summaryrefslogtreecommitdiff
path: root/poky/meta/recipes-devtools
diff options
context:
space:
mode:
authorPatrick Williams <patrick@stwcx.xyz>2022-05-01 14:36:13 +0300
committerPatrick Williams <patrick@stwcx.xyz>2022-05-01 14:37:37 +0300
commite22d42c0b6ed325dcf25896e58673f23556171dd (patch)
tree92a75887acd8bb560b5e5357f846a81e1f3868db /poky/meta/recipes-devtools
parentd541ec52554ae60b0d5903cccf97905bcaaf209e (diff)
downloadopenbmc-e22d42c0b6ed325dcf25896e58673f23556171dd.tar.xz
subtree updates
poky: 30b38d9cb9..27de52e402: Abongwa Amahnui Bonalais (2): documentation/brief-yoctoprojectqs: add directory for local.conf dev-manual: add command used to add the signed-off-by line. Alex Kiernan (1): kernel: Delete unused KERNEL_LOCALVERSION variable Alexander Kanavin (4): webkitgtk: update 2.34.6 -> 2.36.0 epiphany: upgrade 41.3 -> 42.0 itstool: correct upstream version check webkitgtk: adjust patch status Bruce Ashfield (2): linux-yocto-dev: update to v5.18+ lttng-modules: support kernel 5.18+ Davide Gardenal (1): create-spdx: fix error when symlink cannot be created Ferry Toth (2): apt: add apt selftest to test signed package feeds package_manager: fix missing dependency on gnupg when signing deb package feeds Jon Mason (2): linux-yocto: Remove unnecessary, commented out qemuarm entry qemuarm64: use virtio pci interfaces Kai Kang (1): update_udev_hwdb: fix multilib issue with systemd Khem Raj (8): webkitgtk: Add missing header locale.h python3: Do not detect multiarch when cross compiling kernel-devsrc: Check for gen_vdso_offsets.sh before copying on riscv babeltrace: Disable warnings as errors xserver-xorg: Fix build with gcc12 systemtap: Fix build with gcc-12 gnupg: Disable FORTIFY_SOURCES on mips mdadm: Drop clang specific cflags Konrad Weihmann (11): kern-tools-native: add missing license gmp: add missing COPYINGv3 itstool: add missing COPYING.GPL3 libcap: add pam_cap license libsdl2: fix license libidn2: add Unicode-DFS-2016 license gettext: add MIT conditional as license python3-pip: correct license cmake: add missing licenses git: correct license ncurses: use COPYING file Lee Chee Yang (1): migration-guides: release-notes-4.0: update 'Repositories / Downloads' section Martin Jansa (1): systemd-boot: remove outdated EFI_LD comment Michael Halstead (2): releases: update for yocto 4.0 set_versions: update for 4.0 release Michael Opdenacker (1): migration-guides: release-notes-4.0: mention LTS release Nicolas Dechesne (1): migration-guides: stop including documents with ".. include" Olaf Mandel (1): bitbake: fetch2/git: canonicalize ids in generated tarballs Paul Eggleton (9): migration-3.4: add missing entry on EXTRA_USERS_PARAMS ref-manual: add a note about hard-coded passwords ref-manual: mention wildcarding support in INCOMPATIBLE_LICENSE ref-manual: add mention of vendor filtering to CVE_PRODUCT ref-manual: add KERNEL_DEBUG_TIMESTAMPS ref-manual: add empty-dirs QA check and QA_EMPTY_DIRS* migration-guides: complete migration guide for 4.0 migration-guides: add release notes for 4.0 ref-manual: add ZSTD_THREADS Paulo Neves (1): selftest/lic_checksum: Add test for filename containing space Pavel Zhukov (1): bitbake: fetch2: Add GIT_SSH_COMMAND to the list of exports Peter Kjellerstedt (4): bitbake: pyinotify.py: Simplify identification of which event has occurred shadow: Disable the use of syslog() for the native tools u-boot: Correct the SRC_URI u-boot: Inherit pkgconfig Quentin Schulz (15): docs: sphinx-static: switchers.js.in: remove duplicate for outdated versions docs: set_versions.py: add information about obsolescence of a release docs: sphinx-static: switchers.js.in: improve obsolete version detection docs: set_versions.py: fix latest release of a branch