summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* build-appliance-image: Update to scarthgap head revisionyocto-5.0.4scarthgap-5.0.4Steve Sakoman2024-09-251-1/+1
| | | | | | (From OE-Core rev: f888dd911529a828820799a7a1b75dfd3a44847c) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* oeqa/postactions: fix exception handlingAlexis Lothoré2024-09-251-1/+1
| | | | | | | | | | | | | | | | | The current exception handler in list_and_fetch_failed_tests_artifacts expects a non-exisiting variable and then fail to display the original exception message since it raises a new one. The issue has been introduced with commit 6e80b2ab660e ("oeqa/utils/postactions: transfer whole archive over ssh instead of doing individual copies"). Now that tests artifacts are now handled individually, there's no point of trying to print individual names in the exception. (From OE-Core rev: 60a7448abce091eb8c1cb953058fade0beb8b670) Signed-off-by: Alexis Lothoré <alexis.lothore@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit a50e72bb64fb8b0d14c23164eaeeabd9c271ac19) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* build-appliance-image: Update to scarthgap head revisionSteve Sakoman2024-09-251-1/+1
| | | | | | (From OE-Core rev: 4785c5d9f256aa82570d2534e3f82aab3386d280) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* poky.conf: bump version for 5.0.4Steve Sakoman2024-09-251-1/+1
| | | | | | (From meta-yocto rev: 9b6836117e35258aac4f7b1e7c7d10a420fe9370) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* doc/features: describe distribution feature pni-nameJörg Sommer2024-09-251-0/+4
| | | | | | | | | (From yocto-docs rev: d71081dd14a9d75ace4d1c62472374f37b4a888d) Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de> Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* doc/features: remove duplicate word in distribution feature ext2Jörg Sommer2024-09-251-1/+1
| | | | | | | | (From yocto-docs rev: ff4e9d2e516c57c1d0664462ff588666c1fd93a0) Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* bind: Fix build with the `httpstats` package config enabledAlban Bedel2024-09-251-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | ------C65ED3E1A5DE826CA595746785F6AF6F To: openembedded-core@lists.openembedded.org CC: Alban Bedel <alban.bedel@aerq.com> Subject: [PATCH] bind: Fix build with the `httpstats` package config enabled Date: Wed, 11 Sep 2024 08:26:47 +0200 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain MIME-Version: 1.0 When the `httpstats` package config is enabled configure fails with the error: > configure: error: Specifying libxml2 installation path is not > supported, adjust PKG_CONFIG_PATH instead Drop the explicit path from `--with-libxml2` to solve this issue. (From OE-Core rev: b87811febbb1a33182d8a3eb8c0f671548ae999a) Signed-off-by: Alban Bedel <alban.bedel@aerq.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 9b076fa51f5e6fd685066fb817c47239960778e6) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* create-sdpx-2.2.bbclass: Switch from exists to isfile checking debugsrcMark Hatle2024-09-251-1/+2
| | | | | | | | | | | | | | | | While debugsrc is almost always a file (or link), there are apparently cases where a directory could be returned from the dwarfsrcfiles processing. When this happens, the hashing fails and an error results when building the SPDX documents. (From OE-Core rev: cc24c32795e6894387a6e7ebc9b1d9f4215621f0) Signed-off-by: Mark Hatle <mark.hatle@amd.com> Signed-off-by: Mark Hatle <mark.hatle@kernel.crashing.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 02e262c291c0b2066132b4cb2ca5fda8145284a9) Signed-off-by: Mark Hatle <mark.hatle@kernel.crashing.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* bluez5: remove redundant patch for MAX_INPUTGuðni Már Gilbert2024-09-252-28/+0
| | | | | | | | | | | | | | The solution to the problem upstream was fixed by the following commit: https://github.com/bluez/bluez/commit/ca6546fe521360fcf905bc115b893f322e706cb2 Now MAX_INPUT is defined for non-glibc systems such as musl. This fix was added in BlueZ 5.67. (From OE-Core rev: a2532944258334c9f64b673278040dd5e27489d2) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* busybox: Fix cut with "-s" flagColin McAllister2024-09-252-0/+67
