subtree updates

meta-security: 93f2146211..7628a3e90b:
  Anton Antonov (3):
        Parsec-service: Update installation procedure
        Parsec-service: Fix arm32 build
        meta-parsec: Update Parsec runtime tests

  Armin Kuster (20):
        fscrypt: add distro_check on pam
        meta-security: move perl and python recipes to dynamic layers structure
        packagegroup-core-security: remove pkgs
        packagegroup-core-security: add perl pkgs grps
        packagegroup-core-security: add dynamic python pkgs
        arpwatch: add postfix to pkg config
        suricata: drop nfnetlink from pkg config
        packagegroup-core-security.bb: fix suricata inclusion
        layer.conf: fix up layer dependancies.
        ima-evm-utils: Update to 1.4
        aide: Update 01.17.4
        ossec-hids: update to 3.7.0
        suricata: update to 5.0.5
        samhain: update to 4.4.9
        tpm2-pkcs11: tpm2-pkcs11 module missing
        tpm2-tools: Add missing rdepends
        oeqa/cases/tpm2: fix and enhance test suite
        meta-parsec: Add pkg grps
        meta-parsec: add build image.
        oeqa: add parsec runtime tests

  Jeremy A. Puhlman (2):
        aide: Add depend on audit when audit is enabled.
        lib-perl: prefix man pages to avoid conflicting with base perl

  Josh Harley (1):
        Add EROFS support to dm-verity-img class

  Lei Maohui (1):
        layer.conf: Added BBFILES_DYNAMIC for dynamic-layers.

meta-openembedded: 77c2fda04e..a9e6d16e66:
  Alejandro Enedino Hernandez Samaniego (1):
        cryptsetup: Add luks2 configure options defaults

  Alex Kiernan (2):
        ulogd2: Add recipe
        libcoap: Add recipe

  Armin Kuster (13):
        meta-python-image: Fix build depends
        crda: move to a dynamic-layer for python
        cyrus-sasl: move from meta-networking to meta-oe
        netplan: move from meta-networking to meta-oe
        nvmetcli: move recipe to meta-oe
        packagegroup-meta-oe: update pkg group
        python3-ldap: move to meta-python
        packagegroup-meta-python.bb: update pkg group
        firewalld: move to dynamic meta-python layer
        packagegroup-meta-networking: update pkg group
        meta-networking: drop meta-python layer depends
        meta-gnome: fix layer depends.
        layer.conf: Post release codename changes

  Bartosz Golaszewski (19):
        python3-pyfanotify: new package
        python3-toolz: new package
        python3-cytoolz: new package
        python3-decouple: new package
        python3-eth-hash: new package
        python3-eth-typing: new package
        python3-eth-utils: new package
        python3-eth-keys: new package
        python3-eth-keyfile: new package
        python3-hexbytes: new package
        python3-rlp: new package
        python3-eth-rlp: new package
        python3-parsimonious: new package
        python3-eth-abi: new package
        python3-eth-account: new package
        python3-lru-dict: new package
        python3-web3: new package
        python3-inotify: new package
        speedtest-cli: drop the recipe

  Changqing Li (1):
        zabbix: upgrade 5.2.6 -> 6.0.4

  Chase Qi (1):
        kernel-selftest: install kselftest runner

  Claudius Heine (1):
        btrfsmaintenance: add recipe for btrfsmaintenance scripts

  Denys Dmytriyenko (2):
        devmem2: reinstate previous patches, removed by mistake
        devmem2: add support for different page sizes

  Diego Sueiro (1):
        bats: upgrade 1.6.0 -> 1.6.1

  Gianfranco (3):
        sdbus-c++-libsystemd: Bump SRCREV to last commit of 250-stable branch
        sdbus-c++: Bump version from 1.00 to 1.1.0
        libmtp: Add doxygen-native dependency in case documentation build is enabled in PACKAGECONFIG. This fixes a FTBFS due to missing dependency.

  Gianfranco Costamagna (1):
        vboxguestdrivers: upgrade 6.1.32 -> 6.1.34

  Jiaqing Zhao (2):
        openldap: Remove libgcrypt dependency
        openldap: Upgrade 2.5.9 -> 2.5.12

  Joerg Vehlow (1):
        jq: Fix typo OE_EXTRACONF -> EXTRA_OECONF

  Julien STEPHAN (1):
        libcamera: fix packaging

  Kai Kang (3):
        conntrack-tools: fix postinst script
        wxwidgets: enable to use private fonts
        python3-wxgtk4: backport patch to fix svg issue

