summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* wic: Fix --overhead-factor and --extra-space checksDiego Sueiro12 days1-2/+2
| | | | | | | | | | | | If --overhead-factor and --extra-space are passed with =FOO the check fails. Fix this by checking parsed.overhead_factor and parsed.extra_space instead. (From OE-Core rev: 46c24b67d4e9d28e7216a7394090d807cf879fa7) Signed-off-by: Diego Sueiro <diego.sueiro@arm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: mark CVE-2025-6170 as fixedPeter Marko12 days1-0/+2
| | | | | | | | | | | | | | As shown in [1] when expanding tags including it. NVD tracks this CVE as version-less. [1] https://gitlab.gnome.org/GNOME/libxml2/-/commit/c340e419505cf4bf1d9ed7019a87cc00ec200434 (From OE-Core rev: d8a9c190811ad9658a74502a371c110f4d24d68f) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* icu: mark CVE-2025-5222 as fixedPeter Marko12 days1-0/+2
| | | | | | | | | | | | | Commit mentioned in [1] is included in 77-1. This comit was also backported to Yocto all stable/LTS releases. [1] https://security-tracker.debian.org/tracker/CVE-2025-5222 (From OE-Core rev: 69c2956d6af3ffdedc77649ea833dc04ab62b8d3) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: mark CVE-2025-32989 and CVE-2025-32990 as fixedPeter Marko12 days1-0/+3
| | | | | | | | | | | | | This is mentioned in [1]. NVD tracks this as version-less CVE. [1] https://gitlab.com/gnutls/gnutls/-/blob/3.8.10/NEWS?ref_type=tags#L8 (From OE-Core rev: 8367ddb87a51abaa8949614faabc146f40f518a1) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-update-db-native: fix fetcher for CVEs missing nodesPeter Marko12 days1-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | As of now, update of CVE DB from FKIE source (which is the defailt) fails with following error: File: '<build>/poky/meta/recipes-core/meta/cve-update-db-native.bb', lineno: 393, function: update_db_fkie 0389: [cveId, cveDesc, cvssv2, cvssv3, cvssv4, date, accessVector, vectorString]).close() 0390: 0391: for config in elt['configurations']: 0392: # This is suboptimal as it doesn't handle AND/OR and negate, but is better than nothing *** 0393: for node in config["nodes"]: 0394: parse_node_and_insert(conn, node, cveId, False) 0395: 0396:def update_db(d, conn, jsondata): 0397: if (d.getVar("NVD_DB_VERSION") == "FKIE"): Exception: KeyError: 'nodes' Entry for new CVE-2025-32915 is broken. (From OE-Core rev: 152be29f6a732b2ba1c95bcf465455d2a5a3f33a) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libseccomp: fix seccomp_export_bpf_mem out-of-bounds readKhem Raj12 days2-0/+38
| | | | | | | | | | | | Fixes segfaults in ptests on musl Failed ptests: {'libseccomp': ['11-basic-basic_errors%%001-00001_11-basic-basic_errors_rc=139']} (From OE-Core rev: 4f26edb6fd7e3dc5f81c56faed3a0edd9264bf66) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: Address failing ptests on muslKhem Raj12 days2-2/+20
| | | | | | | | | | | | | | | | | | Take a partial patch to disable portion of test_makedev, its also applied in alpine. NODEV does not exist on musl Add test_null_dlsym to ignore list on musl, it needs GNU ifunc support and musl does not implement GNU ifuncs fixes Failed ptests: {'python3': ['test_null_dlsym', 'test_makedev', 'python3']} (From OE-Core rev: c197de49d6b406be5fc79b6e17c397c834efc1b0) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: Security fix for CVE-2024-13978, CVE-2025-8176, CVE-2025-8177Siddharth Doshi12 days8-1/+316
