summaryrefslogtreecommitdiffstats
path: root/meta
Commit message (Collapse)AuthorAgeFilesLines
...
* curl: patch CVE-2024-9681Peter Marko2024-11-152-0/+86
| | | | | | | | | | | | Picked commit [1] per solution described in [2]. [1] https://github.com/curl/curl/commit/a94973805df96269bf [2] https://curl.se/docs/CVE-2024-9681.html (From OE-Core rev: fbb8928ea85980bb866febd66e5e18ad843dbef8) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* ghostscript: fix CVE-2023-46361Archana Polampalli2024-11-152-0/+33
| | | | | | | | | | Artifex Software jbig2dec v0.20 was discovered to contain a SEGV vulnerability via jbig2_error at /jbig2dec/jbig2.c. (From OE-Core rev: 3e9018fb14466495be7472a8620918347c732e86) Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* xmlto: backport a patch to fix build with gcc-14 on hostMartin Jansa2024-11-114-0/+1344
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | * need to add dependency on flex-native because now when the .l file is modified by the .patch file it will try to regenerate the c code and fail: | make[1]: Entering directory 'work/x86_64-linux/xmlto-native/0.0.28-r0/build' | /bin/bash ../xmlto-0.0.28/ylwrap ../xmlto-0.0.28/xmlif/xmlif.l .c xmlif/xmlif.c -- /bin/bash 'work/x86_64-linux/xmlto-native/0.0.28-r0/xmlto-0.0.28/missing' flex | work/x86_64-linux/xmlto-native/0.0.28-r0/xmlto-0.0.28/missing: line 81: flex: command not found | WARNING: 'flex' is missing on your system. | You should only need it if you modified a '.l' file. | You may want to install the Fast Lexical Analyzer package: | <https://github.com/westes/flex> * backport https://pagure.io/xmlto/c/32376c053733c6c0ebaca3c25c0725509342fdf3?branch=master as well, so that patched xmlif/xmlif.c is newer than xmlif/xmlif.l and the build won't try to regenerate it with flex as that leads to random build failures reported in: https://lists.openembedded.org/g/openembedded-core/message/206412 https://errors.yoctoproject.org/Errors/Details/810853/ https://lists.openembedded.org/g/openembedded-core/message/206496 https://valkyrie.yoctoproject.org/#/builders/29/builds/355 (From OE-Core rev: 2e8819c0b9ada2b600aecc40c974a18eb7c0a666) Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* package: Switch debug source handling to use prefix mapRichard Purdie2024-11-111-40/+28
| | | | | | | | | | | | | | | | | | Reproducible builds are no longer a configuration option but are required. We also rely on the prefix mapping capability of the compilers now. As such, rewrite the source locating code to use the prefix maps instead of taking a guess about WORKDIR which isn't correct for kernels, gcc, externalsrc and probably more. Instead, iterate the maps to locate any matching source code, keeping in mind that multiple maps may map to one target location. (From OE-Core rev: 80289f49d0c5ca98da1d1558728b8a468aab4326) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit cbd6144a9769d21371ae0fe04db2adc05f6eed02) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* gcc: restore a patch for Neoverse N2 coreRuiqiang Hao2024-11-112-0/+41
| | | | | | | | | | | | Commit 7806e21e7d47 ("gcc: upgrade to v11.5") removed one patch named 0001-aarch64-Update-Neoverse-N2-core-defini.patch by mistake, this will cause the Neoverse N2 core to be identified as the armv8.5 architecture, restore this patch to avoid related compilation issues. (From OE-Core rev: 4c75edda8ec28fb8dee19ca90a1ea7f33ba80999) Signed-off-by: Ruiqiang Hao <Ruiqiang.Hao@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* cve_check: Use a local copy of the database during buildsRichard Purdie2024-11-112-8/+17
| | | | | | | | | | | Rtaher than trying to use a sqlite database over NFS from DL_DIR, work from a local copy in STAGING DIR after fetching. (From OE-Core rev: 9b6363994e5715f1d08b98956befd8915c128e85) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 03596904392d257572a905a182b92c780d636744) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* zstd: patch CVE-2022-4899Peter Marko2024-11-113-1/+153
| | | | | | | | | | | | | Pick commits from [1] linked from [2] via [3]. [1] https://github.com/facebook/zstd/pull/3220 [2] https://nvd.nist.gov/vuln/detail/CVE-2022-4899 [3] https://github.com/facebook/zstd/issues/3200 (From OE-Core rev: eb9c9818088105f9bf20b7fdc04a380ce488a5e6) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* util-linux: Define pidfd_* function signaturesKhem Raj2024-11-022-0/+51
| | | | | | | | | | | | | | glibc 2.36 has added sys/pidfd.h and APIs for pidfd_send_signal and pidfd_open, therefore check for this header and include it if it exists (From OE-Core rev: 2c913a7b66ea756ebc65a573e1b5bb5dba6834d2) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* at-spi2-core: backport a patch to fix build with gcc-14 on hostMartin Jansa2024-11-022-0/+28
| | | | | | | | | | | | | | | | | | * fixes: | ../at-spi2-core-2.42.0/atspi/atspi-device-listener.c: In function ?atspi_device_listener_new_simple?: | ../at-spi2-core-2.42.0/atspi/atspi-device-listener.c:252:37: error: passing argument 1 of ?atspi_device_listener_new? from incompatible pointer type [-Wincompatible-pointer-types] | 252 | return atspi_device_listener_new (device_remove_datum, callback, callback_destroyed); | | ^~~~~~~~~~~~~~~~~~~ | | | | | gboolean (*)(const AtspiDeviceEvent *, void *) {aka int (*)(const struct _AtspiDeviceEvent *, void *)} | ../at-spi2-core-2.42.0/atspi/atspi-device-listener.c:222:50: note: expected ?AtspiDeviceListenerCB? {aka ?int (*)(struct _AtspiDeviceEvent *, void *)?} but argument is of type ?gboolean (*)(const AtspiDeviceEvent *, void *)? {aka ?int (*)(const struct _AtspiDeviceEvent *, void *)?} | 222 | atspi_device_listener_new (AtspiDeviceListenerCB callback, | | ~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~ (From OE-Core rev: e361d9e1021d7715d2b4e3af95832c910de67cad) Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* libffi: backport a fix to build libffi-native with gcc-14Martin Jansa2024-11-022-0/+48
| | | | | | | (From OE-Core rev: 1054417a217417ab192dc4aee8307133451fb0e4) Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* cracklib: Modify patch to compile with GCC 14Zoltan Boszormenyi2024-11-021-1/+1
