diff options
| author | Patrick Williams <patrick@stwcx.xyz> | 2024-01-05 20:33:25 +0300 |
|---|---|---|
| committer | Patrick Williams <patrick@stwcx.xyz> | 2024-01-06 03:50:23 +0300 |
| commit | 169d7bccc02da43f8574d030502cfcf9308f505f (patch) | |
| tree | 534ffb94b96dc656fa1d901137a4692326046e22 /meta-security | |
| parent | 3fc1d7253cd91f776585b1866a8fdc1f7cdbb318 (diff) | |
| download | openbmc-169d7bccc02da43f8574d030502cfcf9308f505f.tar.xz | |
subtree updates
meta-raspberrypi: fde68b24f0..4c033eb074:
Harunobu Kurokawa (1):
rpi-cmdline, rpi-u-boot-src: Support USB boot
meta-arm: 0b61cc659a..4d22f982bc:
Debbie Martin (2):
arm-systemready: Add parted dependency and inherit testimage
ci: Add Arm SystemReady firmware and IR ACS builds
Harsimran Singh Tungal (3):
arm-bsp/documentation: corstone1000: fix the steps in the user guide and instructions
corstone1000:arm-bsp/optee: Update optee to v4.0
corstone1000:arm-bsp/tftf: Fix tftf tests on mps3
Jon Mason (5):
arm/trusted-firmware-a: move patch file to bbappend
arm/trusted-firmware-a: update to 2.10
arm/hafnium: update to v2.10
CI: rename meta-secure-core directory
arm/edk2: update to 202311
Ross Burton (1):
CI: switch back to master
poky: 028b6f6226..4675bbb757:
Adrian Freihofer (4):
cmake-qemu.bbclass: make it more usable
oe-selftest: add a cpp-example recipe
oeqa/core/decorator: add skip if not qemu-usermode
oe-selftest: add tests for C and C++ build tools
Alassane Yattara (22):
bitbake: toaster/test: bug-fix on tests/browser/test_all_builds_page
bitbake: toaster/test: from test_no_builds_message.py wait for the empty state div to appear
bitbake: toaster/test: delay driver action until elements to appear
bitbake: toaster/tests: Ensure to kill toaster process create for tests functional
bitbake: toaster/tests: Added functional/utils, contains useful methods using by functional tests
bitbake: toaster/tests: Refactorize tests/functional
bitbake: toaster/tests: Bug fixes, functional tests dependent on each other
bitbake: toaster/tests: Fixes warnings in autobuilder
bitbake: toaster/tests: bug-fix tests writing files into /tmp on the autobuilders
bitbake: toaster/test: fix Copyright
bitbake: toaster/tests: logging warning in console, trying to kill unavailable Runbuilds process
bitbake: toaster/tests: Removed all time.sleep occurrence
bitbake: toaster/tests: Bug-Fix testcase functional/test_project_page_tab_config.py
bitbake: toaster/tests: bug-fix element click intercepted in browser/test_layerdetails_page.py
bitbake: toaster/tests: Update tests/functional/functional_helpers test_functional_basic
bitbake: toaster/tests: Fixes functional tests warning on autobuilder
bitbake: toaster/tests: Bug-fix test_functional_basic, delay driver actions
bitbake: toaster/tests: bug-fix An element matching "#projectstable" should be visible
bitbake: toaster/tests: bug-fix An element matching "#lastest_builds" should be on the page
bitbake: toaster/tests: Skip to show more then 100 item in ToasterTable
bitbake: toaster/tests: Bug-fix "#project-created-notification" should be visible
bitbake: toaster/toastergui: Bug-fix verify given layer path only if import/add local layer
Alex Bennée (1):
qemurunner: more cleanups for output blocking
Alex Kiernan (17):
cargo: Rename MANIFEST_PATH -> CARGO_MANIFEST_PATH
cargo: Move CARGO_MANIFEST_PATH/CARGO_SRC_DIR to cargo_common
rust: cargo: Convert single-valued variables to weak defaults
cargo: Add CARGO_LOCK_PATH for path to Cargo.lock
rust: Upgrade 1.70.0 -> 1.71.0
rust: Upgrade 1.71.0 -> 1.71.1
sstate-cache-management: Rewrite in python
devtool: selftest: Fix test_devtool_modify_git_crates_subpath inequality
devtool: selftest: Fix test_devtool_modify_git_crates_subpath bbappend check
meta-selftest: hello-rs: Simple rust test recipe
devtool: selftest: Swap to hello-rs for crates testing
zvariant: Drop recipe
rust: Upgrade 1.71.1 -> 1.72.0
rust: Upgrade 1.72.0 -> 1.72.1
rust: Upgrade 1.72.1 -> 1.73.0
rust: Upgrade 1.73.0 -> 1.74.0
rust: Upgrade 1.74.0 -> 1.74.1
Alexander Kanavin (21):
selftest/sstatetest: print output from bitbake with actual newlines, not \n
selftest/sstatetests: do not delete custom $TMPDIRs under build-st when testing printdiff
sstatesig/find_siginfo: special-case gcc-source when looking in sstate caches
oeqa/selftest/sstatetests: re-work CDN tests, add local cache tests
gobject-introspection: depend on setuptools to obtain distutils module
libcap-ng-python: depend on setuptools to obtain distutils copy
dnf: remove obsolete python3-gpg dependency (provided by gpgme)
gpgme: disable python support (until upstream fixes 3.12 compatibility)
python3-setuptools-rust: remove distutils dependency
python3-babel: replace distutils with setuptools, as supported by upstream
python3-pip: remove distutils depedency
glib-2.0: replace distutils dependency with setuptools
python3-pytest-runner: remove distutils dependency
python3-numpy: distutils is no longer required
bitbake: bitbake/codeparser.py: address ast module deprecations in py 3.12
glibc-y2038-tests: do not run tests using 32 bit time APIs
bitbake: bitbake/runqueue: add debugging for find_siginfo() calls
bitbake: bitbake-diffsigs/runqueue: adapt to reworked find_siginfo()
bitbake: bitbake/runqueue: prioritize local stamps over sstate signatures in printdiff
sstatesig/find_siginfo: unify a disjointed API
lib/sstatesig/find_siginfo: raise an error instead of returning None when obtaining mtime
Alexander Lussier-Cullen (6):
bitbake: toaster: fix pytest build test execution and test discovery
bitbake: toaster: Add verbose printout for missing chrome(driver) dependencies
