summaryrefslogtreecommitdiffstats
path: root/meta-oe/recipes-extended
Commit message (Collapse)AuthorAgeFilesLines
* libconfig: correct the SRC_URIGuocai He2025-07-101-1/+1
| | | | | | | The old SRC_URI is not available. Signed-off-by: Guocai He <guocai.he.cn@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libblockdev: fix CVE-2025-6019Changqing Li2025-07-062-0/+32
| | | | | | | | | | | | | | | | | | | | | | CVE-2025-6019: A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the "allow_active" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an "allow_active" user on a system may be able escalate to full root privileges on the target host. Normally, udisks mounts user-provided filesystem images with security flags like nosuid and nodev to prevent privilege escalation. However, a local attacker can create a specially crafted XFS image containing a SUID-root shell, then trick udisks into resizing it. This mounts their malicious filesystem with root privileges, allowing them to execute their SUID-root shell and gain complete control of the system. Refer: https://cdn2.qualys.com/2025/06/17/suse15-pam-udisks-lpe.txt Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* canutils: use https instead of git protocolBastian Krause2025-06-231-1/+1
| | | | | | | | The git server at git.pengutronix.de no longer supports the git protocol, so switch to https. Signed-off-by: Bastian Krause <bst@pengutronix.de> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libsocketcan: use https instead of git protocolBastian Krause2025-06-231-1/+1
| | | | | | | | The git server at git.pengutronix.de no longer supports the git protocol, so switch to https. Signed-off-by: Bastian Krause <bst@pengutronix.de> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* redis: upgrade 7.2.7 -> 7.2.8Vijay Anusuri2025-06-2310-1/+1
| | | | | | | | | | | | | | | | | | | | ChangeLog: https://github.com/redis/redis/releases/tag/7.2.8 Update urgency: SECURITY: There are security fixes in the release. Security fixes ================== * (CVE-2025-21605) An unauthenticated client can cause an unlimited growth of output buffers Bug fixes ================= * #12817, #12905 Fix race condition issues between the main thread and module threads * #13863 RANDOMKEY - infinite loop during client pause * #13877 ShardID inconsistency when both primary and replica support it Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* can-utils: handle CAN_ERR_CNT correctlyJeroen Hofstee2025-05-212-0/+71
| | | | | | | | If CAN_ERR_CNT is set, the snprintf_can_error_frame() bails out, as it cannot decode CAN_ERR_CNT. Signed-off-by: Jeroen Hofstee <jhofstee@victronenergy.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libmodbus: ignore CVE-2023-26793 and CVE-2024-34244Peter Marko2025-05-171-0/+3
| | | | | | | | | See discussions in closed/rejected issues linked from NVD CVE reports: * CVE-2023-26793: https://github.com/stephane/libmodbus/issues/683#issuecomment-2615601890 * CVE-2024-34244: https://github.com/stephane/libmodbus/issues/743#issuecomment-2222214256 Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* can-utils: fix printing / reading timestampsJeroen Hofstee2025-05-172-1/+425
| | | | | | | Backport a patch to correctly handle 64bit timestamps. Signed-off-by: Jeroen Hofstee <jhofstee@victronenergy.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nana: Fix buildpaths warning.Wang Mingyu2025-04-161-0/+6
| | | | | | | | | | WARNING: nana-2.5+git-r0 do_package_qa: QA Issue: File /usr/bin/nana-c++lg in package nana contains reference to TMPDIR File /usr/bin/nana-clg in package nana contains reference to TMPDIR File /usr/bin/nana in package nana contains reference to TMPDIR [buildpaths] Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster@mvista.com>
* lprng: Specify target paths for needed utilitiesKhem Raj2025-04-161-1/+3
| | | | | | | | | | | | | pr,openssl,chown,chgrp are guessed during configure and they are found on host, sometimes under native sysroot and some under HOSTTOOLS which is not right, therefore point to target locations of these tools Fixes all errors like below File /usr/sbin/lprng_certs in package lprng contains reference to TMPDIR Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster@mvista.com>