| | | | | | | | | | | | | | | Upstream-Status: Backport from [https://gitlab.com/libtiff/libtiff/-/commit/7be20ccaab97455f192de0ac561ceda7cd9e12d1, https://gitlab.com/libtiff/libtiff/-/commit/2ebfffb0e8836bfb1cd7d85c059cd285c59761a4, https://gitlab.com/libtiff/libtiff/-/commit/3994cf3b3bc6b54c32f240ca5a412cffa11633fa, https://gitlab.com/libtiff/libtiff/-/commit/ce46f002eca4148497363f80fab33f9396bcbeda, https://gitlab.com/libtiff/libtiff/-/commit/ecc4ddbf1f0fed7957d1e20361e37f01907898e0, https://gitlab.com/libtiff/libtiff/-/commit/75d8eca6f106c01aadf76b8500a7d062b12f2d82, https://gitlab.com/libtiff/libtiff/-/commit/e8c9d6c616b19438695fd829e58ae4fde5bfbc22] CVE's Fixed: CVE-2024-13978 libtiff: LibTIFF Null Pointer Dereference CVE-2025-8176 libtiff: LibTIFF Use-After-Free Vulnerability CVE-2025-8177 libtiff: LibTIFF Buffer Overflow (From OE-Core rev: 16d8a873c57b174e4d6581b58d890f2157aa2f2c) Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* at-spi2-core: upgrade 2.56.3 -> 2.56.4Tim Orling12 days1-1/+1
| | | | | | | | | | | | | | | | | | | | | What's new in at-spi2-core 2.56.4: * Fix key grabs when num lock or caps lock are on under Wayland. atk-bridge: Don't crash when requesting a plug if not activated * Add sanity checks for child indices received via DBus. https://gitlab.gnome.org/GNOME/at-spi2-core/-/blob/2.56.4/NEWS?ref_type=tags Comparing changes: https://github.com/GNOME/at-spi2-core/compare/2.56.3...2.56.4 (From OE-Core rev: 59c9aa2411514f448cec23c0ceefeada2a103d85) Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lighttpd: upgrade 1.4.79 -> 1.4.81Michael Opdenacker12 days1-2/+1
| | | | | | | | | | | | | | | | | | | | | | Remove "libev" configuration option, no longer in use since 1.4.80 Upstream changes 1.4.81: - security: fix to reject disallowed trailers 1.4.80: - detect and issue error trace for HTTP/2 MadeYouReset VU#767506 CVE-2025-8671 - stricter HTTP request/response header, trailer, and chunked validation/parsing - support HTTP response trailers - support HTTP request trailers merge to headers (if not streaming request body) - bug fixes (From OE-Core rev: 6054ad0b7a3cf8a6853bdedfdbf973742af58fea) Signed-off-by: Michael Opdenacker <michael.opdenacker@rootcommit.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rust-target-config: Add has-thread-local optionPer x Johansson12 days1-0/+1
| | | | | | | | | | | | | | | The "has-elf-tls" option was removed by the commit 8e1614a906086fb46c5dd7b7f2dffab91194165c. However is should have been renamed to "has-thread-local", since it was renamed and not removed in rust by this commit. https://github.com/rust-lang/rust/commit/391332c5d9d5a5e97a0d36e011a87ad43045cfd3 Change-Id: Ia1fdf7698ebeef62a88052713645d5b499164353 (From OE-Core rev: 18a87dd1724e0934a669aefae36d20374c06c493) Signed-off-by: Per x Johansson <perxjoh@axis.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc-testsuite: Fix test failures with output pattern due to ssh warning.Harish Sadineni12 days1-2/+2
| | | | | | | | | | | | | | | | | | when running oe-selftest for gcc some of the output pattern matchng test cases were getting failed due to below issue. Output line 1 was: Warning: Permanently added '192.168.7 Should match (from /poky/poky/build-st/tmp/work-shared/gcc-15.1.0-r0/sources/ gcc-15.1.0/gcc/testsuite/gcc.dg/dg-output-file-1-lp64.txt): This is a test output for lp64 target Failed test for output line 1 This is a test output for lp64 target (From OE-Core rev: 08200d7ac9d96996dbc1f913bcc0c8bee13592f8) Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/selftest/cases/gcc.py: Increase QEMU RAM to 4GBHarish Sadineni12 days1-1/+2
| | | | | | | | | | | The test pr61599-1.c fails because it requires more than 3GB of RAM. This change increases the allocated RAM to 4GB to prevent test failures. (From OE-Core rev: 745eedb1afcb4f8e28ca560ae41d3297bb63cdd4) Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc: Oe-selftest failure analysis - fix for pr90579.c test failuresHarish Sadineni12 days2-0/+21
