| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Ptest for duktape executes below tests:
1. hello - a helloworld example is basic compilation test
that test the APIs - duk_get_top(), duk_push_c_function(),
duk_eval_string()
2. eval - a very simple for evaluating expressions from
command line which test the APIs - duk_push_string(),
duk_insert(), duk_join(), duk_pop()
3. evloop - a basic eventloop implementation test
that test the APIs - duk_is_object(), duk_compile()
duk_push_c_function(), duk_safe_call()
Test Summary:
Execution time = 46 sec
Signed-off-by: Nikhil R <nikhil.r@kpit.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 3277a81937bee01437a7ca8634e0f056e318f21b)
Signed-off-by: Nikhil R <nikhil.r@kpit.com>
(cherry picked from commit 5f935c35de9ea620bcbf0d55b096b1a328563a8a)
Signed-off-by: Sana.Kazi <Sana.Kazi@kpit.com>
Signed-off-by: Nikhil R <nikhilar2410@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
Backport patch [1] to fix CVE-2022-47015 [2].
[1] https://github.com/MariaDB/server/commit/b98375f9df0
[2] https://jira.mariadb.org/browse/MDEV-29644
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
| |
Backport based on https://github.com/c-ares/c-ares/issues/496
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
According to the upstream [1], the bug happens only if the programmer
does not follow the API definition.
[1] https://github.com/akheron/jansson/issues/548
Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit e0e79bbde23f17185cc59908fee97c0cea098428)
[Fixup for Kirkstone context]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
| |
Upgrade mariadb to 10.7.8 [1].
[1] https://mariadb.com/kb/en/mariadb-10-7-8-release-notes
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The following CVEs fixed in this version:
CVE-2023-23918
CVE-2023-23919
CVE-2023-23920
CVE-2023-23936
CVE-2023-24807
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The header-only package cannot be included in the SDK without marking
the main package with ALLOW_EMPTY.
Fixes rootfs problem:
```
The following packages have unmet dependencies:
imx-gpu-sdk : Depends: nlohmann-json but it is not installable
E: Unable to correct problems, you have held broken packages.
```
Signed-off-by: Tom Hochstein <tom.hochstein@nxp.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f9c9e7a448b9d9f7d54bbf09970223db467eedb2)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
| |
Upgrade php to 8.1.16 [1].
[1] https://www.php.net/ChangeLog-8.php#8.1.16
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
| |
Includes fix for CVE-2023-0286
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
An integer overflow was addressed with improved input validation. This
issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS
14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted
PDF may lead to arbitrary code execution. Apple is aware of a report that
this issue may have been actively exploited.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2021-30860
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
| |
liblockfile do_install task will fail since syntax error when ldconfig
is not installed on the host.
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2022-41974
NOTE: The actual fixes for this CVE are upstream commits [1] and [2]. However,
they are part of a larger patchset which has a lot of dependencies and cannot
be backported easily to older multipath-tools versions. Upstream discussion [3]
indicates that there is a custom patch available for old versions ([4]).
Ubuntu, Debian and Suse applied this patch to their 0.7.xx and
0.8.xx releases ([4], [5]), so we add it as well.
[1] https://github.com/opensvc/multipath-tools/commit/f812466f68b8e020818c6454d7b7a7e278bc99f6
[2] https://github.com/opensvc/multipath-tools/commit/d139bcf0842bc0a16beab86e1349ed65b150bf0c
[3] https://github.com/opensvc/multipath-tools/issues/59
[4] https://github.com/openSUSE/multipath-tools/commit/fbbf280a0e26026c19879d938ebb2a8200b6357c
[5] http://launchpadlibrarian.net/634132876/multipath-tools_0.7.4-2ubuntu3.1_0.7.4-2ubuntu3.2.diff.gz
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
| |
* https://exiv2.org/releases returns 404 now, use github releases
* it's already fixed in master with upgrade to 0.27.6 in:
https://git.openembedded.org/meta-openembedded/commit/?id=00a7d4b284c1afccfa26021111384d2184b82e5b
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change OS_TEST to be soft assignment so that the cross-compilation
doens't fail with the errors like (note the difference in CPU tags):
| make[4]: *** No rule to make target
'../certhigh/Linux3.4_x86_64_glibc_PTH_64_OPT.OBJ/certhtml.o', needed by
'Linux3.4_aarch64_glibc_PTH_64_OPT.OBJ/libnss3.so'. Stop.
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
| |
Add fix created after latest release (10.8.4).
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* 16.18.0 (npm 8.19.2) introduced a regression in git+ssh urls
- https://github.com/nodejs/node/issues/44992
- https://github.com/npm/cli/pull/5761
https://nodejs.org/ko/blog/release/v16.19.0/
License-Update: Clarify vendored OpenSSL Toolkit is OpenSSL and SSLeay
License-Update: JS Foundation -> OpenJS Foundation
https://github.com/nodejs/node/commit/e7ed56f501389978e4619ab697a812631c4061ff
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mitigate occurences where ':append' operator is used and leading
whitespace character is obviously missing, risking inadvertent
string concatenation.
