diff options
| author | Patrick Williams <patrick@stwcx.xyz> | 2023-05-02 23:26:54 +0300 |
|---|---|---|
| committer | Patrick Williams <patrick@stwcx.xyz> | 2023-05-04 00:04:39 +0300 |
| commit | 821a859c1d68e8cfeea8c50e86f15daa87e71d59 (patch) | |
| tree | 58306112a24fe4a57c66e3d7a324460bbd52c28f /meta-openembedded/meta-oe/recipes-devtools | |
| parent | ce7bef12b17859cef0615675e4ad5f6f4f611384 (diff) | |
| download | openbmc-821a859c1d68e8cfeea8c50e86f15daa87e71d59.tar.xz | |
subtree updates
meta-openembedded: 744a4b6eda..df452d9d98:
Alexander Stein (1):
dool: Add patch to fix rebuild
Alexander Thoma (1):
Fix tigervnc crash due to missing xkbcomp rdepends
Andrej Valek (2):
grpc: upgrade 1.45.2 -> 1.46.6
grpc: upgrade 1.46.6 -> 1.46.7
Archana Polampalli (2):
Nodejs - Upgrade to 16.18.1
Nodejs: Fixed python3 DeprecationWarning
BINDU (1):
flatbuffers: adapt for cross-compilation environments
Carsten Bäcker (1):
spdlog: Fix CMake flag
Changqing Li (12):
zabbix: fix CVE-2022-43515,CVE-2022-46768
redis: 6.2.7 -> 6.2.8
redis: upgrade 7.0.4 to 7.0.5
redis: 7.0.5 -> 7.0.7
liblockfile: fix do_install failure when ldconfig is not installed
postgresql: fix CVE-2022-41862
redis: upgrade 7.0.7 -> 7.0.9
redis: upgrade 6.2.8 -> 6.2.11
zabbix: fix CVE-2023-29451
redis: upgrade 6.2.11 -> 6.2.12
redis: upgrade 7.0.9 -> 7.0.10
redis: upgrade 7.0.10 -> 7.0.11
Chase Qi (1):
kernel-selftest: install kselftest runner
Chee Yang Lee (2):
zsh: Fix CVE-2021-45444
cifs-utils: fix CVE-2022-27239 CVE-2022-29869
Dmitry Baryshkov (1):
nss: fix cross-compilation error
Dragos-Marian Panait (1):
phpmyadmin: fix CVE-2023-25727
Gary Huband (1):
chrony: add pkgconfig class as pkg-config is explicitly searched for
Geoff Parker (1):
python3-pillow: add tk to RDEPENDS ptest pkg only if x11 in DISTRO_FEATURES
He Zhe (2):
protobuf: upgrade 3.19.4 -> 3.19.6
python3-protobuf: upgrade 3.20.0 -> 3.20.3
Hermes Zhang (1):
kernel_add_regdb: Change the task order
Hitendra Prajapati (5):
dhcp: Fix CVE-2022-2928 & CVE-2022-2929
strongswan: CVE-2022-40617 A possible DoS in Using Untrusted URIs for Revocation Checking
nginx: CVE-2022-41741, CVE-2022-41742 Memory corruption in the ngx_http_mp4_module
net-snmp: CVE-2022-44792 & CVE-2022-44793 Fix NULL Pointer Exception
krb5: CVE-2022-42898 integer overflow vulnerabilities in PAC parsing
Howard Cochran (1):
ufw: Fix "could not find required binary 'iptables'"
Joe Slater (1):
phoronix-test-suite: Fix CVE-2022-40704
Khem Raj (6):
mpd: Update to 0.23.8
mpd: Upgrade to 0.23.9
ncmpc: Upgrade to 0.47
mpd: Upgrade to 0.23.12 release
monkey: Fix build with musl
postfix: Fix build on systems with linux 6.x
Manoj Saun (1):
postgresql: fix ptest failure of sysviews test
Marta Rybczynska (1):
jansson: whitelist CVE-2020-36325
Martin Jansa (12):
re2: fix branch name from master to main
exiv2: fix SRC_URI
mdns: use git fetcher
monkey: use git fetcher
jack: fix compatibility with python-3.11
restinio: fix S variable in multilib builds
mongodb: fix chown user for multilib builds
pahole: respect libdir
lvgl,lv-lib-png,lv-drivers: fix installed-vs-shipped QA issue with multilib
lirc: fix do_install with multilib
dleyna-{server,renderer}: fix dev-so QA issue with multilib
zsh: fix installed-vs-shipped with multilib
Mingli Yu (6):
php: Upgrade to 8.1.12
mariadb: not use qemu to run cross-compiled binaries
mariadb: Upgrade to 10.7.7
php: Upgrade to 8.1.16
mariadb: Upgrade to 10.7.8
mariadb: Fix CVE-2022-47015
Narpat Mali (2):
python3-oauthlib: upgrade 3.2.0 -> 3.2.2
Fix collections.abc deprecation warning in downloadutils Warning appears as:
Neetika Singh (1):
libcroco: Add fix for CVE-2020-12825
Nikhil R (1):
duktape: Add ptest
Niko Mauno (2):
nftables: Fix missing leading whitespace with ':append'
Fix missing leading whitespace with ':append'
Peter Kjellerstedt (2):
chrony: Remove the readline PACKAGECONFIG
chrony: Remove the libcap and nss PACKAGECONFIGs
Peter Marko (3):
ntp: whitelist CVE-2019-11331
c-ares: fix CVE-2022-4904
dnsmasq: fix CVE-2023-28450
Philippe Coval (1):
pim435: Relocate sources to eclipse
Polampalli, Archana (2):
xfce4-settings: 4.16.2 -> 4.16.5
nodejs: Upgrade 16.19.0 -> 16.19.1
Preeti Sachan (1):
fluidsynth: update SRC_URI to remove non-existing 2.2.x branch
Randy MacLeod (2):
python3-pillow: add ptest support
python3-pillow: Add distutils, unixadmin for ptest
S. Lockwood-Childs (1):
multipath-tools: fix QA "dev-so" regression
Siddharth Doshi (1):
xterm : Fix CVE-2022-45063 code execution via OSC 50 input sequences] CVE-2022-45063
Tim Orling (1):
nodejs: upgrade 16.18.1 -> 16.19.0
Tom Hochstein (1):
nlohmann-json: Allow empty main package for SDK
Urade, Yogita (3):
multipath-tools: fix CVE-2022-41974
poppler: fix CVE-2021-30860
dlt-daemon: fix CVE-2023-26257
Wang Mingyu (5):
python3-pillow: upgrade 9.2.0 -> 9.3.0
python3-pillow: upgrade 9.3.0 -> 9.4.0
apache2: upgrade 2.4.54 -> 2.4.55
apache2: upgrade 2.4.55 -> 2.4.56
openwsman: Change download branch from master to main.
