diff options
author | Patrick Williams <patrick@stwcx.xyz> | 2022-05-01 14:36:13 +0300 |
---|---|---|
committer | Patrick Williams <patrick@stwcx.xyz> | 2022-05-01 14:37:37 +0300 |
commit | e22d42c0b6ed325dcf25896e58673f23556171dd (patch) | |
tree | 92a75887acd8bb560b5e5357f846a81e1f3868db /poky/meta/recipes-devtools | |
parent | d541ec52554ae60b0d5903cccf97905bcaaf209e (diff) | |
download | openbmc-e22d42c0b6ed325dcf25896e58673f23556171dd.tar.xz |
subtree updates
poky: 30b38d9cb9..27de52e402:
Abongwa Amahnui Bonalais (2):
documentation/brief-yoctoprojectqs: add directory for local.conf
dev-manual: add command used to add the signed-off-by line.
Alex Kiernan (1):
kernel: Delete unused KERNEL_LOCALVERSION variable
Alexander Kanavin (4):
webkitgtk: update 2.34.6 -> 2.36.0
epiphany: upgrade 41.3 -> 42.0
itstool: correct upstream version check
webkitgtk: adjust patch status
Bruce Ashfield (2):
linux-yocto-dev: update to v5.18+
lttng-modules: support kernel 5.18+
Davide Gardenal (1):
create-spdx: fix error when symlink cannot be created
Ferry Toth (2):
apt: add apt selftest to test signed package feeds
package_manager: fix missing dependency on gnupg when signing deb package feeds
Jon Mason (2):
linux-yocto: Remove unnecessary, commented out qemuarm entry
qemuarm64: use virtio pci interfaces
Kai Kang (1):
update_udev_hwdb: fix multilib issue with systemd
Khem Raj (8):
webkitgtk: Add missing header locale.h
python3: Do not detect multiarch when cross compiling
kernel-devsrc: Check for gen_vdso_offsets.sh before copying on riscv
babeltrace: Disable warnings as errors
xserver-xorg: Fix build with gcc12
systemtap: Fix build with gcc-12
gnupg: Disable FORTIFY_SOURCES on mips
mdadm: Drop clang specific cflags
Konrad Weihmann (11):
kern-tools-native: add missing license
gmp: add missing COPYINGv3
itstool: add missing COPYING.GPL3
libcap: add pam_cap license
libsdl2: fix license
libidn2: add Unicode-DFS-2016 license
gettext: add MIT conditional as license
python3-pip: correct license
cmake: add missing licenses
git: correct license
ncurses: use COPYING file
Lee Chee Yang (1):
migration-guides: release-notes-4.0: update 'Repositories / Downloads' section
Martin Jansa (1):
systemd-boot: remove outdated EFI_LD comment
Michael Halstead (2):
releases: update for yocto 4.0
set_versions: update for 4.0 release
Michael Opdenacker (1):
migration-guides: release-notes-4.0: mention LTS release
Nicolas Dechesne (1):
migration-guides: stop including documents with ".. include"
Olaf Mandel (1):
bitbake: fetch2/git: canonicalize ids in generated tarballs
Paul Eggleton (9):
migration-3.4: add missing entry on EXTRA_USERS_PARAMS
ref-manual: add a note about hard-coded passwords
ref-manual: mention wildcarding support in INCOMPATIBLE_LICENSE
ref-manual: add mention of vendor filtering to CVE_PRODUCT
ref-manual: add KERNEL_DEBUG_TIMESTAMPS
ref-manual: add empty-dirs QA check and QA_EMPTY_DIRS*
migration-guides: complete migration guide for 4.0
migration-guides: add release notes for 4.0
ref-manual: add ZSTD_THREADS
Paulo Neves (1):
selftest/lic_checksum: Add test for filename containing space
Pavel Zhukov (1):
bitbake: fetch2: Add GIT_SSH_COMMAND to the list of exports
Peter Kjellerstedt (4):
bitbake: pyinotify.py: Simplify identification of which event has occurred
shadow: Disable the use of syslog() for the native tools
u-boot: Correct the SRC_URI
u-boot: Inherit pkgconfig
Quentin Schulz (15):
docs: sphinx-static: switchers.js.in: remove duplicate for outdated versions
docs: set_versions.py: add information about obsolescence of a release
docs: sphinx-static: switchers.js.in: improve obsolete version detection
docs: set_versions.py: fix latest release of a branch being shown twice in switchers.js