| | | | | | | | | | | | | | | | | | | | | | | GCC 14 implicitly turns a warning into a compiler error: | ../../git/src/lib/packlib.c: In function ‘PWClose’: | ../../git/src/lib/packlib.c:554:40: error: passing argument 1 of ‘HwmsHostToBigEndian’ from incompatible pointer type [-Wincompatible-pointer-types] | 554 | HwmsHostToBigEndian(tmp_pwp.hwms, sizeof(tmp_pwp.hwms), en_is32); | | ~~~~~~~^~~~~ | | | | | uint32_t * {aka unsigned int *} | ../../git/src/lib/packlib.c:142:27: note: expected ‘char *’ but argument is of type ‘uint32_t *’ {aka ‘unsigned int *’} | 142 | HwmsHostToBigEndian(char *pHwms, int nLen,int nBitType) | | ~~~~~~^~~~~ Add the cast to (char *) to silence it. (From OE-Core rev: 7cca344feaa16cfabbaa2f34e4aab91cc1af39ee) Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* vala: add -Wno-error=incompatible-pointer-types work aroundMartin Jansa2024-11-021-0/+4
| | | | | | | | | | | | * to allow building vala-native on hosts with gcc-14 * we could backport: https://gitlab.gnome.org/GNOME/vala/-/commit/23ec71b1a5c4cead3d1bdac82e184d0a63fa7b79 which is already included in scarthgap, but that's big patch doing almost the same (From OE-Core rev: 0f850f213071d4bc3a7065334debabd32c7bd9a1) Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* zip: Fix build with gcc-14Khem Raj2024-11-023-36/+46
| | | | | | | | | | | | | | | | | | | | | | | | zip's configure fails to link this piece of test code: int main() { return closedir(opendir(".")); } with GCC-14 because it now treats implicit declaration of function as error, unline older GCC version where it was just a warning and this test would build fine. Remove 0002-unix.c-Do-not-redefine-DIR-as-FILE.patch which is now unnecessary (MJ: this part wasn't applicable for kirkstone). (From OE-Core rev: fd31dd1abc8199a1865801259e6f96b78a17d994) Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 3422411eb750c7e960b81676637cfb321dbadefb) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* zip: Make configure checks to be more robustKhem Raj2024-11-023-0/+171
| | | | | | | | | | | | | | Newer compilers are strict and have turned some warnings into hard errors which results in subtle configure check failures. Therefore fix these tests and also enable largefile support via cflags when its desired (From OE-Core rev: 03b7a44e2ff4364cb85758f91d78efa0cf85682d) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* bmap-tools: update HOMEPAGE and SRC_URISteve Sakoman2024-11-021-2/+2
| | | | | | | | | | | The bmaptool (previously: bmap-tools, bmap-tool, bmaptool) has been moved to be under the Yocto Project umbrella and is now hosted at: github.com/yoctoproject/bmaptool (From OE-Core rev: 7678ae7fc255621d91271599b5f4491520387279) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* overlayfs-etc: add option to skip creation of mount dirsbaruch@tkos.co.il2024-11-022-8/+13
| | | | | | | | | | | | | | The 'preinit' script can't create mount directories when rootfs is read-only. Add an option to skip this step. The user must make sure that all required directories are already in the rootfs directory layout. Cc: Vyacheslav Yurkov <uvv.mail@gmail.com> (From OE-Core rev: 302dd4a63f97e23631a62a0b902cc253f6843ab0) Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> (cherry picked from commit 3d433d8559467d255bd19af2d0999c65ea24a48d) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* orc: upgrade 0.4.39 -> 0.4.40Wang Mingyu2024-11-021-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | Changelog: =========== - Security: Minor follow-up fixes for CVE-2024-40897 - powerpc: fix div255w which still used the inexact substitution - x86: work around old GCC versions (pre 9.0) having broken xgetbv implementations - x86: consider MSYS2/Cygwin as Windows for ABI purposes only - x86: handle unnatural and misaligned array pointers - orccodemem: Assorted memory mapping fixes - Fix include header use from C++ - Some compatibility fixes for Musl - ppc: Disable VSX and ISA 2.07 for Apple targets - ppc: Allow detection of ppc64 in Mac OS - x86: Fix non-C11 typedefs - meson: Fix detecting XSAVE on older AppleClang - x86: try fixing AVX detection again by adding check for XSAVE - Check return values of malloc() and realloc() (From OE-Core rev: ec300eadd0ab51583502b833798a6b46956f0f47) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit ed7e4eb12491968c5f962b7e89d557c2c6d86a33) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* vim: Upgrade 9.1.0698 -> 9.1.0764Rohini Sangam2024-11-021-2/+2
| | | | | | | | | | | | | | | | | This includes CVE-fix for CVE-2024-45306 and CVE-2024-47814 Changes between 9.1.0698 -> 9.1.0764 ==================================== https://github.com/vim/vim/compare/v9.1.0698...v9.1.0764 (From OE-Core rev: 774fae9cb522683f722f3075531075be9fa36770) Signed-off-by: Rohini Sangam <rsangam@mvista.com> Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 2f0e5e63399e544063c79b0b1f9555c820b0604c) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* vim: Upgrade 9.1.0682 -> 9.1.0698Siddharth Doshi2024-11-021-2/+2
| | | | | | | | | | | | | | | This includes CVE-fix for CVE-2024-43790 and CVE-2024-43802 Changes between 9.1.0682 -> 9.1.0698 ==================================== https://github.com/vim/vim/compare/v9.1.0682...v9.1.0698 (From OE-Core rev: 45ef5c80b1085d88d08679025bab13161c1f1fb2) Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit e530265415d93e3f49ec7874cf720aad18ab2e22) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* cve-check: add support for cvss v4.0Peter Marko2024-11-022-8/+17
| | | | | | | | | | | | | | | | | | | | | | | | https://nvd.nist.gov/general/news/cvss-v4-0-official-support CVSS v4.0 was released in November 2023 NVD announced support for it in June 2024 Current stats are: * cvss v4 provided, but also v3, so cve-check showed a value sqlite> select count(*) from nvd where scorev4 != 0.0 and scorev3 != 0.0; 2069 * only cvss v4 provided, so cve-check did not show any sqlite> select count(*) from nvd where scorev4 != 0.0 and scorev3 = 0.0; 260 (From OE-Core rev: 358dbfcd80ae1fa414d294c865dd293670c287f0) (From OE-Core rev: 8c20a7badb6e5d6c6c90176e45e90f776df25298) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* cve-check: add CVSS vector string to CVE database and reportsAntoine Lubineau2024-11-022-4/+12