  Khem Raj (12):
        ufw: Fix packaging errors found with ppc64
        libcereal: Enable for glibc/ppc
        mimic: Use special rateconv.c license
        makedumpfile: Use right TARGET for ppc32
        evince: Add dbus to depnedencies on non-x11 builds
        evolution-data-server: Do not pass --library-path to gir compiler
        python3-wxgtk4: Needs x11 for sip module
        zfs: Fix build on musl systems
        zfs: Disable on riscv32
        zfs: Disable on mips
        zfs: Make systemd and sysvinit into packageconfigs
        sdbus-c++: Link with libatomic on mips/ppc32

  Markus Volk (1):
        minidlna: fix obsolete license warning

  Martin Jansa (1):
        ostree: prevent ostree-native depending on target virtual/kernel to provide kernel-module-overlay

  Michael Opdenacker (1):
        devmem2: update SRC_URI according to redirect

  Mingli Yu (1):
        s-nail: Set VAL_MTA

  Nicolas Dechesne (1):
        imlib2: update SRC_URI

  Peter Kjellerstedt (1):
        libwebsockets: Avoid absolute paths in *.cmake files in the sysroot

  Portia (1):
        cpulimit: introduce support for this package

  Randy MacLeod (1):
        intel-speed-select: Add libnl dependency and extend CFLAGS

  Richard Neill (1):
        bats: Add patch to fix false-negatives caused by teardown code

  Ross Burton (1):
        Revert "python3-cbor2: upgrade 5.4.2 -> 5.4.3"

  Samuli Piippo (1):
        python3-qface: upgrade 2.0.7 -> 2.0.8

  Teresa Remmet (1):
        meta-networking: Add meta-python to BBFILES_DYNAMIC

  Vyacheslav Yurkov (1):
        polkit: add udisks2 rule

  Windel Bouwman (1):
        Add zfs recipe

  Xu Huan (17):
        python3-astroid: upgrade 2.11.2 -> 2.11.3
        python3-bitstruct: upgrade 8.14.0 -> 8.14.1
        python3-cachecontrol: upgrade 0.12.10 -> 0.12.11
        python3-engineio: upgrade 4.3.1 -> 4.3.2
        python3-flask-socketio: upgrade 5.1.1 -> 5.1.2
        python3-google-api-python-client: upgrade 2.43.0 -> 2.45.0
        python3-graphviz: upgrade 0.19.2 -> 0.20
        python3-cbor2: upgrade 5.4.2 -> 5.4.3
        python3-click: upgrade 8.1.2 -> 8.1.3
        python3-flask-login: upgrade 0.6.0 -> 0.6.1
        python3-flask: upgrade 2.1.1 -> 2.1.2
        python3-google-api-core: upgrade 2.7.1 -> 2.7.3
        python3-google-auth: upgrade 2.6.3 -> 2.6.6
        python3-mypy: upgrade 0.942 -> 0.950
        python3-pyalsaaudio: upgrade 0.9.0 -> 0.9.2
        python3-grpcio-tools: upgrade 1.45.0 -> 1.46.0
        python3-pychromecast: upgrade 11.0.0 -> 12.1.1

  Yi Zhao (1):
        networkmanager: fix parallel build failure

  wangmy (41):
        python3-sentry-sdk: upgrade 1.5.8 -> 1.5.10
        python3-socketio: upgrade 5.5.2 -> 5.6.0
        python3-textparser: upgrade 0.23.0 -> 0.24.0
        python3-twisted: upgrade 22.2.0 -> 22.4.0
        python3-websockets: upgrade 10.2 -> 10.3
        fuse3: upgrade 3.10.5 -> 3.11.0
        zenity: upgrade 3.42.0 -> 3.42.1
        babeld: upgrade 1.11 -> 1.12
        cifs-utils: upgrade 6.14 -> 6.15
        nbdkit: upgrade 1.31.1 -> 1.31.2
        stunnel: upgrade 5.63 -> 5.64
        tgt: upgrade 1.0.79 -> 1.0.82
        wolfssl: upgrade 5.2.0 -> 5.3.0
        ctags: upgrade 5.9.20220417.0 -> 5.9.20220501.0
        freerdp: upgrade 2.6.1 -> 2.7.0
        fwupd-efi: upgrade 1.2 -> 1.3
        htop: upgrade 3.1.2 -> 3.2.0
        hwdata: upgrade 0.358 -> 0.359
        icewm: upgrade 2.9.6 -> 2.9.7
        iwd: upgrade 1.26 -> 1.27
        jemalloc: upgrade 5.2.1 -> 5.3.0
        libmbim: upgrade 1.26.2 -> 1.26.4
        libyang: upgrade 2.0.164 -> 2.0.194
        nano: upgrade 6.2 -> 6.3
        phoronix-test-suite: upgrade 10.8.2 -> 10.8.3
        php: upgrade 8.1.4 -> 8.1.5
        pkcs11-helper: upgrade 1.28.0 -> 1.29.0
        poppler: upgrade 22.04.0 -> 22.05.0
        toybox: upgrade 0.8.6 -> 0.8.7
        unixodbc: upgrade 2.3.9 -> 2.3.11
        xmlsec1: upgrade 1.2.33 -> 1.2.34
        gtk4: upgrade 4.6.3 -> 4.6.4
        nbdkit: upgrade 1.31.2 -> 1.31.5
        ctags: upgrade 5.9.20220501.0 -> 5.9.20220508.0
        openjpeg: upgrade 2.4.0 -> 2.5.0
        php: upgrade 8.1.5 -> 8.1.6
        postgresql: upgrade 14.2 -> 14.3
        phpmyadmin: upgrade 5.1.3 -> 5.2.0
        python3-aiohue: upgrade 3.0.11 -> 4.4.1
        python3-awesomeversion : add recipe
        python3-traitlets: upgrade 5.1.1 -> 5.2.0

