subtree updates

meta-raspberrypi: 31c33d155c..cfbb192e5c: Andrei Gherzan (1): docs: Add information for RTC devices Andrew Penner (2): rpi-cmdline: Add ability to specify CPUs to add to the isolcpus list extra-build-config: Add documentation for the ISOLATED_CPUS configuration variable Jan Vermaete (1): docs: untabify the few tabs in the file Khem Raj (3): userland: Update to latest as of 20220323 picamera-libs: Adjust sourcedir omxplayer: Use internal version of ffmpeg meta-openembedded: af11f6ce73..b9e440ead8: Adrian Freihofer (1): srecord: build fix Andreas Müller (40): octave: upgrade 4.4.1 -> 6.4.0 and overhaul recipe mousepad: upgrade 0.5.8 -> 0.5.9 xfce4-terminal: upgrade 0.8.10 -> 1.0.0 orage: upgrade 4.12.1 -> 4.16.0 orage: enable notify PACKAGECONFIG by default ristretto: upgrade 0.12.1 -> 0.12.2 xarchiver: upgrade 0.5.4.14 -> 0.5.4.17 xfce4-cpufreq-plugin: upgrade 1.2.5 -> 1.2.7 xfce4-cpugraph-plugin: upgrade 1.2.5 -> 1.2.6 xfce4-diskperf-plugin: upgrade 2.6.3 -> 2.7.0 xfce4-notifyd: upgrade 0.6.2 -> 0.6.3 xfce4-screenshooter: upgrade 1.9.9 -> 1.9.10 xfce4-sensors-plugin: upgrade 1.4.2 -> 1.4.3 Allow several components notification meta-xfce: Add Andreas Müller back to maintainers list accountsservice: upgrade 0.6.55 -> 22.08.8 colord-gtk: upgrade 0.2.0 -> 0.3.0 evince: upgrade 41.4 -> 42.1 evolution-data-server: upgrade 3.43.1 -> 3.44.0 file-roller: upgrade 3.40.0 -> 3.42.0 gdm: upgrade 41.0 -> 42.0 gedit: upgrade 41.0 -> 42.0 gfbgraph: upgrade 0.2.4 -> 0.2.5 gnome-calculator upgrade 41.1 -> 42-0 libgweather4: initial add 4.0.0 gnome-calendar 41.2 -> 42.0 gnome-desktop: upgrade 41.2 -> 42.0 libnma: upgrade 1.8.34 -> 1.8.36 gnome-bluetooth4: initial add 42.0 gnome-font-viewer: upgrade 41.0 -> 42.0 yelp-xsl: upgrade 41.1 -> 42.0 yelp-tools: upgrade 41.0 -> 42.0 yelp: upgrade 41.2 -> 42.1 upower: upgrade 0.99.13 -> 0.99.17 / build with mesom upower: fix location of udev-rules with sysvinit gnome-commander: initial add 1.14.2 gnome-text-editor: initial add 42.0 evolution-data-server: re-enable gobject-introspection jack: upgrade 1.19.19 -> 1.19.20 fluidsynth: upgrade 2.2.4 -> 2.2.6 Chen Qi (1): blueman: fix python site-packages installation issue Craig McQueen (1): dnsmasq: Fix a typo in initscript Davide Gardenal (2): python3-wxgtk4: add distro feature check to match dependency fwupd: add COMPATIBLE_HOST to match dependency Jose Quaresma (2): srt: 1.4.2 -> 1.4.3 srt: 1.4.3 -> 1.4.4 Khem Raj (2): xfce4-screenshooter: Add dependency on libxml-parser-perl-native open-vm-tools: Use specific BSD-2-Clause for license Matsunaga-Shinji (2): samba: add 2 cves to allowlist libzip: add CVE-2017-12858 to allowlist Minjae Kim (1): multipath-tools: update SRC_URI Potin Lai (1): libimobiledevice-glue: update recipe Robert Yang (2): wxwidgets: Fix checking for PACKAGECONFIG and DISTRO_FEATURES wxwidgets: git -> gitsm to fix build when no x11 Samuli Piippo (1): python3-qface: upgrade 2.0.6 -> 2.0.7 Xu Huan (5): python3-cheetah: upgrade 3.2.6.post2 -> 3.2.6 python3-evdev: upgrade 1.4.0 -> 1.5.0 python3-google-api-python-client: upgrade 2.36.0 -> 2.42.0 python3-itsdangerous: upgrade 2.1.1 -> 2.1.2 python3-grpcio: upgrade 1.44.0 -> 1.45.0 Yi Zhao (1): dracut: upgrade 055 -> 056 wangmy (20): python3-bitarray: upgrade 2.4.0 -> 2.4.1 python3-click: upgrade 8.0.4 -> 8.1.2 python3-cppy: upgrade 1.2.0 -> 1.2.1 python3-pandas: upgrade 1.4.1 -> 1.4.2 python3-protobuf: upgrade 3.19.4 -> 3.20.0 python3-pychromecast: upgrade 10.3.0 -> 11.0.0 python3-pyparted: upgrade 3.11.7 -> 3.12.0 python3-redis: upgrade 4.2.0 -> 4.2.1 python3-sqlalchemy: upgrade 1.4.32 -> 1.4.34 python3-thrift: upgrade 0.15.0 -> 0.16.0 python3-trafaret: upgrade 2.1.0 -> 2.1.1 python3-twine: upgrade 3.8.0 -> 4.0.0 python3-tzlocal: upgrade 4.1 -> 4.2 python3-websocket-client: upgrade 1.3.1 -> 1.3.2 python3-werkzeug: upgrade 2.0.3 -> 2.1.1 zenity: upgrade 3.41.0 -> 3.42.0 ceres-solver: upgrade 2.0.0 -> 2.1.0 grpc: upgrade 1.45.0 -> 1.45.1 poppler: upgrade 22.03.0 -> 22.04.0 xorg-sgml-doctools: upgrade 1.11 -> 1.12 zhengrq.fnst (2): python3-jdatetime: upgrade 4.0.0 -> 4.1.0 python3-kiwisolver: upgrade 1.4.0 -> 1.4.2 meta-security: da93339112..498ca39cd6: Armin Kuster (5): openscap-daemon: use renamaed python_setuptools_build_meta python3-fail2ban: fix compile issue on some hosts lkrg-module: covert to git fetcher linux-yocto_security.inc: add lkrg kfrags samhain: update to 4.4.7 Ashish Sharma (1): meta-security : Use SPDX style licensing format Davide Gardenal (2): clamav: add COMPATIBLE_HOST to fix build error fscrypt: update dependecy from go-dep-native