| | | | | | | | | | | | | | | | | | | | When gcc build with PIE enabled the following tests were getting failed: FAIL: gcc.target/i386/pr90579.c scan-assembler vaddsd\tr\\+40 FAIL: gcc.target/i386/pr90579.c scan-assembler vaddsd\tr\\+32 FAIL: gcc.target/i386/pr90579.c scan-assembler vaddsd\tr\\+24 FAIL: gcc.target/i386/pr90579.c scan-assembler vaddsd\tr\\+16 Detailed bug info & upstream fix is here: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=118885 Upstream Status: Backport [https://gcc.gnu.org/cgit/gcc/commit/?id=679e24f5a751663998ff7202149a749e0f7251f9] (From OE-Core rev: 7641e08044203ac9dde9a53b91bd01f9432d11f2) Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gettext: Force UTF-8 runtime and skip requiring ISO-8859-1Khem Raj12 days1-0/+10
| | | | | | | | | | | | | | | | | | | | | On musl, there is no real legacy (non-UTF-8) fr_FR locale. These tests are designed for libcs that ship both fr_FR (ISO-8859-1) and fr_FR.UTF-8. So the right thing will be to SKIP these tests Unsetting LOCALE_FR will ensure that it does not enable ISO-8859-1 path, so reset it in run-ptest but thats not enough because it is being set in the test's own init-env file as well so clear it in that file as well. Fixes Failed ptests: {'gettext': ['intl-2', 'intl-4', 'intl-thread-3', 'lang-sh', 'lang-bash']} (From OE-Core rev: 0fe96efea084f4594df43f57e121cb2353bfafa7) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gettext: Skip test known to fail on muslKhem Raj12 days2-1/+93
| | | | | | | | | | | | * Use posix thread on musl and cache * Force using system posix complaint printf * Add coreutils to ptest dependencies (From OE-Core rev: 16b1fff0dc3f95d2f52106b0133133d175725d52) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* elfutils: Remove run-backtrace-dwarf from musl ptest XFAILs listKhem Raj12 days1-1/+1
| | | | | | | | | | This is passing ok with gcc/libgcc on YP AB (From OE-Core rev: c1bb95055810b272237d5a143f7e01a270e74868) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* license.py: avoid deprecated ast.StrMartin Jansa12 days1-2/+2
| | | | | | | | | | | | | | | | | | | | | | * it's deprecated since python-3.12 and removed in 3.14 causing: openembedded-core/meta/lib/oe/license.py', lineno: 176, function: visit 0172: 0173: LicenseVisitor.__init__(self) 0174: 0175: def visit(self, node): *** 0176: if isinstance(node, ast.Str): 0177: lic = node.s 0178: 0179: if license_ok(self._canonical_license(self._d, lic), 0180: self._dont_want_licenses) == True: Exception: AttributeError: module 'ast' has no attribute 'Str' (From OE-Core rev: 1eb2137324202107baa5cadcfdd682629a9cc269) Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* connman: Upgrade 1.44 -> 1.45Leon Anavi12 days3-92/+1
| | | | | | | | | | | | | | | | | | Upgrade to release 1.45: - Add missing newlines on error messages - timezone: Replace Localtime file copy with symbolic link - Fix CVE-2025-32366 vulnerability - Fix CVE-2025-32743 vulnerability - vpn: Fix extracting of PrefixLength D-Bus value - vpn: Fix mem leak of gid_list in task setup - dchpv6: Set err to 0 when client creation succeeds (From OE-Core rev: c5fd636aa6f310e868ea29a72913ea96edcf57c5) Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: upgrade 9.1.1198 -> 9.1.1652Peter Marko12 days4-16/+17
