summaryrefslogtreecommitdiff
path: root/poky/meta/recipes-support/gnutls
diff options
context:
space:
mode:
authorAndrew Geissler <geissonator@yahoo.com>2020-12-01 04:58:47 +0300
committerAndrew Geissler <geissonator@yahoo.com>2020-12-01 18:27:18 +0300
commit6ce62a20847b1bd500386c842cf8b801b678bd1c (patch)
tree69d169c5d109b03251c4300f39cce5a575194e6f /poky/meta/recipes-support/gnutls
parentf31b8bdb5991e0570aeaf04a9bc50f41d55bccbe (diff)
downloadopenbmc-6ce62a20847b1bd500386c842cf8b801b678bd1c.tar.xz
poky: subtree update:7231c10430..0ac99625bf
Alban Bedel (1): systemd: Fix systemd when used with busybox less Alejandro Hernandez Samaniego (3): poky-tiny: Reduce busybox size by 13% poky-tiny: Enable size optimization by default python3: Update manifest Alexander Kamensky (1): kexec: arm64: disabled check if kaslr-seed dtb property was wiped Alexander Kanavin (128): systemd-boot: upgrade 246.2 -> 246.6 glib-2.0: upgrade 2.64.5 -> 2.66.1 cmake: update 3.18.2 -> 3.18.4 python3-pygobject: upgrade 3.36.1 -> 3.38.0 libdazzle: upgrade 3.36.0 -> 3.38.0 gobject-introspection: upgrade 1.64.1 -> 1.66.1 json-glib: upgrade 1.4.4 -> 1.6.0 ovmf: update edk2-stable202005 -> edk2-stable202008 gnu-config: update to latest revision file: enable all built-in compression checkers rpm: update 4.15.1 -> 4.16.0 elfutils: update 0.180 -> 0.181 ghostscript: update 9.52 -> 9.53.3 ltp: update 20200515 -> 20200930 gsettings-desktop-schemas: update 3.36.1 -> 3.38.0 libsecret: update 0.20.3 -> 0.20.4 mesa: update 20.1.8 -> 20.2.1 xf86-video-vesa: update 2.4.0 -> 2.5.0 lttng-modules: update 2.12.2 -> 2.12.3 webkitgtk: update 2.28.4 -> 2.30.1 dos2unix: update 7.4.1 -> 7.4.2 gnutls: update 3.16.4 -> 3.16.5 libcap: update 2.43 -> 2.44 vte: update 0.60.3 -> 0.62.1 libhandy: upgrade 0.0.13 -> 1.0.0 libportal: add a recipe epiphany: upgrade 3.36.4 -> 3.38.1 gtk-doc: upgrade 1.32 -> 1.33.0 rpm: adjust MIPS64 N32 support apt: remove host contamination with gtest opkg-utils: correct priority matching in update-alternatives libxml2: add a patch to fix python 3.9 support python: update 3.8.5 -> 3.9.0 glib-2.0: update 2.66.1 -> 2.66.2 json-glib: fix reproducibility spirv-tools: correctly set PV spirv-tools: upgrade 2019.5 -> 2020.5 glslang: fix upstream version check glslang: upgrade 8.13.3559 -> 8.13.3743 glslang: bump to a newer commit shaderc: upgrade 2019.0 -> 2020.3 vulkan: update 1.2.135 -> 1.2.154 vulkan-samples: replace vulkan-demos piglit: upgrade to latest revision acpica: upgrade 20200717 -> 20200925 adwaita-icon-theme: upgrade 3.36.1 -> 3.38.0 at-spi2-atk: upgrade 2.34.2 -> 2.38.0 at-spi2-core: upgrade 2.36.1 -> 2.38.0 bison: upgrade 3.7.2 -> 3.7.3 createrepo-c: upgrade 0.16.0 -> 0.16.1 curl: upgrade 7.72.0 -> 7.73.0 debianutils: upgrade 4.11.1 -> 4.11.2 dhcpcd: upgrade 9.2.0 -> 9.3.1 dmidecode: upgrade 3.2 -> 3.3 dnf: upgrade 4.2.23 -> 4.4.0 ethtool: upgrade 5.8 -> 5.9 expat: upgrade 2.2.9 -> 2.2.10 gcr: upgrade 3.36.0 -> 3.38.0 glib-networking: upgrade 2.64.3 -> 2.66.0 gtk+3: upgrade 3.24.22 -> 3.24.23 help2man: upgrade 1.47.15 -> 1.47.16 i2c-tools: upgrade 4.1 -> 4.2 iw: upgrade 5.8 -> 5.9 kmscube: upgrade to latest revision less: upgrade 562 -> 563 libdnf: upgrade 0.48.0 -> 0.54.2 libgudev: upgrade 233 -> 234 libinput: upgrade 1.16.1 -> 1.16.2 libuv: upgrade 1.39.0 -> 1.40.0 libva: upgrade 2.8.0 -> 2.9.0 libva-utils: update 2.8.0 -> 2.9.1 libwpe: upgrade 1.7.1 -> 1.8.0 libxkbcommon: upgrade 0.10.0 -> 1.0.1 openssh: upgrade 8.3p1 -> 8.4p1 openssl: upgrade 1.1.1g -> 1.1.1h strace: upgrade 5.8 -> 5.9 sudo: upgrade 1.9.3 -> 1.9.3p1 vala: upgrade 0.48.9 -> 0.50.1 wpebackend-fdo: upgrade 1.7.1 -> 1.8.0 xkeyboard-config: upgrade 2.30 -> 2.31 u-boot: upgrade 2020.07 -> 2020.10 usbutils: upgrade 012 -> 013 nfs-utils: upgrade 2.5.1 -> 2.5.2 dropbear: upgrade 2020.80 -> 2020.81 btrfs-tools: upgrade 5.7 -> 5.9 git: upgrade 2.28.0 -> 2.29.2 go: upgrade 1.15.2 -> 1.15.3 mtools: upgrade 4.0.24 -> 4.0.25 python3-numpy: upgrade 1.19.1 -> 1.19.3 python3-git: upgrade 3.1.7 -> 3.1.11 python3-pyelftools: upgrade 0.26 -> 0.27 python3-pygments: upgrade 2.6.1 -> 2.7.2 python3-setuptools: upgrade 49.6.0 -> 50.3.2 asciidoc: upgrade 9.0.2 -> 9.0.4 iptables: upgrade 1.8.5 -> 1.8.6 libsolv: upgrade 0.7.14 -> 0.7.16 stress-ng: upgrade 0.11.21 -> 0.11.23 libhandy: upgrade 1.0.0 -> 1.0.1 freetype: upgrade 2.10.2 -> 2.10.4 linux-firmware: upgrade 20200817 -> 20201022 alsa: upgrade 1.2.3 -> 1.2.4 gstreamer1.0: upgrade 1.18.0 -> 1.18.1 x264: upgrade to latest revision rt-tests/hwlatdetect: upgrade 1.8 -> 1.9 webkitgtk: upgrade 2.30.1 -> 2.30.2 diffoscope: upgrade 160 -> 161 enchant2: upgrade 2.2.9 -> 2.2.12 libassuan: upgrade 2.5.3 -> 2.5.4 libcap-ng: upgrade 0.7.11 -> 0.8 libevdev: upgrade 1.9.1 -> 1.10.0 libgcrypt: upgrade 1.8.6 -> 1.8.7 libmpc: upgrade 1.2.0 -> 1.2.1 libsoup-2.4: upgrade 2.70.0 -> 2.72.0 numactl: upgrade 2.0.13 -> 2.0.14 kea: use odd-even version scheme for updates mesa: fix a build race clutter-gst-3.0: do not call out to host gstreamer plugin scanner conf-notes.txt: mention more important images than just sato weston-init: correctly start under systemd weston-init: fall back to fbdev under x32 wayland-utils: introduce a recipe poky/conf-notes.txt: mention more important images than just sato python3: split python target configuration into own class python3-pycairo: use python3targetconfig distutils3-base.bbclass: use python3targetconfig meta: drop _PYTHON_SYSCONFIGDATA_NAME hacks gpgme: use python3targetconfig bitbake: lib/bb/fetch2/__init__.py: drop _PYTHON_SYSCONFIGDATA_NAME unsetting Alexander Vickberg (1): socat: make building with OpenSSL support optional Alistair (1): weston-init: Fix incorrect idle-time setting Andrej Valek (1): autotools: CONFIG_SHELL defaults Andrey Zhizhikin (1): insane: add GitLab /archive/ tests Anibal Limon (1): recipes-graphics: libxkbcommon disable build of libxkbregistry Anuj Mittal (2): glib-2.0: RDEPEND on dbusmock only when GI_DATA_ENABLED is True distutils-common-base: fix LINKSHARED expansion Bruce Ashfield (17): kernel: provide module.lds for out of tree builds in v5.10+ linux-yocto/5.8: update to v5.8.15 linux-yocto/5.4: update to v5.4.71 linux-yocto/5.8: update to v5.8.16 linux-yocto/5.4: update to v5.4.72 linux-yocto/5.8: update to v5.8.17 linux-yocto/5.4: update to v5.4.73 linux-yocto-dev: move to v5.10-rc linux-yocto/5.4: config cleanup / warnings linux-yocto/5.8: config cleanup / warnings linux-yocto/5.8: update to v5.8.18 linux-yocto/5.4: update to v5.4.75 kernel: relocate copy of module.lds to module compilation task linux-yocto/5.4: perf: Alias SYS_futex with SYS_futex_time64 on 32-bit arches with 64bit time_t linux-yocto/5.8: perf: Alias SYS_futex with SYS_futex_time64 on 32-bit arches with 64bit time_t linux-yocto/5.8: ext4/tipc warning fixups linux-yocto/5.4: update to v5.4.78 Chaitanya Vadrevu (1): isoimage-isohybrid.py: Support adding files/dirs Changqing Li (2): timezone: upgrade to 2020d vulkan-samples: fix do_compile failure Chee Yang Lee (2): bluez5: update to 5.55 ruby: update to 2.7.2 Chris Laplante (4): bitbake: main: extract creation of argument parser into function so it can be utilized externally, e.g. by unit tests bitbake: bb.ui: delete __init__.py to make bb.ui a namespace package bitbake: cookerdata: tweak to avoid mutable default argument cases/bbtests.py: ensure PACKAGE_CLASSES is set to RPM for bbtests.BitbakeTests.test_force_task_1 Dan Callaghan (1): gdb: add PACKAGECONFIG for xz (lzma) compression support Denys Dmytriyenko (1): grep: upgrade 3.4 -> 3.5 Denys Zagorui (1): binutils: reproducibility: reuse debug-prefix-map for stabs Federico Pellegrin (1): openssl: Add c_rehash to misc package and add perl runtime dependency Fedor Ross (2): sysvinit: remove bashism to be compatible with dash eudev: remove bashism to be compatible with dash Fredrik Gustafsson (1): package management: Allow dynamic loading of PM Gratian Crisan (1): kernel-module-split.bbclass: identify kernel modconf files as configuration files He Zhe (1): lttng-modules: Backport a patch to fix btrfs build failure Hombourger, Cedric (1): bitbake: fetch2: use relative symlinks for anything pulled from PREMIRRORS Hongxu Jia (1): bitbake: Revert "bb.ui: delete __init__.py to make bb.ui a namespace package" INC@Cisco) (1): kernel-devsrc: improve reproducibility for arm64 Jason Wessel (2): base-files/profile: Add universal resize function systemd-serialgetty: Switch to TERM=linux Jose Quaresma (31): spirv-tools: import from meta-oe to OE core spirv-tools: enable native build and install more header files glslang: add receipe shaderc: add receipe spirv-tools: fix identation and cleanup install append maintainers.inc: Add Jose Quaresma gstreamer1.0: Fix reproducibility issue around libcap gstreamer1.0: upgrade to version 1.18.0 gstreamer1.0-plugins-base: upgrade to version 1.18.0 gstreamer1.0-plugins-base: add new meson option as PACKAGECONFIG gstreamer1.0-plugins-good: upgrade to version 1.18.0 gstreamer1.0-plugins-good: disable new meson options gstreamer1.0-plugins-good: add new meson option as PACKAGECONFIG gstreamer1.0-plugins-bad: upgrade to version 1.18.0 gstreamer1.0-plugins-bad: disable new meson options gstreamer1.0-plugins-bad: add new meson options as PACKAGECONFIG gstreamer1.0-plugins-ugly: upgrade to version 1.18.0 gstreamer1.0-python: upgrade to version 1.18.0 gstreamer1.0-python: install append is not need any more gstreamer1.0-rtsp-server: upgrade to version 1.18.0 gstreamer1.0-vaapi: upgrade to version 1.18.0 gst-examples: upgrade to version 1.18.0 gstreamer1.0-omx: upgrade to version 1.18.0 gstreamer1.0-libav: upgrade to version 1.18.0 gst-devtools: add version 1.18.0 (gst-validate -> gst-devtools) orc: Upgrade 0.4.31 -> 0.4.32 gstreamer1.0-plugins-good: on wayland qt5 needs qtwayland gstreamer1.0-libav: add comercial license flags as ffmpeg needs this gstreamer1.0-plugins-bad: add srt package config knob ffmpeg: add srt package config knob gstreamer1.0-plugins-good: add package config knob for the Raspberry Pi Joseph Reynolds (1): add new extrausers command passwd-expire Joshua Watt (8): documentation: Add Pipenv support systemd: Re-enable chvt as non-root user without polkit python3-pycryptodomex: upgrade 3.9.8 -> 3.9.9 weston-init: Stop running weston as root python3-pycryptodome: upgrade 3.9.8 -> 3.9.9 bitbake: bitbake: hashserve: Add async client bitbake: bitbake: hashserve: Add support for readonly upstream bitbake: bitbake: cache: Remove bad keys() function Kai Kang (1): sudo: fix multilib conflict Khasim Mohammed (1): grub: add grub-nativesdk Khem Raj (34): webkitgtk: Disable gold linker and JIT on riscv init-ifupdown: Define interfaces file for riscv emulators init-ifupdown: Merge all interface files for differnet qemus musl: Update to latest master qemuboot.bbclass: Fix a typo musl: Add .file directive in crt assembly files musl: Update to latest rpm: Fix error.h handing properly on musl gdb: Update to 10.x release numactl: Link with libatomic on rv64/rv32 gstreamer: Fix build on 32bit arches with 64bit time_t rt-tests: Enable only for x86/ppc64 architectures lto: Add global LTO distro policy file python3: Enable lto if its in DISTRO_FEATURES lto.inc: Add -ffat-lto-objects and -fuse-linker-plugin lto: Introduce LTOEXTRA variable libaio: Disable LTO weston: Fix linking with LTO lto.inc: Disable LTO for xserver-xorg gcc: Do no parameterize LTO configuration flags puzzles: Check for excessive constant arguments