subtree updates2.14.0-dev

meta-arm: 14c7e5b336..3b7347cd67:
  Jon Mason (6):
        CI: Remove host bitbake variables
        arm: add Mickledore to layer compat string
        CI: Add packages for opencsd and gator-daemon to base build
        CI: add common fvp yml file
        arm/opencsd: update to version 1.3.1
        arm/gator-daemon: update to v7.8.0

  Jose Quaresma (2):
        optee-ftpm/optee-os: add missing space in EXTRA_OEMAKE
        optee-os-ts: avoid using escape chars in EXTRA_OEMAKE

  Mohamed Omar Asaker (4):
        Revert "arm-bsp/trusted-firmware-m: corstone1000: secure debug code checkout from yocto"
        Revert "arm-bsp/trusted-firmware-m: corstone1000: bump tfm SHA"
        arm-bsp/trusted-firmware-m: corstone1000 support FMP image info
        arm-bsp/corstone1000: add msd configs for fvp

  Ross Burton (5):
        arm/hafnium: add missing Upstream-Status
        arm-bsp/hafnium: add missing Upstream-Status
        arm-bsp/linux-arm64-ack: fix malformed Upstream-Status tag
        CI: add documentation job
        CI: track meta-openembedded's langdale branch

  Rui Miguel Silva (2):
        arm/trusted-services: port crypto config
        arm-bsp/corstone1000: apply ts patch to psa crypto api test

  Satish Kumar (1):
        arm-bsp/trusted-service: corstone1000: esrt support

  Vishnu Banavath (4):
        runfvp: corstone1000: add mmc card configuration
        meta-arm-bsp/doc: add readthedocs for corstone1000
        arm-bsp/optee: register DRAM1 for N1SDP target
        arm-bsp:optee: enable optee test for N1SDP target

meta-raspberrypi: 722c51647c..a305f4804b:
  Sung Gon Kim (1):
        libcamera: rename bbappend to match any version

meta-openembedded: 8073ec2275..6ebff843cc:
  Akash Hadke (1):
        audit: Fix compile error for audit_2.8.5

  Alex Kiernan (1):
        lldpd: Upgrade 1.0.14 -> 1.0.15

  Alexander Kanavin (3):
        sip3: remove the recipe
        python3-wxgtk4: skip the recipe
        python3-yappi: mark as incompatible with python 3.11

  Bhupesh Sharma (1):
        android-tools-conf-configfs: Allow handling two or more UDC controllers

  Eero Aaltonen (1):
        valijson: use install task from CMakeLists.txt

  Etienne Cordonnier (1):
        uutils-coreutils: upgrade 0.0.15 -> 0.0.16

  Gianfranco Costamagna (2):
        vboxguestdrivers: upgrade 6.1.38 -> 7.0.0
        vbxguestdrivers: upgrade 7.0.0 -> 7.0.2

  Joshua Watt (3):
        nginx: Add ipv6 support
        iniparser: Add native support
        libzip: Add native support

  Khem Raj (3):
        postfix: Upgrade to 3.7.3
        msktutil: Add recipe
        protobuf: Enable protoc binary in nativesdk

  Leon Anavi (7):
        python3-cheetah: Upgrade 3.2.6 -> 3.2.6.post1
        python3-dill: Upgrade 0.3.5.1 -> 0.3.6
        python3-pythonping: Upgrade 1.1.3 -> 1.1.4
        python3-colorama: Upgrade 0.4.5 -> 0.4.6
        python3-pint: Upgrade 0.19.2 -> 0.20
        python3-traitlets: Upgrade 5.4.0 -> 5.5.0
        python3-py-cpuinfo: Upgrade 8.0.0 -> 9.0.0

  Markus Volk (4):
        perfetto: build libperfetto
        libcamera: upgrade -> 0.0.1
        gtk-vnc: add recipe
        spice-gtk: add recipe

  Meier Boas (1):
        jwt-cpp: add recipe

  Ovidiu Panait (1):
        syzkaller: add recipe and selftest for syzkaller fuzzing

  Peter Marko (2):
        cpputest: remove dev package dependency
        cpputest: add possibility to build extensions

