summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* libx11: upgrade to 1.8.7Ross Burton2023-10-251-1/+1
| | | | | | | | | | | | | | | This incorporates fixes for the following CVEs: - CVE-2023-43785 - CVE-2023-43786 - CVE-2023-43787 (From OE-Core rev: 79f9c062df37ca15649d41bb6501e6fab2d73114) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit a1534bb34b680bfc5cb2f35b5fd5a0c2afed6368) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-urllib3: 1.26.15 -> 1.26.17Lee Chee Yang2023-10-251-1/+1
| | | | | | | | | | | | | | | | | 1.26.17 (2023-10-02) Added the Cookie header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect. (CVE-2023-43804) 1.26.16 (2023-05-23) Fixed thread-safety issue where accessing a PoolManager with many distinct origins would cause connection pools to be closed while requests are in progress (#2954) (From OE-Core rev: 7466db00ca2f884cf58504c3910b858a87f33128) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* cve-check: add CVSS vector string to CVE database and reportsAntoine Lubineau2023-10-252-4/+12
| | | | | | | | | | | | This allows building detailed vulnerability analysis tools without relying on external resources. (From OE-Core rev: 587ae7bc85fc471d927308d866821d463799023d) Signed-off-by: Antoine Lubineau <antoine.lubineau@easymile.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> (cherry picked from commit 048ff0ad927f4d37cc5547ebeba9e0c221687ea6) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* qemu: ignore RHEL specific CVE-2023-2680Lee Chee Yang2023-10-251-0/+4
| | | | | | | (From OE-Core rev: 7300254fdb6659c0a7462c64133f893d1a152850) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* dmidecode: fixup for CVE-2023-30630Sean Nyekjaer2023-10-256-103/+539
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The previous CVE-2023-30630_1.patch picked only the patch "dmidecode: Write the whole dump file at once" d8cfbc808f. But there was a refactoring which does not allow to cherry-pick it fast forward. Resolving this conflict was not correctly done. The patch was: + u32 len; + u8 *table; ... - if (!(opt.flags & FLAG_QUIET)) - pr_comment("Writing %d bytes to %s.", crafted[0x05], - opt.dumpfile); - write_dump(0, crafted[0x05], crafted, opt.dumpfile, 1); + dmi_table_dump(crafted, crafted[0x05], table, len); It looks like the variables len and table have been added without initialization. Now this problem is solved by applying the previous refactoring as well. Patch 1 gets replaced by Patch 1a and Patch 1b. Patch 2..4 are rebased without changes. This is basically the same patch as in kirkstone: ea069a94a2 dmidecode: fixup for CVE-2023-30630 (From OE-Core rev: 0bc69dc078c39381a39789d3c5fff673d7da994c) Signed-off-by: Sean Nyekjaer <sean@geanix.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* cups: fix CVE-2023-4504Lee Chee Yang2023-10-252-0/+43
| | | | | | | (From OE-Core rev: a1138dfc1e9394966dcca8f6259767a8ce5ca4cb) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* SECURITY.md: Add fileRichard Purdie2023-10-241-0/+24
| | | | | | | | | Add a SECURITY.md file with hints for security researchers and other parties who might report potential security vulnerabilities. (From meta-yocto rev: c8f27eaa00fdd1a2594aaa70695373f608ff30bb) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: SECURITY.md: add fileMarta Rybczynska2023-10-241-0/+24
| | | | | | | | | | Add a SECURITY.md file with hints for security researchers and other parties who might report potential security vulnerabilities. (Bitbake rev: 973aa73b9f1f542f4a636cf8eca733b4df5a778f) Signed-off-by: Marta Rybczynska <marta.rybczynska@syslinbit.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gdb: fix RDEPENDS for PACKAGECONFIG[tui]Stefan Tauner2023-10-181-2/+1