lto.inc: Disable LTO for perf gcc: Handle duplicate names for variables musl: Update to latest master lrzsz: Use Cross AR during compile gawk: Avoid using host ar during cross compile lto.inc: Disable LTO for webkit python-numpy: Add support for riscv32 arch-riscv: Enable qemu-usermode on rv32 python3targetconfig.bbclass: Make py3 dep and tasks only for target recipes go: Update to 1.15.5 binutils: Fix linker errors on chromium/ffmpeg on aarch64 python3-numpy: Upgrade to 1.19.4 python3-numpy: Add ptest Konrad Weihmann (3): oeqa/core/context: expose results as variable oeqa/core/context: initialize _run_end_time testimage: print results for interrupted runs Lee Chee Yang (5): bitbake: BBHandler: prompt error when task name contain expression libproxy: fix CVE-2020-26154 python3: fix CVE-2020-27619 python3: whitelist CVE-2020-15523 qemu: fix CVE-2020-24352 Loic Domaigne (1): roofs_*.bbclass: fix missing vardeps for do_rootfs Luca Boccassi (1): dbus: split -common and -tools out of main package Mark Jonas (4): libsdl2: Fix directfb syntax error libsdl2: Fix directfb SDL_RenderFillRect libbsd: Remove BSD-4-Clause from main package libsdl2: Add directfb to PACKAGECONFIG rdepends Martin Jansa (5): tune-arm9tdmi.inc: include arm9tdmi in PACKAGE_ARCHS gnutls: explicitly set --with-librt-prefix webkitgtk: fix opengl PACKAGECONFIG webkitgtk: fix build with x11 enabled weston: add pam to REQUIRED_DISTRO_FEATURES Matt Madison (1): layer.conf: fix syntax error in PATH setting Max Krummenacher (1): linux-firmware: rdepend on license for all nvidia packages Maxime Roussin-BĂ©langer (3): meta: fix some unresponsive homepages and bugtracker links bitbake: cache: remove unused variables. bitbake: monitordisk: remove unused function parameter Mert Kirpici (2): bitbake: fetch2: add zstd support to unpack bitbake: doc/conf.py: add missing import sys Mingli Yu (2): bitbake.conf: Exclude ${CCACHE_DIR} from pseudo database update_udev_hwdb: clean hwdb.bin Nathan Rossi (4): vim: add nativesdk to BBCLASSEXTEND rsync: add nativesdk to BBCLASSEXTEND diffstat: add nativesdk to BBCLASSEXTEND cml1.bbclass: Handle ncurses-native being available via pkg-config Nicolas Dechesne (17): conf: update for release 3.2 poky.yaml: remove unused variables poky.yaml: updates for 3.2 sphinx: releases: add link to 3.1.3 what-i-wish-id-known: replace labels with references to section title sdk-manual: replace labels with references to section title ref-manual: replace labels with references to section title dev-manual: replace labels with references to section title kernel-dev: replace labels with references to section title test-manual: remove unused labels bsp-guide: remove unused labels kernel-dev: remove unused labels profile-manual: remove unused labels sdk-manual: remove unused labels toaster-manual: remove unused labels Makefile: enable parallel build bitbake: docs: Makefile: enable parallel build Norbert Kaminski (1): grub: Add support for RISC-V Paul Barker (11): conf.py: Improve TOC and Outline depth in PDF output conf.py: Add oe_git directive documentation/README: Refer to top-level README for contributions dev-manual-common-tasks: Fix refs to testing branches dev-manual-common-tasks: Update & move patchwork reference dev-manual-common-tasks: Tidy up patch submission process dev-manual-common-tasks: Describe git-send-email accurately dev-manual-common-tasks: Describe how to handle patch feedback dev-manual-common-tasks: Describe how to propose changes to stable branches dev-manual-common-tasks: Re-order patch submission instructions poky.yaml: Define DISTRO_NAME_NO_CAP_LTS Paul Eggleton (10): ref-manual: add reference anchors for each QA check ref-manual: fix for features_check class change ref-manual: QA check updates ref-manual: add PSEUDO_IGNORE_PATHS ref-manual: add