipconfig.py gets installed to the site-packages directory and included in python3-sip3. Remove references to the build paths from sipconfig.py as part of the install stage. One may then prepend STAGING_DIR_NATIVE to sip_bin and STAGING_DIR_TARGET to *_dir in any recipe that uses sipconfig.py. Signed-off-by: Rob Woolley <rob.woolley@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* yasm: fix CVE-2023-37732Soumya2024-01-122-0/+42
| | | | | | | | | | | | | | | Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm/intnum.c and /elf/elf.c, which allows the attacker to cause a denial of service via a crafted file. References: https://github.com/yasm/yasm/issues/233 https://nvd.nist.gov/vuln/detail/CVE-2023-37732 Signed-off-by: Soumya <soumya.sambu@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 41fffef6b044b2722aa13f7e7648a3f848231851) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* meta-oe: Drop broken BBCLASSEXTEND variantsRichard Purdie2023-11-172-3/+1
| | | | | | | | | | | | | | | | | | | | | | | | The command "bitbake universe -c fetch" currently throws a ton of warnings as there are many 'impossible' dependencies. In some cases these variants may never have worked and were just added by copy and paste of recipes. In some cases they once clearly did work but became broken somewhere along the way. Users may also be carrying local bbappend files which add further BBCLASSEXTEND. Having universe fetch work without warnings is desireable so clean up the broken variants. Anyone actually needing something dropped here can propose adding it and the correct functional dependencies back quite easily. This also then ensures we're not carrying or fixing things nobody uses. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 9962d57f7c235873de0a0bb192b5f56747762fc7) Backport: * Updated paths to follow PV changes * Adapted modified recipes to the ones generating warnings Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nlohmann-json: Add ptest supportMingli Yu2023-11-152-3/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Fetch the test data during do_fetch phase to avoid internet access during test as some tests need test data. # ./run-ptest PASS: test-algorithms PASS: test-allocator PASS: test-alt-string PASS: test-assert_macro PASS: test-bson PASS: test-byte_container_with_subtype PASS: test-capacity PASS: test-cbor PASS: test-class_const_iterator PASS: test-class_iterator PASS: test-class_lexer PASS: test-class_parser PASS: test-comparison PASS: test-concepts PASS: test-constructor1 PASS: test-constructor2 PASS: test-convenience PASS: test-conversions PASS: test-conversions_cpp17 PASS: test-deserialization PASS: test-diagnostics PASS: test-disabled_exceptions PASS: test-element_access1 PASS: test-element_access2 PASS: test-hash PASS: test-inspection PASS: test-items PASS: test-items_cpp17 PASS: test-iterators1 PASS: test-iterators2 PASS: test-json_patch PASS: test-json_pointer PASS: test-large_json PASS: test-merge_patch PASS: test-meta PASS: test-modifiers PASS: test-msgpack PASS: test-noexcept PASS: test-ordered_json PASS: test-ordered_map PASS: test-pointer_access PASS: test-readme PASS: test-reference_access PASS: test-regression1 PASS: test-regression1_cpp17 PASS: test-regression2 PASS: test-regression2_cpp17 PASS: test-serialization PASS: test-testsuites PASS: test-to_chars PASS: test-ubjson PASS: test-udt PASS: test-udt_macro PASS: test-unicode1 PASS: test-unicode2 PASS: test-unicode3 PASS: test-unicode4 PASS: test-unicode5 PASS: test-user_defined_input PASS: test-wstring Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* suiteparse: Adapt to upstream branch name changesRichard Purdie2023-11-031-1/+1
| | | | | | | meta-oe master branch already made this change. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nodejs: fix CVE-2022-25883Polampalli, Archana2023-09-042-0/+263
| | | | | | | | | | | | | | | Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. References: https://nvd.nist.gov/vuln/detail/CVE-2022-25883 Upstream patches: https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441 Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nlohmann-json: Avoid usage of nobranch=1Sourav Pramanik2023-08-301-1/+1
| | | | | | | | | The usage of nobranch=1 in SRC_URI allows using unprotected branches. This change updates the real branch name in place of nobranch=1. Signed-off-by: Sourav Kumar Pramanik <pramanik.souravkumar@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* rapidjson: Avoid usage of nobranch=1Sourav Pramanik2023-08-301-1/+1