  Robert Joslyn (1):
        fwupd: Fix plugin_gpio PACKAGECONFIG

  Sebastian Trahm (1):
        Add recipe for python3-pytest-json-report

  Tim Orling (5):
        libmime-types-perl: upgrade 2.17 -> 2.22
        libcompress-raw*-perl: move from libio/compress-*
        libio-compress*-perl: cleanup; fixes
        libcompress-raw-*-perl: cleanup; fixes
        packagegroup-meta-perl: mv libcompress-raw-*-perl

  Vincent Davis Jr (2):
        libglvnd: add new recipe libglvnd v1.5.0
        xf86-video-amdgpu: add new recipe xf86-video-amdgpu

  Wang Mingyu (36):
        bats: upgrade 1.8.0 -> 1.8.2
        ctags: upgrade 5.9.20221009.0 -> 5.9.20221016.0
        fvwm: upgrade 2.6.9 -> 2.7.0
        makedumpfile: upgrade 1.7.1 -> 1.7.2
        sanlock: upgrade 3.8.4 -> 3.8.5
        python3-astroid: upgrade 2.12.11 -> 2.12.12
        python3-charset-normalizer: upgrade 2.1.1 -> 3.0.0
        python3-google-api-python-client: upgrade 2.64.0 -> 2.65.0
        python3-google-auth: upgrade 2.12.0 -> 2.13.0
        python3-grpcio-tools: upgrade 1.49.1 -> 1.50.0
        python3-grpcio: upgrade 1.49.1 -> 1.50.0
        python3-huey: upgrade 2.4.3 -> 2.4.4
        python3-incremental: upgrade 21.3.0 -> 22.10.0
        python3-luma-core: upgrade 2.3.1 -> 2.4.0
        python3-oauthlib: upgrade 3.2.1 -> 3.2.2
        python3-pandas: upgrade 1.5.0 -> 1.5.1
        python3-pastedeploy: upgrade 2.1.1 -> 3.0.1
        python3-pika: upgrade 1.3.0 -> 1.3.1
        python3-portalocker: upgrade 2.5.1 -> 2.6.0
        python3-protobuf: upgrade 4.21.7 -> 4.21.8
        python3-pyjwt: upgrade 2.5.0 -> 2.6.0
        python3-pymongo: upgrade 4.2.0 -> 4.3.2
        python3-pywbemtools: upgrade 1.0.0 -> 1.0.1
        python3-robotframework: upgrade 5.0.1 -> 6.0
        python3-socketio: upgrade 5.7.1 -> 5.7.2
        python3-sqlalchemy: upgrade 1.4.41 -> 1.4.42
        tracker-miners: upgrade 3.2.1 -> 3.4.1
        tracker: upgrade 3.4.0 -> 3.4.1
        wolfssl: upgrade 5.5.1 -> 5.5.2
        cglm: upgrade 0.8.5 -> 0.8.7
        ctags: upgrade 5.9.20221016.0 -> 5.9.20221023.0
        flatbuffers: upgrade 22.9.29 -> 22.10.26
        function2: upgrade 4.2.1 -> 4.2.2
        poco: upgrade 1.12.2 -> 1.12.3
        thingsboard-gateway: upgrade 3.1 -> 3.2
        grpc: upgrade 1.50.0 -> 1.50.1

  Xiangyu Chen (1):
        ipmitool: fix typo in .bb file's comments, using = instead of =?

  Zheng Qiu (1):
        jq: improve ptest and disable valgrind by default

  zhengruoqin (5):
        tcpslice: upgrade 1.5 -> 1.6
        tio: upgrade 2.1 -> 2.2
        python3-stevedore: upgrade 4.0.1 -> 4.1.0
        python3-xxhash: upgrade 3.0.0 -> 3.1.0
        python3-zeroconf: upgrade 0.39.1 -> 0.39.2

meta-security: e8e7318189..2aa48e6f4e:
  Armin Kuster (1):
        kas-security-base.yml: make work again