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 6a87f2ba9cdd4b9689b0d1c86b2e99071d1e069b)
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
| |
Backporting the version from master (1.50.1) would a big risk. So use the
version 1.46.6 which also includes fixes of bundled z-lib library.
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
| |
This upgrade include fix for CVE-2022-3647
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d869383b0f9848a07ab3d7fbb5b7f687dce7744a)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
| |
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c8d9407eec21e1eb3e34b66cac8d11fe13c6e63e)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
| |
Upstream-Status: Backport from https://github.com/krb5/krb5/commit/4e661f0085ec5f969c76c0896a34322c6c432de4
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
| |
This upgrade include fix for CVE-2022-3647
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
| |
backport patch from debian
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the commit addressing CVE-2022-41973 caused new QA errors due to
.so symlinks getting slurped into multipath-tools-libs:
QA Issue: non -dev/-dbg/nativesdk- package multipath-tools-libs
contains symlink .so '/usr/lib/libdmmp.so'
...
Fix this by making the new pattern for multipath-tools-libs package
more specific.
Signed-off-by: S. Lockwood-Childs <sjl@vctlabs.com>
|
|
|
|
|
|
|
| |
Remove the backported patch mariadb-openssl3.patch.
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The build fails when use qemu to run build for amd64 as below:
| make -f libmariadb/libmariadb/CMakeFiles/mariadbclient.dir/build.make libmariadb/libmariadb/CMakeFiles/mariadbclient.dir/depend
| make -f libmariadb/libmariadb/CMakeFiles/libmariadb.dir/build.make libmariadb/libmariadb/CMakeFiles/libmariadb.dir/depend
| make[2]: Entering directory '/build/tmp-glibc/work/dbfp5-wrs-linux/mariadb/10.7.4-r0/build'
| cd /build/tmp-glibc/work/dbfp5-wrs-linux/mariadb/10.7.4-r0/build && /build/tmp-glibc/work/dbfp5-wrs-linux/mariadb/10.7.4-r0/recipe-sysroot-native/usr/bin/cmake -E cmake_depends "Unix Makefiles" /build/tmp-glibc/work/dbfp5-wrs-linux/mariadb/10.7.4-r0/mariadb-10.7.4 /build/tmp-glibc/work/dbfp5-wrs-linux/mariadb/10.7.4-r0/mariadb-10.7.4/libmariadb/libmariadb /build/tmp-glibc/work/dbfp5-wrs-linux/mariadb/10.7.4-r0/build /build/tmp-glibc/work/dbfp5-wrs-linux/mariadb/10.7.4-r0/build/libmariadb/libmariadb /build/tmp-glibc/work/dbfp5-wrs-linux/mariadb/10.7.4-r0/build/libmariadb/libmariadb/CMakeFiles/mariadbclient.dir/DependInfo.cmake --color=
| make[2]: Leaving directory '/build/tmp-glibc/work/dbfp5-wrs-linux/mariadb/10.7.4-r0/build'
| make -f libmariadb/libmariadb/CMakeFiles/mariadbclient.dir/build.make libmariadb/libmariadb/CMakeFiles/mariadbclient.dir/build
| Illegal instruction (core dumped)
| make[2]: *** [sql/CMakeFiles/GenServerSource.dir/build.make:76: sql/lex_hash.h] Error 132
| make[2]: *** Deleting file 'sql/lex_hash.h'
| make[2]: Entering directory '/build/tmp-glibc/work/dbfp5-wrs-linux/mariadb/10.7.4-r0/build'
| [ 8%] Linking C static library libmariadbclient.a
| cd /build/tmp-glibc/work/dbfp5-wrs-linux/mariadb/10.7.4-r0/build/libmariadb/libmariadb && /build/tmp-glibc/work/dbfp5-wrs-linux/mariadb/10.7.4-r0/recipe-sysroot-native/usr/bin/cmake -P CMakeFiles/mariadbclient.dir/cmake_clean_target.cmake
| Illegal instruction (core dumped)
| Illegal instruction (core dumped)
| make[2]: *** [scripts/CMakeFiles/GenFixPrivs.dir/build.make:78: scripts/mysql_fix_privilege_tables_sql.c] Error 132
So don't use qemu to run cross-compiled binaries.
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 4facf6815c4d10a4c7a373d81056af2533d0df12)
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2022-45063
Upstream-Status: Backport
[https://github.com/ThomasDickey/xterm-snapshots/commit/787636674918873a091e7a4ef5977263ba982322]
CVE: CVE-2022-45063
Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
| |
This is a security release[1].