to go-native Robert Yang (1): LICENSE: adopt SPDX standard names poky: 1976521190..ed98f1a1ae: Abongwa Amahnui Bonalais (1): oe-init-build-env: add quotes around variables to prevent word splitting Alessio Igor Bogani (1): kernel.bbclass: Use KERNEL_IMAGEDEST instead of hardcoded boot path Alexandre Belloni (1): pseudo: Fix handling of absolute links Bruce Ashfield (6): linux-yocto/5.15: update to v5.15.32 linux-yocto/5.10: update to v5.10.109 linux-yocto/5.15: aufs: fixes and optimization linux-yocto-rt/5.15: aufs: compile fix linux-yocto/5.15: features/security: Move x86_64 configs to separate file linux-yocto/5.10: features/security: Move x86_64 configs to separate file Carlos Rafael Giani (1): libsdl2: Disable libunwind dependency in native builds Claudius Heine (1): os-release: add os-release-initrd package Ferry Toth (1): package_manager: sign DEB package feeds Joe Slater (1): unzip: fix CVE-2021-4217 Khem Raj (1): glib-2.0: Backport patches C++ variant of g_atomic_int_compare_and_exchange() Oleksandr Kravchuk (1): tzdata: update to 2022a Peter Kjellerstedt (5): python3-jinja2: Correct HOMEPAGE insane.bbclass: Make do_qa_patch() depend on if patch-fuzz is in ERROR_QA insane.bbclass: Make changes to QA_EMPTY_DIRS trigger package_qa to rerun bitbake.conf: Remove ERROR_QA from BB_HASHEXCLUDE_COMMON bitbake: knotty.py: Show elapsed time also for tasks with progress bars Richard Purdie (11): bitbake: parse: Ensure any existing siggen is closed down first bitbake: data: Ensure vardepsexclude or BB_BASEHASH_IGNORE_VARS covers contains items bitbake: server/process: Disable gc around critical section bitbake: cooker: Reset and rebuild inotify watches bitbake: pyinotify: Handle potential latent bug mirrors: Switch glibc and binutils to use shallow mirror tarballs bitbake: data: Fix accidentally added parameter bitbake.conf: Drop unexports from a different era vim: Upgrade 8.2.4524 -> 8.2.4681 Revert "meta: rust: Bug fix for target definitions returning 'NoneType'" build-appliance-image: Update to master head revision Robert Yang (1): waffle: The surfaceless-egl and gbm requires opengl Saul Wold (5): busybox: Exclude .debug from depmod kmod: Add an exclude directive to depmod depmodwrapper: Use nonarch_base_libdir for depmod.d kmod: Update exclude patch to Accepted depmodwrapper-cross: Fix missing $ Sean Anderson (1): u-boot: Fix condition for install_spl_helper Simone Weiss (1): popt: add ptest Sundeep KOKKONDA (3): gcc: sanitizer: Fix tsan against glibc 2.34 meta: rust: Bug fix for target definitions returning 'NoneType' meta: scripts - relocation script adapted to support big-endian machines Xavier Berger (1): gpg-sign: Add parameters to gpg signature function Signed-off-by: Patrick Williams <patrick@stwcx.xyz> Change-Id: I294af706d7b96796ff360b402b9d011082cf36a7
author: Patrick Williams <patrick@stwcx.xyz> 2022-04-08 18:23:27 +0300
committer: Patrick Williams <patrick@stwcx.xyz> 2022-04-08 18:24:52 +0300
commit: de0582f0e7de86eaf8c8d90d86ed313273a73774 (patch)
tree: 9e7371e33b7eea92fcfff468681fd8396db41388 /meta-security/recipes-security
parent: 76d114cab0113c54be8288785cda4ce230ad08a6 (diff)
download: openbmc-de0582f0e7de86eaf8c8d90d86ed313273a73774.tar.xz
8 files changed, 14 insertions, 7 deletions
diff --git a/meta-security/recipes-security/bastille/bastille_3.2.1.bb b/meta-security/recipes-security/bastille/bastille_3.2.1.bb
index 2d82983521..e7852d9f58 100644
--- a/meta-security/recipes-security/bastille/bastille_3.2.1.bb
+++ b/meta-security/recipes-security/bastille/bastille_3.2.1.bb
@@ -2,7 +2,7 @@
 #consult the README file for the meta-security layer for additional information.
 SUMMARY = "Linux hardening tool"
 DESCRIPTION = "Bastille Linux is a Hardening and Reporting/Auditing Program which enhances the security of a Linux box, by configuring daemons, system settings and firewalling."
-LICENSE = "GPLv2"
+LICENSE = "GPL-2.0-only"
 LIC_FILES_CHKSUM = "file://${S}/COPYING;md5=c93c0550bd3173f4504b2cbd8991e50b"
 # Bash is needed for set +o privileged (check busybox), might also need ncurses
 DEPENDS = "virtual/kernel"
diff --git a/meta-security/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb b/meta-security/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb
index 9aefc32cf2..5f8cf3c2e5 100644
--- a/meta-security/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb
+++ b/meta-security/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb
@@ -6,7 +6,7 @@ DESCRIPTION = "eCryptfs is a stacked cryptographic filesystem \
 HOMEPAGE = "https://launchpad.net/ecryptfs"
 SECTION = "base"
 
