| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Pick patches according to
http://w1.fi/security/2024-2/sae-h2h-and-incomplete-downgrade-protection-for-group-negotiation.txt
SAE H2E and incomplete downgrade protection for group negotiation
Patch 0002-SAE-Check-for-invalid-Rejected-Groups-element-length.patch
was removed as it only patched wpa_supplicant. The patch names were
not changed so it is comparable with wpa_supplicant recipe.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Picked patches according to
http://w1.fi/security/2024-1/hostapd-and-radius-protocol-forgery-attacks.txt
First patch is style commit picked to have a clean cherry-pick of all
mentioned commits without any conflict.
Patch CVE-2024-3596_03.patch was removed as it only patched
wpa_supplicant. The patch names were not changed so it is comparable
with wpa_supplicant recipe.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Drop upstreamed patches
Fixes build with fmt11
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
This reverts commit e5c0a0be96eb549858a987b353263c877eae275e.
pkg being updated
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Location of the file that systemd uses to check whether to
start adbd or not has been updated from /var to /etc in
android-tools-adbd.service. This change changes the path
of creation of usb-debugging-enabled flag file in
android-tools recipes from /var/usb-debugging-enabled to
/etc/usb-debugging-enabled
Backport-of: 2a3d4be9994e ("android-tools: create flag flag file for adbd at a proper location")
Fixes: a29c6386d576 ("android-toold-adbd: Fix inconsistency between selinux configurations")
Fixes: 8106cfe769aa ("android-tools-adbd.service: Change /var to /etc in ConditionPathExists")
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Raghuvarya S <quic_raghuvar@quicinc.com>
Acked-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ConditionPathExists is set to /etc/usb-debugging-enabled as part of
meta-oe/recipes-devtools/android-tools/android-tools/android-tools-
-adbd.service file. However, in meta-oe/dynamic-layers/selinux/
recipes-devtool/android-tools/android-tools/android-tools-adbd.service
file ConditionPathExists is set to /var/usb-debugging-enabled
This causes an internal inconsistency between selinux-enabled and
selinux-disabled configurations.
Backport-of: a29c6386d576 ("android-toold-adbd: Fix inconsistency between selinux configurations")
Reported-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Raghuvarya S <quic_raghuvar@quicinc.com>
Acked-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To ensure android-tools-adbd.service starts at boot, the path
for ConditionPathExists must be present at build time. /etc is
more suitable for build-time files than /var, which is for
runtime files. Changed ConditionPathExists from
/var/usb-debugging-enabled to /etc/usb-debugging-enabled
Backport-of: 8106cfe769aa ("android-tools-adbd.service: Change /var to /etc in ConditionPathExists")
CC: Khem Raj <raj.khem@gmail.com>
CC: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Raghuvarya S <quic_raghuvar@quicinc.com>
Acked-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fixes following stringop-overflow warning with gcc-13:
In file included from /usr/include/c++/13/atomic:41,
from /poky/build/tmp/work/x86_64-linux/tbb-native/2021.11.0/git/src/tbb/../../include/oneapi/tbb/detail/_utils.h:22,
from /poky/build/tmp/work/x86_64-linux/tbb-native/2021.11.0/git/src/tbb/task_dispatcher.h:20,
from /poky/build/tmp/work/x86_64-linux/tbb-native/2021.11.0/git/src/tbb/arena.cpp:17:
In member function ‘void std::__atomic_base<_IntTp>::store(__int_type, std::memory_order) [with _ITp = bool]’,
inlined from ‘void std::atomic<bool>::store(bool, std::memory_order)’ at /usr/include/c++/13/atomic:104:20,
inlined from ‘void tbb::detail::r1::concurrent_monitor_base<Context>::notify_one_relaxed() [with Context = long unsigned int]’ at /poky/build/tmp/work/x86_64-linux/tbb-native/2021.11.0/git/src/tbb/concurrent_monitor.h:293:53:
/usr/include/c++/13/bits/atomic_base.h:481:25: error: ‘void __atomic_store_1(volatile void*, unsigned char, int)’ writing 1 byte into a region of size 0 overflows the destination [-Werror=stringop-overflow=]
481 | __atomic_store_n(&_M_i, __i, int(__m));
| ~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~
compilation terminated due to -Wfatal-errors.
cc1plus: all warnings being treated as errors
(cherry picked from commit e131071769ee3df51b56b053ba6bfa06ae9eff25)
Signed-off-by: Yogesh Tyagi <yogesh.tyagi@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
This fixes errors from buildhistory changes where packages-split would
be empty.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 90f96e053ad3eefa7693d9748efdfbfa72d7dcfd)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
bpftool is supported for riscv64 and tested on qemuriscv64.