docs: set_versions.py: fix latest version of an active release shown as obsolete
docs: update Bitbake objects.inv location for master branch
docs: set_versions.py: mark as obsolete only branches and old tags from obsolete releases
docs: sphinx-static: switchers.js.in: rename all_versions to switcher_versions
docs: sphinx-static: switchers.js.in: fix broken switcher for branches
docs: sphinx-static: switchers.js.in: do not mark branches as outdated
docs: conf.py: fix cve extlinks caption for sphinx <4.0
docs: ref-manual: variables: add hashed password example in EXTRA_USERS_PARAMS
docs: migration-guides: migration-3.4: mention that hardcoded password are supported if hashed
docs: migration-guides: release-notes-4.0: fix risc-v typo
docs: migration-guides: release-notes-4.0: replace kernel placeholder with correct recipe name
Ricardo Salveti (1):
bitbake: fetch2/crate: fix logger.debug line
Richard Purdie (25):
qemu: Add fix for CVE-2022-1050
tiff: Add marker for CVE-2022-1056 being fixed
git: Ignore CVE-2022-24975
Revert "adwaita-icon-theme: upgrade 41.0 -> 42.0"
migration-guide: Kirkstone is now 4.0
local.conf.sample: Update for 4.0 in sstate url
externalsrc/devtool: Fix to work with fixed export funcition flags handling
sanity: Show a warning that make 4.2.1 is buggy on non-ubuntu systems
runqemu: Allow auto detection of the correct graphics options
bitbake: checksum: Allow spaces in URI filenames
bitbake: ast: Improve function flags handling for EXPORT_FUNCTIONS
rxvt-unicode: Fix icon name
puzzles: Drop broken icon
build-appliance-image: Update to master head revision
build-appliance-image: Update to master head revision
bluez5: Add fix for startup issues under systemd
build-appliance-image: Update to master head revision
alsa-tools: Ensure we install correctly
libxshmfence: Correct LICENSE to HPND
bitbake.conf: Correct BB_SIGNATURE_EXCLUDE_FLAGS
git: Upgrade 2.35.1 -> 2.35.2
build-appliance-image: Update to master head revision
build-appliance: Switch to kirkstone branch
ref-manual: Add XZ_THREADS and XZ_MEMLIMIT
buildtools-tarball: Only add cert envvars if certs are included
Schmidt, Adriaan (1):
bitbake: bitbake-diffsigs: make finding of changed signatures more robust
Scott Murray (1):
runqemu: Do not auto detect graphics if publicvnc is specified
Steve Sakoman (2):
busybox: fix CVE-2022-28391
lua: fix CVE-2022-28805
wangmy (5):
linux-firmware: upgrade 20220310 -> 20220411
libsoup: upgrade 3.0.5 -> 3.0.6
apt: upgrade 2.4.3 -> 2.4.4
libusb1: upgrade 1.0.25 -> 1.0.26
libgit2: upgrade 1.4.2 -> 1.4.3
zhengruoqin (3):
wireless-regdb: upgrade 2022.02.18 -> 2022.04.08
git: upgrade 2.35.2 -> 2.35.3
ruby: upgrade 3.1.1 -> 3.1.2
meta-openembedded: 1888971b1f..bb2b5b31a8:
Alex Kiernan (2):
audit: Upgrade 3.0.6 -> 3.0.7
mosh: Drop perl dependencies from server
Andreas Müller (21):
libnma: upgrade 1.8.36 -> 1.8.38
gnome-control-center: upgrade 41.2 -> 42.0
gnome-flashback: upgrade 3.42.1 -> 3.44.0
gnome-panel: upgrade 3.42.0 -> 3.44.0
gnome-session: upgrade 41.3 -> 42.0
gnome-shell-extensions: upgrade 41.1 -> 42.0
gthumb: upgrade 3.12.0 -> 3.12.2
ibus: upgrade 1.5.23+ -> 1.5.26
libportal: upgrade 0.5 -> 0.6
network-manager-applet: upgrade 1.24.0 -> 1.24.0
sysprof: upgrade 3.42.1 -> 3.44.0
gnome-shell: fix bluetooth PACKAGECONFIG
packagegroup-gnome-desktop: replace gnome-bluetooth by gnome-bluetooth4
gnome-bluetooth: avoid clashes with gnome-bluetooth4
gnome-bluetooth: rename recipes to avoid suffix in future
gnome-bluetooth: Add PACKAGECONFIG pulseaudio and filter by distro-feature
gnome-backgrounds: upgrade 41.0 -> 42.0
gnome-settings-daemon: upgrade 41.0 -> 42.1
libgweather4: Fix introspection build