  zhengrq.fnst (12):
        glibmm-2.68: upgrade 2.70.0 -> 2.72.1
        gnome-text-editor: upgrade 42.0 -> 42.1
        apitrace: upgrade 10.0 -> 11.0
        libconfig-general-perl: upgrade 2.63 -> 2.65
        gpsd: upgrade 3.23.1 -> 3.24
        mbw: upgrade 1.4 -> 1.5
        gtk4: upgrade 4.6.2 -> 4.6.3
        python3-antlr4-runtime: upgrade 4.9.2 -> 4.10
        python3-booleanpy: upgrade 3.8 -> 4.0
        python3-pika: upgrade 1.2.0 -> 1.2.1
        python3-autobahn: upgrade 22.3.2 -> 22.4.2
        python3-bitarray: upgrade 2.4.1 -> 2.5.0

  zhengruoqin (7):
        python3-imageio: upgrade 2.17.0 -> 2.18.0
        python3-langtable: upgrade 0.0.57 -> 0.0.58
        python3-paramiko: upgrade 2.10.3 -> 2.10.4
        python3-protobuf: upgrade 3.20.0 -> 3.20.1
        python3-pylint: upgrade 2.13.5 -> 2.13.7
        python3-pymongo: upgrade 4.1.0 -> 4.1.1
        python3-regex: upgrade 2022.3.15 -> 2022.4.24

poky: 9e55696042..13d70e57f8:
  Alex Kiernan (7):
        eudev: Upgrade 3.2.10 -> 3.2.11
        eudev: Add PACKAGECONFIG for manpages & selinux
        pypi.bbclass: Set CVE_PRODUCT to PYPI_PACKAGE
        openssh: Add openssh-sftp-server to openssh RDEPENDS
        eudev: Convert dependencies to PACKAGECONFIG
        eudev: Cleanup redundant configuration
        eudev: Use PACKAGE_BEFORE_PN/${PN}, clean up spaces