* boinc-client: Fix contains reference to TMPDIR [buildpaths] warningalperak2025-04-161-0/+4
| | | | | | | | WARNING: boinc-client-7.20.5-r0 do_package_qa: QA Issue: File /usr/include/boinc/svn_version.h in package boinc-client-dev contains reference to TMPDIR [buildpaths] Signed-off-by: alperak <alperyasinak1@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster@mvista.com>
* hplip: Fix contains reference to TMPDIR [buildpaths] warningalperak2025-04-161-1/+1
| | | | | | | | | | Make sure that the OE provided CFLAGS are passed to the compiler. WARNING: hplip-3.22.10-r0 do_package_qa: QA Issue: File /usr/lib/python3.12/site-packages/cupsext.so in package hplip contains reference to TMPDIR [buildpaths] Signed-off-by: alperak <alperyasinak1@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster@mvista.com>
* libmodbus: patch CVE-2024-10918Peter Marko2025-03-075-1/+628
| | | | | | | | | | Pick commit mentioning the bug and two follow-up commits mentioning the first commit as well as commit to adapt tests for these. Tested by running the test-suite. Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* dlt-daemon: make DLT_WatchdogSec configurableChangqing Li2025-03-032-0/+41
| | | | | | | | | | | | On slow system, dlt service may fail since watchdog timeout, backport a patch to make DLT_WatchdogSec configurable, so that this service can start successfully during boot. (cherry-picked from 1cf77003036049533fbda22b96c7fbad1cc693f9) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* redis: upgrade 7.2.6 -> 7.2.7Divya Chellam2025-02-0410-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | ChangeLog: https://github.com/redis/redis/releases/tag/7.2.7 Upgrade urgency SECURITY: See security fixes below. Security fixes ==================== * (CVE-2024-46981) Lua script commands may lead to remote code execution * (CVE-2024-51741) Denial-of-service due to malformed ACL selectors Bug fixes ==================== * #13380 Possible crash due to OOM panic on invalid command * #13338 Streams: XINFO lag field is wrong when tombstone is after the last_id of the consume group * #13473 Streams: XTRIM does not update the maximal tombstone, leading to an incorrect lag * #13311 Cluster: crash due to unblocking client during slot migration * #13443 Cluster: crash when loading cluster config * #13422 Cluster: CLUSTER SHARDS returns empty array * #13465 Cluster: incompatibility with older node versions Signed-off-by: Divya Chellam <divya.chellam@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* redis: upgrade 7.2.5 -> 7.2.6Yi Zhao2024-12-1510-26/+25
| | | | | | | | | | | | | | | | | | | | | | ChangeLog: Security fixes ============== * (CVE-2024-31449) Lua library commands may lead to stack overflow and potential RCE. * (CVE-2024-31227) Potential Denial-of-service due to malformed ACL selectors. * (CVE-2024-31228) Potential Denial-of-service due to unbounded pattern matching. Bug fixes ========= * Fixed crashes in cluster mode (#13315) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Divya Chellam <divya.chellam@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* redis: upgrade 7.2.4 -> 7.2.5Wang Mingyu2024-12-1510-1/+1
| | | | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Divya Chellam <divya.chellam@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* p7zip: fix CVE-2023-52169 and CVE-2023-52168hongxu2024-12-152-0/+456
| | | | | | | | | | | | | According to [1][2], Igor Pavlov, the author of 7-Zip, refused to provide an advisory or any related change log entries. Have to backport a part of ./CPP/7zip/Archive/NtfsHandler.cpp from upstream big commit https://github.com/ip7z/7zip/commit/fc662341e6f85da78ada0e443f6116b978f79f22 [1] https://dfir.ru/2024/06/19/vulnerabilities-in-7-zip-and-ntfs3/ [2] https://dfir.ru/wp-content/uploads/2024/07/screenshot-2024-07-03-at-02-13-40-7-zip-_-bugs-_-2402-two-vulnerabilities-in-the-ntfs-handler.png Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* vlock: fix do_fetch errorJiaying Song2024-11-091-1/+1