  Gowtham Suresh Kumar (1):
        Update PARSEC recipe to latest v1.1.0 release

  Michael Haener (1):
        tpm2-openssl: update to 1.1.1

poky: 95c802b0be..482c493cf6:
  Adrian Freihofer (3):
        own-mirrors: add crate
        buildconf: compare abspath
        ref-manual: add wic command bootloader ptable option

  Ahmad Fatoum (2):
        kernel-fitimage: mangle slashes to underscores as late as possible
        kernel-fitimage: skip FDT section creation for applicable symlinks

  Alex Kiernan (4):
        u-boot: Remove duplicate inherit of cml1
        u-boot: Add savedefconfig task
        rust: update 1.63.0 -> 1.64.0
        cargo_common.bbclass: Fix typos

  Alexander Kanavin (40):
        rust-target-config: match riscv target names with what rust expects
        rust: install rustfmt for riscv32 as well
        unfs3: correct upstream version check
        gnu-config: update to latest revision
        llvm: update 14.0.6 -> 15.0.1
        grep: update 3.7 -> 3.8
        hdparm: update 9.64 -> 9.65
        stress-ng: update 0.14.03 -> 0.14.06
        vulkan: update 1.3.216.0 -> 1.3.224.1
        wayland-utils: update 1.0.0 -> 1.1.0
        libxft: update 2.3.4 -> 2.3.6
        pinentry: update 1.2.0 -> 1.2.1
        ovmf: upgrade edk2-stable202205 -> edk2-stable202208
        cmake: update 3.24.0 -> 3.24.2
        jquery: upgrade 3.6.0 -> 3.6.1
        python3-dbus: upgrade 1.2.18 -> 1.3.2
        python3-hatch-fancy-pypi-readme: add a recipe
        python3-jsonschema: upgrade 4.9.1 -> 4.16.0
        shadow: update 4.12.1 -> 4.12.3
        lttng-modules: upgrade 2.13.4 -> 2.13.5
        libsoup: upgrade 3.0.7 -> 3.2.0
        libxslt: upgrade 1.1.35 -> 1.1.37
        quilt: backport a patch to address grep 3.8 failures
        python3: update 3.10.6 -> 3.11.0
        cargo-update-recipe-crates.bbclass: add a class to generate SRC_URI crate lists from Cargo.lock
        python3-bcrypt: convert to use cargo-update-recipe-crates class.
        python3-cryptography: convert to cargo-update-recipe-crates class
        groff: submit patches upstream
        tcl: correct patch status
        tcl: correct upstream version check
        lttng-tools: submit determinism.patch upstream
        cmake: drop qt4 patches
        kea: submit patch upstream
        argp-standalone: replace with a maintained fork
        ovmf: correct patches status
        go: submit patch upstream
        libffi: submit patch upstream
        go: update 1.19 -> 1.19.2
        rust-common.bbclass: use built-in rust targets for -native builds
        rust: submit a rewritten version of crossbeam_atomic.patch upstream

  Andrew Geissler (1):
        go: add support to build on ppc64le

  Bartosz Golaszewski (1):
        bluez5: add dbus to RDEPENDS

  Bernhard Rosenkränzer (1):
        cmake-native: Fix host tool contamination

  Bruce Ashfield (3):
        kern-tools: fix relative path processing
        linux-yocto/5.19: update to v5.19.14
        linux-yocto/5.15: update to v5.15.72

  Changhyeok Bae (2):
        ethtool: upgrade 5.19 -> 6.0
        iproute2: upgrade 5.19.0 -> 6.0.0

  Chen Qi (1):
        openssl: export necessary env vars in SDK

  Christian Eggers (1):
        linux-firmware: split rtl8761 firmware

  Claus Stovgaard (1):
        gstreamer1.0-libav: fix errors with ffmpeg 5.x

  Ed Tanous (1):
        openssl: Upgrade 3.0.5 -> 3.0.7

  Etienne Cordonnier (1):
        mirrors.bbclass: use shallow tarball for binutils-native

  Fabio Estevam (1):
        go-mod.bbclass: Remove repeated word

  Frank de Brabander (1):
        cve-update-db-native: add timeout to urlopen() calls

  Hitendra Prajapati (1):
        openssl: CVE-2022-3358 Using a Custom Cipher with NID_undef may lead to NULL encryption