| | | | | | | | | | | | | | | | | | This fixes and issue that allows blank lines to be incorrectly output when the "-s" flag is included. This issue propogates into the populate-volatile.sh script in initscripts. If a volatiles drop file contains blank lines, a blank line will be included in combined users, which will incorrectly result in a difference in the number of combined users versus defined users. If this happens, the volatiles file will not be executed. (From OE-Core rev: dfbcf0581ab3dd47037726a7b8aa06f777792473) (From OE-Core rev: 5f75aaf0489f40bd35cdd27322e4d1189e30a9e4) Signed-off-by: Colin McAllister <colinmca242@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* udev-extraconf: Add collect flag to mountColin McAllister2024-09-251-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | Adds extra "--collect" flag to the mount command within automount_systemd. This is intended to fix an observed deadlock after rapidly inserting and removing external media. This is because if the mount command fails, the transient mount will enter a failed state. The next time the media is inserted, automount_systemd bails because the first consition finds that the file path for the failed transient mount still exists. This leaves the external media unmounted and cannot be mounted until the mount is fixed via systemctl or the device is rebooted. Adding "--collect" ensures that the transient mount is cleaned up after entering a failed state, which ensures that the media can still be mounted when it's re-inserted. (From OE-Core rev: f0cda74d73eb8c14cd6f695f514108f1e94984a6) (From OE-Core rev: 33de458b758c2fe430b515ff419dd200ea97ca0b) Signed-off-by: Colin McAllister <colinmca242@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* gcc: Fix spurious '/' in GLIBC_DYNAMIC_LINKER on microblazeKhem Raj2024-09-251-3/+3
| | | | | | | | | | | | | (From OE-Core rev: d143981f78a85a4c5e057528f4bad7acefd46465) Signed-off-by: Khem Raj <raj.khem@gmail.com> Cc: Mark Hatle <mark.hatle@amd.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Backport from master OE-Core rev: f0eac82b9a1e4549b7d918df768c369ed7ab5183 Signed-off-by: Mark Hatle <mark.hatle@amd.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* qemu: back port patches to fix riscv64 build failureChen Qi2024-09-254-0/+258
| | | | | | | | | Backport patches to fix riscv64 build failure. (From OE-Core rev: ab7d0dcb49606651505bf167fd919bc969d97eed) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* buildhistory: Simplify intercept call sites and drop SSTATEPOSTINSTFUNC usageRichard Purdie2024-09-252-21/+23
| | | | | | | | | | | | | | | | | | We planned to drop SSTATEPOSTINSTFUNC some time ago with the introduction of postfuncs. Finally get around to doing that which should make the buildhistory code a little more readable. Unfortunately ordering the buildhistory function calls after the sstate ones is difficult without coding that into the sstate class. This patch does that to ensure everything functions as expected until we can find a better way. This is still likely preferable than the generic sstate postfuncs support since the function flow is much more readable. (From OE-Core rev: 466c505b779dec2ba790f4e6cde7fbb35037f4ef) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit c9e2a8fa2f0305ef1247ec405555612326f798f8) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* buildhistory: Restoring files from preserve listPedro Ferreira2024-09-251-0/+23
| | | | | | | | | | | | | | | This fix will ensure that, when we activate feature `BUILDHISTORY_RESET`, files marked to keep on feature `BUILDHISTORY_PRESERVE` will indeed exist is buildhistory final path since they are moved to buildhistory/old but not restored at any point. (From OE-Core rev: 93ee5b0ee71a51daba9a332e8dba93d78a849677) Signed-off-by: Pedro Ferreira <Pedro.Silva.Ferreira@criticaltechworks.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 9f68a45aa238ae5fcdfaca71ba0e7015e9cb720e) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* buildhistory: Fix intermittent package file list creationPedro Ferreira2024-09-251-6/+3