bitbake: bitbake: toaster: add functional testing toaster error details
bitbake: toaster/tests: Exit tests on chromedriver creation failure
bitbake: toaster/tests: fix functional tests setup and teardown
bitbake: toaster/tests: fix chrome argument syntax and wait for driver exit
Alexandre Belloni (1):
oeqa/selftest/recipetool: stop looking for md5sum
Anuj Mittal (9):
sqlite3: upgrade 3.44.0 -> 3.44.2
base-passwd: upgrade 3.6.2 -> 3.6.3
bluez5: upgrade 5.70 -> 5.71
glib-2.0: upgrade 2.78.1 -> 2.78.3
glib-networking: upgrade 2.76.1 -> 2.78.0
puzzles: upgrade to latest revision
stress-ng: upgrade 0.17.01 -> 0.17.03
libusb1: fix upstream version check
enchant2: upgrade 2.6.2 -> 2.6.4
Archana Polampalli (1):
bluez5: fix CVE-2023-45866
Bruce Ashfield (31):
linux-yocto/6.5: cfg: split runtime and symbol debug
linux-yocto/6.5: update to v6.5.11
linux-yocto/6.1: update to v6.1.62
linux-yocto-dev: bump to v6.7
linux-yocto/6.5: update to v6.5.12
linux-yocto/6.5: update to v6.5.13
linux-yocto/6.1: update to v6.1.65
linux-yocto/6.1: drop removed IMA option
linux-yocto/6.5: drop removed IMA option
linux-yocto-rt/6.1: update to -rt18
linux-yocto/6.1: update to v6.1.66
linux-yocto/6.1: update to v6.1.67
linux-yocto/6.5: fix AB-INT: QEMU kernel panic: No irq handler for vector
linux-yocto/6.1: update to v6.1.68
oeqa/runtime/parselogs: add qemux86 ACPI ignore for kernel v6.6+
linux-libc-headers: update to v6.6-lts
linux-yocto: introduce 6.6 reference kernel
linux-yocto/6.6: fix AB-INT: QEMU kernel panic: No irq handler for vector
linux-yocto-rt/6.6: fix CVE exclusion include
linux-yocto/6.6: update CVE exclusions
linux-yocto/6.6: update to v6.6.8
linux-yocto/6.1: update to v6.1.69
linux-yocto/6.5: drop 6.5 recipes
linux-yocto-rt/6.6: correct meta data branch
linux-yocto/6.6: update to v6.6.9
linux-yocto/6.6: update CVE exclusions
linux-yocto/6.1: update to v6.1.70
linux-yocto/6.1: update CVE exclusions
linux-yocto/6.6: ARM fix configuration audit warning
linux-yocto/6.6: arm: jitter entropy backport
poky/poky-tiny: make 6.6 the default kernel
Changqing Li (1):
man-pages: remove conflict pages
Chen Qi (1):
devtool: use straight print in check-upgrade-status output
Clay Chang (1):
devtool: deploy: provide max_process to strip_execs
Daniel Ammann (1):
base: Unpack .7z files with p7zip
Deepthi Hemraj (1):
autoconf: Add missing perl modules to RDEPENDS
Dhairya Nagodra (2):
cve-update-nvd2-native: faster requests with API keys
cve-update-nvd2-native: increase the delay between subsequent request failures
Eilís 'pidge' Ní Fhlannagáin (3):
useradd: Fix issues with useradd dependencies
useradd: Add testcase for bugzilla issue (currently disabled)
usergrouptests.py: Add test for switching between static-ids
Enrico Scholz (1):
tcp-wrappers: drop libnsl2 build dependency
Etienne Cordonnier (2):
gdb/systemd: enable minidebuginfo support conditionally
manuals: document minidebuginfo
Fabio Estevam (3):
libdrm: Upgrade to 2.4.119
kmscube: Upgrade to latest revision
bmap-tools: Upgrade to 3.7
Hongxu Jia (2):
socat: 1.7.4.4 -> 1.8.0.0
man-db: 2.11.2 -> 2.12.0
Jason Andryuk (3):
linux-firmware: Package iwlwifi .pnvm files
linux-firmware: Change bnx2 packaging
linux-firmware: Create bnx2x subpackage
Jeremy A. Puhlman (1):
create-spdx-2.2: combine spdx can try to write before dir creation
Jermain Horsman (2):
lib/bblayers/makesetup.py: Remove unused imports
lib/bblayers/buildconf.py: Remove unused imports/variables
Jose Quaresma (2):
go: update 1.20.10 -> 1.20.11
go: update 1.20.11 -> 1.20.12
Joshua Watt (11):
bitbake: bitbake-hashserv: Add description of permissions
bitbake.conf: Add runtimedir
rpcbind: Specify state directory under /run
libinput: Add packageconfig for tests
ipk: Switch to using zstd compression
lib/oe/path.py: Add relsymlink()
lib/packagedata.py: Fix broken symlinks for providers with a '/'
bitbake: contrib/vim: Syntax improvements
classes-global/sstate: Fix variable typo
lib/packagedata.py: Add API to iterate over rprovides
classes-global/insane: Look up all runtime providers for file-rdeps
Julien Stephan (19):
recipetool: create_buildsys_python.py: initialize metadata
recipetool: create: add trailing newlines
recipetool: create: add new optional process_url callback for plugins
recipetool: create_buildsys_python: add pypi support
oeqa/selftest/recipetool: remove spaces on empty lines
oeqa/selftest/recipetool/devtool: add test for pypi class
recipetool: appendsrcfile(s): add dry-run mode
recipeutils: bbappend_recipe: fix undefined variable
recipeutils: bbappend_recipe: fix docstring
recipeutils: bbappend_recipe: add a way to specify the name of the file to add
recipeutils: bbappend_recipe: remove old srcuri entry if parameters are different
recipetool: appendsrcfile(s): use params instead of extraline
recipeutils: bbappend_recipe: allow to patch the recipe itself
recipetool: appendsrcfile(s): add a mode to update the recipe itself
oeqa/selftest/recipetool: appendsrfile: add test for machine
oeqa/selftest/recipetool: appendsrc: add test for update mode
oeqa/selftest/recipetool: add back checksum checks on pypi tests
oeqa/selftest/recipetool: remove left over from development
oeqa/selftest/recipetool: fix metadata corruption on meta layer
Kevin Hao (2):
beaglebone-yocto: Remove the redundant kernel-devicetree
beaglebone-yocto: Remove the obsolete variables for uImage
Khem Raj (13):
tiff: Backport fixes for CVE-2023-6277
kmod: Fix build with latest musl
elfutils: Use own basename API implementation
util-linux: Fix build with latest musl
sysvinit: Include libgen.h for basename API
attr: Fix build with latest musl
opkg: Use own version of portable basename function
util-linux: Delete md-raid tests