| | | | | | | | | | | | | | | | | TUI mode needs terminfo at runtime, which is required to be explicitly stated in the respective PACKAGECONFIG variable. Without this change /etc/terminfo/ might be missing, which leads to a runtime error when trying to use tui, e.g.: (gdb) tui enable Cannot enable the TUI: error opening terminal [TERM=xterm-256color] (From OE-Core rev: 266944eb216912b7b2a935360aa51cd79847a071) Signed-off-by: Stefan Tauner <stefan.tauner@artech.at> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 5f17bc03a0c2d894e43c3c835fa38a24b1d5df64) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* oeqa/selftest/wic: Improve assertTrue callsRichard Purdie2023-10-181-18/+18
| | | | | | | | | | | | | | | | assertTrue is a problematic call use in test cases since when it fails, you just get an unhelpful "False is not True" message. Replace some uses with assertIn/assertNotIn which will give more helpful results and for the rest, add msg entries which given more helpful debugging. For example, this patch would help debugging of #15176. (From OE-Core rev: 52a2455ba7d91d404fc2c4568c805cf1fbe2b2ad) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 35d4c39e0df1a304f557471151a03d1e4b0f30c7) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* libsoup-2.4: Only specify --cross-file when building for targetPeter Kjellerstedt2023-10-181-1/+1
| | | | | | | | | | | | | The soup.cross file is only created when building for target so only tell meson to read it when it exists. This allows libsoup-2.4-native to be built again. (From OE-Core rev: d52003dd13cb17e32ccfa717f8462c8301334dd1) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 4acbd2269931b500846d56885c3304d244e514f8) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* openssl: ensure all ptest fails are caughtAlexander Kanavin2023-10-181-1/+1
| | | | | | | | | | | Piping results through sed may mask failures that sed isn't catching. (From OE-Core rev: 687989f2ee2204643157e04a976d3310018a3bb3) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 2b1b0e9e4d5011e7c2fd1b59fc277a7cfdc41194) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* openssl: parallelize testsAlexander Kanavin2023-10-181-1/+1
| | | | | | | | | | | This brings them from 15 minutes to just over 4. (From OE-Core rev: 3cd99ff32da3bb85d7ee278fec69504a12c1f715) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 9eeee78aa94aaa441da012aeb904a0f1cbcd4d91) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* strace: parallelize ptestAlexander Kanavin2023-10-181-1/+1
| | | | | | | | | | | | strace is one of the slowest tests otherwise (can take 40 minutes or more), and this brings it to under 10 minutes \0/ (From OE-Core rev: 30b6692ef4a12958419c94b96e3fc5a50e8a7ad6) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 0c632b418a785494318d9f375a07d879772e8ced) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* ptest: report tests that were killed on timeoutAlexander Kanavin2023-10-181-1/+1
| | | | | | | | | | | | I'm not sure if this was reported correctly before, but it currently is not. Test that is stuck is an error in itself. (From OE-Core rev: f2989e8f87b8793b03fe13254f8214e495008527) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 002e27c9932a83e46be0b03a5232594cfba7212c) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* igt-gpu-tools: do not write shortened git commit hash into binariesAlexander Kanavin2023-10-181-1/+1
| | | | | | | | | | | | | | | Shortened hashes are prone to collisions, and in this case git lengthens the hash to resolve the collision. This in turn breaks reproducibility, depending on whether the colliding hash is present in the history or not. This has been observed here: http://autobuilder.yocto.io/pub/repro-fail/oe-reproducible-20230917-br60if6q/packages/diff-html/ (From OE-Core rev: e0cdfefe3054a2278f7db5d382045304b710118b) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit a74e1eff93d4de5724481e3298308a6d925a4512) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* oeqa/selftest/context.py: check git command return valuesMikko Rapeli2023-10-181-1/+1