| | | | | | | | | | | | | | | | | | | | The directory that buildhistory_list_pkg_files writes to during do_package is created by do_packagedata so a clean buildhistory doesn't have files-in-package written during the first build since packagedata happens after do_package. Ensure the output package folder is created to avoid missing files-in-package.txt files. Also it ensures that in case of `find` fails we leave with a hard error instead of hiding the error on the for loop. (From OE-Core rev: eb94b09a9183e0b0d9cfc45287e0967ae185c099) Signed-off-by: Pedro Silva Ferreira <Pedro.Silva.Ferreira@criticaltechworks.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 8de9b8c1e199896b9a7bc5ed64967c6bfbf84bea) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3: Upgrade 3.12.5 -> 3.12.6Peter Marko2024-09-254-285/+9
| | | | | | | | | | | | | | | | | | | | | Includes security fixes for CVE-2024-7592, CVE-2024-8088, CVE-2024-6232, CVE-2023-27043 and other bug fixes. Removed below patches, as the fix is included in 3.12.6 upgrade: 1. CVE-2024-7592.patch 2. CVE-2024-8088.patch Release Notes: https://www.python.org/downloads/release/python-3126/ (From OE-Core rev: aa492b1fd5973c37b8fa2cd17d28199eba46afcc) (From OE-Core rev: 6688a8ff2e1cbf6ad8ebd1b89ec6c929caf6a161) Signed-off-by: Divya Chellam <divya.chellam@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3: skip readline limited history testsTrevor Gamblin2024-09-252-0/+42
| | | | | | | | | | | | | | | | | Python 3.12.5 is failing a newer ptest for reading/writing limited history when editline (default) is set in PACKAGECONFIG. Skip it for now until a proper fix (if any) is determined. A bug has been opened upstream: https://github.com/python/cpython/issues/123018 (From OE-Core rev: de569ddffd5ea36b70c56df21dec9c892e5dee7d) (From OE-Core rev: 98b3a3e3f79a3edaa4cf2cfbf58eb84553d65e1e) Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3: upgrade 3.12.4 -> 3.12.5Trevor Gamblin2024-09-251-1/+1
| | | | | | | | | | | | | | Changelog: https://docs.python.org/release/3.12.5/whatsnew/changelog.html (From OE-Core rev: d9e2ebd6b24b802d1d4cd38b3b910e068c308809) (From OE-Core rev: ae0e8f6932359959535e901e64bdb47189de14cd) Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* openssl: Upgrade 3.2.2 -> 3.2.3Siddharth Doshi2024-09-2512-2227/+3
| | | | | | | | | | | | | | | | | | | Updated SRC_URI link and format due to change in openssl website. CVE's Fixed by upgrade: CVE-2024-5535: Fixed possible buffer overread in SSL_select_next_proto(). CVE-2024-6119: Fixed possible denial of service in X.509 name checks - Removed backports of CVE-2024-5535 as it is already fixed. - Removed first hunk of 0001-Added-handshake-history-reporting-when-test-fails.patch as the copyright years are already updated in test/helpers/handshake.c file Detailed Information: https://github.com/openssl/openssl/blob/openssl-3.2/CHANGES.md#changes-between-322-and-323-3-sep-2024 (From OE-Core rev: 2155e3016a98ae0db28488dcc5176437e6f8b24a) Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* libpcap: Security fix for CVE-2023-7256 & CVE-2024-8006Vijay Anusuri2024-09-254-1/+450
| | | | | | | | | | | | | | | | Reference: https://security-tracker.debian.org/tracker/CVE-2023-7256 https://security-tracker.debian.org/tracker/CVE-2024-8006 Upstream commits: https://github.com/the-tcpdump-group/libpcap/commit/73da0d4d65ef0925772b7b7f82a5fbb3ff2c5e4f https://github.com/the-tcpdump-group/libpcap/commit/2aa69b04d8173b18a0e3492e0c8f2f7fabdf642d https://github.com/the-tcpdump-group/libpcap/commit/8a633ee5b9ecd9d38a587ac9b204e2380713b0d6 (From OE-Core rev: 00e809013a51c1af4979bcff0b3ae3eb7a4d4a20) Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* Revert "wpa-supplicant: Upgrade 2.10 -> 2.11"Steve Sakoman2024-09-255-3/+352
| | | | | | | | | | This version bump adds new features and should not have been taken. This reverts commit 35c2b5f56bca789b9723a144fda0a130a67a860c. (From OE-Core rev: 79ed0dba62404b9de3cd97bc861dea8779416afc) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* libedit: Make docs generation deterministicRichard Purdie2024-09-191-0/+7
