summaryrefslogtreecommitdiffstats
path: root/meta/recipes-support
Commit message (Collapse)AuthorAgeFilesLines
...
* nghttp2: upgrade 1.62.0 -> 1.62.1Alexander Kanavin2024-08-231-1/+1
| | | | | | | (From OE-Core rev: 348d9565c34936ee5a0f8acb710603564969f29b) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libnl: upgrade 3.9.0 -> 3.10.0Alexander Kanavin2024-08-232-1/+34
| | | | | | | | | | Add a patch to disable a failing test that is proving difficult to investigate. (From OE-Core rev: 0dc2dfcacaa99bdb306215d2a5e135038f72d895) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* boost: upgrade 1.85.0 -> 1.86.0Alexander Kanavin2024-08-236-12/+14
| | | | | | | (From OE-Core rev: 9ec3b3e91bd4c7b2ce09059424ddb2931a9af442) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ptest-runner: Update 2.4.4 -> 2.4.5Jörg Sommer2024-08-231-1/+1
| | | | | | | | | | | Changelog: aea9f42 ptest_list_remove: Fix pointer adjustment of prev and next (From OE-Core rev: f70ec9bcd379b5fc4c85d7479d42789c2e22f4a9) Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: Upgrade 9.1.0114 -> 9.1.0682Siddharth Doshi2024-08-212-42/+2
| | | | | | | | | | | | | | | | | | This includes CVE-fix for CVE-2024-41957, CVE-2024-41965 and CVE-2024-43374 Changes between 9.1.0114 -> 9.1.0682 ==================================== https://github.com/vim/vim/compare/v9.1.0114...v9.1.0682 Note: ==== Removed patch "vim-add-knob-whether-elf.h-are-checked.patch" as libelf checks are removed from configure.ac as per commit https://github.com/vim/vim/commit/1acc67ac4412aa9a75d1c58ebf93f2b29585a960 (From OE-Core rev: 6d2938e53cad5d9bf2e78a5403e9f9fab1db77b4) Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* enchant2: upgrade 2.8.1 -> 2.8.2Wang Mingyu2024-08-211-1/+1
| | | | | | | | | | | Changelog: - fixes a crash when using Hspell to check Hebrew, when the application passes characters that cannot be mapped to ISO-8859-8. (From OE-Core rev: 10327c62e8d630a7cfd023f81e8e2af0d009d840) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* diffoscope: upgrade 272 -> 276Wang Mingyu2024-08-211-1/+1
| | | | | | | | | | | | | | | Changelog: ========= * Also catch RuntimeError when importing PyPDF so that PyPDF or, crucially, its transitive dependencies do not cause diffoscope to traceback at runtime and build time. * Factor out a method for stripping ANSI escapes. * Strip ANSI escapes from the output of Procyon. (From OE-Core rev: 4f111892b3ba5b030697a1192dac59e89ea0f393) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnupg: Document CVE-2022-3219 and mark wontfixKhem Raj2024-08-151-0/+1
| | | | | | | | (From OE-Core rev: f10f9c3a8d2c17d5a6c3f0b00749e5b34a66e090) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libcap-ng: update SRC_URIChangqing Li2024-08-092-5/+7
| | | | | | | | | | | | Refer [1], people.redhat.com has certificate issue, so update SRC_URI to fix do_fetch warning [1] https://github.com/stevegrubb/libcap-ng/issues/56 (From OE-Core rev: 798aa15cb955f9801effbed44eba0f3f46ba8c54) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: Update to 8.9.1Robert Joslyn2024-08-092-1/+40
| | | | | | | | | | | | | | | | | This update contains minor features, bugfixes, and addresses several CVEs: * https://curl.se/docs/CVE-2024-6197.html * https://curl.se/docs/CVE-2024-6874.html * https://curl.se/docs/CVE-2024-7264.html Full relese notes available at https://curl.se/ch/8.9.1.html Backport a patch to fix a SIGPIPE issue found shortly after release: https://curl.se/mail/distros-2024-08/0002.html (From OE-Core rev: ff607f50f1e15ca713048bba83ca15d1e4e08b6a) Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libyaml: ignore CVE-2024-35326Peter Marko2024-08-091-0/+1