being shown twice in switchers.js docs: set_versions.py: fix latest version of an active release shown as obsolete docs: update Bitbake objects.inv location for master branch docs: set_versions.py: mark as obsolete only branches and old tags from obsolete releases docs: sphinx-static: switchers.js.in: rename all_versions to switcher_versions docs: sphinx-static: switchers.js.in: fix broken switcher for branches docs: sphinx-static: switchers.js.in: do not mark branches as outdated docs: conf.py: fix cve extlinks caption for sphinx <4.0 docs: ref-manual: variables: add hashed password example in EXTRA_USERS_PARAMS docs: migration-guides: migration-3.4: mention that hardcoded password are supported if hashed docs: migration-guides: release-notes-4.0: fix risc-v typo docs: migration-guides: release-notes-4.0: replace kernel placeholder with correct recipe name Ricardo Salveti (1): bitbake: fetch2/crate: fix logger.debug line Richard Purdie (25): qemu: Add fix for CVE-2022-1050 tiff: Add marker for CVE-2022-1056 being fixed git: Ignore CVE-2022-24975 Revert "adwaita-icon-theme: upgrade 41.0 -> 42.0" migration-guide: Kirkstone is now 4.0 local.conf.sample: Update for 4.0 in sstate url externalsrc/devtool: Fix to work with fixed export funcition flags handling sanity: Show a warning that make 4.2.1 is buggy on non-ubuntu systems runqemu: Allow auto detection of the correct graphics options bitbake: checksum: Allow spaces in URI filenames bitbake: ast: Improve function flags handling for EXPORT_FUNCTIONS rxvt-unicode: Fix icon name puzzles: Drop broken icon build-appliance-image: Update to master head revision build-appliance-image: Update to master head revision bluez5: Add fix for startup issues under systemd build-appliance-image: Update to master head revision alsa-tools: Ensure we install correctly libxshmfence: Correct LICENSE to HPND bitbake.conf: Correct BB_SIGNATURE_EXCLUDE_FLAGS git: Upgrade 2.35.1 -> 2.35.2 build-appliance-image: Update to master head revision build-appliance: Switch to kirkstone branch ref-manual: Add XZ_THREADS and XZ_MEMLIMIT buildtools-tarball: Only add cert envvars if certs are included Schmidt, Adriaan (1): bitbake: bitbake-diffsigs: make finding of changed signatures more robust Scott Murray (1): runqemu: Do not auto detect graphics if publicvnc is specified Steve Sakoman (2): busybox: fix CVE-2022-28391 lua: fix CVE-2022-28805 wangmy (5): linux-firmware: upgrade 20220310 -> 20220411 libsoup: upgrade 3.0.5 -> 3.0.6 apt: upgrade 2.4.3 -> 2.4.4 libusb1: upgrade 1.0.25 -> 1.0.26 libgit2: upgrade 1.4.2 -> 1.4.3 zhengruoqin (3): wireless-regdb: upgrade 2022.02.18 -> 2022.04.08 git: upgrade 2.35.2 -> 2.35.3 ruby: upgrade 3.1.1 -> 3.1.2 meta-openembedded: 1888971b1f..bb2b5b31a8: Alex Kiernan (2): audit: Upgrade 3.0.6 -> 3.0.7 mosh: Drop perl dependencies from server Andreas Müller (21): libnma: upgrade 1.8.36 -> 1.8.38 gnome-control-center: upgrade 41.2 -> 42.0 gnome-flashback: upgrade 3.42.1 -> 3.44.0 gnome-panel: upgrade 3.42.0 -> 3.44.0 gnome-session: upgrade 41.3 -> 42.0 gnome-shell-extensions: upgrade 41.1 -> 42.0 gthumb: upgrade 3.12.0 -> 3.12.2 ibus: upgrade 1.5.23+ -> 1.5.26 libportal: upgrade 0.5 -> 0.6 network-manager-applet: upgrade 1.24.0 -> 1.24.0 sysprof: upgrade 3.42.1 -> 3.44.0 gnome-shell: fix bluetooth PACKAGECONFIG packagegroup-gnome-desktop: replace gnome-bluetooth by gnome-bluetooth4 gnome-bluetooth: avoid clashes with gnome-bluetooth4 gnome-bluetooth: rename recipes to avoid suffix in future gnome-bluetooth: Add PACKAGECONFIG pulseaudio and filter by distro-feature gnome-backgrounds: upgrade 41.0 -> 42.0 gnome-settings-daemon: upgrade 41.0 -> 42.1 libgweather4: Fix introspection build gjs: Add cairo to DEPENDS unconditionally