gdb: Update to gdb 14.1 release
systemd: Fix build with latest musl
qemu: Fix build with latest musl
qemu: Add packageconfig knob to enable pipewire support
weston: Include libgen.h for basename
Lee Chee Yang (5):
migration-guides: reword fix in release-notes-4.3.1
migration-guides: add release notes for 4.0.15
perlcross: update to 1.5.2
perl: 5.38.0 -> 5.38.2
curl: update to 8.5.0
Lucas Stach (1):
mesa: upgrade 23.2.1 -> 23.3.1
Ludovic Jozeau (1):
image-live.bbclass: LIVE_ROOTFS_TYPE support compression
Lukas Funke (1):
selftest: wic: add test for zerorize option of empty plugin
Malte Schmidt (1):
wic: extend empty plugin with options to write zeros to partiton
Markus Volk (3):
gtk4: upgrade 4.12.3 -> 4.12.4
libadwaita: update 1.4.0 -> 1.4.2
appstream: Upgrade 0.16.3 -> 1.0.0
Marlon Rodriguez Garcia (5):
bitbake: toaster/tests: Update build test
bitbake: toaster: Added new feature to import eventlogs from command line into toaster using replay functionality
bitbake: toaster: remove test and update setup to avoid rebuilding image
bitbake: toaster: Commandline build import table improvements
bitbake: toaster: Added validation to stop import if there is a build in progress
Marta Rybczynska (1):
bitbake: toastergui: verify that an existing layer path is given
Massimiliano Minella (1):
zstd: fix LICENSE statement
Michael Opdenacker (8):
test-manual: text and formatting fixes
test-manual: resource updates
test-manual: use working example
test-manual: add links to python unittest
test-manual: explicit or fix file paths
test-manual: add or improve hyperlinks
dev-manual: runtime-testing: fix test module name
poky.conf: update SANITY_TESTED_DISTROS to match autobuilder
Mikko Rapeli (1):
runqemu: match .rootfs. in addition to -image- for rootfs
Ming Liu (1):
grub: fs/fat: Don't error when mtime is 0
Mingli Yu (2):
python3-license-expression: Fix the ptest failure
ptest-packagelists.inc: Add python3-license-expression
Pavel Zhukov (2):
bitbake: utils: Do not create directories with ${ in the name
oeqa/selftest/bbtests: Add test for unexpanded variables in the dirname
Peter Kjellerstedt (11):
oeqa/selftest/devtool: Correct git clone of local repository
oeqa/selftest/devtool: Avoid global Git hooks when amending a patch
oeqa/selftest/devtool: Make test_devtool_load_plugin more resilient
oeqa/selftest/recipetool: Make test_recipetool_load_plugin more resilient
lib/oe/recipeutils: Avoid wrapping any SRC_URI[sha*sum] variables
recipetool: create: Improve identification of licenses
recipetool: create: Only include the expected SRC_URI checksums
devtool: upgrade: Update all existing checksums for the SRC_URI
devtool: modify: Make --no-extract work again
devtool: modify: Handle recipes with a menuconfig task correctly
dev-manual: Discourage the use of SRC_URI[md5sum]
Peter Marko (1):
dtc: preserve version also from shallow git clones
Philip Balister (1):
sanity.bbclass: Check for additional native perl modules.
Renat Khalikov (1):
python3-maturin: Add missing space appending to CFLAGS
Richard Purdie (41):
bitbake: runqueue: Improve inter setscene task dependency handling
bitbake: bb/toaster: Fix assertEquals deprecation warnings
bitbake: toaster: Fix assertRegexpMatches deprecation warnings
bitbake: toastermain/settings: Avoid python filehandle closure warnings
bitbake: toastergui: Fix regex markup issues
bitbake: bitbake: Move to version 2.6.1 to mark runqueue changes
bitbake: toaster-eventreplay: Remove ordering assumptions
sanity.conf: Require bitbake 2.6.1 for recent runqueue change
sstate: Remove unneeded code from setscene_depvalid() related to useradd
oeqa/runtime/systemd: Ensure test runs only on systemd images
bitbake: toaster: Update to use qemux86-64 machine by default
bitbake: toaster/tests/builds: Add BB_HASHSERVE passthrough
pseudo: Update to pull in syncfs probe fix
useradd: Fix useradd do_populate_sysroot dependency bug
sstate: Fix dir ownership issues in SSTATE_DIR
oeqa/sstatetests: Disable gcc source printdiff test for now
build-appliance-image: Update to master head revision
bitbake: utils: Fix mkdir with PosixPath
bitbake: runqueue: Remove tie between rqexe and starts_worker
build-appliance-image: Update to master head revision
testimage: Exclude wtmp from target-dumper commands
qemurunner: Improve stdout logging handling
qemurunner: Improve handling of serial port output blocking
oeqa/selftest/overlayfs: Don't overwrite DISTRO_FEATURES
testimage: Drop target_dumper and most of monitor_dumper
oeqa/selftest/overlayfs: Fix whitespace
qemu: Clean up DEPENDS
qemu: Ensure pip and the python venv aren't used for meson
curl: Disable two intermittently failing tests
linux/cve-exclusion6.1: Update to latest kernel point release
lib/prservice: Improve lock handling robustness
oeqa/selftest/prservice: Improve test robustness
scripts: Drop shell sstate-cache-management
oeqa/selftest/sstatetests: Update sstate management script tests to python script
curl: Disable test 1091 due to intermittent failures
bitbake: lib/bb: Add workaround for libgcc issues with python 3.8 and 3.9
bitbake: bitbake: Post release version bump to 2.7.0
bitbake: siggen: Ensure version of siggen is verified
bitbake: bitbake: Version bump for find_siginfo chanages
sstatesig: Add version information for find_sigingfo
sanity: Require bitbake 2.7.1
Robert Berger (1):
uninative-tarball.xz - reproducibility fix
Robert Yang (5):
gettext: Upgrade 0.22.3 -> 0.22.4
nfs-utils: Upgrade 2.6.3 -> 2.6.4
archiver.bbclass: Improve work-shared checking
nfs-utils: Update Upstream-Status
archiver.bbclass: Drop tarfile module to improve performance
Ross Burton (23):