| | | | | | | | | | | This is the same problem as already ignored CVE-2024-35328. See laso this comment in addition: https://github.com/yaml/libyaml/issues/298#issuecomment-2167684233 (From OE-Core rev: 0632d739fd6bae33f9e58681e117b906a947a307) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: Reenable auth support for native and nativesdkPhilip Lorenz2024-08-081-3/+4
| | | | | | | | | | | | | | | | 148de08220c0ad390ec533e452cbaad7a9338204 adapted the recipe to accomodate the newly introduced configure options for the various authentication schemes supported by curl. However, support for these was not added for the -native and -nativesdk variants of the recipe. Fix this and introduce a PACKAGECONFIG variable for the flags common to all recipe variants to avoid such regressions in the future. (From OE-Core rev: 5b91a092216fa29c944dd1f2d4cc237cac47929e) Signed-off-by: Philip Lorenz <philip.lorenz@bmw.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libassuan: upgrade 2.5.7 -> 3.0.1Trevor Gamblin2024-08-082-15/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Patch 'libassuan-add-pkgconfig-support.patch' had to be adjusted to apply on top of 3.0.1. While doing so, the format was updated so that it'll work more easily with git. Changelog (git log --oneline libassuan-2.5.7..libassuan-3.0.1): c9e9027 (tag: libassuan-3.0.1) Release 3.0.1 9e90c79 Post release updates 0351ecf (tag: libassuan-3.0.0) Release 3.0.0 1fe7aa3 Add release targets 6bef35b Update copyright notices 87f92fe Add new socket flags "linger" and "reuseaddr". 24f05d6 Spell fix in gpg-error.m4 from GnuPG. 577c1cd m4: Update gpg-error.m4. db27c94 libassuan.m4: Fix setting/using GPG_ERROR_CONFIG. ee9167c Always append the process identification to hello line. d5e0aa3 Modify documentation for new release. c1bbbe8 Fix the previous commit. 1c27538 m4: Include _AM_PATH_GPGRT_CONFIG definition. 6756482 tests: Cleanup mention of removed variable a8c38df doc: Minor style fixes. 76816b1 build: Change the default for --with-libtool-modification. d63bf50 build: Update libtool-patch.sed from libgpg-error. 9bb7a2a build: New configure option --with-libtool-modification. ce35bd9 Add NEWS entries for 2.5.6 from libassuan 2.5 branch. b975f9a Fix for v2 support: ASSUAN_REALLY_REQUIRE_V2_NPTH_SYSTEM_HOOKS bb7aa0e New function: assuan_control. 9ce1b41 libassuan.m4: Allow use of libassuan 3 for API of version 2. c6ae222 Update NEWS. bf25d0e Add new pipe functions to control its server process. c14409b socket: Don't call pre/post_syscall for bind. dd7e0c5 build: Prepare release with API change. c4687db Update NEWS. 782d5f8 Expose assuan_sock_accept function. 703b410 Add _assuan_pre_syscall / _assuan_post_syscall to _assuan_sock_*. 5de5774 Support larger greeting message. 413b294 Next release will be 3.0 049b800 Flush data before clearing the confidential flag. 2f0232b w32: Fix closing for non-socket HANDLE. 592f6bb w32: Fix hello_line parsing for fd passing. c69578b w32: Always include process information in HELLO. efccdb3 w32: Fix error return for sending fd. 8d83aea Allow use of global system hooks with API version 2. af34d84 doc: Update documentation for the method spawn and waitpid. 316fae4 w32: File handle passing to server is now supported. 5d1cdaa Don't use ASSUAN_INVALID_PID for assuan_pid_t value. 6350f79 w32: Cleaner semantics for PID and Process handle. f3b3ddf Fix comments. 18edc4f Fix wrong return type for functions. 6957813 tests: Use -no-fast-install LDFLAGS for Windows. 9ecbd8e Deprecate ASSUAN_SYSTEM_NPTH. 1eb66ef Allow NULL for system_hooks. 620acf6 Fix the previous commit. 223cc95 Fix calling gpgrt_get_syscall_clamp. fb5d02d tests: Fix for POSIX machine. 7191c12 w32: Fix test header file for 64-bit Windows. f2d829e w32: Fix pipeconnect test program for Windows. 295e334 w32: Minor fixes for ifdef/endif for W32 and W64. 17055e1 w32: Fix the semantics of sending FD, it's Windows HANDLE. 9110945 Implement timeout in assuan_sock_connect_byname. 