| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
| |
libstdc++.modules.json is new file in libstdc++ from GCC-15
it is the module mapping file used in C++ projects that
utilize C++20 modules
(From OE-Core rev: bbfe7ee5b64618649eb8aff753b444c97313e617)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Particularly:
- one of the tests requires a C.utf-8 locale
(only available in glibc)
- another needs .gir files to be installed
Also, consolidate the ptest dependencies in a
single variable assignment.
(From OE-Core rev: e9b318408bd6e68e4d7f7d4f74abf6d55f2dae09)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Add option for tests to prevent them from being built without PACKAGECONFIG[tests] being selected
Overview of changes in GLib 2.84.0, 2025-03-06
==============================================
* Bugs fixed:
- #3590 Update Slovenian (sl) translation in glib
- !4539 Update Korean translation
- !4540 tests: Minor fixes to reference and stream-rw_all tests
- !4542 gdebugcontrollerdbus: Fix a minor typo in a code example in the docs
- !4543 Update Hungarian translation
* Translation updates:
- Hungarian (Balázs Úr)
- Korean (Changwoo Ryu)
- Slovenian (Martin)
Overview of changes in GLib 2.83.5, 2025-02-28
==============================================
* A few improvements for when GLib is used as a subproject (#3625, #3626, work
by Simon McVittie)
* Fix out-of-order parameters in a marshaller generated by `gdbus-codegen`
(!4524, work by Ryan Gonzalez)
* Bugs fixed:
- #3272 gutils-user-database test crashes in CI with G_DISABLE_ASSERT and -m
thorough (Philip Withnall)
- #3424 Update the release instructions (Philip Withnall)
- #3615 Use of timeout in GApplication example code (Reuben Thomas)
- #3625 when GLib is a subproject, check-missing-install-tag.py asserts that
the parent project has install tags (Simon McVittie)
- #3626 when GLib is a subproject and pcre2 is a subproject, pcre2's tests are
run (Simon McVittie)
- !4507 [th/gdataset-misc] minor improvements in gdataset.c (around
g_datalist_id_remove_multiple())
- !4508 [th/datalist-update-atomic-no-keyid] gdataset: drop "key_id" argument
from GDataListUpdateAtomicFunc
- !4509 tests: Search the appropriate directories for our GIR XML inputs
- !4510 doc: Simplify instructions for testing with Automake
- !4511 Update Georgian translation
- !4512 Update Czech translation
- !4513 [th/gobject-inline-private-call] gobject: avoid GLIB_PRIVATE_CALL()
for g_datalist_id_update_atomic
- !4514 Update Ukrainian translation
- !4515 doc: point to iconv(3) and iconv(3posix) for more details about iconv
- !4516 Update Bulgarian translation
- !4517 Update file fa.po
- !4518 Update Chinese translation
- !4521 docs: Fix man page link for xattrs
- !4522 Meson: Disable lint+no-valgrind tests when tests option is set to
false
- !4523 [th/gobj-performance-fixes] improvements and fixes for gobject's
`performance.c` benchmark
- !4524 gdbus-codegen: Fix callback GUnixFDList parameter order
- !4526 [th/gobj-performance-2] more improvements to GObject's `performance.c`
and add test "property-set-signaled"
- !4527 Updated Lithuanian translation
- !4529 Update Portuguese translation
- !4531 Update Swedish translation
- !4535 Update Galician translations
* Translation updates:
- Bulgarian (Alexander Shopov)
- Chinese (China) (lumingzh)
- Czech (AsciiWolf)
- Galician (Fran Diéguez)
- Georgian (NorwayFun)
- Lithuanian (Aurimas Černius)
- Persian (Danial Behzadi)
- Portuguese (Hugo Carvalho)
- Swedish (Anders Jonsson)
- Ukrainian (Yuri Chornoivan)
Overview of changes in GLib 2.83.4, 2025-02-20
==============================================
* Fix Python shebang paths so they work on Windows again (#3331, work by
Dan Yeaw and others)
* Fix refcounting semantics of `g_dbus_connection_register_object_with_closures()`
by adding a replacement API (#3560, work by Philip Withnall)
* Support static vfuncs in GIRepository (!4457, work by Philip Chimento)
* Add support for QNX8.0 (!4466, work by Felix Xing)
* Add a soft dependency on C11 — if your toolchain doesn’t support C11, you have
six months to tell us before this becomes a hard dependency (!4473)
* Port from `net.hadess.PowerProfiles` to `org.freedesktop.UPower.PowerProfiles`
for `GPowerProfileMonitorDBus` (!4478, work by Marco Trevisan)
* Bugs fixed:
- #3331 Windows build broken because of Python paths (Dan Yeaw)
- #3448 Use after free in GCancellableSource test (Marco Trevisan (Treviño))
- #3560 Fix refcounting semantics of
g_dbus_connection_register_object_with_closures() (Philip Withnall)
- #3578 gkeyfile: Honor C in $LANGUAGE as gettext does (Gaël Bonithon)
- #3587 g_app_info_launch crashes on macos (Andre Miranda)
- #3592 GDBusConnection does not handle serial number overflow (Philip
Withnall)
- #3595 Toolchain documentation should mention that GLib assumes functions can
be called through wrongly-typed function pointers (Demi Obenour)
- #3612 cancellable unit test crashes in /cancellable-source/threaded-dispose
(Marco Trevisan (Treviño))
- #3613 Potentially revert g_win32_com_clear() due to pulling in windows.h
- !3255 Drop TypeNode reference counting
- !4046 Add G_OPTION_FLAG_DEPRECATED
- !4457 Support static vfuncs in GIRepository
- !4461 docs: Update the release documentation for the new release workflow
- !4464 gosxappinfo: Fix leak
- !4466 Add support for QNX8.0
- !4468 Registry backend fixes
- !4471 glib.supp: Ignore once-per-thread leak from SysprofCollector
- !4472 gkeyfile: Convert docs to gi-docgen linking syntax
- !4473 build: Add a soft dependency on C11
- !4475 docs: Fix invalid references and broken links