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
0003-configure.ac-bypass-autoconf-2.69-version-check.patch
refreshed for 16.4
drop: CVE-2024-7348.patch
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 4d253bca26c5e6f9d79e19ab1b62fa34b5c05429)
[Drop CVE patch now included in update]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
[V2]
Missed dropping CVE patch
|
| |
|
|
|
|
|
| |
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit bbcb7d6023a516f3d432fbf01b78cdcc486e31ba)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 7e8a786c291659083d746a4fe066fbc68c2abf34)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
Project has moved to github.
Signed-off-by: Marc Ferland <marc.ferland@gmail.com>
(cherry picked from commit fb3408270282fbd619df7a5efac5178cabc37ddb)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Upstream-Status: Backport []https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=79c7a7e29695a32fef2e65682be224b8d61ec972
Signed-off-by: Ashish Sharma <asharma@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Starting with Linux 6.6, RDCYCLE is a privileged instruction on RISC-V
and can't be used directly from userland. This causes 'systemctl start
mysqld.service' failed with error:
[ 1456.918172] mariadbd[12115]: unhandled signal 4 code 0x1 at 0x000055558689d134 in mariadbd[555585bfa000+14a7000]
[ 1456.921772] CPU: 1 PID: 12115 Comm: mariadbd Not tainted 6.6.43-yocto-standard #1
[ 1456.922327] Hardware name: riscv-virtio,qemu (DT)
[ 1456.923045] epc : 000055558689d134 ra : 000055558620ea48 sp : 00007fffdc487770
[ 1456.923525] gp : 00005555872ec400 tp : 00007fff89560780 t0 : 0000555587be32e8
[ 1456.923951] t1 : 0000555586886042 t2 : 000000002d6a89f0 s0 : 00007fffdc4877b0
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit e11df061339051eda38750fa75429778d3d8dbb4.
This isn't needed in scarthgap where buildpaths aren't in
default ERROR_QA and it's not a correct fix anyway, see
https://lists.openembedded.org/g/openembedded-devel/message/112048
This doesn't work with multilib where the package is named ${PN}-src
(e.g. lib32-gcab-src) and it's better to just lower buildpaths from
ERROR_QA to WARN_QA instead of skipping it completely, because it's
still an issue which should be fixed (at least to improve hashserv
efficiency if you don't care about reproducibility itself)
and commits in master:
https://git.openembedded.org/meta-openembedded/commit/?id=154f5bb1342739d88185ac0cce9c15b7b2958187
https://git.openembedded.org/meta-openembedded/commit/?id=6644c4a420db82da1ce71697ff889e7b1b6e41ad
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
nativesdk support is needed in some of the projects for codegeneration
Signed-off-by: Nisha Parrakat <nisha.m.parrakat@bmw.de>
Signed-off-by: Akash Hadke <akash.hadke27@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
A flaw was found in the GTK library. Under certain conditions, it is possible for a
library to be injected into a GTK application from the current working directory.
References:
https://nvd.nist.gov/vuln/detail/CVE-2024-6655
Upstream-patch:
https://gitlab.gnome.org/GNOME/gtk/-/commit/3bbf0b6176d42836d23c36a6ac410e807ec0a7a7
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2024-26458:
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in
/krb5/src/lib/rpc/pmap_rmt.c.
CVE-2024-26461:
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak
vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.
References:
https://nvd.nist.gov/vuln/detail/CVE-2024-26458
https://nvd.nist.gov/vuln/detail/CVE-2024-26461
Upstream Patch:
https://github.com/krb5/krb5/commit/c5f9c816107f70139de11b38aa02db2f1774ee0d
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A flaw was found in the Poppler's Pdfinfo utility. This issue
occurs when using -dests parameter with pdfinfo utility. By
using certain malformed input files, an attacker could cause
the utility to crash, leading to a denial of service.
