| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We often see multiple curl tests fail during ptest runs, the actual test
varies but the output is like this:
FAIL: 337: protoc!
There was no content at all in the file log/3/server.input.
Server glitch? Total curl failure? Returned: 28
Error code 28 is CURLE_OPERATION_TIMEDOUT, so this is almost certainly
due to a loaded machine resulting in the tests running slowly.
It is notable that the test runner explicitly passes --max-time=13 to
curl, so experiment and change this to 600 to see if this solves the
problem.
[ YOCTO #15268 ]
(From OE-Core rev: d105cc0dae1fcca285c08f33df7888c68fb0dc2f)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e2e9ec1bf97a7e36a05a247dbc671ecca584205f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There's no need to run the output of runtests.pl through a sed to get
automake-style output, as you can pass -am to get this formatting.
Don't run timing dependent tests, as the ptests can run on loaded
systems.
Add a dependency on the en_US locale because some of the tests require
this.
(From OE-Core rev: 000bedc1c95e033f8a479a18a47dc66a0609d596)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3c3601d50ae290e7e9797eadd20c05df99bbd040)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade version to adress recent CVE findings.
Changelog
=========
** libgnutls: Fix more timing side-channel inside RSA-PSK key exchange
[GNUTLS-SA-2024-01-14, CVSS: medium] [CVE-2024-0553]
** libgnutls: Fix assertion failure when verifying a certificate chain with a
cycle of cross signatures
[GNUTLS-SA-2024-01-09, CVSS: medium] [CVE-2024-0567]
** libgnutls: Fix regression in handling Ed25519 keys stored in PKCS#11 token
certtool was unable to handle Ed25519 keys generated on PKCS#11
with pkcs11-tool (OpenSC). This is a regression introduced in 3.8.2.
(cherry-pick from Oe-Core rev 705d2972b38efc9f331e3635c07ca92f8812b365)
(From OE-Core rev: f40a53370eac89df38b2fab47c411a61d4df4fc0)
Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
============
** libgnutls: Fix timing side-channel inside RSA-PSK key exchange.
** libgnutls: Add API functions to perform ECDH and DH key agreement
** libgnutls: Added support for AES-GCM-SIV ciphers
** libgnutls: transparent KTLS support is extended to FreeBSD kernel
** gnutls-cli: New option --starttls-name
(cherry-pick from Oe-Core rev 3c01bb0be8ddafa0aa1ad996ec524b51fd28f512)
(From OE-Core rev: d9310c3ce0f88798de6d2d3d0c600b9014c1d872)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is the latest/last of the 9.0.z upgrades, since 9.1 is now
released.
CVE: CVE-2024-22667
(includes the patch for .2142 https://github.com/vim/vim/commit/b39b240c386a5a29241415541f1c99e2e6b8ce47)
Changes:
https://github.com/vim/vim/compare/v9.0.2130...v9.0.2190
(From OE-Core rev: 8155a1f60b490859b1c942da2a35d5106eddc901)
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
atk-adaptor: Fix critical when no table cell array is returned.
(From OE-Core rev: e742e3bdfbcb7cbbc7c4a3e26151b5ee3aa291e2)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9bed9f07aea6c425748c8908641ce8a99fd5162f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Backport the upstream fix for CVE-2023-48795.
(From OE-Core rev: c2894768c270e2698de23884f59e823f185820a0)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 314fa19c5e07fa632ff0434a6adbb97de1319a02)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
| |
Disable another test that intermittently fails on the autobuilder.
(From OE-Core rev: 7c183e7470565db3085b4f18044567fc51c842ab)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8d169e13f7e2eb6511f0ac98da63b060c6c0d53a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
| |
CVE-2023-36191 is now rejected in NVD DB so it won't shoup up in
cve-check report anymore.
(From OE-Core rev: 362a77ea331124ae4c84553c0dceb06b05150804)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
| |
This fixes CVE-2024-0232
(From OE-Core rev: 748c18468cc7de0173ab4796805704b9376cd391)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2019-25051.patch
removed since it's included in 0.60.8.1
Changelog:
============
-Fix memory leak in suggestion code introduced in 0.60.8.
-Various documentation fixes.
-Fix various warnings when compiling with -Wall.
-Fix two buffer overflows found by Google's OSS-Fuzz.
-Other minor updates.
(From OE-Core rev: 1d7ab8b0bc129efadd9144b87fa5208b4a8fcd6c)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ec3c8642f71b470936b6dd29331afa467ab865c7)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
| |
These two tests seem to fail semi-regularly so just stop running them.