- !4476 tests: Cleanup python tests and add tests for gi-compile-repository
and gi-inspect-typelib
- !4477 gcancellable: remove sketchy source ref/unref
- !4478 gio/powerprofilemonitordbus: Use newer D-Bus API
- !4479 docs: Make docs more markdown-ish
- !4483 tests: Fix a memory leak if a callable-info test is skipped
- !4486 meson: Fix typo in comment about python shebang
- !4487 gio/gfilemonitor: Use atomic API to get / store cancelled state
- !4488 gmain: Use atomic logic to handle internal GSource flags
- !4490 gio/subprocess: Lock while writing on shared pid and status values
- !4491 Update Brazilian Portuguese translation
- !4492 gfilemonitor: Various cleanups and minor fixes to property handling
- !4493 gdbus: Add g_clear_dbus_signal_subscription() inline convenience
function
- !4494 gio/subprocess: Initialize pid variable to 0
- !4495 gio/gvolumemonitor: Suggest disconnecting signals
- !4496 Update Polish translation for GNOME 48
- !4497 tests: Fix a minor leak in a new GSubprocess test
- !4498 gdatetime: Fix integer overflow when parsing very long ISO8601 inputs
* Translation updates:
- Polish (Piotr Drąg)
- Portuguese (Brazil) (Rafael Fontenelle)
Overview of changes in GLib 2.83.3, 2025-01-23
==============================================
* Fix build-time paths appearing in generated `Gio-2.0.gir` and
`GioUnix-2.0.gir` files (#3564, work by Simon McVittie)
* Fix crash on macOS when opening links (#3568, work by John Ralls)
* Bugs fixed:
- #3558 Recent `(inout)` changes caused unintended side-effects with
`GWeakRef` (Michael Catanzaro)
- #3561 Missing nullable annotation on parameter user_data and on the return
value of GVfsFileLookupFunc callback (fbrouille)
- #3562 GBytes semantics of handling empty strings are inconsistent and
confusing (Philip Withnall)
- #3563 Bad anchor link in g_signal_connect() documentation
- #3564 build-time paths to gio/gunixmounts.h, etc. end up in Gio-2.0.gir,
GioUnix-2.0.gir (Simon McVittie)
- #3568 Links crash application on MacOS due to lack of machine-id file (John
Ralls)
- #3569 Requirement of GUnixMountMonitor for a Valid Timestamp from
unix_mount_at is not Suffeciently Documented (Philip Withnall)
- #3582 gmacros: _G_BOOLEAN_EXPR_IMPL is incompatible with c++ functions
marked constexpr
- !3885 [th/gdataset-index] add a lookup index (GHashTable) to `GData`
- !4392 GWin32: Add g_win32_com_clear()
- !4436 docs: Add --generate-md to the gdbus-codegen documentation
- !4437 docs: Fix some backslash escaping issues in doc comments
- !4440 gio, gobject: Improve reproducibility of enumtypes headers
- !4441 gstrfuncs: Drop a redundant paragraph
- !4442 Don't define test setups unless we're testing
- !4443 build: Make the introspection feature yield
- !4444 Fix pointer-to-paramref syntax in docs
- !4446 gio: Fix a link to a specifications document
- !4449 Add several assertions to help static analysis and fix some GIR
annotations
- !4450 Fix GCC version detection for GUINT*_SWAP_LE_BE
- !4454 gioenums: Add deprecation for FLAGS_NONE
- !4455 docs: Use gi-docgen syntax in main-loop.md
- !4458 docs: Document more extension points
- !4460 docs: Clarify that g_array_unref() works like g_ptr_array_unref().
Overview of changes in GLib 2.83.2, 2024-12-11
==============================================
* This release has the same code as 2.83.1, but contains a fix for release
archive generation which means that 2.83.1 does not have a release archive
* Bugs fixed:
- !4433 ci: Enable -Dintrospection for dist builds
Overview of changes in GLib 2.83.1, 2024-12-11
==============================================
* Bugs fixed:
- #1251 gio/tests/contenttype fails on OS X: "public.directory" !=
"public.folder"
- #3441 Bump minimum supported version of macOS (John Ralls)
- #3493 Heap buffer overflow read in utf8_verify_ascii() (Philip Withnall)
- #3511 Build failure “'ifunc' is not supported on this target” with muslc
(Philip Withnall)
- #3517 Silent linked-list corruption in g_static_resource_init() on redundant
calls
- #3524 Wrong parameter type for g_enum_register_static in GObject-2.0.gir
(Jan-Willem Harmannij)
- #3526 Segfault in statically linked binary during initialization of ifuncs
since 2.83.0 (Philip Withnall)
- #3532 g_converter_output_stream_write() can return 0 (Benjamin Otte)
- #3540 g_signal_connect on "notify::non-existant-property" doesn't warn for
invalid property (Sid)
- #3545 Modernize the default value for g_thread_pool_set_max_unused_threads
(Matthias Clasen)
- #3546 Make the thread name available (Matthias Clasen)
- #3548 Fix g_settings_schema_has_key() to work with extended schemas
- #3552 Missing nullable annotation for `log_domain` in `GLogFunc` callback
(Roberto Leinardi)
- #3559 2.82.3 regression: lollypop crashes on startup (Philip Withnall)
- !4232 refstring: Fix race between releasing and re-acquiring an interned
GRefString
- !4382 girepository: gi_object_info_find_signal(): Avoid repeated allocations
- !4384 test utils: Make nonfatal assertions an option
- !4385 gutf8: Skip ASan instrumentation for load_word
- !4389 macos: Add extra content type tests
- !4393 Replace procfs linuxism with kinfo freebsdism
- !4395 appmonitor: Fix warning building test
- !4396 tests: Factor out a function to convert FD to path
- !4398 grefstring: Mark a variable as potentially unused
- !4399 meson: Add variables to -uninstalled.pc files
- !4401 testutils: Documentation improvements
- !4403 Revert "CI: Rebuild a slightly newer version of ninja for debian-
stable-i386"
- !4406 glib/gbytes: Be more careful when saving a GBytes of NULL
- !4407 guri: Fix paths starting with ‘//’ when parsing