| | | | | | | | | | | | | | | | | | | | | | | | Handles CVE-2025-53905, CVE-2025-53906, CVE-2025-55157, CVE-2025-55158. Changes between 9.1.1198 -> 9.1.1652 ==================================== https://github.com/vim/vim/compare/v9.1.1198...v9.1.1652 Refresh patches. Add tag to SRC_URI. Disable newly introduced wayland support (in patch version 1485). To this belongs also adding recursion in delete command for dir auto which was newly failing as there is wayland directory inside now. If someone is interested, this can be probably enabled, but without additional work it results in compilation error due to function redefinition conflicts. (From OE-Core rev: e87d427d928234ef0441f9ce1fe8631fbe471094) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* findutils: Use C locale to run ptestsKhem Raj12 days1-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | Ensure consistent locale setting, since we are not using make environemnt to run the tests like upstream does. The test scripts are run explicitly This fixes a problem with musl ptest runs where the locale-driven quoting ends up using C.UTF-8 quotes in gnulib’s quotearg() end up with curly quotes instead of ASCII quote character which is expected and result is reported as failure even though numbers are matching. Fixes: -find: invalid group name or GID argument to -group: '4294967296' +find: invalid group name or GID argument to -group: ‘4294967296’ FAIL: tests/find/user-group-max.sh (From OE-Core rev: 0e60d1169ee0ae0e6651951e9a917a0e24bee157) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* findutils: Drop setting gl_cv_func_wcwidth_works=yesKhem Raj12 days1-2/+0
| | | | | | | | | | The issue seems to be have been fixed for long time since 4.5.3 onwards (From OE-Core rev: 6637e59d6bc03f8eb7cf75bc506307e249809ada) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* babeltrace2: don't install static modulesRoss Burton12 days2-1/+71
| | | | | | | | | | | | | | | | There's no point building or installing static plugins, so apply a patch to only build shared plugins. Poky passes --disable-static via no-static-libs.inc, but anyone building babeltrace2 with nodistro or another distro that doesn't use no-static-libs.inc will fail to build babeltrace2 because of packaging errors around the static version of the python plugin. (From OE-Core rev: cf5ef8a2b6f509c348b9cf800a8534a4e8702103) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nghttp2: rewrite recipe to be an idiomatic library recipeRoss Burton12 days1-11/+2
| | | | | | | | | | | | | | | | | | | | | | This recipe for nghttp2 doesn't build any of the binaries, just the core library, but is structured like a recipe that is primarily an application that happens to ship libraries. Remove the lib${BPN} package and put the library into PN (which will then be debian-renamed). Use the shorthand option to just build the library. Add documentation enabling/disabling options so we don't install the docs if not needed. Currently there are no extra dependencies as the sphinx-generated manpages are pre-built in the tarballs, but this could change. (From OE-Core rev: 0fe1fb05cf6b36d70d43b3bd245a53ac36d389fa) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* psplash: Do not mount PSPLASH_FIFO_DIR if the env variable is emptyFalk Bauer12 days1-3/+5
| | | | | | | | | | | | | | | | | | | | | | | | | The script file psplash.sh tries to mount the PSPLASH_FIFO_DIR variable. If the variable is empty, the mountpoint command returns a usage text (busybox mountpoint here, util-linux mountpoint behaves the same): BusyBox v1.37.0 () multi-call binary. Usage: mountpoint [-q] { [-dn] DIR | -x DEVICE } :~# BusyBox v1.37.0 () multi-call binary The return code with this console output is 0 and the mount command in the if statement is executed. Then this mount also fails with an empty mountpoint argument. The source code of psplash respects an empty PSPLASH_FIFO_DIR variable (see psplash.c) and makes a fallback to "/run". So the psplash.sh script should also respect the empty var. Try to mount the PSPLASH_FIFO_DIR only if the variable is not empty. (From OE-Core rev: 85a5e562c5969c407a222966ccb3170cb41fed2f) Signed-off-by: Falk Bauer <falkbauer.git@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-rpds-py: Upgrade to 0.27.0Khem Raj12 days1-1/+1