gnome-shell-extensions: Stop copying gnome-classic session to wayland Andrej Valek (1): poco: upgrade 1.11.1 -> 1.11.2 Armin Kuster (1): meta-openemnedded: Add myself as kirkstone maintainer Ben Fekih, Hichem (1): sdbus-c++-libsystemd: bugfix dev package is not installed Changqing Li (1): drbd-utils: fix for usrmerge Dmitry Baryshkov (1): gpsd: split python utils from gps-utils Jan Vermaete (1): netdata: version bump 1.33.1 -> 1.34.1 KARN JYE LAU (1): icewm:include imlib2-loaders package Kai Kang (1): python3-blivetgui: use symbolic list-add and edit- icons Khem Raj (31): dbus-cxx: Include missing <utility> header safec: Upgrade to 3.7.1 mongodb: Update to 4.4.13 libkcapi: Upgrade to 1.4.0 libpfm4: Remove -Werror from compiler flags parallel-deqp-runner: Fix build with gcc 12 glmark2: Fix build with gcc12 memcached: Upgrade to 1.6.15 tvheadend: Update to latest trunk ot-br-posix: Disable Wsign-compare for clang opensaf: Fix build with gcc 12 boost-sml: Disable examples mpich: Add new directory modules/hwloc/config to search path gnulib: Do not use git operations to install the sources sysprof: Fix build to work with llvm libunwind linuxconsole: Fix makefile issue found with clang mongodb: Fix aarch64 build with gcc12 libcereal: Link libatomics with gcc as well wpantund: Add missing dependency on boost gimp: Disable vector icons on 32bit systems mozjs-91: Upgrade to 91.8.0 mozjs-78: Switch to system libicu nodejs: Upgrade to 16.14.2 ot-br-posix: Fix build with gcc dlt-daemon: Fix build on rv32/rv64 grpc: Fix build with rv32/rv64 ltrace: Fix build on ppc64 with gcc12 opencv: Fix build with gcc-12 on ppc64 mozjs-91: Disable strip mozjs-91: Add option to use system ICU sysprof: Remove libunwind on rv32 Leon Anavi (2): python3-bitstruct: Upgrade 8.13.0 -> 8.14.0 python3-marshmallow: Upgrade 3.14.1 -> 3.15.0 Marguet, Nicolas (1): openjpeg: fix CVE-2022-1122 Mingli Yu (2): tgt: move from meta-openstack libconfig-general-perl: move from meta-openstack Oleksandr Kravchuk (4): htpdate: update to 1.3.3 redis: upgrade to 7.0-rc3 pkcs11-helper: fix PV python3-imgtool: update to 1.9.0 Peter Kjellerstedt (3): gpsd: Only copy the Python files if they are created poppler: Support building for native gpsd: Correct the creation of the gps-utils-python package Preeti Sachan (1): gnuplot: inherit pkgconfig Suhrid_S (1): clinfo: Upgrade 2.2.18.04.06 -> 3.0.21.02.21 Trevor Gamblin (2): nftables: add ptest phoronix-test-suite: upgrade 10.8.1 -> 10.8.2 Xu Huan (10): python3-redis: upgrade 4.2.1 -> 4.2.2 python3-sentry-sdk: upgrade 1.5.7 -> 1.5.8 python3-sqlalchemy: upgrade 1.4.34 -> 1.4.35 python3-graphviz: upgrade 0.19.1 -> 0.19.2 python3-kivy: upgrade 2.0.0 -> 2.1.0 python3-aenum: upgrade 3.1.8 -> 3.1.11 python3-aws-iot-device-sdk-python: upgrade 1.5.1 -> 1.5.2 python3-cmd2: upgrade 2.4.0 -> 2.4.1 python3-django: upgrade 2.2.27 -> 2.2.28 python3-imageio: upgrade 2.16.1 -> 2.17.0 Yi Zhao (4): frr: add recipe libldb: upgrade 2.3.2 -> 2.3.3 samba: upgrade 4.14.12 -> 4.14.13 frr: install correct initscript wangmy (31): nbdkit: upgrade 1.25.7 -> 1.30.2 icewm: upgrade 2.9.0 -> 2.9.6 lapack: upgrade 3.9.0 -> 3.10.0 libbpf: upgrade 0.5.0 -> 0.7.0 libmtp: upgrade 1.1.18 -> 1.1.19 logwatch: upgrade 7.5.3 -> 7.6 mpich: upgrade 3.4.3 -> 4.0.2 libvpx: upgrade 1.8.2 -> 1.11.0 linuxconsole: upgrade 1.7.0 -> 1.7.1 mercurial: upgrade 5.5 -> 6.1 ocl-icd: upgrade 2.3.0 -> 2.3.1 octave: upgrade 6.4.0 -> 7.1.0 rdma-core: upgrade 39.0 -> 40.0 pam-plugin-ldapdb: upgrade 1.3 -> 1.3.1 pax-utils: upgrade 1.2.2 -> 1.3.3 pcsc-tools: upgrade 1.5.8 -> 1.6.0 pegtl: upgrade 3.2.1 -> 3.2.5 qpdf: upgrade 10.5.0 -> 10.6.3 s-nail: upgrade 14.9.23 -> 14.9.24 smcroute: upgrade 2.5.4 -> 2.5.5 squashfs-tools-ng: upgrade 