- !4410 threadpool: Simplify pool thread naming
- !4411 gdbusconnection: Allow creating connection with cross-namespace
- !4412 gmessages: Treat DEBUG_INVOCATION=1 same as G_MESSAGES_DEBUG=all
- !4413 gunicode: Update some comments in gunicode.h for Unicode 16.0.0
- !4414 gdbus: Add a few missing `(nullable)` annotations to GDBus method
invocation related functions
- !4415 gdbus: Fix leak of method invocation when registering an object with
closures
- !4421 gparam: Add link to constructed vfunc to CONSTRUCT
- !4422 docs: Fix dead link in CONTRIBUTING
- !4423 gio-tool: Clarify that `gio mount -l` only lists user-interesting
things
- !4424 ci: Ensure all variables are quoted in .gitlab-ci.yml
- !4425 tests: Skip unsupported dbus-appinfo test on GNU/Hurd for the moment
- !4428 girepository: Expose gi-compile-repository and gi-* tools in pkg-
config
- !4429 gdbus: Add nullable annotations for fd list outs
- !4432 ci: Add release component to automate tarball publishing
Overview of changes in GLib 2.83.0, 2024-11-06
==============================================
* Update to Unicode 16.0.0; there may be bugs in linebreaking support, see #3518
(#3460, work by Philip Withnall)
* Optimise UTF-8 validation of strings, including use of ifuncs to prevent
spurious warnings from sanitizers and valgrind (#3481, work by Christian
Hergert)
* Fix a potential buffer overflow in `GSocks4aProxy` (#3461, work by
Michael Catanzaro)
* Change the default value of -Dglib_debug from `auto` to `enabled` for
developers — distributions will almost certainly want to override it to
`-Dglib_debug=disabled` for package release builds though; see #3421
* Revert per-instance locking changes in `GCancellable` as they introduced new
races (#3448)
* Bump Meson dependency to 1.4.0 (!4244, work by Benjamin Gilbert)
* Rename multiple `g_unix_mount_*()` APIs to `g_unix_mount_entry_*()` (#3492,
work by Jialu Zhou)
* Add a new `GFileMonitor` backend for macOS and BSD: libinotify-kqueue (!3657,
work by Gleb Popov)
* Add APIs for sync, async and finish function annotations to libgirepository
(!3746, work by Evan Welsh)
* Bugs fixed:
- #3289 readlink -f fails in CI on macOS
- #3415 module-test-library and module-test-plugin tests fail on FreeBSD and
muslc (Philip Withnall)
- #3417 Investigate trampoline performance implications in g_mutex_lock_impl()
changes (Philip Withnall)
- #3421 Default value for glib_debug meson option (Philip Withnall)
- #3444 deprecation warnings when using gobjectnotifyqueue.c
- #3450 Should check for epoll_create1 rather than epoll_create (Philip
Withnall)
- #3451 Gio.MenuModel docs have an outdated UI example (Philip Withnall)
- #3456 Test /unix-mounts/get-mount-entries fails unless libmount is enabled
(Philip Withnall)
- #3458 scan-build CI job fails due to gvdb subproject not having meson.build
(Philip Withnall)
- #3460 "404: Page not found" Error on "submitted as merge requests" Link
(Philip Withnall)
- #3461 Buffer overflow in set_connect_msg() (Michael Catanzaro)
- #3464 g-ir-scanner fails silently on msys2 CI jobs (Philip Withnall)
- #3465 Avoid GError for control flow in GResources
- #3469 Unclear correctness of g_malloc() in pattern_coalesce() (Michael
Catanzaro)
- #3470 Update to Unicode 16.0.0 (Philip Withnall)
- #3472 Overactive GVariantTypeInfo collection causes considerable overhead
(Christian Hergert)
- #3477 Determine policy on 32-bit support (Philip Withnall)
- #3478 Incorrect Examples in GVariant Specification (Christian Hergert)
- #3480 glib/gvariant: incorrect use of G_ANALYZER_ANALYZING (Christian
Hergert)
- #3481 Discussion: utf8 validation optimization (Christian Hergert)
- #3483 mainloop Unix FD test intermittently fails on Hurd (Philip Withnall)
- #3484 g_app_info_launch_default_for_uri no longer works on macOS
- #3486 GVariant inline allocation support broke i686/32-bit builds (Christian
Hergert)
- #3488 `glib` does not properly detect `gobject-introspection` (Philip
Withnall)
- #3489 Multicast cannot be joined on Mac OS on non-default interface
(Nirbheek Chauhan)
- #3490 Meson: fix support for aarch64-w64-mingw32 (Windows on ARM64) (Carlo
Bramini)
- #3492 Incorrect Documentation for g_unix_mount_get_mount_path Return Value
Ownership (Jialu Zhou)
- #3500 AIX: build failure due to pollfd structure change (Parth Patel)
- #3502 Test regressions with tzdata 2024b (Rebecca N. Palmer)
- #3508 g_array_free and free_seg
- #3512 AIX: Undefined symbol related to ASAN Sanitizer
- !3657 Introduce a new GFileMonitor backend: libinotify-kqueue
- !3746 girepository: Add APIs for sync, async, and finish function
annotations
- !3816 Update the wrap file for gi-docgen
- !4126 build: Enable -Wfloat-conversion and fix warnings
- !4176 tests: Expand tests for app launching via D-Bus
- !4196 refstring: add GEqualFunc for ref-counted strings
- !4202 simpleproxyresolver: Ignore host with scope id
- !4204 Fix minor issues found by static analysis, and add some additional
code comments
- !4216 build: Post-release version bump
- !4218 Persian l10n
- !4219 tests: Run lint tests with detected bash
- !4223 Update Korean translation
- !4224 Update Catalan translation
- !4225 Update Czech translation
- !4226 Update Portuguese translation
- !4227 gspawn: close child_err_report_fd before exiting on error
- !4235 Update Ukrainian translation
- !4236 Cherry pick Polish and Brazilian Portuguese translations from
glib-2-82 to main
- !4237 Update French translation
- !4239 Update Galician translations for main
- !4243 gresource: Convert docs to gi-docgen linking syntax
- !4244 build: Bump Meson dependency to 1.4.0