| | | | | | | | | The usage of nobranch=1 in SRC_URI allows using unprotected branches. This change updates the real branch name in place of nobranch=1. Signed-off-by: Sourav Kumar Pramanik <pramanik.souravkumar@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* php: upgrade 8.1.16 -> 8.1.22Polampalli, Archana2023-08-251-1/+1
| | | | | | | | | | | | | | Upgrade php to 8.1.22 Security fixes: CVE-2023-3824 CVE-2023-3823 CVE-2023-3247 https://www.php.net/ChangeLog-8.php#8.1.22 Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nodejs: upgrade 16.20.1 -> 16.20.2Polampalli, Archana2023-08-111-1/+1
| | | | | | | | | | | | | | | | | | | | | | | This release contains bug fixes only. The following CVEs have been addressed: CVE-2023-32002 CVE-2023-32006 CVE-2023-32559 $ git log --oneline v16.20.1..v16.20.2 dadbde963f (tag: v16.20.2) 2023-08-09, Version 16.20.2 'Gallium' (LTS) d8ccfe9ad4 policy: handle Module.constructor and main.extensions bypass 242aaa0caa policy: disable process.binding() when enabled 40c3958a5a deps: update archs files for OpenSSL-1.1.1v a9ac9da89a deps: fix openssl crypto clean 362d4c7494 deps: upgrade openssl sources to OpenSSL_1_1_1v 7447de2794 Working on v16.20.2 https://github.com/nodejs/node/releases/tag/v16.20.2 Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* yasm: fix CVE-2023-31975Polampalli, Archana2023-08-032-0/+30
| | | | | | | | | | | | | | | yasm v1.3.0 was discovered to contain a memory leak via the function yasm_intnum_copy at /libyasm/intnum.c. References: https://nvd.nist.gov/vuln/detail/CVE-2023-31975 https://github.com/yasm/yasm/issues/210 Upstream patches: https://github.com/yasm/yasm/commit/b2cc5a1693b17ac415df76d0795b15994c106441 Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nodejs: upgrade 16.19.1 -> 16.20.1Polampalli, Archana2023-07-164-77/+1
| | | | | | | | | | | | | | | | | | | Drop the gcc13.patch as it has been merged in 16.20.1 56cbc7fdda deps: V8: cherry-pick c2792e58035f The list of the CVEs are fixed in this relase: CVE-2023-30581 CVE-2023-30585 CVE-2023-30588 CVE-2023-30589 CVE-2023-30590 https://nodejs.org/en/blog/release/v16.20.0 https://nodejs.org/en/blog/release/v16.20.1 Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* yajl: CVE-2023-33460 memory leak in yajl_tree_parse functionHitendra Prajapati2023-07-022-1/+32
| | | | | | | Upstream-Status: Backport from https://github.com/openEuler-BaseService/yajl/commit/23a122eddaa28165a6c219000adcc31ff9a8a698 Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* grpc: ignore CVE-2023-32732Peter Marko2023-07-021-0/+3
| | | | | | | | | It was introduced in in v1.53.0 and not backported to v1.46.x branch. NVD references PR which intrioduces the vulnerability: https://github.com/grpc/grpc/pull/32309#issuecomment-1589561295 Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ExprTk: Update package to release/0.0.2Arash Partow2023-06-191-2/+2
| | | | | | | Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 0522e66a26b1f4778948553a193a4728fb239efe) [The SRC_URI HASH no longer exists in repo so use 0.0.2 version] Signed-off-by: Armin Kuster <akuster808@gmail.com>
* lapack: add packageconfig for lapackeAdrian Zaharia2023-06-151-0/+3
| | | | | | | | | | backport of commit: d799db35d lapack: add packageconfig for lapacke Signed-off-by: Adrian Zaharia <Adrian.Zaharia@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* Revert "pahole: fix native package build error"Xiangyu Chen2023-05-231-1/+0
| | | | | | | | | | This reverts commit 0cc8e22c463324ddd833239116b1ff82ef82f42c. The pahole-native package should use the header from libbpf instead of linux-libc-headers, the 0cc8e22c would cause compile error, so revert it. Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nodejs: Fix build with gcc13Khem Raj2023-05-192-0/+76
| | | | | | Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* abseil-cpp: backport a fix for build with gcc-13Martin Jansa2023-05-192-0/+32
| | | | | | | * needed for abseil-cpp-native on hosts with gcc-13" Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* capnproto: upgrade to 0.9.2Chee Yang Lee2023-05-091-1/+1
| | | | | | | upgrade include fix for CVE-2022-46149 Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-08-06 12:44:35 +0000