3d8195e build: Update gpg-error.m4. e4e54fb w32: Fix assuan_socket_connect. a720b6c Fix make dist target 523e3cb w32: Fix confusion between process ID and process HANDLE. 05eb70c doc: Update the description about pkg-config. ba84b78 w32: Have PROCESS_HANDLE in struct assuan_context_s. 7e6f3f0 tests: Use common code for Windows. 8962c1e tests: Add fdpassing-socket.sh script. 3297e45 w32: Support fd passing through socket. a1f4804 w32: Support fd passing through pipe. 07adf41 Show the pid of listening process in the hello line. 870fdcf w32: Support sendfd/recvfd through pipe connection. ce794a0 w32: Add SENDFD internal command. 27acee6 client: Only call _assuan_waitpid when it's not socket. d769ec2 build: Prefer gpgrt-config when available. 62547ec w32: Fix make dist 6d5a2b1 Fix an explanation for socket on Windows. 0c22952 build: Update gpg-error.m4. df6aec5 build: Remove WindowsCE support from mkheader. 6bc8a10 Silence compiler warnings. e3b1e38 Drop WindowsCE support. 6da6a3d build: Update config.guess, config.sub, and config.rpath. 3156f29 build: Update gpg-error.m4. 5277f24 Fix the previous commit. 97516d6 Don't access NULL by wipememory. 2e310bb tests: Remove dead code 850f404 config: Remove 18 years unused variable 70b465e tests: Avoid leaking file descriptors on errors 2a5550b client: Handle inquiry from server with CONFIDENTIAL. aafbde9 struct assuan_context_s: Move boolean fields to flags. fd1ac5c client: Wipe the inbound buffer when CONFIDENTIAL. 89e8f26 server,client: Wipe the outbound buffer when CONFIDENTIAL. d812e28 server: Wipe out the memory used by assuan_inquire if CONFIDENTIAL. 84ae2b1 Add assuan_sock_accept function. c93eb90 w32: Store a flag if it's socket or not in Assuan CTX. 5b77d39 Fix API break. 9260fb1 build: Remove unused putc_unlocked.c. 0fae582 Take advantage of gpgrt_get_syscall_clamp function. a43090e build: Fix listing m4 files. 28a40a2 w32: Fix assuan_socket_connect_fd to be usable. a054a0a build: Better cross build support. a8125eb Fix internal socket API to be consistent for SOCKET. 9de02ca build: When no gpg-error-config, not install libassuan-config. eeda9ac Remove GNU Pth support. 564e0d9 w32: Fix definition of type to be generated into assuan.h. (From OE-Core rev: 9f55a2ee159ca08f60151abc55e93edce724d335) Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: Drop vim-tools INSANE_SKIP as not neededRichard Purdie2024-08-081-1/+0
| | | | | | | | | | The install function already removes the executable bit on these tools so that perl, python, awk and csh don't become dependencies. The INSANE_SKIP therefore isn't needed. (From OE-Core rev: f2afc7adb6de9f1f99d0247916c728787b7504a0) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* appstream: add qt6 PACKAGECONFIG optionMarc Ferland2024-08-053-0/+94
| | | | | | | | | | This will enable building the libAppStreamQt library. This is required by the 'discover' application from the meta-kde layer. (From OE-Core rev: 95b9227eabec5ace9c6a69695758b8f9c37ffa75) Signed-off-by: Marc Ferland <marc.ferland@sonatest.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* icu: Backport patch to fix build issues with long paths (>512 chars)Carlos Alberto Lopez Perez2024-08-052-0/+73
| | | | | | | | | | | | | | | | | | | | | | | There is a bug libicu that causes libicu to be installed incorrectly when the build system uses long paths (more than 512 chars). This condition is not very difficult to trigger on a OE build system due to the long paths an the deep of the directories that are usually generated by default. Also the bug is very subtle and won't be detected by the QA post-install processes because what this bug causes is that a different version of libicudata.so.X.Y (one without data) is installed instead of the one containing the data, but there won't be any file missed on the installation (just that it installed the wrong one). See: https://unicode-org.atlassian.net/browse/ICU-22813 This patch backports the fix from upstream/main (From OE-Core rev: 67d1352873957decacde30ff208fb7bb635b0c5d) Signed-off-by: Carlos Alberto Lopez Perez <clopez@igalia.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libatomic-ops: set CVE_PRODUCTIntaek Hwang2024-08-051-0/+2