- !4245 resource: Add g_resource[s]_has_children and avoid a pointless
allocation
- !4248 dir: Avoid some allocations
- !4252 gio: Fix overindented docstring of buffer argument
- !4253 Update Bulgarian translation
- !4254 Update British English translation (main)
- !4256 Updated Lithuanian translation
- !4257 Update Hungarian translation
- !4260 Collation keys are not encoded in UTF-8
- !4261 gsocket windows: check event before calling WSAEnumNetworkEvents
- !4262 Update Russian translation
- !4264 Update Danish translation
- !4267 Update Georgian translation
- !4268 subprojects: Update pcre2 to 10.44
- !4269 docs(glib): Fix link in string-utils ref
- !4272 gio: Add a query_exists vfunc to GFile
- !4277 tests: Add some explicit float → int casts
- !4278 GDBus: Don't log a message for G_DBUS_CONNECTION_FLAGS_CROSS_NAMESPACE
- !4286 glib/gvariant: avoid GVariantType copy for stack builders
- !4288 girepository: Make _blob_is_registered_type static inline
- !4290 glib/gbytes: save small byte buffers inline
- !4292 Fix incorrect use of assert/debug/check macros
- !4293 gvarianttypeinfo: reduce caching overhead
- !4294 gvarianttype: mark const functions as such
- !4295 gvariant: Avoid malloc/free in valid_format_string()
- !4296 glib/gvariant: use g_utf8_validate() for strlen
- !4297 glib/gvarianttype: g_variant_type_is_subtype_of() fastpath
- !4298 glib/gvariant: avoid g_renew() for definite tuples
- !4299 glib/gvariant: Avoid extraneous GBytes ref counting
- !4300 gpoll windows: use a threadpool when polling large number of fds
- !4301 glib/gvariant: Inline small gvariant data using C99 flexible arrays
- !4302 glib/gvariant: skip bitlock for g_variant_ref_sink()
- !4303 gbytes: Convert docs to gi-docgen linking syntax
- !4304 gutf8: Convert docs to gi-docgen linking syntax
- !4305 build: switch back to c_std=gnu99 pending ObjC fix
- !4307 ci: Re-enable fatal warnings for FreeBSD CI
- !4308 utils: Add g_steal_handle_id() to complement g_clear_handle_id()
- !4310 tests: FreeBSD doesn't use glibc
- !4311 tests: Move fake-document-portal subprocess inside dbus-appinfo test
- !4313 remove quadratic behavior in g_string_replace
- !4315 fuzzing: Add simple fuzz test for g_string_replace()
- !4318 CI: Use Visual Studio 2019 for the MSVC CI
- !4321 gvariant-core.c: Fix suffix alignment on 32-bit MSVC builds
- !4322 gvariant: Fix unused variables when G_DISABLE_ASSERT is defined
- !4323 gbytes: Add an assertion to placate static analysis
- !4326 gvarianttype: Add two missing (nullable) annotations and port docs to
gi-docgen format
- !4327 gio/gdatainputstream: use memchr() when possible
- !4331 gir: Ignore function-inline and method-inline elements
- !4332 gstring: Fix a heap buffer overflow in the new g_string_replace() code
- !4334 fuzzing: Add input length limits on g_string_replace() test
- !4335 docs: Update CI platforms list and Visual Studio recommendation
- !4338 CI/MSYS2: Fix prefix for gobject-introspection
- !4339 Win32 cleanup: do not define STRICT
- !4340 gsocket: Fix #ifdef for defining g_socket_get_adapter_ipv4_addr()
- !4341 gio: Use g_steal_handle_id() with signal unsubscriptions
- !4342 CI: Add manual CI job for VS2019 ARM64 builds
- !4343 CI: Skip PCRE2 tests for now for 32-bit Visual Studio builds
- !4344 glib/gutf8: use ifunc to check for valgrind
- !4345 fuzzing: Add fuzz tests for GDataInputStream’s complex read methods
- !4346 gdate: Fix minor typo in documentation comment
- !4347 docs: Add Meson to the GSettings build integration
- !4348 gdatainputstream: Fix length return value on UTF-8 validation failure
- !4350 glib: Don't require GLIB_DOMAIN to be a NUL-terminated string
- !4351 Build fixes for building on Solaris & illumos
- !4352 gdatainputstream: Use memchr() for the multi-stop-char case too
- !4353 docs: Add CI runner maintainers to CODEOWNERS
- !4354 glib.supp: Suppress more _g_io_module_get_default_type leaks
- !4358 Add a CI job for Debian stable i386 (32-bit)
- !4359 tests: Use g_assert_*() rather than g_assert() in GDateTime tests
- !4365 fuzzing: Fix buffer overread error in the fuzz test itself
- !4366 glocalfile: Disable faccessat()-based query_exists on FreeBSD
- !4367 tests: Fix calls to deprecated API in unix-mounts tests
- !4373 macos: Remove extraneous space from type identifier
- !4374 thread: Force-limit thread name length
- !4375 Small improvements to g_on_error_stack_trace and g_on_error_query
- !4376 Enable GNetworkMonitorNetlink on FreeBSD
- !4377 gvariant: Introduce G_VARIANT_BUILDER_INIT_UNSET
- !4378 gio: Fix GFileEnumerator leaks in gio tools
- !4383 gtask: Fix comment for auto task naming via 'g_task_set_source_tag()'
* Translation updates:
- Bulgarian (twlvnn kraftwerk)
- Catalan (Jordi Mas)
- Czech (AsciiWolf)
- Danish (Ask Hjorth Larsen)
- English (United Kingdom) (Bruce Cowan)
- French (Vincent Chatelain)
- Galician (Fran Diéguez)
- Georgian (NorwayFun)
- Hungarian (Balázs Úr)
- Korean (Changwoo Ryu)
- Lithuanian (Aurimas Černius)
- Persian (Danial Behzadi)
- Polish (Piotr Drąg)
- Portuguese (Hugo Carvalho)
- Portuguese (Brazil) (Rafael Fontenelle)
- Russian (jtux270)
- Ukrainian (Yuri Chornoivan)
(From OE-Core rev: 3ea3a3eebcfac4338479fd5b4de960bfbd7d577c)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Manually setting the preferred version is not required or generally a
good idea as stated in:
meta/recipes-kernel/linux-libc-headers/linux-libc-headers.inc
# You're probably looking here thinking you need to create some new copy
# of linux-libc-headers since you have your own custom kernel. To put
# this simply, you DO NOT.
so remove that for linux-libc-headers.
