| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
Refer [1], CVE-2025-6019 is strongly related to udisk daemon, and
this is a hardening measure related to this.
[1] https://cdn2.qualys.com/2025/06/17/suse15-pam-udisks-lpe.txt
[2] https://security-tracker.debian.org/tracker/CVE-2025-6019
[3] https://ubuntu.com/blog/udisks-libblockdev-lpe-vulnerability-fixes-available
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Upstream-Status: Backport from https://git.libssh.org/projects/libssh.git/commit/?id=5f4ffda88770f95482fd0e66aa44106614dbf466
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
When PACKAGECONFIG options like 'cxx' 'webp' and 'xml' are disabled,
certain files such as Magick++-config.im7, configure.xml, or
delegates.xml are not installed. Unconditionally running sed
on these files results in errors during do_install
Error:
sed: can't read .../image/usr/bin/Magick++-config.im7: No such file or directory
Signed-off-by: Nikhil R <nikhilr5@kpit.com>
Signed-off-by: Sana Kazi <sanakazi720@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
syslog-ng is an enhanced log daemo. Prior to version 4.8.2,
`tls_wildcard_match()` matches on certificates such as `foo.*.bar`
although that is not allowed. It is also possible to pass partial
wildcards such as `foo.a*c.bar` which glib matches but should be
avoided / invalidated. This issue could have an impact on TLS
connections, such as in man-in-the-middle situations. Version
4.8.2 contains a fix for the issue.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2024-47619
Upstream patch:
https://github.com/syslog-ng/syslog-ng/commit/12a0624e4c275f14cee9a6b4f36e714d2ced8544
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify
the adbe.pkcs7.sha1 signatures on documents, resulting in potential
signature forgeries.
CVE-2025-43903-0001 is the dependent commit and
CVE-2025-43903-0002 is the actual CVE fix.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-43903
Upstream patches:
https://gitlab.freedesktop.org/poppler/poppler/-/commit/33672ca1b6670f7378e24f6d475438f7f5d86b05
https://gitlab.freedesktop.org/poppler/poppler/-/commit/f1b9c830f145a0042e853d6462b2f9ca4016c669
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Poppler before 25.04.0 allows crafted input files to trigger
out-of-bounds reads in the JBIG2Bitmap::combine function in
JBIG2Stream.cc because of a misplaced isOk check.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-32365
Upstream patch:
https://gitlab.freedesktop.org/poppler/poppler/-/commit/1f151565bbca5be7449ba8eea6833051cc1baa41
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A floating-point exception in the PSStack::roll function of
Poppler before 25.04.0 can cause an application to crash when
handling malformed inputs associated with INT_MIN.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-32364
Upstream patch:
https://gitlab.freedesktop.org/poppler/poppler/-/commit/d87bc726c7cc98f8c26b60ece5f20236e9de1bc3
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Heap-based Buffer Overflow vulnerability in iniparser_dumpsection_ini() in
iniparser allows attacker to read out of bound memory
References:
https://nvd.nist.gov/vuln/detail/CVE-2025-0633
https://ubuntu.com/security/CVE-2025-0633
Upstream patch:
https://gitlab.com/iniparser/iniparser/-/commit/072a39a772a38c475e35a1be311304ca99e9de7f
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
This helps fix
WARNING: sharutils-4.15.2-r0 do_package_qa: QA Issue: File /usr/bin/shar in package sharutils contains reference to TMPDIR
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
| |
|
|
|
|
|
|
| |
Patch from:
https://web.git.kernel.org/pub/scm/libs/libgpiod/libgpiod.git/commit/?id=3e224d885b1de54fe5510b9c5e7296260a1a4507
Signed-off-by: Libo Chen <libo.chen.cn@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Found by just adding lcov to core-image-minimal, running geninfo and
getting errors like.
Can't locate Module/Load.pm in @INC (you may need to install the Module::Load module)
... at /usr/bin/geninfo line 63.
BEGIN failed--compilation aborted at /usr/bin/geninfo line 63.
Can't locate Module/Metadata.pm in @INC (you may need to install the Module::Metadata module)
... at /usr/lib/perl5/5.38.2/Module/Load/Conditional.pm line 14.
BEGIN failed--compilation aborted at /usr/lib/perl5/5.38.2/Module/Load/Conditional.pm line 14.
Compilation failed in require at /usr/bin/geninfo line 64.