| | | | | | | | | | | | Don't ignore return values from the git command lines. If something goes wrong, fail the test right away. (From OE-Core rev: 776053f4af19e9c2de7ce725e6ec94312028fa7f) Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit dfc178a70d6fa60e89d4716f05d68e2c72c6ecd3) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* oeqa dnf_runtime.py: fix HTTP server IP address and portMikko Rapeli2023-10-181-1/+2
| | | | | | | | | | | | | Use correct HTTPService parameters like apt.py when setting up the repo server. These work with qemu tun and slirp networking. Fixes test failure with slirp networking when executing testimage.bbclass selftests "oe-selftest -r runtime_test.TestImage". (From OE-Core rev: 68f0100b779bac1788818320f8aa64d79e3db3c2) Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> (cherry picked from commit 764424df2f4b6bf0e89fb20b4253a7601468f70d) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* libc-test: Run as non-root userKhem Raj2023-10-183-27/+35
| | | | | | | | | | | | | | | | | Some of tests impose rlimit on it before running which wont be imposed when running as root user. Fixes src/regression/pthread_atfork-errno-clobber.c:23: (pid = fork()) == -1 failed: fork succeeded despite rlimit src/regression/pthread_atfork-errno-clobber.c:23: (pid = fork()) == -1 failed: fork succeeded despite rlimit FAIL src/regression/pthread_atfork-errno-clobber-static.exe [status 1] (From OE-Core rev: 16075f19b49cb23ead2dec6746d2be6773ae4ae7) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> (cherry picked from commit 585bf4b780a8ad60ba2b33cede4f0092ff61ddfc) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* weston-init: fix init code indentationOtavio Salvador2023-10-181-1/+1
| | | | | | | | | | Tested-by: Tom Hochstein <tom.hochstein@nxp.com> (From OE-Core rev: feb3af7fe3f1a062946de71a76c11388f9e50c90) Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit c08d474c97ce071ba376b66f30d6ee0a6159d596) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* weston-init: remove misleading comment about udev ruleOtavio Salvador2023-10-181-1/+1
| | | | | | | | | | | | | | The udev rule has been removed but the comment has kept, by mistake. Remove it. Fixes: dd83fb40f7 ("weston-init: Stop running weston as root") Tested-by: Tom Hochstein <tom.hochstein@nxp.com> (From OE-Core rev: 35367d029fedc78724396d94abd899e4bd8bef0c) Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 8aa3d43fa1c53cdce45ec88a49f27b076d3812ac) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* build-sysroots: target or native sysroot population need to be selected ↵Alexander Kanavin2023-10-184-6/+16
| | | | | | | | | | | | | | | | | | explicitly Running them in parallel is prone to races as postinsts from target sysroots rely on executables from native sysroots which may or may not be fully prepared yet. This was observed for example here: https://autobuilder.yoctoproject.org/typhoon/#/builders/146/builds/468/steps/12/logs/stdio https://autobuilder.yoctoproject.org/typhoon/#/builders/147/builds/467/steps/12/logs/stdio (From OE-Core rev: 93e864a23e3f82edc2b2fa2207b2bc4b56c230a9) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> (cherry picked from commit 38d7a2e45b883cf999a86af05bcc0eaa875bb47c) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* runqemu: check permissions of available render nodes as well as their presenceAlexander Kanavin2023-10-181-2/+12
| | | | | | | | | | | | | | | | | | | | | | qemu itself is not helpful when render nodes exist, but can't be opened: qemu-system-x86_64: egl: render node init failed To fix this, users likely need to * modprobe vgem (presence when physical graphic card is absent or has a driver without support for render nodes, such as many older cards found in server machines) * add their user to "render" group to write to /dev/dri/renderD* (permissions) With this change runqemu should print hints for the above as appropriate from probing the nodes. (From OE-Core rev: 12ae43abbc4e7d6184198a912487ace3a4e66e50) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> (cherry picked from commit acd85925cb197b7a31a25b60e8de762e2c3697ef) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* avahi: handle invalid service types gracefullyRoss Burton2023-10-182-0/+30