  Jan-Simon Moeller (1):
        buildtools-tarball: export certificates to python and curl

  Jeremy Puhlman (1):
        qemu-native: Add PACKAGECONFIG option for jack

  Johan Korsnes (1):
        bitbake: bitbake: user-manual: inform about spaces in :remove

  Jon Mason (2):
        linux-yocto: add efi entry for machine features
        linux-yocto-dev: add qemuarmv5

  Jose Quaresma (3):
        kernel-yocto: improve fatal error messages of symbol_why.py
        oeqa/selftest/archiver: Add multiconfig test for shared recipes
        archiver: avoid using machine variable as it breaks multiconfig

  Joshua Watt (3):
        runqemu: Fix gl-es argument from causing other arguments to be ignored
        qemu-helper-native: Re-write bridge helper as C program
        runqemu: Do not perturb script environment

  Justin Bronder (1):
        bitbake: asyncrpc: serv: correct closed client socket detection

  Kai Kang (1):
        mesa: only apply patch to fix ALWAYS_INLINE for native

  Keiya Nobuta (2):
        gnutls: Unified package names to lower-case
        create-spdx: Remove ";name=..." for downloadLocation

  Khem Raj (3):
        perf: Depend on native setuptools3
        musl: Upgrade to latest master
        mesa: Add native patch via a variable

  Lee Chee Yang (2):
        migration-guides/release-notes-4.1.rst: update Repositories / Downloads
        migration-guides/release-notes-4.1.rst: update Repositories / Downloads

  Leon Anavi (1):
        python3-manifest.json: Move urllib to netclient

  Liam Beguin (1):
        meson: make wrapper options sub-command specific

  Luca Boccassi (1):
        systemd: add systemd-creds and systemd-cryptenroll to systemd-extra-utils

  Marek Vasut (1):
        bluez5: Point hciattach bcm43xx firmware search path to /lib/firmware

  Mark Asselstine (2):
        bitbake: tests: bb.tests.fetch.URLHandle: add 2 new tests
        bitbake: bitbake: bitbake-layers: checkout layer(s) branch when clone exists

  Mark Hatle (2):
        insane.bbclass: Allow hashlib version that only accepts on parameter
        bitbake: utils/ply: Update md5 to better report errors with hashlib

  Markus Volk (2):
        wayland-protocols: upgrade 1.26 -> 1.27
        mesa: update 22.2.0 -> 22.2.2

  Martin Jansa (3):
        vulkan-samples: add lfs=0 to SRC_URI to avoid git smudge errors in do_unpack
        externalsrc.bbclass: fix git repo detection
        cargo-update-recipe-crates: small improvements

  Maxim Uvarov (2):
        wic: add UEFI kernel as UEFI stub
        wic: bootimg-efi: implement --include-path

  Michael Opdenacker (11):
        manuals: updates for building on Windows (WSL 2)
        ref-manual: classes.rst: add links to all references to a class
        poky.conf: remove Ubuntu 21.10
        bitbake: doc: bitbake-user-manual: expand description of BB_PRESSURE_MAX variables
        bitbake: bitbake-user-manual: details about variable flags starting with underscore
        Documentation/README: formalize guidelines for external link syntax
        manuals: replace "_" by "__" in external links
        manuals: stop referring to the meta-openembedded repo from GitHub
        manuals: add missing references to SDKMACHINE and SDK_ARCH
        manuals: use references to the "Build Directory" term
        create-spdx.bbclass: remove unused SPDX_INCLUDE_PACKAGED

  Mikko Rapeli (6):
        os-release: replace DISTRO_CODENAME with VERSION_CODENAME
        os-release: add HOMEPAGE and link to documentation
        ref-manual: variables.rst: add documentation for CVE_VERSION
        ref-manual: classes.rst: improve documentation for cve-check.bbclass
        dev-manual: common-tasks.rst: add regular updates and CVE scans to security best practices
        dev-manual: common-tasks.rst: refactor and improve "Checking for Vulnerabilities" section

  Ming Liu (1):
        dropbear: add pam to PACKAGECONFIG

  Mingli Yu (1):
        grub: disable build on armv7ve/a with hardfp

  Oliver Lang (2):
        bitbake: cooker: fix a typo
        bitbake: runqueue: fix a typo