1.0.2 -> 1.1.4 st: upgrade 0.8.4 -> 0.8.5 tracker: upgrade 3.2.1 -> 3.3.0 thingsboard-gateway: upgrade 2.8 -> 2.9 thrift: upgrade 0.14.2 -> 0.16.0 toybox: upgrade 0.8.5 -> 0.8.6 unbound: upgrade 1.13.2 -> 1.15.0 twm: upgrade 1.0.11 -> 1.0.12 unixodbc: upgrade 2.3.7 -> 2.3.9 xterm: upgrade 368 -> 372 python3-cppy: upgrade 1.2.0 -> 1.2.1 zhengruoqin (5): python3-google-api-python-client: upgrade 2.42.0 -> 2.43.0 python3-googleapis-common-protos: upgrade 1.54.0 -> 1.56.0 python3-nocaselist: upgrade 1.0.4 -> 1.0.5 python3-pylint: upgrade 2.13.2 -> 2.13.5 python3-nocasedict: upgrade 1.0.2 -> 1.0.3 meta-raspberrypi: 83f5577d8d..0135a02ea5: Andrei Gherzan (19): raspberrypi-firmware: Update to 20220331 linux-raspberrypi: Update 5.15 recipe to 5.15.34 linux-raspberrypi: Update 5.10 recipe to 5.10.110 bcm2835: Update to 1.71 pi-blaster: Uprev the recipe linux-firmware-rpidistro: Update to 20210315-3+rpt4 raspi-gpio: Uprev revision to current HEAD of master branch python3-rtimu: Upgrade to 7.2.1 rpio: Upgrade to 0.10.1 python3-adafruit-pureio: Uprade to 1.1.8 python3-adafruit-platformdetect: Upgrade to 3.22.1 python3-adafruit-circuitpython-register: Upgrade to 1.9.8 rpi-basic-image: Drop image rpi-hwup-image: Drop image packagegroup-rpi-test: Include more packages ci: Use test builds with the test image docs: Drop mention of deprecated images docs: Bump copyright year rpi-base.inc: Add MCP3008 ADC overlay Davide Gardenal (1): bluez-firmware-rpidistro: Add compatibility to oe-core/create-spdx Jan Vermaete (1): docs: link to latest documentation of kas Khem Raj (1): python3-sense-hat: Use specific BSD license Meng Li (1): u-boot: Remove the randundant patch meta-security: 498ca39cd6..93f2146211: Anton Antonov (1): Upgrade parsec-service to 1.0.0 and parsec-tool to 0.5.2 Joe Slater (1): LICENSE: update to SPDX standard names Petr Gotthard (6): tpm2-tools: fix missing version number tpm2-openssl: update to 1.1.0 tpm2-tss: update to 3.2.0 tpm2-abrmd: update to 2.4.1 tpm2-tss-engine: fix version string and build with openssl 3.0 tpm2-pkcs11: update to 1.8.0 Ranjitsinh Rathod (1): samhain.inc: Correct LICENSE to GPL-2.0-only Signed-off-by: Patrick Williams <patrick@stwcx.xyz> Change-Id: I65c1aa83e6068b57ba668bc876919f77eea16aeb
Diffstat (limited to 'poky/meta/recipes-devtools')
-rw-r--r--poky/meta/recipes-devtools/apt/apt_2.4.4.bb (renamed from poky/meta/recipes-devtools/apt/apt_2.4.3.bb)2
-rw-r--r--poky/meta/recipes-devtools/cmake/cmake-native_3.22.3.bb8
-rw-r--r--poky/meta/recipes-devtools/cmake/cmake_3.22.3.bb7
-rw-r--r--poky/meta/recipes-devtools/git/git_2.35.3.bb (renamed from poky/meta/recipes-devtools/git/git_2.35.1.bb)20
-rw-r--r--poky/meta/recipes-devtools/lua/lua/CVE-2022-28805.patch26
-rw-r--r--poky/meta/recipes-devtools/lua/lua_5.4.4.bb1
-rw-r--r--poky/meta/recipes-devtools/python/python3-pip_22.0.3.bb32
-rw-r--r--poky/meta/recipes-devtools/python/python3/0001-setup.py-Do-not-detect-multiarch-paths-when-cross-co.patch42
-rw-r--r--poky/meta/recipes-devtools/python/python3_3.10.4.bb1
-rw-r--r--poky/meta/recipes-devtools/qemu/qemu.inc1
-rw-r--r--poky/meta/recipes-devtools/qemu/qemu/pvrdma.patch45
-rw-r--r--poky/meta/recipes-devtools/ruby/ruby_3.1.2.bb (renamed from poky/meta/recipes-devtools/ruby/ruby_3.1.1.bb)2
12 files changed, 180 insertions, 7 deletions
diff --git a/poky/meta/recipes-devtools/apt/apt_2.4.3.bb b/poky/meta/recipes-devtools/apt/apt_2.4.4.bb
index 27e455747f..9faf1e7ea9 100644
--- a/poky/meta/recipes-devtools/apt/apt_2.4.3.bb
+++ b/poky/meta/recipes-devtools/apt/apt_2.4.4.bb
@@ -25,7 +25,7 @@ SRC_URI:append:class-nativesdk = " \
file://0001-Revert-always-run-dpkg-configure-a-at-the-end-of-our.patch \
"
-SRC_URI[sha256sum] = "5a7215ca924302da0b2205862cd2d651326eea222a589184ec6ce663885729f7"