Xu Huan (1):
python3-pillow: upgrade 9.0.1 -> 9.1.1
Yi Zhao (5):
postfix: upgrade 3.6.5 -> 3.6.7
freeradius: Security fixes for CVE-2022-41860 CVE-2022-41861
frr: Security fix for CVE-2022-42917
apache2: use /run instead of /var/run for systemd volatile config
mbedtls: upgrade 2.28.0 -> 2.28.2
Yogita Urade (2):
multipath-tools:fix CVE-2022-41973
syslog-ng: fix CVE-2022-38725
Zheng Qiu (1):
redis: build with USE_SYSTEMD=yes when systemd is enabled
wangmy (1):
libcrypt-openssl-rsa-perl: upgrade 0.32 -> 0.33
zhengruoqin (1):
python3-pillow: upgrade 9.1.1 -> 9.2.0
meta-raspberrypi: dacad9302a..2a06e4e84b:
Zachary T Welch (1):
machines: simplify MACHINEOVERRIDES definitions
meta-security: c79262a30b..cc20e2af2a:
Armin Kuster (2):
oeqa/tpm2: fix and cleanup tests
oeqa: meta-tpm shut swtpm down before and after testing
poky: eaf8ce9d39..4cc0e9438b:
Adrian Freihofer (1):
own-mirrors: add crate
Alejandro Hernandez Samaniego (2):
baremetal-image: Avoid overriding qemu variables from IMAGE_CLASSES
testimage: Fix error message to reflect new syntax
Alex Kiernan (3):
u-boot: Remove duplicate inherit of cml1
cargo_common.bbclass: Fix typos
classes: image: Set empty weak default IMAGE_LINGUAS
Alex Stewart (1):
lsof: add update-alternatives logic
Alexander Kanavin (49):
local.conf.sample: correct the location of public hashserv
lttng-modules: upgrade 2.13.4 -> 2.13.5
quilt: backport a patch to address grep 3.8 failures
lttng-tools: submit determinism.patch upstream
groff: submit patches upstream
tcl: correct patch status
kea: submit patch upstream
ovmf: correct patches status
libffi: submit patch upstream
linux-firmware: upgrade 20220913 -> 20221012
xwayland: upgrade 22.1.3 -> 22.1.4
libffi: upgrade 3.4.2 -> 3.4.4
libical: upgrade 3.0.15 -> 3.0.16
mtd-utils: upgrade 2.1.4 -> 2.1.5
gdk-pixbuf: upgrade 2.42.9 -> 2.42.10
gstreamer1.0: upgrade 1.20.3 -> 1.20.4
libepoxy: convert to git
libepoxy: update 1.5.9 -> 1.5.10
vala: install vapigen-wrapper into /usr/bin/crosscripts and stage only that
gnomebase.bbclass: return the whole version for tarball directory if it is a number
libnewt: update 0.52.21 -> 0.52.23
ruby: merge .inc into .bb
ruby: update 3.1.2 -> 3.1.3
tzdata: update 2022d -> 2022g
devtool/upgrade: correctly handle recipes where S is a subdir of upstream tree
libarchive: upgrade 3.6.1 -> 3.6.2
devtool: process local files only for the main branch
libksba: update 1.6.2 -> 1.6.3
linux-firmware: upgrade 20221109 -> 20221214
xwayland: upgrade 22.1.5 -> 22.1.7
xserver-xorg: upgrade 21.1.4 -> 21.1.6
selftest/virgl: use pkg-config from the host
vulkan-samples: branch rename master -> main
gdk-pixbuf: do not use tools from gdk-pixbuf-native when building tests
oeqa/qemurunner: do not use Popen.poll() when terminating runqemu with a signal
diffutils: update 3.8 -> 3.9
lttng-tools: update 2.13.8 -> 2.13.9
apr: update 1.7.0 -> 1.7.2
apr-util: update 1.6.1 -> 1.6.3
bind: upgrade 9.18.10 -> 9.18.11
libjpeg-turbo: upgrade 2.1.4 -> 2.1.5
linux-firmware: upgrade 20221214 -> 20230117
sudo: upgrade 1.9.12p1 -> 1.9.12p2
vim: update 9.0.1211 -> 9.0.1293 to resolve open CVEs
dbus: upgrade 1.14.4 -> 1.14.6
linux-firmware: upgrade 20230117 -> 20230210
wireless-regdb: upgrade 2022.08.12 -> 2023.02.13
devtool/upgrade: do not delete the workspace/recipes directory
patchelf: replace a rejected patch with an equivalent uninative.bbclass tweak
Alexandre Belloni (1):
oeqa/selftest/bbtests: Update message lookup for test_git_unpack_nonetwork_fail
Alexey Smirnov (1):
classes: make TOOLCHAIN more permissive for kernel
Alexis Lothoré (1):
oeqa/selftest/resulttooltests: fix minor typo
Antonin Godard (2):
busybox: always start do_compile with orig config files
busybox: rm temporary files if do_compile was interrupted
Armin Kuster (1):
lttng-modules: Fix for 5.10.163 kernel version
Arnout Vandecappelle (1):
python3-pytest: depend on python3-tomli instead of python3-toml
Bartosz Golaszewski (1):
bluez5: add dbus to RDEPENDS
Benoît Mauduit (1):
lib/oe/reproducible: Use git log without gpg signature
Bernhard Rosenkränzer (1):
cmake-native: Fix host tool contamination (Bug: 14951)
Bhabu Bindu (5):
qemu: Fix CVE-2021-3611
curl: Fix CVE-2022-32221
curl: Fix CVE-2022-42916
curl: Fix CVE-2022-42915
qemu: Fix CVE-2022-4144
Bruce Ashfield (34):
linux-yocto/5.10: update to v5.10.147
linux-yocto/5.10: update to v5.10.149
linux-yocto/5.15: update to v5.15.72
kern-tools: fix relative path processing
linux-yocto/5.15: update to v5.15.74
linux-yocto/5.15: update to v5.15.76
linux-yocto/5.15: update to v5.15.78
linux-yocto/5.15: fix CONFIG_CRYPTO_CCM mismatch warnings
kern-tools: integrate ZFS speedup patch
linux-yocto/5.10: update to v5.10.152
linux-yocto/5.10: update to v5.10.154
linux-yocto/5.10: update to v5.10.160
linux-yocto/5.15: ltp and squashfs fixes
linux-yocto/5.15: fix perf build with clang
linux-yocto/5.15: libbpf: Fix build warning on ref_ctr_off
linux-yocto/5.15: update to v5.15.84
linux-yocto/5.15: powerpc: Fix reschedule bug in KUAP-unlocked user copy
linux-yocto/5.15: update to v5.15.87
linux-yocto/5.15: update to v5.15.89
linux-yocto/5.15: update to v5.15.91
lttng-modules: fix for kernel 6.2+
linux-yocto/5.15: update to v5.15.94
linux-yocto/5.15: update to v5.15.96
linux-yocto-rt/5.15: update to -rt59
linux-yocto/5.10: update to v5.10.162
linux-yocto/5.10: update to v5.10.164
linux-yocto/5.10: update to v5.10.166
linux-yocto/5.10: update to v5.10.168
linux-yocto/5.10: update to v5.10.170
linux-yocto/5.10: update to v5.10.172
linux-yocto/5.10: update to v5.10.175
lttng-modules: update to v2.13.9
linux-yocto/5.15: update to v5.15.98
linux-yocto/5.15: update to v5.15.103
Carlos Alberto Lopez Perez (1):
xwayland: libxshmfence is needed when dri3 is enabled
Changqing Li (3):
base.bbclass: Fix way to check ccache path
apt: fix do_package_qa failure
libsdl2: fix CVE-2022-4743
Chee Yang Lee (4):
dropbear: fix CVE-2021-36369
git: upgrade to 2.35.6
tiff: fix multiple CVEs
git: ignore CVE-2023-22743
Chen Qi (10):
image_types_wic.bbclass: fix cross binutils dependency
openssl: export necessary env vars in SDK
kernel.bbclass: make KERNEL_DEBUG_TIMESTAMPS work at rebuild
resolvconf: make it work
dhcpcd: fix to work with systemd
psplash: consider the situation of psplash not exist for systemd
bc: extend to nativesdk
rm_work: adjust dependency to make do_rm_work_all depend on do_rm_work
dhcpcd: backport two patches to fix runtime error
libseccomp: fix typo in DESCRIPTION
Christian Eggers (1):
linux-firmware: split rtl8761 firmware
Claus Stovgaard (1):
gstreamer1.0-libav: fix errors with ffmpeg 5.x
Daniel Gomez (1):
gtk-icon-cache: Fix GTKIC_CMD if-else condition
Diego Sueiro (1):
kernel.bbclass: Include randstruct seed assets in STAGING_KERNEL_BUILDDIR