Signed-off-by: Claus Stovgaard <claus.stovgaard@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e7f560b9b8dacf7aadf59d6321c2e869dcd5831e)
Signed-off-by: Akash Hadke <akash.hadke27@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
It is easier to get an overview of the perl modules needed for running
lcov if they are sorted alphabetically
Signed-off-by: Claus Stovgaard <claus.stovgaard@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 7ec1c9afdf45a3ee47bfff0470d90cf215ba4da5)
Signed-off-by: Akash Hadke <akash.hadke27@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adding UPSTREAM_CHECK_URI and UPSTREAM_CHECK_REGEX fix
UNKNOWN_BROKEN status from running devtool check-upgrade-status.
The next version of the package can be found from upstream
sources.
Signed-off-by: Alexandre Truong <alexandre.truong@smile.fr>
Reviewed-by: Yoann Congal <yoann.congal@smile.fr>
(cherry picked from commit e71a678f4d769da2f7f465bfcaa1ab614f9d0d1a)
Signed-off-by: Akash Hadke <akash.hadke27@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since libeigen is a header-only library, LGPL effectively has the same
properties as GPL when it comes to affecting the licensing of the code
that uses libeigen. To avoid the problem, backport a patch to remove all
LGPL-2.1 code from the library.
Also correct the licenses for ${PN}, ${PN}-dbg and ${PN}-dev to reflect
that they do not contain any GPL code (the GPL code is only used for
benchmark tests and does not affect what is installed).
License-Update: Correct the license information
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Upstream renamed branch to 'main', however this commit isn't found on
main. Thankfully the poco-1.12.5 branch exists.
This patch is not suitable for 'master' on meta-oe because it uses a
newer version of poco, which *is* on 'main' branch.
Signed-off-by: Chris Laplante <chris.laplante@agilent.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
libpoppler.so in Poppler through 24.12.0 has an out-of-bounds
read vulnerability within the JBIG2Bitmap::combine function
in JBIG2Stream.cc.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2024-56378
Upstream patch:
https://gitlab.freedesktop.org/poppler/poppler/-/commit/ade9b5ebed44b0c15522c27669ef6cdf93eff84e
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2024-8443:
The Easy Mega Menu Plugin for WordPress – ThemeHunk plugin for WordPress is vulnerable
to Stored Cross-Site Scripting via the ‘themehunk_megamenu_bg_image' parameter in all
versions up to, and including, 1.1.0 due to insufficient input sanitization and output
escaping. This makes it possible for authenticated attackers, with subscriber-level
access and above, to inject arbitrary web scripts in pages that will execute whenever
a user accesses an injected page. Please note that this was partially fixed in 1.1.0
due to the missing authorization protection that was added.
Reference:
[https://nvd.nist.gov/vuln/detail/CVE-2024-8433]
Upstream patches:
[https://github.com/OpenSC/OpenSC/commit/02e847458369c08421fd2d5e9a16a5f272c2de9e]
[https://github.com/OpenSC/OpenSC/commit/b28a3cef416fcfb92fbb9ea7fd3c71df52c6c9fc]
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
# ./run-ptest
PASS: address
PASS: address_v4
PASS: address_v4_iterator
PASS: address_v4_range
PASS: address_v6
PASS: address_v6_iterator
PASS: address_v6_range
PASS: any_completion_executor
PASS: any_completion_handler
PASS: any_executor
PASS: any_io_executor
PASS: append
PASS: as_tuple
PASS: associated_allocator
PASS: associated_cancellation_slot
PASS: associated_executor
PASS: associated_immediate_executor
PASS: associator
PASS: async_result
[snip]
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
This ensures that we do not have to do the toggling from
releases to old-release in LTS release branches
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
Change the SRC_URI to the correct value due to the following error:
WARNING: eject-2.1.5-r0.wr2401 do_fetch: Failed to fetch URL http://sources.openembedded.org/eject-2.1.5.tar.gz, attempting MIRRORS if available
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Fixes for uninitialized memory issues
Hunk present in card-entersafe.c and card-gids.c are refresehed base
on codebase.
Signed-off-by: Virendra Thakur <virendrak@kpit.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
OpenSSL's soversion will not change for any 3.x minor release.
https://www.openssl.org/policies/general/versioning-policy.html
Signed-off-by: Sana Kazi <sanakazi720@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c3e4879c5c7abbf57b0c2633a66137e302604e0a)
Signed-off-by: Akash Hadke <akash.hadke27@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pick the same patch as Debian took for bullseye.
There is no direct backport to version prior 3.102 because
commit NSS_3_101_BETA2-12-g8d94c529b [1] rewrote this code.
Applied patch was proposed for old versions in [2] and already
applied in Debian bullseye.
I could not find suitable upstream status, inappropriate is the best
I could pick from offered possibilities.
