| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
When build host machine is not installed with elfutils-libelf-devel, it
throws compile error "libelf.h: No such file or directory". Fix missing
headers file by including path ${STAGING_INCDIR_NATIVE} via CFLAGS variable.
Use headers file from ${STAGING_INCDIR_NATIVE} instead of host machine.
Error:
| libbpf_internal.h:19:10: fatal error: libelf.h: No such file or directory
Signed-off-by: Preeti Sachan <preeti.sachan@intel.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Set pam module path to ${base_libdir}/security as this is the default
path in libpam.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Set pam module path to ${base_libdir}/security as this is the default
path in libpam.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Set pam module path to ${base_libdir}/security as this is the default
path in libpam.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://github.com/openembedded/meta-openembedded/commit/d5e90541f8e35916abc930b2da6de037b23d51a1
moved the rules to /usr/share/ instead of /etc/. The commit also removed the
install:prepend() step.
This results in the rules being installed as file /usr/share/polkit-1/rules.d
instead of in that folder.
This commit adds back the install prepend step such that the rules are installed
in said folder.
Signed-off-by: Darrel Griët <dgriet@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
This library gets tracked with the product name tinyxml2:
https://nvd.nist.gov/products/cpe/detail/5A6C04CB-E6AD-4740-882A-34620AEC060A
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
This library gets tracked with the product name tinyxml:
https://nvd.nist.gov/products/cpe/detail/95BDA29F-257C-4C44-8847-25CFC107228D
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This includes CVE-fix for CVE-2024-11407
Changelog:
==================================
https://github.com/grpc/grpc/releases/tag/v1.68.0
https://github.com/grpc/grpc/compare/v1.66.1...v1.68.0
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
* update to latest 3.6.1 Version
* add packaging for botan binary and botan-test tool
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* switch to libarchive to handle a larger decompression schemes
* implement own sha256 hashing and drop openssl dependency
* compute maximum buffer size before writing each range
* bmap file optional: if not provided, it will be searched in the same path as the input
* print time/speed of the writing operation
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
ChangLog:
https://github.com/libbpf/libbpf/releases/tag/v1.4.7
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
ChangeLog:
https://git.kernel.org/pub/scm/devel/pahole/pahole.git/tree/changes-v1.28
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
ChangeLog:
https://github.com/TigerVNC/tigervnc/releases/tag/v1.14.1
* Update xorg-server to 21.1.15
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
ChangeLog:
https://www.openldap.org/software/release/changes.html
Drop 0001-fix-incompatible-pointer-type-error.patch as the issue has
been fixed upstream.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
7668d820 simulate a MCE event happened during TDX guest context
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Change the SRC_URI to the correct value due to the following error:
WARNING: eject-2.1.5-r0.wr2401 do_fetch: Failed to fetch URL http://sources.openembedded.org/eject-2.1.5.tar.gz, attempting MIRRORS if available
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
* Refresh patches.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
* Refresh patches.
* Drop 0001-Fix-Wincompatible-function-pointer-types.patch as the issue
has been fixed upstream.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
* Upgrade 24.11.0 -> 24.12.0
* Backport patch 0001-Don-t-update-pdfsig.pot-when-POT-Creation-date-is-th.patch
to fix a parallel build issue, refer [1]
[1] https://gitlab.freedesktop.org/poppler/poppler/-/issues/1550
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Due to pahole build depend on pahole, and libbpf added more architectures
to COMPATIBLE_HOST [1], add the same COMPATIBLE_HOST setting to pahole
$ echo "MACHINE = 'qemuloongarch64'" >> conf/local.conf
$ bitbake world
ERROR: Nothing PROVIDES 'libbpf' (but meta-openembedded/meta-oe/recipes-devtools/pahole/pahole_1.27.bb DEPENDS on or otherwise requires it)
libbpf was skipped: incompatible with host loongarch64-wrs-linux (not in COMPATIBLE_HOST)
ERROR: Required build target 'meta-world-pkgdata' has no buildable providers.
Missing or unbuildable dependency chain was: ['meta-world-pkgdata', 'pahole', 'libbpf']
[1] https://git.openembedded.org/meta-openembedded/commit/?id=bb8049afe96db57707afc259743e288bec456117
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Overview of changes in malcontent 0.13.0
========================================
* Bugs fixed:
- #48 Parental controls app: show the launcher, or merge into Settings?