Dmitry Baryshkov (4):
linux-firmware: upgrade 20221012 -> 20221109
linux-firmware: add new fw file to ${PN}-qcom-adreno-a530
linux-firmware: properly set license for all Qualcomm firmware
linux-firmware: add yamato fw files to qcom-adreno-a2xx package
Ed Tanous (1):
openssl: Upgrade 3.0.5 -> 3.0.7
Enrico Jörns (1):
sstatesig: emit more helpful error message when not finding sstate manifest
Etienne Cordonnier (2):
mirrors.bbclass: use shallow tarball for binutils-native
bitbake: siggen: Fix inefficient string concatenation
Federico Pellegrin (1):
curl: fix dependencies when building with ldap/ldaps
Florin Diaconescu (1):
python3: upgrade 3.10.8 -> 3.10.9
Frank de Brabander (2):
cve-update-db-native: add timeout to urlopen() calls
bitbake: bin/utils: Ensure locale en_US.UTF-8 is available on the system
Geoffrey GIRY (1):
cve-check: Fix false negative version issue
Harald Seiler (2):
opkg: Set correct info_dir and status_file in opkg.conf
bootchart2: Fix usrmerge support
He Zhe (3):
lttng-tools: Upgrade 2.13.4 -> 2.13.8
lttng-modules: Fix crash on powerpc64
lttng-modules: update 2.13.7 -> 2.13.8
Hitendra Prajapati (14):
openssl: CVE-2022-3358 Using a Custom Cipher with NID_undef may lead to NULL encryption
QEMU: CVE-2022-3165 VNC: integer underflow in vnc_client_cut_text_ext leads to CPU exhaustion
systemd: CVE-2022-3821 Fix buffer overrun
libarchive: CVE-2022-36227 NULL pointer dereference in archive_write.c
golang: CVE-2022-41715 regexp/syntax: limit memory used by parsing regexps
libxml2: Fix CVE-2022-40303 && CVE-2022-40304
libX11: CVE-2022-3554 & CVE-2022-3555 Fix memory leak
systemd: CVE-2022-45873 deadlock in systemd-coredump via a crash with a long backtrace
go: fix CVE-2022-41717 Excessive memory use in got server
less: backport the fix for CVE-2022-46663
curl: CVE-2023-27533 TELNET option IAC injection
curl: CVE-2023-27534 SFTP path resolving discrepancy
ruby: CVE-2023-28756 ReDoS vulnerability in Time
screen: CVE-2023-24626 allows sending SIGHUP to arbitrary PIDs
Hongxu Jia (1):
pkgconf: fix CVE-2023-24056
Jagadeesh Krishnanjanappa (1):
qemuboot.bbclass: make sure runqemu boots bundled initramfs kernel image
Jan Kircher (1):
toolchain-scripts: compatibility with unbound variable protection
Jan-Simon Moeller (1):
buildtools-tarball: export certificates to python and curl
Jeremy Puhlman (1):
qemu-native: Add PACKAGECONFIG option for jack
Jermain Horsman (1):
cve-check: write the cve manifest to IMGDEPLOYDIR
Joe Slater (4):
python3: advance to version 3.10.8
nghttp2: never build python bindings
python3: fix CVE-2023-24329
go: fix CVE-2022-41724, 41725
John Edward Broadbent (1):
externalsrc: git submodule--helper list unsupported
Jose Quaresma (7):
kernel-yocto: improve fatal error messages of symbol_why.py
archiver: avoid using machine variable as it breaks multiconfig
sstatesig: skip the rm_work task signature
rm_work: exclude the SSTATETASKS from the rm_work tasks sinature
sstate: Allow optimisation of do_deploy_archives task dependencies
Revert "gstreamer1.0: disable flaky gstbin:test_watch_for_state_change test"
gstreamer1.0: Fix race conditions in gstbin tests
Joshua Watt (6):
runqemu: Do not perturb script environment
runqemu: Fix gl-es argument from causing other arguments to be ignored
qemu-helper-native: Re-write bridge helper as C program
qemu-helper-native: Correctly pass program name as argv[0]
scripts: convert-overrides: Allow command-line customizations
classes/create-spdx: Add SPDX_PRETTY option
KARN JYE LAU (1):
freetype:update mirror site.
Kai Kang (5):
libuv: fixup SRC_URI
webkitgtk: 2.36.7 -> 2.36.8
qemu: fix compile error
xserver-xorg: 21.1.6 -> 21.1.7
python3-git: fix indent error
Keiya Nobuta (2):
gnutls: Unified package names to lower-case
create-spdx: Remove ";name=..." for downloadLocation
Kenfe-Mickael Laventure (3):
buildtools-tarball: Handle spaces within user $PATH
toolchain-scripts: Handle spaces within user $PATH
populate_sdk_ext: Handle spaces within user $PATH
Khem Raj (10):
perf: Depend on native setuptools3
tiff: Add packageconfig knob for webp
libtirpc: Check if file exists before operating on it
libusb1: Link with latomic only if compiler has no atomic builtins
libusb1: Strip trailing whitespaces
scons: Pass MAXLINELENGTH to scons invocation
scons.bbclass: Make MAXLINELENGTH overridable
systemd.bbclass: Add /usr/lib/systemd to searchpaths as well
rsync: Add missing prototypes to function declarations
rsync: Turn on -pedantic-errors at the end of 'configure'
Konrad Weihmann (1):
create-spdx: default share_src for shared sources
Lee Chee Yang (2):
migration-guides: add release-notes for 4.0.7
migration-guides: add release-notes for 4.0.9
Leon Anavi (1):
get_module_deps3.py: Check attribute '__file__'
Liam Beguin (1):
meson: make wrapper options sub-command specific
Louis Rannou (1):
oeqa/selftest/locales: Add selftest for locale generation/presence
Luis (1):
rm_work.bbclass: use HOSTTOOLS 'rm' binary exclusively
Marek Vasut (3):
bluez5: Point hciattach bcm43xx firmware search path to /lib/firmware
bitbake: fetch2/git: Prevent git fetcher from fetching gitlab repository metadata
bitbake: fetch2/git: Clarify the meaning of namespace
Marius Kriegerowski (1):
bitbake: bitbake-diffsigs: Make PEP8 compliant
Mark Hatle (3):
insane.bbclass: Allow hashlib version that only accepts on parameter
bitbake: utils/ply: Update md5 to better report errors with hashlib
openssl: Move microblaze to linux-latomic config
Marta Rybczynska (2):
efibootmgr: update compilation with musl
cve-update-db-native: avoid incomplete updates
Martin Jansa (15):
vulkan-samples: add lfs=0 to SRC_URI to avoid git smudge errors in do_unpack
externalsrc.bbclass: fix git repo detection
libsndfile1: Backport fix for CVE-2021-4156
tiff: refresh with devtool
tiff: add CVE tag to b258ed69a485a9cfb299d9f060eb2a46c54e5903.patch
libxml2: fix test data checksums
systemd: backport another change from v252 to fix build with CVE-2022-45873.patch
ffmpeg: refresh patches to apply cleanly
meta: remove True option to getVar and getVarFlag calls (again)
bitbake: fetch2/git: show SRCREV and git repo in error message about fixed SRCREV
timezone: use 'tz' subdir instead of ${WORKDIR} directly
tzdata: use separate B instead of WORKDIR for zic output
tzcode-native: fix build with gcc-13 on host
selftest: devtool: set BB_HASHSERVE_UPSTREAM when setting SSTATE_MIRROR
bmap-tools: switch to main branch
Mateusz Marciniec (1):
sstatesig: Improve output hash calculation
Mathieu Dubois-Briand (1):
dbus: Add missing CVE product name
Mauro Queiros (1):
image.bbclass: print all QA functions exceptions
Michael Halstead (4):
uninative: Upgrade to 3.7 to work with glibc 2.36