(From OE-Core rev: aa52e8fe6f53c5e3e5466385b683ea209d833845)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1bfa564f1aa8b865f6c3ae3501e6d5f6cc0542eb)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
=========
* Eliminate 'atomic_thread_fence is unsupported with tsan' gcc-11 warning
* Eliminate 'comparing signed/unsigned values' lcc warning in add_chunk_as
* Fix 'undefined reference to AO_pt_lock' if configure is using clang-16
* Fix 'undefined reference to __atomic_load/store/cas_16' Mingw64-gcc error
* Fix 'undefined reference' linker errors if shared build on OpenBSD (CMake)
* Fix get_chunk for case of mmap area is located before AO_initial_heap
* Fix typo in AO_HAVE_compare_and_swap_double name in atomic_ops_stack.h
* Fix typo in comment of run_one_test of test_stack
* Fix typos in comments of atomic_ops_malloc.c and atomic_ops_stack.c/h
* Update cmake minimum required version to 3.5
(From OE-Core rev: cae10312a45a686b118596e0e07000d3fae55f7a)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1dea52da8cd00e6619890b8c4dcece8b5ff83f74)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
| |
Upstream docs for CVE-2023-46219:
https://curl.se/docs/CVE-2023-46219.html
(From OE-Core rev: ef3ade93a0cc249046503920c97813df95d53b3c)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
===========
- extensions: Don't search imports for extension prefixes
- transform: Check maximum depth when processing default templates
- build: Add more missing includes
- python: Don't set deprecated global
- build: Add missing includes
- imports: Limit nesting depth
- extensions: Report top-level elements in xsltDebugDumpExtensions
- Add extern "C" { } block to xsltlocale.h
- python: Make it compatible with python3.12
- date: Fix check for localtime_s
- date: Fix check for gmtime_s
- pkg-config files include cflags for static builds
- Handle NOCONFIG case when setting locations from CMake target properties
- autotools: Make xslt-config executable
- tests: Structured error handler now passes a const xmlError
- python: Fix tests on MinGW
- fuzz: Fix xmlFuzzEntityLoader after recent libxml2 changes
(From OE-Core rev: 7828e780813857a6667cb07472a0371823781e9b)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 48b353f3fb8e5ab1853cba7faa3065d2fe6f36b4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
==========
- Fix public key computation for other EdDSA curves.
- Remove out of core handler diagnostic in FIPS mode.
- Check that the digest size is not zero in gcry_pk_sign_md and
gcry_pk_verify_md.
- Make store an s-exp with \0 is considered to be binary.
- Various constant-time improvements.
- Use getrandom call only when supported by the platform.
- Change the default for --with-libtool-modification to never.
(From OE-Core rev: 451480be9e8693d026fb408f5bfd1c6c77ad7182)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit e21583896116cf37bf6b95aea466854e4fd5e54b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
| |
(From OE-Core rev: 000b2a380021f2c7fd102b6523a986c2e7ad20ae)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://github.com/vim/vim/compare/v9.0.2068...v9.0.2130
CVE: CVE-2023-48231
CVE: CVE-2023-48232
CVE: CVE-2023-48233
CVE: CVE-2023-48234
CVE: CVE-2023-48235
CVE: CVE-2023-48236
CVE: CVE-2023-48237
(From OE-Core rev: 75b48593f8e1ad9efc14842bf29a68daa7b02472)
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 5978d565a9e700485fc563dfe2e3c0045dd74b59)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
===========
Documents exclude files: each personal word list is paired with
an exclude file that contains words the user considers invalid.
(From OE-Core rev: 9da704f23bc9538c6fa6fb075fe2c28e7751c8a4)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit f0877cebd2c990d9d98fc348032742c2d9fb4254)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This includes CVE fix for CVE-2023-46246.
9198c1f2b (tag: v9.0.2068) patch 9.0.2068: [security] overflow in :history
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-46246
(From OE-Core rev: 55dba750cb37fdf09b9b8b768c5ebea86c769248)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 63bc72ccb63d2f8eb591d7cc481657a538f0fd42)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A previous commit attempted to fix reproducibility errors by forcing
regeneration of .po files. Unfortunately this triggered a different
type of reproducibility issue.
Work around this by adjusting the timestamps of the troublesome .po
files so they are not regenerated and we use the shipped upstream
versions of the files.
The shipped version of ru.cp1251.po doesn't seem to have been created
with the vim tooling and specifies CP1251 instead of cp1251, fix that.