CVE-2024-6239-0002 is the CVE fix and CVE-2024-6239-0001 is
dependent commit to fix the CVE.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2024-6239
Upstream patch:
https://gitlab.freedesktop.org/poppler/poppler/-/commit/0554731052d1a97745cb179ab0d45620589dd9c4
https://gitlab.freedesktop.org/poppler/poppler/-/commit/fc1c711cb5f769546c6b31cc688bf0ee7f0c1dbc
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
The json module is used in several cli commands.
The fcntl module is used in terminal input handling.
Signed-off-by: Esben Haabendal <esben@geanix.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit cb50c930964bac0394020949c7efe0a4a06f3b89)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Pick https://github.com/jpirko/libndp/commit/05e4ba7b0d126eea4c04387dcf40596059ee24af.patch
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
============
* Add NULL check to cJSON_SetValuestring()(CVE-2024-31755)
* Remove non-functional list handling of compiler flags
* Fix heap buffer overflow
* remove misused optimization flag -01
* Set free'd pointers to NULL whenever they are not reassigned immediately after
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(From meta-openembedded rev: 535822eff7647b6363225bb8f04d2d7d59a71204)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Only include the lines from icheck.js that cover the copyright and the
license text.
License-Update: Only include the relevant parts of icheck.js
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Only include the lines from the README that cover the copyright and the
license text.
License-Update: Only include the relevant parts of the README
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
For "devtool modify" to work correctly, ${B} needs to match ${S}.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
WARNING: jsonrpc-1.4.1-r0 do_package_qa: QA Issue: File /usr/lib/libjson-rpc-cpp/cmake/libjson-rpc-cppTargets.cmake in package jsonrpc-dev contains reference to TMPDIR [buildpaths]
Signed-off-by: alperak <alperyasinak1@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit cb2e8f98b4d758bd7b7f399c529d6d96e7594b97)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Release Notes:
* https://github.com/Exiv2/exiv2/issues/3008
* https://github.com/Exiv2/exiv2/milestone/14?closed=1
This release also fixes a low-severity security issue in asfvideo.cpp:
* [CVE-2024-39695](https://github.com/Exiv2/exiv2/security/advisories/GHSA-38rv-8x93-pvrh): out-of-bounds read in AsfVideo::streamProperties.
This vulnerability is in a new feature (ASF video) that was added in version 0.28.0, so earlier versions of Exiv2 are not affected.
Signed-off-by: alperak <alperyasinak1@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9f4361418d58941d058fb94a3671b9d0904b6300)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Remove outdated comment
- Switch to git fetcher. Otherwise the official download location leads to:
WARNING: exiv2-0.28.2-r0 do_recipe_qa: QA Issue: exiv2: SRC_URI uses unstable GitHub/GitLab
archives, convert recipe to use git protocol [src-uri-bad]
- Remove reproducibility hack. Theres no buildpath leakage in exiv2Config.cmake
anymore.
Changes from version 0.28.1 to 0.28.2
-------------------------------------
Release Notes:
* https://github.com/Exiv2/exiv2/issues/2914
* https://github.com/Exiv2/exiv2/milestone/13?closed=1
This release also fixes two low-severity security issues in quicktimevideo.cpp:
* [CVE-2024-24826](https://github.com/Exiv2/exiv2/security/advisories/GHSA-g9xm-7538-mq8w):
out-of-bounds read in QuickTimeVideo::NikonTagsDecoder.
* [CVE-2024-25112](https://github.com/Exiv2/exiv2/security/advisories/GHSA-crmj-qh74-2r36):
denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder.
These vulnerabilities are in a new feature (quicktime video) that was added in version 0.28.0,
so earlier versions of Exiv2 are not affected.