  Pablo Saavedra Rodi?o (1):
        weston: update 10.0.2 -> 11.0.0

  Paul Eggleton (2):
        install-buildtools: support buildtools-make-tarball and update to 4.1
        ref-manual: add info on buildtools-make-tarball

  Peter Bergin (1):
        gptfdisk: remove warning message from target system

  Peter Kjellerstedt (3):
        gcc: Allow -Wno-error=poison-system-directories to take effect
        base-passwd: Update to 3.6.1
        externalsrc.bbclass: Remove a trailing slash from ${B}

  Qiu, Zheng (2):
        tiff: fix a typo for CVE-2022-2953.patch
        valgrind: update to 3.20.0

  Quentin Schulz (1):
        docs: add support for langdale (4.1) release

  Richard Purdie (4):
        openssl: Fix SSL_CERT_FILE to match ca-certs location
        bitbake: tests/fetch: Allow handling of a file:// url within a submodule
        patchelf: upgrade 0.15.0 -> 0.16.1
        lttng-modules: upgrade 2.13.5 -> 2.13.7

  Robert Joslyn (1):
        curl: Update 7.85.0 to 7.86.0

  Ross Burton (26):
        populate_sdk_base: ensure ptest-pkgs pulls in ptest-runner
        scripts/oe-check-sstate: cleanup
        scripts/oe-check-sstate: force build to run for all targets, specifically populate_sysroot
        externalsrc: move back to classes
        opkg-utils: use a git clone, not a dynamic snapshot
        oe/packagemanager/rpm: don't leak file objects
        zlib: use .gz archive and set a PREMIRROR
        glib-2.0: fix rare GFileInfo test case failure
        lighttpd: fix CVE-2022-41556
        acpid: upgrade 2.0.33 -> 2.0.34
        python3-hatchling: upgrade 1.9.0 -> 1.10.0
        pango: upgrade 1.50.9 -> 1.50.10
        piglit: upgrade to latest revision
        lsof: upgrade 4.95.0 -> 4.96.3
        zlib: do out-of-tree builds
        zlib: upgrade 1.2.12 -> 1.2.13
        libx11: apply the fix for CVE-2022-3554
        xserver-xorg: ignore CVE-2022-3553 as it is XQuartz-specific
        xserver-xorg: backport fixes for CVE-2022-3550 and CVE-2022-3551
        tiff: fix a number of CVEs
        qemu: backport the fix for CVE-2022-3165
        bitbake: fetch2/git: don't set core.fsyncobjectfiles=0
        sanity: check for GNU tar specifically
        expat: upgrade to 2.5.0
        oeqa/target/ssh: add ignore_status argument to run()
        oeqa/runtime/dnf: rewrite test_dnf_installroot_usrmerge

  Sakib Sajal (1):
        go: update 1.19.2 -> 1.19.3

  Sean Anderson (6):
        uboot-sign: Fix using wrong KEY_REQ_ARGS
        kernel: Clear SYSROOT_DIRS instead of replacing sysroot_stage_all
        kernel-fitimage: Use KERNEL_OUTPUT_DIR where appropriate
        uboot-sign: Use bitbake variables directly
        uboot-sign: Split off kernel-fitimage variables
        u-boot: Rework signing to remove interdependencies

  Sergei Zhmylev (2):
        wic: implement binary repeatable disk identifiers
        wic: honor the SOURCE_DATE_EPOCH in case of updated fstab

  Teoh Jay Shen (1):
        vim: Upgrade 9.0.0598 -> 9.0.0614

  Thomas Perrot (2):
        psplash: add psplash-default in rdepends
        xserver-xorg: move some recommended dependencies in required