gjs: Add cairo to DEPENDS unconditionally
gnome-shell-extensions: Stop copying gnome-classic session to wayland
Andrej Valek (1):
poco: upgrade 1.11.1 -> 1.11.2
Armin Kuster (1):
meta-openemnedded: Add myself as kirkstone maintainer
Ben Fekih, Hichem (1):
sdbus-c++-libsystemd: bugfix dev package is not installed
Changqing Li (1):
drbd-utils: fix for usrmerge
Dmitry Baryshkov (1):
gpsd: split python utils from gps-utils
Jan Vermaete (1):
netdata: version bump 1.33.1 -> 1.34.1
KARN JYE LAU (1):
icewm:include imlib2-loaders package
Kai Kang (1):
python3-blivetgui: use symbolic list-add and edit- icons
Khem Raj (31):
dbus-cxx: Include missing <utility> header
safec: Upgrade to 3.7.1
mongodb: Update to 4.4.13
libkcapi: Upgrade to 1.4.0
libpfm4: Remove -Werror from compiler flags
parallel-deqp-runner: Fix build with gcc 12
glmark2: Fix build with gcc12
memcached: Upgrade to 1.6.15
tvheadend: Update to latest trunk
ot-br-posix: Disable Wsign-compare for clang
opensaf: Fix build with gcc 12
boost-sml: Disable examples
mpich: Add new directory modules/hwloc/config to search path
gnulib: Do not use git operations to install the sources
sysprof: Fix build to work with llvm libunwind
linuxconsole: Fix makefile issue found with clang
mongodb: Fix aarch64 build with gcc12
libcereal: Link libatomics with gcc as well
wpantund: Add missing dependency on boost
gimp: Disable vector icons on 32bit systems
mozjs-91: Upgrade to 91.8.0
mozjs-78: Switch to system libicu
nodejs: Upgrade to 16.14.2
ot-br-posix: Fix build with gcc
dlt-daemon: Fix build on rv32/rv64
grpc: Fix build with rv32/rv64
ltrace: Fix build on ppc64 with gcc12
opencv: Fix build with gcc-12 on ppc64
mozjs-91: Disable strip
mozjs-91: Add option to use system ICU
sysprof: Remove libunwind on rv32
Leon Anavi (2):
python3-bitstruct: Upgrade 8.13.0 -> 8.14.0
python3-marshmallow: Upgrade 3.14.1 -> 3.15.0
Marguet, Nicolas (1):
openjpeg: fix CVE-2022-1122
Mingli Yu (2):
tgt: move from meta-openstack
libconfig-general-perl: move from meta-openstack
Oleksandr Kravchuk (4):
htpdate: update to 1.3.3
redis: upgrade to 7.0-rc3
pkcs11-helper: fix PV
python3-imgtool: update to 1.9.0
Peter Kjellerstedt (3):
gpsd: Only copy the Python files if they are created
poppler: Support building for native
gpsd: Correct the creation of the gps-utils-python package
Preeti Sachan (1):
gnuplot: inherit pkgconfig
Suhrid_S (1):
clinfo: Upgrade 2.2.18.04.06 -> 3.0.21.02.21
Trevor Gamblin (2):
nftables: add ptest
phoronix-test-suite: upgrade 10.8.1 -> 10.8.2
Xu Huan (10):
python3-redis: upgrade 4.2.1 -> 4.2.2
python3-sentry-sdk: upgrade 1.5.7 -> 1.5.8
python3-sqlalchemy: upgrade 1.4.34 -> 1.4.35
python3-graphviz: upgrade 0.19.1 -> 0.19.2
python3-kivy: upgrade 2.0.0 -> 2.1.0
python3-aenum: upgrade 3.1.8 -> 3.1.11
python3-aws-iot-device-sdk-python: upgrade 1.5.1 -> 1.5.2
python3-cmd2: upgrade 2.4.0 -> 2.4.1
python3-django: upgrade 2.2.27 -> 2.2.28
python3-imageio: upgrade 2.16.1 -> 2.17.0
Yi Zhao (4):
frr: add recipe
libldb: upgrade 2.3.2 -> 2.3.3
samba: upgrade 4.14.12 -> 4.14.13
frr: install correct initscript
wangmy (31):
nbdkit: upgrade 1.25.7 -> 1.30.2
icewm: upgrade 2.9.0 -> 2.9.6
lapack: upgrade 3.9.0 -> 3.10.0
libbpf: upgrade 0.5.0 -> 0.7.0
libmtp: upgrade 1.1.18 -> 1.1.19
logwatch: upgrade 7.5.3 -> 7.6
mpich: upgrade 3.4.3 -> 4.0.2
libvpx: upgrade 1.8.2 -> 1.11.0
linuxconsole: upgrade 1.7.0 -> 1.7.1
mercurial: upgrade 5.5 -> 6.1
ocl-icd: upgrade 2.3.0 -> 2.3.1
octave: upgrade 6.4.0 -> 7.1.0
rdma-core: upgrade 39.0 -> 40.0
pam-plugin-ldapdb: upgrade 1.3 -> 1.3.1
pax-utils: upgrade 1.2.2 -> 1.3.3
pcsc-tools: upgrade 1.5.8 -> 1.6.0
pegtl: upgrade 3.2.1 -> 3.2.5
qpdf: upgrade 10.5.0 -> 10.6.3
s-nail: upgrade 14.9.23 -> 14.9.24
