| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
| |
libnsl2 and libtirpc were build dependencies for the nis module.
The nis module was deprecated in Python 3.11 and removed in Python 3.13
(From OE-Core rev: cbc7b1ed7747ef69d8bcbaee27c90560ded713d6)
Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
| |
Adds patch to backport fix for CVE-2025-5914.
(From OE-Core rev: ba5c5ca00d31d6440a1d810f7ef19720019845e8)
Signed-off-by: Colin Pinnell McAllister <colin.mcallister@garmin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
setuptools is a package that allows users to download, build, install,
upgrade, and uninstall Python packages. A path traversal vulnerability
in `PackageIndex` is present in setuptools prior to version 78.1.1. An
attacker would be allowed to write files to arbitrary locations on the
filesystem with the permissions of the process running the Python code,
which could escalate to remote code execution depending on the context.
Version 78.1.1 fixes the issue.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-47273
Upstream-patch:
https://github.com/pypa/setuptools/commit/d8390feaa99091d1ba9626bec0e4ba7072fc507a
https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b
(From OE-Core rev: cfb2d77f841ae21cae0ba7d6263dc3e1e0280400)
Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
urllib3 is a user-friendly HTTP client library for Python. Prior
to 2.5.0, urllib3 does not control redirects in browsers and
Node.js. urllib3 supports being used in a Pyodide runtime utilizing
the JavaScript Fetch API or falling back on XMLHttpRequest. This
means Python libraries can be used to make HTTP requests from a
browser or Node.js. Additionally, urllib3 provides a mechanism to
control redirects, but the retries and redirect parameters are
ignored with Pyodide; the runtime itself determines redirect
behavior. This issue has been patched in version 2.5.0.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-50182
Upstream patch:
https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f
(From OE-Core rev: 082b865d9814e7e7aca4466551a035199aa8b563)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
urllib3 is a user-friendly HTTP client library for Python. Prior to
2.5.0, it is possible to disable redirects for all requests by
instantiating a PoolManager and specifying retries in a way that
disable redirects. By default, requests and botocore users are not
affected. An application attempting to mitigate SSRF or open redirect
vulnerabilities by disabling redirects at the PoolManager level will
remain vulnerable. This issue has been patched in version 2.5.0.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-50181
Upstream patch:
https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857
(From OE-Core rev: 819273b5b8b9279c01035cb72377fd8cbb51a198)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ctest automatically optimizes the order of (parallel) test execution based on
historic test case runtime via the COST property (see [0]), which can have a
significant impact on overall test run times. Sadly this feature is broken in
CMake < 4.0.0 for test cases that have spaces in their name (see [1]).
This commit backports the upstream fix. As repeated test runs are expected to
mainly take place inside the SDK, the patch is only applied to 'nativesdk'
builds.
[0]: https://cmake.org/cmake/help/latest/prop_test/COST.html
[1]: https://gitlab.kitware.com/cmake/cmake/-/issues/26594
Reported-By: John Drouhard <john@drouhard.dev>
(From OE-Core rev: ead0d06d6335fb74c1ae0dc7bdcf414c66b3e4ab)
Signed-off-by: Moritz Haase <Moritz.Haase@bmw.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit dcbaf42dd74cc0bda7254856589613718ed3f057)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: 01842999c13f5ba5a020e7b5029a3bd059c18f4c)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Overview of changes in bind 9.20.9
==================================
Security Fixes:
1. Prevent an assertion failure when processing TSIG algorithm.
2. DNS messages that included a Transaction Signature (TSIG) containing
an invalid value in the algorithm field caused named to crash with an
assertion failure. This has been fixed. (CVE-2025-40775) [GL #5300]
For additional feature changes and bug fixes, please see:
https://downloads.isc.org/isc/bind9/9.20.9/doc/arm/html/notes.html#notes-for-bind-9-20-9
(From OE-Core rev: c9d59ba50a102ace907779612e74646dec133271)
(From OE-Core rev: 8131a878c2d3c5e8b48a1b33a70f8eae90d3e5ca)
Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 670cb507b9125c152aa08702520f2d220c207c71)
(From OE-Core rev: 6d89ccb56d8fbc844973166b0534630bfa5204ed)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 47128597fbc62164d614aae816edb47a745a5702)
(From OE-Core rev: c955f66ed134bbb8a7cb5d2120ceb591280733e9)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
$ git log --oneline 5b4c4617016d28569106549dff6f9fec73eed5ce..0c76c951620f9e12df2a89b2c684878b55bb6795
0c76c95162 ppc64le: Revert "powerpc: Optimized strcmp for power10" (CVE-2025-5702)
b48d7ab036 ppc64le: Revert "powerpc : Add optimized memchr for POWER10" (Bug 33059)
55cdcadf73 ppc64le: Revert "powerpc: Fix performance issues of strcmp power10" (CVE-2025-5702)
84bdbf8a6f ppc64le: Revert "powerpc: Optimized strncmp for power10" (CVE-2025-5745)
d952c6efaa sparc: Fix argument passing to __libc_start_main (BZ 32981)
515d4166f4 elf: Fix subprocess status handling for tst-dlopen-sgid (bug 32987)
899dd3ab2f x86_64: Fix typo in ifunc-impl-list.c.
624285af3b elf: Test case for bug 32976 (CVE-2025-4802)
2ca34d7627 support: Use const char * argument in support_capture_subprogram_self_sgid
dab44a3b2b elf: Keep using minimal malloc after early DTV resize (bug 32412)
5cf17ebc65 hurd: Fix tst-stack2 test build on Hurd
test results:
Before After Diff
FAIL 140 142 +2
PASS 5846 5846 0
UNSUPPORTED 243 243 0
XFAIL 16 16 0
XPASS 4 4 0
failed test changes:
-elf/tst-audit21
+elf/tst-audit-tlsdesc-dlopen2
+elf/tst-dlopen-sgid
-malloc/tst-free-errno-malloc-hugetlb1
+malloc/tst-free-errno
+malloc/tst-malloc-tcache-leak
-nptl/tst-mutex10
+nptl/tst-mutexpi8-static
(From OE-Core rev: a55f79b46b3a3f9228d2ed69f82bec2e4f2e6880)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NVD ([1]) tracks this as:
cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*
Running on/with
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Yocto cve-check ignores the "Running on/with", so it needs to be ignored
explicitly.
[1] https://nvd.nist.gov/vuln/detail/CVE-2024-3566
(From OE-Core rev: c43a9f7ca85f1c25a72f7b1efa494e30d6cf4906)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
(From yocto-docs rev: 0627cfafb9c191763855f5d31c09e88dc5495a87)
Signed-off-by: "Robert P. J. Day" <rpjday@crashcourse.ca>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 5fc7794e9ae326eead16552726d74ea801fe535b)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
To accompany earlier updating of kernel version, update this lonely
reference to be consistent.
(From yocto-docs rev: 87c97308cac2a1e94ad1f006c1226a9072200a5f)
Signed-off-by: "Robert P. J. Day" <rpjday@crashcourse.ca>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit e26c2018cd663de91ee08e0cba55eda1a4c30210)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change the sample kernel version being used from 4.4 to a more modern
6.12.
(From yocto-docs rev: 1aaf4044ca3610740a38cd6a53dd11f2071f573b)
Signed-off-by: "Robert P. J. Day" <rpjday@crashcourse.ca>
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 1bad12b6ccfe1c0d26918926176a0c743568de26)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In Sections 4.3.1 and 4.3.2 of the Overview Manual, a bit of tidying
including:
- provide full list of packaging options
- add monospaced rendering where appropriate
- fix broken "ref"
- make capitalization consistent
(From yocto-docs rev: 4b79feb4dfdce35efff05f4316f56445d18e5247)
Signed-off-by: "Robert P. J. Day" <rpjday@crashcourse.ca>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 1cf769e3c8a8442cd05449dc97e91ad482d635f3)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The nativesdk- prefix to the recipe filename should only be used when
using the inherit method as the BBCLASSEXTEND method will do some magic
when generating the "implicit" name of the recipe.