| | | | | | | | | | Allow packaging of wheels for riscv64 architecture (From OE-Core rev: 56a32c0b0294d55e75ea54046fb1508f9ff17e4b) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: Pass PLATFORM_TRIPLET explicitly when cross compilingKhem Raj12 days1-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Do not rely on how python detects the platform triplet We have been lucky to get it cross-compiling since our build hosts are also using glibc, so the headers and gcc install locations match and the values it detects are mostly what we will need for glibc based targets, but when we use musl e.g. the problems show up where python3 is not able to automitically discover python modules so any python package having compiled .so modules fail to load. Example is ptest failures with TCLIBC = "musl" and running core-image-ptest-python3-rpds-py This is revamp of patch [1], currently its working for glibc based cross-compiling because we build on linux systems which are also glibc based, but python on musl shows the problem. When python was upgraded to 3.12 [2], this patch was wrongly dropped and sadly regression went unnoticed, without this patch Python's automatic module discovery does not work when it is cross-compiled this is because it tries host tools and compiler installation during configure to detect it. .so modules e.g. modulename.cpython-*.so are not seen as a result. This is seen when running python3-rpds-py ptests where it should load rpds.cpython-313-x86_64-linux-musl.so rpds.so but it does not and the module test fail. root@qemux86-64:/usr/lib/python3-rpds-py/ptest# python3 -c " import sysconfig import importlib.machinery print('Extension suffixes:', importlib.machinery.EXTENSION_SUFFIXES) print('Soabi:', sysconfig.get_config_var('SOABI')) print('Ext suffix:', sysconfig.get_config_var('EXT_SUFFIX')) print('Module suffix:', sysconfig.get_config_var('SO')) " Extension suffixes: ['.cpython-313.so', '.abi3.so', '.so'] Soabi: cpython-313 Ext suffix: .cpython-313.so Module suffix: None And after fix it is. root@qemux86-64:~# python3 -c " import sysconfig import importlib.machinery print('Extension suffixes:', importlib.machinery.EXTENSION_SUFFIXES) print('Soabi:', sysconfig.get_config_var('SOABI')) print('Ext suffix:', sysconfig.get_config_var('EXT_SUFFIX')) print('Module suffix:', sysconfig.get_config_var('SO')) " Extension suffixes: ['.cpython-313-x86_64-linux-musl.so', '.abi3.so', '.so'] Soabi: cpython-313-x86_64-linux-musl Ext suffix: .cpython-313-x86_64-linux-musl.so Module suffix: None [1] https://git.openembedded.org/openembedded-core/commit/?id=407744b00d702e3133304e1b43064a5634ca02cf [2] https://git.openembedded.org/openembedded-core/commit/?id=716d82352545d3667a658b69d65d6127678dd150 (From OE-Core rev: 7bb157e48f5e5272db7506c7eb3118209dc3b35f) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libc-test: Ignore fma math testsKhem Raj12 days2-0/+292
| | | | | | | | (From OE-Core rev: 135a572cdb7c7cf487aa46ef1a5500b81593a30a) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libc-test: Fix strptime and api/main testsKhem Raj12 days3-0/+101
| | | | | | | | (From OE-Core rev: 124921683e9a0a1d981eaeea717c5dd7d35abf90) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libc-test: Upgrade to tip of trunkKhem Raj12 days1-1/+1
| | | | | | | | | | | | | | Brings following changes functional: add mntent test fix malloc-brk-fail math: add fma(x,y,z) test cases for z=0 and x*y rounds to -0 (From OE-Core rev: 393ecfe64065aafdcc6c37d8374c9a3ece748d7a) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* elfutils: Add run-backtrace-{native|data}.sh to known failuresKhem Raj12 days1-1/+1