smcroute: upgrade 2.5.4 -> 2.5.5
squashfs-tools-ng: upgrade 1.0.2 -> 1.1.4
st: upgrade 0.8.4 -> 0.8.5
tracker: upgrade 3.2.1 -> 3.3.0
thingsboard-gateway: upgrade 2.8 -> 2.9
thrift: upgrade 0.14.2 -> 0.16.0
toybox: upgrade 0.8.5 -> 0.8.6
unbound: upgrade 1.13.2 -> 1.15.0
twm: upgrade 1.0.11 -> 1.0.12
unixodbc: upgrade 2.3.7 -> 2.3.9
xterm: upgrade 368 -> 372
python3-cppy: upgrade 1.2.0 -> 1.2.1
zhengruoqin (5):
python3-google-api-python-client: upgrade 2.42.0 -> 2.43.0
python3-googleapis-common-protos: upgrade 1.54.0 -> 1.56.0
python3-nocaselist: upgrade 1.0.4 -> 1.0.5
python3-pylint: upgrade 2.13.2 -> 2.13.5
python3-nocasedict: upgrade 1.0.2 -> 1.0.3
meta-raspberrypi: 83f5577d8d..0135a02ea5:
Andrei Gherzan (19):
raspberrypi-firmware: Update to 20220331
linux-raspberrypi: Update 5.15 recipe to 5.15.34
linux-raspberrypi: Update 5.10 recipe to 5.10.110
bcm2835: Update to 1.71
pi-blaster: Uprev the recipe
linux-firmware-rpidistro: Update to 20210315-3+rpt4
raspi-gpio: Uprev revision to current HEAD of master branch
python3-rtimu: Upgrade to 7.2.1
rpio: Upgrade to 0.10.1
python3-adafruit-pureio: Uprade to 1.1.8
python3-adafruit-platformdetect: Upgrade to 3.22.1
python3-adafruit-circuitpython-register: Upgrade to 1.9.8
rpi-basic-image: Drop image
rpi-hwup-image: Drop image
packagegroup-rpi-test: Include more packages
ci: Use test builds with the test image
docs: Drop mention of deprecated images
docs: Bump copyright year
rpi-base.inc: Add MCP3008 ADC overlay
Davide Gardenal (1):
bluez-firmware-rpidistro: Add compatibility to oe-core/create-spdx
Jan Vermaete (1):
docs: link to latest documentation of kas
Khem Raj (1):
python3-sense-hat: Use specific BSD license
Meng Li (1):
u-boot: Remove the randundant patch
meta-security: 498ca39cd6..93f2146211:
Anton Antonov (1):
Upgrade parsec-service to 1.0.0 and parsec-tool to 0.5.2
Joe Slater (1):
LICENSE: update to SPDX standard names
Petr Gotthard (6):
tpm2-tools: fix missing version number
tpm2-openssl: update to 1.1.0
tpm2-tss: update to 3.2.0
tpm2-abrmd: update to 2.4.1
tpm2-tss-engine: fix version string and build with openssl 3.0
tpm2-pkcs11: update to 1.8.0
Ranjitsinh Rathod (1):
samhain.inc: Correct LICENSE to GPL-2.0-only
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I65c1aa83e6068b57ba668bc876919f77eea16aeb
Diffstat (limited to 'poky/meta/recipes-devtools')
-rw-r--r-- | poky/meta/recipes-devtools/apt/apt_2.4.4.bb (renamed from poky/meta/recipes-devtools/apt/apt_2.4.3.bb) | 2 | ||||
-rw-r--r-- | poky/meta/recipes-devtools/cmake/cmake-native_3.22.3.bb | 8 | ||||
-rw-r--r-- | poky/meta/recipes-devtools/cmake/cmake_3.22.3.bb | 7 | ||||
-rw-r--r-- | poky/meta/recipes-devtools/git/git_2.35.3.bb (renamed from poky/meta/recipes-devtools/git/git_2.35.1.bb) | 20 | ||||
-rw-r--r-- | poky/meta/recipes-devtools/lua/lua/CVE-2022-28805.patch | 26 | ||||
-rw-r--r-- | poky/meta/recipes-devtools/lua/lua_5.4.4.bb | 1 | ||||
-rw-r--r-- | poky/meta/recipes-devtools/python/python3-pip_22.0.3.bb | 32 | ||||
-rw-r--r-- | poky/meta/recipes-devtools/python/python3/0001-setup.py-Do-not-detect-multiarch-paths-when-cross-co.patch | 42 | ||||
-rw-r--r-- | poky/meta/recipes-devtools/python/python3_3.10.4.bb | 1 | ||||
-rw-r--r-- | poky/meta/recipes-devtools/qemu/qemu.inc | 1 | ||||
-rw-r--r-- | poky/meta/recipes-devtools/qemu/qemu/pvrdma.patch | 45 | ||||
-rw-r--r-- | poky/meta/recipes-devtools/ruby/ruby_3.1.2.bb (renamed from poky/meta/recipes-devtools/ruby/ruby_3.1.1.bb) | 2 |
12 files changed, 180 insertions, 7 deletions