| | | | | | | | | | | | | | | This allows building detailed vulnerability analysis tools without relying on external resources. (From OE-Core rev: 048ff0ad927f4d37cc5547ebeba9e0c221687ea6) (From OE-Core rev: 3e47644d24d97c2541ccb70d91c144cf6530d5b0) Signed-off-by: Antoine Lubineau <antoine.lubineau@easymile.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3: ignore fixed CVEsPeter Marko2024-11-021-0/+2
| | | | | | | | | | | | These CVEs were fixed in 3.10.15 Commit 487e8cdf1df6feba6d88fa29e11791f4ebaaa362 removed patches in favor of version upgrade, which caused the CVEs to re-appear in reports. (From OE-Core rev: 2cf10084c56c83da3deff4e65e619afab80e08e1) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* qemu: fix CVE-2023-3019Yogita Urade2024-11-023-8/+723
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. CVE-2023-3019-0002 is the CVE fix and CVE-2023-3019-0001 is dependent CVE fix. fix indent issue in qemu.inc file. CVE-2023-3019 patch required Mem ReenttranceyGuard structure definition, it's defined in commit: https://github.com/qemu/qemu/commit/a2e1753b8054344f32cf94f31c6399a58794a380 but the patch is causing errors: Failed: qemux86 does not shutdown within timeout(120) so backported only required structure definition. Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-3019 Upstream patches: https://github.com/qemu/qemu/commit/7d0fefdf81f5973334c344f6b8e1896c309dff66 https://github.com/qemu/qemu/commit/3c0463a650008aec7de29cf84540652730510921 (From OE-Core rev: 3782e1b21882ffc5e4cc466418e066179470241e) Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* openssl: patch CVE-2024-9143Peter Marko2024-11-022-0/+203
| | | | | | | | | Pick patch from branch openssl-3.0. (From OE-Core rev: 75e1dedf85ac093fc43eb88a59bfe980bb363bf9) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* ghostscript: Backport CVE-2024-29508Ashish Sharma2024-11-023-0/+339
| | | | | | | | | | | | | Import patch from ubuntu to fix CVE-2024-29508 Upstream-Status: Backport [https://git.launchpad.net/ubuntu/+source/ghostscript/commit/?h=ubuntu/focal-security&id=22b23aa6de7613a4d9c1da9c84d72427c9d0cf1a] Upstream commit: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=ff1013a0ab485b66783b70145e342a82c670906a (From OE-Core rev: c5a85dfe661543137e40976e832ac22e4815406a) Signed-off-by: Ashish Sharma <asharma@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* kmscube: create_framebuffer: backport modifier fixRandolph Sapp2024-10-242-0/+32
| | | | | | | | | | Backport the upstream buffer modifier fix for create_framebuffer to handle the case where no valid modifiers are available. (From OE-Core rev: 983e3efb51ab22f1fa5f90cbbfba2d701aa425fc) Signed-off-by: Randolph Sapp <rs@ti.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* syslinux: Disable error on implicit-function-declarationKhem Raj2024-10-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | syslinux has vendored copy of ext2fs/ext2_fs.h but uses ext2fs/ext2fs.h from e2fsprogs package, however, ext2fs/ext2fs.h has dependencies on ext2fs/ext2_fs.h coming from e2fsprogs package as these both headers come from same package, here syslinux uses ext2fs.h from e2fsprogs but supplies its own copy of ext2_fs.h which maybe out of sync and that results in warnings about implicit implicit-function-declarations e.g. recipe-sysroot/usr/include/ext2fs/ext2fs.h:727:16: error: implicit declaration of function 'ext2fs_has_feature_gdt_csum' [-Wimplicit-function-declaration] | 727 | ext2fs_has_feature_gdt_csum(fs->super); | | ^~~~~~~~~~~~~~~~~~~~~~~~~~~ ext2fs_has_feature_gdt_csum here comes from newer version of ext2fs/ext2_fs.h but missing from vendored copy, hence the warning. With gcc-14 this warning is treated as error by default, which breaks the build, so lets treat it as warning only. All these functions are never used in syslinux, so functionality-wise we are fine. (From OE-Core rev: 14fdee535c37aaa44898dc22149004c97b2456ca) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit a2b30108055e68b62fdad7319d7d569bc38a07b4) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* linux-firmware: upgrade 20240220 -> 20240909Macpaul Lin2024-10-241-4/+4
| | | | | | | | | License-Update: additional files (From OE-Core rev: 2f82404cde671d2898d82483cc1fff693d7720e3) Signed-off-by: Macpaul Lin <macpaul.lin@mediatek.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* libarchive: Fix CVE-2024-48957 & CVE-2024-48958Ashish Sharma2024-10-243-0/+72
| | | | | | | | | | | | Backport fix: * CVE-2024-48957 - Upstream-Status: Backport from https://github.com/libarchive/libarchive/commit/3006bc5d02ad3ae3c4f9274f60c1f9d2d834734b * CVE-2024-48958 - Upstream-Status: Backport from https://github.com/libarchive/libarchive/commit/a1cb648d52f5b6d3f31184d9b6a7cbca628459b7 (From OE-Core rev: 584ce77f3aae332c66e2140497506301200ec9ca) Signed-off-by: Ashish Sharma <asharma@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* gcc: ignore CVE-2023-4039Peter Marko2024-10-241-0/+3
| | | | | | | | | | | Last version bump removed patch for this CVE because it was integrated in new release. This has caused the CVE to reappear in reports because 2023-09-12 is "higher" than 11.5... (From OE-Core rev: d74fd7c4e9353fc00f0b79f05de101efb0148a6f) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* build-appliance-image: Update to kirkstone head revisionyocto-4.0.22kirkstone-4.0.22Steve Sakoman2024-10-121-1/+1
| | | | | | (From OE-Core rev: f09fca692f96c9c428e89c5ef53fbcb92ac0c9bf) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* selftest/runtime_test/virgl: Disable for all fedoraSteve Sakoman2024-10-121-1/+1