+SRC_URI[sha256sum] = "d6d83d122ddd7cc83b2c2f839a55940c13ab93e5cf6024a010d6a6b4110dcf0e"
LIC_FILES_CHKSUM = "file://COPYING.GPL;md5=b234ee4d69f5fce4486a80fdaf4a4263"
# the package is taken from snapshots.debian.org; that source is static and goes stale
diff --git a/poky/meta/recipes-devtools/cmake/cmake-native_3.22.3.bb b/poky/meta/recipes-devtools/cmake/cmake-native_3.22.3.bb
index 8293fe5e56..ee1f7761c4 100644
--- a/poky/meta/recipes-devtools/cmake/cmake-native_3.22.3.bb
+++ b/poky/meta/recipes-devtools/cmake/cmake-native_3.22.3.bb
@@ -9,6 +9,14 @@ SRC_URI += "file://OEToolchainConfig.cmake \
file://0005-Disable-use-of-ext2fs-ext2_fs.h-by-cmake-s-internal-.patch \
"
+LICENSE:append = " & BSD-1-Clause & MIT & BSD-2-Clause"
+LIC_FILES_CHKSUM:append = " \
+ file://Utilities/cmjsoncpp/LICENSE;md5=fa2a23dd1dc6c139f35105379d76df2b \
+ file://Utilities/cmlibarchive/COPYING;md5=d499814247adaee08d88080841cb5665 \
+ file://Utilities/cmexpat/COPYING;md5=9e2ce3b3c4c0f2670883a23bbd7c37a9 \
+ file://Utilities/cmlibrhash/COPYING;md5=a8c2a557a5c53b1c12cddbee98c099af \
+ file://Utilities/cmlibuv/LICENSE;md5=a68902a430e32200263d182d44924d47 \
+"
B = "${WORKDIR}/build"
do_configure[cleandirs] = "${B}"
diff --git a/poky/meta/recipes-devtools/cmake/cmake_3.22.3.bb b/poky/meta/recipes-devtools/cmake/cmake_3.22.3.bb
index e111dd3c5a..752c37ba7d 100644
--- a/poky/meta/recipes-devtools/cmake/cmake_3.22.3.bb
+++ b/poky/meta/recipes-devtools/cmake/cmake_3.22.3.bb
@@ -12,6 +12,13 @@ SRC_URI:append:class-nativesdk = " \
file://0001-CMakeDetermineSystem-use-oe-environment-vars-to-load.patch \
"
+LICENSE:append = " & BSD-1-Clause & MIT"
+LIC_FILES_CHKSUM:append = " \
+ file://Utilities/cmjsoncpp/LICENSE;md5=fa2a23dd1dc6c139f35105379d76df2b \
+ file://Utilities/cmlibrhash/COPYING;md5=a8c2a557a5c53b1c12cddbee98c099af \
+ file://Utilities/cmlibuv/LICENSE;md5=a68902a430e32200263d182d44924d47 \
+"
+
# Strip ${prefix} from ${docdir}, set result into docdir_stripped
python () {
prefix=d.getVar("prefix")
diff --git a/poky/meta/recipes-devtools/git/git_2.35.1.bb b/poky/meta/recipes-devtools/git/git_2.35.3.bb
index 47c2211864..68981d4fde 100644
--- a/poky/meta/recipes-devtools/git/git_2.35.1.bb
+++ b/poky/meta/recipes-devtools/git/git_2.35.3.bb
@@ -2,7 +2,7 @@ SUMMARY = "Distributed version control system"
HOMEPAGE = "http://git-scm.com"
DESCRIPTION = "Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency."
SECTION = "console/utils"
-LICENSE = "GPL-2.0-only"
+LICENSE = "GPL-2.0-only & GPL-2.0-or-later & BSD-3-Clause & MIT & BSL-1.0 & LGPL-2.1-or-later"
DEPENDS = "openssl zlib"
PROVIDES:append:class-native = " git-replacement-native"
@@ -14,10 +14,24 @@ SRC_URI = "${KERNELORG_MIRROR}/software/scm/git/git-${PV}.tar.gz;name=tarball \
S = "${WORKDIR}/git-${PV}"
-LIC_FILES_CHKSUM = "file://COPYING;md5=7c0d7ef03a7eb04ce795b0f60e68e7e1"
+LIC_FILES_CHKSUM = "\
+ file://COPYING;md5=7c0d7ef03a7eb04ce795b0f60e68e7e1 \
+ file://reftable/LICENSE;md5=1a6424cafc4c9c88c689848e165af33b \
+ file://sha1dc/LICENSE.txt;md5=9bbe4c990a9e98ea4b98ef5d3bcb8a7a \
+ file://compat/nedmalloc/License.txt;md5=e4224ccaecb14d942c71d31bef20d78c \
+ file://compat/inet_ntop.c;md5=76593c6f74e8ced5b24520175688d59b;endline=16 \
+ file://compat/obstack.h;md5=08ad25fee5428cd879ceef451ce3a22e;endline=18 \
+ file://compat/poll/poll.h;md5=9fc00170a53b8e3e52157c91ac688dd1;endline=19 \
+ file://compat/regex/regex.h;md5=30cc8af0e6f0f8a25acec6d8783bb763;beginline=4;endline=22 \
+"
CVE_PRODUCT = "git-scm:git"
+# This is about a manpage not mentioning --mirror may "leak" information
+# in mirrored git repos. Most OE users wouldn't build the docs and
+# we don't see this as a major issue for our general users/usecases.