| | | | | | | | | | | | | | | musl's thread startup/teardown sequences and frame-pointer handling differ from glibc. elfutils can fail to terminate unwinds properly in multithreaded musl apps which leads to truncated or bogus traces and then the test's "must contain main" assertion fails. Skip this test on musl systems (From OE-Core rev: 6f89b8386b70d35cb27bb90348857ddecda5ed3e) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lttng-tools: Fix build with libcxx runtimeKhem Raj12 days2-0/+49
| | | | | | | | (From OE-Core rev: d66afee0a040e4417db774425297ca43497f5386) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lltng-tools: Fix build with lld linkerKhem Raj12 days2-0/+44
| | | | | | | | | | | liblttng-ctl is exposting undefined symbols which are provided by libcommon-gpl.a and is not linked into liblttng-ctl.so (From OE-Core rev: a555a7525beebd4a6103755a6e6df6aa2e4ee7de) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* m4: Fix ptest on muslKhem Raj12 days2-0/+27
| | | | | | | | | | | | | | | Fixes ../../sources/m4-1.4.20/tests/test-c32ispunct.c:261: assertion 'is == 0' failed ./test-c32ispunct.sh: line 36: 402 Aborted (core dumped) LC_ALL="$testlocale" ${CHECKER} ./test-c32ispunct${EXEEXT} 3 FAIL: test-c32ispunct.sh (From OE-Core rev: f39537e8b84d0640fb8a7406ebf2396b532cdb57) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Revert "dpkg: set status for CVE-2025-6297"Peter Marko12 days1-3/+0
| | | | | | | | | | | | | | | This reverts commit 5dce840ba8f409490cca5dce9fe504c9115fb4e5. CVE entry was corrected in NVD DB. It looks like NVD is now getting faster and more reliable with annotations... (From OE-Core rev: 3a5bfe4c4db692f10aab090a73c412eb75ea1bb5) Signed-off-by: Peter Marko <peter.marko@siemens.com> Cc: Ross Burton <ross.burton@arm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto/6.16: update CVE exclusions (6.16.2)Bruce Ashfield12 days1-0/+14804
| | | | | | | | | | | | | | | | | Data pulled from: https://github.com/CVEProject/cvelistV5 1/1 [ Author: cvelistV5 Github Action Email: github_action@example.com Subject: 2 changes (2 new | 0 updated): - 2 new CVEs: CVE-2025-9248, CVE-2025-9249 - 0 updated CVEs: Date: Wed, 20 Aug 2025 21:10:37 +0000 ] (From OE-Core rev: f7779d034bffcfacfb2c01daa6cdfbe2e412396c) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto: introduce 6.16 reference kernelsBruce Ashfield12 days4-0/+160
| | | | | | | | | | | | | | | | | | | | | | | Adding the 6.16 reference kernels as our latest reference for the fall 2025 release. This has been tested against: - x86, x86-64 - ppc - mips, mips64 - arm, arm64 - riscv32, riscv64 The -standard, -rt and -tiny variantes have been validated. For various iamges. All testing done under qemu, hardware references will follow later. (From OE-Core rev: 9b15846663bb4997403f3692c4b6b5a80dd90d52) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* strace: Fix uio test and ignore pwritev|pwrite64 tests on muslKhem Raj2025-08-213-0/+90
| | | | | | | | | | | The pwritev and pwrite64 are wrappers over pwritev2 syscall in musl but strace assumes glibc behavior, ignore them for now (From OE-Core rev: 38f4f3bfbe2f9625737af15422423b00c32ee076) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nghttp2: remove nghttp2-proxyLiu Yiding2025-08-211-4/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | fix issue that: | nothing provides nghttp2-proxy >= 1.66.0 needed by nghttp2-1.66.0-r0.core2_64 from base nghttp2-proxy is supposed to involve files ${bindir}/nghttpx and ${datadir}/${BPN}/fetch-ocsp-response But now nghttp2-proxy will not be created because: 1. ENABLE_APP=OFF in EXTRA_OECMAKE makes ${bindir}/nghttpx not be produced 2. 