(From OE-Core rev: 72eca56ba754079733da49403b59205a44b24709)
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
Manually setting preferred version is not required so remove that for binutils.
(From OE-Core rev: a6961e13d3dd4d94dbb771328e6c67c101a157be)
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- this update is required to work with gobject-introspection >= 1.83.2
Vala 0.56.18
============
* Various improvements and bug fixes:
- vala: Don't allow inheritance of compact class from non-compact class
- vala, libvaladoc: Fix color support detection in log reporting
- girparser: Handle `doc:format` element in root:repository [#1586]
- codegen: Use correct ctype for result variable in methods in more cases
- codegen: Fix conditional expression with only one void side
- valadoc: Sync gir argument handling from valacompiler.vala
- Update links to GNOME Wiki project and refer to new Vala websites
- Add CI for tarball release service
* Bindings:
- gio-2.0: Improve the {Input,Output}Message bindings
- glib-2.0: Fix the binding of `get_console_charset`
- glib-2.0: Add missing CCode.array_null_terminated attributes to IConv.iconv()
- glib-2.0: Make FileStream.*printf() return int [#1547]
- glib-2.0: Update RegexMatchFlags and RegexCompileFlags's binding to 2.74
- glib-2.0: Add Regex.escape_nul in GLib
- gnu: add binding for 'relocate' APIs
- gobject-2.0: Add TypeFlags missing values
- gstreamer-1.0: Skip ParamSpecArray and ParamSpecFraction
- libusb-1.0: Fix the LibUSB.TransferCb declaration
- libusb-1.0: Fix the LibUSB.HotPlugCb declaration
- sdl2: Fix CCode.destroy_function of SDL.RWops and usage of
SDL.RWops.from_file() [#1550]
- sdl2: Fix missing integer type for JoystickID [#1563]
(From OE-Core rev: 6aa3e8e7b701590097ecefc3cf9a193423c5a5ea)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
Its not being built by binutils anymore
(From OE-Core rev: b51c98d75437a4497fc727c1201b3f8d124deafa)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since commit c0fedbc7 ("linux-firmware: Upgrade to 20241017 and
allow compressing firmware") more firmware files were added and
some subpackages have been split further.
Some of these new subpackages do not use the correct globbing so
when FIRMWARE_COMPRESSION is set, the firmware files end up in
a different subpackage than they were intended.
For example, linux-firmware-amdgpu-aldebaran and others are empty
and everything ends up in linux-firmware-amdgpu-misc.
(From OE-Core rev: 5299816c59ea01905cfb73c72421bb8f11149426)
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
Also do a minor white space tweak.
(From OE-Core rev: 0e0e3b9474a88c62810d87268765aadea97714c0)
Signed-off-by: Daniel Ammann <daniel.ammann@bytesatwork.ch>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update declarations to allow building with gcc-15 with C23 std
being default now.
Fixes:
error: conflicting types for 'xdr_opaque_auth
(From OE-Core rev: 567faa5515fc314e2c251c8ee14fe8e4186a3d97)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to latest 1.24.x release [1]:
$ git --no-pager log --oneline go1.24.0..go1.24.1
339c903a75 (tag: go1.24.1) [release-branch.go1.24] go1.24.1
334de7982f [release-branch.go1.24] all: updated vendored x/net with security fix
5d6920842b [release-branch.go1.24] runtime/cgo: avoid errors from -Wdeclaration-after-statement
949eae84df [release-branch.go1.24] cmd/compile: don't pull constant offsets out of pointer arithmetic
0bfde51e0d [release-branch.go1.24] runtime: document that cleanups can run concurrently with each other
45a52718e3 [release-branch.go1.24] runtime/cgo: avoid errors from -Wdeclaration-after-statement
7f375e2c22 [release-branch.go1.24] reflect: let Value.Seq return the iteration value correct type
4070531920 [release-branch.go1.24] syscall: disable O_DIRECTORY on Windows for js/wasm
5ffdb9c88b [release-branch.go1.24] reflect: correctly handle method values in Seq
becc17ebcd [release-branch.go1.24] runtime: use WCLONE when waiting on pidfd test child
d418e224ae [release-branch.go1.24] syscall: don't send child signal when testing pidfd
456eaf5c29 [release-branch.go1.24] cmd/compile: don't report newLimit discovered when unsat happens multiple times
e4ef83383e [release-branch.go1.24] debug/buildinfo: base64-encode test binaries
4e6d3468cc [release-branch.go1.24] cmd/compile: ensure we don't reuse temporary register
f5c388313f [release-branch.go1.24] internal/godebugs: add fips140 as an opaque godebug setting
af236716b2 [release-branch.go1.24] cmd/compile, runtime: use deferreturn as target PC for recover from deferrangefunc
0f7b7600fb [release-branch.go1.24] doc/godebug: mention GODEBUG=fips140
eb58df7dbf [release-branch.go1.24] cmd/compile: avoid infinite recursion when inlining closures
30f4d9e117 [release-branch.go1.24] syscall: don't truncate newly created files on Windows
bb0e5c2045 [release-branch.go1.24] runtime: fix usleep on s390x/linux
cd0e528d3d [release-branch.go1.24] runtime: add some linknames back for `github.com/bytedance/sonic`
80e2e474b8 [release-branch.go1.24] cmd/go: initialize req.Header when loading git credential
Fixes CVE-2025-22870
[1] https://github.com/golang/go/compare/go1.24.0...go1.24.1
(From OE-Core rev: 55325a3cbc8ade35e811b95b6f4b7a5c2787800d)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Cherry-pick patch mentioning these CVEs.