| | | | | | | | | Change the SRC_URI to the correct value due to the following error: WARNING: vlock-2.2.3-r0.vr2401 do_fetch: Failed to fetch URL http://distfiles.gentoo.org/distfiles/vlock-2.2.3.tar.gz, attempting MIRRORS if available Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* polkit: update SRC_URIMarc Ferland2024-09-151-2/+3
| | | | | | | | Project has moved to github. Signed-off-by: Marc Ferland <marc.ferland@gmail.com> (cherry picked from commit fb3408270282fbd619df7a5efac5178cabc37ddb) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* etcd-cpp-apiv3: Fix contains reference to TMPDIR [buildpaths] warningalperak2024-08-101-0/+4
| | | | | | | | | WARNING: etcd-cpp-apiv3-0.15.4-r0 do_package_qa: QA Issue: File /usr/lib/cmake/etcd-cpp-api/etcd-targets.cmake in package etcd-cpp-apiv3-dev contains reference to TMPDIR [buildpaths] Signed-off-by: alperak <alperyasinak1@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit a70cacd0c25dbeb641e364ecc0e28fc4b924e59b) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* hiredis: remove ANSI color from ptest resultZhang Peng2024-08-031-6/+6
| | | | | | | | This change removes the ANSI color codes from the ptest result. Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* rrdtool: Fix do_populate_sysroot QA issuesJiaying Song2024-07-231-0/+5
| | | | | | | | | | | | | | | | | | | | | This commit addresses the shebang size issue encountered in the do_populate_sysroot task of the rrdtool-native recipe. The issue was caused by the shebang line in the cgi-demo.cgi file exceeding the maximum allowed length of 128 characters. The following error was observed: ERROR: rrdtool-native-1.8.0-r0 do_populate_sysroot: QA Issue: : /work/x86_64-linux/rrdtool-native/1.8.0/sysroot-destdir/work/x86_64-linux/rrdtool-native/1.8.0/recipe-sysroot-native/usr/share/rrdtool/examples/cgi-demo.cgi maximum shebang size exceeded, the maximum size is 128. [shebang-size] ERROR: rrdtool-native-1.8.0-r0 do_populate_sysroot: do_populate_sysroot for this recipe installed files with QA issues  The solution implemented involves modifying the shebang line in the cgi-demo.cgi file to use '/usr/bin/env rrdcgi', ensuring it adheres to the length limit. Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 05c17b63fe0bbc7f94154017f2c54237576df94c) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tipcutils: Add systemd supportVijay Anusuri2024-06-262-1/+11
| | | | | | | | | | | | Install tipc kernel module explictly. tipcutils.conf is added to modules-load.d to load the required tipc kernel module. Ref: http://tipc.io/getting_started.html Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 93a0667456b978ce9317fdadd2f38880b1f5494e) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* hiredis: change ptest output formatZhang Peng2024-06-171-1/+16
| | | | | | | | | | This change consolidates the output format of the ptest command into a single common format. The format selected is the automake "simple test" format: "result: testname" Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* flatpak: update 1.15.6 -> 1.15.8Markus Volk2024-06-023-64/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - remove included patches - set path for fusermount3 to avoid requirement for fuse3-native. This is needed since: https://github.com/flatpak/flatpak/commit/2cb17b4eb82ecedaa98b5b7f954cf3e52fa95682 Changes in 1.15.8 ~~~~~~~~~~~~~~~~~ Security fixes: * Don't allow an executable name to be misinterpreted as a command-line option for bwrap(1). This prevents a sandbox escape where a malicious or compromised app could ask xdg-desktop-portal to generate a .desktop file with access to files outside the sandbox. (CVE-2024-32462) Other bug fixes: * Pass the -export-dynamic linker option as -Wl,-export-dynamic, fixing build failures with clang 18 and lld 18 (#5760) * Fix a double-free when installation is cancelled (#5763) * Fix installed-tests failure with "FUSERMOUNT: unbound variable" (#5751) * Translation updates: pt_BR (#5762), tr (#5761) Changes in 1.15.7 ~~~~~~~~~~~~~~~~~ Released: 2024-03-27 Dependencies: * The Meson build system is now required. Compiling with Autotools is no longer possible. * In distributions that compile Flatpak to use a separate bubblewrap (bwrap) executable, version 0.9.0 is