avahi: update URL for new project location
oeqa/runtime/parselogs: load ignores from disk
oeqa/runtime/parselogs: migrate ignores
meta-yocto-bsp/oeqa/parselogs: add BSP-specific ignores
linux-yocto: update CVE exclusions
genericx86: remove redundant assignments
images: remove redundant IMAGE_BASENAME assignments
insane: ensure more paths have the workdir removed
tcl: skip timing-dependent tests in run-ptest
qemurunner: remove unused import
go: set vendor in CVE_PRODUCT
runqemu: add qmp socket support
linux-yocto: update CVE exclusions
tcl: skip async and event tests in run-ptest
images: add core-image-initramfs-boot
machine/arch-armv9: remove crc and sve tunes, they are mandatory
python3: re-enable profile guided optimisation
openssl: mark assembler sections as call targets for PAC/BTI support on aarch64
nativesdk: ensure features don't get backfilled
nativesdk: don't unset MACHINE_FEATURES, let machine-sdk/ set it
conf/machine-sdk: declare qemu-usermode SDK_MACHINE_FEATURE
libseccomp: remove redundant PV assignment
oeqa/parselogs-ignores-qemuarmv5: add comments and organise
Saul Wold (1):
package.py: OEHasPackage: Add MLPREFIX to packagename
Shubham Kulkarni (1):
tzdata: Upgrade to 2023d
Simone Weiß (2):
manuals: brief-yoctoprojectqs: align variable order with default local.conf
patchtest: Add test for deprecated CVE_CHECK_IGNORE
Soumya Sambu (1):
ncurses: Fix - tty is hung after reset
Sundeep KOKKONDA (1):
rust: rustdoc reproducibility issue fix - disable PGO
Tim Orling (12):
python3-bcrypt: upgrade 4.0.1 -> 4.1.1
python3-pygments: upgrade 2.16.1 -> 2.17.2
recipetool: pypi: do not clobber SRC_URI checksums
python3-setuptools-rust: BBCLASSEXTEND + nativesdk
python3-maturin: add v1.4.0
python3-maturin: bzip2-sys reproduciblility
classes-recipe: add python_maturin.bbclass
recipetool: add python_maturin support
oe-selfest: add maturn runtime (testimage) test
oeqa: add simple 'maturin' SDK (testsdk) test case
oeqa: add "maturin develop" SDK test case
oeqa: add runtime 'maturin develop' test case
Tom Rini (1):
inetutils: Update to the 2.5 release
Trevor Gamblin (1):
scripts/runqemu: fix regex escape sequences
Victor Kamensky (5):
systemtap: upgrade 4.9 -> 5.0
systemtap: do not install uprobes and uprobes sources
systemtap-uprobes: removed as obsolete
systemtap: explicit handling debuginfod library dependency
systemtap: fix libdebuginfod auto detection logic
Vijay Anusuri (1):
avahi: backport CVE-2023-1981 & CVE's follow-up patches
Viswanath Kraleti (2):
image-uefi.conf: Add EFI_UKI_PATH variable
systemd-boot: Add recipe to compile native
Wang Mingyu (38):
kbd: upgrade 2.6.3 -> 2.6.4
libatomic-ops: upgrade 7.8.0 -> 7.8.2
libnl: upgrade 3.8.0 -> 3.9.0
libseccomp: upgrade 2.5.4 -> 2.5.5
libva-utils: upgrade 2.20.0 -> 2.20.1
dnf: upgrade 4.18.1 -> 4.18.2
gpgme: upgrade 1.23.1 -> 1.23.2
kea: upgrade 2.4.0 -> 2.4.1
opkg-utils: upgrade 0.6.2 -> 0.6.3
repo: upgrade 2.39 -> 2.40
sysstat: upgrade 12.7.4 -> 12.7.5
p11-kit: upgrade 0.25.2 -> 0.25.3
python3-babel: upgrade 2.13.1 -> 2.14.0
python3-dbusmock: upgrade 0.29.1 -> 0.30.0
python3-hatchling: upgrade 1.18.0 -> 1.20.0
python3-hypothesis: upgrade 6.90.0 -> 6.92.1
python3-importlib-metadata: upgrade 6.8.0 -> 7.0.0
python3-license-expression: upgrade 30.1.1 -> 30.2.0
python3-pathspec: upgrade 0.11.2 -> 0.12.1
python3-pip: upgrade 23.3.1 -> 23.3.2
python3-psutil: upgrade 5.9.6 -> 5.9.7
python3-pytest-runner: upgrade 6.0.0 -> 6.0.1
python3-trove-classifiers: upgrade 2023.11.22 -> 2023.11.29
python3-typing-extensions: upgrade 4.8.0 -> 4.9.0
python3-wcwidth: upgrade 0.2.11 -> 0.2.12
ttyrun: upgrade 2.29.0 -> 2.30.0
xwayland: upgrade 23.2.2 -> 23.2.3
diffoscope: upgrade 252 -> 253
iputils: upgrade 20221126 -> 20231222
gstreamer1.0: upgrade 1.22.7 -> 1.22.8
dhcpcd: upgrade 10.0.5 -> 10.0.6
fontconfig: upgrade 2.14.2 -> 2.15.0
python3-setuptools: upgrade 69.0.2 -> 69.0.3
python3-dbusmock: upgrade 0.30.0 -> 0.30.1
python3-hatchling: upgrade 1.20.0 -> 1.21.0
python3-importlib-metadata: upgrade 7.0.0 -> 7.0.1
python3-lxml: upgrade 4.9.3 -> 4.9.4
aspell: upgrade 0.60.8 -> 0.60.8.1
Yash Shinde (1):
rust: Disable rust oe-selftest
Yi Zhao (3):
json-glib: upgrade 1.6.6 -> 1.8.0
psplash: upgrade to latest revision
debianutils: upgrade 5.14 -> 5.15
Yoann Congal (2):
lib/oe/patch: handle creating patches for CRLF sources
strace: Disable bluetooth support by default
Zang Ruochen (2):
ell: upgrade 0.60 -> 0.61
musl: add typedefs for Elf64_Relr and Elf32_Relr
Zoltan Boszormenyi (1):
update_gtk_icon_cache: Fix for GTK4-only builds
venkata pyla (1):
wic: use E2FSPROGS_FAKE_TIME and hash_seed to generate reproducible ext4 images
meta-openembedded: 5ad7203f68..7d8115d550:
Alex Kiernan (7):
mdns: Fix HOMEPAGE URL
mbedtls: Upgrade 3.5.0 -> 3.5.1
c-ares: Upgrade 1.22.1 -> 1.24.0
mdns: Upgrade 2200.40.37.0.1 -> 2200.60.25.0.4
c-ares: Move to tarballs, add ptest and static support
thin-provisioning-tools: Upgrade 1.0.4 -> 1.0.9
bearssl: Upgrade to latest
Alexander Kanavin (29):
python3-pyinotify: remove as unmaintained
python3-supervisor: do not rely on smtpd module
python3-meld3: do not rely on smtpd module
python3-m2crypto: do not rely on smtpd module
python3-uinput: remove as unmaintained
python3-mcrypto: rely on setuptools for distutils copy
python3-joblib: do not rely in distutils
python3-web3: remove distutils dependency
python3-cppy: remove unused distutils dependency
python3-pyroute2: remove unused distutils dependency
python3-eventlet: backport a patch to remove distutils dependency
python3-unoconv: rely on setuptools to obtain distutils copy
python3-astroid: remove unneeded distutils dependency
python3-django: remove unneeded distutils dependency