This matches the instructions for the native class.
(From yocto-docs rev: 4852b8be918be0d0e73d82fff458822100e2f49b)
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 15fe239e1e62b9add737aa732dd7f5e9948ee03d)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
exclusive
We explain how to create a native (nativesdk) recipe in two different
ways via a bullet list but reading quickly the instructions may mislead
one into doing both options whereas they are incompatible.
This rewords both the nativesdk and native sections so that the second
bullet point starts with an Or and explicit that this applies to target
recipes.
(From yocto-docs rev: 69ce7f06d3a736c3d8c7a1fffbdee16d14e2dcdf)
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 6d0d338a5f2686ddeee5eed7b6e05f3db800d33a)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
(From yocto-docs rev: 1a28231a78be428bc7adfd6d233b6ebb0cb1d4d4)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 5bc4c98987ff809294541657b20d2e44f70e1d2c)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Remove aarch64 for ARM Cortex-R52 processor as it supports only 32-bit
ISA but not 64-bit ISA. Also update ARMPKGARCH for cortexr52hf.
(From OE-Core rev: fd79c20430ad5c540522ddbe72ef235379c628bd)
Signed-off-by: Sandeep Gundlupet Raju <sandeep.gundlupet-raju@amd.com>
Signed-off-by: Sandeep Gundlupet Raju <grsandeep85@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
/etc/os-release is a symlink to /usr/lib.
Symlink is retrieved as a dead link which points to nowhere if also the
original file is not accompanying it.
Fetch the real file in addition to this link.
Alternative could be to use "tar -h" (supported also by busybox tar),
however that could lose some important information if links are relevant
for failure analysis.
(From OE-Core rev: ed43f9ccb3c08845259e24440912631afd780d12)
(From OE-Core rev: 93efeca19f53132fce84d914b7ebf21070370127)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Backport a commit from util-linux upstream to fix the following error.
agetty: segfault at 0 ip 00007fc65600295c sp 00007fffa8dd67e8 error 4 in libc.so.6
(From OE-Core rev: e9cfc549091b77d08817eb7235076c7a0c20e4fa)
Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Handles CVE-2025-4598
Rebase patches
(From OE-Core rev: 11d583e4ffb8726c66da8f764d985a37a14b2699)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 05618ac2c6f69e0f41fb95e517382bf1177f0735)
(From OE-Core rev: 16f12e6fa89eb3598b56bec63cb5c55c6a8efc35)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
| |
Update to the 5.2.1 release of the 5.2.1 series for buildtools
(From OE-Core rev: 91d430e7a68a0cc819398bd05d020f850364fdf1)
Signed-off-by: Aleksandar Nikolic <aleksandar.nikolic@zeiss.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Changelog:
https://requests.readthedocs.io/en/latest/community/updates/#release-history
(From OE-Core rev: 27a860d7b34250326daede0ade382db47e22c114)
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ReleaseNotes:
https://downloads.isc.org/isc/kea/2.6.2/Kea-2.6.2-ReleaseNotes.txt
https://downloads.isc.org/isc/kea/2.6.3/Kea-2.6.3-ReleaseNotes.txt
Security fixes:
CVE-2025-32801
CVE-2025-32802
CVE-2025-32803
License-Update: Update copyright years
* Drop backport patches.
(From OE-Core rev: 76caa09552d5f7baab40d5259ac1a3eaee37e6bd)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GCC 14.3 is a bug-fix release from the GCC 14 branch
containing important fixes for regressions and serious bugs in
GCC 14.2 with more than 211 bugs fixed since the previous release.