(From OE-Core rev: 14629902c9bb8ac155cf1077377589ab086c5020)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 13d9551ba626f001c71bf908df16caf1d739cf13)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When making checkouts from git, the timestamps can vary and occasionally two files
can end up with the same stamp. This triggers make to regenerate ru.cp1251.po from
ru.po for example. If it isn't regenerated, the output isn't quite the same leading
to reproducibility issues (CP1251 vs cp1251).
Since we added all locales to buildtools tarball now, we can drop the locale
restrictions too. We need to generate a native binary for the sjis conversion
tool so also tweak that.
(From OE-Core rev: fdbdfd90f114ace6891f08625fd3fa8e66959ff7)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 042c1a501b1dae5ddb31307b461be02c3591c589)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
| |
This includes CVE fix for CVE-2023-5535.
(From OE-Core rev: 9292eb70a2a0871cf235e4df0257d7028f43a278)
Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
This includes CVE fix for CVE-2023-5441.
(From OE-Core rev: 539b0c8938b7ac4338b087e04d8b8624b7546237)
Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
This release has a fix to mitigate CVE-2023-44487: HTTP/2 Rapid Reset:
https://nghttp2.org/blog/2023/10/10/nghttp2-v1-57-0/
(From OE-Core rev: c24b75f027f2609dac935e8981f2eb58394b1cc6)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
curl and libcurl 8.4.0
Public curl releases: 252
Command line options: 258
curl_easy_setopt() options: 303
Public functions in libcurl: 93
Contributors: 2995
This release includes the following changes:
o curl: add support for the IPFS protocols via HTTP gateway [46]
o curl_multi_get_handles: get easy handles from a multi handle [20]
o mingw: delete support for legacy mingw.org toolchain [45]
This release includes the following bugfixes:
o acinclude.m4: Document proper system truststore on FreeBSD [83]
o appveyor: fix yamlint issues, indent [67]
o appveyor: rewrite batch in PowerShell + CI improvements [109]
o autotools: adjust `CURL_CA_PATH` value to CMake [53]
o autotools: restore `HAVE_IOCTL_*` detections [111]
o base64: also build for curl [78]
o bufq: remove Curl_bufq_skip_and_shift (unused) [47]
o build: delete checks for C89 standard headers [65]
o build: do not publish `HAVE_BORINGSSL`, `HAVE_AWSLC` macros [114]
o cf-socket: simulate slow/blocked receives in debug [120]
o cmake, configure: also link with CoreServices [32]
o cmake: add check for suseconds_t [91]
o cmake: add feature checks for `memrchr` and `getifaddrs` [57]
o cmake: add missing checks [86]
o cmake: delete old `HAVE_LDAP_URL_PARSE` logic [105]
o cmake: detect `HAVE_CLOCK_GETTIME_MONOTONIC_RAW` [75]
o cmake: detect `HAVE_GETADDRINFO_THREADSAFE` [76]
o cmake: detect `sys/wait.h` and `netinet/udp.h` [61]
o cmake: detect TLS-SRP in OpenSSL/wolfSSL/GnuTLS [93]
o cmake: disable unity mode with Windows Unicode + TrackMemory [108]
o cmake: fix `HAVE_LDAP_SSL`, `HAVE_LDAP_URL_PARSE` on non-Windows [110]
o cmake: fix `HAVE_WRITABLE_ARGV` detection [77]
o cmake: fix duplicate symbols when linking tests [73]
o cmake: fix missing `zlib.h` when compiling `libcurltool` [72]
o cmake: fix stderr initialization in unity builds [71]
o cmake: fix the help text to the static build option in CMakeLists.txt [10]
o cmake: fix unity builds for more build combinations [96]
o cmake: fix unity symbol collisions in h2 builds [48]
o cmake: fix unity with Windows Unicode + TrackMemory [107]
o cmake: improve OpenLDAP builds [92]
o cmake: lib `CURL_STATICLIB` fixes (Windows) [74]
o cmake: move global headers to specific checks [58]
o cmake: pre-cache `HAVE_BASENAME` for mingw-w64 and MSVC [85]
o cmake: pre-cache `HAVE_POLL_FINE` on Windows [36]
o cmake: tidy-up `NOT_NEED_LBER_H` detection
o cmake: validate `CURL_DEFAULT_SSL_BACKEND` config value [50]
o configure: check for the capath by default [63]
o configure: remove unused checks [87]
o configure: replace adhoc domain with `localhost` in tests [79]
o configure: sort AC_CHECK_FUNCS
o connect: expire the timeout when trying next [54]
o connect: only start the happy eyeballs timer when needed [95]
o cookie: do not store the expire or max-age strings [16]
o cookie: remove unnecessary struct fields [17]
o cookie: set ->running in cookie_init even if data is NULL [5]
o create-dirs.d: clarify it also uses --output-dirs [66]