[1] https://github.com/nss-dev/nss/commit/8d94c529b333194d080c4885ddd3a40e6c296ae9<
[2] https://groups.google.com/a/mozilla.org/g/dev-tech-crypto/c/t9JmsYkujWM/m/HjKuk-ngBAAJ
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Pick the same patch as Debian took for bullseye.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fixes following stringop-overflow warning with gcc-13:
In file included from /usr/include/c++/13/atomic:41,
from /poky/build/tmp/work/x86_64-linux/tbb-native/2021.11.0/git/src/tbb/../../include/oneapi/tbb/detail/_utils.h:22,
from /poky/build/tmp/work/x86_64-linux/tbb-native/2021.11.0/git/src/tbb/task_dispatcher.h:20,
from /poky/build/tmp/work/x86_64-linux/tbb-native/2021.11.0/git/src/tbb/arena.cpp:17:
In member function ‘void std::__atomic_base<_IntTp>::store(__int_type, std::memory_order) [with _ITp = bool]’,
inlined from ‘void std::atomic<bool>::store(bool, std::memory_order)’ at /usr/include/c++/13/atomic:104:20,
inlined from ‘void tbb::detail::r1::concurrent_monitor_base<Context>::notify_one_relaxed() [with Context = long unsigned int]’ at /poky/build/tmp/work/x86_64-linux/tbb-native/2021.11.0/git/src/tbb/concurrent_monitor.h:293:53:
/usr/include/c++/13/bits/atomic_base.h:481:25: error: ‘void __atomic_store_1(volatile void*, unsigned char, int)’ writing 1 byte into a region of size 0 overflows the destination [-Werror=stringop-overflow=]
481 | __atomic_store_n(&_M_i, __i, int(__m));
| ~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~
compilation terminated due to -Wfatal-errors.
cc1plus: all warnings being treated as errors
(cherry picked from commit e131071769ee3df51b56b053ba6bfa06ae9eff25)
Signed-off-by: Yogesh Tyagi <yogesh.tyagi@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
This fixes errors from buildhistory changes where packages-split would
be empty.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 90f96e053ad3eefa7693d9748efdfbfa72d7dcfd)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 7e8a786c291659083d746a4fe066fbc68c2abf34)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A flaw was found in the Poppler's Pdfinfo utility. This issue
occurs when using -dests parameter with pdfinfo utility. By
using certain malformed input files, an attacker could cause
the utility to crash, leading to a denial of service.
CVE-2024-6239-0002 is the CVE fix and CVE-2024-6239-0001 is
dependent commit to fix the CVE.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2024-6239
Upstream patch:
https://gitlab.freedesktop.org/poppler/poppler/-/commit/0554731052d1a97745cb179ab0d45620589dd9c4
https://gitlab.freedesktop.org/poppler/poppler/-/commit/fc1c711cb5f769546c6b31cc688bf0ee7f0c1dbc
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Only include the lines from icheck.js that cover the copyright and the
license text.
License-Update: Only include the relevant parts of icheck.js
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Release Notes:
* https://github.com/Exiv2/exiv2/issues/3008
* https://github.com/Exiv2/exiv2/milestone/14?closed=1
This release also fixes a low-severity security issue in asfvideo.cpp:
* [CVE-2024-39695](https://github.com/Exiv2/exiv2/security/advisories/GHSA-38rv-8x93-pvrh): out-of-bounds read in AsfVideo::streamProperties.
This vulnerability is in a new feature (ASF video) that was added in version 0.28.0, so earlier versions of Exiv2 are not affected.
Signed-off-by: alperak <alperyasinak1@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9f4361418d58941d058fb94a3671b9d0904b6300)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Remove outdated comment
- Switch to git fetcher. Otherwise the official download location leads to:
WARNING: exiv2-0.28.2-r0 do_recipe_qa: QA Issue: exiv2: SRC_URI uses unstable GitHub/GitLab
archives, convert recipe to use git protocol [src-uri-bad]
- Remove reproducibility hack. Theres no buildpath leakage in exiv2Config.cmake
anymore.
Changes from version 0.28.1 to 0.28.2
-------------------------------------
Release Notes:
* https://github.com/Exiv2/exiv2/issues/2914
* https://github.com/Exiv2/exiv2/milestone/13?closed=1
This release also fixes two low-severity security issues in quicktimevideo.cpp:
* [CVE-2024-24826](https://github.com/Exiv2/exiv2/security/advisories/GHSA-g9xm-7538-mq8w):
out-of-bounds read in QuickTimeVideo::NikonTagsDecoder.