diff --git a/poky/meta/recipes-devtools/apt/apt_2.4.3.bb b/poky/meta/recipes-devtools/apt/apt_2.4.4.bb index 27e455747f..9faf1e7ea9 100644 --- a/poky/meta/recipes-devtools/apt/apt_2.4.3.bb +++ b/poky/meta/recipes-devtools/apt/apt_2.4.4.bb @@ -25,7 +25,7 @@ SRC_URI:append:class-nativesdk = " \ file://0001-Revert-always-run-dpkg-configure-a-at-the-end-of-our.patch \ " -SRC_URI[sha256sum] = "5a7215ca924302da0b2205862cd2d651326eea222a589184ec6ce663885729f7" +SRC_URI[sha256sum] = "d6d83d122ddd7cc83b2c2f839a55940c13ab93e5cf6024a010d6a6b4110dcf0e" LIC_FILES_CHKSUM = "file://COPYING.GPL;md5=b234ee4d69f5fce4486a80fdaf4a4263" # the package is taken from snapshots.debian.org; that source is static and goes stale diff --git a/poky/meta/recipes-devtools/cmake/cmake-native_3.22.3.bb b/poky/meta/recipes-devtools/cmake/cmake-native_3.22.3.bb index 8293fe5e56..ee1f7761c4 100644 --- a/poky/meta/recipes-devtools/cmake/cmake-native_3.22.3.bb +++ b/poky/meta/recipes-devtools/cmake/cmake-native_3.22.3.bb @@ -9,6 +9,14 @@ SRC_URI += "file://OEToolchainConfig.cmake \ file://0005-Disable-use-of-ext2fs-ext2_fs.h-by-cmake-s-internal-.patch \ " +LICENSE:append = " & BSD-1-Clause & MIT & BSD-2-Clause" +LIC_FILES_CHKSUM:append = " \ + file://Utilities/cmjsoncpp/LICENSE;md5=fa2a23dd1dc6c139f35105379d76df2b \ + file://Utilities/cmlibarchive/COPYING;md5=d499814247adaee08d88080841cb5665 \ + file://Utilities/cmexpat/COPYING;md5=9e2ce3b3c4c0f2670883a23bbd7c37a9 \ + file://Utilities/cmlibrhash/COPYING;md5=a8c2a557a5c53b1c12cddbee98c099af \ + file://Utilities/cmlibuv/LICENSE;md5=a68902a430e32200263d182d44924d47 \ +" B = "${WORKDIR}/build" do_configure[cleandirs] = "${B}" diff --git a/poky/meta/recipes-devtools/cmake/cmake_3.22.3.bb b/poky/meta/recipes-devtools/cmake/cmake_3.22.3.bb index e111dd3c5a..752c37ba7d 100644 --- a/poky/meta/recipes-devtools/cmake/cmake_3.22.3.bb +++ b/poky/meta/recipes-devtools/cmake/cmake_3.22.3.bb @@ -12,6 +12,13 @@ SRC_URI:append:class-nativesdk = " \ file://0001-CMakeDetermineSystem-use-oe-environment-vars-to-load.patch \ " +LICENSE:append = " & BSD-1-Clause & MIT" +LIC_FILES_CHKSUM:append = " \ + file://Utilities/cmjsoncpp/LICENSE;md5=fa2a23dd1dc6c139f35105379d76df2b \ + file://Utilities/cmlibrhash/COPYING;md5=a8c2a557a5c53b1c12cddbee98c099af \ + file://Utilities/cmlibuv/LICENSE;md5=a68902a430e32200263d182d44924d47 \ +" + # Strip ${prefix} from ${docdir}, set result into docdir_stripped python () { prefix=d.getVar("prefix") diff --git a/poky/meta/recipes-devtools/git/git_2.35.1.bb b/poky/meta/recipes-devtools/git/git_2.35.3.bb index 47c2211864..68981d4fde 100644 --- a/poky/meta/recipes-devtools/git/git_2.35.1.bb +++ b/poky/meta/recipes-devtools/git/git_2.35.3.bb @@ -2,7 +2,7 @@ SUMMARY = "Distributed version control system" HOMEPAGE = "http://git-scm.com" DESCRIPTION = "Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency." SECTION = "console/utils" -LICENSE = "GPL-2.0-only" +LICENSE = "GPL-2.0-only & GPL-2.0-or-later & BSD-3-Clause & MIT & BSL-1.0 & LGPL-2.1-or-later" DEPENDS = "openssl zlib" PROVIDES:append:class-native = " git-replacement-native" @@ -14,10 +14,24 @@ SRC_URI = "${KERNELORG_MIRROR}/software/scm/git/git-${PV}.tar.gz;name=tarball \ S = "${WORKDIR}/git-${PV}" -LIC_FILES_CHKSUM = "file://COPYING;md5=7c0d7ef03a7eb04ce795b0f60e68e7e1" +LIC_FILES_CHKSUM = "\ + file://COPYING;md5=7c0d7ef03a7eb04ce795b0f60e68e7e1 \ + file://reftable/LICENSE;md5=1a6424cafc4c9c88c689848e165af33b \ + file://sha1dc/LICENSE.txt;md5=9bbe4c990a9e98ea4b98ef5d3bcb8a7a \ + file://compat/nedmalloc/License.txt;md5=e4224ccaecb14d942c71d31bef20d78c \ + file://compat/inet_ntop.c;md5=76593c6f74e8ced5b24520175688d59b;endline=16 \ + file://compat/obstack.h;md5=08ad25fee5428cd879ceef451ce3a22e;endline=18 \ + file://compat/poll/poll.h;md5=9fc00170a53b8e3e52157c91ac688dd1;endline=19 \ + file://compat/regex/regex.h;md5=30cc8af0e6f0f8a25acec6d8783bb763;beginline=4;endline=22 \ +" CVE_PRODUCT = "git-scm:git" +# This is about a manpage not mentioning --mirror may "leak" information +# in mirrored git repos. Most OE users wouldn't build the docs and +# we don't see this as a major issue for our general users/usecases. +CVE_CHECK_IGNORE += "CVE-2022-24975" + PACKAGECONFIG ??