o curl.h: mark CURLSSLBACKEND_NSS as deprecated since 8.3.0 [18]
o curl_easy_pause.3: mention h2/h3 buffering [113]
o curl_easy_pause.3: mention it works within callbacks [112]
o curl_easy_pause: set "in callback" true on exit if true [100]
o CURLOPT_DEBUGFUNCTION.3: warn about internal handles [122]
o docs/libcurl/opts/Makefile.inc: add missing manpage files
o docs: adapt SEE ALSO sections to new requirements [52]
o docs: explain how PINNEDPUBLICKEY is independent of VERIFYPEER [68]
o docs: replace made up domains with example.com [82]
o docs: update curl man page references [89]
o docs: use CURLSSLBACKEND_NONE [19]
o doh: inherit DEBUGFUNCTION/DATA [12]
o escape: replace Curl_isunreserved with ISUNRESERVED [2]
o FAQ: How do I upgrade curl.exe in Windows? [84]
o GHA/linux: run singleuse to detect single-use global functions [35]
o GHA: add workflow to compare configure vs cmake outputs [102]
o h2-proxy: remove left-over mistake in drain_tunnel() [7]
o h2: testcase and fix for pausing h2 streams [49]
o h3: add support for ngtcp2 with AWS-LC builds [103]
o http2: refused stream handling for retry [121]
o http: fix CURL_DISABLE_BEARER_AUTH breakage [28]
o http: h1/h2 proxy unification [21]
o http: remove wrong comment for http_should_fail [55]
o http: use per-request counter to check too large headers [6]
o http_aws_sigv4: fix sorting with empty parts [13]
o idn: fix WinIDN null ptr deref on bad host [90]
o idn: if idn2_check_version returns NULL, return error [27]
o inet_ntop: add typecast to silence Coverity [51]
o lib: disambiguate Curl_client_write flag semantics [24]
o lib: enable hmac for digest as well [26]
o lib: failf/infof compiler warnings [8]
o lib: let the max filesize option stop too big transfers too [44]
o lib: move handling of `data->req.writer_stack` into Curl_client_write() [97]
o lib: provide and use Curl_hexencode [62]
o lib: remove TIME_WITH_SYS_TIME [88]
o lib: use wrapper for curl_mime_data fseek callback [30]
o libssh2: fix error message on failed pubkey-from-file [22]
o libssh: cap SFTP packet size sent [14]
o Makefile.mk: always set `CURL_STATICLIB` for lib (Windows) [42]
o MANUAL.md: change domain to example.com [11]
o misc: better random strings [15]
o MQTT: improve receive of ACKs [125]
o multi: do CURLM_CALL_MULTI_PERFORM at two more places [99]
o multi: fix small timeouts [70]
o multi: remove Curl_multi_dump [37]
o multi: round the timeout up to prevent early wakeups [98]
o multi: set CURLM_CALL_MULTI_PERFORM after switch to DOING_MORE [115]
o openssl: improve ssl shutdown handling [69]
o openssl: use X509_ALGOR_get0 instead of reaching into X509_ALGOR [104]
o pytest: exclude test_03_goaway in CI runs due to timing dependency [23]
o quic: set ciphers/curves the same way regular TLS does [43]
o quiche: fix build error with --with-ca-fallback [1]
o RELEASE-PROCEDURE.md: updated coming release dates
o runtests: display the test status if tests appear hung [81]
o runtests: eliminate a warning on old perl versions
o socks: return error if hostname too long for remote resolve [118]
o src/mkhelp: make generated code pass `checksrc` [59]
o test1056: disable on Windows
o test1474: disable test on NetBSD, OpenBSD and Solaris 10 [31]
o test1592: greatly increase the maximum test timeout
o test1903: actually verify the cookies after the test [116]
o test1906: set a lower timeout since it's hit on Windows [117]
o test2600: remove special case handling for USE_ALARM_TIMEOUT [3]
o test650: fix an end tag typo
o test661: return from test early in case of curl error
o test: add missing <feature>s
o tests: close the shell used to start sshd [41]
o tests: fix a race condition in ftp server disconnect [101]
o tests: fix compiler warnings [38]
o tests: Fix zombie processes left behind by FTP tests. [80]
o tests: improve SLOWDOWN test reliability by reducing sent data
o tests: increase lib571 timeout from 3s to 30s [106]
o tests: log the test result code after each libtest
o tests: propagate errors in libtests
o tests: set --expect100-timeout to improve test reliability
o tests: show which curl tool `runtests.pl` is using [60]
o tests: stop overriding the lock timeout
o tftpd: always use curl's own tftp.h [25]
o tool: use our own stderr variable [94]
o tool_cb_wrt: fix debug assertion [4]
o tool_getparam: accept variable expansion on file names too [123]
o tool_setopt: remove unused function tool_setopt_flags [56]