https://gcc.gnu.org/bugzilla/buglist.cgi?bug_status=RESOLVED&resolution=FIXED&target_milestone=14.3
Dropped the below patches:
0026-gcc-Fix-c-tweak-for-Wrange-loop-construct.patch
https://github.com/gcc-mirror/gcc/commit/a9f88741a99ba09b29cc0021499c63ca445393f0
0027-gcc-backport-patch-to-fix-data-relocation-to-ENDBR-s.patch
https://github.com/gcc-mirror/gcc/commit/aa4cd614456de65ee3417acb83c6cff0640144e9
0028-fix-incorrect-preprocessor-line-numbers.patch
https://github.com/gcc-mirror/gcc/commit/8cbe033a8a88fe6437cc5d343ae0ddf8dd3455c8
0001-arm-Fix-LDRD-register-overlap-PR117675.patch
https://github.com/gcc-mirror/gcc/commit/9366c328518766d896155388726055624716c0af
gcc.git-ab884fffe3fc82a710bea66ad651720d71c938b8.patch
https://github.com/gcc-mirror/gcc/commit/ab884fffe3fc82a710bea66ad651720d71c938b8
(From OE-Core rev: aa59bbbbedb25d772648c4cb1498b34b43efb0fb)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to latest 1.24.x release [1]:
$ git --no-pager log --oneline go1.24.3..go1.24.4
6796ebb2cb [release-branch.go1.24] go1.24.4
85897ca220 [release-branch.go1.24] net/http: strip sensitive proxy headers from redirect requests
9f9cf28f8f [release-branch.go1.24] os: don't follow symlinks on Windows when O_CREATE|O_EXCL
a31c931adf [release-branch.go1.24] cmd/link: allow linkname reference to a TEXT symbol regardless of size
03811ab1b3 [release-branch.go1.24] crypto/x509: decouple key usage and policy validation
04a9473847 [release-branch.go1.24] lib/fips140: set inprocess.txt to v1.0.0
db8f1dc948 [release-branch.go1.24] hash/maphash: hash channels in purego version of maphash.Comparable
664cf832ec [release-branch.go1.24] runtime/debug: document DefaultGODEBUG as a BuildSetting
431f75a0b9 [release-branch.go1.24] os: fix Root.Mkdir permission bits on OpenBSD
Fixes CVE-2025-4673, CVE-2025-0913 and CVE-2025-22874 [2].
[1] https://github.com/golang/go/compare/go1.24.3...go1.24.4
[2] https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A
(From OE-Core rev: 50fe0b3832f741bc7f9ea0b996a7e99c5696c0ba)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
| |
Backport patch for this CVE and also patch for its regression.
(From OE-Core rev: 0d880cdb51e47f78387b63063727fe6df1b009e6)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=ba6ad3a18cb26b79e0e3b84c39f707535bbc344d]
CVE: CVE-2025-3198
(From OE-Core rev: 3516188a077bd27e1de3bb42bd5630dba0b3b07f)
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The js_splitter_code string contains backslashes that Python tries to
use as escape sequence but doesn't manage to, hence the following
SyntaxWarning message:
documentation/conf.py:188: SyntaxWarning: invalid escape sequence '\p'
.split(/[^\p{Letter}\p{Number}_\p{Emoji_Presentation}-]+/gu)
Considering that we want this to be sent verbatim to the JS, let's make
this a raw string instead.
Fixes: d4a98ee19e0c ("conf.py: tweak SearchEnglish to be hyphen-friendly")
(From yocto-docs rev: 1fc92ff2af72118ae041183d395d0a0323ecc1a9)
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit c1056672ef45b197136eb8815728d426337a5901)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This repository is partially included in another repository: poky.
However its README isn't making it, so documentation/README pointing at
the README at the root of the git repository would lead the contributor
nowhere.
Instead, let's include the appropriate information directly in
documentation/README which does make it to the poky git repo.
(From yocto-docs rev: 1b93a4122624b554243842822e7df209cc884b27)
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 0298318cea2947e65754eab97255164e64a862de)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
KCONFIG_MODE defaults to 'allnoconfig' when not set, regardless of whether
KBUILD_DEFCONFIG points to an in-tree or a meta-layer defconfig.