+CVE_CHECK_IGNORE += "CVE-2022-24975"
+
PACKAGECONFIG ??= "expat curl"
PACKAGECONFIG[cvsserver] = ""
PACKAGECONFIG[svn] = ""
@@ -151,4 +165,4 @@ EXTRA_OECONF += "ac_cv_snprintf_returns_bogus=no \
"
EXTRA_OEMAKE += "NO_GETTEXT=1"
-SRC_URI[tarball.sha256sum] = "9845a37dd01f9faaa7d8aa2078399d3aea91b43819a5efea6e2877b0af09bd43"
+SRC_URI[tarball.sha256sum] = "cad708072d5c0b390c71651f5edb44143f00b357766973470bf9adebc0944c03"
diff --git a/poky/meta/recipes-devtools/lua/lua/CVE-2022-28805.patch b/poky/meta/recipes-devtools/lua/lua/CVE-2022-28805.patch
new file mode 100644
index 0000000000..3680c715a7
--- /dev/null
+++ b/poky/meta/recipes-devtools/lua/lua/CVE-2022-28805.patch
@@ -0,0 +1,26 @@
+From 1f3c6f4534c6411313361697d98d1145a1f030fa Mon Sep 17 00:00:00 2001
+From: Roberto Ierusalimschy <roberto@inf.puc-rio.br>
+Date: Tue, 15 Feb 2022 12:28:46 -0300
+Subject: [PATCH] Bug: Lua can generate wrong code when _ENV is <const>
+
+CVE: CVE-2022-28805
+
+Upstream-Status: Backport [https://github.com/lua/lua/commit/1f3c6f4534c6411313361697d98d1145a1f030fa]
+
+Signed-off-by: Steve Sakoman <steve@sakoman.com>
+---
+ src/lparser.c | 1 +
+ 1 files changed, 1 insertions(+)
+
+diff --git a/src/lparser.c b/src/lparser.c
+index 3abe3d751..a5cd55257 100644
+--- a/src/lparser.c
++++ b/src/lparser.c
+@@ -468,6 +468,7 @@ static void singlevar (LexState *ls, expdesc *var) {
+ expdesc key;
+ singlevaraux(fs, ls->envn, var, 1); /* get environment variable */
+ lua_assert(var->k != VVOID); /* this one must exist */
++ luaK_exp2anyregup(fs, var); /* but could be a constant */
+ codestring(&key, varname); /* key is variable name */
+ luaK_indexed(fs, var, &key); /* env[varname] */
+ }
diff --git a/poky/meta/recipes-devtools/lua/lua_5.4.4.bb b/poky/meta/recipes-devtools/lua/lua_5.4.4.bb
index f50328ecfd..d704841378 100644
--- a/poky/meta/recipes-devtools/lua/lua_5.4.4.bb
+++ b/poky/meta/recipes-devtools/lua/lua_5.4.4.bb
@@ -6,6 +6,7 @@ HOMEPAGE = "http://www.lua.org/"
SRC_URI = "http://www.lua.org/ftp/lua-${PV}.tar.gz;name=tarballsrc \
file://lua.pc.in \
+ file://CVE-2022-28805.patch \
${@bb.utils.contains('DISTRO_FEATURES', 'ptest', 'http://www.lua.org/tests/lua-${PV_testsuites}-tests.tar.gz;name=tarballtest file://run-ptest ', '', d)} \
"
diff --git a/poky/meta/recipes-devtools/python/python3-pip_22.0.3.bb b/poky/meta/recipes-devtools/python/python3-pip_22.0.3.bb
index ee3e578b2c..09a305edf8 100644
--- a/poky/meta/recipes-devtools/python/python3-pip_22.0.3.bb
+++ b/poky/meta/recipes-devtools/python/python3-pip_22.0.3.bb
@@ -1,8 +1,36 @@
SUMMARY = "The PyPA recommended tool for installing Python packages"
HOMEPAGE = "https://pypi.org/project/pip"
SECTION = "devel/python"
-LICENSE = "MIT"
-LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=63ec52baf95163b597008bb46db68030"
+LICENSE = "MIT & Apache-2.0 & MPL-2.0 & LGPL-2.1-only & BSD-3-Clause & PSF-2.0 & BSD-2-Clause"
+LIC_FILES_CHKSUM = "\
+ file://LICENSE.txt;md5=63ec52baf95163b597008bb46db68030 \
+ file://src/pip/_vendor/cachecontrol/LICENSE.txt;md5=6572692148079ebbbd800be4b9f36c6d \
+ file://src/pip/_vendor/certifi/LICENSE;md5=67da0714c3f9471067b729eca6c9fbe8 \
+ file://src/pip/_vendor/chardet/LICENSE;md5=a6f89e2100d9b6cdffcea4f398e37343 \
+ file://src/pip/_vendor/colorama/LICENSE.txt;md5=b4936429a56a652b84c5c01280dcaa26 \