o upload-file.d: describe the file name slash/backslash handling [9]
o url: fall back to http/https proxy env-variable if ws/wss not set [119]
o url: fix netrc info message [39]
o warnless: remove unused functions [33]
o wolfssh: do cleanup in Curl_ssh_cleanup [40]
o wolfssl: allow capath with CURLOPT_CAINFO_BLOB [29]
o wolfssl: if CURLOPT_CAINFO_BLOB is set, ignore the CA files [34]
o wolfssl: ignore errors in CA path [64]
(From OE-Core rev: aeab27305b3f207530ad1c749f6668c0df6cbed1)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some tests can fail intermittently and upstream has marked these as
flaky so they can easily be skipped. At present there are 12 tests
marked flaky with 10 of them running in the default recipe
configuration. Skip them to avoid the failures.
(From OE-Core rev: 34f37de80928bb23a594268b0e996beb575ca51b)
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
==========
-This version tweaks normalization of language tags so that only the part of
the tag that specifies country and language is altered; any extra that is
not removed is left alone.
-This version removes validation of language tags; dictionary names no longer
have to be valid language tags.
-Debug output now uses GLib's debug system, and can be enabled at run-time by
setting the environment variable G_MESSAGES_DEBUG to 'libenchant'.
-The Aspell back-end has a fix to let it work with language variants such as
"en_GB-ize".
-There's more code clean-up, build system updates, and a couple of null
-pointer dereference fixes
(From OE-Core rev: a0aa3a7211a44b6d152efd1c576dd78e313424b1)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
===========
* Fix at-spi2-atk test when running under a non-English locale.
* collection: Avoid locking up if an object has a very large child count
* Fix possible NULL pointer dereference when deregistering an event listener.
* Various fixes for the new key grabbing API.
* Don't wait for a reply when registering or deregistering keystroke
listeners.
* Add a meson option to exclude the gtk2 atk-bridge module.
* Fix a test failure/timeout.
* Add atspi_get_version() to return the runtime version of the library.
* Collection: fix match testing for attributes.
* Fix a NULL pointer dereference when deregistering an event listener that
doesn't include a detail.
* Fix the documentation for interfaces in collection match rules.
* Add an AtspiLive enum to specify the politeness level for live regions,
and document that this should be used for Announcement signals. Also add a
notification signal in atk to replace the announcement signal that lacks
the politeness information.
* Add an asynchronous version of atspi_generate_mouse_event.
* TableCell.xml: Add Get{Column,Row}HeaderCells methods
* atspi_accessible_get_localized_role_name: Use internal names when possible.
* Add a non-recursive function to clear a single object's cache.
* Code clean-ups.
(From OE-Core rev: 12912febdd5490c283576be36284f90e99eecff3)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 4274ac35c178392837919f3b8b068e05fccd3a08)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: df810ca20643480ddccd9d27ad5d2307b40378ea)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 5175516f784604beece27412c187006c48e29512)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 549c4203956afb4ac91d15031c63f01adafb383a)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NSS support was removed, so adjust PACKAGECONFIG options.
The --enable-crypto-auth option was removed and split into separate
options for basic-auth, bearer-auth, digest-auth, kerberos-auth,
negotiate-auth, and aws. Enable these new options since upstream enables
them by default.
Disable test 1279 since this requires libcurl and hangs the tests.
(From OE-Core rev: 148de08220c0ad390ec533e452cbaad7a9338204)
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We've been removing PR values from recipes at upgrade time for a while. In general
anyone maintaining a binary distro would end up having to curate these themselves
so the values in OE-Core aren't really that useful anymore. In many ways it makes
sense to clear out the remaining ones (which are mostly for 'config' recipes that
are unlikely to increase in PV) and leave a clean slate for anyone implementing
a binary distro config.
References are left in meta-selftest since the tests there do involve them and
their removal upon upgrade.