python3-pillow: remove unneeded distutils dependency
python3-grpcio: update 1.56.2 -> 1.59.3
gstd: correctly delete files in do_install
libplist: fix python 3.12 compatibility
libcamera: skip until upstream resolves python 3.12 compatibility
nodejs: backport (partially) python 3.12 support
nodejs: backport (partially) python 3.12 support
polkit: remove long obsolete 0.119 version
mozjs-115: split the way-too-long PYTHONPATH line
polkit: update mozjs dependency 102 -> 115
mozjs-115: backport py 3.12 compatibility
mozjs-102: remove the recipe
gthumb: update 3.12.2 -> 3.12.4
flatpak: do not rely on executables from the host
bolt: package systemd units
Archana Polampalli (1):
cjson: upgrade 1.7.16 -> 1.7.17
Bruce Ashfield (1):
zfs: update to 2.2.2
Changqing Li (2):
postgresql: upgrade 15.4 -> 15.5
redis: upgrade 6.2.13 -> 6.2.14
Derek Straka (70):
python3-greenlet: update to version 3.0.2
python3-ujson: update to version 5.9.0
python3-termcolor: update to version 2.4.0
python3-cmake: update to version 3.28.0
python3-pint: upgrade to 0.23
python3-gnupg: update to 0.5.2
python3-pyzmq: update to 25.1.2
python3-tox: update to version 4.11.4
python3-olefile: update to version 0.47
python3-distlib: update to version 0.3.8
python3-colorlog: update to version 6.8.0
python3-pymongo: update version to 4.6.1
python3-bandit: update to version 1.7.6
python3-gmqtt: update to version 0.6.13
python3-portion: update to version 2.4.2
python3-prompt-toolkit: update to version 3.0.43
python3-asyncinotify: update to version 4.0.4
python3-bitstring: update to version 4.1.4
python3-ipython: update to version 8.18.1
nginx: update versions for both the stable branch and mainline
python3-portalocker: update to version 2.8.2
python3-astroid: update to version 3.0.2
python3-alembic: update to version 1.13.1
python3-pymisp: update to verion 2.4.182
python3-ninja: update to version 1.11.1.1
python3-coverage: update to version 7.3.4
python3-pdm: update to version 2.11.1
python3-paramiko: update to version 3.4.0
python3-zeroconf: update to version 0.131.0
python3-wtforms: update to version 3.1.1
python3-isort: update to version 5.13.2
python3-protobuf: update to version 4.25.1
python3-lazy-object-proxy: update to version 1.10.0
python3-cantools: update to version 39.4.0
python3-sentry-sdk: update to version 1.39.1
python3-xmlschema: update to version 2.5.1
python3-apiflask: update to version 2.1.0
python3-rapidjson: update to version 1.14
python3-bitarray: update to version 2.9.0
python3-pyfanotify: update to version 0.2.2
python3-eventlet: update to version 0.34.1
python3-flask-wtf: update to version 1.2.1
python3-grpcio: update to version 1.60.0
python3-grpcio-tools: update to version 1.60.0
python3-cmake: update to version 3.28.1
python3-flask-sqlalchemy: fix upstream uri check
python3-wtforms: fix upstream uri and version check
gyp: update to the latest commit
python3-ipython-genutils: fix upstream uri and version check
python3-flask: fix upstream uri and version check
python3-wpa-supplicant: fix upstream uri and version check
python3-uswid: update to version 0.4.7
python3-flask-wtf: fix upstream uri and version check
python3-gspread: update to version 5.12.3
python3-pytest-html: update to version 4.1.1
python3-setuptools-scm-git-archive: remove obsolete package
python3-pyroute2: update to version 0.7.10
python3-constantly: update to version 23.10.4
python3-mypy: update to version 1.8.0
python3-flask-jwt-extended: update to version 4.6.0
python3-greenlet: update to version 3.0.3
python3-web3: update to version 6.13.0
python3-parse: update to version 1.20.0
python3-kmod: add comment about update to version 0.9.2
python3-engineio: update to version 4.8.1
python3-sqlalchemy: update to version 2.0.24
python3-pdm-backend: update to version 2.1.8
python3-cantools: update to version 39.4.1
python3-argh: update to version 0.30.5
python3-dominate: update to version 2.9.1
Dmitry Baryshkov (2):
android-tools: remove two Debianisms
networkmanager: drop libnewt dependency
Frederic Martinsons (3):
crash: factorize recipe with inc file to prepare cross-canadian version
crash: add cross canadian version
crash: update to 8.0.4
Jan Vermaete (1):
netdata: added Python as rdepends
Jean-Marc BOUCHE (1):
terminus-font: build compressed archives with -n
Jose Quaresma (1):
ostree: Upgrade 2023.7 -> 2023.8
Joshua Watt (1):
redis: Create state directory in systemd service
Jörg Sommer (1):
i2cdev: New recipe with i2c tools
Kai Kang (1):
lvm2: 2.03.16 -> 2.03.22
Khem Raj (3):
Revert "nodejs: backport (partially) python 3.12 support"
Revert "libcamera: skip until upstream resolves python 3.12 compatibility"
libcamera: Fix build with python 3.12
Leon Anavi (11):
sip: Upgrade 6.7.12 -> 6.8.0
python3-expandvars: add recipe
python3-frozenlist: upgrade 1.4.0 -> 1.4.1
python3-yarl: upgrade 1.9.2 -> 1.9.4
python3-coverage: upgrade 7.3.2 -> 7.3.3
python3-cycler: upgrade 0.11.0 -> 0.12.1
python3-aiohue: upgrade 4.6.2 -> 4.7.0
python3-sdbus: upgrade 0.11.0 -> 0.11.1
python3-zeroconf: upgrade 0.128.4 -> 0.130.0
python3-dominate: upgrade 2.8.0 -> 2.9.0
python3-rlp: upgrade 3.0.0 -> 4.0.0
Marek Vasut (1):
faad2: Upgrade 2.10.0 -> 2.11.1
Markus Volk (3):
wireplumber: update 0.4.15 -> 0.4.17
tracker: dont inherit gsettings
gnome-software: update 45.1 -> 45.2
Martin Jansa (4):
monocypher: pass LIBDIR to fix installed-vs-shipped QA issue with multilib
rygel: fix build with gtk+3 PACKAGECONFIG disabled
rygel: add x11 to DISTRO_FEATURES
driverctl: fix installed-vs-shipped
Meenali Gupta (1):
nginx: upgrade 1.25.2 -> 1.25.3
Mingli Yu (2):
mariadb: Upgrade to 10.11.6
tk: Remove buildpath issue