-LICENSE = "GPL-2.0"
+LICENSE = "GPL-2.0-only"
 LIC_FILES_CHKSUM = "file://COPYING;md5=8ca43cbc842c2336e835926c2166c28b"
 
 DEPENDS = "keyutils libgcrypt intltool-native glib-2.0-native"
diff --git a/meta-security/recipes-security/fail2ban/python3-fail2ban_0.11.2.bb b/meta-security/recipes-security/fail2ban/python3-fail2ban_0.11.2.bb
index 41187326db..96e17b77f5 100644
--- a/meta-security/recipes-security/fail2ban/python3-fail2ban_0.11.2.bb
+++ b/meta-security/recipes-security/fail2ban/python3-fail2ban_0.11.2.bb
@@ -9,6 +9,8 @@ HOMEPAGE = "http://www.fail2ban.org"
 LICENSE = "GPL-2.0-only"
 LIC_FILES_CHKSUM = "file://COPYING;md5=ecabc31e90311da843753ba772885d9f"
 
+DEPENDS = "python3-native"
+
 SRCREV ="4fe4ac8dde6ba14841da598ec37f8c6911fe0f64"
 SRC_URI = " git://github.com/fail2ban/fail2ban.git;branch=0.11;protocol=https \
         file://initd \
@@ -21,6 +23,11 @@ S = "${WORKDIR}/git"
 
 do_compile () {
     cd ${S}
+
+    #remove symlink to python3
+    # otherwise 2to3 is run against it
+    rm -f bin/fail2ban-python
+
     ./fail2ban-2to3
 }
 
diff --git a/meta-security/recipes-security/fscrypt/fscrypt_1.0.0.bb b/meta-security/recipes-security/fscrypt/fscrypt_1.0.0.bb
index 66bf429a46..663d8e25d6 100644
--- a/meta-security/recipes-security/fscrypt/fscrypt_1.0.0.bb
+++ b/meta-security/recipes-security/fscrypt/fscrypt_1.0.0.bb
@@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://src/${GO_IMPORT}/LICENSE;md5=3b83ef96387f14655fc854dd
 BBCLASSEXTEND = "native nativesdk"
 