  Tim Orling (23):
        python3-cryptography: upgrade 37.0.4 -> 38.0.1
        python3-cryptography-vectors: upgrade 37.0.4 -> 38.0.1
        python3-certifi: upgrade 2022.9.14 -> 2022.9.24
        python3-hypothesis: upgrade 6.54.5 -> 6.56.1
        python3-pyopenssl: upgrade 22.0.0 -> 22.1.0
        python3-bcrypt: upgrade 3.2.2 -> 4.0.0
        python3-sphinx: upgrade 5.1.1 -> 5.2.3
        python3-setuptools-rust: upgrade 1.5.1 -> 1.5.2
        python3-iso8601: upgrade 1.0.2 -> 1.1.0
        python3-poetry-core: upgrade 1.0.8 -> 1.3.2
        git: upgrade 2.37.3 -> 2.38.1
        vim: upgrade 9.0.0614 -> 9.0.0820
        python3-mako: upgrade 1.2.2 -> 1.2.3
        python3-bcrypt: upgrade 4.0.0 -> 4.0.1
        python3-cryptography{-vectors}: 38.0.1 -> 38.0.3
        python3-psutil: upgrade 5.9.2 -> 5.9.3
        python3-pytest: upgrade 7.1.3 -> 7.2.0
        python3-pytest-subtests: upgrade 0.8.0 -> 0.9.0
        python3-hypothesis: upgrade 6.56.1 -> 6.56.4
        python3-more-itertools: upgrade 8.14.0 -> 9.0.0
        python3-pytz: upgrade 2022.4 -> 2022.6
        python3-zipp: upgrade 3.9.0 -> 3.10.0
        python3-sphinx: upgrade 5.2.3 -> 5.3.0

  Vincent Davis Jr (1):
        linux-firmware: package amdgpu firmware

  Vyacheslav Yurkov (1):
        overlayfs: Allow not used mount points

  Xiangyu Chen (1):
        linux-yocto-dev: add qemuarm64

  Yan Xinkuan (1):
        bc: Add ptest.

  ciarancourtney (1):
        wic: swap partitions are not added to fstab

  wangmy (32):
        init-system-helpers: upgrade 1.64 -> 1.65.2
        meson: upgrade 0.63.2 -> 0.63.3
        mtools: upgrade 4.0.40 -> 4.0.41
        dbus: upgrade 1.14.0 -> 1.14.4
        ifupdown: upgrade 0.8.37 -> 0.8.39
        openssh: upgrade 9.0p1 -> 9.1p1
        python3-hatchling: upgrade 1.10.0 -> 1.11.0
        u-boot: upgrade 2022.07 -> 2022.10
        python3-git: upgrade 3.1.27 -> 3.1.28
        python3-importlib-metadata: upgrade 4.12.0 -> 5.0.0
        gnutls: upgrade 3.7.7 -> 3.7.8
        gsettings-desktop-schemas: upgrade 42.0 -> 43.0
        harfbuzz: upgrade 5.1.0 -> 5.3.0
        libcap: upgrade 2.65 -> 2.66
        libical: upgrade 3.0.14 -> 3.0.15
        libva: upgrade 2.15.0 -> 2.16.0
        libva-utils: upgrade 2.15.0 -> 2.16.0
        powertop: upgrade 2.14 -> 2.15
        numactl: upgrade 2.0.15 -> 2.0.16
        python3-pytz: upgrade 2022.2.1 -> 2022.4
        python3-zipp: upgrade 3.8.1 -> 3.9.0
        repo: upgrade 2.29.2 -> 2.29.3
        sqlite3: upgrade 3.39.3 -> 3.39.4
        wpebackend-fdo: upgrade 1.12.1 -> 1.14.0
        xkeyboard-config: upgrade 2.36 -> 2.37
        xz: upgrade 5.2.6 -> 5.2.7
        libksba: upgrade 1.6.0 -> 1.6.2
        libsdl2: upgrade 2.24.0 -> 2.24.1
        libwpe: upgrade 1.12.3 -> 1.14.0
        lttng-ust: upgrade 2.13.4 -> 2.13.5
        btrfs-tools: upgrade 5.19.1 -> 6.0
        lighttpd: upgrade 1.4.66 -> 1.4.67

Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I3322dd0057da9f05bb2ba216fdcda3f569c0493b