(Philip Withnall)
- !172 Update fa.po
- !173 Update Czech translation
- !176 malcontent-control: Update metainfo file
- !177 Update Swedish translation
- !179 docs: Add list of legal references for relevant countries’ laws
- !180 po: Update Slovenian translation
- !181 Update Polish translation 240909
- !182 Add Chinese translation
- !183 application: Fix opening Settings
- !184 malcontent-control: Call setlocale() earlier to fix early i18n
- !185 restrict-applications-selector: Fix pending changes being lost on
search
- !186 libmalcontent-ui: Port to libadwaita 1.6
- !187 app-filter: Fix logic for allowlist filtering on GAppInfo
* Translation updates:
- Chinese (China) (lumingzh)
- Czech (AsciiWolf)
- Persian (Danial Behzadi)
- Polish (Piotr Drąg)
- Slovenian (Martin Srebotnjak)
- Swedish (Anders Jonsson)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Use patch from buildroot:
https://github.com/buildroot/buildroot/commit/844a7c6281eb442881330a5d36d5a0719f2870bf
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Use patch from buildroot:
https://github.com/buildroot/buildroot/commit/bd5f84d301c4e74ca200a9336eca88468ec0e1f3
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
CVE-2017-6830 / CVE-2017-6834 / CVE-2017-6836 / CVE-2017-6838
Use patch from buildroot:
https://github.com/buildroot/buildroot/commit/4a1a8277bba490d227f413e218138e39f1fe1203
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Use patch from buildroot:
https://github.com/buildroot/buildroot/commit/434890df2a7c131b40fec1c49e6239972ab299d2
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
CVE-2017-6827 / CVE-2017-6828 / CVE-2017-6832 / CVE-2017-6833 / CVE-2017-6835 / CVE-2017-6837
Use patch from buildroot:
https://github.com/buildroot/buildroot/commit/cc00bde57fc20d11f8fa4e8ec5f193c091714c55
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
$ git log --oneline | grep CVE
f58c813 merge in fixes for libgd CVE-2019-6978
407a58b CVE-2017-6362
dabcb8c CVE-2016-10168
b691e47 CVE-2016-10167
16919b4 CVE-2016-9317
2208b48 CVE-2016-9011
f47cbdf CVE-2015-4696
b5ae5d1 CVE-2015-4695
879d6bf CVE-2015-0848+CVE-2015-4588
44f37ac CVE-2009-3546
7bd8ce0 CVE-2007-2756
cfc0916 CVE-2007-3477
5ec7547 CVE-2007-3473
fdd21b1 CVE-2007-3472
5588450 CVE-2007-0455
2c84480 CVE-2009-1364, Use-after-free vulnerability
b9cc022 CVE-2006-3376 Integer overflow in player.c
Adaptations:
* removed patches included in new version.
* extended buildpaths fix to pc file
* changed paths from libdir/gtk-2 to libdir/gdk-pixbuf-2.0
Test - built imagemagick (only recipe in meta-openembedded depending
on libwmf) with wmf PACKAGECONFIG.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Debian has switched to this fork in Bookworm.
If contains dozens of CVE fixes and other bugfixes.
This should make the maintenance of this package easier.
The sources are identical to those abandoned in 2002:
Only in .../tmp/work/core2-64-poky-linux/libwmf/0.2.8.4/libwmf-0.2.8.4/: autom4te.cache
Only in /tmp/caolanm/libwmf/: .git
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CVE is fixed by
https://github.com/ImageMagick/ImageMagick/commit/aa673b2e4defc7cad5bec16c4fc8324f71e531f1
It is tracked as 'fixed in next version' - 7.1.2 (which does not exist)
in NVD DB.
.../tmp/work/core2-64-poky-linux/imagemagick/7.1.1-43/git$ git describe aa673b2e4defc7cad5bec16c4fc8324f71e531f1 --tags
7.1.1-18-4-gaa673b2e4d
.../tmp/work/core2-64-poky-linux/imagemagick/7.1.1-43/git$ git tag --contains aa673b2e4defc7cad5bec16c4fc8324f71e531f1 | head -n1
7.1.1-19
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
This fixes at least CVE-2024-41817 (in 7.1.1-36).
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
* move version part after dash to PV
* set git tag regex
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Take patch from Debian.
https://sources.debian.org/data/main/p/procmail/3.22-26%2Bdeb10u1/debian/patches/30
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Take patch from Debian.
https://sources.debian.org/data/main/p/procmail/3.22-20%2Bdeb7u1/debian/patches/CVE-2014-3618.patch
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is fixed in id3lib3.8.3_3.8.3-16.2.debian.tar.xz patch included in
SRC_URI.
Version 3.8.3-7 contains patch for this CVE, we use 3.8.3-16.2.
This can be verified by checking the debian/changelog within this patch
or diffing [1] and [2] and verifying that this can be reverse-applied.
[1] https://snapshot.debian.org/archive/debian/20070819T000000Z/pool/main/i/id3lib3.8.3/id3lib3.8.3_3.8.3-6.diff.gz
[2] https://snapshot.debian.org/archive/debian/20070819T000000Z/pool/main/i/id3lib3.8.3/id3lib3.8.3_3.8.3-7.diff.gz
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
Take patch from Debian from
https://salsa.debian.org/lts-team/packages/uw-imap/-/commit/873b07f46ce40f43bca10ec85fe63a7a0b934294
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Pick commit based on [1].
Note that the pick is node from deskflow, which is open-source successor
of synergy.
If anyone uses thie recipe, it should be switched.
[1] https://github.com/deskflow/deskflow/security/advisories/GHSA-chfm-333q-gfpp
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Pick patch per [1] poiting to [2] pointing to [3].
[1] https://nvd.nist.gov/vuln/detail/CVE-2022-40320
[2] https://github.com/libconfuse/libconfuse/issues/163
[3] https://github.com/libconfuse/libconfuse/commit/d73777c2c3566fb2647727bb56d9a2295b81669b
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
===========
* New features
Support watchpoint for global variables
Show man pages for the given command
Add utc_offset in the header info
* Bug fixes
Show arguments in libraries from dlopen
Save debug info for libraries from dlopen
Protect FD of communication channel from being closed
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