selftest/runtime_test/virgl: Disable for all Rocky Linux
uninative: Upgrade to 3.8.1 to include libgcc
uninative: Upgrade to 3.9 to include glibc 2.37
Michael Opdenacker (11):
create-spdx.bbclass: remove unused SPDX_INCLUDE_PACKAGED
SPDX and CVE documentation updates
manuals: add 4.0.5 and 4.0.6 release notes
manuals: document SPDX_PRETTY variable
dev-manual: fix old override syntax
ref-manual: document SSTATE_EXCLUDEDEPS_SYSROOT
profile-manual: update WireShark hyperlinks
bsp-guide: fix broken git URLs and missing word
manuals: update patchwork instance URL
dev-manual: common-tasks.rst: add link to FOSDEM 2023 video
migration-guides: add 4.0.8 release notes
Mikko Rapeli (11):
common-tasks.rst: fix oeqa runtime test path
oeqa context.py: fix --target-ip comment to include ssh port number
oeqa ssh.py: move output prints to new line
oeqa ssh.py: add connection keep alive options to ssh client
oeqa dump.py: add error counter and stop after 5 failures
oeqa qemurunner: read more data at a time from serial
oeqa qemurunner.py: add timeout to QMP calls
oeqa qemurunner.py: try to avoid reading one character at a time
oeqa ssh.py: fix hangs in run()
runqemu: kill qemu if it hangs
oeqa rtc.py: skip if read-only-rootfs
Ming Liu (1):
linux: inherit pkgconfig in kernel.bbclass
Mingli Yu (4):
glslang: branch rename master -> main
mdadm: Fix testcase 06wrmostly
mdadm: fix tests/02lineargrow
mdadm: Fix raid0 tests
Narpat Mali (12):
wayland: fix CVE-2021-3782
python3-mako: backport fix for CVE-2022-40023
ffmpeg: fix for CVE-2022-3964
ffmpeg: fix for CVE-2022-3965
ffmpeg: fix for CVE-2022-3109
python3-setuptools: fix for CVE-2022-40897
python3-wheel: fix for CVE-2022-40898
python3-git: fix for CVE-2022-24439
ffmpeg: fix for CVE-2022-3341
python3-certifi: fix for CVE-2022-23491
libseccomp: fix for the ptest result format
libmicrohttpd: upgrade 0.9.75 -> 0.9.76
Nathan Rossi (4):
oeqa/selftest/lic_checksum: Cleanup changes to emptytest include
oeqa/selftest/minidebuginfo: Create selftest for minidebuginfo
glibc-locale: Do not INHIBIT_DEFAULT_DEPS
package: Fix handling of minidebuginfo with newer binutils
Niko Mauno (2):
systemd: Consider PACKAGECONFIG in RRECOMMENDS
Fix missing leading whitespace with ':append'
Ovidiu Panait (1):
kernel.bbclass: remove empty module directories to prevent QA issues
Pavel Zhukov (4):
bitbake: gitsm: Fix regression in gitsm submodule path parsing
oeqa/rpm.py: Increase timeout and add debug output
gcc: Refactor linker patches and fix linker on arm with usrmerge
wic: Fix usage of fstype=none in wic
Pawan Badganchi (2):
curl: Add fix for CVE-2023-23914, CVE-2023-23915
tiff: Add fix for CVE-2022-4645
Pawel Zalewski (1):
classes/fs-uuid: Fix command output decoding issue
Peter Kjellerstedt (2):
externalsrc.bbclass: Remove a trailing slash from ${B}
devshell: Do not add scripts/git-intercept to PATH
Peter Marko (9):
systemd: add group render to udev package
meta-selftest/staticids: add render group for systemd
externalsrc: fix lookup for .gitmodules
oeqa/selftest/externalsrc: add test for srctree_hash_files
systemd: add group sgx to udev package
systemd: fix CVE-2022-4415
gcc-shared-source: do not use ${S}/.. in deploy_source_date_epoch
package.bbclass: correct check for /build in copydebugsources()
go: ignore CVE-2022-41716
Petr Kubizňák (1):
harfbuzz: remove bindir only if it exists
Piotr Łobacz (1):
systemd: fix wrong nobody-group assignment
Polampalli, Archana (1):
libpam: fix CVE-2022-28321
Poonam (1):
python3-setuptools-rust-native: Add direct dependency of native python3 modules
Qiu, Zheng (3):
tiff: Security fix for CVE-2022-3970
vim: upgrade 9.0.0820 -> 9.0.0947
valgrind: remove most hidden tests for arm64
Quentin Schulz (4):
cairo: update patch for CVE-2019-6461 with upstream solution
docs: migration-4.0: specify variable name change for kernel inclusion in image recipe
docs: kernel-dev: faq: update tip on how to not include kernel in image
cairo: fix CVE patches assigned wrong CVE number
Randy MacLeod (3):
valgrind: skip the boost_thread test on arm
vim: upgrade 9.0.0947 -> 9.0.1211
vim: upgrade 9.0.1403 -> 9.0.1429
Ranjitsinh Rathod (3):
curl: Correct LICENSE from MIT-open-group to curl
curl: Add patch to fix CVE-2022-43551
curl: Add patch to fix CVE-2022-43552
Ravula Adhitya Siddartha (2):
linux-yocto/5.10: update genericx86* machines to v5.10.149
linux-yocto/5.15: update genericx86* machines to v5.15.72
Richard Purdie (35):
bitbake: tests/fetch: Allow handling of a file:// url within a submodule
build-appliance-image: Update to kirkstone head revision
openssl: Fix SSL_CERT_FILE to match ca-certs location
numactl: upgrade 2.0.14 -> 2.0.15
bitbake: runqueue: Fix race issues around hash equivalence and sstate reuse
lttng-modules: upgrade 2.13.5 -> 2.13.7
bitbake.conf: Drop export of SOURCE_DATE_EPOCH_FALLBACK
gcc-shared-source: Fix source date epoch handling
gcc-source: Fix gengtypes race
gcc-source: Drop gengtype manipulation
gcc-source: Ensure deploy_source_date_epoch sstate hash doesn't change
sanity: Drop data finalize call
oeqa/selftest/tinfoil: Add test for separate config_data with recipe_parse_file()
build-appliance-image: Update to kirkstone head revision
yocto-check-layer: Allow OE-Core to be tested
oeqa/concurrencytest: Add number of failures to summary output
build-appliance-image: Update to kirkstone head revision
native: Drop special variable handling
kernel/linux-kernel-base: Fix kernel build artefact determinism issues
make-mod-scripts: Ensure kernel build output is deterministic
libc-locale: Fix on target locale generation
build-appliance-image: Update to kirkstone head revision
libssh2: Clean up ptest patch/coverage
bitbake: utils: Allow to_boolean to support int values
bitbake: cookerdata: Remove incorrect SystemExit usage
bitbake: cookerdata: Improve early exception handling
bitbake: cookerdata: Drop dubious exception handling code
binutils: Fix nativesdk ld.so search
oeqa/selftest/prservice: Improve debug output for failure
staging: Separate out different multiconfig manifests
staging/multilib: Fix manifest corruption
glibc: Add missing binutils dependency
selftest/recipetool: Stop test corrupting tinfoil class
base-files: Drop localhost.localdomain from hosts file
pybootchartui: Fix python syntax issue
Robert Andersson (1):
go-crosssdk: avoid host contamination by GOCACHE
Robert Yang (1):
bitbake: fetch/git: Fix local clone url to make it work with repo
Rodolfo Quesada Zumbado (1):
tar: CVE-2022-48303
Romuald Jeanne (1):
image_types: fix multiubi var init
Ross Burton (37):
qemu: fix CVE-2022-2962
lighttpd: fix CVE-2022-41556
expat: backport the fix for CVE-2022-43680
scripts/oe-check-sstate: cleanup