* [CVE-2024-25112](https://github.com/Exiv2/exiv2/security/advisories/GHSA-crmj-qh74-2r36):
denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder.
These vulnerabilities are in a new feature (quicktime video) that was added in version 0.28.0,
so earlier versions of Exiv2 are not affected.
Changes from version 0.28.0 to 0.28.1
-------------------------------------
Release Notes:
https://github.com/Exiv2/exiv2/issues/2813
This release also fixes [CVE-2023-44398](https://github.com/Exiv2/exiv2/security/advisories/GHSA-hrw9-ggg3-3r4r),
an out-of-bounds write in `BmffImage::brotliUncompress`. The vulnerability is in new code that was added in
version 0.28.0, so earlier versions of Exiv2 are not affected.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 3a9fc5ba68d8c121e70c018d4f4a782693def40b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Update status for:
CVE-2016-7532, CVE-2014-9822, CVE-2014-9823, CVE-2014-9824, CVE-2014-9825, CVE-2014-9826, CVE-2014-9827, CVE-2014-9828, CVE-2014-9829, CVE-2014-9830, CVE-2014-9831, CVE-2014-9848, CVE-2014-9852, CVE-2014-9853, CVE-2014-9854, CVE-2014-9907, CVE-2016-10062, CVE-2016-10144, CVE-2016-10145, CVE-2016-10146, CVE-2016-5118, CVE-2016-7513, CVE-2016-7514, CVE-2016-7515, CVE-2016-7516, CVE-2016-7517, CVE-2016-7518, CVE-2016-7519, CVE-2016-7520, CVE-2016-7521, CVE-2016-7522, CVE-2016-7523, CVE-2016-7524, CVE-2016-7525, CVE-2016-7526, CVE-2016-7527, CVE-2016-7528, CVE-2016-7529, CVE-2016-7530, CVE-2016-7533
CPE is incorrect, the current version is not affected.
Signed-off-by: Ninette Adhikari <ninette@thehoodiefirm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f8c70167e6a00ad1d2d8ee5675e2c84d59f2dfd5)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Update status for:
CVE-2016-7534, CVE-2016-7535, CVE-2016-7536, CVE-2016-7537, CVE-2016-7538, CVE-2017-5506, CVE-2017-5509, CVE-2017-5510, CVE-2017-5511, CVE-2007-1667
CPE is incorrect, the current version (7.1.1) is not affected.
Signed-off-by: Ninette Adhikari <ninette@thehoodiefirm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9f2e9daef1891d373792d5b1bcc36719349ba843)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Update status for:
CVE-2014-9804, CVE-2014-9805, CVE-2014-9806, CVE-2014-9807, CVE-2014-9808, CVE-2014-9809, CVE-2014-9810, CVE-2014-9811, CVE-2014-9812, CVE-2014-9813, CVE-2014-9814, CVE-2014-9815, CVE-2014-9816, CVE-2014-9817, CVE-2014-9818, CVE-2014-9819, CVE-2014-9820, CVE-2014-9821, CVE-2016-7531
CPE is incorrect, the current version (7.1.1) is not affected.
Signed-off-by: Ninette Adhikari <ninette@thehoodiefirm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 388b8017f9c86428d5965f8c45d64f4477984ac0)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Fixes
do_package_qa: QA Issue: File /usr/bin/log4cpp-config in package log4cpp contains reference to TMPDIR [buildpaths]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 78a69186be5db3f6995101e0f94a1d11e1155421)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Update SRC_URI to fix do_fetch warning
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Release notes:
https://github.com/HDFGroup/hdf5/blob/hdf5_1.14.4.3/release_docs/RELEASE.txt
License update: link update
from https://raw.githubusercontent.com/hdfgroup/hdf5/develop/COPYING_LBNL_HDF5
to https://raw.githubusercontent.com/hdfgroup/hdf5/hdf5_1_14/COPYING_LBNL_HDF5.
Upstream has only Released tar file extension is .gz so
SRC_URI tar file extension changed from .bz2 to .gz
Fixes
File /usr/lib/libhdf5.settings in package hdf5 contains reference to TMPDIR
File /usr/src/debug/hdf5/1.14.4-3/src/H5build_settings.c in package
hdf5-src contains reference to TMPDIR [buildpaths]
- Running H5make_libsettings is no longer required for cross-compiling
The functionality of H5make_libsettings is now handled via template files,
so H5make_libsettings has been removed.
- Running H5detect is no longer required for cross-compiling
The functionality of H5detect is now exercised at library startup,
so H5detect has been removed
Rework the patch 0001-cmake-remove-build-flags.patch to fix the build path
issue.