| | | | | | | | | | | | The presence or lack of nroff on the host was changing the doc type. Stop the code from looking at host paths outside HOSTTOOLS and hence cause the doc type to be deterministic and reproducible. (From OE-Core rev: 343f40b0bc8ef65cc1e2abd6c9c33bb2e08bad3d) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 918e2b266eba6779f19f65349f85caa880ba45e7) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* ruby: Make docs generation deterministicRichard Purdie2024-09-191-0/+1
| | | | | | | | | | | The presence or lack of nroff on the host was changing the doc type. Set it explicitly to be deterministic and reproducible. (From OE-Core rev: 9ed723d1972b4e1bd1ae799661194ccbd4c6c759) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit f5053abb8957acf358b518ee3c76146dc5f4eb6c) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-maturin: Fix cross compilation issue for armv7l, mips64, ppcNiko Mauno2024-09-196-0/+438
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When bitbaking python3-rpds-py it built extension module as: site-packages/rpds/rpds.cpython-312-armv7l-linux-gnueabihf.so Which caused error on target: root@qemuarm:~# python3 -c "from rpds import HashTrieMap, HashTrieSet, List" Traceback (most recent call last): File "<string>", line 1, in <module> File "/usr/lib/python3.12/site-packages/rpds/__init__.py", line 1, in <module> from .rpds import * ModuleNotFoundError: No module named 'rpds.rpds' Where as it should have been: site-packages/rpds/rpds.cpython-312-arm-linux-gnueabihf.so Associated upstream bug report: https://github.com/PyO3/maturin/issues/2203 Associated upstream pull request: https://github.com/PyO3/maturin/pull/2204 Note - mitigation has not been tested with musl: https://github.com/PyO3/maturin/pull/2204#issuecomment-2323952320 (From OE-Core rev: 32a8a7379008cc6e367b7664c5b10b29f0bb8136) (From OE-Core rev: d2f73e3840c21997b918d1f1cfae965c618c1076) Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Signed-off-by: Niko Mauno <niko.mauno@vaisala.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* gcr: Fix LICENSENiko Mauno2024-09-191-1/+1
| | | | | | | | | | | | | | | The contents of the COPYING file included in the current source code package match those of LGPL-2.0 license, which seems to have been the case since 2011 commit https://gitlab.gnome.org/GNOME/gcr/-/commit/c6691faa0348ab087e99ab9bd9914e1d5e81fa14 (From OE-Core rev: f3ae58b741e4e6e3a5196ff75fcc4da6ee89d0b9) (From OE-Core rev: 422bee7302ea26403e0ac048d3a0e72988be83b3) Signed-off-by: Niko Mauno <niko.mauno@vaisala.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* tiff: Fix LICENSENiko Mauno2024-09-191-1/+1
| | | | | | | | | | | | | | | | | | The contents of the LICENSE.md file included in the current source code package match those of libtiff license, which seems to have been the case since 1999 commit https://gitlab.com/libtiff/libtiff/-/commit/0ef31e1f62aa7a8b1c488a59c4930775ee0046e4 where it was added with filename COPYRIGHT and was then changed to LICENSE.md in 2022 commit https://gitlab.com/libtiff/libtiff/-/commit/fa1d6d787fc67a1eeb3abccb790b5bee969d424b (From OE-Core rev: 71d8e8b03349ab18dca558055c2b3a3687785ddf) (From OE-Core rev: 5495cf45ce74e79be3b8d9b1195f65e253c62828) Signed-off-by: Niko Mauno <niko.mauno@vaisala.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* zip: Fix LICENSENiko Mauno2024-09-191-1/+1
| | | | | | | | | | | | | | | | The contents of the LICENSE file included in the current source code package match those of Info-ZIP license, which seems to originate from the year 2007: This is version 2007-Mar-4 of the Info-ZIP license. (From OE-Core rev: 3739a1af61ff6f0faca23bb565f9e71666953715) (From OE-Core rev: c9bc2bc9c9d0482b13b27505b57df050ebe01898) Signed-off-by: Niko Mauno <niko.mauno@vaisala.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* unzip: Fix LICENSENiko Mauno2024-09-191-1/+1
| | | | | | | | | | | | | | | | The contents of the LICENSE file included in the current source code package match those of Info-ZIP license, which seems to originate from the year 2009: This is version 2009-Jan-02 of the Info-ZIP license. (From OE-Core rev: e7c9368e56a6ad90b4ffbba1b765e2b3a331c796) (From OE-Core rev: f4b84a234662bc8f68e54d4753d9f03e4c2e7931) Signed-off-by: Niko Mauno <niko.mauno@vaisala.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* dejagnu: Fix LICENSENiko Mauno2024-09-191-1/+1