| | | | | | | | | We can't support vgem on RHEL derived distros so disable this test for all fedora hosts rather than specific versions. (From OE-Core rev: c4760d6a52011515b0f931d08f619c7e49e72158) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* valgrind: disable avx_estimate_insn.vgtestSteve Sakoman2024-10-121-0/+8
| | | | | | | | | | | | | This test fails consistently on the new valkyrie autobuilder cluster The estimate instructions (rcpss, rcpps, rsqrtps, rsqrtss) are, as the name suggests, not expected to give a fully accurate result. They may produce slighly different results on different CPU families because their results are not defined by the IEEE standard. (From OE-Core rev: 9269edb63d3c68de62326f5960ffff0c1068e709) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* zstd: fix LICENSE statementMassimiliano Minella2024-10-121-1/+1
| | | | | | | | | | | | | | [Backport from OE-Core: 40f85de590c188c9c3985e64a83efaf06b0b4fbc] zstd is dual-licensed under BSD _OR_ GPLv2 which was updated in the README for v1.5.6. License wording in the README for v1.5.2 is misleading, but license headers in the code clearly state that there is a choice between the two licenses. (From OE-Core rev: 4ef9b4d947b6e8ed7637cdd9e722c3f0c83990dd) Signed-off-by: Massimiliano Minella <massimiliano.minella@se.com> Signed-off-by: Shubham Kulkarni <skulkarni@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* cdrtools-native: fix build with gcc-14Martin Jansa2024-10-121-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | Fixes: http://errors.yoctoproject.org/Errors/Details/770525/ | checking whether the C compiler (gcc -isystem/OE/build/oe-core/tmp-glibc/work/x86_64-linux/cdrtools-native/3.01/recipe-sysroot-native/usr/include -O2 -pipe ) works... no | configure: error: installation or configuration problem: C compiler cannot create executables. | RULES/rules.cnf:70: incs/amd-ryzen-threadripper-3970x-32-core-processor-linux-cc/rules.cnf: No such file or directory | make: *** [RULES/rules.cnf:59: incs/amd-ryzen-threadripper-3970x-32-core-processor-linux-cc/rules.cnf] Error 1 | make: *** Waiting for unfinished jobs.... where config.log show it's caused by gcc-14: configure:1189: checking whether the C compiler (gcc -isystem/OE/build/oe-core/tmp-glibc/work/x86_64-linux/cdrtools-native/3.01/recipe-sysroot-native/usr/include -O2 -pipe ) works configure:1211: gcc -o conftest -isystem/OE/build/oe-core/tmp-glibc/work/x86_64-linux/cdrtools-native/3.01/recipe-sysroot-native/usr/include -O2 -pipe -D_GNU_SOURCE conftest.c 1>&5 configure:1208:1: error: return type defaults to 'int' [-Wimplicit-int] configure: failed program was: main(){return(0);} (From OE-Core rev: 6fd1bc0620e6d6ce9b940eaeb68474f4d0b9369b) Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 094273bd7d1768e14fbdcd2f239bee14c630a625) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* meta-world-pkgdata: Inherit nopackagesMartin Jansa2024-10-121-0/+1
| | | | | | | | | | | | | Since this is a recipe with PACKAGES = "", inherit the nopackages class to skip the various packaging functions which wouldn't do anything anyway. This fixes errors from buildhistory changes where packages-split would be empty. (From OE-Core rev: fc8ad580c5d76266ad722c9429f39adf5370c2fb) Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* rust: ignore CVE-2024-43402Peter Marko2024-10-121-2/+2
| | | | | | | | | | | | This CVE iwas created because fix for CVE-2024-24576 was incomplete. Ignore the new CVE in the same way as the old one. See https://nvd.nist.gov/vuln/detail/CVE-2024-43402 (From OE-Core rev: 62bb1b8f89c97fa32a7b15021e9e3fbbb878ae68) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* cups: Backport fix for CVE-2024-47175Vijay Anusuri2024-10-126-0/+628
| | | | | | | | | | | | | | | | | | | Upstream-Status: Backport from https://github.com/OpenPrinting/cups/commit/9939a70b750edd9d05270060cc5cf62ca98cfbe5 & https://github.com/OpenPrinting/cups/commit/04bb2af4521b56c1699a2c2431c56c05a7102e69 & https://github.com/OpenPrinting/cups/commit/e0630cd18f76340d302000f2bf6516e99602b844 & https://github.com/OpenPrinting/cups/commit/1e6ca5913eceee906038bc04cc7ccfbe2923bdfd & https://github.com/OpenPrinting/cups/commit/2abe1ba8a66864aa82cd9836b37e57103b8e1a3b Reference: https://security-tracker.debian.org/tracker/CVE-2024-47175 (From OE-Core rev: 528e2a27564f3093a6a3bb7ac907caae674edab4) Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* populate_sdk_base: inherit nopackagesMartin Jansa2024-10-071-1/+1
| | | | | | | | | | | | | | | | | | | | | Since this bbclass sets PACKAGES = "", inherit the nopackages class to skip the various packaging functions which wouldn't do anything anyway. This fixes errors from buildhistory changes where packages-split would be empty. e.g. meta-toolchain build now fails with: | DEBUG: Executing shell function buildhistory_list_pkg_files | find: ".../meta-toolchain/1.0/packages-split/*": No such file or directory | WARNING: exit code 1 from a shell command. | DEBUG: Python function buildhistory_emit_pkghistory finished (From OE-Core rev: 3b646f322b4ffd5ed520f3815ce0726cf225ced2) Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.com> Signed-off-by: Atharva Nandanwar <atharvanandanwar@outlook.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* kmscube: Add patch to fix -int-conversion build errorPurushottam Choudhary2024-10-072-2/+38
| | | | | | | | | | | | | | | | | | On some platforms, `EGLNativeDisplayType` is an int instead of a pointer, in which case the void pointer will raise a `-Wint-conversion`. Add change as a patch instead of updating SRCREV . if we update SRCREV might will get compatiblity issue with current gstreamer 1.20.7 version because SRCREV brings changes which resolves negotiation issues encountered with V4L2 stateless hardware video decoders when using kmscube video playback option which has gstreamer dependency requirement to 1.22.0 (From OE-Core rev: 19a899d2ec69572e0eae4576d9fc55a7ba857309) Signed-off-by: Purushottam Choudhary <purushottam27.kumar@lge.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* curl: free old conn better on reuseMingli Yu2024-10-072-0/+96