| | | | | | | | | | Set CVE_PRODUCT of libatomic-ops to match NVD entries. (From OE-Core rev: b6ad7a3427f665e840ae7e9907adb960d1f8ed73) Signed-off-by: Intaek Hwang <intaek.hwang@gehealthcare.com> Signed-off-by: Maxin John <maxin.john@gehealthcare.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mpfr: set CVE_PRODUCTIntaek Hwang2024-08-051-0/+2
| | | | | | | | | | Set CVE_PRODUCT of mpfr as gnu_mpfr to match NVD entries. (From OE-Core rev: ff30f7707f1f3ad8964f214c99f24bfc5e3730e0) Signed-off-by: Intaek Hwang <intaek.hwang@gehealthcare.com> Signed-off-by: Maxin John <maxin.john@gehealthcare.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* appstream: refresh patchMarc Ferland2024-08-051-3/+3
| | | | | | | | | Refresh patch for 1.0.3 release. (From OE-Core rev: 33880e77bca1cabece8dfb006b5852471330273f) Signed-off-by: Marc Ferland <marc.ferland@sonatest.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nettle: upgrade 3.9.1 -> 3.10Trevor Gamblin2024-08-053-16/+34
| | | | | | | | | | | | | | Refresh two patches to apply on top of 3.10. 11 of the ptests pass without the sc-valgrind.sh file, so make sure that's copied to the image fo ptests. Changelog: https://git.lysator.liu.se/nettle/nettle/-/blob/master/ChangeLog (From OE-Core rev: a663573dfd14c1c36c95928334836ae7acd61c0b) Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ca-certificates: get sources from debian tarballsAlexander Kanavin2024-08-031-14/+3
| | | | | | | | | | | git repo no longer has tags for recent versions which means we had missed several of them, and wouldn't be able to get notifications about any future releases. (From OE-Core rev: 81f013fd1312551628701bf36ac62746a2606dbd) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libssh2: disable-DSA-by-defaultJose Quaresma2024-08-033-31/+174
| | | | | | | | | Backport the merged solution and drop the submited patch. (From OE-Core rev: f099cc0782db9c726eff151a11c1c59a1a22b3d7) Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libproxy: upgrade 0.5.7 -> 0.5.8Wang Mingyu2024-08-031-1/+1
| | | | | | | | | | | | | | Changelog: =========== - Update repology list - Properly handle empty proxy ignore entry - Add support for direct keyword in PAC (From OE-Core rev: 8d4373e6ae06d0d6e87d5a39fb3c51c0efa70a1d) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libyaml: Amend CVE status as 'upstream-wontfix'Niko Mauno2024-08-011-1/+1
| | | | | | | | | | | | | Use an existing defined CVE_CHECK_STATUSMAP key in meta/lib/oe/cve_check.py in order to avoid following complaint from BitBake: WARNING: libyaml-native-0.2.5-r0 do_create_spdx: Invalid detail "wontfix" for CVE_STATUS[CVE-2024-35328] = "wontfix: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302", fallback to Unpatched (From OE-Core rev: c66d9a2a0d197498fa21ee8ca51a4afb59f75473) Signed-off-by: Niko Mauno <niko.mauno@vaisala.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libyaml: Change CVE status to wontfixKhem Raj2024-08-011-1/+1
| | | | | | | | | This has not yet been disputed officially (From OE-Core rev: 7ec7384837f3e3fb68b25a6108ed7ec0f261a4aa) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gpgme: move gpgme-tool to own sub-packagePatrick Wicki2024-07-301-3/+13
| | | | | | | | | | | The gpgme-tool binary is licensed GPL-3.0-or-later. Split it out into its own package that can be opted out of. (From OE-Core rev: bbcd56bace90f4a148960a7108dc8d0e6c364903) Signed-off-by: Patrick Wicki <patrick.wicki@siemens.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ca-certificates: Add comment for provenance of SRCREVTheodore A. Roth2024-07-301-0/+7