recommended. Several of the bug fixes listed below will not be active if an older version is used. * In distributions that compile Flatpak to use a separate xdg-dbus-proxy executable, version 0.1.5 is recommended. * If libmalcontent (parental controls) is enabled, it must be version 0.5.0 or later. New features: * Automatically remove obsolete driver versions and other autopruned refs (#5632) * `--socket=inherit-wayland-socket` (#5614) * Automatically reload D-Bus session bus configuration after installing or upgrading apps, to pick up any exported D-Bus services (#3342) Bug fixes: * Update included copy of bubblewrap to version 0.9.0: * `--symlink` is now idempotent, meaning it succeeds if the symlink already exists and already has the desired target (#2387, #3477, #5255) * Report a better error message if `mount(2)` fails with `ENOSPC` * Fix a double-close on error reading from `--args`, `--seccomp` or `--add-seccomp-fd` argument * Improve memory allocation behaviour * Silence various compiler warnings * Update included copy of bubblewrap to version 0.1.5: * Fix handling of long object paths * Don't parse `<developer><name/></developer>` as the application name (#5700) * Don't refuse to start apps when there is no D-Bus system bus available (#5076) * Don't try to repeat migration of apps whose data was migrated to a new name and then deleted (#5668) * Improve handling of mixed locales on systems with systemd-localed (#5497) * Improve display of ellipsized columns in wide terminals (#5722) * Make `flatpak info -e` look for extensions in all installations (#5670) * Fix warnings from newer GLib versions (#5660, #5737) * Always set the `container` environment variable (#5610) * Always let the app inherit redirected file descriptors (#5626) * In `flatpak ps`, add xdg-desktop-portal-gnome to the list of backends we'll use to learn which apps are running in the background (#5729) * Don't use `WAYLAND_SOCKET` unless given `--socket=inherit-wayland-socket` (#5614) * Use `fusermount3` if compiled with FUSE 3, overridable with `-Dsystem_fusermount` compile-time option (#5104) * Avoid leaking a temporary variable from /etc/profile.d/flatpak.sh into the shell environment (#5574) * Improve async-signal safety (#5687) * Fix various memory leaks (#5683, #5690, #5691) * Avoid undefined behaviour of signed left-shift when storing object IDs in a hash table (#5738) * Detect the correct gtk-doc when cross-compiling (#5650) * Detect the correct wayland-scanner when cross-compiling (#5596) * Documentation improvements (#5659, #5677, #5682, #5664, #5719) * Skip more tests when FUSE isn't available (#5611) * Translation updates (#5602, #5707) Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libdeflate: fix build with -mcpu=cortex-a76+crypto without ↵Martin Jansa2024-06-022-2/+60
| | | | | | | | | | | -march=armv8.2-a+crypto * fixes: https://github.com/ebiggers/libdeflate/issues/369 Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* sanlock: upgrade 3.9.1 -> 3.9.2Wang Mingyu2024-04-302-35/+2
| | | | | | | | 0001-include-libgen.h-for-basename.patch removed since it's included in 3.9.2 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libcbor: use shared librariesDan McGregor2024-04-211-1/+1
| | | | | | | | | libfido2 requires cbor be position independent. When PIE's the default this isn't a problem, but not all build configurations do that. Instead of relying on that, just make shared libraries. Signed-off-by: Dan McGregor <dan.mcgregor@usask.ca> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* Use PYTHON_SITEPACKAGES_DIR instead of hard-coded site-packages directory pathalperak2024-04-215-11/+11
| | | | | | | | | | | | The following paths have been replaced with PYTHON_SITEPACKAGES_DIR: - "${libdir}/${PYTHON_DIR}/site-packages" - "${libdir}/python${PYTHON_BASEVERSION}/site-packages" - "${libdir}/python*/site-packages" - "${libdir}/python3.*/site-packages" Signed-off-by: alperak <alperyasinak1@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* docopt.cpp: add support for native and nativesdkEero Aaltonen2024-04-211-0/+2