 # fscrypt depends on go and libpam
-DEPENDS += "go-dep-native libpam"
+DEPENDS += "go-native libpam"
 
 SRCREV = "92b1e9a8670ccd3916a7d24a06cab1e4c9815bc4"
 SRC_URI = "git://github.com/google/fscrypt.git;branch=master;protocol=https"
diff --git a/meta-security/recipes-security/libdhash/ding-libs_0.6.1.bb b/meta-security/recipes-security/libdhash/ding-libs_0.6.1.bb
index 6046fa0b16..843850f6c4 100644
--- a/meta-security/recipes-security/libdhash/ding-libs_0.6.1.bb
+++ b/meta-security/recipes-security/libdhash/ding-libs_0.6.1.bb
@@ -2,7 +2,7 @@ SUMMARY = "Dynamic hash table implementation"
 DESCRIPTION = "Dynamic hash table implementation"
 HOMEPAGE = "https://fedorahosted.org/released/ding-libs"
 SECTION = "base"
-LICENSE = "GPLv3+"
+LICENSE = "GPL-3.0-or-later"
 LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504"
 
 SRC_URI = "https://fedorahosted.org/released/${BPN}/${BP}.tar.gz"
diff --git a/meta-security/recipes-security/libmhash/libmhash_0.9.9.9.bb b/meta-security/recipes-security/libmhash/libmhash_0.9.9.9.bb
index 9b34cb18ca..35c5ff81da 100644
--- a/meta-security/recipes-security/libmhash/libmhash_0.9.9.9.bb
+++ b/meta-security/recipes-security/libmhash/libmhash_0.9.9.9.bb
@@ -7,7 +7,7 @@ DESCRIPTION = "\
   "
 HOMEPAGE = "http://mhash.sourceforge.net/"
 
-LICENSE = "LGPLv2.0"
+LICENSE = "LGPL-2.0-only"
 LIC_FILES_CHKSUM = "file://COPYING;md5=3bf50002aefd002f49e7bb854063f7e7"
 
 S = "${WORKDIR}/mhash-${PV}"
diff --git a/meta-security/recipes-security/nikto/nikto_2.1.6.bb b/meta-security/recipes-security/nikto/nikto_2.1.6.bb
index 8542d69216..8c21b3072e 100644
--- a/meta-security/recipes-security/nikto/nikto_2.1.6.bb
+++ b/meta-security/recipes-security/nikto/nikto_2.1.6.bb
@@ -3,7 +3,7 @@ DESCRIPTION = "Nikto is an Open Source web server scanner which performs compreh
 SECTION = "security"
 HOMEPAGE = "https://cirt.net/Nikto2"
 
-LICENSE = "GPLv2"
+LICENSE = "GPL-2.0-only"
 LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0-only;md5=801f80980d171dd6425610833a22dbe6"
 
 SRCREV = "f1bbd1a8756c076c8fd4f4dd0bc34a8ef215ae79"
diff --git a/meta-security/recipes-security/sssd/sssd_2.5.2.bb b/meta-security/recipes-security/sssd/sssd_2.5.2.bb
index 8bc8787b88..9f1d627e1b 100644
--- a/meta-security/recipes-security/sssd/sssd_2.5.2.bb
+++ b/meta-security/recipes-security/sssd/sssd_2.5.2.bb
@@ -2,7 +2,7 @@ SUMMARY = "system security services daemon"
 DESCRIPTION = "SSSD is a system security services daemon"
 HOMEPAGE = "https://pagure.io/SSSD/sssd/"
 SECTION = "base"
-LICENSE = "GPLv3+"
+LICENSE = "GPL-3.0-or-later"
 LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504"
 
 DEPENDS = "acl attr openldap cyrus-sasl libtdb ding-libs libpam c-ares krb5 autoconf-archive"
author	Patrick Williams <patrick@stwcx.xyz>	2022-04-08 18:23:27 +0300
committer	Patrick Williams <patrick@stwcx.xyz>	2022-04-08 18:24:52 +0300
commit	de0582f0e7de86eaf8c8d90d86ed313273a73774 (patch)
tree	9e7371e33b7eea92fcfff468681fd8396db41388 /meta-security/recipes-security
parent	76d114cab0113c54be8288785cda4ce230ad08a6 (diff)
download	openbmc-de0582f0e7de86eaf8c8d90d86ed313273a73774.tar.xz