Nathan BRIENT (1):
cyaml: new recipe
Niko Mauno (1):
pkcs11-provider: Add recipe
Ny Antra Ranaivoarison (1):
python3-click-spinner: backport patch that fixes deprecated methods
Patrick Wicki (1):
poco: upgrade 1.12.4 -> 1.12.5p2
Petr Chernikov (1):
abseil-cpp: remove -Dcmake_cxx_standard=14 flag from extra_oecmake
Robert Yang (1):
minifi-cpp: Fix do_configure error builder aarch64
Ross Burton (13):
Remove unused SRC_DISTRIBUTE_LICENSES
gspell: inherit gtk-doc
gspell: update DEPENDS, switch iso-codes for icu
librest: remove spurious build dependencies
librest: inherit gtk-doc
keybinder: use autotools-brokensep instead of setting B
keybinder: disable gtk-doc documentation
gtksourceview3: remove obsolete DEPENDS
libgsf: remove obsolete DEPENDS
evolution-data-server: remove obsolete intltool DEPENDS
php: remove lemon-native build dependency
lemon: upgrade to 3.44.2
renderdoc: no need to depend on vim-native
Samuli Piippo (1):
jasper: enable opengl only wih x11
Theodore A. Roth (1):
python3-flask-sqlalchemy: upgrade 2.5.1 -> 3.1.1
Thomas Perrot (2):
networkmanager: add missing modemmanager rdepends
networkmanager: fix some missing pkgconfig
Tim Orling (8):
python3-pydantic-core: add v2.14.5
python3-annotated-types: add v0.6.0
python3-pydantic: fix RDEPENDS
python3-dirty-equals: add v0.7.1
python3-pydantic-core: enable ptest
python3-cloudpickle: add v3.0.0
python3-pydantic: enable ptest
python3-yappi: upgrade 1.4.0 -> 1.6.0; fix ptests
Wang Mingyu (61):
python3-alembic: upgrade 1.12.1 -> 1.13.0
python3-ansi2html: upgrade 1.8.0 -> 1.9.1
python3-argcomplete: upgrade 3.1.6 -> 3.2.1
python3-dbus-fast: upgrade 2.15.0 -> 2.21.0
python3-django: upgrade 4.2.7 -> 5.0
python3-flask-restx: upgrade 1.2.0 -> 1.3.0
python3-google-api-core: upgrade 2.14.0 -> 2.15.0
python3-google-api-python-client: upgrade 2.108.0 -> 2.111.0
python3-googleapis-common-protos: upgrade 1.61.0 -> 1.62.0
python3-google-auth: upgrade 2.23.4 -> 2.25.2
python3-imageio: upgrade 2.33.0 -> 2.33.1
python3-isort: upgrade 5.12.0 -> 5.13.1
python3-path: upgrade 16.7.1 -> 16.9.0
python3-platformdirs: upgrade 4.0.0 -> 4.1.0
python3-pytest-asyncio: upgrade 0.22.0 -> 0.23.2
python3-sentry-sdk: upgrade 1.37.1 -> 1.39.0
python3-bitarray: upgrade 2.8.3 -> 2.8.5
python3-eth-keyfile: upgrade 0.6.1 -> 0.7.0
python3-eth-rlp: upgrade 0.3.0 -> 1.0.0
python3-fastnumbers: upgrade 5.0.1 -> 5.1.0
python3-pylint: upgrade 3.0.2 -> 3.0.3
python3-tornado: upgrade 6.3.3 -> 6.4
python3-traitlets: upgrade 5.13.0 -> 5.14.0
python3-types-setuptools: upgrade 68.2.0.2 -> 69.0.0.0
python3-virtualenv: upgrade 20.24.7 -> 20.25.0
python3-web3: upgrade 6.11.3 -> 6.12.0
python3-websocket-client: upgrade 1.6.4 -> 1.7.0
python3-zeroconf: upgrade 0.127.0 -> 0.128.4
ctags: upgrade 6.0.20231126.0 -> 6.0.20231210.0
gensio: upgrade 2.8.0 -> 2.8.2
hwdata: upgrade 0.376 -> 0.377
lvgl: upgrade 8.3.10 -> 8.3.11
gjs: upgrade 1.78.0 -> 1.78.1
ifenslave: upgrade 2.13 -> 2.14
libei: upgrade 1.1.0 -> 1.2.0
pkcs11-helper: upgrade 1.29.0 -> 1.30.0
strongswan: upgrade 5.9.12 -> 5.9.13
webkitgtk3: upgrade 2.42.2 -> 2.42.3
sip: upgrade 6.8.0 -> 6.8.1
paho-mqtt-cpp: upgrade 1.3.1 -> 1.3.2
dbus-cxx: upgrade 2.4.0 -> 2.5.0
exiftool: upgrade 12.70 -> 12.71
uftp: upgrade 5.0.2 -> 5.0.3
ctags: upgrade 6.0.20231210.0 -> 6.0.20231224.0
jasper: Fix install conflict when enable multilib.
jq: upgrade 1.7 -> 1.7.1
libmbim: upgrade 1.31.1 -> 1.31.2
libqmi: upgrade 1.34.0 -> 1.35.1
opencl-headers: upgrade 2023.04.17 -> 2023.12.14
valijson: upgrade 1.0.1 -> 1.0.2
python3-apispec: upgrade 6.3.0 -> 6.3.1
python3-asyncinotify: upgrade 4.0.4 -> 4.0.5
python3-bitarray: upgrade 2.9.0 -> 2.9.1
python3-cassandra-driver: upgrade 3.28.0 -> 3.29.0
python3-ipython: upgrade 8.18.1 -> 8.19.0
python3-pydantic: upgrade 2.5.2 -> 2.5.3
python3-regex: upgrade 2023.10.3 -> 2023.12.25
opencl-icd-loader: upgrade 2023.04.17 -> 2023.12.14
python3-distro: upgrade 1.8.0 -> 1.9.0
zchunk: upgrade 1.3.2 -> 1.4.0
python3-eventlet: upgrade 0.34.1 -> 0.34.2
William Lyu (1):
networkmanager: Improved SUMMARY and added DESCRIPTION
Xiangyu Chen (1):
layer.conf: add libbpf to NON_MULTILIB_RECIPES
Yi Zhao (2):
open-vm-tools: upgrade 12.1.5 -> 12.3.5
samba: upgrade 4.18.8 -> 4.18.9
Zoltán Böszörményi (2):
mutter: Make gnome-desktop and libcanberra dependencies optional
zenity: Upgrade to 4.0.0
alperak (29):
jasper: upgrade 2.0.33 -> 4.1.1
xcursorgen: upgrade 1.0.7 -> 1.0.8
xstdcmap: upgrade 1.0.4 -> 1.0.5
xlsclients: upgrade 1.1.4 -> 1.1.5
xlsatoms: upgrade 1.1.3 -> 1.1.4
xkbevd: upgrade 1.1.4 -> 1.1.5
xgamma: upgrade 1.0.6 -> 1.0.7
sessreg: upgrade 1.1.2 -> 1.1.3
xbitmaps: upgrade 1.1.2 -> 1.1.3
xcursor-themes: add recipe
xorg-docs: add recipe
xorg-sgml-doctools: update summary depends and inc file
xf86-video-ati: upgrade 19.1.0 -> 22.0.0
xf86-input-void: upgrade 1.4.1 -> 1.4.2
libxaw: upgrade 1.0.14 -> 1.0.15
xf86-video-mga: upgrade 2.0.0 -> 2.0.1
snappy: upgrade 1.1.9 -> 1.1.10
xsetroot: upgrade 1.1.2 -> 1.1.3
libbytesize: Removed unnecessary setting of B
libmxml: use autotools-brokensep instead of setting B
libsombok3: use autotools-brokensep instead of setting B
pgpool2: use autotools-brokensep instead of setting B
qpdf: upgrade 11.6.3 -> 11.6.4
cpprest: upgrade 2.10.18 -> 2.10.19
avro-c: upgrade 1.11.2 -> 1.11.3
dool: upgrade 1.1.0 -> 1.3.1
driverctl: upgrade 0.111 -> 0.115
hstr: upgrade 2.5.0 -> 3.1.0
libharu: upgrade 2.3.0 -> 2.4.4
meta-security: 070a1e82cc..b2e1511338:
Armin Kuster (6):
libgssglue: update to 0.8
python3-privacyidea: Update to 3.9.1
lynis: Update SRC_URI to improve updater
layers: Move READMEs to markdown format
arpwatch: adjust CONFIGURE params to allow to build again.