  Alexander Kanavin (106):
        systemd: upgrade 250.4 -> 250.5
        python3-cryptography: upgrade 36.0.2 -> 37.0.1
        util-linux: upgrade 2.37.4 -> 2.38
        vulkan: upgrade 1.3.204.1 -> 1.3.211.0
        libnl: upgrade 3.5.0 -> 3.6.0
        libsdl2: upgrade 2.0.20 -> 2.0.22
        mesa: upgrade 22.0.0 -> 22.0.2
        python3-babel: upgrade 2.9.1 -> 2.10.1
        python3-mako: upgrade 1.1.6 -> 1.2.0
        python3-pygments: upgrade 2.11.2 -> 2.12.0
        at-spi2-core: upgrade 2.44.0 -> 2.44.1
        bind: upgrade 9.18.1 -> 9.18.2
        cronie: upgrade 1.6.0 -> 1.6.1
        diffoscope: upgrade 208 -> 211
        dnf: upgrade 4.11.1 -> 4.12.0
        ell: upgrade 0.49 -> 0.50
        epiphany: upgrade 42.0 -> 42.2
        ffmpeg: upgrade 5.0 -> 5.0.1
        fribidi: upgrade 1.0.11 -> 1.0.12
        harfbuzz: upgrade 4.2.0 -> 4.2.1
        libinput: upgrade 1.19.3 -> 1.19.4
        libmnl: upgrade 1.0.4 -> 1.0.5
        libnotify: upgrade 0.7.9 -> 0.7.11
        libpipeline: upgrade 1.5.5 -> 1.5.6
        libseccomp: upgrade 2.5.3 -> 2.5.4
        libx11: upgrade 1.7.5 -> 1.8
        lttng-tools: upgrade 2.13.4 -> 2.13.7
        mmc-utils: upgrade to latest revision
        neard: upgrade 0.16 -> 0.18
        pango: upgrade 1.50.6 -> 1.50.7
        parted: upgrade 3.4 -> 3.5
        piglit: upgrade to latest revision
        python3-cryptography-vectors: upgrade 36.0.2 -> 37.0.1
        python3-dtschema: upgrade 2022.1 -> 2022.4
        python3-hypothesis: upgrade 6.44.0 -> 6.46.0
        python3-jinja2: upgrade 3.1.1 -> 3.1.2
        python3-pygobject: upgrade 3.42.0 -> 3.42.1
        python3-pytest: upgrade 7.1.1 -> 7.1.2
        repo: upgrade 2.23 -> 2.24.1
        sqlite3: upgrade 3.38.2 -> 3.38.3
        vala: upgrade 0.56.0 -> 0.56.1
        vte: upgrade 0.66.2 -> 0.68.0
        webkitgtk: upgrade 2.36.0 -> 2.36.1
        xorgproto: upgrade 2021.5 -> 2022.1
        xwayland: upgrade 22.1.0 -> 22.1.1
        sysvinit: update 3.02 -> 3.04
        pciutils: update 3.7.0 -> 3.8.0
        elfutils: update 0.186 -> 0.187
        git: update 2.35.3 -> 2.36.0
        libdnf: update 0.66.0 -> 0.67.0
        llvm: update 14.0.1 -> 14.0.3
        rsync: update 3.2.3 -> 3.2.4
        lsof: update 4.94.0 -> 4.95.0
        libhandy: update 1.5.0 -> 1.6.2
        librsvg: update 2.54.0 -> 2.54.1
        xauth: update 1.1.1 -> 1.1.2
        gnupg: update 2.3.4 -> 2.3.6
        qemu: update 6.2.0 -> 7.0.0
        stress-ng: disable apparmor from the correct spot
        coreutils: update 9.0 -> 9.1
        python3-setuptools: upgrade 59.5.0 -> 62.3.1
        go: upgrade 1.18.1 -> 1.18.2
        iptables: upgrade 1.8.7 -> 1.8.8
        gnu-config: update to latest version
        u-boot: upgrade 2022.01 -> 2022.04
        python3-pip: update 22.0.4 -> 22.1
        libxcb: update 1.14 -> 1.15
        xcb-proto: upgrade 1.14.1 -> 1.15
        systemtap: update 4.6 -> 4.7
        vulkan-samples: update to latest revision
        curl: upgrade 7.83.0 -> 7.83.1
        diffoscope: upgrade 211 -> 212
        git: upgrade 2.36.0 -> 2.36.1
        gnutls: upgrade 3.7.4 -> 3.7.5
        gst-devtools: upgrade 1.20.1 -> 1.20.2
        gstreamer1.0-libav: upgrade 1.20.1 -> 1.20.2
        gstreamer1.0-omx: upgrade 1.20.1 -> 1.20.2
        gstreamer1.0-plugins-bad: upgrade 1.20.1 -> 1.20.2
        gstreamer1.0-plugins-base: upgrade 1.20.1 -> 1.20.2
        gstreamer1.0-plugins-good: upgrade 1.20.1 -> 1.20.2
        gstreamer1.0-plugins-ugly: upgrade 1.20.1 -> 1.20.2
        gstreamer1.0-python: upgrade 1.20.1 -> 1.20.2
        gstreamer1.0-rtsp-server: upgrade 1.20.1 -> 1.20.2
        gstreamer1.0: upgrade 1.20.1 -> 1.20.2
        gstreamer1.0-vaapi: upgrade 1.20.1 -> 1.20.2
        libcgroup: upgrade 2.0.1 -> 2.0.2
        libnotify: upgrade 0.7.11 -> 0.7.12
        librsvg: upgrade 2.54.1 -> 2.54.3
        mesa: upgrade 22.0.2 -> 22.0.3
        mobile-broadband-provider-info: upgrade 20220315 -> 20220511
        piglit: upgrade to latest revision
        psmisc: upgrade 23.4 -> 23.5
        python3-bcrypt: upgrade 3.2.0 -> 3.2.2
        python3-cryptography: upgrade 37.0.1 -> 37.0.2
        python3-cryptography-vectors: upgrade 37.0.1 -> 37.0.2
        python3-hypothesis: upgrade 6.46.0 -> 6.46.4
        python3-jsonschema: upgrade 4.4.0 -> 4.5.1
        python3-markdown: upgrade 3.3.6 -> 3.3.7
        python3-more-itertools: upgrade 8.12.0 -> 8.13.0
        python3-pbr: upgrade 5.8.1 -> 5.9.0
        python3-pyparsing: upgrade 3.0.8 -> 3.0.9
        repo: upgrade 2.24.1 -> 2.25
        sqlite3: upgrade 3.38.3 -> 3.38.5
        stress-ng: upgrade 0.14.00 -> 0.14.01
        python3-setuptools-rust: update 1.1.2 -> 1.3.0
        python3: use built-in distutils for ptest, rather than setuptools' 'fork'