scripts/oe-check-sstate: force build to run for all targets, specifically populate_sysroot
opkg-utils: use a git clone, not a dynamic snapshot
oe/packagemanager/rpm: don't leak file objects
glib-2.0: fix rare GFileInfo test case failure
pixman: backport fix for CVE-2022-44638
sanity: check for GNU tar specifically
qemu: add io_uring PACKAGECONFIG
expat: upgrade to 2.5.0
linux-firmware: don't put the firmware into the sysroot
tiff: fix a number of CVEs
xserver-xorg: backport fixes for CVE-2022-3550 and CVE-2022-3551
lib/buildstats: fix parsing of trees with reduced_proc_pressure directories
combo-layer: remove unused import
combo-layer: dont use bb.utils.rename
combo-layer: add sync-revs command
libepoxy: remove upstreamed patch
cve-update-db-native: show IP on failure
bitbake: bb/utils: include SSL certificate paths in export_proxies
ppp: backport fix for CVE-2022-4603
quilt: fix intermittent failure in faildiff.test
spirv-headers: set correct branch name
quilt: use upstreamed faildiff.test fix
git: ignore CVE-2022-41953
buildtools-tarball: set pkg-config search path
sdkext/cases/devtool: pass a logger to HTTPService
httpserver: add error handler that write to the logger
lib/buildstats: handle tasks that never finished
shadow: ignore CVE-2016-15024
vim: add missing pkgconfig inherit
vim: upgrade to 9.0.1403
vim: set modified-by to the recipe MAINTAINER
lib/resulttool: fix typo breaking resulttool log --ptest
scripts/lib/buildstats: handle top-level build_stats not being complete
Sakib Sajal (3):
go: fix CVE-2022-2880
git: upgrade 2.35.6 -> 2.35.7
go: fix CVE-2022-2879 and CVE-2022-41720
Sandeep Gundlupet Raju (2):
kernel-fitimage: Adjust order of dtb/dtbo files
kernel-fitimage: Allow user to select dtb when multiple dtb exists
Saul Wold (3):
at: Change when files are copied
package.bbclase: Add check for /build in copydebugsources()
busybox: Fix depmod patch
Schmidt, Adriaan (1):
bitbake: bitbake-diffsigs: break on first dependent task difference
Sean Anderson (2):
kernel: Clear SYSROOT_DIRS instead of replacing sysroot_stage_all
uboot-sign: Fix using wrong KEY_REQ_ARGS
Sergei Zhmylev (2):
wic: honor the SOURCE_DATE_EPOCH in case of updated fstab
wic: make ext2/3/4 images reproducible
Shubham Kulkarni (3):
glibc: Security fix for CVE-2023-0687
go-runtime: Security fix for CVE-2022-41723
go-runtime: Security fix for CVE-2022-41722
Siddharth Doshi (5):
openssl: Upgrade 3.0.7 -> 3.0.8
epiphany: Security fix for CVE-2023-26081
harfbuzz: Security fix for CVE-2023-25193
openssl: Security fix for CVE-2023-0464, CVE-2023-0465, CVE-2023-0466
curl: Security fix for CVE-2023-27535, CVE-2023-27536, CVE-2023-27538
Simone Weiss (1):
json-c: Add ptest for json-c
Steve Sakoman (12):
Revert "lttng-tools: Upgrade 2.13.4 -> 2.13.8"
poky.conf: bump version for 4.0.5
Revert "expat: backport the fix for CVE-2022-43680"
poky.conf: bump version for 4.0.6
Revert "libksba: fix CVE-2022-47629"
poky.conf: bump version for 4.0.7
poky.conf: Update SANITY_TESTED_DISTROS to match autobuilder
system-requirements.rst: add Fedora 36 and AlmaLinux 8.7 to list of supported distros
libgit2: uprade 1.4.3 -> 1.4.4
libgit2: upgrade 1.4.4 -> 1.4.5
poky.conf: bump version for 4.0.8
poky.conf: bump version for 4.0.9
Sundeep KOKKONDA (1):
cargo : non vulnerable cve-2022-46176 added to excluded list
Teoh Jay Shen (2):
tiff: Security fixes CVE-2022-2867,CVE-2022-2868 and CVE-2022-2869
vim: Upgrade 9.0.0598 -> 9.0.0614
Thomas Perrot (2):
psplash: add psplash-default in rdepends
xserver-xorg: move some recommended dependencies in required
Thomas Roos (1):
devtool: fix devtool finish when gitmodules file is empty
Tim Orling (5):
python3: upgrade 3.10.4 -> 3.10.7
git: upgrade 2.35.4 -> 2.35.5
vim: upgrade 9.0.0614 -> 9.0.0820
mirrors.bbclass: update CPAN_MIRROR
cracklib: update github branch to 'main'
Tom Hochstein (2):
meson: Fix wrapper handling of implicit setup command
oeqa/sdk: Improve Meson test
Trevor Woerner (3):
cups: use BUILDROOT instead of DESTDIR
cups: check PACKAGECONFIG for pam feature
cups: add/fix web interface packaging
Ulrich Ölmann (4):
recipe_sanity: fix old override syntax
lsof: fix old override syntax
update-alternatives: fix typos
kernel-yocto: fix kernel-meta data detection
Vincent Davis Jr (1):
linux-firmware: package amdgpu firmware
Virendra Thakur (1):
qemu: Fix CVE-2021-3750 for qemu
Vivek Kumbhar (5):
python3: fix CVE-2022-42919 local privilege escalation via the multiprocessing forkserver start method
sqlite: fix CVE-2022-46908 safe mode authorizer callback allows disallowed UDFs.
openssl: fix CVE-2022-3996 double locking leads to denial of service
gnutls: fix CVE-2023-0361 timing side-channel in the TLS RSA key exchange code
go: fix CVE-2023-24537 Infinite loop in parsing
Vyacheslav Yurkov (3):
files: overlayfs-etc: refactor preinit template
classes: files: Extend overlayfs-etc class
overlayfs: Allow not used mount points
Wang Mingyu (19):
bind: upgrade 9.18.7 -> 9.18.8
socat: upgrade 1.7.4.3 -> 1.7.4.4
libxcrypt: upgrade 4.4.28 -> 4.4.30
xwayland: upgrade 22.1.4 -> 22.1.5
mobile-broadband-provider-info: upgrade 20220725 -> 20221107
babeltrace: upgrade 1.5.8 -> 1.5.11
iso-codes: upgrade 4.11.0 -> 4.12.0
bind: upgrade 9.18.8 -> 9.18.9
mpfr: upgrade 4.1.0 -> 4.1.1
libxcrypt-compat: upgrade 4.4.30 -> 4.4.33
libpng: upgrade 1.6.38 -> 1.6.39
gstreamer1.0: upgrade 1.20.4 -> 1.20.5
bind: upgrade 9.18.9 -> 9.18.10
libjpeg-turbo: upgrade 2.1.5 -> 2.1.5.1
xwayland: upgrade 22.1.7 -> 22.1.8
iso-codes: upgrade 4.12.0 -> 4.13.0
lua: Fix install conflict when enable multilib.
vala: Fix install conflict when enable multilib.
dhcpcd: Fix install conflict when enable multilib.
Xiangyu Chen (18):
qemu: Backport patches from upstream to support float128 on qemu-ppc64
linux-yocto-dev: add qemuarm64
ltp: backport clock_gettime04 fix from upstream
dbus: fix CVE-2022-42010 Check brackets in signature nest correctly
dbus: fix CVE-2022-42011 dbus-daemon can be crashed by messages with array length inconsistent with element type
dbus: fix CVE-2022-42012 dbus-marshal-byteswap: Byte-swap Unix fd indexes if needed
lttng-tools: Upgrade 2.13.4 -> 2.13.8
sudo: upgrade 1.9.10 -> sudo 1.9.12p1
bash: backport patch to fix CVE-2022-3715
grub2: backport patch to fix CVE-2022-2601 CVE-2022-3775
dbus: upgrade 1.14.0 -> 1.14.4
sysstat: fix CVE-2022-39377
grub: backport patches to fix CVE-2022-28736
openssh: remove RRECOMMENDS to rng-tools for sshd package
numactl: skip test case when target platform doesn't have 2 CPU node
dhcpcd: fix dhcpcd start failure on qemuppc64
sudo: update 1.9.12p2 -> 1.9.13p3
shadow: backport patch to fix CVE-2023-29383
Yash Shinde (5):
binutils: stable 2.38 branch updates
glibc: stable 2.35 branch updates.
glibc: stable 2.35 branch updates.