+ file://src/pip/_vendor/distlib/LICENSE.txt;md5=f6a11430d5cd6e2cd3832ee94f22ddfc \
+ file://src/pip/_vendor/distro.LICENSE;md5=d2794c0df5b907fdace235a619d80314 \
+ file://src/pip/_vendor/html5lib/LICENSE;md5=1ba5ada9e6fead1fdc32f43c9f10ba7c \
+ file://src/pip/_vendor/idna/LICENSE.md;md5=239668a7c6066d9e0c5382e9c8c6c0e1 \
+ file://src/pip/_vendor/msgpack/COPYING;md5=cd9523181d9d4fbf7ffca52eaa2a5751 \
+ file://src/pip/_vendor/packaging/LICENSE;md5=faadaedca9251a90b205c9167578ce91 \
+ file://src/pip/_vendor/packaging/LICENSE.APACHE;md5=2ee41112a44fe7014dce33e26468ba93 \
+ file://src/pip/_vendor/pep517/LICENSE;md5=aad69c93f605003e3342b174d9b0708c \
+ file://src/pip/_vendor/pkg_resources/LICENSE;md5=9a33897f1bca1160d7aad3835152e158 \
+ file://src/pip/_vendor/platformdirs/LICENSE.txt;md5=282c970bb844954c8535dd6e9733db7f \
+ file://src/pip/_vendor/progress/LICENSE;md5=00ab78a4113b09aacf63d762a7bb9644 \
+ file://src/pip/_vendor/pygments/LICENSE;md5=98419e351433ac106a24e3ad435930bc \
+ file://src/pip/_vendor/pyparsing/LICENSE;md5=657a566233888513e1f07ba13e2f47f1 \
+ file://src/pip/_vendor/requests/LICENSE;md5=34400b68072d710fecd0a2940a0d1658 \
+ file://src/pip/_vendor/resolvelib/LICENSE;md5=78e1c0248051c32a38a7f820c30bd7a5 \
+ file://src/pip/_vendor/rich/LICENSE;md5=b5f0b94fbc94f5ad9ae4efcf8a778303 \
+ file://src/pip/_vendor/six.LICENSE;md5=43cfc9e4ac0e377acfb9b76f56b8415d \
+ file://src/pip/_vendor/tenacity/LICENSE;md5=175792518e4ac015ab6696d16c4f607e \
+ file://src/pip/_vendor/tomli/LICENSE;md5=aaaaf0879d17df0110d1aa8c8c9f46f5 \
+ file://src/pip/_vendor/typing_extensions.LICENSE;md5=64fc2b30b67d0a8423c250e0386ed72f \
+ file://src/pip/_vendor/urllib3/LICENSE.txt;md5=c2823cb995439c984fd62a973d79815c \
+ file://src/pip/_vendor/webencodings/LICENSE;md5=81fb24cd7823cce23b69f721993dce4d \
+"
inherit pypi python_setuptools_build_meta
diff --git a/poky/meta/recipes-devtools/python/python3/0001-setup.py-Do-not-detect-multiarch-paths-when-cross-co.patch b/poky/meta/recipes-devtools/python/python3/0001-setup.py-Do-not-detect-multiarch-paths-when-cross-co.patch
new file mode 100644
index 0000000000..1844e0efa3
--- /dev/null
+++ b/poky/meta/recipes-devtools/python/python3/0001-setup.py-Do-not-detect-multiarch-paths-when-cross-co.patch
@@ -0,0 +1,42 @@
+From dc966f1278c1077938626d682666767d2c8d0c72 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Sat, 9 Apr 2022 18:29:47 +0000
+Subject: [PATCH] setup.py: Do not detect multiarch paths when cross-compiling
+
+add_multiarch_paths() function relies on host tools like dpkg-configure
+to operate, which is not good when cross compiling, since it ends up
+adding native paths in includes in certain cases, e.g. when building
+for aarch64 targets using aarch64 build hosts running debian-like
+distributions e.g. ubuntu, it ends up adding native multiarch paths
+-I/usr/include/aarch64-linux-gnu during cross compile and since arches
+are so similar, cross compiler (epecially clang) is inhererently configured
+with multiarch ends up adding these paths to compiler cmdline which
+works ok with gcc since headers are similar but clang barfs on some gcc
+extentions and build fails due to missing gnu extentions but it silently
+compiles when using cross gcc.