  Andrej Valek (1):
        kernel: add missing path to search for debug files

  Arkadiusz Drabczyk (1):
        overview-manual: fix a forgotten link

  Aryaman Gupta (1):
        e2fsprogs: update upstream status

  Bruce Ashfield (23):
        linux-yocto/5.15: arm: poky-tiny cleanup and fixes
        linux-yocto/5.10: update to v5.10.110
        linux-yocto/5.10: base: enable kernel crypto userspace API
        linux-yocto/5.15: update to v5.15.33
        linux-yocto/5.15: base: enable kernel crypto userspace API
        linux-yocto/5.15: kasan: fix BUG: sleeping function called from invalid context
        linux-yocto/5.15: fix ppc boot
        linux-yocto/5.15: netfilter: conntrack: avoid useless indirection during conntrack destruction
        linux-yocto/5.10: update to v5.10.112
        linux-yocto/5.15: update to v5.15.35
        linux-yocto/5.15: Fix CVE-2022-28796
        linux-yocto: enable powerpc debug fragment
        linux-yocto/5.15: fix -standard kernel build issue
        linux-yocto/5.15: update to v5.15.36
        linux-yocto/5.15: fix qemuarm graphical boot
        strace: fix ptest failure in landlock
        yocto-bsps: update to v5.15.36
        yocto-bsps: update to v5.10.113
        linux-yocto/5.15: update to v5.15.37
        linux-yocto/5.10: update to v5.10.113
        linux-yocto/5.15: update to v5.15.38
        linux-yocto/5.10: update to v5.10.114
        lttng-modules: fix build against 5.18-rc7+

  Changqing Li (1):
        eudev: create static-nodes in init script

  Chanho Park (2):
        externalsrc.bbclass: support crate fetcher on externalsrc
        cargo_common.bbclass: enable bitbake vendoring for externalsrc

  Claudius Heine (3):
        classes: rootfs-postcommands: add skip option to overlayfs_qa_check
        overlayfs: add docs about skipping QA check & service dependencies
        wic: added fspassno parameter to partition

  Davide Gardenal (4):
        cve-check: add JSON format to summary output
        cve-check: fix symlinks where link and output path are equal
        rootfs-postcommands: fix symlinks where link and output path are equal
        openssl: minor security upgrade 3.0.2 -> 3.0.3

  Dmitry Baryshkov (3):
        linux-firmware: upgrade 20220411 -> 20220509
        linux-firmware: package new Qualcomm firmware
        image.bbclass: allow overriding dependency on virtual/kernel:do_deploy

  Felix Moessbauer (1):
        wic/plugins/rootfs: Fix permissions when splitting rootfs folders across partitions

  Gunjan Gupta (2):
        bitbake: fetch2/osc: Small fixes for osc fetcher
        bitbake: fetch2/osc: Add support to query latest revision

  Jacob Kroon (1):
        Revert "image.bbclass: allow overriding dependency on virtual/kernel:do_deploy"

  Jiaqing Zhao (5):
        libxml2: Upgrade 2.9.13 -> 2.9.14
        systemd: Drop 0001-test-parse-argument-Include-signal.h.patch
        systemd: Remove __compare_fn_t type in musl-specific patch
        systemd: Drop 0002-don-t-use-glibc-specific-qsort_r.patch
        systemd: Correct path returned in sd_path_lookup()

  Jon Mason (1):
        qemuarmv5: use arm-versatile-926ejs KMACHINE

  Kai Kang (1):
        wpa-supplicant: update config for gnutls

  Khem Raj (15):
        qemu: Add packageconfig for libbpf support
        linux-yocto: Enable powerpc-debug fragment for ppc64 LE
        musl: Upgrade to tip of trunk
        systemd: Fix build regression with latest update
        gcc: upgrade 11.3 -> 12.1
        libstd-rs: Forward port rust libc patches
        gdb: Upgrade to 12.1
        bash: build with bash_cv_getcwd_malloc=yes on musl too
        ovmf: Fix native build with gcc-12
        elfutils: Disable stringop-overflow warning for build host
        musl-locales: Switch SRC_URI to new location
        systemd: Drop redundant musl patches
        systemd: Document future actions needed for set of musl patches
        systemd: Drop 0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch
        systemd: Update patch status

  Konrad Weihmann (1):
        linux-firmware: replace mkdir by install

  Kory Maincent (1):
        images_types: isolate the write of UBI configuration

  Leon Anavi (1):
        image_types/runqemu-addptable2image: Fix a minor typo

  Markus Volk (2):
        mesa.inc: package 00-radv-defaults.conf
        libsdl2: add PACKAGECONFIG for libusb1 and remove obsolete options

  Marta Rybczynska (3):
        cve-update-db-native: update the CVE database once a day only
        cve-update-db-native: let the user to drive the update interval
        cve-check: Fix report generation