(From OE-Core rev: 9d0422bfb97c01e4326dcad59a1fe8842d4cec90)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
CVE-2025-0689
Cherry-pick patch mentioning these CVEs.
(From OE-Core rev: 0fa593382a01d1dbeb6c697d422c1a186027f573)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Cherry-pick patch mentioning these CVEs.
(From OE-Core rev: 4e624e4737510f65a1dbbf31676eb6a4326aca72)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Cherry-pick patch mentioning this CVE.
(From OE-Core rev: 16739e8eb936ba1ed9f48cffca848691f258bcd5)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Cherry-pick patch mentioning this CVE.
(From OE-Core rev: e4c372c5078f60a980e8161ea88cee2e3b7f9626)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Cherry-pick patch mentioning this CVE.
(From OE-Core rev: c08e2e4e8b04107723702e0e97124642fb82f92f)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Cherry-pick patch mentioning this CVE.
(From OE-Core rev: f2cd97d9312f233a604d62a662a93a2d7d8ab3f3)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Cherry-pick patch mentioning this CVE.
(From OE-Core rev: 13fafdaa6958bd4cf1ff350caf355c8c41a80e47)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Cherry-pick patch mentioning this CVE.
(From OE-Core rev: a9a8ed1b41336913978c6300fac1deed83708ac4)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Cherry-pick patch mentioning this CVE.
(From OE-Core rev: a9a28975b3674f027369fbf40a979bc77ea71d23)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Cherry-pick patch mentioning this CVE.
(From OE-Core rev: 51d7f122bd8154fed3e261003d4accfbd085aad2)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Cherry-pick patch mentioning this CVE.
(From OE-Core rev: 662d705f0f947eef2eab5f72764d421698ca0588)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Cherry-pick patch mentioning this CVE.
(From OE-Core rev: 1b6bc19cb1fbc909f52296f1d82ab8255535a01c)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Cherry-pick patch mentioning these CVEs.
(From OE-Core rev: c408aaee0aa6fed6f2b0f14a06f91ef5e91cff9b)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Cherry-pick patch mentioning this CVE.
(From OE-Core rev: c9caf81174284969d8f71086f9dc1bb3e3910143)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
It is used to fix multiple CVEs.
(From OE-Core rev: 05791100fe67fd36ef24f98323890a4f3d6c3524)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
CVE-2021-46705 was needed only with 2.06
CVE-2023-4692 and CVE-2023-4693 were fixed in NVD DB meanwhile
(From OE-Core rev: d4a6b7b559465c2af5c016dd39475df6492c719f)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Add patch fix the error when do_image_btrfs:
ERROR: lzo support not compiled in
(From OE-Core rev: c0cd0079c4f0cdc54843713a6985563a153a3395)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
============
- Build system:
- PDF book:
- Add support for UNIX V10 sources.
- Makefiles:
- Don't pass an escaped # to grep(1). Use a trick to work with
both new and old systems. This fixes a regressions in the
build system from man-pages-6.11, which was itself introduced
while fixing a regression introduced in man-pages-6.10.
[RP: Tweak version typo in commit message]
(From OE-Core rev: d19fcc6885521d5ec41a32938299b4cc016c0030)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Noteworthy changes in version 2.5.5 (2025-03-07)
------------------------------------------------
* gpg: Fix a verification DoS due to a malicious subkey in the
keyring. [T7527]
* dirmngr: Fix possible hangs due to blocking connection requests.
[T6606, T7434]
* w32: On socket nonce mismatch close the socket. [T7434]
* w32: Print more detailed diagnostics for IPC errors.
* GPGME is not any more distributed with the Windows installer.
Please install gpg4win to get gpgme version.
See-also: gnupg-announce/2025q1/000491.html
Release-info: https://dev.gnupg.org/T7530
https://dev.gnupg.org/source/gnupg/browse/master/NEWS
(From OE-Core rev: e0eaf598193012c6b0ada9e56be9bc0d6b19ec97)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
These are tracked as versionless redhat CVEs in NVD DB.
(From OE-Core rev: 76c7bb2b9c1b5300f957f11e1601816f8f90b501)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This upgrade includes fix for CVE-2025-1390
Changelog:
https://sites.google.com/site/fullycapable/release-notes-for-libcap#h.ccbrq82zh7n9
(From OE-Core rev: bcc688bd61bea718e4983bd6d786fa73509bdd62)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This commit adds a backport patch to address a build issue with pipewire 1.4.0
| /home/flk/poky/build/tmp/work/corei7-64-poky-linux/libsdl2/2.32.2/SDL2-2.32.2/src/audio/pipewire/SDL_pipewire.c:593:37: error: passing argument 1 of 'pw_node_enum_params' from incompatible pointer type [-Wincompatible-pointer-types]
(From OE-Core rev: bacb0c9231176b605d22ad6eb168d041a2c64bd9)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Due to commit [lib: spdx30_tasks: Handle patched CVEs][1] applied,
duplicated CVE identifier for each CVE which increased +25% build
time (image task: do_create_image_sbom_spdx)
$ bitbake binutils-cross-x86_64
$ jq . tmp/deploy/spdx/3.0.1/x86_64/recipes/recipe-binutils-cross-x86_64.spdx.json | grep CVE-2023-25584
"spdxId": "http://spdx.org/spdxdocs/binutils-cross-x86_64-5de92009-80e6-55c5-8b1f-cc37f04fbe09/962efd5da447b81b017db54d3077be796d2e5b6e770a6b050467b24339c0995f/vulnerability/CVE-2023-25584",
"https://rdf.openembedded.org/spdx/3.0/alias": "http://spdxdocs.org/openembedded-alias/by-doc-hash/594f521fb7a3a4e9a2d3905303ffb04b016c3ce7693a775cca08be5af4d06658/binutils-cross-x86_64/UNIHASH/vulnerability/CVE-2023-25584"
"identifier": "CVE-2023-25584",
"https://cveawg.mitre.org/api/cve/CVE-2023-25584",
"https://www.cve.org/CVERecord?id=CVE-2023-25584"