| | | | | | | | | | | | Services which broadcast an invalid service type will cause the browse to fail. Instead of failing, replace the service type and continue. (From OE-Core rev: 273aed0462728508506a4c65d367d583a86a54c3) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit e581da6c4db21312833395e96b48e868a202f0f9) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* nativesdk-intercept: Fix bad intercept chgrp/chown logicEilís 'pidge' Ní Fhlannagáin2023-10-182-2/+8
| | | | | | | | | | | | | | | | | | | | | | | | | Running either of these ends up corrupting the os.execv args. If we run: ./scripts/nativesdk-intercept/chown -R foo:foo bar The loop here ends up missing the conversion of foo:foo to root:root because it sees sys.argv[0] and assumes that it's the user:group argument and that we should convert that. We end up a os.execv(path, args) that have the following args: ['root:root', '-R', 'foo:foo', 'bar'] As os.execv ignores args[0], we can just populate it with sys.argv[0] and then loop through sys.argv[1:]. As both chgrp and chown would have either flags and USER[:GROUP] next, this fixes the issue. (From OE-Core rev: e27982afaed33e5823962f7fefe6f709c10e9107) Signed-off-by: Eilís 'pidge' Ní Fhlannagáin <pidge@baylibre.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 2a75f647ec7696d353f4b09099d777ba53f34d36) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* vim: Upgrade 9.0.1894 -> 9.0.2009Siddharth Doshi2023-10-181-2/+2
| | | | | | | | | This includes CVE fix for CVE-2023-5441. (From OE-Core rev: 7166f503211c39542d828aa3fef5006dccf2c07a) Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* screen: update 4.9.0 -> 4.9.1Alexander Kanavin2023-10-183-194/+1
| | | | | | | | | | | | | | | | | | | | * Support stop/parity bits on serial port * Add needed system headers in checks and return values for implicit function declarations * Fixes: - Avoid zombies after shell exit - Missed signal sending permission check on failed query messages (CVE-2023-24626) - manpage fixes - source code fixes during cleanup - UTF-8 encoding can emit invalid UTF-8 sequences for out of range unicode values Remove patches; they are merged upstream or backported. (From OE-Core rev: 224f1929b92b38993e5f50100ce6306f63ee8ade) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 2566f8e51d56848d8b28f37462160e90253b79fc) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* gzip: update 1.12 -> 1.13Alexander Kanavin2023-10-182-3/+3
| | | | | | | | | | | | | | | Stable release update Drop autoconf-2.73.patch as issue resolved upstream. License-update: http -> https (From OE-Core rev: 8ca6589c1cb37cd0ba446cfd58e5f7f90832b93c) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 1ddf9e053b17913718c780ad4c877d5ddb6ff536) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* wireless-regdb: upgrade 2023.05.03 -> 2023.09.01Wang Mingyu2023-10-181-1/+1
| | | | | | | | | | | | | | | | | Changelog: ========== wireless-regdb: update regulatory database based on preceding changes wireless-regdb: Update regulatory rules for Australia (AU) for June 2023 wireless-regdb: Update regulatory info for Türkiye (TR) wireless-regdb: Update regulatory rules for Egypt (EG) from March 2022 guidel... wireless-regdb: Update regulatory rules for Philippines (PH) (From OE-Core rev: c1ae47b562460e82d94a94a2009c4cb50aa1daa9) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 2f5edb6904bf16a9c52a9b124aeb5297487cd716) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* dbus: upgrade 1.14.8 -> 1.14.10Wang Mingyu2023-10-181-1/+1
| | | | | | | | | | | | | | | | | | | Changelog: =========== • Avoid a dbus-daemon crash if re-creating a connection's policy fails. • If getting the groups from a user ID fails, report the error correctly, instead of logging "(null)" • Return the primary group ID in GetConnectionCredentials()' UnixGroupIDs field for processes with a valid-but-empty supplementary group list (From OE-Core rev: 67ddf87d3286007a68071685d28a8f9e1ce7f3fa) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit aeabd6dd4e65e5cc31f4c2acc5cc46ea03737bed) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* curl: fix CVE-2023-38546Archana Polampalli2023-10-182-0/+138