  Martin Jansa (1):
        bitbake: osc: fix DeprecationWarning

  Michael Halstead (5):
        releases: update to include 3.1.16
        scripts/autobuilder-worker-prereq-tests: update to use yocto 4.0
        scripts/autobuilder-worker-prereq-tests: add additional limit testing
        releases: update to include 3.4.4
        releases: include 4.0.1

  Michael Opdenacker (12):
        MAINTAINERS.md: no more need for a prelink-cross maintainer
        dev-manual: further gdb usage simplifications
        doc/Makefile: fix epub and latexpdf targets
        manuals: fix name capitalization issues
        doc: standards for project and file names
        manuals: improve the width of diagrams
        manuals: improve documentation for TEMPLATECONF
        overview-manual: remove confusing and unnecessary paragraph about site.conf
        manuals: add quoting to references to bitbake.conf
        manuals: add missing space in appends
        manuals: add documentation for WKS_FILES
        migration guides: release notes for 3.4.3 and 3.4.4

  Mingli Yu (1):
        python3-cryptography: remove --benchmark-disable option

  Peter Kjellerstedt (4):
        base-passwd: Regenerate the patches
        base-passwd: Update to 3.5.52
        base-passwd: Update the status for two patches
        librsvg: Drop the dependency on libcroco

  Quentin Schulz (2):
        docs: set_versions.py: remove hardknott from active releases list
        docs: set_versions.py: show release name in switchers.js

  Raphael Teller (1):
        kernel.bbclass: Do not overwrite recipe's custom postinst

  Richard Purdie (25):
        bitbake: cookerdata: Change emphasis in error message to be clearer to users
        cairo: Add missing GPLv3 license checksum entry
        libgcrypt: Drop GPLv3 license after upstream changes
        base: Avoid circular references to our own scripts
        scripts: Make git intercept global
        scripts/git: Ensure we don't have circular references
        abi_version/sstate: Bump hashequiv and sstate versions due to git changes
        vim: Upgrade 8.2.4681 -> 8.2.4912
        package: Ensure we track whether PRSERV was active or not
        libgcrypt: Fix reproducibility issues in ptest
        liberror-perl: Update sstate/equiv versions to clean cache
        freetype: Upgrade 2.12.0 -> 2.12.1
        bitbake: fetch/git : Use cat as pager
        pciutils: Add make-native dependency
        sanity: Don't warn about make 4.2.1 for mint
        bitbake: build: Add clean_stamp API function to allow removal of task stamps
        staging: Fix rare sysroot corruption issue
        selftest/imagefeatures/overlayfs: Always append to DISTRO_FEATURES
        udev-extraconf/initrdscripts/parted: Rename mount.blacklist -> mount.ignorelist
        layer.conf: Don't use indirect help2man-native dependencies
        rust-common: Fix sstate signatures between arm hf and non-hf
        rust-common: Drop LLVM_TARGET and simplify
        rust-common: Fix native signature dependency issues
        scripts/patchreview: Add commit to stored json data
        scripts/patchreview: Make json output human parsable

  Robert Joslyn (1):
        powerpc: Remove invalid GLIBC_EXTRA_OECONF

  Roland Hieber (1):
        bitbake: cache: correctly handle file names containing colons

  Ross Burton (4):
        oeqa/selftest: add test for git working correctly inside pseudo
        Revert "bitbake.conf: mark all directories as safe for git to read"
        kernel-yocto.bbclass: say what SRC_URI entry is being dropped
        oeqa/selftest/cve_check: add tests for recipe and image reports

  Rouven Czerwinski (1):
        kbd: fix pam DISTRO_FEATURES check

  Samuli Piippo (1):
        binutils: Bump to latest 2.38 release branch

  Schmidt, Adriaan (1):
        bitbake: bitbake-diffsigs: break on first dependent task difference

  Simone Weiss (1):
        libgcrypt: Add ptest

  Steve Sakoman (2):
        virgl: skip headless test on alma 8.6
        python3: fix reproducibility issue with python3-core

  Sundeep KOKKONDA (3):
        dev-manual: improvements for gdbserver configuration
        rust-common: Ensure sstate signatures have correct dependencues for do_rust_gen_targets
        rust-common: Fix for target definitions returning 'NoneType' for arm

  Thomas Epperson (1):
        dev-manual: fix documentation for bmaptool usage

  Thomas Perrot (1):
        man-pages: add an alternative link name for crypt_r.3

  Tomasz Dziendzielski (1):
        bitbake: data: Do not depend on vardepvalueexclude flag

  Trevor Woerner (1):
        DISTRO_FEATURES: remove uclibc remnants

  Zoltán Böszörményi (2):
        npm.bbclass: Fix file permissions before opening it for writing
        npm.bbclass: Don't create /usr/lib/node symlink

  leimaohui (1):
        cve-check.bbclass: Added do_populate_sdk[recrdeptask].