"spdxId": "http://spdx.org/spdxdocs/binutils-cross-x86_64-5de92009-80e6-55c5-8b1f-cc37f04fbe09/962efd5da447b81b017db54d3077be796d2e5b6e770a6b050467b24339c0995f/vulnerability/CVE-2023-25584",
"https://rdf.openembedded.org/spdx/3.0/alias": "http://spdxdocs.org/openembedded-alias/by-doc-hash/594f521fb7a3a4e9a2d3905303ffb04b016c3ce7693a775cca08be5af4d06658/binutils-cross-x86_64/UNIHASH/vulnerability/CVE-2023-25584"
"identifier": "CVE-2023-25584",
"https://cveawg.mitre.org/api/cve/CVE-2023-25584",
"https://www.cve.org/CVERecord?id=CVE-2023-25584"
Since the commit [cve-check: annotate CVEs during analysis][2] improved
function get_patched_cves to:
- Check each patch file;
- Search for additional patched CVEs from CVE_STATUS;
And return dictionary patched_cve for each cve:
{
"abbrev-status": "xxx",
"status": "xxx",
"justification": "xxx",
"resource": "xxx",
"affected-vendor": "xxx",
"affected-product": "xxx",
}
But while adding CVE in meta/lib/oe/spdx30_tasks.py, the cve_by_status
requires decoded_status
{
"mapping": "xxx",
"detail": "xxx",
"description": "xxx",
}
This commit converts patched_cve to decoded_status
patched_cve["abbrev-status"] --> decoded_status["mapping"]
patched_cve["status"] --> decoded_status["detail"]
patched_cve["justification"] --> decoded_status["description"]
And remove duplicated search for additional patched CVEs from CVE_STATUS
(calling oe.cve_check.decode_cve_status)
After applying this commit
$ bitbake binutils-cross-x86_64
$ jq . tmp/deploy/spdx/3.0.1/x86_64/recipes/recipe-binutils-cross-x86_64.spdx.json | grep CVE-2023-25584
"spdxId": "http://spdx.org/spdxdocs/binutils-cross-x86_64-5de92009-80e6-55c5-8b1f-cc37f04fbe09/381bf593d99c005ecd2c2e0815b86bca2b9ff4cc2db59587aaddd3db95c67470/vulnerability/CVE-2023-25584",
"https://rdf.openembedded.org/spdx/3.0/alias": "http://spdxdocs.org/openembedded-alias/by-doc-hash/594f521fb7a3a4e9a2d3905303ffb04b016c3ce7693a775cca08be5af4d06658/binutils-cross-x86_64/UNIHASH/vulnerability/CVE-2023-25584"
"identifier": "CVE-2023-25584",
"https://cveawg.mitre.org/api/cve/CVE-2023-25584",
"https://www.cve.org/CVERecord?id=CVE-2023-25584"
[1] https://git.openembedded.org/openembedded-core/commit/?id=1ff496546279d8a97df5ec475007cfb095c2a0bc
[2] https://git.openembedded.org/openembedded-core/commit/?id=452e605b55ad61c08f4af7089a5a9c576ca28f7d
(From OE-Core rev: 08595b39b46ef2bf3a928d4528292ee31a990c98)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The SPDX library code was being ignored from taskhash calculations due
to accidentally being omitted from BBIMPORTS. This meant that changes in
the code or dependent variables would not cause the task to rebuild
correctly.
In order to add spdx_common, convert the `Dep` object from a named tuple
to a frozen dataclass. These function more or less equivalently, but the
bitbake code parser cannot handle named tuples.
Finally, the vardepsexclude that used to be present on the recipe tasks
needs to be moved to the python code in order for the variables to be
correctly ignored. Several unused exclusions were removed
(From OE-Core rev: eb597bf61cbcb0a4d43149404c93eec0894fb4c7)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Includes security fix
* CVE-2025-26594
* CVE-2025-26595
* CVE-2025-26596
* CVE-2025-26597
* CVE-2025-26598
* CVE-2025-26599
* CVE-2025-26600
* CVE-2025-26601
Ref: https://lists.x.org/archives/xorg-announce/2025-February/003584.html
https://lists.x.org/archives/xorg-announce/2025-February/003585.html
(From OE-Core rev: b5491688a045e52b2a1a00d04b746ed6af456784)
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For reasons we have explicit xorg.conf files for a number of the qemu
machines, but not all of them. These mainly disabled screen blanking
(which is now down with a separate fragment) but also explictly set the
device driver to fbdev which meant they didn't use the modesettings
driver as they should (with the virtio framebuffer from qemu).
This is the root cause of why the xserver 21.1.16 upgrade doesn't work
on a number of machines: the /sys probing changed and the fbdev driver
now refuses to use the PCI framebuffer device as there are better
drivers, but we've explictly told xorg to use the wrong driver.
For more details, see https://gitlab.freedesktop.org/xorg/xserver/-/issues/1798.
(From OE-Core rev: 8c8039bf4c2d011e3d12c970ce45036b184902a9)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Add a configuration fragment that disables screen blanking, and add it
to all qemu machines.
(From OE-Core rev: 780a5ccaa51d5aed18200883a686387e70847e4b)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: 34adcb09da9098561c6fb5946c5ff6491c4b9154)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Unfortunately this has been overlooked, and resulted in
erroneous updates to testing/development releases.
The check will report an 'unknown' latest version until 2.6.0
is released.
(From OE-Core rev: 7e505c1506ea6a079b0291f84e4ec6774064ef20)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: 40ca9ee277f8638fde5f8afb2246f79a56ab9a42)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: 8514809f0ce06dc146774d753d8eb061620b5bb5)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Test with only one externally provided ssh key not only with two
keys generated by the kernel-fitimage.bbclass itself.
* Add a test which signs only the configuration but not the image nodes.
There was no test case which covered the probably much more important
use case of setting FIT_SIGN_INDIVIDUAL = "0".
* Cover also the unbundled initramfs use case. Also this use case is
probably much more relevant than the bundled initramnfs use case.
(From OE-Core rev: 0a5b65b83dcd9f8d1d22d074fdfad1f1e472827c)
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a comprehensive cleanup of the fitImage related test cases.