| | | | | | | | There are use cases for build time cli tools, so include support for native as well. Signed-off-by: Eero Aaltonen <eero.aaltonen@vaisala.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* docopt.cpp: turn boost to a PACKAGECONFIG optionEero Aaltonen2024-04-211-1/+3
| | | | | | | | docopt.cpp only uses boost regex with the option USE_BOOST_REGEX=ON. When used, boost regex is statically linked. Signed-off-by: Eero Aaltonen <eero.aaltonen@vaisala.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* ostree: Add missing dependencies for ptestsKhem Raj2024-04-141-0/+2
| | | | | | | | When running ptests using meta-oe-image-ptest-ostree image these packageconfig/soup3 and utf8 locale is needed Signed-off-by: Khem Raj <raj.khem@gmail.com> Cc: Jose Quaresma <quaresma.jose@gmail.com>
* highway,libjxl: Remove -mfp16-format=ieee when using clang compilerKhem Raj2024-04-031-0/+2
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* highway: add recipeMarkus Volk2024-04-031-0/+15
| | | | | | | add google highway as a dependency for libjxl Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libdeflate: upgrade 1.19 -> 1.20Wang Mingyu2024-04-021-1/+1
| | | | | | | | | | | | | | | | | | | Changelog: ========== * Improved CRC-32 performance on recent x86 CPUs by adding VPCLMULQDQ-accelerated implementations using 256-bit and 512-bit vectors. * Improved Adler-32 performance on recent x86 CPUs by adding VNNI-accelerated implementations using 256-bit and 512-bit vectors. * Improved CRC-32 and Adler-32 performance on short inputs. * Optimized the portable implementation of Adler-32. * Added some basic optimizations for RISC-V. * Dropped support for gcc versions older than v4.9 (released in 2014) and clang versions older than v3.9 (released in 2016). * Dropped support for CRC-32 acceleration on 32-bit ARM using the ARMv8 pmull or crc32 instructions. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libblockdev: upgrade 3.1.0 -> 3.1.1Wang Mingyu2024-04-021-2/+2
| | | | | | | | | | | | | | | | | | | | Changelog: =========== - Use glib2 G_GNUC_UNUSED in place of UNUSED locally defined - Port to G_GNUC_INTERNAL for controlling symbols visibility - Fix some more occurrences of missing port to G_GNUC_UNUSED - dm_logging: Annotate redirect_dm_log() printf format - tests: Add NVMe persistent discovery controller tests - tests: Add NVMe controller type checks - Makefile: Fix bumpver to work with micro versions - tests: Manually remove removed PVs from LVM devices file - tests: Ignore LVM devices file for non-LVM tests - tests: Fix removing custom LVM devices file - nvme: Add bd_nvme_is_tech_avail to the API file - lvm-dbus: Fix passing size for pvresize over DBus Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* minifi-cpp: Fix libsodium build on aarch64/clangKhem Raj2024-03-272-0/+39
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* wtmpdb: Upgrade to 0.11.0 releaseKhem Raj2024-03-253-34/+34
| | | | | | | | | | | | | Brings these changes wtmpdb last: support matching for username and/or tty last: add support for time-format option Drop lto patch as it has been fixed differently. Add a patch to fix build with musl Signed-off-by: Khem Raj <raj.khem@gmail.com>
* sanlock: Fix build with musl >= 1.2.5Khem Raj2024-03-252-1/+34
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* rsyslog: update from 8.2306.0 to 8.2402.0Randy MacLeod2024-03-251-5/+4
| | | | | | | | | | | | | | | | | | | | | | Change the PACKAGECONFIG[systemd] that wrapped --with-systemdsystemunitdir to use the new --enable-libsystemd option: acb62dfda remove systemd embedded code, use library instead The bug related to using libcap-ng has beeen fixed: https://github.com/rsyslog/rsyslog/pull/5166/commits/030e047fd0c896b4cb2433bab853321eff6f8ec9 so use that library by default now to allow rsyslog to run with fewer privileges. PTest results: sysvinit, systemd TOTAL: 462, 462 PASS: 457, 459 SKIP: 5, 3 XFAIL: 0, 0 FAIL: 0, 0 XPASS: 0, 0 ERROR: 0, 0 Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* plocate: Fix sys/stat.h and linux/stat.h conflicts with muslKhem Raj2024-03-232-1/+41
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* minifi-cpp: upgrade 0.7.0 -> 0.15.0Yi Zhao2024-03-2033-1063/+574