| | | | | | | | | | | | | | | | | The contents of the COPYING file included in the current source code package match those of GPL-3.0-only license, which seems to have been the case since 2008 commit http://git.savannah.gnu.org/gitweb/?p=dejagnu.git;a=commitdiff;h=9bebe7b9bfb9b02e5e4d86ad74e8ce3eb32a36b9;hp=50fbdd118dba066e201c73a8b0155381cd65a32d ("* COPYING: Update to GPL version 3.") (From OE-Core rev: 26b71cfb7815a096c5962629801cc3bc85147284) (From OE-Core rev: 718f6cb5ecf33529efb126f9eda67041f42bd7bf) Signed-off-by: Niko Mauno <niko.mauno@vaisala.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* iw: Fix LICENSENiko Mauno2024-09-191-1/+1
| | | | | | | | | | | | | | | | | The contents of the COPYING file included in the source code match those of ISC license: https://git.kernel.org/pub/scm/linux/kernel/git/jberg/iw.git/tree/COPYING?h=v6.9 which seems to have been in effect since 2008 commit https://git.kernel.org/pub/scm/linux/kernel/git/jberg/iw.git/commit?id=622c36ae94a880fb53f7f051f1b26616f5b553c1 ("license under ISC"). (From OE-Core rev: 87da7445a2a77fe73e3524cd50112842e91235b6) (From OE-Core rev: cfb0352f1c89729e11259bfe3a7ebcaf7193620f) Signed-off-by: Niko Mauno <niko.mauno@vaisala.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* expat: 2.6.2 -> 2.6.3Richard Purdie2024-09-191-1/+1
| | | | | | | | | | | | Includes fixes for CVE-2024-45490, CVE-2024-45491 and CVE-2024-45492. https://blog.hartwork.org/posts/expat-2-6-3-released/ (From OE-Core rev: 5cf92f8164d6d03756997e6b9cfb6d37ef5a273a) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit cc96903d915db0dfde382a26bb7ec57d0d37e62e) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* vim: Upgrade 9.1.0682 -> 9.1.0698Siddharth Doshi2024-09-191-2/+2
| | | | | | | | | | | | | | | This includes CVE-fix for CVE-2024-43790 and CVE-2024-43802 Changes between 9.1.0682 -> 9.1.0698 ==================================== https://github.com/vim/vim/compare/v9.1.0682...v9.1.0698 (From OE-Core rev: 829e474534777b2154f1b1246c5792b3159dacb1) Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit e530265415d93e3f49ec7874cf720aad18ab2e22) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* yocto-uninative: Update to 4.6 for glibc 2.40Michael Halstead2024-09-191-5/+5
| | | | | | | | | (From OE-Core rev: 0a8ba360f111d379af436de86e0a990be02910bb) Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit b29bfd333dffe635ab67475dcd8d22ad8b114c84) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* mc: fix source URLBenjamin Szőke2024-09-091-1/+1
| | | | | | | | | | | new URL for sources: http://ftp.midnight-commander.org/ (From OE-Core rev: 7e11701698a9f38a5e3e0499c0c2edd98d32a85d) Signed-off-by: Benjamin Szőke <egyszeregy@freemail.hu> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 03c4052718a9b8392b25e1770630317b8cf29fbe) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* openssh: add backported header file includeJon Mason2024-09-092-0/+28
| | | | | | | | | | | | | | | | | | | | | Backport upstream patch to add a missing header. The patch says it is for systemd, but I am seeing build issues when building openssh with clang and musl. The issue being seen is: #warning usage of non-standard #include <sys/cdefs.h> is deprecated And similar deprecated warnings. This patch resolves the issue. Original patch can be found at https://github.com/openssh/openssh-portable/commit/88351eca17dcc55189991ba60e50819b6d4193c1 This issue was introduced with OE-Core 1c9d3c22718bf49ae85c2d06e0ee60ebdc2fd0c1 https://github.com/openembedded/openembedded-core/commit/1c9d3c22718bf49ae85c2d06e0ee60ebdc2fd0c1 Patch suggested by Khem Raj. (From OE-Core rev: ae4064a8a60b60bee8a32a454e8784fcf1ecd318) Signed-off-by: Jon Mason <jdmason@kudzu.us> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* oeqa/runtime/ssh: increase the number of attemptsJon Mason2024-09-091-1/+1