IMAGE_VERSION_SUFFIX variable ref-manual: add IMAGE_NAME_SUFFIX variable ref-manual: add migration section for 3.2 ref-manual: add IMAGE_LINK_NAME ref-manual: add migration info for image-artifact-names ref-manual: add migration info about MLPREFIX changes Peter Bergin (2): rt-tests: backport patch that enable build for all archs Revert "rt-tests: Enable only for x86/ppc64 architectures" Purushottam choudhary (1): systemd: selinux hook handling to enumerate nexthop Randy MacLeod (1): libsdl2: Disable video-rpi Randy Witt (4): numactl: Add the recipe for numactl numactl: Remove COMPATIBLE_HOST restrictions numactl: Skip the ptests when numa is not supported rt-tests: Update recipes to use 1.8 Ricardo Salveti (1): dosfstools: add mkfs.vfat to ALTERNATIVE Richard Leitner (4): deb: replace deprecated apt force-yes argument xcb-proto: update to 1.14.1 deb: export INTERCEPT_DIR for remove actions weston-init: introduce WESTON_GROUP Richard Purdie (21): ref-manual/faq: Add entry for why binaries are changed in images dev-manual: Add a note about prelink changing prebuild binaries sstatesig: Log timestamps for hashequiv in reprodubile builds for do_package netbase: Add whitespace to purge bogus hash equivalence from autobuilder scripts/buildhistory_analysis: Avoid tracebacks from file comparision code maintainers: Add myself as numactl maintainer to avoid QA errors bitbake: bitbake: Post release version bump poky.conf: Post release version bump libxcb: Fix install file owner/group bitbake: siggen: Remove broken optimisation bitbake: fetch2/git: Document that we won't support passwords in git urls sstatesig: Remove workaround for bitbake taskhash bug ptest-runner: Fix license as it contains 'or later' clause libdnf: Fix license as it contains 'or later' clause alsa-utils: Fix license to GPLv2 only overview-manual-concepts: Fix the compiler bootstrap process bitbake: Add missing documentation Makefile oeqa/commands: Fix compatibility with python 3.9 fs-perms: Ensure /usr/src/debug/ file modes are correct e2fsprogs: Fix a ptest permissions determinism issue uninative: Don't use single sstate for pseudo-native Robert P. J. Day (3): ref-manual/ref-variables: "PACKAGE_FEEDS_ARCHS" -> "PACKAGE_FEED_ARCHS" README: "yocto-project-qs" -> "brief-yoctoprojectqs" adt-manual: delete obsolete ADT manual, and related content Ross Burton (13): rpm: use libgcrypt instead of OpenSSL for cryptography syslinux: add link to upstream discussion in patch json-glib: use PACKAGECONFIG for tests json-glib: update patch status libical: backport a patch to fix build with ICU 68.1 webkitgtk: fix build with ICU 68.1 cve-check: show real PN/PV python3: add CVE-2007-4559 to whitelist sqlite3: add CVE-2015-3717 to whitelist gstreamer1.0-rtsp-server: set CVE_PRODUCT gstreamer1.0-plugins-base: set CVE_PRODUCT bitbake: providers: selected version not available should be a warning cve-update-db-native: handle all-wildcard versions Saul Wold (1): classes/buildhistory: record LICENSE Sinan Kaya (2): volatile-binds: add /srv to mount and install kernel-uboot: allow compression option to be configurable Stacy Gaikovaia (1): valgrind: helgrind: Intercept libc functions Steve Sakoman (3): netbase: update SRC_URI to reflect new file name openssh: whitelist CVE-2014-9278 cups: whitelist CVE-2018-6553 Tim Orling (22): python3-atomicwrites: move from meta-python python3-attrs: move from meta-python python3-iniconfig: move from meta-python python3-more-itertools: move from meta-python python3-pathlib2: move from meta-python python3-toml: move from meta-python python3-py: move from meta-python python3-setuptools-scm: move from meta-python python3-packaging: move from meta-python python3-wcwidth: move from meta-python python3-zipp: move from meta-python python3-importlib-metadata: move from meta-python python3-pluggy: move from meta-python python3-pytest: move from meta-python maintainers.inc: add self for new pytest packages python3-more-itertools: upgrade 8.5.0 -> 8.6.0 python3-importlib-metadata: upgrade 2.0.0 to 3.1.0 python3-pytest: RDEPENDS on python3-toml python3-hypothesis: move from meta-python python3-sortedcontainers: move from meta-python maintainers.inc: add self for new python recipes python3-hypothesis: upgrade 5.41.3 -> 5.41.4 Tom Hochstein (1): mesa: Add xcb-fixes to loader when using x11 and dri3 Vyacheslav Yurkov (1): license_image.bbclass: use canonical name for license files Wonmin Jung (1): kernel: Set proper LD in KERNEL_KCONFIG_COMMAND Yann Dirson (6): systemtap: split examples and python scripts out of main package systemtap: remove extra dependencies systemtap: clarify the relation between exporter and python3-probes feature systemtap: fix install when python3-probes is disabled in PACKAGECONFIG systemtap: split runtime material in its own package systemtap: avoid RDEPENDS on python3-core when not using python3 Yann E. MORIN (2): common-licenses: add bzip2-1.0.4 recipes-core/busybox: fixup licensing information Yi Zhao (5): resolvconf: do not install dhclient hooks connman: set service to conflict with systemd-networkd pulseaudio: unify volatiles file name dhcpcd: install dhcpcd to /sbin rather than /usr/sbin dhcpcd: upgrade 9.3.1 -> 9.3.2 Yongxin Liu (2): grub: fix several CVEs in grub 2.04 grub: clean up CVE patches zangrc (18): python3-pycairo: upgrade 1.19.1 -> 1.20.0 iproute2: upgrade 5.8.0 -> 5.9.0 icu: upgrade 67.1 -> 68.1 libdnf: upgrade 0.54.2 -> 0.55.0 libinput: upgrade 1.16.2 -> 1.16.3 enchant2: upgrade 2.2.12 -> 2.2.13 libdrm: upgrade 2.4.102 -> 2.4.103 gmp: upgrade 6.2.0 -> 6.2.1 gpgme: upgrade 1.14.0 -> 1.15.0 libunwind: upgrade 1.4.0 -> 1.5.0 msmtp: upgrade 1.8.12 -> 1.8.13 gtk-doc: upgrade 1.33.0 -> 1.33.1 hdparm: upgrade 9.58 -> 9.60 libcap-ng: upgrade 0.8 -> 0.8.1 libjpeg-turbo: upgrade 2.0.5 -> 2.0.6 libxkbcommon: upgrade 1.0.1 -> 1.0.3 pulseaudio: upgrade 13.0 -> 14.0 wireless-regdb: upgrade 2020.04.29 -> 2020.11.20 Signed-off-by: Andrew Geissler <geissonator@yahoo.com> Change-Id: I22fa6c7160be5ff2105113cc63acc25f8977ae4e
Diffstat (limited to 'poky/meta/recipes-support/gnutls')
-rw-r--r--poky/meta/recipes-support/gnutls/gnutls/0001-Modied-the-license-to-GPLv2.1-to-keep-with-LICENSE-f.patch90
-rw-r--r--poky/meta/recipes-support/gnutls/gnutls/CVE-2020-24659.patch117
-rw-r--r--poky/meta/recipes-support/gnutls/gnutls_3.6.15.bb (renamed from poky/meta/recipes-support/gnutls/gnutls_3.6.14.bb)7
3 files changed, 3 insertions, 211 deletions
diff --git a/poky/meta/recipes-support/gnutls/gnutls/0001-Modied-the-license-to-GPLv2.1-to-keep-with-LICENSE-f.patch b/poky/meta/recipes-support/gnutls/gnutls/0001-Modied-the-license-to-GPLv2.1-to-keep-with-LICENSE-f.patch
deleted file mode 100644
index a610abf9b..000000000
--- a/poky/meta/recipes-support/gnutls/gnutls/0001-Modied-the-license-to-GPLv2.1-to-keep-with-LICENSE-f.patch
+++ /dev/null
@@ -1,90 +0,0 @@
-From c0ae3f659c6c130d151378ba4d7d861e3b7b970f Mon Sep 17 00:00:00 2001
-From: Lei Maohui <leimaohui@cn.fujitsu.com>
-Date: Wed, 8 Jul 2020 14:50:27 +0900
-Subject: [PATCH] Modied the license to GPLv2.1+ to keep with LICENSE file.
-
-Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com>
-Please reference to https://gitlab.com/gnutls/gnutls/-/issues/1018.
-Upstream-Status: Backport [https://gitlab.com/gnutls/gnutls/-/merge_requests/1285].
----
- lib/x509/krb5.c | 20 +++++++++++---------
- lib/x509/krb5.h | 20 +++++++++++---------
- 2 files changed, 22 insertions(+), 18 deletions(-)
-
-diff --git a/lib/x509/krb5.c b/lib/x509/krb5.c
-index 7fe84e6..d68c737 100644
---- a/lib/x509/krb5.c
-+++ b/lib/x509/krb5.c
-@@ -1,21 +1,23 @@
- /*
- * Copyright (C) 2015 Red Hat, Inc.