python3-pyinotify: fail2ban needs this module
Dawid Dabrowski (1):
libhoth recipe update
Erik Schilling (2):
dm-verity-img.bbclass: use bc-native
dm-verity-img.bbclass: remove IMAGE_NAME_SUFFIX
Mikko Rapeli (2):
tpm2-tss: support native builds
dm-verity-img.bbclass: add DM_VERITY_DEPLOY_DIR
Change-Id: I94d7f1ee5ff2da4555c05fbf63a1293ec8f249c2
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Diffstat (limited to 'meta-security')
11 files changed, 42 insertions, 15 deletions
diff --git a/meta-security/README b/meta-security/README.md index 2d1996b153..2d1996b153 100644 --- a/meta-security/README +++ b/meta-security/README.md diff --git a/meta-security/classes/dm-verity-img.bbclass b/meta-security/classes/dm-verity-img.bbclass index 045c86011b..2f212d6c7b 100644 --- a/meta-security/classes/dm-verity-img.bbclass +++ b/meta-security/classes/dm-verity-img.bbclass @@ -33,6 +33,10 @@ # is stored where it can be installed into associated initramfs rootfs. STAGING_VERITY_DIR ?= "${TMPDIR}/work-shared/${MACHINE}/dm-verity" +# location of images, default current image recipe. Set to DEPLOY_DIR_IMAGE +# if non-verity images want to embed the .wks and verity image. +DM_VERITY_DEPLOY_DIR ?= "${IMGDEPLOYDIR}" + # Define the data block size to use in veritysetup. DM_VERITY_IMAGE_DATA_BLOCK_SIZE ?= "1024" @@ -49,6 +53,8 @@ DM_VERITY_SEPARATE_HASH ?= "0" DM_VERITY_ROOT_GUID ?= "4f68bce3-e8cd-4db1-96e7-fbcaf984b709" DM_VERITY_RHASH_GUID ?= "2c7357ed-ebd2-46d9-aec1-23d437ec2bf5" +DEPENDS += "bc-native" + # Process the output from veritysetup and generate the corresponding .env # file. The output from veritysetup is not very machine-friendly so we need to # convert it to some better format. Let's drop the first line (doesn't contain @@ -87,8 +93,8 @@ process_verity() { # https://uapi-group.org/specifications/specs/discoverable_partitions_specification/ ROOT_HASH=$(cat $ENV | grep ^ROOT_HASH | sed 's/ROOT_HASH=//' | tr a-f A-F) - ROOT_HI=$(echo "obase=16;ibase=16;$ROOT_HASH/2^80" | /usr/bin/bc) - ROOT_LO=$(echo "obase=16;ibase=16;$ROOT_HASH%2^80" | /usr/bin/bc) + ROOT_HI=$(echo "obase=16;ibase=16;$ROOT_HASH/2^80" | bc) + ROOT_LO=$(echo "obase=16;ibase=16;$ROOT_HASH%2^80" | bc) # Hyphenate as per UUID spec and as expected by wic+sgdisk parameters. # Prefix with leading zeros, in case hash chunks weren't using highest bits @@ -105,15 +111,15 @@ process_verity() { # Create wks.in fragment with build specific UUIDs for partitions. # Unfortunately the wks.in does not support line continuations... # First, the unappended filesystem data partition. - echo 'part / --source rawcopy --ondisk sda --sourceparams="file=${IMGDEPLOYDIR}/${DM_VERITY_IMAGE}-${MACHINE}.${DM_VERITY_IMAGE_TYPE}.verity" --part-name verityroot --part-type="${DM_VERITY_ROOT_GUID}"'" --uuid=\"$ROOT_UUID\"" > $WKS_INC + echo 'part / --source rawcopy --ondisk sda --sourceparams="file=${DM_VERITY_DEPLOY_DIR}/${DM_VERITY_IMAGE}-${MACHINE}.rootfs.${DM_VERITY_IMAGE_TYPE}.verity" --part-name verityroot --part-type="${DM_VERITY_ROOT_GUID}"'" --uuid=\"$ROOT_UUID\"" > $WKS_INC # note: no default mount point for hash data partition - echo 'part --source rawcopy --ondisk sda --sourceparams="file=${IMGDEPLOYDIR}/${DM_VERITY_IMAGE}-${MACHINE}.${DM_VERITY_IMAGE_TYPE}.vhash" --part-name verityhash --part-type="${DM_VERITY_RHASH_GUID}"'" --uuid=\"$RHASH_UUID\"" >> $WKS_INC + echo 'part --source rawcopy --ondisk sda --sourceparams="file=${DM_VERITY_DEPLOY_DIR}/${DM_VERITY_IMAGE}-${MACHINE}.${DM_VERITY_IMAGE_TYPE}.vhash" --part-name verityhash --part-type="${DM_VERITY_RHASH_GUID}"'" --uuid=\"$RHASH_UUID\"" >> $WKS_INC } verity_setup() { local TYPE=$1 - local INPUT=${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.$TYPE + local INPUT=${IMAGE_NAME}.$TYPE local SIZE=$(stat --printf="%s" $INPUT) local OUTPUT=$INPUT.verity local OUTPUT_HASH=$INPUT.verity @@ -155,7 +161,7 @@ verity_setup() { # make "dateless" symlink for the hash so the wks can find it. verity_hash() { cd ${IMGDEPLOYDIR} - ln -sf ${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.${DM_VERITY_IMAGE_TYPE}.vhash \ + ln -sf ${IMAGE_NAME}.${DM_VERITY_IMAGE_TYPE}.vhash \ ${IMAGE_BASENAME}-${MACHINE}.${DM_VERITY_IMAGE_TYPE}.vhash } diff --git a/meta-security/dynamic-layers/meta-python/recipes-devtools/python/python3-pyinotify_0.9.6.bb b/meta-security/dynamic-layers/meta-python/recipes-devtools/python/python3-pyinotify_0.9.6.bb new file mode 100644 index 0000000000..8dd5e1580a --- /dev/null +++ b/meta-security/dynamic-layers/meta-python/recipes-devtools/python/python3-pyinotify_0.9.6.bb @@ -0,0 +1,19 @@ +DESCRIPTION = "Python pyinotify: Linux filesystem events monitoring" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://COPYING;md5=ab173cade7965b411528464589a08382" + +RDEPENDS:${PN} += "\ + ${PYTHON_PN}-ctypes \ + ${PYTHON_PN}-fcntl \ + ${PYTHON_PN}-io \ + ${PYTHON_PN}-logging \ + ${PYTHON_PN}-misc \ + ${PYTHON_PN}-shell \ + ${PYTHON_PN}-smtpd \ + ${PYTHON_PN}-threading \ +" + +SRC_URI[md5sum] = "8e580fa1ff3971f94a6f81672b76c406" +SRC_URI[sha256sum] = "9c998a5d7606ca835065cdabc013ae6c66eb9ea76a00a1e3bc6e0cfe2b4f71f4" + +inherit