| | | | | | | | | | | | | Under high load, the ssh test is hitting the amount of retries. Increase it to 20 to avoid this issue. This would increase the maximum failure time from 50 seconds (5 * 10) to 100 seconds. (From OE-Core rev: 4581b5793f310d2f1f0c80bfe1a5f8743416c4fc) Signed-off-by: Jon Mason <jdmason@kudzu.us> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit c796438eec5dd6b4671b798f85506bc89ff402ab) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* wireless-regdb: upgrade 2024.05.08 -> 2024.07.04Wang Mingyu2024-09-091-1/+1
| | | | | | | | | | (From OE-Core rev: d2b83ae234668bccd81ae4b53ca06196d398573b) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit b460d2d55a35450564ea04255153b0a3bf715530) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* libdnf: upgrade 0.73.1 -> 0.73.2Wang Mingyu2024-09-091-1/+1
| | | | | | | | | | | | | | | | | | Changelog: ========== - context: use rpmtsAddReinstallElement() when doing a reinstall - MergedTransaction: Fix invalid memory access when dropping items - ConfigParser: fix use-out-of-scope leaks - Since we use rpmtsAddReinstallElement rpm also uninstalls the package - Fix countme bucket calculation (From OE-Core rev: 20b67ad71cfa3eac35b2514067f87d79d9c3da2e) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 9cf8330068503a5721640763309c4c74f293a94d) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* libadwaita: upgrade 1.5.1 -> 1.5.2Wang Mingyu2024-09-091-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changelog: ========== - AdwAlertDialog - Fix unmatched va_start() - Fix setting default widget when removing a response - AdwBreakpointCondition - Fix leaks when parsing - AdwBreakpointBin - Fix a leak - AdwDialog - Fix toggling presentation mode - Fix close button ignoring :can-close - Fix ::close-attempt not emitting in some cases - Fix swipe area for bottom sheets - Leak fixes - AdwHeaderBar - Fix initial focus for the back button - Fix split view links in docs - AdwMessageDialog - Fix unmatched va_start() - AdwSpinRow - Fix ::input handling - AdwTabButton - Fix needs-attention badge on RTL - AdwTabView - Accessibility fixes - AdwViewStack - Accessibility fixes - Translation updates - Nepali (From OE-Core rev: 5cc094b5ba1a6e685b01ff35130c4e69fdc7e0ec) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 25b8f5059061bf52257117ba7d54031a31388fb1) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* wpa-supplicant: Upgrade 2.10 -> 2.11Siddharth Doshi2024-09-095-352/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | License-Update: =============== - README: Change in copyright years as per https://w1.fi/cgit/hostap/commit/README?id=d945ddd368085f255e68328f2d3b020ceea359af - wpa_supplicant/wpa_supplicant.c: Change in copyright years as per https://w1.fi/cgit/hostap/commit/wpa_supplicant/wpa_supplicant.c?id=d945ddd368085f255e68328f2d3b020ceea359af CVE's Fixed: =========== - CVE-2024-5290 wpa_supplicant: wpa_supplicant loading arbitrary shared objects allowing privilege escalation - CVE-2023-52160 wpa_supplicant: potential authorization bypass Changes between 2.10 -> 2.11: ============================ https://w1.fi/cgit/hostap/commit/wpa_supplicant/ChangeLog?id=d945ddd368085f255e68328f2d3b020ceea359af Note: ===== Patches 0001-build-Re-enable-options-for-libwpa_client.so-and-wpa.patch, 0002-Fix-removal-of-wpa_passphrase-on-make-clean.patch, 0001-Install-wpa_passphrase-when-not-disabled.patch, 0001-PEAP-client-Update-Phase-2-authentication-requiremen.patch (CVE-2023-52160) are already fixed and hence removing them. (From OE-Core rev: 35c2b5f56bca789b9723a144fda0a130a67a860c) Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 824eb0641dc6001a5e9ad7a685e60c472c9fdce8) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* cups: upgrade 2.4.9 -> 2.4.10Wang Mingyu2024-09-094-26/+15
| | | | | | | | | | | | | | | | | | | | Changelog: =========== - Fixed error handling when reading a mixed "1setOf" attribute. - Fixed scheduler start if there is only domain socket to listen on 0001-use-echo-only-in-init.patch 0002-don-t-try-to-run-generated-binaries.patch 0004-cups-fix-multilib-install-file-conflicts.patch refreshed for 2.4.10. (From OE-Core rev: 01039c35a89de4bbd1410b3ee08a99cf325adf2b) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit dd7a978d2d7feb11f6c265ba812c8ca29912ebc6) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* apr: upgrade 1.7.4 -> 1.7.5Vijay Anusuri2024-09-092-2/+2