5 files changed, 105 insertions, 28 deletions

diff --git a/poky/meta/recipes-devtools/qemu/qemu-helper-native_1.0.bb b/poky/meta/recipes-devtools/qemu/qemu-helper-native_1.0.bb
index aa9e499c77..e297586bbb 100644
--- a/poky/meta/recipes-devtools/qemu/qemu-helper-native_1.0.bb
+++ b/poky/meta/recipes-devtools/qemu/qemu-helper-native_1.0.bb
@@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://${WORKDIR}/tunctl.c;endline=4;md5=ff3a09996bc5fff6bc5
 
 SRC_URI = "\
     file://tunctl.c \
-    file://qemu-oe-bridge-helper \
+    file://qemu-oe-bridge-helper.c \
     "
 
 S = "${WORKDIR}"
@@ -16,13 +16,13 @@ inherit native
 
 do_compile() {
 	${CC} ${CFLAGS} ${LDFLAGS} -Wall tunctl.c -o tunctl
+	${CC} ${CFLAGS} ${LDFLAGS} -Wall qemu-oe-bridge-helper.c -o qemu-oe-bridge-helper
 }
 
 do_install() {
 	install -d ${D}${bindir}
 	install tunctl ${D}${bindir}/
-
-    install -m 755 ${WORKDIR}/qemu-oe-bridge-helper ${D}${bindir}/
+	install qemu-oe-bridge-helper ${D}${bindir}/
 }
 
 DEPENDS += "qemu-system-native"
diff --git a/poky/meta/recipes-devtools/qemu/qemu-helper/qemu-oe-bridge-helper b/poky/meta/recipes-devtools/qemu/qemu-helper/qemu-oe-bridge-helper
deleted file mode 100755
index f057d4eef0..0000000000
--- a/poky/meta/recipes-devtools/qemu/qemu-helper/qemu-oe-bridge-helper
+++ /dev/null
@@ -1,25 +0,0 @@
-#! /bin/sh
-# Copyright 2020 Garmin Ltd. or its subsidiaries
-#
-# SPDX-License-Identifier: GPL-2.0
-#
-# Attempts to find and exec the host qemu-bridge-helper program
-
-# If the QEMU_BRIDGE_HELPER variable is set by the user, exec it.
-if [ -n "$QEMU_BRIDGE_HELPER" ]; then
-    exec "$QEMU_BRIDGE_HELPER" "$@"
-fi
-
-# Search common paths for the helper program
-BN="qemu-bridge-helper"
-PATHS="/usr/libexec/ /usr/lib/qemu/"
-
-for p in $PATHS; do
-    if [ -e "$p/$BN" ]; then
-        exec "$p/$BN" "$@"
-    fi
-done
-
-echo "$BN not found!" > /dev/stderr
-exit 1
-
diff --git a/poky/meta/recipes-devtools/qemu/qemu-helper/qemu-oe-bridge-helper.c b/poky/meta/recipes-devtools/qemu/qemu-helper/qemu-oe-bridge-helper.c
new file mode 100644
index 0000000000..cadf2a012a
--- /dev/null
+++ b/poky/meta/recipes-devtools/qemu/qemu-helper/qemu-oe-bridge-helper.c
@@ -0,0 +1,41 @@
+/*
+ * Copyright 2022 Garmin Ltd. or its subsidiaries
+ *
+ * SPDX-License-Identifier: GPL-2.0
+ *
+ * Attempts to find and exec the host qemu-bridge-helper program
+ */
+
+#include <stdio.h>
+#include <unistd.h>
+
+void try_program(char const* path, char** args) {
+    if (access(path, X_OK) == 0) {
+        execv(path, args);
+    }
+}
+
+int main(int argc, char** argv) {
+    char* var;
+
+    /* Copy arguments so that they are a NULL terminated list, skipping argv[0]
+     * since it is this program name */
+    char** args = malloc(argc * sizeof(char*));
+    for (int i = 0; i < argc - 1; i++) {
+        args[i] = argv[i + 1];
+    }
+    args[argc - 1] = NULL;
+
+    var = getenv("QEMU_BRIDGE_HELPER");
+    if (var && var[0] != '\0') {
+        execvp(var, args);
+        return 1;
+    }
+
+    try_program("/usr/libexec/qemu-bridge-helper", args);
+    try_program("/usr/lib/qemu/qemu-bridge-helper", args);
+
+    fprintf(stderr, "No bridge helper found\n");
+    return 1;
+}
+
diff --git a/poky/meta/recipes-devtools/qemu/qemu.inc b/poky/meta/recipes-devtools/qemu/qemu.inc
index 612abd240a..55aced9f9a 100644
--- a/poky/meta/recipes-devtools/qemu/qemu.inc
+++ b/poky/meta/recipes-devtools/qemu/qemu.inc
@@ -29,6 +29,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \
            file://0010-hw-pvrdma-Protect-against-buggy-or-malicious-guest-d.patch \
            file://0001-net-tulip-Restrict-DMA-engine-to-memories.patch \
            file://arm-cpreg-fix.patch \
+           file://CVE-2022-3165.patch \
            "
 UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar"
 