pypi setuptools3 diff --git a/meta-security/dynamic-layers/meta-python/recipes-security/mfa/python3-privacyidea_3.9.bb b/meta-security/dynamic-layers/meta-python/recipes-security/mfa/python3-privacyidea_3.9.1.bb index 2f0ac3a7f7..8268345f7e 100644 --- a/meta-security/dynamic-layers/meta-python/recipes-security/mfa/python3-privacyidea_3.9.bb +++ b/meta-security/dynamic-layers/meta-python/recipes-security/mfa/python3-privacyidea_3.9.1.bb @@ -6,7 +6,7 @@ LICENSE = "AGPL-3.0-only" LIC_FILES_CHKSUM = "file://LICENSE;md5=c0acfa7a8a03b718abee9135bc1a1c55" PYPI_PACKAGE = "privacyIDEA" -SRC_URI[sha256sum] = "1dce02789ee0a639c5518ab95e254823ca1b47aeb1aae754ec11c70d4248f38e" +SRC_URI[sha256sum] = "7c70feb44980a3fd7501457777a1ec30e73541e54d3b31f2b9b5ab6cd73cff4f" inherit pypi setuptools3 diff --git a/meta-security/meta-hardening/README b/meta-security/meta-hardening/README.md index 191253c66a..191253c66a 100644 --- a/meta-security/meta-hardening/README +++ b/meta-security/meta-hardening/README.md diff --git a/meta-security/meta-tpm/README b/meta-security/meta-tpm/README.md index 5722a92abb..5722a92abb 100644 --- a/meta-security/meta-tpm/README +++ b/meta-security/meta-tpm/README.md diff --git a/meta-security/meta-tpm/recipes-tpm1/hoth/libhoth_git.bb b/meta-security/meta-tpm/recipes-tpm1/hoth/libhoth_git.bb index 5c7305cefe..7ba64f5af1 100644 --- a/meta-security/meta-tpm/recipes-tpm1/hoth/libhoth_git.bb +++ b/meta-security/meta-tpm/recipes-tpm1/hoth/libhoth_git.bb @@ -7,7 +7,7 @@ LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57" SRC_URI = "git://github.com/google/libhoth;protocol=https;branch=main" -SRCREV = "0e3eec6937d35c602ce497444eda05f3c465b5a8" +SRCREV = "e520f8fa637589324ec56d34f26a48a8162a250c" DEPENDS += "libusb1" diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_4.0.1.bb b/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_4.0.1.bb index 6386105cd3..dceebc215f 100644 --- a/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_4.0.1.bb +++ b/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_4.0.1.bb @@ -93,3 +93,5 @@ FILES:${PN} = "\ ${sysconfdir}/sysusers.d" RDEPENDS:libtss2 = "libgcrypt" + +BBCLASSEXTEND = "native" diff --git a/meta-security/recipes-compliance/lynis/lynis_3.0.9.bb b/meta-security/recipes-compliance/lynis/lynis_3.0.9.bb index 8c796c0269..5b5864c4e7 100644 --- a/meta-security/recipes-compliance/lynis/lynis_3.0.9.bb +++ b/meta-security/recipes-compliance/lynis/lynis_3.0.9.bb @@ -6,12 +6,14 @@ HOMEDIR = "https://cisofy.com/" LICENSE = "GPL-3.0-only" LIC_FILES_CHKSUM = "file://LICENSE;md5=3edd6782854304fd11da4975ab9799c1" -SRC_URI = "https://cisofy.com/files/${BPN}-${PV}.tar.gz \ +SRC_URI = "https://downloads.cisofy.com/lynis/${BPN}-${PV}.tar.gz \ file://0001-osdetection-add-OpenEmbedded-and-Poky.patch \ " SRC_URI[sha256sum] = "f394df7d20391fb76e975ae88f3eba1da05ac9c4945e2c7f709326e185e17025" +#UPSTREAM_CHECK = "https://downloads.cisofy.com/lynis" + S = "${WORKDIR}/${BPN}" inherit autotools-brokensep diff --git a/meta-security/recipes-scanners/arpwatch/arpwatch_3.3.bb b/meta-security/recipes-scanners/arpwatch/arpwatch_3.3.bb index 4b4d476b07..7a0a776beb 100644 --- a/meta-security/recipes-scanners/arpwatch/arpwatch_3.3.bb +++ b/meta-security/recipes-scanners/arpwatch/arpwatch_3.3.bb @@ -25,8 +25,6 @@ PACKAGECONFIG ??= "" PACKACONFIG[email] = "-with-watcher=email=${APRWATCH_FROM} --with-watchee=email=${ARPWATH_REPLY}, , postfix, postfix postfix-cfg" -EXTRA_OECONF:append = " --srcdir=${S}" - CONFIGUREOPTS = " --build=${BUILD_SYS} \ --host=${HOST_SYS} \ --target=${TARGET_SYS} \ @@ -41,13 +39,13 @@ CONFIGUREOPTS = " --build=${BUILD_SYS} \ --localstatedir=${localstatedir} \ --libdir=${libdir} \ --includedir=${includedir} \ - --oldincludedir=${oldincludedir} \ --infodir=${infodir} \ --mandir=${mandir} \ + --srcdir=${S} \ " do_configure () { - ${S}/configure ${CONFIGUREOPTS} ${EXTRA_OECONF} + ${S}/configure ${CONFIGUREOPTS} } do_install () { diff --git a/meta-security/recipes-security/libgssglue/libgssglue_0.7.bb b/meta-security/recipes-security/libgssglue/libgssglue_0.8.bb index 26bd2f3042..9d019648e7 100644 --- a/meta-security/recipes-security/libgssglue/libgssglue_0.7.bb +++ b/meta-security/recipes-security/libgssglue/libgssglue_0.8.bb @@ -18,14 +18,14 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=56871e72a5c475289c0d5e4ba3f2ee3a \ file://src/g_accept_sec_context.c;beginline=3;endline=23;md5=da8ca7a37bd26e576c23874d453751d2\ file://src/g_ccache_name.c;beginline=1;endline=32;md5=208d4de05d5c8273963a8332f084faa7 \ file://src/oid_ops.c;beginline=1;endline=26;md5=1f194d148b396972da26759a8ec399f0\ - file://src/oid_ops.c;beginline=378;endline=398;md5=d77a5c03e91908fac453c08bbeaddce1\ + file://src/oid_ops.c;beginline=378;endline=398;md5=72457a5cdc0354cb5c25c8b150326364\ " SRC_URI = "${DEBIAN_MIRROR}/main/libg/${BPN}/${BPN}_${PV}.orig.tar.gz \ file://libgssglue-canon-name.patch \ " -SRC_URI[sha256sum] = "bcd618ae0bc69f12815d77295658a760e7edc20706b9a731a81da8993f5c970a" +SRC_URI[sha256sum] = "a2bb183e946f6e30562a2a856950a2916c9b6d42c34d67a8400e4efc28917746" inherit autotools-brokensep |