+
+Fixes python3 cross build by not running this funciton when cross compiling
+
+Upstream-Status: Inappropriate [OE-Specific]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ setup.py | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/setup.py b/setup.py
+index 2e7f263..f7a3d39 100644
+--- a/setup.py
++++ b/setup.py
+@@ -840,7 +840,8 @@ class PyBuildExt(build_ext):
+ # only change this for cross builds for 3.3, issues on Mageia
+ if CROSS_COMPILING:
+ self.add_cross_compiling_paths()
+- self.add_multiarch_paths()
++ if not CROSS_COMPILING:
++ self.add_multiarch_paths()
+ self.add_ldflags_cppflags()
+
+ def init_inc_lib_dirs(self):
+--
+2.25.1
+
diff --git a/poky/meta/recipes-devtools/python/python3_3.10.4.bb b/poky/meta/recipes-devtools/python/python3_3.10.4.bb
index 522f0d71ee..7eaafe34ad 100644
--- a/poky/meta/recipes-devtools/python/python3_3.10.4.bb
+++ b/poky/meta/recipes-devtools/python/python3_3.10.4.bb
@@ -32,6 +32,7 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \
file://makerace.patch \
file://0001-sysconfig.py-use-platlibdir-also-for-purelib.patch \
file://0001-Lib-pty.py-handle-stdin-I-O-errors-same-way-as-maste.patch \
+ file://0001-setup.py-Do-not-detect-multiarch-paths-when-cross-co.patch \
"
SRC_URI:append:class-native = " \
diff --git a/poky/meta/recipes-devtools/qemu/qemu.inc b/poky/meta/recipes-devtools/qemu/qemu.inc
index 9f2fa4322e..4e94c4b2bf 100644
--- a/poky/meta/recipes-devtools/qemu/qemu.inc
+++ b/poky/meta/recipes-devtools/qemu/qemu.inc
@@ -32,6 +32,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \
file://0001-Define-MAP_SYNC-and-MAP_SHARED_VALIDATE-on-needed-li.patch \
file://0001-vhost-vsock-detach-the-virqueue-element-in-case-of-e.patch \
file://0002-virtio-net-fix-map-leaking-on-error-during-receive.patch \
+ file://pvrdma.patch \
"
UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar"
diff --git a/poky/meta/recipes-devtools/qemu/qemu/pvrdma.patch b/poky/meta/recipes-devtools/qemu/qemu/pvrdma.patch
new file mode 100644
index 0000000000..7b0335b1dc
--- /dev/null
+++ b/poky/meta/recipes-devtools/qemu/qemu/pvrdma.patch
@@ -0,0 +1,45 @@
+hw/pvrdma: Protect against buggy or malicious guest driver
+
+Guest driver might execute HW commands when shared buffers are not yet
+allocated.
+This might happen on purpose (malicious guest) or because some other
+guest/host address mapping.
+We need to protect againts such case.
+
+Reported-by: Mauro Matteo Cascella <mcascell@redhat.com>
+Signed-off-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
+
+CVE: CVE-2022-1050
+Upstream-Status: Submitted [https://lists.nongnu.org/archive/html/qemu-devel/2022-03/msg05197.html]
+
+Index: qemu-6.2.0/hw/rdma/vmw/pvrdma_cmd.c
+===================================================================
+--- qemu-6.2.0.orig/hw/rdma/vmw/pvrdma_cmd.c
++++ qemu-6.2.0/hw/rdma/vmw/pvrdma_cmd.c
+@@ -796,6 +796,12 @@ int pvrdma_exec_cmd(PVRDMADev *dev)
+
+ dsr_info = &dev->dsr_info;
+
++ if (!dsr_info->dsr) {
++ /* Buggy or malicious guest driver */
++ rdma_error_report("Exec command without dsr, req or rsp buffers");
++ goto out;
++ }
++
+ if (dsr_info->req->hdr.cmd >= sizeof(cmd_handlers) /
+ sizeof(struct cmd_handler)) {
+ rdma_error_report("Unsupported command");
+Index: qemu-6.2.0/hw/rdma/vmw/pvrdma_main.c
+===================================================================
+--- qemu-6.2.0.orig/hw/rdma/vmw/pvrdma_main.c
++++ qemu-6.2.0/hw/rdma/vmw/pvrdma_main.c
+@@ -249,7 +249,8 @@ static void init_dsr_dev_caps(PVRDMADev
+ {
+ struct pvrdma_device_shared_region *dsr;
+
+- if (dev->dsr_info.dsr == NULL) {
++ if (!dev->dsr_info.dsr) {
++ /* Buggy or malicious guest driver */
+ rdma_error_report("Can't initialized DSR");
+ return;
+ }
diff --git a/poky/meta/recipes-devtools/ruby/ruby_3.1.1.bb b/poky/meta/recipes-devtools/ruby/ruby_3.1.2.bb
index d8fddfa520..38ba46731b 100644
--- a/poky/meta/recipes-devtools/ruby/ruby_3.1.1.bb
+++ b/poky/meta/recipes-devtools/ruby/ruby_3.1.2.bb
@@ -14,7 +14,7 @@ SRC_URI += " \
file://0001-vm_dump.c-Define-REG_S1-and-REG_S2-for-musl-riscv.patch \
"
-SRC_URI[sha256sum] = "fe6e4782de97443978ddba8ba4be38d222aa24dc3e3f02a6a8e7701c0eeb619d"
+SRC_URI[sha256sum] = "61843112389f02b735428b53bb64cf988ad9fb81858b8248e22e57336f24a83e"
PACKAGECONFIG ??= ""
PACKAGECONFIG += "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}"