Changes from version 0.28.0 to 0.28.1
-------------------------------------
Release Notes:
https://github.com/Exiv2/exiv2/issues/2813
This release also fixes [CVE-2023-44398](https://github.com/Exiv2/exiv2/security/advisories/GHSA-hrw9-ggg3-3r4r),
an out-of-bounds write in `BmffImage::brotliUncompress`. The vulnerability is in new code that was added in
version 0.28.0, so earlier versions of Exiv2 are not affected.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 3a9fc5ba68d8c121e70c018d4f4a782693def40b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Update status for:
CVE-2016-7532, CVE-2014-9822, CVE-2014-9823, CVE-2014-9824, CVE-2014-9825, CVE-2014-9826, CVE-2014-9827, CVE-2014-9828, CVE-2014-9829, CVE-2014-9830, CVE-2014-9831, CVE-2014-9848, CVE-2014-9852, CVE-2014-9853, CVE-2014-9854, CVE-2014-9907, CVE-2016-10062, CVE-2016-10144, CVE-2016-10145, CVE-2016-10146, CVE-2016-5118, CVE-2016-7513, CVE-2016-7514, CVE-2016-7515, CVE-2016-7516, CVE-2016-7517, CVE-2016-7518, CVE-2016-7519, CVE-2016-7520, CVE-2016-7521, CVE-2016-7522, CVE-2016-7523, CVE-2016-7524, CVE-2016-7525, CVE-2016-7526, CVE-2016-7527, CVE-2016-7528, CVE-2016-7529, CVE-2016-7530, CVE-2016-7533
CPE is incorrect, the current version is not affected.
Signed-off-by: Ninette Adhikari <ninette@thehoodiefirm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f8c70167e6a00ad1d2d8ee5675e2c84d59f2dfd5)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Update status for:
CVE-2016-7534, CVE-2016-7535, CVE-2016-7536, CVE-2016-7537, CVE-2016-7538, CVE-2017-5506, CVE-2017-5509, CVE-2017-5510, CVE-2017-5511, CVE-2007-1667
CPE is incorrect, the current version (7.1.1) is not affected.
Signed-off-by: Ninette Adhikari <ninette@thehoodiefirm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9f2e9daef1891d373792d5b1bcc36719349ba843)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Update status for:
CVE-2014-9804, CVE-2014-9805, CVE-2014-9806, CVE-2014-9807, CVE-2014-9808, CVE-2014-9809, CVE-2014-9810, CVE-2014-9811, CVE-2014-9812, CVE-2014-9813, CVE-2014-9814, CVE-2014-9815, CVE-2014-9816, CVE-2014-9817, CVE-2014-9818, CVE-2014-9819, CVE-2014-9820, CVE-2014-9821, CVE-2016-7531
CPE is incorrect, the current version (7.1.1) is not affected.
Signed-off-by: Ninette Adhikari <ninette@thehoodiefirm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 388b8017f9c86428d5965f8c45d64f4477984ac0)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
WARNING: etcd-cpp-apiv3-0.15.4-r0 do_package_qa: QA Issue: File /usr/lib/cmake/etcd-cpp-api/etcd-targets.cmake in package etcd-cpp-apiv3-dev contains reference to TMPDIR [buildpaths]
Signed-off-by: alperak <alperyasinak1@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit a70cacd0c25dbeb641e364ecc0e28fc4b924e59b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Fixes
do_package_qa: QA Issue: File /usr/bin/log4cpp-config in package log4cpp contains reference to TMPDIR [buildpaths]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 78a69186be5db3f6995101e0f94a1d11e1155421)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Test binary has embedded build time paths. Ignore
for now.
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e02e22063433adb1b4fbba562f9efd6e68941309)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
gcab-src has some meson generated files which embed
absolute paths from build environment. meson seems
ot do this on purpose to fix other issues.
Ignored those issues for now.
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit db91757e7bd98494666ca00bc7727a7607b6004f)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Test binaries are embeddding build paths and can't easily
figure out why. Thus ignore the errors in these binaries
for now.
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e77f9f2feb6b9b9c86e3d815415e4bb521444538)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Update SRC_URI to fix do_fetch warning
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Server's https certificate isn't valid for freedesktop.org without www
prefix, refer [1]. Update SRC_URI to fix do_fetch warning
[1] https://gitlab.freedesktop.org/freedesktop/freedesktop/-/issues/1537
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Release notes:
https://github.com/HDFGroup/hdf5/blob/hdf5_1.14.4.3/release_docs/RELEASE.txt
License update: link update
from https://raw.githubusercontent.com/hdfgroup/hdf5/develop/COPYING_LBNL_HDF5
to https://raw.githubusercontent.com/hdfgroup/hdf5/hdf5_1_14/COPYING_LBNL_HDF5.