- *
-+ * Author: Nikos Mavrogiannopoulos
-+ *
- * This file is part of GnuTLS.
- *
-- * GnuTLS is free software: you can redistribute it and/or modify it
-- * under the terms of the GNU General Public License as published by
-- * the Free Software Foundation, either version 3 of the License, or
-- * (at your option) any later version.
-+ * The GnuTLS is free software; you can redistribute it and/or
-+ * modify it under the terms of the GNU Lesser General Public License
-+ * as published by the Free Software Foundation; either version 2.1 of
-+ * the License, or (at your option) any later version.
- *
-- * GnuTLS is distributed in the hope that it will be useful, but
-+ * This library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-- * General Public License for more details.
-+ * Lesser General Public License for more details.
-+ *
-+ * You should have received a copy of the GNU Lesser General Public License
-+ * along with this program. If not, see <https://www.gnu.org/licenses/>
- *
-- * You should have received a copy of the GNU General Public License
-- * along with this program. If not, see
-- * <https://www.gnu.org/licenses/>.
- */
-
- #include <config.h>
-diff --git a/lib/x509/krb5.h b/lib/x509/krb5.h
-index d8926af..815bb28 100644
---- a/lib/x509/krb5.h
-+++ b/lib/x509/krb5.h
-@@ -1,21 +1,23 @@
- /*
- * Copyright (C) 2015 Red Hat, Inc.
- *
-+ * Author: Nikos Mavrogiannopoulos
-+ *
- * This file is part of GnuTLS.
- *
-- * GnuTLS is free software: you can redistribute it and/or modify it
-- * under the terms of the GNU General Public License as published by
-- * the Free Software Foundation, either version 3 of the License, or
-- * (at your option) any later version.
-+ * The GnuTLS is free software; you can redistribute it and/or
-+ * modify it under the terms of the GNU Lesser General Public License
-+ * as published by the Free Software Foundation; either version 2.1 of
-+ * the License, or (at your option) any later version.
- *
-- * GnuTLS is distributed in the hope that it will be useful, but
-+ * This library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-- * General Public License for more details.
-+ * Lesser General Public License for more details.
-+ *
-+ * You should have received a copy of the GNU Lesser General Public License
-+ * along with this program. If not, see <https://www.gnu.org/licenses/>
- *
-- * You should have received a copy of the GNU General Public License
-- * along with this program. If not, see
-- * <https://www.gnu.org/licenses/>.
- */
-
- #ifndef GNUTLS_LIB_X509_KRB5_H
---
-2.17.1
-
diff --git a/poky/meta/recipes-support/gnutls/gnutls/CVE-2020-24659.patch b/poky/meta/recipes-support/gnutls/gnutls/CVE-2020-24659.patch
deleted file mode 100644
index 1702325e6..000000000
--- a/poky/meta/recipes-support/gnutls/gnutls/CVE-2020-24659.patch
+++ /dev/null
@@ -1,117 +0,0 @@
-From 29ee67c205855e848a0a26e6d0e4f65b6b943e0a Mon Sep 17 00:00:00 2001
-From: Daiki Ueno <ueno@gnu.org>
-Date: Sat, 22 Aug 2020 17:19:39 +0200
-Subject: [PATCH] handshake: reject no_renegotiation alert if handshake is
- incomplete
-
-If the initial handshake is incomplete and the server sends a
-no_renegotiation alert, the client should treat it as a fatal error
-even if its level is warning. Otherwise the same handshake
-state (e.g., DHE parameters) are reused in the next gnutls_handshake
-call, if it is called in the loop idiom:
-
- do {
- ret = gnutls_handshake(session);
- } while (ret < 0 && gnutls_error_is_fatal(ret) == 0);
-
-Signed-off-by: Daiki Ueno <ueno@gnu.org>
-CVE: CVE-2020-24659
-Upstream-Status: Backport [https://gitlab.com/gnutls/gnutls.git]
-Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
----
- lib/gnutls_int.h | 1 +
- lib/handshake.c | 48 +++++++++++++-----
- 2 files changed, 36 insertions(+), 13 deletions(-)
-
-diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
-index bb6c19713..31cec5c0c 100644
---- a/lib/gnutls_int.h
-+++ b/lib/gnutls_int.h
-@@ -1370,6 +1370,7 @@ typedef struct {
- #define HSK_RECORD_SIZE_LIMIT_RECEIVED (1<<26) /* server: record_size_limit extension was seen but not accepted yet */
- #define HSK_OCSP_REQUESTED (1<<27) /* server: client requested OCSP stapling */
- #define HSK_CLIENT_OCSP_REQUESTED (1<<28) /* client: server requested OCSP stapling */
-+#define HSK_SERVER_HELLO_RECEIVED (1<<29) /* client: Server Hello message has been received */
-
- /* The hsk_flags are for use within the ongoing handshake;
- * they are reset to zero prior to handshake start by gnutls_handshake. */
-diff --git a/lib/handshake.c b/lib/handshake.c
-index b40f84b3d..ce2d160e2 100644
---- a/lib/handshake.c
-+++ b/lib/handshake.c
-@@ -2051,6 +2051,8 @@ read_server_hello(gnutls_session_t session,
- if (ret < 0)
- return gnutls_assert_val(ret);
-
-+ session->internals.hsk_flags |= HSK_SERVER_HELLO_RECEIVED;
-+
- return 0;
- }
-
-@@ -2575,16 +2577,42 @@ int gnutls_rehandshake(gnutls_session_t session)
- return 0;
- }
-
-+/* This function checks whether the error code should be treated fatal
-+ * or not, and also does the necessary state transition. In
-+ * particular, in the case of a rehandshake abort it resets the
-+ * handshake's internal state.