| | | | | | | | | | A flaw was found in the Curl package. This flaw allows an attacker to insert cookies into a running program using libcurl if the specific series of conditions are met. (From OE-Core rev: a6c5931192a1315cfc5f708585d22bc7bed9f7fd) Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* curl: fix CVE-2023-38545Archana Polampalli2023-10-182-0/+134
| | | | | | | | | This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. (From OE-Core rev: 9b0867861a9c053f19bdb99bd6cba44ee5cb64e1) Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* ghostscript: fix CVE-2023-43115Joe Slater2023-10-182-0/+63
| | | | | | | | | | The patch is copied from kirkstone. master has advanced to ghostscript 10.02.0 which includes the fix. (From OE-Core rev: 80a9b54ca94a9fe5818daa1cd03ae8035043e1e8) Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* tiff: fix CVE-2023-41175Yogita Urade2023-10-182-0/+64
| | | | | | | | | | | | | | | | libtiff: potential integer overflow in raw2tiff.c References: https://bugzilla.redhat.com/show_bug.cgi?id=2235264 https://security-tracker.debian.org/tracker/CVE-2023-41175 https://gitlab.com/libtiff/libtiff/-/issues/592 (From OE-Core rev: b2518923dff885778c550f0faa22e99bf76b6288) Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 4ee806cbc12fbc830b09ba6222e96b1e5f24539f) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* tiff: fix CVE-2023-40745Yogita Urade2023-10-182-1/+38
| | | | | | | | | | | | | | | | libtiff: integer overflow in tiffcp.c References: https://security-tracker.debian.org/tracker/CVE-2023-40745 https://gitlab.com/libtiff/libtiff/-/issues/591 https://bugzilla.redhat.com/show_bug.cgi?id=2235265 (From OE-Core rev: 3340e024ae8676081488f23a0678c28c23ab0b42) Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit c3d4fbeb51278a04a6800c894c681733ad2259ca) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* migration-guides: add release notes for 4.0.13Lee Chee Yang2023-10-132-0/+272
| | | | | | | | (From yocto-docs rev: bb5c0f8e8956938ca05907feabbf7b0ef2ea6dbe) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* overview: Add note about non-reproducibility side effectsJoshua Watt2023-10-131-0/+9
| | | | | | | | | | | Adds an additional note about some of the side effects that can occur if recipes are not reproducible and hash equivalence is enabled. (From yocto-docs rev: 968ac9807466df775f18fca050070170d3ed8585) Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* dev-manual: fix testimage usage instructionsTrevor Gamblin2023-10-132-3/+3
| | | | | | | | | | | | | | | | The proper way to inherit the testimage class is now IMAGE_CLASSES += "testimage" so change lines with 'INHERIT += "testimage"' to match. This makes the dev-manual consistent with the migration guide, which already specifies that the old way causes an error. (From yocto-docs rev: 4d660551a6547ffe216e53402759baef424c4da2) Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* ref-manual: releases.svg: Scarthgap is now version 5.0Michael Opdenacker2023-10-131-1/+1
| | | | | | | | | According to https://wiki.yoctoproject.org/wiki/Releases (From yocto-docs rev: 1d80812f27e21956124a5adcc81ac638e753cf37) Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* libgudev: explicitly disable tests and vapiRoss Burton2023-10-131-0/+2
| | | | | | | | | | | | | Explicitly disable the tests and vapi support instead of relying on defaults and missing dependencies. (From OE-Core rev: c451a9cb6adbc9480dacd81e935a0b9369f22e07) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 575e2e29e00bb4492e7ee7f10b753e3f17982caa) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* busybox: remove coreutils dependency in busybox-ptestRoss Burton2023-10-133-1/+37