(From yocto-docs rev: 77e401de547a67d1654480c3fb8df3693724a69f)
Signed-off-by: Carlos Sánchez de La Lama <csanchezdll@gmail.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit f374b9c426f6c10710e011a4ad660231ee26efb8)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Some simple rendering and grammar fixes.
(From yocto-docs rev: 9c6845efa9d69ff077fa470abe5aed8f1fc1ec61)
Signed-off-by: "Robert P. J. Day" <rpjday@crashcourse.ca>
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 9a9624bfc4c523a6edf6f3f0c336e663cc939e75)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
(From yocto-docs rev: dde9441de7c253fabc0927c7f56f15b1e1c1405c)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit c4748f5079e5193f82afc1b754816edd40ce9254)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
(From yocto-docs rev: adc155685283f9ed11cb5e6cfd4424b35d5503f7)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit d0b702fa010a7c1141cc70ac7e6494cd5d60014a)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The project is switching the way handle our CDN provision of sstate objects,
update the URL accordingly.
(cherry picked from commit 406e8a8e30404c0538f5aa46f211540bae2b206b)
(From yocto-docs rev: 6372e5c9ed5dc6fd3f93e1059a56a002ff1b5036)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refresh patches.
* https://www.python.org/downloads/release/python-3134/
Security content in this release
* gh-135034: [CVE 2024-12718] [CVE 2025-4138] [CVE 2025-4330]
[CVE 2025-4435] [CVE 2025-4517] Fixes multiple issues that allowed
tarfile extraction filters (filter="data" and filter="tar") to be
bypassed using crafted symlinks and hard links.
* gh-133767: Fix use-after-free in the “unicode-escape” decoder with a
non-“strict” error handler.
* gh-128840: Short-circuit the processing of long IPv6 addresses early
in ipaddress to prevent excessive memory consumption and a minor
denial-of-service.
gh-133767 got meawhile CVE-2025-4516 assigned.
(From OE-Core rev: 55a9cd748531c75d46f5d6d53af692a38c6b6716)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds some security fixes and many new changes to the library.
Changelog: https://docs.python.org/3/whatsnew/changelog.html#python-3-13-3-final
Modify 0001-Makefile.pre-use-qemu-wrapper-when-gathering-profile.patch
to remove 'test_types' from the pgo-wrapper call, since that fails now
under qemu.
Reproducibility looks OK.
ptest results OK:
|== Tests result: SUCCESS ==
|
|29 tests skipped:
| test.test_asyncio.test_windows_events
| test.test_asyncio.test_windows_utils test.test_gdb.test_backtrace
| test.test_gdb.test_cfunction test.test_gdb.test_cfunction_full
| test.test_gdb.test_misc test.test_gdb.test_pretty_print
| test_android test_apple test_asdl_parser test_clinic test_devpoll
| test_free_threading test_generated_cases test_idle test_ioctl
| test_kqueue test_launcher test_msvcrt test_startfile test_tcl
| test_tkinter test_ttk test_ttk_textonly test_turtle test_winapi
| test_winconsoleio test_winreg test_wmi
|
|9 tests skipped (resource denied):
| test_curses test_peg_generator test_pyrepl test_smtpnet
| test_socketserver test_urllib2net test_urllibnet test_winsound
| test_zipfile64
|
|442 tests OK.
|
|Total duration: 2 min 48 sec
|Total tests: run=43,896 skipped=2,268
|Total test files: run=471/480 skipped=29 resource_denied=9
|Result: SUCCESS
|DURATION: 169
|END: /usr/lib/python3/ptest
|2025-05-12T12:34
|STOP: ptest-runner
|TOTAL: 1 FAIL: 0
|root@qemux86-64:~#
(From OE-Core rev: 063d5a5fb2f71b523f378b95167553b28804c3ad)
(From OE-Core rev: 6587dc1fc62de79c4599761af59ebd385244cb57)
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Even with our fixes in deterministic_imports.patch the
importlib.metadata package scan was still returning Distribution objects
for empty directories. This interacts badly with rebuilds when recipes
are changing as when a recipe is removed from the sysroot directories
are not removed[1].