binutils : Fix CVE-2023-22608
binutils : Fix CVE-2023-1579
Yash.Shinde@windriver.com (1):
binutils : Fix CVE-2022-4285
Yogita Urade (1):
libksba: fix CVE-2022-47629
Zheng Qiu (1):
tiff: fix CVE-2022-2953
ciarancourtney (1):
wic: swap partitions are not added to fstab
pawan (2):
Revert "qemu: fix CVE-2021-3507"
curl: Add fix for CVE-2023-23916
pgowda (1):
binutils : Fix CVE-2022-38128
wangmy (9):
ifupdown: upgrade 0.8.37 -> 0.8.39
libcap: upgrade 2.65 -> 2.66
libical: upgrade 3.0.14 -> 3.0.15
numactl: upgrade 2.0.15 -> 2.0.16
wpebackend-fdo: upgrade 1.12.1 -> 1.14.0
libksba: upgrade 1.6.0 -> 1.6.2
lttng-ust: upgrade 2.13.3 -> 2.13.4
lttng-ust: upgrade 2.13.4 -> 2.13.5
lighttpd: upgrade 1.4.66 -> 1.4.67
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I80cf3cd933dea72160ce87efb2a42fe4d0e5d7d5
Diffstat (limited to 'meta-openembedded/meta-oe/recipes-devtools')
13 files changed, 77 insertions, 277 deletions
diff --git a/meta-openembedded/meta-oe/recipes-devtools/flatbuffers/flatbuffers_2.0.0.bb b/meta-openembedded/meta-oe/recipes-devtools/flatbuffers/flatbuffers_2.0.0.bb index bf74f1229f..44478ea0b2 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/flatbuffers/flatbuffers_2.0.0.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/flatbuffers/flatbuffers_2.0.0.bb @@ -25,12 +25,17 @@ BUILD_CXXFLAGS += "-fPIC" # BUILD_TYPE=Release is required, otherwise flatc is not installed EXTRA_OECMAKE += "\ -DCMAKE_BUILD_TYPE=Release \ - -DFLATBUFFERS_BUILD_TESTS=OFF \ + -DFLATBUFFERS_BUILD_TESTS=OFF \ -DFLATBUFFERS_BUILD_SHAREDLIB=ON \ " inherit cmake +rm_flatc_cmaketarget_for_target() { + rm -f "${SYSROOT_DESTDIR}/${libdir}/cmake/flatbuffers/FlatcTargets.cmake" +} +SYSROOT_PREPROCESS_FUNCS:class-target += "rm_flatc_cmaketarget_for_target" + do_install:append() { install -d ${D}${PYTHON_SITEPACKAGES_DIR} cp -rf ${S}/python/flatbuffers ${D}${PYTHON_SITEPACKAGES_DIR} diff --git a/meta-openembedded/meta-oe/recipes-devtools/grpc/grpc_1.45.2.bb b/meta-openembedded/meta-oe/recipes-devtools/grpc/grpc_1.46.7.bb index c2f952fc64..15bf05919b 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/grpc/grpc_1.45.2.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/grpc/grpc_1.46.7.bb @@ -20,8 +20,8 @@ RDEPENDS:${PN}-dev:append:class-native = " ${PN}-compiler" # RDEPENDS:${PN}-dev += "${PN}-compiler" S = "${WORKDIR}/git" -SRCREV_grpc = "b39ffcc425ea990a537f98ec6fe6a1dcb90470d7" -BRANCH = "v1.45.x" +SRCREV_grpc = "02384e39185f109bd299eb8482306229967dc970" +BRANCH = "v1.46.x" SRC_URI = "git://github.com/grpc/grpc.git;protocol=https;name=grpc;branch=${BRANCH} \ file://0001-Revert-Changed-GRPCPP_ABSEIL_SYNC-to-GPR_ABSEIL_SYNC.patch \ file://0001-cmake-add-separate-export-for-plugin-targets.patch \ diff --git a/meta-openembedded/meta-oe/recipes-devtools/nlohmann-json/nlohmann-json_3.10.5.bb b/meta-openembedded/meta-oe/recipes-devtools/nlohmann-json/nlohmann-json_3.10.5.bb index 0cf6fd36bc..4fa2aacdfc 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/nlohmann-json/nlohmann-json_3.10.5.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/nlohmann-json/nlohmann-json_3.10.5.bb @@ -18,7 +18,7 @@ inherit cmake EXTRA_OECMAKE += "-DJSON_BuildTests=OFF" # nlohmann-json is a header only C++ library, so the main package will be empty. - +ALLOW_EMPTY:${PN} = "1" RDEPENDS:${PN}-dev = "" BBCLASSEXTEND = "native nativesdk" diff --git a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-16.14/oe-npm-cache b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-16.19/oe-npm-cache index f596207648..f596207648 100755 --- a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-16.14/oe-npm-cache +++ b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-16.19/oe-npm-cache diff --git a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-native_16.14.bb b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-native_16.19.bb index a61dd5018f..a61dd5018f 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-native_16.14.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-native_16.19.bb diff --git a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0001-Nodejs-Fixed-pipes-DeprecationWarning.patch b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0001-Nodejs-Fixed-pipes-DeprecationWarning.patch new file mode 100644 index 0000000000..1f54d444d7 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0001-Nodejs-Fixed-pipes-DeprecationWarning.patch @@ -0,0 +1,35 @@ +From 70a008c59992b0ac6a868530bc3e249b7777ab95 Mon Sep 17 00:00:00 2001 +From: Archana Polampalli <archana.polampalli@windriver.com> +Date: Fri, 16 Dec 2022 05:19:06 +0000 +Subject: [PATCH] Nodejs: Fixed pipes DeprecationWarning + +DeprecationWarning: 'pipes' is deprecated and slated for removal in Python 3.13 + +Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> +--- + configure.py | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/configure.py b/configure.py +index d3192ca04c..8d279220fd 100755 +--- a/configure.py ++++ b/configure.py +@@ -5,7 +5,6 @@ import sys + import errno + import argparse + import os +-import pipes + import pprint + import re + import shlex +@@ -2041,7 +2040,7 @@ write('config.gypi', do_not_edit + + pprint.pformat(output, indent=2, width=1024) + '\n') + + write('config.status', '#!/bin/sh\nset -x\nexec ./configure ' + +- ' '.join([pipes.quote(arg) for arg in original_argv]) + '\n') ++ ' '.join([shlex.quote(arg) for arg in original_argv]) + '\n') + os.chmod('config.status', 0o775) + + +-- +2.34.1 diff --git a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0002-Using-native-binaries.patch b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0001-Using-native-binaries.patch index 8db1f1dd54..445aaf8398 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0002-Using-native-binaries.patch +++ b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0001-Using-native-binaries.patch @@ -3,14 +3,17 @@ From: Guillaume Burel <guillaume.burel@stormshield.eu> Date: Fri, 3 Jan 2020 11:25:54 +0100 Subject: [PATCH] Using native binaries +Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> --- - node.gyp | 4 ++-- - tools/v8_gypfiles/v8.gyp | 11 ++++------- - 2 files changed, 6 insertions(+), 9 deletions(-) + node.gyp | 2 ++ + tools/v8_gypfiles/v8.gyp | 5 +++++ + 2 files changed, 7 insertions(+) +diff --git a/node.gyp b/node.gyp +index 24505da7ba..7d41bd52db 100644 --- a/node.gyp +++ b/node.gyp -@@ -294,6 +294,7 @@ +@@ -319,6 +319,7 @@ 'action_name': 'run_mkcodecache', 'process_outputs_as_sources': 1, 'inputs': [ @@ -18,14 +21,16 @@ Subject: [PATCH] Using native binaries '<(mkcodecache_exec)', ], 'outputs': [ -@@ -319,6 +320,7 @@ - 'action_name': 'node_mksnapshot', - 'process_outputs_as_sources': 1, - 'inputs': [ -+ '<(PRODUCT_DIR)/v8-qemu-wrapper.sh', - '<(node_mksnapshot_exec)', - ], - 'outputs': [ +@@ -366,6 +367,7 @@ + 'action_name': 'node_mksnapshot', + 'process_outputs_as_sources': 1, + 'inputs': [ ++ '<(PRODUCT_DIR)/v8-qemu-wrapper.sh', + '<(node_mksnapshot_exec)', + ], + 'outputs': [ +diff --git a/tools/v8_gypfiles/v8.gyp b/tools/v8_gypfiles/v8.gyp +index ed042f8829..371b8e02c2 100644 --- a/tools/v8_gypfiles/v8.gyp +++ b/tools/v8_gypfiles/v8.gyp @@ -68,6 +68,7 @@ @@ -40,11 +45,11 @@ Subject: [PATCH] Using native binaries '<@(torque_outputs_inc)', ], 'action': [ -+ '<(PRODUCT_DIR)/v8-qemu-wrapper.sh', ++ '<(PRODUCT_DIR)/v8-qemu-wrapper.sh', '<(PRODUCT_DIR)/<(EXECUTABLE_PREFIX)torque<(EXECUTABLE_SUFFIX)', '-o', '<(SHARED_INTERMEDIATE_DIR)/torque-generated', '-v8-root', '<(V8_ROOT)', -@@ -225,6 +227,7 @@ +@@ -211,6 +213,7 @@ { 'action_name': 'generate_bytecode_builtins_list_action', 'inputs': [ @@ -52,7 +57,7 @@ Subject: [PATCH] Using native binaries '<(PRODUCT_DIR)/<(EXECUTABLE_PREFIX)bytecode_builtins_list_generator<(EXECUTABLE_SUFFIX)', ], 'outputs': [ -@@ -415,6 +418,7 @@ +@@ -395,6 +398,7 @@ ], }, 'inputs': [ @@ -60,7 +65,7 @@ Subject: [PATCH] Using native binaries '<(mksnapshot_exec)', ], 'outputs': [ -@@ -1548,6 +1552,7 @@ +@@ -1513,6 +1517,7 @@ { 'action_name': 'run_gen-regexp-special-case_action', 'inputs': [ @@ -68,3 +73,6 @@ Subject: [PATCH] Using native binaries '<(PRODUCT_DIR)/<(EXECUTABLE_PREFIX)gen-regexp-special-case<(EXECUTABLE_SUFFIX)', ], 'outputs': [ +-- +2.34.1 + diff --git a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0002-Install-both-binaries-and-use-libdir.patch b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0002-Install-both-binaries-and-use-libdir.patch deleted file mode 100644 index 5cb2e97015..0000000000 --- a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0002-Install-both-binaries-and-use-libdir.patch +++ /dev/null @@ -1,96 +0,0 @@ -From 62ddf8499747fb1e366477d666c0634ad50039a9 Mon Sep 17 00:00:00 2001 -From: Elliott Sales de Andrade <quantum.analyst@gmail.com> -Date: Tue, 19 Mar 2019 23:22:40 -0400 -Subject: [PATCH 2/2] Install both binaries and use libdir. - -This allows us to build with a shared library for other users while -still providing the normal executable. - -Taken from - https://src.fedoraproject.org/rpms/nodejs/raw/rawhide/f/0002-Install-both-binaries-and-use-libdir.patch - -Upstream-Status: Pending - -Signed-off-by: Elliott Sales de Andrade <quantum.analyst@gmail.com> -Signed-off-by: Andreas Müller <schnitzeltony@gmail.com> -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - configure.py | 7 +++++++ - tools/install.py | 21 +++++++++------------ - 2 files changed, 16 insertions(+), 12 deletions(-) - -diff --git a/configure.py b/configure.py -index 6efb98c2316f089f3167e486282593245373af3f..a6d2ec939e4480dfae703f3978067537abf9f0f0 100755 ---- a/configure.py -+++ b/configure.py -@@ -721,10 +721,16 @@ parser.add_argument('--shared', - dest='shared', - default=None, - help='compile shared library for embedding node in another project. ' + - '(This mode is not officially supported for regular applications)') - -+parser.add_argument('--libdir', -+ action='store', -+ dest='libdir', -+ default='lib', -+ help='a directory to install the shared library into') -+ - parser.add_argument('--without-v8-platform', - action='store_true', - dest='without_v8_platform', - default=False, - help='do not initialize v8 platform during node.js startup. ' + -@@ -1305,10 +1311,11 @@ def configure_node(o): - o['variables']['debug_nghttp2'] = 'false' - - o['variables']['node_no_browser_globals'] = b(options.no_browser_globals) - - o['variables']['node_shared'] = b(options.shared) -+ o['variables']['libdir'] = options.libdir - node_module_version = getmoduleversion.get_version() - - if options.dest_os == 'android': - shlib_suffix = 'so' - elif sys.platform == 'darwin': -diff --git a/tools/install.py b/tools/install.py -index 41cc1cbc60a9480cc08df3aa0ebe582c2becc3a2..11208f9e7166ab60da46d5ace2257c239a7e9263 100755 ---- a/tools/install.py -+++ b/tools/install.py -@@ -128,26 +128,23 @@ def subdir_files(path, dest, action): - for subdir, files_in_path in ret.items(): - action(files_in_path, subdir + '/') - - def files(action): - is_windows = sys.platform == 'win32' -- output_file = 'node' - output_prefix = 'out/Release/' -+ output_libprefix = output_prefix - -- if 'false' == variables.get('node_shared'): -- if is_windows: -- output_file += '.exe' -+ if is_windows: -+ output_bin = 'node.exe' -+ output_lib = 'node.dll' - else: -- if is_windows: -- output_file += '.dll' -- else: -- output_file = 'lib' + output_file + '.' + variables.get('shlib_suffix') -+ output_bin = 'node' -+ output_lib = 'libnode.' + variables.get('shlib_suffix') - -- if 'false' == variables.get('node_shared'): -- action([output_prefix + output_file], 'bin/' + output_file) -- else: -- action([output_prefix + output_file], 'lib/' + output_file) -+ action([output_prefix + output_bin], 'bin/' + output_bin) -+ if 'true' == variables.get('node_shared'): -+ action([output_libprefix + output_lib], variables.get('libdir') + '/' + output_lib) - - if 'true' == variables.get('node_use_dtrace'): - action(['out/Release/node.d'], 'lib/dtrace/node.d') - - # behave similarly for systemtap --- -2.33.0 - diff --git a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0005-add-openssl-legacy-provider-option.patch b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0005-add-openssl-legacy-provider-option.patch deleted file mode 100644 index 4d238c03f4..0000000000 --- a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0005-add-openssl-legacy-provider-option.patch +++ /dev/null @@ -1,151 +0,0 @@ -From 86d1c0cc6a5dcf57e413a1cc1c29203e87cf9a14 Mon Sep 17 00:00:00 2001 -From: Daniel Bevenius <daniel.bevenius@gmail.com> -Date: Sat, 16 Oct 2021 08:50:16 +0200 -Subject: [PATCH] src: add --openssl-legacy-provider option - -This commit adds an option to Node.js named --openssl-legacy-provider -and if specified will load OpenSSL 3.0 Legacy provider. - -$ ./node --help -... ---openssl-legacy-provider enable OpenSSL 3.0 legacy provider - -Example usage: - -$ ./node --openssl-legacy-provider -p 'crypto.createHash("md4")' -Hash { - _options: undefined, - [Symbol(kHandle)]: Hash {}, - [Symbol(kState)]: { [Symbol(kFinalized)]: false } -} - -Co-authored-by: Richard Lau <rlau@redhat.com> -Signed-off-by: Signed-off-by: Andrej Valek <andrej.valek@siemens.com> -Upstream-Status: Backport [https://github.com/nodejs/node/issues/40455] ---- - doc/api/cli.md | 10 ++++++++++ - src/crypto/crypto_util.cc | 10 ++++++++++ - src/node_options.cc | 10 ++++++++++ - src/node_options.h | 7 +++++++ - .../test-process-env-allowed-flags-are-documented.js | 5 +++++ - 5 files changed, 42 insertions(+) - -diff --git a/doc/api/cli.md b/doc/api/cli.md -index 74057706bf8d..608b9cdeddf1 100644 ---- a/doc/api/cli.md -+++ b/doc/api/cli.md -@@ -687,6 +687,14 @@ Load an OpenSSL configuration file on startup. Among other uses, this can be - used to enable FIPS-compliant crypto if Node.js is built - against FIPS-enabled OpenSSL. - -+### `--openssl-legacy-provider` -+<!-- YAML -+added: REPLACEME -+--> -+ -+Enable OpenSSL 3.0 legacy provider. For more information please see -+[providers readme][]. -+ - ### `--pending-deprecation` - - <!