| | | | | | | | | | | | | Backport a patch [1] to free old conn better on reuse to fix the memory leak issue [2]. [1] https://github.com/curl/curl/commit/06d1210 [2] https://github.com/curl/curl/issues/8841 (From OE-Core rev: fbb820cdfc480e2481d51b9a1057454832f02b23) Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* bintuils: stable 2.38 branch updateDeepthi Hemraj2024-10-071-1/+1
| | | | | | | | | | Below commit on binutils-2.38 stable branch are updated. 4d71e17a9fd libctf: fix ref leak of names of newly-inserted non-root-visible types (From OE-Core rev: 98517fbc5bbddbe8608b41a7771eb7d90d7860a7) Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* glibc: stable 2.35 branch updatesDeepthi Hemraj2024-10-071-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Below commits on glibc-2.35 stable branch are updated. 37214df5f1 libio: Attempt wide backup free only for non-legacy code 09fb06d3d6 nptl: Use <support/check.h> facilities in tst-setuid3 507983797e posix: Use <support/check.h> facilities in tst-truncate and tst-truncate64 bcd0e854ea ungetc: Fix backup buffer leak on program exit [BZ #27821] e930b89df7 ungetc: Fix uninitialized read when putting into unused streams [BZ #27821] a3db6ce751 Make tst-ungetc use libsupport ed9762fdbf stdio-common: Add test for vfscanf with matches longer than INT_MAX [BZ #27650] cf71d2189c support: Add FAIL test failure helper 5b4e90230b stdio-common: Reformat Makefile. 3c64e961ff Fix name space violation in fortify wrappers (bug 32052) ba003ee5de resolv: Fix tst-resolv-short-response for older GCC (bug 32042) 5a1d0633be Add mremap tests 0ff91d3961 mremap: Update manual entry 7459b6fe47 linux: Update the mremap C implementation [BZ #31968] 461d0cac38 tests: replace system by xsystem 041ac9dffe resolv: Track single-request fallback via _res._flags (bug 31476) 820a750bed resolv: Do not wait for non-existing second DNS response after error (bug 30081) 4f5aa1d2fb resolv: Allow short error responses to match any query (bug 31890) a180e82837 Linux: Make __rseq_size useful for feature detection (bug 31965) f8a52d39c0 elf: Make dl-rseq-symbols Linux only d36daa4c01 nptl: fix potential merge of __rseq_* relro symbols 602fff4efa Add AT_RSEQ_* from Linux 6.3 to elf.h c7cd626538 s390x: Fix segfault in wcsncmp [BZ #31934] (From OE-Core rev: db4cee587fe43f93a9bc9a1356c65a50f92085d9) Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* gcc: upgrade to v11.5Deepthi Hemraj2024-10-0714-2937/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | gcc stable version upgraded from v11.4 to v11.5 Dropped CVE-2023-4039.patch and 0001-aarch64-Update-Neoverse-N2-core-defini.patch because its been taken to gcc-11.5 with below commits 75c37e0314 and 50d9db203bc For changes in v11.5 see: https://gcc.gnu.org/gcc-11/changes.html Below is the bug fix list for v11.5: https://gcc.gnu.org/bugzilla/buglist.cgi?bug_status=RESOLVED&list_id=444046&resolution=FIXED&target_milestone=11.5 There are a total 164 bugs are fixed in this release, below is the list of bugs fixed excluding the regression fixes. ID Product Comp Assignee▲ Summary 112672 gcc target ubizjak [14 Regression] wrong code with __builtin_parityl() at -O and above on x86_64 111736 gcc sanitize unassigned Address sanitizer is not compatible with named address spaces 80899 gcc ipa hubicka [11/12/13/14 Regression] Devirtualization causes incorrect code generation with placement new in some cases 105301 gcc c++ iains [11 Regression] ICE: tree check: expected tree that contains 'decl minimal' structure, have 'overload' in coro_promise_type_found_p, at cp/coroutines.cc:516 110027 gcc middle-e jakub [11 regression] Stack objects with extended alignments (vectors etc) misaligned on detect_stack_use_after_return 110079 gcc rtl-opti jakub [11 Regression] ICE with -freorder-blocks-and-partition and inline-asm goto 110731 gcc tree-opt jakub [11/12 Regression] Wrong-code because of wide-int division since r5-424 111015 gcc tree-opt jakub [11/12/13/14 Regression] __int128 bitfields optimized incorrectly to the 64 bit operations 112727 gcc sanitize jakub [11/12/13 Regression] UBSAN creates GIMPLE path with uninitialized variable 113674 gcc c++ jakub [11 Regression] [[____attr____]] causes internal compiler error: in decl_attributes, at attribs.cc:776 114310 gcc target jakub [11 Regression] [aarch64] __sync_val_compare_and_swap fails on __int128_t with newval = 0 114493 gcc c jakub [11 Regression] internal compiler error: in fld_incomplete_type_of with may_alias 114566 gcc tree-opt jakub [11 Regression] Misaligned vmovaps when compiling with stack-protector-strong for znver4 114634 gcc c++ jakub [11 Regression] Crash Issue Encountered in GCC Compilation of Template Code with Aligned Attribute since r9-1745 114691 gcc c++ jakub [11 Regression] Bogus ignoring loop annotation warning 114825 gcc fortran Jakub [11 Regression] Compiler error using gfortran and OpenMP since r5-1190 114876 gcc tree-opt jakub [11 Regression] -fprintf-return-value mishandles %lc with a '\0' argument. 114956 gcc sanitize jakub [11 Regression] Segmentation fault with -fsanitize=address -fsanitize=null -O2 when attribute no_sanitize_address is enabled since r9-5742 106890 gcc c++ jason [11 Regression] virtual inheritance triggers compiler error when instatiating derived class with in-class initialization since r8-2709-g12659e10c7820071 111529 gcc c++ jason [11/12/13 Regression] ICE on bool conversion in an unrolled loop condition inside template lambda nested in another template scope 113598 gcc c++ jason [11/12/13 Regression] GCC internal compiler error since r0-124275 114561 gcc c++ jason [11/12 Regression] Comma operator with forwarding reference to pointer raises invalid lvalue required error since r10-7410 114562 gcc c++ jason [11/12 Regression] ICE when trying to bind rvalue reference to lvalue with comma operator and forwarding reference to pointer since r10-7410 115565 gcc rtl-opti macro [11/12/13/14/15 Regression] CSE: Comparison incorrectly evaluated as constant causing optimization to produce wrong code 109876 gcc c++ mpolacek [11/12 Regression] initializer_list not usable in constant expressions in a template 110106 gcc c++ mpolacek [11/12 Regression] ICE on noexcept(noexcept(...)) with optional 89224 gcc c++ pinskia [11/12/13/14/15 Regression] subscript of const vector has the wrong type 110386 gcc tree-opt pinskia [11/12 Regression] ICE with ABSU in backprop 111331 gcc tree-opt pinskia [11/12 Regression] Wrong code at -O1 on x86_64-linux-gnu since 108120 gcc target rearnsha [11/12 Regression] ICE: in extract_insn, at recog.cc:2791 (on ARM with -mfpu=neon -freciprocal-math -O3) 95048 gcc libstdc+ redi [11 Regression] wstring-constructor of std::filesystem::path throws for non-ASCII characters 104606 gcc libstdc+ redi [11 Regression] comparison operator resolution with std::optional and -std=c++20 90348 gcc middle-e rguenth [11 Regression] Partition of char arrays is incorrect in some cases 96881 gcc tree-opt rguenth [11 Regression] Clobbers on NULL vs. DCE since r8-1519 97990 gcc c++ rguenth [11 Regression] ICE: ‘verify_type’ failed with vector types and non-PODs since r6-5222-gba6a6a1d44c17f25 103006 gcc middle-e rguenth [12/13/14/15 Regression] wrong code at -O1 or -O2 on x86_64-linux-gnu by r7-7101 110176 gcc tree-opt rguenth [11 Regression] wrong code at -Os and above on x86_64-linux-gnu since r11-2446 110295 gcc c++ rguenth [11 Regression] ICE in dwarf2out_finish with local class with inherited operator delete in a templated function and -g 110298 gcc tree-opt rguenth [11 Regression] ICE at -Os on x86_64-linux-gnu since r10-840 111039 gcc tree-opt rguenth [11 Regression] Unable to coalesce ssa_names 111080 gcc debug rguenth [11 Regression] restrict qualifier causes extra debug info to happen 111472 gcc tree-opt rguenth [11 Regression] Wrong code at -Os on x86_64-linux-gnu since r11-4563-gd0d8b5d836 111614 gcc tree-opt rguenth [11 Regression] ICE at -O2: verify_gimple failed since r14-2282-gf703d2fd3f0 111764 gcc tree-opt rguenth [11 Regression] Wrong code at -O3 on x86_64-linux-gnu 111818 gcc middle-e rguenth [11 Regression] ICE with __builtin_memcpy with volatile and constants 111917 gcc tree-opt rguenth [11 Regression] ICE in as_a, at is-a.h:255 since GCC-7 112495 gcc tree-opt rguenth [11 Regression] ICE: verify_gimple failed (after vectorizer) with named address space (__seg_gs ) 112505 gcc tree-opt rguenth [11 Regression] internal compiler error: in build_vector_from_val, at tree.cc:2104 since r10-4076 112718 gcc debug rguenth [11 Regression] ICE: in add_dwarf_attr, at dwarf2out.cc:4501 with -g -fdebug-types-section -flto -ffat-lto-objects 112793 gcc tree-opt rguenth [11 regression] ICE when building stellarium (internal compiler error: in vect_schedule_slp_node, at tree-vect-slp.cc:9062) 114027 gcc tree-opt rguenth [11 Regression] miscompile at `-O3 -fno-vect-cost-model -msse4.2` 114734 gcc target rguenth [11 regression] RISC-V rv64gcv_zvl256b miscompile with -flto -O3 -mrvv-vector-bits=zvl since r8-6047-g65dd1346027bb5 108086 gcc rtl-opti rsandifo [11 Regression] internal compiler error: in set_accesses, at rtl-ssa/internals.inl:449 113281 gcc tree-opt rsandifo [11 Regression] Latent wrong code due to vectorization of shift reduction and missing promotions since r9-1590 113552 gcc tree-opt tnfchris [11/12/13 Regression] vectorizer generates calls to vector math routines with 1 simd lane. 29256 gcc target unassigned [11/12/13/14 regression] loop performance regression 82446 gcc tree-opt unassigned [11/12/13/14 Regression] Missed equalities in dr_group_sort_cmp 93631 gcc c unassigned [11/12/13/14 Regression] ICE on an invalid strcmp call in gimple_call_arg, at gimple.h:3258 93930 gcc target unassigned [11/12/13/14 Regression] Unnecessary broadcast instructions for AVX512 94335 gcc tree-opt unassigned [11/12/13/14 Regression] False positive -Wstringop-overflow warning with -O2 97140 gcc target unassigned [11/12/13/14 Regression] ICE in error: unable to generate reloads for since r10-400-gecfdb16c54ad06ac 100623 gcc target unassigned [11 Regression] wrong code with -Os -fno-dce -fno-defer-pop -fno-forward-propagate -flive-range-shrinkage -fno-rerun-cse-after-loop -mno-push-args since r10-7515-g2c0fa3ecf70d199a 100667 gcc libstdc+ unassigned [11/12 Regression] std::tuple<A&&> cannot be constructed from A&&, if A not defined (only forward declared) 103497 gcc c++ unassigned [11/12/13/14 Regression] ICE when decltype(auto)... as parameters 105034 gcc target unassigned [11/12/13/14 regression]Suboptimal codegen for min/max with -Os 107057 gcc rtl-opti unassigned [11/12 Regression] ICE in extract_constrain_insn, at recog.cc:2692 109800 gcc target acoplan [11 Regression] arm: ICE (segfault) loading double with -mpure-code -mbig-endian 110288 gcc fortran anlauf [11/12/13/14] Regression: segfault in findloc with allocatable array of allocatable characters 110585 gcc fortran anlauf ICE in gfc_compare_expr for findloc with complex literal array 110658 gcc fortran anlauf MINVAL/MAXVAL and deferred-length character arrays 115611 gcc target avieira mve: vsetq_lane for 64-bits has wrong codegen when setting lane 1 113893 gcc ada ebotcazou finalization of object allocated by anonymous access type designating local type 111050 gcc libstdc+ fdumont [11/12/13/14 Regression] ABI break in _Hash_node_value_base since GCC 11 110624 gcc target iains Xcode 15 ld warns about -macosx_version_min 114171 gcc d ibuclaw [13/14 Regression] gdc -O2 -mavx generates misaligned vmovdqa instruction 108789 gcc middle-e jakub __builtin_(add|mul|sub)_overflow methods generate duplicate operations if both operands are const which in turn causes wrong code due to overlapping arguments 110115 gcc middle-e jakub [11 Regression] Wrong code at -O1 on x86_64-linux-gnu 110914 gcc tree-opt jakub [11/12/13/14 Regression] Optimization eliminating necessary assignment before 0-byte memcpy since r10-5451 111422 gcc middle-e jakub Wrong code at -O3 on x86_64-linux-gnu 112816 gcc target jakub [11/12 Regression] ICE unrecognizable_insn with __builtin_signbit and returning struct with int[4] 113122 gcc target jakub Assembler messages: Error: operand type mismatch for `movabs' / bad expression / invalid use of register with -fprofile -mcmodel=large -masm=intel 113192 gcc libgomp jakub [11 Regression] ERROR: couldn't execute "../../../gcc/libgomp/testsuite/flock": no such file or directory 113262 gcc c jakub [11 Regression] ICE when using [[gnu::copy("")]] attribute 114533 gcc libquadm jakub libquadmath: printf: fix misaligned access on args 114537 gcc c++ jakub bit_cast does not work NSDMI of bitfields 114572 gcc c++ jakub [OpenMP] "internal compiler error: in assign_temp" with assignment operator and lastprivate clause 115172 gcc sanitize jakub Invalid -fsanitize=bool sanitization of variable from named address space 115440 gcc driver jakub unrecognized command-line option '--c++17'; did you mean '--stdc++17'? 