  wangmy (1):
        librepo: upgrade 1.14.2 -> 1.14.3

meta-raspberrypi: c97a9e34ab..62a84833d9:
  Andrei Gherzan (1):
        Revert "kmod: Enable xz compression"

  Khem Raj (3):
        rpi-config: Add option to enable One-wire interface
        linux-firmware-rpidistro: Create brcmfmac43455-sdio.raspberrypi,4-model-b.bin symlink
        linux-raspberrypi: Upgrade to 5.15.38

Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: If15534d7da5bfa78ef2224bb09ff1a8eb96a0e10

4 files changed, 2 insertions, 181 deletions

diff --git a/meta-security/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils/command-line-apply-operation-to-all-paths.patch b/meta-security/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils/command-line-apply-operation-to-all-paths.patch
deleted file mode 100644
index 35c3162701..0000000000
--- a/meta-security/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils/command-line-apply-operation-to-all-paths.patch
+++ /dev/null
@@ -1,68 +0,0 @@
-From 5834216fb3aa4e5e59ee13e871c70db1b4e13f02 Mon Sep 17 00:00:00 2001
-From: Patrick Ohly <patrick.ohly@intel.com>
-Date: Fri, 30 Sep 2016 10:22:16 +0200
-Subject: [PATCH] command line: apply operation to all paths
-
-Previously, invocations like "evmctl ima_hash foo bar" silently
-ignored all parameters after the first path name ("foo" in this
-example).
-
-Now evmctl iterates over all specified paths. It aborts with an
-error as soon as the selected operation fails for a path.
-
-Supporting more than one parameter is useful in combination with
-"find" and "xargs" because it is noticably faster than invoking
-evmutil separately for each file, in particular when run under pseudo
-(a fakeroot environment used by the OpenEmbedded build system).
-
-This complements the recursive mode and can be used when more control
-over file selection is needed.
-
-Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
----
- src/evmctl.c | 21 ++++++++++++---------
- 1 file changed, 12 insertions(+), 9 deletions(-)
-
-diff --git a/src/evmctl.c b/src/evmctl.c
-index 23cf54c..2072034 100644
---- a/src/evmctl.c
-+++ b/src/evmctl.c
-@@ -626,7 +626,7 @@ static int get_file_type(const char *path, const char *search_type)
- static int do_cmd(struct command *cmd, find_cb_t func)
- {
- 	char *path = g_argv[optind++];
--	int err, dts = REG_MASK; /* only regular files by default */
-+	int err = 0, dts = REG_MASK; /* only regular files by default */
- 
- 	if (!path) {
- 		log_err("Parameters missing\n");
-@@ -634,15 +634,18 @@ static int do_cmd(struct command *cmd, find_cb_t func)
- 		return -1;
- 	}
- 
--	if (recursive) {
--		if (search_type) {
--			dts = get_file_type(path, search_type);
--			if (dts < 0)
--				return dts;
-+	while (path && !err) {
-+		if (recursive) {
-+			if (search_type) {
-+				dts = get_file_type(path, search_type);
-+				if (dts < 0)
-+					return dts;
-+			}
-+			err = find(path, dts, func);
-+		} else {
-+			err = func(path);
- 		}
--		err = find(path, dts, func);
--	} else {
--		err = func(path);
-+		path = g_argv[optind++];
- 	}
- 
- 	return err;
--- 
-2.1.4
-
diff --git a/meta-security/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils/disable-doc-creation.patch b/meta-security/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils/disable-doc-creation.patch
deleted file mode 100644
index 75076f52f0..0000000000
--- a/meta-security/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils/disable-doc-creation.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-From 321a602098d11ee712ebd01f51033b5fd369eae9 Mon Sep 17 00:00:00 2001
-From: Patrick Ohly <patrick.ohly@intel.com>
-Date: Wed, 13 May 2015 03:41:02 -0700
-Subject: [PATCH] Makefile.am: disable man page creation
-
-Depends on asciidoc, which is not available.
-
-Upstream-Status: Inappropriate [embedded specific]
-
-Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
----
- Makefile.am | 19 ++++++++++++++++++-
- 1 file changed, 18 insertions(+), 1 deletion(-)
-
-diff --git a/Makefile.am b/Makefile.am
-index 06ebf59..4ddd52c 100644
---- a/Makefile.am
-+++ b/Makefile.am
-@@ -1,5 +1,5 @@
- SUBDIRS = src