= "expat curl" PACKAGECONFIG[cvsserver] = "" PACKAGECONFIG[svn] = "" @@ -151,4 +165,4 @@ EXTRA_OECONF += "ac_cv_snprintf_returns_bogus=no \ " EXTRA_OEMAKE += "NO_GETTEXT=1" -SRC_URI[tarball.sha256sum] = "9845a37dd01f9faaa7d8aa2078399d3aea91b43819a5efea6e2877b0af09bd43" +SRC_URI[tarball.sha256sum] = "cad708072d5c0b390c71651f5edb44143f00b357766973470bf9adebc0944c03" diff --git a/poky/meta/recipes-devtools/lua/lua/CVE-2022-28805.patch b/poky/meta/recipes-devtools/lua/lua/CVE-2022-28805.patch new file mode 100644 index 0000000000..3680c715a7 --- /dev/null +++ b/poky/meta/recipes-devtools/lua/lua/CVE-2022-28805.patch @@ -0,0 +1,26 @@ +From 1f3c6f4534c6411313361697d98d1145a1f030fa Mon Sep 17 00:00:00 2001 +From: Roberto Ierusalimschy <roberto@inf.puc-rio.br> +Date: Tue, 15 Feb 2022 12:28:46 -0300 +Subject: [PATCH] Bug: Lua can generate wrong code when _ENV is <const> + +CVE: CVE-2022-28805 + +Upstream-Status: Backport [https://github.com/lua/lua/commit/1f3c6f4534c6411313361697d98d1145a1f030fa] + +Signed-off-by: Steve Sakoman <steve@sakoman.com> +--- + src/lparser.c | 1 + + 1 files changed, 1 insertions(+) + +diff --git a/src/lparser.c b/src/lparser.c +index 3abe3d751..a5cd55257 100644 +--- a/src/lparser.c ++++ b/src/lparser.c +@@ -468,6 +468,7 @@ static void singlevar (LexState *ls, expdesc *var) { + expdesc key; + singlevaraux(fs, ls->envn, var, 1); /* get environment variable */ + lua_assert(var->k != VVOID); /* this one must exist */ ++ luaK_exp2anyregup(fs, var); /* but could be a constant */ + codestring(&key, varname); /* key is variable name */ + luaK_indexed(fs, var, &key); /* env[varname] */ + } diff --git a/poky/meta/recipes-devtools/lua/lua_5.4.4.bb b/poky/meta/recipes-devtools/lua/lua_5.4.4.bb index f50328ecfd..d704841378 100644 --- a/poky/meta/recipes-devtools/lua/lua_5.4.4.bb +++ b/poky/meta/recipes-devtools/lua/lua_5.4.4.bb @@ -6,6 +6,7 @@ HOMEPAGE = "http://www.lua.org/" SRC_URI = "http://www.lua.org/ftp/lua-${PV}.tar.gz;name=tarballsrc \ file://lua.pc.in \ + file://CVE-2022-28805.patch \ ${@bb.utils.contains('DISTRO_FEATURES', 'ptest', 'http://www.lua.org/tests/lua-${PV_testsuites}-tests.tar.gz;name=tarballtest file://run-ptest ', '', d)} \ " diff --git a/poky/meta/recipes-devtools/python/python3-pip_22.0.3.bb b/poky/meta/recipes-devtools/python/python3-pip_22.0.3.bb index ee3e578b2c..09a305edf8 100644 --- a/poky/meta/recipes-devtools/python/python3-pip_22.0.3.bb +++ b/poky/meta/recipes-devtools/python/python3-pip_22.0.3.bb @@ -1,8 +1,36 @@ SUMMARY = "The PyPA recommended tool for installing Python packages" HOMEPAGE = "https://pypi.org/project/pip" SECTION = "devel/python" -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=63ec52baf95163b597008bb46db68030" +LICENSE = "MIT & Apache-2.0 & MPL-2.0 & LGPL-2.1-only & BSD-3-Clause & PSF-2.0 & BSD-2-Clause" +LIC_FILES_CHKSUM = "\ + file://LICENSE.txt;md5=63ec52baf95163b597008bb46db68030 \ + file://src/pip/_vendor/cachecontrol/LICENSE.txt;md5=6572692148079ebbbd800be4b9f36c6d \ + file://src/pip/_vendor/certifi/LICENSE;md5=67da0714c3f9471067b729eca6c9fbe8 \ + file://src/pip/_vendor/chardet/LICENSE;md5=a6f89e2100d9b6cdffcea4f398e37343 \ + file://src/pip/_vendor/colorama/LICENSE.txt;md5=b4936429a56a652b84c5c01280dcaa26 \ + file://src/pip/_vendor/distlib/LICENSE.txt;md5=f6a11430d5cd6e2cd3832ee94f22ddfc \ + file://src/pip/_vendor/distro.LICENSE;md5=d2794c0df5b907fdace235a619d80314 \ + file://src/pip/_vendor/html5lib/LICENSE;md5=1ba5ada9e6fead1fdc32f43c9f10ba7c \ + file://src/pip/_vendor/idna/LICENSE.md;md5=239668a7c6066d9e0c5382e9c8c6c0e1 \ + file://src/pip/_vendor/msgpack/COPYING;md5=cd9523181d9d4fbf7ffca52eaa2a5751 \ + file://src/pip/_vendor/packaging/LICENSE;md5=faadaedca9251a90b205c9167578ce91 \ + file://src/pip/_vendor/packaging/LICENSE.APACHE;md5=2ee41112a44fe7014dce33e26468ba93 \ + file://src/pip/_vendor/pep517/LICENSE;md5=aad69c93f605003e3342b174d9b0708c \ + file://src/pip/_vendor/pkg_resources/LICENSE;md5=9a33897f1bca1160d7aad3835152e158 \ + file://src/pip/_vendor/platformdirs/LICENSE.txt;md5=282c970bb844954c8535dd6e9733db7f \ + file://src/pip/_vendor/progress/LICENSE;md5=00ab78a4113b09aacf63d762a7bb9644 \ + file://src/pip/_vendor/pygments/LICENSE;md5=98419e351433ac106a24e3ad435930bc \ + file://src/pip/_vendor/pyparsing/LICENSE;md5=657a566233888513e1f07ba13e2f47f1 \ + file://src/pip/_vendor/requests/LICENSE;md5=34400b68072d710fecd0a2940a0d1658 \ + file://src/pip/_vendor/resolvelib/LICENSE;md5=78e1c0248051c32a38a7f820c30bd7a5 \ + file://src/pip/_vendor/rich/LICENSE;md5=b5f0b94fbc94f5ad9ae4efcf8a778303 \ + file://src/pip/_vendor/six.LICENSE;md5=43cfc9e4ac0e377acfb9b76f56b8415d \ + file://src/pip/_vendor/tenacity/LICENSE;md5=175792518e4ac015ab6696d16c4f607e \ + file://src/pip/_vendor/tomli/LICENSE;md5=aaaaf0879d17df0110d1aa8c8c9f46f5 \ + file://src/pip/_vendor/typing_extensions.LICENSE;md5=64fc2b30b67d0a8423c250e0386ed72f \ + file://src/pip/_vendor/urllib3/LICENSE.txt;md5=c2823cb995439c984fd62a973d79815c \ + file://src/pip/_vendor/webencodings/LICENSE;md5=81fb24cd7823cce23b69f721993dce4d \ +" inherit pypi python_setuptools_build_meta diff --git a/poky/meta/recipes-devtools/python/python3/0001-setup.py-Do-not-detect-multiarch-paths-when-cross-co.patch b/poky/meta/recipes-devtools/python/python3/0001-setup.py-Do-not-detect-multiarch-paths-when-cross-co.patch new file mode 100644 index 0000000000..1844e0efa3 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3/0001-setup.py-Do-not-detect-multiarch-paths-when-cross-co.patch @@ -0,0 +1,42 @@ +From dc966f1278c1077938626d682666767d2c8d0c72 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Sat, 9 Apr 2022 18:29:47 +0000 +Subject: [PATCH] setup.py: Do not detect multiarch paths when cross-compiling + +add_multiarch_paths() function relies on host tools like dpkg-configure +to operate, which is not good when cross compiling, since it ends up +adding native paths in includes in certain cases, e.g. when building +for aarch64 targets using aarch64 build hosts running debian-like +distributions e.g. ubuntu, it ends up adding native multiarch paths +-I/usr/include/aarch64-linux-gnu during cross compile and since arches +are so similar, cross compiler (epecially clang) is inhererently configured +with multiarch ends up adding these paths to compiler cmdline which +works ok with gcc since headers are similar but clang barfs on some gcc +extentions and build fails due to missing gnu extentions but it silently +compiles when using cross gcc. + +Fixes python3 cross build by not running this funciton when cross compiling + +Upstream-Status: Inappropriate [OE-Specific] +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + setup.py | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/setup.py b/setup.py +index 2e7f263..f7a3d39 100644 +--- a/setup.py ++++ b/setup.py +@@ -840,7 +840,8 @@ class PyBuildExt(build_ext): + # only change this for cross builds for 3.3, issues on Mageia + if CROSS_COMPILING: + self.add_cross_compiling_paths() +- self.add_multiarch_paths() ++ if not CROSS_COMPILING: ++ self.add_multiarch_paths() + self.add_ldflags_cppflags() + + def