1.66.0 version has removed fetch-ocsp-response-file according to the Changelog | cat /tmp/work/aarch64-ubinux-linux/nghttp2/1.66.0/sources/nghttp2-1.66.0/ChangeLog | .... | nghttpx: Remove OCSP stapling | | This commit removes OCSP stapling features and the following options | are deprecated and have no effect: | | - fetch-ocsp-response-file | - no-ocsp | - no-verify-ocsp | - ocsp-update-interval (From OE-Core rev: 7008e2d00165991bf218ca2f96fb34244e518456) Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* systemd.bbclass: deduplicate template and instance lines in preset fileKhang D Nguyen2025-08-211-2/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If SYSTEMD_SERVICE contains both template and instance names, the preset file will contain two lines: one describing the template name and one describing the instance names. This is problematic because systemd.preset only use the first matching one [1], leading to the instances not getting enabled. For example, openbmc's obmc-console recipe has the following final SYSTEMD_SERVICE variable: ``` SYSTEMD_SERVICE:obmc-console = " \ obmc-console@.service \ obmc-console-ssh@.service \ obmc-console-ssh@2200.service \ " ``` The resulting preset file will contain lines with the same name: ``` enable obmc-console@.service enable obmc-console-ssh@.service enable obmc-console-ssh@.service 2200 ``` Fix this by interpreting the template name as a special case of empty instances. Tested: preset files are generated correctly: ``` enable obmc-console@.service enable obmc-console-ssh@.service 2200 ``` [1]: https://www.freedesktop.org/software/systemd/man/257/systemd.preset.html#Preset%20File%20Format Fixes: f33d9b1f434e ("systemd.bbclass: generate preset for templates") (From OE-Core rev: 7cdf10840c200a327b6336775698342af7212ee4) Signed-off-by: Khang D Nguyen <khangng@os.amperecomputing.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* fragments/autobuilder: add go to SDK_TOOLCHAIN_LANGSAlexander Kanavin2025-08-212-1/+4
| | | | | | | | | | | | | | | | | | | | | | | For reasons unknown, only rust was listed, which means nativesdk-go was not built or tested, which lead to breakage like one fixed in https://git.yoctoproject.org/poky/commit/?id=a669cd2e0c760da9d7e872daea9590fc9e86d766 Note that with this change only building and installing go into SDKsis tested, but no tests are performed with the toolchain itself in testsdk/testimage. For that, a bug has been filed: https://bugzilla.yoctoproject.org/show_bug.cgi?id=15953 Remove go from x32 and mingw targets as it will not build for them. (next to similar removals for rust) (From OE-Core rev: 7f9e3c2c60a2d73b3728d07519471f0614c03130) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* goarch.bbclass: do not leak TUNE_FEATURES into crosssdk task signaturesAlexander Kanavin2025-08-211-0/+3
| | | | | | | | | | | | | | | The default assignments look like this: TARGET_GO386 = "${@go_map_386(d.getVar('TARGET_ARCH'), d.getVar('TUNE_FEATURES'), d)}" TUNE_FEATURES is a target-specific variable, and so should be used only for target builds. The change is similar to what is already done for native packages. (From OE-Core rev: cfff8e968257c44880caa3605e158764ed5c6a2a) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* init-system-helpers: upgrade 1.68 -> 1.69Osama Abdelkader2025-08-211-2/+2
| | | | | | | | | | | | | | | Changes: Add postinst to hotfix an upgrade bug on certain newly live-installed systems built using Trixie's live-build (Closes: #1111039) Full changelog: https://salsa.debian.org/debian/init-system-helpers/-/blob/debian/1.69/debian/changelog (From OE-Core rev: 99a1a0a8116eabd31bc25252fdea9aee287d158b) Signed-off-by: Osama Abdelkader <osama.abdelkader@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* spdx30_tasks: Change package license to declaredJoshua Watt2025-08-211-1/+1