| | | | | | | | | | | | | | | | | | | A dependency on coreutils was added to busybox-ptest in oe-core 658c5ed to fix a test failure. The failure is because one of the start-stop-daemon tests is known to fail if /bin/false is busybox. Instead of failing, we can check if /bin/false is a symlink to busybox and skip the test if so. [ YOCTO #15068 ] (From OE-Core rev: 12fc32351ff6e42d0b5f9ce679793a8875d3447a) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 37482e404cf4dcf9360c29986ced8db78baf249b) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* oeqa selftest context.py: remove warning from missing meta-selftestMikko Rapeli2023-10-131-1/+1
| | | | | | | | | | | | It's not a warning but a handled case and layer gets added automatically. Very few build configs have this layer enabled by default. (From OE-Core rev: 70d2ceea48ef6ec04675e4e6a9c48ebc5bb78f52) Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> (cherry picked from commit 9a2493ea83f0b30578a819de05108502aaadc7f5) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* oeqa selftest context.py: whitespace fixMikko Rapeli2023-10-131-2/+2
| | | | | | | | (From OE-Core rev: fa4204c34efeda543a108c942cd50a6d6322600e) Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> (cherry picked from commit 8aed3ca405cb3cc5d346eb8da8b3307d93f75d5b) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* libxkbcommon: add CVE_PRODUCTEmil Kronborg Andersen2023-10-131-0/+2
| | | | | | | | (From OE-Core rev: 7d395b97e864bb081866eb029168aee7335ed98e) Signed-off-by: Emil Kronborg Andersen <emkan@prevas.dk> (cherry picked from commit a23a4a3f156f5758dc4d9dcf1ab27c74302eb2a8) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* dbus: add additional entries to CVE_PRODUCTEmil Kronborg Andersen2023-10-131-1/+1
| | | | | | | | (From OE-Core rev: 0329ca7bb29cdd77cca93c4354e8e0e5de5e37d8) Signed-off-by: Emil Kronborg Andersen <emkan@prevas.dk> (cherry picked from commit d50b395ceff3f30c30a10dba94fb340a547e434f) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* wayland-utils: add libdrm PACKAGECONFIGRoss Burton2023-10-131-0/+3
| | | | | | | | | | | | wayland-utils has optional libdrm support, so add a PACKAGECONFIG and enable it. (From OE-Core rev: 0ba10930f73e4b0c2896afd326229fc6ae460f51) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit c6c488c259d1f38a05a71e576ca2f32d412413f1) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* libsoup-2.4: update PACKAGECONFIGRoss Burton2023-10-131-3/+15
| | | | | | | | | | | | | | Add explicit PACKAGECONFIGs for brotli,ntlm, and sysprof. libsoup needs to be told where ntlm_auth will be on the target, so write a cross file to do so. (From OE-Core rev: c78a34caf466524356572b8cdd2ada615081bfc2) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 54b6ea078daeb58a3bb20bb4275d1140640a77d2) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* pango: explictly enable/disable libthaiRoss Burton2023-10-131-1/+1
| | | | | | | | | | | Pango has had an explicit option since 1.46.2 (From OE-Core rev: dc939fbc70c124a515b882b3425d7810be0c6748) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 42755f135d2d015e564d783996fbb3ef860f2bf7) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* glib-2.0: libelf has a configure option now, specify itRoss Burton2023-10-131-2/+1
| | | | | | | | | | | GLib has had an option to control libelf since 2.67.0, so use it. (From OE-Core rev: c5bece42d8e10554a6061872ca0f8f70d7102a79) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit d2f028c53a2390c28685b373841c9a600e91819a) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* openssl: build and install manpages only if they are enabledAlexander Kanavin2023-10-131-2/+3
| | | | | | | | | | | This significantly speeds up the build by default. (From OE-Core rev: d6f638c6ab891a4fd9db49eeb6f9b5f2b0c3bbeb) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 2b5ee583c62dbe381cd429da14ecbba5ea32d506) Signed-off-by: Steve Sakoman <steve@sakoman.com>