| | | | | | | | | | | Provide references for how the SRCREV was arrived at for the 20240203 release. (From OE-Core rev: 6916cdb0f05f6644edb1e432a9421595abb9f0ca) Signed-off-by: Theodore A. Roth <troth@openavr.org> Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libyaml: Update status of CVE-2024-35328Khem Raj2024-07-301-0/+2
| | | | | | | | | This is open yet but seems to be disputed (From OE-Core rev: 4cba8ad405b1728afda3873f99ac88711ab85644) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bmaptool: temporarily silence the pep517-backend warningRoss Burton2024-07-261-0/+3
| | | | | | | | | | | Whilst bmaptool has a pyproject.toml that uses poetry, the setuptools build path appears to be more complete. Upstream has moved to hatch and removed setup.py entirely so the next release can drop this. (From OE-Core rev: 824009560776933922a92a00c2199c28c9c8379c) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libssh2: fix ptest regression with openssh 9.8p1Jose Quaresma2024-07-262-0/+31
| | | | | | | (From OE-Core rev: 1a2fef1d70c8083e65325dfa8a5cae7d8443951b) Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ca-certificates: update 20211016 -> 20240203Theodore A. Roth2024-07-263-9/+9
| | | | | | | | | | | The 20240203 version is the same as used in Ubuntu >= 24.04 and Debian Trixie (testing). (From OE-Core rev: ce19168885a04b0d77e81c1fd1c4262b195a47d4) Signed-off-by: Theodore A. Roth <troth@openavr.org> Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: upgrade 1.10.3 -> 1.11.0simit.ghane2024-07-264-54/+39
| | | | | | | | | | | | | | | | | | | | | | | | | | | Changelog: ========== https://lists.gnu.org/archive/html/info-gnu/2024-06/msg00004.html License-Update: -Add 3-clause BSD license for poly1305-amd64-avx512.S. -cipher/Makefile.am: Add 'poly1305-amd64-avx512.S'. -cipher/poly1305-amd64-avx512.S: New. -cipher/poly1305-internal.h (POLY1305_USE_AVX512): New. -Add 'cipher/keccak-amd64-avx512.S'. -Update license docs for FSF new address and update gcrypt.texi. Apart from upgrade also refreshed the patches like 0001-libgcrypt-fix-m4-file-for-oe-core.patch 0002-libgcrypt-fix-building-error-with-O2-in-sysroot-path.patch no-bench-slope.patch In 0002-libgcrypt-fix-building-error-with-O2-in-sysroot-path.patch reverted back the change in cipher/Makefile.am related to o_flag_munging (From OE-Core rev: aa50e6bc8dcb3f5870e1fa285ec5ab997a7a59cf) Signed-off-by: simit.ghane <simit.ghane@lge.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libcap-ng: clean up recipeRoss Burton2024-07-263-17/+7
| | | | | | | | | | | | | | | | This package is split into two recipes, one of the actual C library and one for the Python bindings. - Move common inherits into the common .inc. - Clean up install in the python recipe - Remove obsolete setuptools dependency - Remove obsolete explicit .debug packaging - Update homepage as freecode.com redirects to the top of SourceForge (From OE-Core rev: 0ccd7429aabfe5c1c9246477acf1af84a147715c) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: upgrade 3.8.5 -> 3.8.6Simone Weiß2024-07-215-278/+8
| | | | | | | | | | | | | | | | | | | | | | Changelog: ** libgnutls: PBMAC1 is now supported as a MAC mechanism for PKCS#12 To be compliant with FIPS 140-3, PKCS#12 files with MAC based on PBKDF2 (PBMAC1) is now supported, according to the specification proposed in draft-ietf-lamps-pkcs12-pbmac1. ** libgnutls: SHA3 extendable output functions (XOF) are now supported SHA3 XOF, SHAKE128 and SHAKE256, are now usable through a new public API gnutls_hash_squeeze. ** API and ABI modifications: gnutls_pkcs12_generate_mac3: New function gnutls_pkcs12_flags_t: New enum gnutls_hash_squeeze: New function (From OE-Core rev: 61e7888c8e31ac2adee9eb75ee2393125ef9b433) Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pinentry: upgrade 1.3.0 -> 1.3.1Wang Mingyu2024-07-163-4/+4