| | | | | | | | | | | | | | Per discussion with SPDX licensing group, the package license statements classify as declared licenses, not concluded licenses. Note that this is the same as a change made to the recipe licenses, just for packages. (From OE-Core rev: 61ba0ef1400a2fa3729473e496e8459cbbba73ad) Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glib-2.0: patch CVE-2025-6052Peter Marko2025-08-213-1/+135
| | | | | | | | | | | | Backport commits from [1] which references this CVE. [1] https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4681 (From OE-Core rev: 4b1166dd58cfd672ae326d0a1b1f6167be4877c5) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glib-2.0: update 2.84.2 -> 2.84.4Peter Marko2025-08-215-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Overview of changes in GLib 2.84.4, 2025-08-08 ============================================== * Bugs fixed: - #3716 (CVE-2025-7039) (#YWH-PGM9867-104) Buffer Under-read on GLib through glib/gfileutils.c via get_tmp_file() (Michael Catanzaro) - #3721 GFile leak in g_local_file_set_display_name during error handling (Philip Withnall, Michael Catanzaro) - !4668 Backport !4667 “Incorrect output parameter handling in closure helper of g_settings_bind_with_mapping_closures” to glib-2-84 - !4675 Backport !4674 “gfileutils: fix computation of temporary file name” to glib-2-84 - !4679 Backport !4677 and !4678 “Fix GFile leak in g_local_file_set_display_name()” to glib-2-84 - !4697 Backport !4696 “gthreadpool: Catch pool_spawner creation failure” to glib-2-84 - !4705 Backport !4702 “gio/filenamecompleter: Fix leaks” to glib-2-84 - !4711 Backport !4708 “gfilenamecompleter: Fix g_object_unref() of undefined value” to glib-2-84 Overview of changes in GLib 2.84.3, 2025-06-13 ============================================== * Bugs fixed: - !4656 Backport !4655 “gstring: Fix overflow check when expanding the string” to glib-2-84 !4656 solves first half of CVE-2025-6052 (From OE-Core rev: 1b78742a8685b43df82b74baf4518b3437472d93) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* squashfs-tools: upgrade 4.7 -> 4.7.2Osama Abdelkader2025-08-213-77/+2
| | | | | | | | | | | | | | | Changes: Fix build with non-static include print_pager: make inline quoted_bs_char() static Release notes: https://github.com/plougher/squashfs-tools/releases/tag/4.7.2 (From OE-Core rev: ccba60186ba9b71bce8f5158b423d09d9d1bb851) Signed-off-by: Osama Abdelkader <osama.abdelkader@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* initramfs-framework: mount /run and move to rootfs before switch_rootRicardo Salveti2025-08-212-2/+5
| | | | | | | | | | | | | | | | | | Mount /run as tmpfs during early init and include it in the set of mounts moved to $ROOTFS_DIR prior to exec switch_root. Having /run available early lets initramfs modules stamp state that can later influence systemd service jobs, since systemd will reuse the mount point instead of creating a new one during boot. This is particularly useful with ostree, as it uses /run/ostree-booted as way to describe that the rootfs comes from an ostree deployment. (From OE-Core rev: 3a4bd7ddefbf5b412a2b4031d491f5a50f1908cd) Signed-off-by: Ricardo Salveti <ricardo@foundries.io> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gst-examples: upgrade 1.26.3 -> 1.26.5Liu Yiding2025-08-211-1/+1
| | | | | | | | | | | Refer to release note, no changes this time https://gstreamer.freedesktop.org/releases/1.26/#1.26.5 (From OE-Core rev: 72c3e493ab1899f39b89de9c41f5af2b0178f61b) Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gstreamer1.0-plugins-ugly: upgrade 1.26.3 -> 1.26.5Liu Yiding2025-08-211-1/+1
| | | | | | | | | | | Refer to release note, no changes this time https://gstreamer.freedesktop.org/releases/1.26/#1.26.5 (From OE-Core rev: b67f93b12533a449e6cc43e4a19ee35b64299967) Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-09-07 03:54:51 +0000