The existing test cases were essentially the same code copied and pasted
9 times. All 9 test cases contained the code to parse an its file and to
parse the output of the dumpimage utility in slightly different variants.
Changing the kernel-fitimage.bbclass or the uboot-sign.bbclass would mean
changing 9 test cases individually. This is no longer maintainable.
This cleanup converts the code into reusable functions. The new test
code is more like a reverse implementation of the bbclasses to be tested
than a collection of straightforward test sequences.
This also means that the test code evaluates the same bitbake variables
as the implementation. This makes it much easier to add new test cases,
as a test case is basically just another local.conf file. The code is
not yet complete. But it can now be improved step by step in this
direction.
(From OE-Core rev: 1dfa03a182d9d9e9e38c410847c7dac4ed7e8ce6)
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This is a trivial refactoring.
The goal is to have all tests for kernel-fitimage.bbclass and all tests
for uboot-sign.bbclass together. This refactoring greatly simplifies
the diff of the next commit.
(From OE-Core rev: 638abab58b653a1fb120368bd5e30bc80478757c)
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For u-boot test cases (bitbake virtual/bootloader) inheriting the
kernel-fitimage.bbclass is no longer needed. Also setting any variable
which is evaluated by the kernel-fitimage.bbclass but not by
uboot-sign.bbclass is pointless since:
* Commit OE-Core rev: 5e12dc911d0c541f43aa6d0c046fb87e8b7c1f7e
changed the test case from
bitbake virtual/kernel
to
bitbake virtual/bootloader
* Commit OE-Core rev: 259bfa86f384206f0d0a96a5b84887186c5f689e has
finally removed the dependency of uboot-sign.bbclass on the
kernel-fitimage.bbclass completely.
Remove the related lines of code which are now without any effect.
The two test cases test_uboot_fit_image and test_uboot_sign_fit_image
do the exact same test. Both generate a binary equal its file:
/dts-v1/;
/ {
description = "A model description";
#address-cells = <1>;
images {
uboot {
description = "U-Boot image";
data = /incbin/("u-boot-nodtb.bin");
type = "standalone";
os = "u-boot";
arch = "arm";
compression = "none";
load = <0x80080000>;
entry = <0x80080000>;
};
fdt {
description = "U-Boot FDT";
data = /incbin/("u-boot.dtb");
type = "flat_dt";
arch = "arm";
compression = "none";
};
};
configurations {
default = "conf";
conf {
description = "Boot with signed U-Boot FIT";
loadables = "uboot";
fdt = "fdt";
};
};
};
The code diff between the two equal test cases looks like:
@@ -1,8 +1,9 @@
- def test_uboot_fit_image(self):
+ def test_uboot_sign_fit_image(self):
"""
Summary: Check if Uboot FIT image and Image Tree Source
(its) are built and the Image Tree Source has the
- correct fields.
+ correct fields, in the scenario where the Kernel
+ is also creating/signing it's fitImage.
Expected: 1. u-boot-fitImage and u-boot-its can be built
2. The type, load address, entrypoint address and
default values of U-boot image are correct in the
@@ -26,16 +27,15 @@
UBOOT_LOADADDRESS = "0x80080000"
UBOOT_ENTRYPOINT = "0x80080000"
UBOOT_FIT_DESC = "A model description"
-
-# Enable creation of Kernel fitImage
KERNEL_IMAGETYPES += " fitImage "
-KERNEL_CLASSES = " kernel-fitimage"
+KERNEL_CLASSES = " kernel-fitimage "
UBOOT_SIGN_ENABLE = "1"
FIT_GENERATE_KEYS = "1"
UBOOT_SIGN_KEYDIR = "${TOPDIR}/signing-keys"
UBOOT_SIGN_IMG_KEYNAME = "img-oe-selftest"
UBOOT_SIGN_KEYNAME = "cfg-oe-selftest"
FIT_SIGN_INDIVIDUAL = "1"
+UBOOT_MKIMAGE_SIGN_ARGS = "-c 'a smart U-Boot comment'"
"""
self.write_config(config)
Conclusion: The test case test_uboot_sign_fit_image looks redundant.
Contrary to its name, it does not insert any signature nodes into the
its-file and therefore does not test any type of signature.
Code history:
- Commit OE-Core rev: e71e4c617568496ae3bd6bb678f97b4f73cb43d8
introduces both test cases.
- Commit OE-Core rev: 5e12dc911d0c541f43aa6d0c046fb87e8b7c1f7e
changes both test cases like this:
- bitbake("virtual/kernel")
+ bitbake("virtual/bootloader")
It looks like the original implementation of test_uboot_sign_fit_image
was supposed to test the interaction between the kernel-fitimage.bbclass
and uboot-sign.bbclass which does not longer work like that.
When compiling u-boot, the variable that is relevant for creating an its
file with signature nodes is: SPL_SIGN_ENABLE. This is what the test
case test_sign_standalone_uboot_fit_image verifies. Lets just delete the
now obsolete test_uboot_sign_fit_image test case.
(From OE-Core rev: de8bfdff0f997f59a2bd27842a2ffcd365f725f3)
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Compiling a FIT image with this default values and dump it with
dumpimage shows decimal converted values. For example the default value
20008000 looks like this:
Image 0 (kernel-1)
...
Load Address: 0x01314c40
Entry Point: 0x01314c40
With this change the expected value is printed by dumpimage.
(From OE-Core rev: e6f2ca9135ef7da8f8b5925957532734c06e55cc)
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If FIT_SIGN_INDIVIDUAL is set to “1”, a signature section is added
to all screen sections, but not to the setup section. To match the setup
section with all other sections, the signature is also added. This also
helps to implement the associated tests generically.
This change is intended to make the code more consistent. However, it is
not intended to make the FIT_SIGN_INDIVIDUAL function more popular.
Technically, it would be better to remove the signature from all other
image sections and discard the FIT_SIGN_INDIVIDUAL function, the use of
which is no longer recommended anyway.
(From OE-Core rev: 8bf6a9c07cdde8fc8bbd4bb61a4886ccc02a570f)
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
| |
(From OE-Core rev: 6027a6c6cf283bfb639bb6c3bc2f35b3da225352)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