[1] https://www.php.net/ChangeLog-8.php#8.1.12
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
| |
Distutils package and pipes are deprecated and slated for removal in Python 3.13 for Nodejs 16.18
Replaced distutils with setuptools
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
/dev/shm may have unsafe permissions. Use /run instead.
Use systemd's tmpfiles.d mechanism to create /run/multipath
early during boot.
For backward compatibilty, make the runtime directory configurable
via the "runtimedir" make variable.
References:
https://nvd.nist.gov/vuln/detail/CVE-2022-41973
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
| |
When cleaning the package during rebuild in base_do_configure()
'make clean' deletes docs/dool.1. This files comes from source repository
but can't be recreated using 'make docs'.
Signed-off-by: Alexander Stein <alexander.stein@ew.tq-group.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
| |
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
| |
* Drop Openssl legacy provider patch and install both binaries patch
which are already available in 16.x
* Refresh native binaries patch against 16.x base
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Compile redis with full systemd support when the chosen init system is
systemd.
Enabling systemd supervision allows redis to communicate the actual
server status (i.e. "Loading dataset", "Waiting for master<->replica
sync") to systemd, instead of declaring readiness right after
initializing the server process.
Signed-off-by: Zheng Qiu <zheng.qiu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
re2 $ git branch -a --contains 166dbbeb3b0ab7e733b278e8f42a84f6882b8a25
* main
remotes/origin/HEAD -> origin/main
remotes/origin/main
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
|
| |
Install kselftest runner and the required kselftest-list.txt.
Signed-off-by: Chase Qi <chase.qi@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit fd330c4514ae5acefa5e472e6775419066d60385)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 447de4d47ba2deba1af80201b91bb312f184fe0e)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
| |
https://github.com/gabime/spdlog/blob/eb3220622e73a4889eee355ffa37972b3cac3df5/CMakeLists.txt#L72
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit b20af98b5ad28e330c97770f7d0db75890784f98)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This driver is now part of Eclipse's oniro-blueprints project
Note: Once transition is finished,
existing copies will be need to be archived
For history referer to related tickets if curious.
Relate-to: https://gitlab.eclipse.org/eclipse/oniro-core/oniro/-/issues/787
Relate-to: https://gitlab.eclipse.org/eclipse/oniro-blueprints/vending-machine/meta-oniro-blueprints-vending-machine/-/issues/1
Relate-to: https://gitlab.eclipse.org/pcoval/pim435/-/issues/2
Relate-to: https://git.ostc-eu.org/distro/components/vending-machine-control-application/-/issues/2
Forwarded: https://github.com/openembedded/meta-openembedded/pull/603
Origin: https://github.com/astrolabe-coop/meta-openembedded
Signed-off-by: Philippe Coval <philippe.coval.ext@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 6b50ce8f07b61d111f82c3ca88c5125192c214a0)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
| |
Refresh patch to avoid QA issue about patch fuzz.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
|
|
|
|
|
|
|
|
|
|
| |
CVE-2019-14906 is a Red Hat vulnerability and Yocto is not applicable.
So add it to the allowlist.
Signed-off-by: Hitomi Hasegawa <hasegawa-hitomi@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 8803be17aada56ec6a11fba4db9df74f16f9c58c)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
Maximum number of tries, in rare cases, is insufficient for
elf parse. Backport patch that fixes the issue.
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e231c86e282eefff0e8164551f75f8e01682abe6)
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cec-client doesn't link with libcec, but uses LibCecInitialise to
dlopen libcec, so do_package cannot add the runtime dependency
automatically
* fixes:
root@rpi4:# cec-client -l
libcec.so.6: cannot open shared object file: No such file or directory
root@rpi4:# cecc-client -l
libcec.so.6: cannot open shared object file: No such file or directory
libcec.so.6: cannot open shared object file: No such file or directory
libcec/6.0.2-r0 $ objdump -p ./build/src/cec-client/cec-client-6.0.2 | grep NEEDED
NEEDED libncurses.so.5
NEEDED libtinfo.so.5
NEEDED libstdc++.so.6
NEEDED libgcc_s.so.1
NEEDED libc.so.6
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
|
|
|
|
|
|
|
| |
base is always inherited so remove this code which will soon cause an error.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit a755af4fb5ca2e158b00214bb18e27ba69c200fd)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
This tweak is needed for building audit but not the interfaces it may
expose via the headers, therefore undo the tweak before packaging things
up
Reported-By: Scott Murray <scott.murray@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 4ff83dfb5a9f70188959814aa015910bd7363eca)
|
|
|
|
|
|
|
|
|
|
|
| |
The patch for removing 'QA issues' with pg_config was incomplete, it did not
change the number of items supposed to be in the configdata stucture. This leads to
get_configdata function asserting, and pg_config command does not work
Signed-off-by: Steffen Olsen <steffen.olsen@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 730c85613ec718919bc0d155addfb9a20af112ad)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|