| | | | | | | | | | | | | | | | | Refreshed patch 0001-configure-Remove-runtime-test-for-mmap-that-can-map-.patch Includes security fix CVE-2023-49582 changelog: https://downloads.apache.org/apr/CHANGES-APR-1.7 (From OE-Core rev: e650030ec8fe37b84e6ae37a2305453cc59fda31) Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit c5d9498466526451910fa02862f8860b2bb81df8) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* apr: drop 0007-explicitly-link-libapr-against-phtread-to-make-gold-.patchAlexander Kanavin2024-09-092-51/+0
| | | | | | | | | | | | | | At some point this became unnecessary, as tested by building apr with DISTRO_FEATURES:append = " ld-is-gold" The logs do confirm that (previously) problematic binary links without errors. (From OE-Core rev: c04d1ca0d4f1c7236a5093e7be5ef51633c503fd) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit c041932f14cf552b0446732ce0cca6537f3286ab) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* xserver-xorg: fix CVE-2023-5574 statusDmitry Baryshkov2024-09-091-1/+1
| | | | | | | | | | | | | | | If XvFB is enabled, the CVE_STATUS for CVE-2023-5574 should be 'unpatched' rather than the empty string. Otherwise SDPX checker complains: xserver-xorg-2_21.1.13-r0 do_create_spdx: Unknown CVE status (From OE-Core rev: 9965028d74b3c480f7556d299d616999822b79bf) Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 0ec5dcbdd7c922df25ce90b04902d9c7c749a8c0) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3: Fix CVE-2024-8088Soumya Sambu2024-09-092-0/+129
| | | | | | | | | | | | | | | | | | | | | There is a HIGH severity vulnerability affecting the CPython "zipfile" module. When iterating over names of entries in a zip archive (for example, methodsof "zipfile.ZipFile" like "namelist()", "iterdir()", "extractall()", etc) the process can be put into an infinite loop with a maliciously crafted zip archive. This defect applies when reading only metadata or extracting the contents of the zip archive. Programs that are not handling user-controlled zip archives are not affected. References: https://nvd.nist.gov/vuln/detail/CVE-2024-8088 Upstream-Patch: https://github.com/corydolphin/flask-cors/commit/7ae310c56ac30e0b94fb42129aa377bf633256ec (From OE-Core rev: 2d98276ba70ed6c44afecd42a7352f1b3030438f) Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3: Fix CVE-2024-7592Soumya Sambu2024-09-092-0/+144
| | | | | | | | | | | | | | | | | | | There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie value, the parser would use an algorithm with quadratic complexity, resulting in excess CPU resources being used while parsing the value. References: https://nvd.nist.gov/vuln/detail/CVE-2024-7592 Upstream-Patch: https://github.com/python/cpython/commit/dcc3eaef98cd94d6cb6cb0f44bd1c903d04f33b1 (From OE-Core rev: 3bb9684eef5227e7b1280ee9051884310b0d0b7f) Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-setuptools: Fix CVE-2024-6345Soumya Sambu2024-09-092-1/+315
| | | | | | | | | | | | | | | | | | | A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0. References: https://nvd.nist.gov/vuln/detail/CVE-2024-6345 Upstream-patch: https://github.com/pypa/setuptools/commit/88807c7062788254f654ea8c03427adc859321f0 (From OE-Core rev: 468c5a4e12b9d38768b00151c55fd27b2b504f3b) Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* linux-firmware: add a package for ath12k firmwareBartosz Golaszewski2024-09-031-1/+7
| | | | | | | | | | | | Add the firmware package for the ATH12K module. (From OE-Core rev: 553f31396a5d966ab827f1c4b807ef46649080d0) Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@linaro.org> [DB: added rdepends from PN to PN-ath12k] Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* libcap-ng: update SRC_URIChangqing Li2024-09-032-4/+6
| | | | | | | | | | | | Refer [1], people.redhat.com has certificate issue, so update SRC_URI to fix do_fetch warning [1] https://github.com/stevegrubb/libcap-ng/issues/56 (From OE-Core rev: ba5d05337c97ec14d00939f02ecdd6aeab126822) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>