@@ -198,6 +199,7 @@ PACKAGECONFIG[rdma] = "--enable-rdma,--disable-rdma"
 PACKAGECONFIG[vde] = "--enable-vde,--disable-vde"
 PACKAGECONFIG[slirp] = "--enable-slirp=internal,--disable-slirp"
 PACKAGECONFIG[brlapi] = "--enable-brlapi,--disable-brlapi"
+PACKAGECONFIG[jack] = "--enable-jack,--disable-jack,jack,"
 
 INSANE_SKIP:${PN} = "arch"
 
diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2022-3165.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2022-3165.patch
new file mode 100644
index 0000000000..3b4a6694c2
--- /dev/null
+++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2022-3165.patch
@@ -0,0 +1,59 @@
+CVE: CVE-2022-3165
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From d307040b18bfcb1393b910f1bae753d5c12a4dc7 Mon Sep 17 00:00:00 2001
+From: Mauro Matteo Cascella <mcascell@redhat.com>
+Date: Sun, 25 Sep 2022 22:45:11 +0200
+Subject: [PATCH] ui/vnc-clipboard: fix integer underflow in
+ vnc_client_cut_text_ext
+
+Extended ClientCutText messages start with a 4-byte header. If len < 4,
+an integer underflow occurs in vnc_client_cut_text_ext. The result is
+used to decompress data in a while loop in inflate_buffer, leading to
+CPU consumption and denial of service. Prevent this by checking dlen in
+protocol_client_msg.
+
+Fixes: CVE-2022-3165
+Fixes: 0bf41cab93e5 ("ui/vnc: clipboard support")
+Reported-by: TangPeng <tangpeng@qianxin.com>
+Signed-off-by: Mauro Matteo Cascella <mcascell@redhat.com>
+Message-Id: <20220925204511.1103214-1-mcascell@redhat.com>
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+---
+ ui/vnc.c | 11 ++++++++---
+ 1 file changed, 8 insertions(+), 3 deletions(-)
+
+diff --git a/ui/vnc.c b/ui/vnc.c
+index 6a05d06147..acb3629cd8 100644
+--- a/ui/vnc.c
++++ b/ui/vnc.c
+@@ -2442,8 +2442,8 @@ static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len)
+         if (len == 1) {
+             return 8;
+         }
++        uint32_t dlen = abs(read_s32(data, 4));
+         if (len == 8) {
+-            uint32_t dlen = abs(read_s32(data, 4));
+             if (dlen > (1 << 20)) {
+                 error_report("vnc: client_cut_text msg payload has %u bytes"
+                              " which exceeds our limit of 1MB.", dlen);
+@@ -2456,8 +2456,13 @@ static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len)
+         }
+ 
+         if (read_s32(data, 4) < 0) {
+-            vnc_client_cut_text_ext(vs, abs(read_s32(data, 4)),
+-                                    read_u32(data, 8), data + 12);
++            if (dlen < 4) {
++                error_report("vnc: malformed payload (header less than 4 bytes)"
++                             " in extended clipboard pseudo-encoding.");
++                vnc_client_error(vs);
++                break;
++            }
++            vnc_client_cut_text_ext(vs, dlen, read_u32(data, 8), data + 12);
+             break;
+         }
+         vnc_client_cut_text(vs, read_u32(data, 4), data + 8);
+-- 
+GitLab
+