(From OE-Core rev: d4c346e8ab8f3cae25d1b01c7331ed9f6d4f96ef)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From OE-Core rev: 8c987afb2054f24d9bf86305774c186a6e015a8f)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
libadwaita 1.4.0 has a dependency on it
(From OE-Core rev: 913f1b0f17374bb20cc3e2bc80c47a1548faa202)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
The soup.cross file is only created when building for target so only
tell meson to read it when it exists. This allows libsoup-native to be
built again.
(From OE-Core rev: ae1893565bdd2597a08df6ac41db40641da66712)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
The soup.cross file is only created when building for target so only
tell meson to read it when it exists. This allows libsoup-2.4-native to
be built again.
(From OE-Core rev: 4acbd2269931b500846d56885c3304d244e514f8)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Not running make in the top level tests/ directory
excluded about a third of them (those that consisted
of running small test binaries).
Also, run tests in parallel, which reduces total time
from five minutes to about 75 seconds.
(From OE-Core rev: ff88f275f5f8d52da2967726d8880cbbfdfc8f19)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From OE-Core rev: a044b921c7a1f576e0ac787ab9945e153a196c44)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From OE-Core rev: c2fd3f88c8c0eaf4a636843ad8671faf24faf503)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
===========
* d/control:
- Add myself as maintainer and Niels Thykier as uploader
- Bump standards version from 4.6.0 to 4.6.2.
* d/prerm: Make script executable.
* d/postinst: Use 'set -e' in the body of the script.
* d/tests/smoke: Use 'set -e' in the body of the script.
* d/source/lintian-overrides: Ignore upstream metadata warning for Debian
native package.
* ischroot.c: Add missing newline in version output.
* ischroot.1: Fix to say detection is possible for exit status 0.
* postinst: Remove the bogus links that were created in 5.9 and 5.10
* On non-usrmerged systems, correct run-parts/tmpfile links
* ischroot: Do not claim it does not run as non-root
* Align the cron file regex with the documentation
* debian/postinst: add DPKG_ROOT prefix to paths in usrmerge()
* Partial translation of which(1) into hungarian
* Run autoreconf during the build
* Drop obsolete dpkg-gencontrol flag -isp
* Drop unnecessary CI config file
* Revert the package to be format 3.0 (native)
* Update /etc/shells micropolicy to recommend declarative use
* Correct manpage macros
* Update German manpage translation
* Update Portuguese manpage translation
* Modify post{inst,rm} in order to comply with UsrMerge
(From OE-Core rev: c5d73598f2f8ae74e5bbe35b1403dcb19fcc784a)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
=========
* Add atspi_get_version() to return the runtime version of the AT-SPI library.
* collection: Fix match testing for attributes.
* collection: Avoid locking up if an object has a very large child count
* Fix possible NULL pointer dereference when deregistering an event listener.
* Various fixes for the new key grabbing API.
(From OE-Core rev: 33447452f8f117db39fa33d31a325ee4298a4b75)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
This includes multiple CVE fixes.
The license change is due to changes in maintainership, the license
itself is unchanged.
(From OE-Core rev: 91e66b93a0c0928f0c2cfe78e22898a6c9800f34)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
musl does not implement dlclose [1] the way apr tests it will always
fail, even though it is per posix. Backport a relevant fix
[1] https://wiki.musl-libc.org/functional-differences-from-glibc.html#Unloading-libraries
(From OE-Core rev: cc694b2dcaa8df255f39feff0b99b8b10090bc4f)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes:
https://nvd.nist.gov/vuln/detail/CVE-2023-3896
8154e642a (tag: v9.0.1664) patch 9.0.1664: divide by zero when scrolling with 'smoothscroll' set
(From OE-Core rev: 4a1ab744142c9229f03a359b45e5e89a1fbae0d3)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add explicit PACKAGECONFIGs for brotli,ntlm, and sysprof.
libsoup needs to be told where ntlm_auth will be on the target, so write
a cross file to do so.
Also explicitly disable more of the test suites as we don't build them
yet.
(From OE-Core rev: 945071cc31280d3bd164478b50e2970b6a42fd02)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add explicit PACKAGECONFIGs for brotli,ntlm, and sysprof.
libsoup needs to be told where ntlm_auth will be on the target, so write
a cross file to do so.
(From OE-Core rev: 54b6ea078daeb58a3bb20bb4275d1140640a77d2)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From OE-Core rev: 5f08d833669e96df5236773ae5a70bfb22f90b6b)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|