| | | | | | | | | | | | | Release Notes: https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=65145325#ReleaseNotesMiNiFi(C++)-Versioncpp-0.15.0 * Use external dependencies where possible to get rid of bundled packages. * Add PACKAGECONFIGs. * Use its own systemd service file. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libreport: upgrade 2.17.11 -> 2.17.15Wang Mingyu2024-03-201-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | Changelog: ========== ### Changed - reporter-bugzilla: Improve bug formatting - reporter-bugzilla: Reduce number of duplicate bug reports ### Fixed - reporter-bugzilla: Fail gracefully if API key contains invalid characters - reporter-bugzilla: Fix creating binary attachments - reporter-bugzilla: Fix loading configuration - Exclude coredump archives when creating a bug - reporter-upload: Fix double free crash - gui-wizard-gtk: Enable word wrap for comments - Fix compatibility with libxml2 2.12 - Fix multiple problems with the test suite ### Added - Add support for unpacking coredumps in the problem directory - Add "MEMORY_PRESSURE_WATCH" to the list of ignored words Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* dialog: upgrade 1.3-20240101 -> 1.3-20240307Wang Mingyu2024-03-201-1/+1
| | | | | | | | | | | | | | Changelog: =========== + add option --color-modes, which can be used to color the content of programbox, tailbox, textbox + updated configure script, e.g., for compiler-warning fixes. + amend change to formbox while revising --max-input to work with the form's "ilen" parameter + update config.guess, config.sub Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* ostree: Upgrade 2024.4 -> 2024.5Jose Quaresma2024-03-181-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | $ git --no-pager log --oneline v2023.8...v2024.1 f3b66e8c (tag: v2024.5) Release 2024.5 756e2dad Merge pull request #3214 from cgwalters/checkout-overwrite-force bb6dfd3a checkout: Always replace existing content in overlay mode c314eaa9 Merge pull request #3213 from rborn-tx/fix-early-prune 4efb44f3 deploy: Ensure boot directory is open before accessing it 223a1af4 Merge pull request #3208 from HuijingHei/split-whitespace abc7d5b9 kargs: parse spaces in kargs input and keep quotes d95c2f8d Merge pull request #3206 from cgwalters/enable-new-naming 2fb7a048 sysroot: Turn on bootloader-naming-2 by default f1e663bd Merge pull request #3205 from cgwalters/fix-grub-probing e47b3709 bootloader/grub2: Don't do anything if we have static configs b4a1e383 Merge pull request #3204 from cgwalters/quiet-config-load 1a54d94f Merge pull request #3203 from dbnicholson/version-sigpipe bf811629 otcore: Drop config load print 422a2887 main: Ignore SIGPIPE when printing version 1b3ffe54 Merge pull request #3196 from cgwalters/fix-sepolicy-public 3ae7118e Merge pull request #3199 from travier/docs-fix a63f9516 docs: Cleanup title for historical OSTree README 4ae50658 docs: Move SPDX identifiers under first title cdb4cad4 Merge pull request #3197 from cgwalters/release 084e027d sepolicy: Fix publicity mismatch for ostree_sepolicy_host_enabled 14a5746d Post-release version bump Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* recipes: Drop remaining PR values from recipesMartin Jansa2024-03-174-4/+0
| | | | | | | | | | | | * as oe-core did in: https://git.openembedded.org/openembedded-core/commit/?id=d4c346e8ab * when people are have to maintain own PRs for recipes in oe-core, they might add them for meta-oe recipes at the same time when upgrading to next LTS Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* polkit: remove unneeded workaroundMarkus Volk2024-03-112-33/+1
| | | | | | | polkitd doesn't segfault with MemoryDenyWriteExecute=yes anymore Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mozjs-115: fix reproducibility issueMarkus Volk2024-03-081-0/+1
| | | | | | | | | | mozjs inserts lines with ${S} in many cpp files. Although required for compilation, it affects reproducibility for the mozjs-115-src package. Fix this by simply not packaging the modified source code Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* ostree: upgrade 2024.3 -> 2024.4Wang Mingyu2024-03-081-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>