| | | | | | | | | | | | | | | | | | | libassuan_pkgconf.patch refreshed for 1.3.1 Changelog =========== * qt: Install and use pinentry icon. * qt: Small fix for Qt5. * qt: Fix Windows build of Qt6. * New envvar PINENTRY_KDE_USE_WALLET to enable the secret storage integration on KDE. (From OE-Core rev: 0148bf09253876a015453654202e9f4bfa8772a9) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libproxy: upgrade 0.5.6 -> 0.5.7Wang Mingyu2024-07-161-1/+1
| | | | | | | | | | | | | Changelog: ============= - Update github actions - Handle empty ignore settings (From OE-Core rev: 28963ffa847e85c6d94e6f50798e007ee166b825) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gdbm: upgrade 1.23 -> 1.24Wang Mingyu2024-07-162-9/+5
| | | | | | | | | | | | | | | | | | | | | | | ptest.patch refreshed for 1.24. Changelog: =========== * New gdbm_load option: --update * Fix semantics of gdbm_load -r * Use getline in gdbmtool shell. * New function: gdbm_load_from_file_ext * Fix binary dump format for key and/or data of zero size. * Fix location tracking and recover command in gdbtool. * Fix possible buffer underflow in gdbmload. * Ensure any padding bytes in avail_elem structure are filled with 0. * Improve the documentation. (From OE-Core rev: 458fda9cc5f871e200bcd33ed33fda4a0ed46ff4) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* diffoscope: upgrade 271 -> 272Wang Mingyu2024-07-161-1/+1
| | | | | | | | | | | | | | Changelog: ========== * Move away from using DSA OpenSSH keys in tests; support has been removed in OpenSSH 9.8p1. * Move to assert_diff helper in test_openssh_pub_key.py (From OE-Core rev: 155c71d3f222d65e69a891612ca8ef710e864826) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* debianutils: upgrade 5.19 -> 5.20Wang Mingyu2024-07-161-1/+1
| | | | | | | | | | | | | Changelog: ========== - acinclude.m4: Bump DEBIANUTILS_VERSION from 5.18 to 5.20. - installkernel: Recognize "Image" as an uncompressed image basename (From OE-Core rev: b354439e934b8902bd6ca27b57c1e12887370e88) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* icu/perf: Drop SPDX_S variableRichard Purdie2024-07-141-1/+0
| | | | | | | | | | These were used by external layers and were needed before we had better unpack instrumenation and the recent unpack directory changes. Drop them as obsolete. (From OE-Core rev: 8dae8778ee14caebea92acd0bebf28c5681e39f3) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* icu: remove host references in nativesdk to fix reproducibilityOleksandr Hnatiuk2024-07-131-9/+24
| | | | | | | | | | Fix is only done for target. Use same code for nativesdk. (From OE-Core rev: dc6306883cc2c7d4d98d595442e5bf4037a160c5) Signed-off-by: Oleksiy Obitotskyy <oobitots@cisco.com> Signed-off-by: Oleksandr Hnatiuk <ohnatiuk@cisco.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libssh2: remove util-linux-col from ptest dependenciesChen Qi2024-07-131-1/+1
| | | | | | | | | | | | | | | | | | | | | | | After util-linux upgrade to 2.40.1, we got the following QA issue on musl: WARNING: libssh2-1.11.0-r0 do_package_qa: QA Issue: libssh2-ptest rdepends on util-linux-col, but it isn't a build dependency? [build-deps] The issue appeared because new version util-linux has disabled building out col on musl[1]. In short, the reason is that col in util-linux requires something that musl does not provide. This 'util-linux-col' dependency was added in 2021, at that time the libssh2's version is 1.9.0. Now the version is 1.11.0 and I tested its ptest, it does not require util-linux-col to succeed. [1] https://github.com/util-linux/util-linux/commit/8886d84e25a457702b45194d69a47313f76dc6bc (From OE-Core rev: 9007de7e388e269028c7c1722f0d7ee76bc5d251) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* icu: fix make-icudata package configStefan Mueller-Klieser2024-07-101-2/+2