In particular this breaks python3-meson-python-native rebuilds when
Meson upgrades from 1.7 to 1.8: the site-packages directory has an empty
meson-1.7.dist-info/ and populated meson-1.8.dist-info/. Whilst it's
deterministic to return the empty 1.7 first, this breaks pypa/build as
it looks through the distributions in order.
We had discussed this with upstream previously and there's a more
comprehensive fix upstream (actually in importlib_metadata, not cpython)
which ensures that valid distribution objects are listed first. So we
can drop our patch and replace it with a backport to fix these rebuilds.
[1] oe-core 4f94d929639 ("sstate/staging: Handle directory creation race issue")
(From OE-Core rev: 73de8daa6293403f5b92d313af32882c47bce396)
(From OE-Core rev: 1c1b651038e15445c495d87c38beeb92f00d9919)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These .pyc files were non-deterministic because they used frozensets[1],
but this has been fixed in 3.11 onwards.
[1] https://github.com/python/cpython/issues/81777
[2] https://github.com/python/cpython/commit/51999c960e7fc45feebd629421dec6524a5fc803
(From OE-Core rev: c8c391ed3e0598a3bea7bc0981126d870315063d)
(From OE-Core rev: 75758dc92003892edc32cccb3c830926b5c4942a)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There was a regression introduced by the change to use
systemd-systemctl-native rather than a python fake implementation,
which caused template units to not be properly enabled when set in
the SYSTEMD_SERVICE variable. Through investigation, it seems that
the best way to re-enable template instances is to handle them
explicitly in the systemd.bbclass and enable them with `preset`, like
most units are handled[1,2].
Per the systemd.preset manpage, the format for template units is
different than for regular units[3]. We need to coalesce all the
template instances onto a single line and emit them as an additional
space-deliminated argument.
Ran this against openbmc's phosphor-ipmi-net recipe and generated
the following preset file:
```
$ cat packages-split/phosphor-ipmi-net/usr/lib/systemd/system-preset/98-phosphor-ipmi-net.preset
enable phosphor-ipmi-net@.service eth0
enable phosphor-ipmi-net@.socket eth0
```
[1]: https://lore.kernel.org/openembedded-core/Z2ch.1747051947055246176.oktf@lists.openembedded.org/
[2]: https://lore.kernel.org/openembedded-core/aDdoTVtCmElpURYD@heinlein/
[3]: https://www.freedesktop.org/software/systemd/man/latest/systemd.preset.html
Fixes: 7a580800db39 ("systemd: Build the systemctl executable")
(From OE-Core rev: f33d9b1f434e40a459614d8dc21ce45e11581008)
(From OE-Core rev: ea207dce1f5f8579d8ddde487ac9852f50bfc792)
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
PR32858 ld segfault on fuzzed object
We missed one place where it is necessary to check for empty groups.
Backport a patch from upstream to fix CVE-2025-5244
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=d1458933830456e54223d9fc61f0d9b3a19256f5]
(From OE-Core rev: 81e5831ea48e9d1e4b37e4ef6af11d382d7f1df8)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
PR 32641 [https://sourceware.org/bugzilla/show_bug.cgi?id=32641]
PR 32643 [https://sourceware.org/bugzilla/show_bug.cgi?id=32643]
Upstream-Status: Backport
[https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=18cc11a2771d9e40180485da9a4fb660c03efac3
&& https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=931494c9a89558acb36a03a340c01726545eef24]
(From OE-Core rev: 8b9484767f49a558c442668ad9b8e86d6800819b)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/447
(From OE-Core rev: 2fd6621812f62acc2bbce47db9e9dc96349d8e3e)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/449
(From OE-Core rev: c6a014352ae480d90b84ca26653654814a7bda52)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/429
(From OE-Core rev: 6605a2b1f00e70e0756f73febc73ef01967ecb2a)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/429
(From OE-Core rev: fd541857dddeb8cf1da03c50a1087b65deb728ed)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/440
(From OE-Core rev: 0b93d8cedfd102fcd723786b975a5cf684c2b0e8)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