init_inc_lib_dirs(self): +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/python/python3_3.10.4.bb b/poky/meta/recipes-devtools/python/python3_3.10.4.bb index 522f0d71ee..7eaafe34ad 100644 --- a/poky/meta/recipes-devtools/python/python3_3.10.4.bb +++ b/poky/meta/recipes-devtools/python/python3_3.10.4.bb @@ -32,6 +32,7 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \ file://makerace.patch \ file://0001-sysconfig.py-use-platlibdir-also-for-purelib.patch \ file://0001-Lib-pty.py-handle-stdin-I-O-errors-same-way-as-maste.patch \ + file://0001-setup.py-Do-not-detect-multiarch-paths-when-cross-co.patch \ " SRC_URI:append:class-native = " \ diff --git a/poky/meta/recipes-devtools/qemu/qemu.inc b/poky/meta/recipes-devtools/qemu/qemu.inc index 9f2fa4322e..4e94c4b2bf 100644 --- a/poky/meta/recipes-devtools/qemu/qemu.inc +++ b/poky/meta/recipes-devtools/qemu/qemu.inc @@ -32,6 +32,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \ file://0001-Define-MAP_SYNC-and-MAP_SHARED_VALIDATE-on-needed-li.patch \ file://0001-vhost-vsock-detach-the-virqueue-element-in-case-of-e.patch \ file://0002-virtio-net-fix-map-leaking-on-error-during-receive.patch \ + file://pvrdma.patch \ " UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar" diff --git a/poky/meta/recipes-devtools/qemu/qemu/pvrdma.patch b/poky/meta/recipes-devtools/qemu/qemu/pvrdma.patch new file mode 100644 index 0000000000..7b0335b1dc --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/pvrdma.patch @@ -0,0 +1,45 @@ +hw/pvrdma: Protect against buggy or malicious guest driver + +Guest driver might execute HW commands when shared buffers are not yet +allocated. +This might happen on purpose (malicious guest) or because some other +guest/host address mapping. +We need to protect againts such case. + +Reported-by: Mauro Matteo Cascella <mcascell@redhat.com> +Signed-off-by: Yuval Shaia <yuval.shaia.ml@gmail.com> + +CVE: CVE-2022-1050 +Upstream-Status: Submitted [https://lists.nongnu.org/archive/html/qemu-devel/2022-03/msg05197.html] + +Index: qemu-6.2.0/hw/rdma/vmw/pvrdma_cmd.c +=================================================================== +--- qemu-6.2.0.orig/hw/rdma/vmw/pvrdma_cmd.c ++++ qemu-6.2.0/hw/rdma/vmw/pvrdma_cmd.c +@@ -796,6 +796,12 @@ int pvrdma_exec_cmd(PVRDMADev *dev) + + dsr_info = &dev->dsr_info; + ++ if (!dsr_info->dsr) { ++ /* Buggy or malicious guest driver */ ++ rdma_error_report("Exec command without dsr, req or rsp buffers"); ++ goto out; ++ } ++ + if (dsr_info->req->hdr.cmd >= sizeof(cmd_handlers) / + sizeof(struct cmd_handler)) { + rdma_error_report("Unsupported command"); +Index: qemu-6.2.0/hw/rdma/vmw/pvrdma_main.c +=================================================================== +--- qemu-6.2.0.orig/hw/rdma/vmw/pvrdma_main.c ++++ qemu-6.2.0/hw/rdma/vmw/pvrdma_main.c +@@ -249,7 +249,8 @@ static void init_dsr_dev_caps(PVRDMADev + { + struct pvrdma_device_shared_region *dsr; + +- if (dev->dsr_info.dsr == NULL) { ++ if (!dev->dsr_info.dsr) { ++ /* Buggy or malicious guest driver */ + rdma_error_report("Can't initialized DSR"); + return; + } diff --git a/poky/meta/recipes-devtools/ruby/ruby_3.1.1.bb b/poky/meta/recipes-devtools/ruby/ruby_3.1.2.bb index d8fddfa520..38ba46731b 100644 --- a/poky/meta/recipes-devtools/ruby/ruby_3.1.1.bb +++ b/poky/meta/recipes-devtools/ruby/ruby_3.1.2.bb @@ -14,7 +14,7 @@ SRC_URI += " \ file://0001-vm_dump.c-Define-REG_S1-and-REG_S2-for-musl-riscv.patch \ " -SRC_URI[sha256sum] = "fe6e4782de97443978ddba8ba4be38d222aa24dc3e3f02a6a8e7701c0eeb619d" +SRC_URI[sha256sum] = "61843112389f02b735428b53bb64cf988ad9fb81858b8248e22e57336f24a83e" PACKAGECONFIG ??= "" PACKAGECONFIG += "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}" |