110422 gcc tree-opt jamborm asm goto vs SRA 92145 gcc c++ jason -Wdeprecated-copy false-positive when inheriting base assignment operators 92407 gcc c++ jason Destruction of objects returned from functions skipped by goto 103185 gcc c++ jason [11/12/13 Regression] ind[arr] is rejected when arr is an array prvalue 106310 gcc c++ jason [11 Regression] lookup after this-> seems wrong for dependent lookup since r12-6754-g30f2c22def739211 111357 gcc c++ jason [11/12/13/14 Regression] __integer_pack fails to work with values of dependent type convertible to integers in noexcept context 114130 gcc target kito [11 Regression] RISC-V: `__atomic_compare_exchange` does not use sign-extended value for RV64 113250 gcc libstdc+ kmatsui std::filesystem::equivalent("", "/") should throw 115457 gcc target ktkachov AArch64 should define __ARM_FEATURE_BF16 115475 gcc target ktkachov AArch64 should define __ARM_FEATURE_SVE_BF16 when appropriate 88309 gcc target linkw [11/12/13/14 Regression] ICE: Floating point exception (in is_miss_rate_acceptable), target assigning alignent of 4 bits(!) to vector 104259 gcc libstdc+ marxin libstdc++ fails for epiphany-elf 109822 gcc libstdc+ mkretz Converting std::experimental::simd masks yields an error 59465 gcc c++ mpolacek [11/12/13 Regression] g++ allows direct-initialization of an array of class type from another array in a mem-initializer 100557 gcc c++ mpolacek [11/12/13/14 Regression] Internal compiler error: Error reporting routines re-entered. 115642 gcc c mpolacek [11/12/13/14/15 Regression] internal compiler error: tree check: expected class 'type', have 'exceptional' (error_mark) in c_expr_sizeof_expr 95351 gcc middle-e pinskia [11/12 Regression] Comparison with NAN optimizes incorrectly with -ffast-math disabled 111699 gcc middle-e pinskia [11/12/13 Regression] ICE: SIGSEGV: infinite recursion in fold_build3_loc/fold_ternary_loc/generic_simplify_VEC_COND_EXPR 109761 gcc c++ ppalka [11/12 Regression] Nested class destructor's noexcept specification incorrectly considered as too loose compared to the outer class 111485 gcc c++ ppalka [11/12 Regression] Constraint mismatch on template template parameter 113175 gcc testsuit ppalka [11/12/13/14 Regression] testsuite/std/ranges/iota/max_size_type.cc 5x times slower 111407 gcc tree-opt qinzhao [11/12/13 Regression] ICE: SSA corruption due to widening_mul opt on conflict across an abnormal edge 99327 gcc libstdc+ redi ENOTSUP macro does not exist on djgpp crt 104161 gcc libstdc+ red Potential Security Vulnerability: remove_all and symbolic link 105178 gcc libstdc+ redi [11 Regression] g++ incorrectly reports invalid use of incomplete type 108178 gcc libstdc+ redi Filesystem::copy_file can't copy from /proc on Linux machines 112491 gcc libstdc+ redi std::deque<T,Allocator>::size xmethod output is wrong 114147 gcc libstdc+ redi [11 Regression] tuple allocator-extended constructor requires non-explicit default constructor 114401 gcc libstdc+ redi libstdc++ allocator destructor omitted when reinserting node_handle into tree- and hashtable-based containers 96109 gcc testsuit rguenth [11 Regression] gcc.dg/vect/slp-47.c etc. FAIL 110182 gcc tree-opt rguenth [11 Regression] Vector(2) cast from double to float and back and subtraction seems to produce incorrect results 110200 gcc middle-e rguenth genmatch generating questionable code with convert and ! 98237 gcc ipa ro gcc-dg-lto-modref-3-01.exe etc. FAIL when LTO plugin is not enabled 97696 gcc sanitize rsandifo ICE since ASAN_MARK does not handle poly_int sized varibales 100303 gcc debug rsandifo [11 Regression] -fcompare-debug failure (length) with -O -fno-dce -ftracer 111340 gcc target ubizjak gcc.dg/bitint-12.c fails on x86_64-apple-darwin or fails on x86_64-linux-gnu with -fPIE 115297 gcc rtl-opti ubizjak [14/15 regression] alpha: ICE in simplify_subreg, at simplify-rtx.cc:7554 with -O1 115836 gcc middle-e ubizjak ICE when building Firefox with-march=pentium-mmx -mtune=pentium-m 91085 gcc other unassigned [11 only] fixincludes breaks <bits/statx.h> 103183 gcc c++ unassigned [11/12/13/14 Regression] ind[arr] produces an lvalue when arr is an array xvalue 105417 gcc libstdc+ unassigned [11 Regression] powerpc64le-linux abilist changes based on --with-long-double-format= 110309 gcc target unassigned Wrong code for masked load expansion 111922 gcc ipa unassigned [11/12/13/14 Regression] ICE in cp with -O2 -fno-tree-fre 112823 gcc other unassigned [11 only] -Wincompatible-pointer-types errors in libiberty/simple-object-mach-o.c (missing backport for gcc-11) 112891 gcc target unassigned [11/12/13/14 Regression] Missing vzeroupper insert 114049 gcc target unassigned gcc.dg/framework-1.c FAILs with Xcode 15.3 beta 3 114098 gcc target unassigned _tile_loadconfig doesn't work 114521 gcc target unassigned [11 only] aarch64: wrong code with Neon ld1/st1x4 intrinsics gcc-11 and earlier 115261 gcc rtl-opti unassigned [11/12/13/14/15 regression] FAIL: gcc.target/s390/vector/vec-abi-vararg-1.c 115269 gcc libstdc+ unassigned Hardcoded links in 14.1 docs to pages from release 4.3.2 115870 gcc tree-opt unassigned Inlining of different template instances wrongly produces infinite loop 103715 gcc fortran anlauf [11/12/13/14 Regression] ICE in gfc_find_gsymbol, at fortran/symbol.c:4301 since r9-3803-ga5fbc2f36a291cbe 111837 gcc fortran anlauf [11/12/13/14 Regression] Out of bounds access with optimization inside