-+ */
- inline static int
- _gnutls_abort_handshake(gnutls_session_t session, int ret)
- {
-- if (((ret == GNUTLS_E_WARNING_ALERT_RECEIVED) &&
-- (gnutls_alert_get(session) == GNUTLS_A_NO_RENEGOTIATION))
-- || ret == GNUTLS_E_GOT_APPLICATION_DATA)
-- return 0;
-+ switch (ret) {
-+ case GNUTLS_E_WARNING_ALERT_RECEIVED:
-+ if (gnutls_alert_get(session) == GNUTLS_A_NO_RENEGOTIATION) {
-+ /* The server always toleretes a "no_renegotiation" alert. */
-+ if (session->security_parameters.entity == GNUTLS_SERVER) {
-+ STATE = STATE0;
-+ return ret;
-+ }
-+
-+ /* The client should tolerete a "no_renegotiation" alert only if:
-+ * - the initial handshake has completed, or
-+ * - a Server Hello is not yet received
-+ */
-+ if (session->internals.initial_negotiation_completed ||
-+ !(session->internals.hsk_flags & HSK_SERVER_HELLO_RECEIVED)) {
-+ STATE = STATE0;
-+ return ret;
-+ }
-
-- /* this doesn't matter */
-- return GNUTLS_E_INTERNAL_ERROR;
-+ return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
-+ }
-+ return ret;
-+ case GNUTLS_E_GOT_APPLICATION_DATA:
-+ STATE = STATE0;
-+ return ret;
-+ default:
-+ return ret;
-+ }
- }
-
-
-@@ -2747,13 +2774,7 @@ int gnutls_handshake(gnutls_session_t session)
- }
-
- if (ret < 0) {
-- /* In the case of a rehandshake abort
-- * we should reset the handshake's internal state.
-- */
-- if (_gnutls_abort_handshake(session, ret) == 0)
-- STATE = STATE0;
--
-- return ret;
-+ return _gnutls_abort_handshake(session, ret);
- }
-
- /* clear handshake buffer */
---
-2.17.0
-
diff --git a/poky/meta/recipes-support/gnutls/gnutls_3.6.14.bb b/poky/meta/recipes-support/gnutls/gnutls_3.6.15.bb
index 51578b4b3..b936db50d 100644
--- a/poky/meta/recipes-support/gnutls/gnutls_3.6.14.bb
+++ b/poky/meta/recipes-support/gnutls/gnutls_3.6.15.bb
@@ -19,11 +19,9 @@ SHRT_VER = "${@d.getVar('PV').split('.')[0]}.${@d.getVar('PV').split('.')[1]}"
SRC_URI = "https://www.gnupg.org/ftp/gcrypt/gnutls/v${SHRT_VER}/gnutls-${PV}.tar.xz \
file://arm_eabi.patch \
- file://0001-Modied-the-license-to-GPLv2.1-to-keep-with-LICENSE-f.patch \
- file://CVE-2020-24659.patch \
-"
+ "
-SRC_URI[sha256sum] = "5630751adec7025b8ef955af4d141d00d252a985769f51b4059e5affa3d39d63"
+SRC_URI[sha256sum] = "0ea8c3283de8d8335d7ae338ef27c53a916f15f382753b174c18b45ffd481558"
inherit autotools texinfo pkgconfig gettext lib_package gtk-doc
@@ -45,6 +43,7 @@ EXTRA_OECONF = " \
--enable-local-libopts \
--enable-openssl-compatibility \
--with-libpthread-prefix=${STAGING_DIR_HOST}${prefix} \
+ --with-librt-prefix=${STAGING_DIR_HOST}${prefix} \
--with-default-trust-store-file=${sysconfdir}/ssl/certs/ca-certificates.crt \
"
generated by cgit v1.2.3 (git 2.39.0) at 2024-07-16 13:12:27 +0300