--dist_man_MANS = evmctl.1
-+# dist_man_MANS = evmctl.1
- 
- doc_DATA =  examples/ima-genkey-self.sh examples/ima-genkey.sh examples/ima-gen-local-ca.sh
- EXTRA_DIST = autogen.sh $(doc_DATA)
-@@ -39,4 +39,21 @@ rmman:
- 
- doc: evmctl.1.html rmman evmctl.1
- 
-+# requires asciidoc, xslproc, docbook-xsl
-+# FIXME Disabled until docbook-xsl is unavaliable on tizen.org
-+#MANPAGE_DOCBOOK_XSL = /usr/share/xml/docbook/stylesheet/docbook-xsl/manpages/docbook.xsl
-+#
-+#evmctl.1.html: README
-+#	@asciidoc -o $@ $<
-+#
-+#evmctl.1:
-+#	asciidoc -d manpage -b docbook -o evmctl.1.xsl README
-+#	xsltproc --nonet -o $@ $(MANPAGE_DOCBOOK_XSL) evmctl.1.xsl
-+#	rm -f evmctl.1.xsl
-+#
-+#rmman:
-+#	rm -f evmctl.1
-+#
-+#doc: evmctl.1.html rmman evmctl.1
-+
- .PHONY: $(tarname)
--- 
-1.8.4.5
-
diff --git a/meta-security/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils/evmctl.c-do-not-depend-on-xattr.h-with-IMA-defines.patch b/meta-security/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils/evmctl.c-do-not-depend-on-xattr.h-with-IMA-defines.patch
deleted file mode 100644
index ffa65dfb00..0000000000
--- a/meta-security/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils/evmctl.c-do-not-depend-on-xattr.h-with-IMA-defines.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From 2dec9199f8a8a2c84b25a3d3e7e2f41b71e07834 Mon Sep 17 00:00:00 2001
-From: Patrick Ohly <patrick.ohly@intel.com>
-Date: Wed, 17 Jun 2015 14:28:18 +0200
-Subject: [PATCH 20/20] evmctl.c: do not depend on xattr.h with IMA defines
-
-Compilation on older Linux distros (like Ubuntu 12.04) fails
-because linux/xattr.h does not yet have the IMA defines. Compiling
-there makes sense when only the tools are needed, for example when
-signing an image in cross-compile mode.
-
-To support this, add fallbacks for the two defines which are needed.
-Their value is part of the Linux ABI and thus fixed.
-
-Upstream-status: Submitted [linux-ima-devel@lists.sourceforge.net]
-
-Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
-
----
- src/evmctl.c | 12 ++++++++++++
- 1 file changed, 12 insertions(+)
-
-diff --git a/src/evmctl.c b/src/evmctl.c
-index c54efbb..23cf54c 100644
---- a/src/evmctl.c
-+++ b/src/evmctl.c
-@@ -57,6 +57,18 @@
- #include <termios.h>
- #include <assert.h>
- 
-+/*
-+ * linux/xattr.h might be old to have this. Allow compilation on older
-+ * Linux distros (like Ubuntu 12.04) by falling back to our own
-+ * definition.
-+ */
-+#ifndef XATTR_IMA_SUFFIX
-+# define XATTR_IMA_SUFFIX "ima"
-+#endif
-+#ifndef XATTR_NAME_IMA
-+# define XATTR_NAME_IMA XATTR_SECURITY_PREFIX XATTR_IMA_SUFFIX
-+#endif
-+
- #include <openssl/sha.h>
- #include <openssl/pem.h>
- #include <openssl/hmac.h>
--- 
-2.1.4
-
diff --git a/meta-security/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils_git.bb b/meta-security/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils_1.4.bb
index fc7a2d61ab..4f1d1a31b1 100644
--- a/meta-security/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils_git.bb
+++ b/meta-security/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils_1.4.bb
@@ -6,22 +6,8 @@ DEPENDS += "openssl attr keyutils"
 
 DEPENDS:class-native += "openssl-native keyutils-native"
 
-PV = "1.2.1+git${SRCPV}"
-SRCREV = "3eab1f93b634249c1720f65fcb495b1996f0256e"
-SRC_URI = "git://git.code.sf.net/p/linux-ima/ima-evm-utils;branch=ima-evm-utils-1.2.y"
-
-# Documentation depends on asciidoc, which we do not have, so
-# do not build documentation.
-SRC_URI += "file://disable-doc-creation.patch"
-
-# Workaround for upstream incompatibility with older Linux distros.
-# Relevant for us when compiling ima-evm-utils-native.
-SRC_URI += "file://evmctl.c-do-not-depend-on-xattr.h-with-IMA-defines.patch"
-
-# Required for xargs with more than one path as argument (better for performance).
-SRC_URI += "file://command-line-apply-operation-to-all-paths.patch"
-
-S = "${WORKDIR}/git"
+SRC_URI = "https://sourceforge.net/projects/linux-ima/files/${BPN}/${BP}.tar.gz"
+SRC_URI[sha256sum] = "fcf85b31d6292051b3679e5f17ffa7f89b6898957aad0f59aa4e9878884b27d1"
 
 inherit pkgconfig autotools features_check