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
New tarball location is:
http://oldmanprogrammer.net/tar/tree/
Homepage is:
http://oldmanprogrammer.net/source.php?dir=projects/tree
Signed-off-by: Benjamin Szőke <egyszeregy@freemail.hu>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 0c4079fc28cc36cb2dbfe48093f2cf64106f8b5d)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Install missed thin_shrink and era_repair for thin provisioning
Signed-off-by: Libo Chen <libo.chen.cn@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
This is cleaner way how to package unversioned libraries
which was suggested during review of the last commit.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
It's a bad idea to add dev dependencies to main package.
It's pulling build dependencies including toolchain items.
The dependencies "were needed" because main package contains
packageconfig file.
This can be fixed by correct packaging.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
===========
* Protect against integer overflow in ComposeQueryEngine
* Protect against integer overflow in ComposeQueryMallocExMm
* Require CMake >=3.5.0
* CMake option URIPARSER_SHARED_LIBS=(ON|OFF) to control, whether to produce a
shared or static library for uriparser and that alone, falls back to standard
BUILD_SHARED_LIBS if available, else defaults to "ON"
* Document that scheme-based normalization a la section 6.2.3 of RFC 3986 is a
responsibility of the application using uriparser
* Document supported code points for functions uriEscape(Ex)W
* Update Clang from 15 to 18
* Adapt to breaking changes in Clang packaging
* Get sanitizer CFLAGS and LDFLAGS back in sync
* Pin GitHub Actions to specific commits for security
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This is a small bugfix release that fixes a build issue with slibtool
(not relevant to meta-oe ATM), makes the licensing of C++ bindings less
restrictive and preemptively fixes an issue that will be triggered with
linux v6.9 when running gpio-tools ptest suite.
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
libfido2 depends on udev and libcbor which do not exist for native and
nativesdk targets.
Remove native & nativesdk from BBCLASSEXTEND to avoid hitting these in
world/universe builds.
Fixes these warnings (as seen on AB[0]):
WARNING: Nothing PROVIDES 'nativesdk-udev' (but virtual:nativesdk:[...]/libfido2_1.14.0.bb DEPENDS on or otherwise requires it). Close matches:
WARNING: Nothing PROVIDES 'nativesdk-libcbor' (but virtual:nativesdk:[...]/libfido2_1.14.0.bb DEPENDS on or otherwise requires it). Close matches:
WARNING: Nothing PROVIDES 'libcbor-native' (but virtual:native:[...]/libfido2_1.14.0.bb DEPENDS on or otherwise requires it). Close matches:
WARNING: Nothing PROVIDES 'udev-native' (but virtual:native:[...]/libfido2_1.14.0.bb DEPENDS on or otherwise requires it). Close matches:
WARNING: Nothing RPROVIDES 'nativesdk-libfido2-dev' (but virtual:nativesdk:[...]/libfido2_1.14.0.bb RDEPENDS on or otherwise requires it)
WARNING: Nothing RPROVIDES 'nativesdk-libfido2' (but virtual:nativesdk:[...]/libfido2_1.14.0.bb RDEPENDS on or otherwise requires it)
[0]: https://autobuilder.yoctoproject.org/typhoon/#/builders/156/builds/367/steps/12/logs/warnings
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Cc: Dan McGregor <dan.mcgregor@usask.ca>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 1a3d194eb3552eb948ca61dffcb9dbe2710f516b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Upstream-Status: Backport from [https://git.savannah.gnu.org/cgit/nano.git/commit/?id=5e7a3c2e7e118c7f12d5dfda9f9140f638976aa2]
CVE's Fixed:
CVE-2024-5742 nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file
Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Fix WARNING: Failed to fetch URL https://c-ares.org/download/c-ares-1.27.0.tar.gz
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
An out-of-bounds stack write flaw was found in unixODBC on 64-bit
architectures where the caller has 4 bytes and callee writes 8 bytes.
This issue may go unnoticed on little-endian architectures, while
big-endian architectures can be broken.
References:
https://nvd.nist.gov/vuln/detail/CVE-2024-1013
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
Current version 3.22 is not affected by the issue.
Affected versions: Up to (excl.) 3.2.1
Signed-off-by: Ninette Adhikari <ninette@thehoodiefirm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
License-Update: Copyright year updated to 2024.
0001-Add-the-pkgconfigdir-location.patch
included in 1.30.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
============
-(xmlsec-openssl) Support cert dates before unix epoch start.
-(xmlsec-openssl) Fix build for LibreSSL or BoringSSL.
-(xmlsec-nss) Ensure NSS algorithms are initialized.
-Several other small fixes
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