-- YAML -@@ -1544,6 +1552,7 @@ Node.js options that are allowed are: - * `--no-warnings` - * `--node-memory-debug` - * `--openssl-config` -+* `--openssl-legacy-provider` - * `--pending-deprecation` - * `--policy-integrity` - * `--preserve-symlinks-main` -@@ -1933,6 +1942,7 @@ $ node --max-old-space-size=1536 index.js - [emit_warning]: process.md#processemitwarningwarning-options - [jitless]: https://v8.dev/blog/jitless - [libuv threadpool documentation]: https://docs.libuv.org/en/latest/threadpool.html -+[providers readme]: https://github.com/openssl/openssl/blob/openssl-3.0.0/README-PROVIDERS.md - [remote code execution]: https://www.owasp.org/index.php/Code_Injection - [security warning]: #warning-binding-inspector-to-a-public-ipport-combination-is-insecure - [timezone IDs]: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones -diff --git a/src/crypto/crypto_util.cc b/src/crypto/crypto_util.cc -index 7e0c8ba3eb60..796ea3025e41 100644 ---- a/src/crypto/crypto_util.cc -+++ b/src/crypto/crypto_util.cc -@@ -148,6 +148,16 @@ void InitCryptoOnce() { - } - #endif - -+#if OPENSSL_VERSION_MAJOR >= 3 -+ // --openssl-legacy-provider -+ if (per_process::cli_options->openssl_legacy_provider) { -+ OSSL_PROVIDER* legacy_provider = OSSL_PROVIDER_load(nullptr, "legacy"); -+ if (legacy_provider == nullptr) { -+ fprintf(stderr, "Unable to load legacy provider.\n"); -+ } -+ } -+#endif -+ - OPENSSL_init_ssl(0, settings); - OPENSSL_INIT_free(settings); - settings = nullptr; -diff --git a/src/node_options.cc b/src/node_options.cc -index 00bdc6688a4c..3363860919a9 100644 ---- a/src/node_options.cc -+++ b/src/node_options.cc -@@ -4,6 +4,9 @@ - #include "env-inl.h" - #include "node_binding.h" - #include "node_internals.h" -+#if HAVE_OPENSSL -+#include "openssl/opensslv.h" -+#endif - - #include <errno.h> - #include <sstream> -diff --git a/src/node_options.h b/src/node_options.h -index fd772478d04d..1c0e018ab16f 100644 ---- a/src/node_options.h -+++ b/src/node_options.h -@@ -11,6 +11,10 @@ - #include "node_mutex.h" - #include "util.h" - -+#if HAVE_OPENSSL -+#include "openssl/opensslv.h" -+#endif -+ - namespace node { - - class HostPort { -@@ -251,6 +255,9 @@ class PerProcessOptions : public Options { - bool enable_fips_crypto = false; - bool force_fips_crypto = false; - #endif -+#if OPENSSL_VERSION_MAJOR >= 3 -+ bool openssl_legacy_provider = false; -+#endif - - // Per-process because reports can be triggered outside a known V8 context. - bool report_on_fatalerror = false; -diff --git a/test/parallel/test-process-env-allowed-flags-are-documented.js b/test/parallel/test-process-env-allowed-flags-are-documented.js -index 64626b71f019..8a4e35997907 100644 ---- a/test/parallel/test-process-env-allowed-flags-are-documented.js -+++ b/test/parallel/test-process-env-allowed-flags-are-documented.js -@@ -43,6 +43,10 @@ for (const line of [...nodeOptionsLines, ...v8OptionsLines]) { - } - } - -+if (!common.hasOpenSSL3) { -+ documented.delete('--openssl-legacy-provider'); -+} -+ - // Filter out options that are conditionally present. - const conditionalOpts = [ - { -@@ -50,6 +54,7 @@ const conditionalOpts = [ - filter: (opt) => { - return [ - '--openssl-config', -+ common.hasOpenSSL3 ? '--openssl-legacy-provider' : '', - '--tls-cipher-list', - '--use-bundled-ca', - '--use-openssl-ca', - diff --git a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs_16.14.2.bb b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs_16.19.1.bb index 62188f94a7..0661fd6f1c 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs_16.14.2.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs_16.19.1.bb @@ -1,13 +1,13 @@ DESCRIPTION = "nodeJS Evented I/O for V8 JavaScript" HOMEPAGE = "http://nodejs.org" -LICENSE = "MIT & ISC & BSD-2-Clause & BSD-3-Clause & Artistic-2.0" -LIC_FILES_CHKSUM = "file://LICENSE;md5=6ba5b21ac7a505195ca69344d3d7a94a" +LICENSE = "MIT & ISC & BSD-2-Clause & BSD-3-Clause & Artistic-2.0 & OpenSSL" +LIC_FILES_CHKSUM = "file://LICENSE;md5=ab4d0d45e717c9978737499a3489e515" DEPENDS = "openssl" DEPENDS:append:class-target = " qemu-native" DEPENDS:append:class-native = " c-ares-native" -inherit pkgconfig python3native qemu +inherit pkgconfig python3native qemu setuptools3 COMPATIBLE_MACHINE:armv4 = "(!.*armv4).*" COMPATIBLE_MACHINE:armv5 = "(!.*armv5).*" @@ -19,17 +19,16 @@ COMPATIBLE_HOST:powerpc = "null" SRC_URI = "http://nodejs.org/dist/v${PV}/node-v${PV}.tar.xz \ file://0001-Disable-running-gyp-files-for-bundled-deps.patch \ - file://0002-Install-both-binaries-and-use-libdir.patch \ file://0004-v8-don-t-override-ARM-CFLAGS.patch \ - file://0005-add-openssl-legacy-provider-option.patch \ file://big-endian.patch \ file://mips-less-memory.patch \ file://system-c-ares.patch \ file://0001-liftoff-Correct-function-signatures.patch \ file://0001-mips-Use-32bit-cast-for-operand-on-mips32.patch \ + file://0001-Nodejs-Fixed-pipes-DeprecationWarning.patch \ " SRC_URI:append:class-target = " \ - file://0002-Using-native-binaries.patch \ + file://0001-Using-native-binaries.patch \ " SRC_URI:append:toolchain-clang:x86 = " \ file://libatomic.patch \ @@ -37,7 +36,7 @@ SRC_URI:append:toolchain-clang:x86 = " \ SRC_URI:append:toolchain-clang:powerpc64le = " \ file://0001-ppc64-Do-not-use-mminimal-toc-with-clang.patch \ " -SRC_URI[sha256sum] = "e922e215cc68eb5f94d33e8a0b61e2c863b7731cc8600ab955d3822da90ff8d1" +SRC_URI[sha256sum] = "17fb716406198125b30c94dd3d1756207b297705626afe16d8dc479a65a1d8b5" S = "${WORKDIR}/node-v${PV}" diff --git a/meta-openembedded/meta-oe/recipes-devtools/pahole/pahole_1.22.bb b/meta-openembedded/meta-oe/recipes-devtools/pahole/pahole_1.22.bb index 449508a5d5..ec642ec3b2 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/pahole/pahole_1.22.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/pahole/pahole_1.22.bb @@ -21,7 +21,7 @@ inherit cmake pkgconfig PACKAGECONFIG[python3] = ",,python3-core,python3-core" -EXTRA_OECMAKE = "-D__LIB=lib -DCMAKE_BUILD_TYPE=Release -DLIBBPF_EMBEDDED=OFF" +EXTRA_OECMAKE = "-D__LIB=${@os.path.relpath(d.getVar('libdir'), d.getVar('prefix') + '/')} -DCMAKE_BUILD_TYPE=Release -DLIBBPF_EMBEDDED=OFF" FILES:${PN} = "${bindir}/pahole \ ${libdir}/libdwarves.so* \ diff --git a/meta-openembedded/meta-oe/recipes-devtools/php/php_8.1.10.bb b/meta-openembedded/meta-oe/recipes-devtools/php/php_8.1.16.bb index 624ab2621a..db8a65544b 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/php/php_8.1.10.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/php/php_8.1.16.bb @@ -33,7 +33,7 @@ SRC_URI:append:class-target = " \ " S = "${WORKDIR}/php-${PV}" -SRC_URI[sha256sum] = "2de8e0402285f7c56887defe651922308aded58ba60befcf3b77720209e31f10" +SRC_URI[sha256sum] = "cd9f0ea14d82d9455587a49a0b6c802a7b8d8ff79703f9f48b17db010fb633ce" CVE_CHECK_IGNORE += "\ CVE-2007-2728 \ diff --git a/meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf_3.19.4.bb b/meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf_3.19.6.bb index 5662330840..8e50054718 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf_3.19.4.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf_3.19.6.bb @@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=37b5762e07f0af8c74ce80a8bda4266b" DEPENDS = "zlib" DEPENDS:append:class-target = " protobuf-native" -SRCREV = "22d0e265de7d2b3d2e9a00d071313502e7d4cccf" +SRCREV = "c9297981b7c35ad9c2bf258e7c8d786a04d13378" SRC_URI = "git://github.com/protocolbuffers/protobuf.git;branch=3.19.x;protocol=https \ file://run-ptest \ |