Upstream has only Released tar file extension is .gz so
SRC_URI tar file extension changed from .bz2 to .gz
Fixes
File /usr/lib/libhdf5.settings in package hdf5 contains reference to TMPDIR
File /usr/src/debug/hdf5/1.14.4-3/src/H5build_settings.c in package
hdf5-src contains reference to TMPDIR [buildpaths]
- Running H5make_libsettings is no longer required for cross-compiling
The functionality of H5make_libsettings is now handled via template files,
so H5make_libsettings has been removed.
- Running H5detect is no longer required for cross-compiling
The functionality of H5detect is now exercised at library startup,
so H5detect has been removed
Rework the patch 0001-cmake-remove-build-flags.patch to fix the build path
issue.
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, any non-native recipes that inherits cpan-base ends up
with an image RDEPENDS on perl (via
https://git.yoctoproject.org/poky/tree/meta/classes-recipe/cpan-base.bbclass?h=scarthgap#n14)
If you are building an image and desire to have Postgresql installed
but NOT perl, this creates a problem. This changeset attempts
to fix this shortcoming by not inheriting cpan-base directly.
Note this work is a continuation of attempts to change cpan-base:
https://bugzilla.yoctoproject.org/show_bug.cgi?id=15563
The Postgresql build system uses perl, so add it as a DEPENDS. This
happened previously via the "inherit cpan-base" directive.
I've validated this recipe successfully packages with and without
the perl PACKAGECONFIG in Scarthgap.
Signed-off-by: Barry Grussling <mr.scada@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f311f1f01c19924d8cced61fa915f1387f92455b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
New tarball location is:
http://oldmanprogrammer.net/tar/tree/
Homepage is:
http://oldmanprogrammer.net/source.php?dir=projects/tree
Signed-off-by: Benjamin Szőke <egyszeregy@freemail.hu>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 0c4079fc28cc36cb2dbfe48093f2cf64106f8b5d)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
See https://github.com/uutils/coreutils/releases/tag/0.0.27
Signed-off-by: Etienne Cordonnier <ecordonnier@snap.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
See https://github.com/uutils/coreutils/releases/tag/0.0.26
Signed-off-by: Etienne Cordonnier <ecordonnier@snap.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Graphviz 2.36 before 10.0.0 has an out-of-bounds read via a
crafted config6a file. NOTE: exploitability may be uncommon
because this file is typically owned by root.
CVE-2023-46045-0003.patch is the CVE fix and CVE-2023-46045-0001.patch,
CVE-2023-46045-0002.patch are dependent commits to fix the CVE.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2023-46045
Upstream patches:
https://gitlab.com/graphviz/graphviz/-/commit/361f274ca901c3c476697a6404662d95f4dd43cb
https://gitlab.com/graphviz/graphviz/-/commit/3f31704cafd7da3e86bb2861accf5e90c973e62a
https://gitlab.com/graphviz/graphviz/-/commit/a95f977f5d809915ec4b14836d2b5b7f5e74881e
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
This change removes the ANSI color codes from the
ptest result.
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
* avoid imagemagick-native like upstream did in:
https://sourceforge.net/p/giflib/code/ci/d54b45b0240d455bbaedee4be5203d2703e59967/
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* ${libdir}/systemd doesn't work on multilib builds, where libdir might be something
else than ${nonarch_base_libdir}
fixes:
ERROR: QA Issue: lib32-bolt: Files/directories were installed but not shipped in any package:
/usr/lib/systemd
/usr/lib/systemd/system
/usr/lib/systemd/system/bolt.service
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit addresses the shebang size issue encountered in the
do_populate_sysroot task of the rrdtool-native recipe. The issue
was caused by the shebang line in the cgi-demo.cgi file exceeding
the maximum allowed length of 128 characters.
The following error was observed:
ERROR: rrdtool-native-1.8.0-r0 do_populate_sysroot: QA Issue: : /work/x86_64-linux/rrdtool-native/1.8.0/sysroot-destdir/work/x86_64-linux/rrdtool-native/1.8.0/recipe-sysroot-native/usr/share/rrdtool/examples/cgi-demo.cgi maximum shebang size exceeded, the maximum size is 128. [shebang-size]
ERROR: rrdtool-native-1.8.0-r0 do_populate_sysroot: do_populate_sysroot for this recipe installed files with QA issues
The solution implemented involves modifying the shebang line in the
cgi-demo.cgi file to use '/usr/bin/env rrdcgi', ensuring it adheres
to the length limit.
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 05c17b63fe0bbc7f94154017f2c54237576df94c)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