| | | | | | | | | | The location of files changed during unpackdir transition. Adapt dirs to fix custom icu data generation. (From OE-Core rev: bb24c965a55d7e757c1e2a6e76bdb68d2bfb6ce3) Signed-off-by: Stefan Müller-Klieser <s.mueller-klieser@phytec.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: Fix building error with '-O2' in sysroot pathsimit.ghane2024-07-021-16/+47
| | | | | | | | | | | | | | | | | | | | | | Characters like '-O2' or '-Ofast' will be replaced by '-O1' and '-O0' respectively when compiling cipher and random in the filesystem paths as well if they happen to contain '-O2' or '-Ofast If we are cross compiling libgcrypt and sysroot contains such characters, we would get compile errors because the sysroot path has been modified. Fix this by adding blank spaces and tabs before the original matching pattern in the sed command. It is difficult to control -O1 for cipher and -O0 for random at the same time in OE environment along with patch file. So, keeping same change as it is. (From OE-Core rev: ecd26bbba36ad715c2a0f20475ebc977ea94746c) Signed-off-by: simit.ghane <simit.ghane@lge.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* native/nativesdk: Stop overriding unprefixed *FLAGS variablesRichard Purdie2024-07-011-3/+3
| | | | | | | | | | | | | | | | | | | | We're currently encouraging an "arms race" with the FLAGS variables since a recipe might want to set a specific flag for all variants but to do so, += won't work due to the assignment in the native/nativesdk class files. This means recipes are using append. Since the default variables are constructed out of TARGET_XXX variables and we redefine these, there is no need to re-define the un-prefixed variables. If we drop that, the += appends and similar work and recipes don't have to resort to append. Change the classes and cleanup a number of recipes to adapt to the change. This change will result in some flags appearing to some native/nativesdk variants but that is probably what was originally expected anyway. (From OE-Core rev: a157b2f9d93428ca21265cc860a3b58b3698b3aa) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rng-tools: upgrade 6.16 -> 6.17Wang Mingyu2024-06-251-1/+1
| | | | | | | | | | | | | | | | | | | Changelog: =========== - mix data fed to the kernel byte-wise from multiple sources - added option to attempt more persistent use of slow entropy sources - fix some missing m4 quotes - improved debug output to show FIPS failures more clearly - added a named pipe entropy source - adjusted linux poolsize - fixed some pkcs11 error messages - fixed ignorefail and random_step options (From OE-Core rev: 51f15cde22d3caf77778750f122b94a7cd0fe508) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpcre2: upgrade 10.43 -> 10.44Wang Mingyu2024-06-251-1/+1
| | | | | | | | (From OE-Core rev: b790c3e67bcbcb00449754db7249c251074f16b0) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libjitterentropy: upgrade 3.4.1 -> 3.5.0Wang Mingyu2024-06-251-2/+2
| | | | | | | | | | | | | | | | Lisence-Update: Copyright year updated to 2024. Changelog: =========== * add distinction between intermittent and permanent health failure * add compile time option to allow configuring a mask to reduce the size of the time stamp used for the APT (From OE-Core rev: c57a897c945adda0c4321c7fdab03148f805efba) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libevdev: upgrade 1.13.1 -> 1.13.2Wang Mingyu2024-06-251-1/+1
| | | | | | | | (From OE-Core rev: 6ed4d4936c3279d6cc6e0880b7e186589d08c62c) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* fribidi: upgrade 1.0.14 -> 1.0.15Wang Mingyu2024-06-251-1/+1
| | | | | | | | | | | Changelog: Fixed the bad tarball from 1.0.14 with stall include files. (From OE-Core rev: 5cf2632c3652f503e9d79b21a1ce0a94fb98f713) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>