io-implied-do-control 114474 gcc fortran anlauf [11/12/13/14 Regression] DATA statement with derived type, pointer component rejected 113979 gcc ada ebotcazou [11/12/13/14 regression] bogus error on allocator for array type with Dynamic_Predicate 103506 gcc fortran jvdelisle [11 Regression] ICE in gfc_free_namespace, at fortran/symbol.c:4039 since r10-2798-ge68a35ae4a65d2b3 107397 gcc fortran jvdelisle [11/12 Regression] ICE in gfc_arith_plus, at fortran/arith.cc:654 91035 gcc target krebbel [11/12/13/14 Regression] gotools fails to build on s390x-linux-gnu 84006 gcc fortran pault [11/12 Regression] ICE in storage_size() with CLASS entity 89462 gcc fortran pault [11/12/13 Regression] gfortran loops in code generation 93678 gcc fortran pault [11/12/13 Regression] ICE with TRANSFER and typebound procedures 103312 gcc fortran pault [11/12 Regression] ICE in gfc_find_component since r9-1098-g3cf89a7b992d483e 103368 gcc fortran pault [11/12/13 Regression] ICE in gimplify_expr, at gimplify.c:15668 since r12-4464-g017665f63047ce47 103716 gcc fortran pault [11/12/13 Regression] ICE in gimplify_expr, at gimplify.c:15964 since r9-3803-ga5fbc2f36a291cbe 106999 gcc fortran pault [11/12/13 Regression] ICE tree check: expected record_type or union_type or qual_union_type, have function_type in gfc_class_data_get, at fortran/trans-expr.cc:233 71703 gcc fortran unassigned [11 Regression] [OOP] ICE in wide_int_to_tree, at tree.c:1488 89925 gcc fortran unassigned [11 Regression] Wrong array bounds from ALLOCATE with SOURCE or MOLD 99183 gcc fortran unassigned [11 Regression] Incompatible Runtime types 99757 gcc c++ unassigned [11/12/13/14 Regression] ICE: in cp_finish_decl, at cp/decl.c:7736 104391 gcc fortran unassigned [11 Regression] bind(C) and allocatable or pointer attribute don't work 104908 gcc fortran unassigned [11/12/13/14 Regression] incorrect Fortran out-of-bound runtime error. 113179 gcc middle-e unassigned [11/12/13/14/15 Regression] MIPS: INS is used for long long, before SLL 80774 gcc fortran vehre [11/12/13/14/15 Regression][Coarray] ICE in gfc_conv_descriptor_data_get, at fortran/trans-array.c 82904 gcc fortran vehre [11/12/13/14/15 Regression][Coarray] ICE in make_ssa_name_fn, at tree-ssanames.c:261 111880 gcc fortran anlauf [11/12/13/14] False positive warning of obsolescent COMMON block with Fortran submodule 61527 gcc fortran unassigned [11/12/13/14 Regression] [OOP] class/extends, multiple generic assignment, accept invalid (From OE-Core rev: 7806e21e7d47fd010872a3967e51bcacdae3a76b) Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* procps: patch CVE-2023-4016Jinfeng Wang2024-10-072-1/+62
| | | | | | | | | | | | | | | Previous patch[1] for CVE-2023-4016 is insufficent. Backport more from upstream master. There is one change needed to apply this patch: * change file location from local/xalloc.h to include/xalloc.h [1] https://git.openembedded.org/openembedded-core/commit/meta/recipes-extended/procps/procps/CVE-2023-4016.patch?h=kirkstone&id=71d0683d625c09d4db5e0473a0b15a266aa787f4 (From OE-Core rev: 94521a1e49e8fd9193211f486995d2e504f99d3f) Signed-off-by: Jinfeng Wang <jinfeng.wang.cn@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* wpa-supplicant: Patch security advisory 2024-2Peter Marko2024-10-074-0/+143
| | | | | | | | | | | Pick patches according to http://w1.fi/security/2024-2/sae-h2h-and-incomplete-downgrade-protection-for-group-negotiation.txt SAE H2E and incomplete downgrade protection for group negotiation (From OE-Core rev: 58b8ad7e33f47f06409be84430a8c2a22b4dd92f) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* wpa-supplicant: Patch CVE-2024-3596Peter Marko2024-10-0710-0/+618
| | | | | | | | | | | | | | | Picked patches according to http://w1.fi/security/2024-1/hostapd-and-radius-protocol-forgery-attacks.txt First patch is style commit picked to have a clean cherry-pick of all mentioned commits without any conflict. Patch CVE-2024-3596_07.patch has hostapd code removed as it is not present in wpa-supplicant download tarball. (From OE-Core rev: 6f65fd4d98b5a5dcd410b2dcfeb2e6f229c3b973) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* wpa-supplicant: Ignore CVE-2024-5290Peter Marko2024-10-071-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | NVD CVE report [1] links Ubuntu bug [2] which has a very good description/discussion about this issue. It applies only to distros patching wpa-supplicant to allow non-root users (e.g. via netdev group) to load modules. This is not the case of Yocto. Quote: So upstream isn't vulnerable as they only expose the dbus interface to root. Downstreams like Ubuntu and Chromium added a patch that grants access to the netdev group. The patch is the problem, not the upstream code IMHO. There is also a commit [3] associated with this CVE, however that only provides build-time configuration to limit paths which can be accessed but it acts only as a mitigation for distros which allow non-root users to load crafted modules. [1] https://nvd.nist.gov/vuln/detail/CVE-2024-5290 [2] https://bugs.launchpad.net/ubuntu/+source/wpa/+bug/2067613 [3] https://w1.fi/cgit/hostap/commit/?id=c84388ee4c66bcd310db57489eac4a75fc600747 (From OE-Core rev: 603047ab3c85009c384793cdbdd8e6ae1aebd737) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* gnupg: Document CVE-2022-3219 and mark wontfixPeter Marko2024-10-071-0/+2
| | | | | | | | | | | | (From OE-Core rev: f10f9c3a8d2c17d5a6c3f0b00749e5b34a66e090) (From OE-Core rev: fe094c2d50ffe11627efa6c0807a289c1ee6eb74) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* curl: backport Debian patch for CVE-2024-8096Vijay Anusuri2024-10-072-0/+211
| | | | | | | | | | | | | | | | | import patch from ubuntu to fix CVE-2024-8096 Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/curl/tree/debian/patches?h=ubuntu/jammy-security Upstream commit https://github.com/curl/curl/commit/aeb1a281cab13c7ba791cb104e556b20e713941f] Reference: https://curl.se/docs/CVE-2024-8096.html (From OE-Core rev: 5383b18d4f8023b49cdadf7c777aaecf55d95dc1) Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>